PostERG/xamxam
1
0
Fork 0
mirror of https://codeberg.org/PostERG/xamxam.git synced 2026-05-07 03:29:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix nginx deduplication: remove nginx/scripts/ entirely, fix README typos and dead references

Browse Source
This commit is contained in:
Pontoporeia
2026-04-15 10:58:59 +02:00
parent 507f3eb704
commit 67a4aaac26
7 changed files with 10 additions and 177 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
README.md
View File

@@ -35,7 +35,6 @@ posterg/
│ └── manage-admin-users.sh # Run on server with sudo to manage htpasswd │ └── manage-admin-users.sh # Run on server with sudo to manage htpasswd
└── nginx/ # nginx config and reference files └── nginx/ # nginx config and reference files
├── posterg.conf ├── posterg.conf
├── scripts/ # Server setup scripts (password, PHP SQLite)
└── docs/ # Documentation └── docs/ # Documentation
``` ```
@@ -95,4 +94,4 @@ ssh posterg "sudo bash /tmp/manage-admin-users.sh"
- Admin panel protected by nginx `auth_basic` + PHP session (`AdminAuth`) - Admin panel protected by nginx `auth_basic` + PHP session (`AdminAuth`)
- Uploads stored outside webroot, served via controlled `media.php` - Uploads stored outside webroot, served via controlled `media.php`
- Rate limiting on public search (`src/RateLimit.php`) - Rate limiting on public search (`src/RateLimit.php`)
- See `docs/TODO.SECURITY.md` for outstanding items - See `nginx/docs/SECURITY_HEADERS.md` for security headers reference

5
TODO.md
View File

@@ -7,3 +7,8 @@
- [x] Create nginx/SETUP.md - [x] Create nginx/SETUP.md
- [x] Create top-level SETUP.md - [x] Create top-level SETUP.md
- [x] Update documentation paths (/var/www/html/ → /var/www/posterg/, /formulaire/ → /admin/) - [x] Update documentation paths (/var/www/html/ → /var/www/posterg/, /formulaire/ → /admin/)
- [x] Remove nginx/scripts/ entirely (install-php-sqlite.sh was duplicate, fix-paths.sh was stale, setup-password.sh superseded by manage-admin-users.sh)
- [x] Fix typo HTACCESS_TO_ NGINX.md → HTACCESS_TO_NGINX.md in nginx/README.md
- [x] Fix nginx/SETUP.md manual step to use just manage-admin-users instead of raw htpasswd
- [x] Fix root README.md dead reference to docs/TODO.SECURITY.md
- [x] Update root README.md project structure (remove nginx/scripts/ entry)

4
nginx/README.md
View File

@@ -5,10 +5,6 @@ This directory contains nginx configuration and documentation for the Post-ERG t
## 📁 Files ## 📁 Files
- **`posterg.conf`** - Complete nginx configuration file - **`posterg.conf`** - Complete nginx configuration file
- **`scripts/`** - Server setup scripts
- `setup-password.sh` - Create admin passwords
- `install-php-sqlite.sh` - Install PHP SQLite extension
- `fix-paths.sh` - Fix PHP include paths
- **`docs/`** - Documentation - **`docs/`** - Documentation
- `PRODUCTION_DEPLOYMENT.md` - Deployment guide - `PRODUCTION_DEPLOYMENT.md` - Deployment guide
- `QUICK_REFERENCE.md` - Command reference - `QUICK_REFERENCE.md` - Command reference

4
nginx/SETUP.md
View File

@@ -44,7 +44,9 @@ sudo apt install nginx apache2-utils php8.4-fpm
### 2. Create Admin Password ### 2. Create Admin Password
```bash ```bash
sudo htpasswd -c /etc/nginx/.htpasswd-posterg admin just manage-admin-users
# Then on the server:
ssh posterg "sudo bash /tmp/manage-admin-users.sh"
``` ```
### 3. Copy Nginx Configuration ### 3. Copy Nginx Configuration

24
nginx/scripts/fix-paths.sh
View File

@@ -1,24 +0,0 @@
#!/bin/bash
# Fix shared library paths for production deployment
echo "🔧 Fixing shared library paths for production..."
cd /var/www/html
# Fix paths in PHP files
find . -maxdepth 1 -name "*.php" -type f -exec sed -i "s|__DIR__ \. '/\.\./\.\./shared/|__DIR__ . '/shared/|g" {} \;
echo "✓ Updated paths in:"
echo " - index.php"
echo " - memoire.php"
echo " - search.php"
echo " - test_db.php"
# Test if it works
echo ""
echo "🧪 Testing..."
php -r "require_once '/var/www/html/shared/Database.php'; echo 'Database.php loads successfully\n';"
echo ""
echo "✅ Path fix complete!"
echo "Try: curl http://localhost/"

34
nginx/scripts/install-php-sqlite.sh
View File

@@ -1,34 +0,0 @@
#!/bin/bash
# Install PHP SQLite extension
echo "🔧 Installing PHP SQLite extension..."
# Check if running as root
if [ "$EUID" -ne 0 ]; then
echo "Error: This script must be run as root (use sudo)"
exit 1
fi
# Detect PHP version
PHP_VERSION=$(php -r "echo PHP_MAJOR_VERSION.'.'.PHP_MINOR_VERSION;")
echo "Detected PHP version: $PHP_VERSION"
# Install SQLite extension
echo "Installing php${PHP_VERSION}-sqlite3..."
apt-get update -qq
apt-get install -y php${PHP_VERSION}-sqlite3
# Restart PHP-FPM
echo "Restarting PHP-FPM..."
systemctl restart php${PHP_VERSION}-fpm
# Verify installation
if php -m | grep -q sqlite3; then
echo "✅ SQLite extension installed successfully"
echo ""
echo "Installed extensions:"
php -m | grep -i sqlite
else
echo "❌ Failed to install SQLite extension"
exit 1
fi

111
nginx/scripts/setup-password.sh
View File

@@ -1,111 +0,0 @@
#!/bin/bash
#
# Setup script for Post-ERG admin password
# Creates htpasswd file for nginx basic authentication
#
set -e
echo "================================================="
echo "Post-ERG Admin Password Setup"
echo "================================================="
echo ""
# Check if running as root
if [ "$EUID" -ne 0 ]; then
echo "⚠️ This script must be run as root (use sudo)"
exit 1
fi
# Check if apache2-utils is installed
if ! command -v htpasswd &> /dev/null; then
echo "📦 Installing apache2-utils..."
apt-get update
apt-get install -y apache2-utils
fi
# Configuration
HTPASSWD_FILE="/etc/nginx/.htpasswd-posterg"
BACKUP_FILE="/etc/nginx/.htpasswd-posterg.backup"
# Backup existing file if it exists
if [ -f "$HTPASSWD_FILE" ]; then
echo "📋 Backing up existing password file..."
cp "$HTPASSWD_FILE" "$BACKUP_FILE"
echo " Backup saved to: $BACKUP_FILE"
echo ""
fi
# Prompt for username
echo "Enter admin username (default: admin):"
read -r USERNAME
USERNAME=${USERNAME:-admin}
# Create or update password file
if [ -f "$HTPASSWD_FILE" ]; then
# File exists, update/add user
echo ""
echo "Creating/updating user: $USERNAME"
htpasswd "$HTPASSWD_FILE" "$USERNAME"
else
# Create new file
echo ""
echo "Creating new password file for user: $USERNAME"
htpasswd -c "$HTPASSWD_FILE" "$USERNAME"
fi
# Set correct permissions
chmod 644 "$HTPASSWD_FILE"
chown root:root "$HTPASSWD_FILE"
echo ""
echo "✅ Password file created/updated successfully!"
echo ""
echo "Details:"
echo " File: $HTPASSWD_FILE"
echo " User: $USERNAME"
echo " Permissions: 644 (readable by nginx)"
echo ""
# Ask if user wants to add more users
echo "Do you want to add another user? (y/n)"
read -r ADD_MORE
while [ "$ADD_MORE" = "y" ] || [ "$ADD_MORE" = "Y" ]; do
echo ""
echo "Enter username for additional user:"
read -r USERNAME
if [ -z "$USERNAME" ]; then
echo "❌ Username cannot be empty"
continue
fi
echo "Adding user: $USERNAME"
htpasswd "$HTPASSWD_FILE" "$USERNAME"
echo ""
echo "Add another user? (y/n)"
read -r ADD_MORE
done
echo ""
echo "================================================="
echo "Setup Complete!"
echo "================================================="
echo ""
echo "Current users in $HTPASSWD_FILE:"
cut -d: -f1 "$HTPASSWD_FILE" | while read -r user; do
echo " - $user"
done
echo ""
echo "Next steps:"
echo " 1. Copy nginx config: cp nginx/posterg.conf /etc/nginx/sites-available/posterg"
echo " 2. Enable site: ln -s /etc/nginx/sites-available/posterg /etc/nginx/sites-enabled/"
echo " 3. Test config: nginx -t"
echo " 4. Reload nginx: systemctl reload nginx"
echo ""
echo "The admin panel at /formulaire/ will now require authentication."
echo ""
echo "⚠️ IMPORTANT: Save these credentials securely!"
echo ""