From b3592fb9bfd1f18dedb8d3e350a57d90cc622be4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cristhian=20Mart=C3=ADnez=20Ochoa?= Date: Sat, 10 Dec 2022 09:39:34 -0700 Subject: [PATCH] testing Small fixes and improvements after testing. --- README.md | 6 +++--- lib/bkp | 1 + lib/general | 10 +++++++-- lib/install | 12 ++++++++--- lib/sites | 16 ++++++++++----- lib/update | 7 +++++-- lib/webin | 32 ++++++++++++++++------------- templates/general/conf | 10 ++++----- templates/nginx/common/header.conf | 2 +- templates/nginx/common/headers.conf | 2 +- templates/template-site-php | 2 +- templates/template-site-proxy | 2 +- usr/stack | 4 ++++ 13 files changed, 68 insertions(+), 38 deletions(-) diff --git a/README.md b/README.md index 607ac5f..13db4aa 100644 --- a/README.md +++ b/README.md @@ -5,13 +5,13 @@

-

Optimized LEMP Web Server
+

Optimized NGINX Web Server
A powerful set of commands for doing just about anything you could wish.

Official Website | Documentation | Changelog

## Overview -A complete LEMP stack _– Linux Ubuntu + Nginx + MariaDB ~~*(or MySQL, you can choose, soon!)*~~ + PHP –_ or install individual packages according to your needs. +A complete LEMP stack _– Linux Ubuntu + Nginx + MariaDB (or MySQL, you can choose) + PHP –_ or install individual packages according to your needs. **One of the most reliable configurations to host your websites and with Webinoly you can do it in just one step.** @@ -19,7 +19,7 @@ Webinoly provides a set of tools and commands that facilitate web server adminis - Unique commands to create, delete, disable sites. - Free SSL certificates for your sites with Let’s Encrypt and automatic server configuration. - HTTP/2 dramatically increases the speed of serving your content. -- PHP v8.1 and support for earlier versions if needed (8.0 and 7.4) ~~or the newest 8.2 *(soon)*~~. +- PHP v8.1 and support for earlier versions if needed (8.0 and 7.4) or the newest 8.2. - FastCGI Cache and Redis Object Cache for your WordPress sites. - Install WP in any subfolder and support for external databases, multisite and domain mapping. - Reverse Proxy for any app (Java, React, Node, Angular, Vue, etc) or to use your own domain with any external file repo like S3. diff --git a/lib/bkp b/lib/bkp index 841f03f..1977a0a 100644 --- a/lib/bkp +++ b/lib/bkp @@ -996,6 +996,7 @@ import_server() { [[ -n $(conf_read_exported mysql-root) ]] && conf_write mysql-root $(conf_read_exported mysql-root) [[ -n $(conf_read_exported mysql-admin) ]] && conf_write mysql-admin $(conf_read_exported mysql-admin) sudo rm -rf /var/www/webinoly_backup_dball + sudo webinoly -server-reset=mysql elif [[ -s /var/www/webinoly_backup_dball && $(conf_read mysql) != "true" && -z $skip_db ]]; then echo "${red}[ERROR] Database backup found but can not be restored because MySQL is not installed!${end}" fi diff --git a/lib/general b/lib/general index c306567..202839b 100644 --- a/lib/general +++ b/lib/general @@ -710,6 +710,12 @@ is_url() { # Output: http,https,ip,unix,true,false Example: $(is_url $domain) # Global variables when -split is set: url_scheme, url_host, url_path, url_port Example: is_url $domain -split + # Important, because they can have a previous value when runs multiple times. + unset url_scheme + unset url_host + unset url_path + unset url_port + local scheme=$(echo "${1,,}" | cut -d':' -f 1 -s) local host=$(echo "${1,,}" | cut -d':' -f 2 -s | cut -d'/' -f 3 -s) local path=$(echo "${1,,}" | cut -d':' -f 2- -s | cut -d'/' -f 4- -s) @@ -1384,7 +1390,7 @@ check_var() { # Locations: Deny Extensions elif [[ $1 == "locations-deny-extensions" ]]; then if [[ -z $(conf_read locations-deny-extensions) ]]; then - local out="old|orig|original|php#|php~|php_bak|save|swo|asp|aspx|tpl|sh|bash|ba|bak|cfg|cgi|dll|git|hg|ini|jsp|log|mdb|out|sql|svn|swp|rdf|pem|ppk|asc|conf|dump|exe|msi|tar|gz|zip|bz2|7z" + local out="7z|asc|asp|aspx|ba|bak|bash|bat|bin|bz2|c|cfg|cgi|class|com|conf|cpp|crt|cs|dat|db|dbf|deb|der|dll|dmg|dmp|dump|ear|exe|git|gz|h|hg|hqx|img|ini|iso|jar|jsp|log|mdb|msi|msm|msp|old|orig|original|out|pem|php#|php_bak|php~|pkg|pl|ppk|py|rar|rdf|rpm|run|save|sh|sql|srv|svn|swo|swp|sys|tar|taz|tcl|tgz|tk|tmp|tpl|tz|vb|war|wsf|z|zip" else local out=$(conf_read locations-deny-extensions) fi @@ -1392,7 +1398,7 @@ check_var() { # Locations: Deny Files elif [[ $1 == "locations-deny-files" ]]; then if [[ -z $(conf_read locations-deny-files) ]]; then - local out="readme|license|example|legalnotice|installation|changelog|wp-config" + local out="changelog|example|installation|legalnotice|license|readme|wp-config" else local out=$(conf_read locations-deny-files) fi diff --git a/lib/install b/lib/install index a88e9f9..55d9394 100644 --- a/lib/install +++ b/lib/install @@ -213,7 +213,7 @@ php_install() { mysql_install() { api-events_update im1 - echo "${gre}MySQL version '$(conf_read mysql-ver)' is set as default.${end}" + echo "${gre}MySQL/MariaDB version '$(conf_read mysql-ver)' is set as default.${end}" # debconf-utils for unattended scripts # debconf-get-selections | grep phpmyadmin <<-- list conf variables @@ -590,9 +590,15 @@ nginx_tool_bkp() { sudo apt install -y debhelper dh-python python3 gnupg librsync-dev par2 pep8 pylint python3-pytest python3-pytest-cov python3-pytest-runner python3-dev python3-fasteners python3-future python3-mock python3-pexpect python3-setuptools python3-setuptools-scm rdiff rename rsync python3-pip python3-boto3 # Duplicity installation directly from source - # Temporal fix to remove warning - wait for: https://github.com/pypa/pip/issues/10556 - remove from stack purge too! + # Temporal fix to remove warning - wait for: https://github.com/pypa/pip/issues/10556 - remove from stack purge too! --root-user-action=ignore | Remove from update function also sudo pip3 install duplicity 2>&1 | grep -v "pip as the 'root' user" - + # In future, we need to do the correct way - using virtual env + #sudo apt install python3-venv + #sudo python3 -m venv /opt/duplicity/ + #sudo /opt/duplicity/bin/pip install --upgrade pip + #sudo /opt/duplicity/bin/pip install duplicity + #sudo ln -s /opt/duplicity/bin/duplicity /usr/bin/duplicity + # https://sourceforge.net/projects/ftplicity/files/duply%20%28simple%20duplicity%29/ sudo cp /opt/webinoly/templates/general/duply /usr/bin/ sudo chmod 755 /usr/bin/duply diff --git a/lib/sites b/lib/sites index 3e5d361..c010d4c 100644 --- a/lib/sites +++ b/lib/sites @@ -1300,6 +1300,12 @@ reverse_proxy() { url_scheme="http" fi + # After create-site this global variable is empty, because running multiple times + local local_url_scheme=$url_scheme + local local_url_host=$url_host + local local_url_port=$url_port + local local_url_path=$url_path + # Fix slash at the end when is alone, no real URI path! if [[ $dedicated_reverse_proxy != "simple" && $url_path == "/" ]]; then local proxydata=${proxydata:0:-1} @@ -1336,10 +1342,10 @@ reverse_proxy() { if [[ $dedicated_reverse_proxy == "simple" ]]; then # Force / at the end of the url for subfolders - [[ -n $url_path && $url_path != "/" && $(echo "${proxydata}" | rev | cut -c-1) != "/" ]] && proxydata="${proxydata}/" + [[ -n $local_url_path && $local_url_path != "/" && $(echo "${proxydata}" | rev | cut -c-1) != "/" ]] && proxydata="${proxydata}/" sudo sed -i "s##${proxydata}#g" /etc/nginx/apps.d/$domain$subname-proxy.conf else - [[ -n $url_scheme ]] && sudo sed -i "s#proxy_pass #proxy_pass ${url_scheme,,}://#g" /etc/nginx/apps.d/$domain$subname-proxy.conf + [[ -n $local_url_scheme ]] && sudo sed -i "s#proxy_pass #proxy_pass ${local_url_scheme,,}://#g" /etc/nginx/apps.d/$domain$subname-proxy.conf sudo sed -i "s##$(echo "$domain$subfolder" | sed "s/[^0-9A-Za-z]/_/g")#g" /etc/nginx/apps.d/$domain$subname-proxy.conf # Create the upstream @@ -1350,9 +1356,9 @@ reverse_proxy() { fi # Upstream server needs port, if empty, default is 80, so we need to fix it in case of https. - [[ -z $url_port && ${url_scheme,,} == "https" ]] && local fixport=":443" + [[ -z $local_url_port && ${local_url_scheme,,} == "https" ]] && local fixport=":443" - local upsvr="$(echo "${proxydata}${fixport}" | sed "s#${url_scheme}://##g")" + local upsvr="$(echo "${proxydata}${fixport}" | sed "s#${local_url_scheme}://##g")" echo "upstream $(echo "$domain$subfolder" | sed "s/[^0-9A-Za-z]/_/g") { zone upstreams; @@ -1372,7 +1378,7 @@ reverse_proxy() { # Set Host header for external sources, except when IP or Unix socket is used! # Simple dedicated is also excluded because proxy_pass seems to not need it. - if [[ -n $upsvr && -n $proxydata && ${url_host} != "localhost" && $(is_url $url_host) != "ip" && $(is_url $url_host) != "unix" ]]; then + if [[ -n $upsvr && -n $proxydata && $local_url_host != "localhost" && $(is_url $local_url_host) != "ip" && $(is_url $local_url_host) != "unix" ]]; then sudo sed -i "/#proxy_set_header Host /c\ proxy_set_header Host '${upsvr}';" /etc/nginx/apps.d/$domain$subname-proxy.conf fi diff --git a/lib/update b/lib/update index 5e0c4ad..1baf879 100644 --- a/lib/update +++ b/lib/update @@ -302,13 +302,13 @@ oneseven_to_oneight() { local domi=$(echo $site | cut -f 5 -d "/") if [[ $domi != "html" && $domi != $(conf_read tools-port) && -f /etc/nginx/sites-available/$domi ]]; then # All sites - sed -i "/include \/var\/www\/$domi\/\*-nginx.conf;/a \ include \/etc\/nginx\/conf.d\/\*.conf.svr;" /etc/nginx/sites-available/$domi + sed -i "/include \/var\/www\/$domi\/\*-nginx.conf;/a \ include \/etc\/nginx\/conf.d\/\*.conf.srv;" /etc/nginx/sites-available/$domi # Parked: Shared Nginx conf for main site if [[ $(is_parked $domi) == "true" ]]; then local main=$(grep -G "root .*;" /etc/nginx/sites-available/$domi | cut -d'/' -f 4) if [[ -f /etc/nginx/sites-available/$main ]]; then - sed -i "/include \/var\/www\/$main\/\*-nginx.conf;/a \ include \/etc\/nginx\/conf.d\/\*.conf.svr;" /etc/nginx/sites-available/$domi + sed -i "/include \/var\/www\/$main\/\*-nginx.conf;/a \ include \/etc\/nginx\/conf.d\/\*.conf.srv;" /etc/nginx/sites-available/$domi sed -i "/include \/var\/www\/${main}\/\*-$(echo $main | sed "s/[^0-9A-Za-z]/_/g")_parked.conf;/d" /etc/nginx/sites-available/$main sed -i "/include \/var\/www\/$main\/\*-nginx.conf;/a \ include \/var\/www\/${main}\/\*-$(echo $main | sed "s/[^0-9A-Za-z]/_/g")_parked.conf;" /etc/nginx/sites-available/$main fi @@ -347,6 +347,9 @@ oneseven_to_oneight() { [[ ${oldver//.} -lt 17 ]] && onesix_to_oneseven [[ ${oldver//.} -lt 18 ]] && oneseven_to_oneight +# Update PIP packages! +sudo pip3 install --upgrade duplicity 2>&1 | grep -v "pip as the 'root' user" + api-events_update wysue conf_delete stack-update sudo webinoly -server-reset diff --git a/lib/webin b/lib/webin index 1b84774..4f14941 100644 --- a/lib/webin +++ b/lib/webin @@ -645,20 +645,24 @@ set_tools_site() { conf_write tools-site $tools_site echo "${gre}Domain${blu} ${tools_site}:$(conf_read tools-port) ${gre}was successfully assigned to access your server tools!${end}" elif [[ $tools_site == "default" ]]; then - # MV in some edge cases fails to rename, specially when so much files are within the directories. - sudo mkdir -p /var/www/default:$(conf_read tools-port) - sudo cp -rp /var/www/$ADMIN_TOOLS_SITE/* /var/www/default:$(conf_read tools-port) - sudo rm -rf /var/www/$ADMIN_TOOLS_SITE - sudo rm -rf /etc/nginx/sites-available/$ADMIN_TOOLS_SITE - sudo cp /opt/webinoly/templates/general/admin_tools.conf /etc/nginx/sites-available/default:$(conf_read tools-port) - sudo sed -i "s//$(conf_read tools-port)/g" /etc/nginx/sites-available/default:$(conf_read tools-port) - sudo sed -i "s//default:$(conf_read tools-port)/g" /etc/nginx/sites-available/default:$(conf_read tools-port) - sudo rm -rf /etc/nginx/sites-enabled/$ADMIN_TOOLS_SITE - sudo ln -s /etc/nginx/sites-available/default:$(conf_read tools-port) /etc/nginx/sites-enabled/default:$(conf_read tools-port) - - sudo chown -R www-data:www-data /var/www - [[ $(conf_read login-www-data) == "true" ]] && sudo chown root:root /var/www - + if [[ $ADMIN_TOOLS_SITE != "default:$(conf_read tools-port)" ]]; then + # MV in some edge cases fails to rename, specially when so much files are within the directories. + sudo mkdir -p /var/www/default:$(conf_read tools-port) + sudo cp -rp /var/www/$ADMIN_TOOLS_SITE/* /var/www/default:$(conf_read tools-port) + sudo rm -rf /var/www/$ADMIN_TOOLS_SITE + sudo rm -rf /etc/nginx/sites-available/$ADMIN_TOOLS_SITE + sudo cp /opt/webinoly/templates/general/admin_tools.conf /etc/nginx/sites-available/default:$(conf_read tools-port) + sudo sed -i "s//$(conf_read tools-port)/g" /etc/nginx/sites-available/default:$(conf_read tools-port) + sudo sed -i "s//default:$(conf_read tools-port)/g" /etc/nginx/sites-available/default:$(conf_read tools-port) + sudo rm -rf /etc/nginx/sites-enabled/$ADMIN_TOOLS_SITE + sudo ln -s /etc/nginx/sites-available/default:$(conf_read tools-port) /etc/nginx/sites-enabled/default:$(conf_read tools-port) + + sudo chown -R www-data:www-data /var/www + [[ $(conf_read login-www-data) == "true" ]] && sudo chown root:root /var/www + else + # This is the case when importing a full site from backup! + echo "${blu}${dim}Tools data folder already exist, no need to re-create it!${end}" + fi conf_write tools-site default echo "${gre}Tools Site settings has been reset successfully!${end}" elif [[ -f /etc/nginx/sites-available/$tools_site && ! -f /etc/nginx/sites-available/$ADMIN_TOOLS_SITE ]]; then diff --git a/templates/general/conf b/templates/general/conf index 31a56b5..12223f3 100644 --- a/templates/general/conf +++ b/templates/general/conf @@ -174,15 +174,15 @@ # Block/Deny files and extensions -# Values: |... (files txt|html|htm|md) -# Values: |... (extensions) +# Values: |... (with this extension only: txt|html|htm|md) +# Values: |... (any file using any of these extensions) # Note: This is a security feature, please don't modify unless you are sure about it. -# Note: For example, any request to 'readme.txt' or 'name.log' will be blocked (case insensitive). +# Note: For example, any request to 'readme.txt' or 'name.log' will be blocked (case insensitive) by default. # Note: To revert any changes and set the original Webinoly defaults, just #comment these two variables and then server-reset. # Note: You can remove some extensions like 'exe' if you are distributing installers, for instance, or you can add any of your preference. ########################### -#locations-deny-files:readme|license|example|legalnotice|installation|changelog|wp-config -#locations-deny-extensions:old|orig|original|php#|php~|php_bak|save|swo|asp|aspx|tpl|sh|bash|ba|bak|cfg|cgi|dll|git|hg|ini|jsp|log|mdb|out|sql|svn|swp|rdf|pem|ppk|asc|conf|dump|exe|msi|tar|gz|zip|bz2|7z +#locations-deny-files:changelog|example|installation|legalnotice|license|readme|wp-config +#locations-deny-extensions:7z|asc|asp|aspx|ba|bak|bash|bat|bin|bz2|c|cfg|cgi|class|com|conf|cpp|crt|cs|dat|db|dbf|deb|der|dll|dmg|dmp|dump|ear|exe|git|gz|h|hg|hqx|img|ini|iso|jar|jsp|log|mdb|msi|msm|msp|old|orig|original|out|pem|php#|php_bak|php~|pkg|pl|ppk|py|rar|rdf|rpm|run|save|sh|sql|srv|svn|swo|swp|sys|tar|taz|tcl|tgz|tk|tmp|tpl|tz|vb|war|wsf|z|zip # FastCGI Cache diff --git a/templates/nginx/common/header.conf b/templates/nginx/common/header.conf index d0caaaf..f5cd3e3 100644 --- a/templates/nginx/common/header.conf +++ b/templates/nginx/common/header.conf @@ -25,7 +25,7 @@ include common/headers-html.conf; # NOTE: We have this location here (not in locations.conf) to add the HSTS header when needed in static files. # Add the Strict-Transport-Security header to all HTTPS responses. https://hstspreload.org/#deployment-recommendations -location ~* \.(css|xml|gif|jpeg|jpg|js|atom|rss|mml|txt|jad|wml|htc|avif|png|svg|svgz|tif|tiff|wbmp|webp|ico|jng|bmp|woff|woff2|jar|war|ear|json|hqx|doc|pdf|ps|eps|ai|rtf|m3u8|kml|kmz|xls|eot|ppt|odg|odp|ods|odt|pptx|xlsx|docx|wmlc|wasm|7z|cco|jardiff|jnlp|run|pl|pm|prc|pdb|rar|rpm|sea|swf|sit|tcl|tk|der|pem|crt|xpi|xhtml|xspf|zip|bin|exe|dll|deb|dmg|iso|img|msi|msp|msm|mid|midi|kar|mp3|ogg|m4a|ra|3gpp|3gp|ts|mp4|mpeg|mpg|mov|webm|flv|m4v|mng|asx|asf|wmv|avi|ogv|otf|ttf|tgz|gz|bz2|tar|wav|cur|heic|aac|webmanifest|cast)$ { +location ~* \.(3gp|3gpp|7z|aac|ai|asf|asx|atom|avi|avif|bin|bmp|bz2|cast|cco|crt|css|cur|deb|der|dll|dmg|doc|docx|ear|eot|eps|exe|flv|gif|gz|heic|hqx|htc|ico|img|iso|jad|jar|jardiff|jng|jnlp|jpeg|jpg|js|json|kar|kml|kmz|m3u8|m4a|m4v|mid|midi|mml|mng|mov|mp3|mp4|mpeg|mpg|msi|msm|msp|odg|odp|ods|odt|ogg|ogv|otf|pdb|pdf|pem|pl|pm|png|ppt|pptx|prc|ps|ra|rar|rpm|rss|rtf|run|sea|sit|svg|svgz|swf|tar|taz|tcl|tgz|tif|tiff|tk|ts|ttf|txt|tz|war|wasm|wav|wbmp|webm|webmanifest|webp|wml|wmlc|wmv|woff|woff2|xhtml|xls|xlsx|xml|xpi|xspf|z|zip)$ { include common/headers-http.conf; add_header "Access-Control-Allow-Origin" "*"; access_log off; diff --git a/templates/nginx/common/headers.conf b/templates/nginx/common/headers.conf index cf02927..a47a636 100644 --- a/templates/nginx/common/headers.conf +++ b/templates/nginx/common/headers.conf @@ -26,7 +26,7 @@ include common/headers-https.conf; # NOTE: We have this location here (not in locations.conf) to add the HSTS header when needed in static files. # Add the Strict-Transport-Security header to all HTTPS responses. https://hstspreload.org/#deployment-recommendations -location ~* \.(css|xml|gif|jpeg|jpg|js|atom|rss|mml|txt|jad|wml|htc|avif|png|svg|svgz|tif|tiff|wbmp|webp|ico|jng|bmp|woff|woff2|jar|war|ear|json|hqx|doc|pdf|ps|eps|ai|rtf|m3u8|kml|kmz|xls|eot|ppt|odg|odp|ods|odt|pptx|xlsx|docx|wmlc|wasm|7z|cco|jardiff|jnlp|run|pl|pm|prc|pdb|rar|rpm|sea|swf|sit|tcl|tk|der|pem|crt|xpi|xhtml|xspf|zip|bin|exe|dll|deb|dmg|iso|img|msi|msp|msm|mid|midi|kar|mp3|ogg|m4a|ra|3gpp|3gp|ts|mp4|mpeg|mpg|mov|webm|flv|m4v|mng|asx|asf|wmv|avi|ogv|otf|ttf|tgz|gz|bz2|tar|wav|cur|heic|aac|webmanifest|cast)$ { +location ~* \.(3gp|3gpp|7z|aac|ai|asf|asx|atom|avi|avif|bin|bmp|bz2|cast|cco|crt|css|cur|deb|der|dll|dmg|doc|docx|ear|eot|eps|exe|flv|gif|gz|heic|hqx|htc|ico|img|iso|jad|jar|jardiff|jng|jnlp|jpeg|jpg|js|json|kar|kml|kmz|m3u8|m4a|m4v|mid|midi|mml|mng|mov|mp3|mp4|mpeg|mpg|msi|msm|msp|odg|odp|ods|odt|ogg|ogv|otf|pdb|pdf|pem|pl|pm|png|ppt|pptx|prc|ps|ra|rar|rpm|rss|rtf|run|sea|sit|svg|svgz|swf|tar|taz|tcl|tgz|tif|tiff|tk|ts|ttf|txt|tz|war|wasm|wav|wbmp|webm|webmanifest|webp|wml|wmlc|wmv|woff|woff2|xhtml|xls|xlsx|xml|xpi|xspf|z|zip)$ { include common/headers-http.conf; include common/headers-https.conf; add_header "Access-Control-Allow-Origin" "*"; diff --git a/templates/template-site-php b/templates/template-site-php index b144cd2..78a0172 100644 --- a/templates/template-site-php +++ b/templates/template-site-php @@ -22,6 +22,6 @@ server { include common/locations.conf; include common/header.conf; include /var/www/domain.com/*-nginx.conf; - include /etc/nginx/conf.d/*.conf.svr; + include /etc/nginx/conf.d/*.conf.srv; } # WebinolyNginxServerEnd diff --git a/templates/template-site-proxy b/templates/template-site-proxy index ef36a96..f38aad8 100644 --- a/templates/template-site-proxy +++ b/templates/template-site-proxy @@ -31,7 +31,7 @@ location / { proxy_pass ; # CacheStaticFiles - location ~* \.(css|xml|gif|jpeg|jpg|js|atom|rss|mml|txt|jad|wml|htc|avif|png|svg|svgz|tif|tiff|wbmp|webp|ico|jng|bmp|woff|woff2|jar|war|ear|json|hqx|doc|pdf|ps|eps|ai|rtf|m3u8|kml|kmz|xls|eot|ppt|odg|odp|ods|odt|pptx|xlsx|docx|wmlc|wasm|7z|cco|jardiff|jnlp|run|pl|pm|prc|pdb|rar|rpm|sea|swf|sit|tcl|tk|der|pem|crt|xpi|xhtml|xspf|zip|bin|exe|dll|deb|dmg|iso|img|msi|msp|msm|mid|midi|kar|mp3|ogg|m4a|ra|3gpp|3gp|ts|mp4|mpeg|mpg|mov|webm|flv|m4v|mng|asx|asf|wmv|avi|ogv|otf|ttf|tgz|gz|bz2|tar|wav|cur|heic|aac|webmanifest|cast)$ { + location ~* \.(3gp|3gpp|7z|aac|ai|asf|asx|atom|avi|avif|bin|bmp|bz2|cast|cco|crt|css|cur|deb|der|dll|dmg|doc|docx|ear|eot|eps|exe|flv|gif|gz|heic|hqx|htc|ico|img|iso|jad|jar|jardiff|jng|jnlp|jpeg|jpg|js|json|kar|kml|kmz|m3u8|m4a|m4v|mid|midi|mml|mng|mov|mp3|mp4|mpeg|mpg|msi|msm|msp|odg|odp|ods|odt|ogg|ogv|otf|pdb|pdf|pem|pl|pm|png|ppt|pptx|prc|ps|ra|rar|rpm|rss|rtf|run|sea|sit|svg|svgz|swf|tar|taz|tcl|tgz|tif|tiff|tk|ts|ttf|txt|tz|war|wasm|wav|wbmp|webm|webmanifest|webp|wml|wmlc|wmv|woff|woff2|xhtml|xls|xlsx|xml|xpi|xspf|z|zip)$ { include common/headers-http.conf; include common/headers-https.conf; add_header "Access-Control-Allow-Origin" "*"; diff --git a/usr/stack b/usr/stack index 8dfedd5..e387458 100644 --- a/usr/stack +++ b/usr/stack @@ -261,6 +261,8 @@ elif [[ -n $purge && -n $mysql ]]; then echo "mysql-community-server mysql-community-server/remove-data-dir boolean true" | debconf-set-selections fi sudo apt -y purge mysql-server mysql-common mysql-common + sudo rm -rf /usr/share/keyrings/mysql-archive-keyring.gpg + sudo rm -rf /etc/apt/sources.list.d/mysql.list else if [[ $mysql == "keep-data" ]]; then echo "mariadb-server-${mysqlver} mariadb-server-${mysqlver}/postrm_remove_databases boolean false" | debconf-set-selections @@ -268,6 +270,8 @@ elif [[ -n $purge && -n $mysql ]]; then echo "mariadb-server-${mysqlver} mariadb-server-${mysqlver}/postrm_remove_databases boolean true" | debconf-set-selections fi sudo apt -y purge mariadb-server mariadb-common mysql-common + sudo rm -rf /usr/share/keyrings/mariadb-archive-keyring.gpg + sudo rm -rf /etc/apt/sources.list.d/mariadb.list fi purge_mysql_client