FreedomBox

nik/FreedomBox

Fork 0

mirror of https://github.com/freedombox/FreedomBox.git synced 2026-01-28 08:03:36 +00:00

Commit Graph

Author	SHA1	Message	Date
Sunil Mohan Adapa	35bfe86bda	apache: Enable dav and dav_fs modules - DAV can simplify hosting the Feather Wiki app. - It can also potentially be used to share folders over HTTP to clients such a GNOME/KDE file mangers. - Enabling the modules by default should have few disadvantages other than slight increase in memory. It needs to be enabled with 'DAV on' directive on the specific directories. Tests: - Running the service after patch run apache setup and the modules are enabled. Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>	2024-08-07 20:03:10 -07:00
Sunil Mohan Adapa	72d7a05ead	apache: Fix logs still going into /var/log files Closes: #2264. - Set apache-auth fail2ban jail's backend to read from journal instead of syslog. Tweak the regex matching to deal with the custom format. - Adjust the apache error log format to remove unnecessary timestamp. It causes problems for fail2ban regex matching. - There was an error in the earlier patch the make apache log into journald. Configuration for TLS sites still contained ErrorLog and CustomLog directives. Remove them. - There is also file with CustomLog directive that logs for other vhosts. - For some reason, for custom error log format, %T - thread ID did not work and had to switch to %{g}T global thread ID. - Added journalmatch to improve performance by matching the regular expressions against only specific journal entries. Tests: - In a container, apply the patch, run setup and start FreedomBox. Apache app is updated to new version. Apache web server is reloaded. The other-vhosts-access-log configuration is disabled. - On a production machine, remove the directives in freedombox-tls-site-macro.conf and disabling other-vhosts-access-log stopped the logging into /var/log/apache2/ directory. - Use TTRSS /tt-rss-app/ URL and type wrong credentials for 10 times. The client is banned for 10 minutes. Repeat after unban. Client is banned again. Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org> Reviewed-by: James Valleroy <jvalleroy@mailbox.org>	2022-10-09 08:53:46 -04:00
Sunil Mohan Adapa	3e2900b48b	apache: Use privileged decorator for actions Tests: - Initial setup works when a new container is created - When transmission is enabled/disabled, the web configuration for it is enabled/disabled. - When radicale is enabled/disabled, the uwsgi configuration for it is enabled/disabled. - Sharing web configuration is disabled during backup and re-enabled. Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org> Reviewed-by: James Valleroy <jvalleroy@mailbox.org>	2022-10-08 18:51:15 -04:00

Author

SHA1

Message

Date

Sunil Mohan Adapa

35bfe86bda

apache: Enable dav and dav_fs modules

- DAV can simplify hosting the Feather Wiki app.

- It can also potentially be used to share folders over HTTP to clients such a
GNOME/KDE file mangers.

- Enabling the modules by default should have few disadvantages other than
slight increase in memory. It needs to be enabled with 'DAV on' directive on the
specific directories.

Tests:

- Running the service after patch run apache setup and the modules are enabled.

Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>

2024-08-07 20:03:10 -07:00

Sunil Mohan Adapa

72d7a05ead

apache: Fix logs still going into /var/log files

Closes: #2264.

- Set apache-auth fail2ban jail's backend to read from journal instead of
syslog. Tweak the regex matching to deal with the custom format.

- Adjust the apache error log format to remove unnecessary timestamp. It causes
problems for fail2ban regex matching.

- There was an error in the earlier patch the make apache log into journald.
Configuration for TLS sites still contained ErrorLog and CustomLog directives.
Remove them.

- There is also file with CustomLog directive that logs for other vhosts.

- For some reason, for custom error log format, %T - thread ID did not work and
had to switch to %{g}T global thread ID.

- Added journalmatch to improve performance by matching the regular expressions
against only specific journal entries.

Tests:

- In a container, apply the patch, run setup and start FreedomBox. Apache app is
updated to new version. Apache web server is reloaded. The
other-vhosts-access-log configuration is disabled.

- On a production machine, remove the directives in
freedombox-tls-site-macro.conf and disabling other-vhosts-access-log stopped the
logging into /var/log/apache2/ directory.

- Use TTRSS /tt-rss-app/ URL and type wrong credentials for 10 times. The client
is banned for 10 minutes. Repeat after unban. Client is banned again.

Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>

2022-10-09 08:53:46 -04:00

Sunil Mohan Adapa

3e2900b48b

apache: Use privileged decorator for actions

Tests:

- Initial setup works when a new container is created
- When transmission is enabled/disabled, the web configuration for it is
  enabled/disabled.
- When radicale is enabled/disabled, the uwsgi configuration for it is
  enabled/disabled.
- Sharing web configuration is disabled during backup and re-enabled.

Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>

2022-10-08 18:51:15 -04:00

3 Commits