PostERG/xamxam
1
0
Fork 0
mirror of https://codeberg.org/PostERG/xamxam.git synced 2026-05-06 19:19:19 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
3a1cd5b43e924091f081132da1b80591e2efcd0c
xamxam/nginx/setup-password.sh
Théophile Gervreau-Mercier 467aced734 Restructure repository and implement secure search feature 
Phase 1: Consolidate shared infrastructure
- Create shared/ directory for common code
- Consolidate Database.php from front-backend and formulaire into unified shared/Database.php
  - Smart path detection for test.db vs posterg.db
  - Secure search with wildcard escaping and input validation
  - Support both singleton and direct instantiation patterns
  - Full CRUD methods for admin functionality
- Move RateLimit.php to shared/ (30 requests/min)
- Update all require paths across apps to use shared/

Phase 2: Reorganize directory structure
- Rename front-backend/ → apps/public/
- Rename formulaire/ → apps/admin/
- Rename db/ → database/
- Update all file paths for new structure
- Create root .gitignore excluding databases, cache, logs

Implement secure search feature
- Add apps/public/search.php with full-text search across theses
- Search filters: query, year, orientation, AP program, keywords
- Security features:
  - SQL injection prevention (prepared statements)
  - Wildcard injection prevention (escape % and _)
  - Input validation (max 200 chars, year range 1900-2100)
  - Rate limiting (30 req/min per IP)
  - Pagination limited to 100 results/page
  - XSS protection (htmlspecialchars on output)

Add comprehensive test suite
- Create apps/public/tests/ with proper structure
  - tests/Integration/SearchTest.php - 12 search scenarios
  - tests/Security/SecurityTest.php - vulnerability testing
  - tests/Unit/RateLimitTest.php - rate limit behavior
- Create database/fixtures/CreateTestDatabase.php
- Add apps/public/run-tests.php test runner
- All tests passing (4/4 suites)

Update deployment configuration
- Rename justfile 'sync' recipe to 'deploy'
- Create deploy group with separate deploy-public and deploy-admin
- Add test-deploy recipe for test database
- Exclude *.db, tests/, cache/, *.md from production deploy
- Deploy shared/ to both public and admin locations

Stats: +4482 insertions, -654 deletions across 72 files
2026-02-02 18:53:58 +01:00

112 lines
2.8 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
#
# Setup script for Post-ERG admin password
# Creates htpasswd file for nginx basic authentication
#
set -e
echo "================================================="
echo "Post-ERG Admin Password Setup"
echo "================================================="
echo ""
# Check if running as root
if [ "$EUID" -ne 0 ]; then
echo "⚠️ This script must be run as root (use sudo)"
exit 1
fi
# Check if apache2-utils is installed
if ! command -v htpasswd &> /dev/null; then
echo "📦 Installing apache2-utils..."
apt-get update
apt-get install -y apache2-utils
fi
# Configuration
HTPASSWD_FILE="/etc/nginx/.htpasswd-posterg"
BACKUP_FILE="/etc/nginx/.htpasswd-posterg.backup"
# Backup existing file if it exists
if [ -f "$HTPASSWD_FILE" ]; then
echo "📋 Backing up existing password file..."
cp "$HTPASSWD_FILE" "$BACKUP_FILE"
echo " Backup saved to: $BACKUP_FILE"
echo ""
fi
# Prompt for username
echo "Enter admin username (default: admin):"
read -r USERNAME
USERNAME=${USERNAME:-admin}
# Create or update password file
if [ -f "$HTPASSWD_FILE" ]; then
# File exists, update/add user
echo ""
echo "Creating/updating user: $USERNAME"
htpasswd "$HTPASSWD_FILE" "$USERNAME"
else
# Create new file
echo ""
echo "Creating new password file for user: $USERNAME"
htpasswd -c "$HTPASSWD_FILE" "$USERNAME"
fi
# Set correct permissions
chmod 644 "$HTPASSWD_FILE"
chown root:root "$HTPASSWD_FILE"
echo ""
echo "✅ Password file created/updated successfully!"
echo ""
echo "Details:"
echo " File: $HTPASSWD_FILE"
echo " User: $USERNAME"
echo " Permissions: 644 (readable by nginx)"
echo ""
# Ask if user wants to add more users
echo "Do you want to add another user? (y/n)"
read -r ADD_MORE
while [ "$ADD_MORE" = "y" ] || [ "$ADD_MORE" = "Y" ]; do
echo ""
echo "Enter username for additional user:"
read -r USERNAME
if [ -z "$USERNAME" ]; then
echo "❌ Username cannot be empty"
continue
fi
echo "Adding user: $USERNAME"
htpasswd "$HTPASSWD_FILE" "$USERNAME"
echo ""
echo "Add another user? (y/n)"
read -r ADD_MORE
done
echo ""
echo "================================================="
echo "Setup Complete!"
echo "================================================="
echo ""
echo "Current users in $HTPASSWD_FILE:"
cut -d: -f1 "$HTPASSWD_FILE" | while read -r user; do
echo " - $user"
done
echo ""
echo "Next steps:"
echo " 1. Copy nginx config: cp nginx/posterg.conf /etc/nginx/sites-available/posterg"
echo " 2. Enable site: ln -s /etc/nginx/sites-available/posterg /etc/nginx/sites-enabled/"
echo " 3. Test config: nginx -t"
echo " 4. Reload nginx: systemctl reload nginx"
echo ""
echo "The admin panel at /formulaire/ will now require authentication."
echo ""
echo "⚠️ IMPORTANT: Save these credentials securely!"
echo ""
Reference in New Issue View Git Blame Copy Permalink