Adding minor webapps to WebServer tracking

Этот коммит содержится в:
2024-01-12 13:06:58 -06:00
родитель 221ce69a80
Коммит cd3210c5fb
7 изменённых файлов: 82 добавлений и 3 удалений

9
precommit-hooks/ensure-apps-are-short Исполняемый файл
Просмотреть файл

@@ -0,0 +1,9 @@
#!/bin/bash
# Webserver apps directory should be short -- apps that fail this category should become their own.
for file in `find roles/WebServer/files/apps -type f`; do
if [[ $(wc -l "$file" | awk '{ print $1; }') -gt 10 ]]; then
echo "$file" is too long to be deployed as a mini-app under the WebServer role.
fi
done

Просмотреть файл

@@ -10,6 +10,16 @@ Of security note are the default.csp.conf and sec.conf files in [the conf folder
**Please note:** We offer a redirect on www.aninix.net and http://aninix.net:80/ only as a legacy convenience as browsers do not yet support 443 by default -- no data is transmitted on these. When the webhosting community acknowledges the death of the empty www. subdomain and the necessity of encryption, we will drop these. However, for usability, we include them for now.
## Apps
We include `files/apps` here for apps that are too small to warrant their own project. These include things like:
* AniNIX/Scratch -- a scratchpad in cache
* AniNIX/BlackPage -- a blackout page for the monitor
* AniNIX/WhatIsMyIP -- an IP-returning service, reducing the load on upstream [WhatIsMyIP](https://whatismyip.com)
These apps must be short -- a hook is in place to ensure this.
# Available Clients
Users should use [Chrome](http://google.com/chrome/browser/desktop/) where possible, though other standard browsers will work. [AniNIX/Maat](https://maat.aninix.net) builds google-chrome as a package for ArchLinux.

9
roles/WebServer/files/apps/blackpage.html Обычный файл
Просмотреть файл

@@ -0,0 +1,9 @@
<html>
<head>
<title>Hit F11 to black screen</title>
<link rel="stylesheet" type="text/css" href="../style.css">
</head>
<body>
</body>
</html>

5
roles/WebServer/files/apps/notepad.html Обычный файл
Просмотреть файл

@@ -0,0 +1,5 @@
<html>
<body>
<form><textarea cols=80 rows=35></textarea></form>
</body>
</html>

3
roles/WebServer/files/apps/whatismyip.php Обычный файл
Просмотреть файл

@@ -0,0 +1,3 @@
<?php
echo $_SERVER['REMOTE_ADDR'];
?>

Просмотреть файл

@@ -18,10 +18,14 @@ server {
proxy_pass http://127.0.0.1:3000;
}
location /shadowarch {
rewrite /shadowarch /Foundation/ShadowArch/raw/branch/main/EtcFiles/shadowarch;
}
location /aninix.xml {
proxy_hide_header Content-Type;
add_header content-type "application/atom+xml";
rewrite /aninix.xml /AniNIX/Wiki/raw/branch/main/rss/aninix.xml;
rewrite /aninix.xml /Foundation/Wiki/raw/branch/main/rss/aninix.xml;
}
location /martialarts/maqotw.xml {
@@ -44,6 +48,12 @@ server {
try_files $uri /blackpage.html;
}
location /notepad {
root /usr/share/webapps/aninix/;
try_files $uri /notepad.html;
}
}
server {

Просмотреть файл

@@ -1,4 +1,5 @@
---
- name: Install components
become: yes
package:
@@ -11,6 +12,25 @@
- php
- php-fpm
- name: Config directories
become: yes
file:
path: "{{ item }}"
state: directory
owner: http
group: http
mode: 0750
loop:
- /usr/share/webapps/aninix
- /etc/nginx/conf
- /etc/nginx/conf.d
- /etc/modsecurity
- /var/log/modsec
- /var/log/modsec/tmp
- /var/log/modsec/data
- /var/log/modsec/audit
- /var/log/modsec/uploads
- name: Copy PHP config
become: yes
copy:
@@ -43,6 +63,16 @@
follow: true
register: conf
- name: Copy conf
become: yes
copy:
src: apps/
dest: /usr/share/webapps/aninix
owner: http
group: http
mode: 0660
follow: true
- name: Nginx pidfile
become: yes
ignore_errors: true
@@ -83,7 +113,7 @@
dest: /usr/share/owasp-modsecurity-crs
umask: "0022"
- name: Modsecurity config dir
- name: Config directories
become: yes
file:
path: "{{ item }}"
@@ -92,6 +122,9 @@
group: http
mode: 0750
loop:
- /usr/share/webapps/aninix
- /etc/nginx/conf
- /etc/nginx/conf.d
- /etc/modsecurity
- /var/log/modsec
- /var/log/modsec/tmp