From a7e137ec3f6ce1824b75c48908c6bb819b526e9d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cristhian=20Mart=C3=ADnez=20Ochoa?= Date: Sat, 27 Jun 2020 13:50:03 -0600 Subject: [PATCH] minor fixes Minor code fixes --- lib/general | 2 +- lib/webin | 19 +++++++++---------- plugins/httpauth | 9 +++------ plugins/site | 1 + templates/nginx/common/acl.conf | 2 ++ 5 files changed, 16 insertions(+), 17 deletions(-) diff --git a/lib/general b/lib/general index 45ef86a..18a8061 100644 --- a/lib/general +++ b/lib/general @@ -370,7 +370,7 @@ is_domain() { is_url_path() { # Should start with / and after that all should be valid characters. - if [[ -n $1 && $1 =~ ^\/([\]A-Za-z0-9_\/\.-:\!\*\'\[\(\)\;@\&\=\+\$\,\?#\~\%]+)?$ ]]; then + if [[ -n $1 && $1 =~ ^\/([\]A-Za-z0-9_\/\.:\!\*\'\[\(\)\;@\&\=\+\$\,\?#\~\%\-]+)?$ ]]; then echo "true" else echo "false" diff --git a/lib/webin b/lib/webin index cae5708..b97b08d 100644 --- a/lib/webin +++ b/lib/webin @@ -1886,6 +1886,9 @@ custom_cache_global() { if [[ -z $query_string_cache && -z $query_string_never_cache && -z $skip_cache ]]; then echo "${red}[ERROR] Please, enter a valid value!${end}" exit 1 + elif [[ -n $regex && ( -n $query_string_cache || -n $query_string_never_cache ) ]]; then + echo "${red}[ERROR] Regex not allowed for Query-String custom rules!${end}" + exit 1 elif [[ $skip_cache == "/" && -z $regex ]]; then echo "${red}[ERROR] Root folder not allowed, use regex or disable site cache!${end}" exit 1 @@ -1895,10 +1898,10 @@ custom_cache_global() { elif [[ -n $skip_cache && $(is_url_path $skip_cache) != "true" ]]; then echo "${red}[ERROR] Invalid URL!${end}" exit 1 - elif [[ -z $regex && -n $query_string_cache ]] && ! [[ $query_string_cache =~ ^([\]A-Za-z0-9_\/\.-:\!\*\'\[\(\)\;@\&\=\+\$\,\?#\~\%]+)?$ ]]; then + elif [[ -z $regex && -n $query_string_cache ]] && ! [[ $query_string_cache =~ ^([\]A-Za-z0-9_\/\.:\!\*\'\[\(\)\;@\&\=\+\$\,\?#\~\%\-]+)?$ ]]; then echo "${red}[ERROR] Invalid Query String!${end}" exit 1 - elif [[ -z $regex && -n $query_string_never_cache ]] && ! [[ $query_string_never_cache =~ ^([\]A-Za-z0-9_\/\.-:\!\*\'\[\(\)\;@\&\=\+\$\,\?#\~\%]+)?$ ]]; then + elif [[ -z $regex && -n $query_string_never_cache ]] && ! [[ $query_string_never_cache =~ ^([\]A-Za-z0-9_\/\.:\!\*\'\[\(\)\;@\&\=\+\$\,\?#\~\%\-]+)?$ ]]; then echo "${red}[ERROR] Invalid Query String!${end}" exit 1 fi @@ -1933,21 +1936,17 @@ custom_cache_global() { if [[ -n $query_string_never_cache ]]; then echo "# Value: $code # NeverCacheQueryString -if (\$query_string $sign $value) { +if (\$arg_${value}) { set \$skip_cache 1; } # CacheRuleEnd" >> /etc/nginx/apps.d/global_custom_cache.conf elif [[ -n $query_string_cache ]]; then # Sed can not write when file is empty [[ ! -s /etc/nginx/apps.d/global_custom_cache.conf ]] && echo ' ' >> /etc/nginx/apps.d/global_custom_cache.conf - sudo sed -i "1i # Value: $code\n# CacheQueryString\nif (\$query_string $sign $value) {\n set \$skip_cache 0;\n}\n# CacheRuleEnd" /etc/nginx/apps.d/global_custom_cache.conf + sudo sed -i "1i # Value: $code\n# CacheQueryString\nif (\$arg_${value}) {\n set \$skip_cache 0;\n}\n# CacheRuleEnd" /etc/nginx/apps.d/global_custom_cache.conf elif [[ -n $skip_cache ]]; then - echo "# Value: $code -# CacheSkipURL -if (\$request_uri $sign $value) { - set \$skip_cache 1; -} -# CacheRuleEnd" >> /etc/nginx/apps.d/global_custom_cache.conf + [[ ! -s /etc/nginx/apps.d/global_custom_cache.conf ]] && echo ' ' >> /etc/nginx/apps.d/global_custom_cache.conf + sudo sed -i "1i # Value: $code\n# CacheSkipURL\nif (\$request_uri $sign $value) {\n set \$skip_cache 1;\n}\n# CacheRuleEnd" /etc/nginx/apps.d/global_custom_cache.conf fi # Last verification diff --git a/plugins/httpauth b/plugins/httpauth index 7953946..9a41ef7 100644 --- a/plugins/httpauth +++ b/plugins/httpauth @@ -168,15 +168,12 @@ elif [[ -n $whitelist ]]; then if [[ ! -f /etc/nginx/apps.d/whitelist-acl.conf ]]; then sudo touch /etc/nginx/apps.d/whitelist-acl.conf sudo chmod 644 /etc/nginx/apps.d/whitelist-acl.conf - sudo chown -R root:root /etc/nginx/apps.d/whitelist-acl.conf - echo " -allow 127.0.0.1; -deny all;" >> /etc/nginx/apps.d/whitelist-acl.conf + sudo chown -R root:root /etc/nginx/apps.d/whitelist-acl.conf fi exist=$( grep -E "^allow $whitelist;$" /etc/nginx/apps.d/whitelist-acl.conf ) if [[ -z $exist ]]; then - sudo sed -i "1i allow ${whitelist};" /etc/nginx/apps.d/whitelist-acl.conf + echo "allow ${whitelist};" >> /etc/nginx/apps.d/whitelist-acl.conf echo "${gre}The IP address ${blu}'$whitelist'${gre} was successfully whitelisted!${end}" else echo "${gre}IP '$whitelist' is already whitelisted!${end}" @@ -256,7 +253,7 @@ location $sign$path { } # PathEnd" >> /etc/nginx/apps.d/$domain-nginx.conf - if [[ $(is_php $domain) == "false" && $(is_wp $domain $subfolder) == "false" ]]; then + if [[ $(is_php $domain $subfolder) == "false" && $(is_wp $domain $subfolder) == "false" ]]; then sudo sed -i "/^# Path: $(echo $path | sed "s#/#\\\/#g")/,/^# PathEnd/{/try_files/d}" /etc/nginx/apps.d/$domain-nginx.conf fi diff --git a/plugins/site b/plugins/site index 6f928ea..13361d3 100644 --- a/plugins/site +++ b/plugins/site @@ -115,6 +115,7 @@ elif [[ -n $mysql || ( -n $php && -n $domain ) ]]; then echo "${red}[ERROR] Subfolder${blu} $subfolder ${red}already exists!${end}" exit 1 elif [[ -n $subfolder ]]; then + [[ ! -f /etc/nginx/sites-available/$domain ]] && create_empty_site php_subfolder sudo mkdir -p /var/www/$domain/htdocs$subfolder sudo chown -R www-data:www-data /var/www diff --git a/templates/nginx/common/acl.conf b/templates/nginx/common/acl.conf index e668986..82a68ef 100644 --- a/templates/nginx/common/acl.conf +++ b/templates/nginx/common/acl.conf @@ -5,3 +5,5 @@ auth_basic_user_file $authfile; # Whitelist (Allowed IP Address List) include apps.d/*-acl.conf; +allow 127.0.0.1; +deny all;