nik/FreedomBox
1
0
Fork 0
mirror of https://github.com/freedombox/FreedomBox.git synced 2026-03-11 09:04:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

nextcloud: Retrieve database password in a more robust way

Browse Source 
- Eliminate the need for parsing the complex file.

Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
This commit is contained in:
Sunil Mohan Adapa 2024-04-04 10:13:03 -07:00 committed by James Valleroy
parent 72c8a3f7b8
commit 281aaa9462
No known key found for this signature in database
GPG Key ID: 77C0C75E7B650808
1 changed files with 16 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
plinth/modules/nextcloud/privileged.py
View File

@ -4,7 +4,6 @@
import json
import pathlib
import random
import re
import shutil
import string
import subprocess
@ -85,13 +84,19 @@ def setup():
_configure_systemd()
def _run_occ(*args, capture_output: bool = False, check: bool = True,
env: dict[str, str] | None = None) -> subprocess.CompletedProcess:
"""Run the Nextcloud occ command inside the container."""
def _run_in_container(
*args, capture_output: bool = False, check: bool = True,
env: dict[str, str] | None = None) -> subprocess.CompletedProcess:
"""Run a command inside the container."""
env_args = [f'--env={key}={value}' for key, value in (env or {}).items()]
occ = ['podman', 'exec', '--user', 'www-data'
] + env_args + [CONTAINER_NAME, '/var/www/html/occ'] + list(args)
return subprocess.run(occ, capture_output=capture_output, check=check)
command = ['podman', 'exec', '--user', 'www-data'
] + env_args + [CONTAINER_NAME] + list(args)
return subprocess.run(command, capture_output=capture_output, check=check)
def _run_occ(*args, **kwargs) -> subprocess.CompletedProcess:
"""Run the Nextcloud occ command inside the container."""
return _run_in_container('/var/www/html/occ', *args, **kwargs)
@privileged
@ -352,14 +357,10 @@ def _get_dbpassword():
OCC cannot run unless Nextcloud can already connect to the database.
"""
config_file = _volume_path / '_data/config/config.php'
with open(config_file, 'r', encoding='utf-8') as config:
config_contents = config.read()
pattern = r"'{}'\s*=>\s*'([^']*)'".format(re.escape('dbpassword'))
match = re.search(pattern, config_contents)
return match.group(1)
code = 'include_once("/var/www/html/config/config.php");' \
'print($CONFIG["dbpassword"]);'
return _run_in_container('php', '-r', code,
capture_output=True).stdout.decode().strip()
def _create_redis_config(password):