Remove misc directory
This commit is contained in:
parent
a67912e89e
commit
8cab91f51a
1
.gitignore
vendored
1
.gitignore
vendored
|
@ -9,5 +9,4 @@ onyx/config/root.xml
|
||||||
onyx/db/*.profile.php
|
onyx/db/*.profile.php
|
||||||
onyx/tpl/*/*.html
|
onyx/tpl/*/*.html
|
||||||
submission/*
|
submission/*
|
||||||
misc/openssl.cnf
|
|
||||||
libmcrypt-perl_2.5.7.0-1_amd64.deb
|
libmcrypt-perl_2.5.7.0-1_amd64.deb
|
||||||
|
|
19
Dockerfile
19
Dockerfile
|
@ -24,11 +24,11 @@ RUN apt-get -y update && \
|
||||||
&& \
|
&& \
|
||||||
apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
|
apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
|
||||||
|
|
||||||
RUN useradd -d /var/www/fic-server/misc/ -M -N -g www-data synchro
|
RUN useradd -d /var/www/fic-server -M -N -g www-data synchro
|
||||||
|
|
||||||
# Copying files #######################################################
|
# Copying files #######################################################
|
||||||
|
|
||||||
WORKDIR /var/www/fic-server/misc
|
WORKDIR /var/www/fic-server
|
||||||
|
|
||||||
ADD . /var/www/fic-server/
|
ADD . /var/www/fic-server/
|
||||||
|
|
||||||
|
@ -49,22 +49,17 @@ RUN ln -sf /var/www/fic-server/onyx/config/sample.root.xml /var/www/fic-server/o
|
||||||
# ENVIRONNEMENT #######################################################
|
# ENVIRONNEMENT #######################################################
|
||||||
|
|
||||||
EXPOSE 80/tcp 443/tcp
|
EXPOSE 80/tcp 443/tcp
|
||||||
VOLUME ["/var/www/fic-server/out","/var/www/fic-server/files","/var/www/fic-server/submission","/var/www/fic-server/misc/shared"]
|
VOLUME ["/var/www/fic-server/out","/var/www/fic-server/files","/var/www/fic-server/submission","/var/www/fic-server/shared"]
|
||||||
|
|
||||||
CMD mkdir -p /var/www/fic-server/logs; \
|
CMD mkdir -p /var/www/fic-server/logs; \
|
||||||
chown -R www-data:www-data /var/www/fic-server/misc; \
|
chown -R www-data:www-data /var/www/fic-server/shared /var/www/fic-server/PKI; \
|
||||||
chown -R synchro:www-data /var/www/fic-server/submission /var/www/fic-server/logs /var/www/fic-server/out; \
|
chown -R synchro:www-data /var/www/fic-server/submission /var/www/fic-server/logs /var/www/fic-server/out; \
|
||||||
chmod 660 /var/www/fic-server/submission; \
|
chmod 660 /var/www/fic-server/submission; \
|
||||||
if ! [ -f server.crt ]; \
|
|
||||||
then \
|
|
||||||
bash ./CA.sh -newserver; \
|
|
||||||
fi; \
|
|
||||||
bash ./CA.sh -gencrl && \
|
|
||||||
service nginx start && \
|
service nginx start && \
|
||||||
service php5-fpm start && \
|
service php5-fpm start && \
|
||||||
service mysql start && \
|
service mysql start && \
|
||||||
../nginx_gen_team.sh > ../misc/shared/nginx-teams.conf && \
|
./nginx_gen_team.sh > ./shared/nginx-teams.conf && \
|
||||||
echo 'Copying files...' && \
|
echo 'Copying files...' && \
|
||||||
../gen_hash_link_files.sh --copy ../files-in ../files; \
|
./gen_hash_link_files.sh --copy ./files-in ./files; \
|
||||||
(../launch_local.sh &); \
|
(./launch_local.sh &); \
|
||||||
/bin/bash
|
/bin/bash
|
||||||
|
|
|
@ -30,7 +30,7 @@ characters. This key is used to generate the server certificate.
|
||||||
When you see:
|
When you see:
|
||||||
|
|
||||||
```
|
```
|
||||||
root@xxxxxxxxxxxx:/var/www/fic-server/misc#
|
root@xxxxxxxxxxxx:/var/www/fic-server#
|
||||||
```
|
```
|
||||||
|
|
||||||
congratulations, the container is running!
|
congratulations, the container is running!
|
||||||
|
|
|
@ -20,7 +20,8 @@ then
|
||||||
|
|
||||||
mysqldump -u backup --password="$BCKP_PASS" fic > "$TO_BCKP"/db/`date +%Y%m%d-%H%M`.sql
|
mysqldump -u backup --password="$BCKP_PASS" fic > "$TO_BCKP"/db/`date +%Y%m%d-%H%M`.sql
|
||||||
|
|
||||||
rsync -avL misc "$TO_BCKP"
|
rsync -avL shared "$TO_BCKP"
|
||||||
|
rsync -avL pki "$TO_BCKP"
|
||||||
rsync -avL .git "$TO_BCKP"
|
rsync -avL .git "$TO_BCKP"
|
||||||
rsync -avL logs "$TO_BCKP"
|
rsync -avL logs "$TO_BCKP"
|
||||||
rsync -avL /var/log "$TO_BCKP"
|
rsync -avL /var/log "$TO_BCKP"
|
||||||
|
|
4
check.pl
4
check.pl
|
@ -63,9 +63,9 @@ for my $p (<$conf>)
|
||||||
close $conf;
|
close $conf;
|
||||||
|
|
||||||
my $end_time = 1999999999;
|
my $end_time = 1999999999;
|
||||||
if (-f "$root/misc/challenge_started")
|
if (-f "$root/shared/challenge_started")
|
||||||
{
|
{
|
||||||
open my $conf, "<", "$root/misc/challenge_started";
|
open my $conf, "<", "$root/shared/challenge_started";
|
||||||
$end_time = <$conf>;
|
$end_time = <$conf>;
|
||||||
close $conf;
|
close $conf;
|
||||||
chomp($end_time);
|
chomp($end_time);
|
||||||
|
|
|
@ -18,15 +18,15 @@ server {
|
||||||
access_log /var/log/nginx/fic.access_log;
|
access_log /var/log/nginx/fic.access_log;
|
||||||
error_log /var/log/nginx/fic.error_log;
|
error_log /var/log/nginx/fic.error_log;
|
||||||
|
|
||||||
ssl_certificate /var/www/fic-server/misc/shared/server.crt;
|
ssl_certificate /var/www/fic-server/shared/server.crt;
|
||||||
ssl_certificate_key /var/www/fic-server/misc/shared/server.key;
|
ssl_certificate_key /var/www/fic-server/shared/server.key;
|
||||||
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
|
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
|
||||||
ssl_prefer_server_ciphers on;
|
ssl_prefer_server_ciphers on;
|
||||||
# ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:!ADH:!AECDH:!MD5:!DSS;
|
# ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:!ADH:!AECDH:!MD5:!DSS;
|
||||||
ssl_ciphers AES256+EECDH:AES256+EDH;
|
ssl_ciphers AES256+EECDH:AES256+EDH;
|
||||||
ssl_client_certificate /var/www/fic-server/misc/shared/cacert.crt;
|
ssl_client_certificate /var/www/fic-server/shared/cacert.crt;
|
||||||
ssl_verify_client optional;
|
ssl_verify_client optional;
|
||||||
ssl_crl /var/www/fic-server/misc/shared/crl.pem;
|
ssl_crl /var/www/fic-server/shared/crl.pem;
|
||||||
|
|
||||||
add_header Strict-Transport-Security "max-age=2592000; includeSubdomains";
|
add_header Strict-Transport-Security "max-age=2592000; includeSubdomains";
|
||||||
add_header X-Frame-Options DENY;
|
add_header X-Frame-Options DENY;
|
||||||
|
@ -46,7 +46,7 @@ server {
|
||||||
|
|
||||||
set $team 0;
|
set $team 0;
|
||||||
|
|
||||||
include /var/www/fic-server/misc/shared/nginx-teams.conf;
|
include /var/www/fic-server/shared/nginx-teams.conf;
|
||||||
|
|
||||||
if ($team) {
|
if ($team) {
|
||||||
root /var/www/fic-server/out/teams/$team$1;
|
root /var/www/fic-server/out/teams/$team$1;
|
||||||
|
|
|
@ -184,7 +184,7 @@ sub manage
|
||||||
elsif (/^RT(E(A(M(S)?)?)?)?/)
|
elsif (/^RT(E(A(M(S)?)?)?)?/)
|
||||||
{
|
{
|
||||||
if (-x "nginx_gen_team.sh") {
|
if (-x "nginx_gen_team.sh") {
|
||||||
qx(./nginx_gen_team.sh > ./misc/shared/nginx-teams.conf)
|
qx(./nginx_gen_team.sh > ./shared/nginx-teams.conf)
|
||||||
} else {
|
} else {
|
||||||
say "Unable to find nginx_gen_team.sh"
|
say "Unable to find nginx_gen_team.sh"
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,8 +2,8 @@ server {
|
||||||
listen 443 ssl;
|
listen 443 ssl;
|
||||||
listen [::]:443 ipv6only=on ssl;
|
listen [::]:443 ipv6only=on ssl;
|
||||||
|
|
||||||
ssl_certificate /var/www/fic-server/misc/shared/server.crt;
|
ssl_certificate /var/www/fic-server/shared/server.crt;
|
||||||
ssl_certificate_key /var/www/fic-server/misc/shared/server.key;
|
ssl_certificate_key /var/www/fic-server/shared/server.key;
|
||||||
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
|
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
|
||||||
ssl_prefer_server_ciphers on;
|
ssl_prefer_server_ciphers on;
|
||||||
# ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:!ADH:!AECDH:!MD5:!DSS;
|
# ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:!ADH:!AECDH:!MD5:!DSS;
|
||||||
|
|
|
@ -3,7 +3,7 @@
|
||||||
<config match="index.php">
|
<config match="index.php">
|
||||||
<var name="end_challenge">1386827772</var>
|
<var name="end_challenge">1386827772</var>
|
||||||
<var name="files_dir">/var/www/fic-server/files/</var>
|
<var name="files_dir">/var/www/fic-server/files/</var>
|
||||||
<var name="misc_dir">/var/www/fic-server/misc/</var>
|
<var name="misc_dir">/var/www/fic-server/</var>
|
||||||
<var name="submission_dir">/var/www/fic-server/submission/</var>
|
<var name="submission_dir">/var/www/fic-server/submission/</var>
|
||||||
<var name="scheduler_socket">/tmp/scheduler.sock</var>
|
<var name="scheduler_socket">/tmp/scheduler.sock</var>
|
||||||
<var name="prefix_public">challenge-public</var>
|
<var name="prefix_public">challenge-public</var>
|
||||||
|
|
|
@ -9,12 +9,12 @@ if (count($p) > 2)
|
||||||
switch($p[2])
|
switch($p[2])
|
||||||
{
|
{
|
||||||
case "start":
|
case "start":
|
||||||
file_put_contents($VAR["misc_dir"]."/challenge_started", time() + (intval($_POST["time"]) - 240) * 60);
|
file_put_contents($VAR["misc_dir"]."/shared/challenge_started", time() + (intval($_POST["time"]) - 240) * 60);
|
||||||
pipe_backend_scheduler("resetreset:HOME:all:SY");
|
pipe_backend_scheduler("resetreset:HOME:all:SY");
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case "init":
|
case "init":
|
||||||
unlink($VAR["misc_dir"]."/challenge_started");
|
unlink($VAR["misc_dir"]."/shared/challenge_started");
|
||||||
pipe_backend_scheduler("resetreset:HOME:all:SY");
|
pipe_backend_scheduler("resetreset:HOME:all:SY");
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
|
@ -5,9 +5,9 @@ if(!defined('ONYX')) exit;
|
||||||
if (isset($VAR['misc_dir']))
|
if (isset($VAR['misc_dir']))
|
||||||
{
|
{
|
||||||
$misc_dir = $VAR['misc_dir'];
|
$misc_dir = $VAR['misc_dir'];
|
||||||
if (!is_writable($misc_dir))
|
if (!is_writable("$misc_dir/shared"))
|
||||||
{
|
{
|
||||||
erreur("Dossier misc/ non accessible en écriture. (<i>$misc_dir</i>)");
|
erreur("Dossier shared/ non accessible en écriture. (<i>$misc_dir</i>)");
|
||||||
return "admin/home";
|
return "admin/home";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -15,9 +15,9 @@ $template = new Template();
|
||||||
|
|
||||||
$template->assign("ERRmessage", false);
|
$template->assign("ERRmessage", false);
|
||||||
|
|
||||||
if (is_file($VAR["misc_dir"]."/challenge_started"))
|
if (is_file($VAR["misc_dir"]."/shared/challenge_started"))
|
||||||
{
|
{
|
||||||
$VAR["start_challenge"] = intval(file_get_contents($VAR["misc_dir"]."/challenge_started"));
|
$VAR["start_challenge"] = intval(file_get_contents($VAR["misc_dir"]."/shared/challenge_started"));
|
||||||
$VAR["end_challenge"] = $VAR["start_challenge"] + 14400;
|
$VAR["end_challenge"] = $VAR["start_challenge"] + 14400;
|
||||||
$template->assign("END", $VAR['end_challenge']);
|
$template->assign("END", $VAR['end_challenge']);
|
||||||
}
|
}
|
||||||
|
|
|
@ -3,10 +3,10 @@
|
||||||
cd $(dirname "$0")
|
cd $(dirname "$0")
|
||||||
|
|
||||||
if [ -z "${PKI_BASEDIR}" ]; then
|
if [ -z "${PKI_BASEDIR}" ]; then
|
||||||
PKI_BASEDIR=pki
|
PKI_BASEDIR=$(dirname `pwd`) # equivalent to $(realpath `pwd`/..
|
||||||
fi
|
fi
|
||||||
|
|
||||||
PKI_DIR=${PKI_BASEDIR}/pki
|
PKI_DIR=${PKI_BASEDIR}/PKI
|
||||||
SHARED_DIR=${PKI_BASEDIR}/shared
|
SHARED_DIR=${PKI_BASEDIR}/shared
|
||||||
OPENSSL_CONF=`pwd`/openssl.cnf
|
OPENSSL_CONF=`pwd`/openssl.cnf
|
||||||
|
|
||||||
|
|
|
@ -39,7 +39,7 @@ default_ca = CA_default # The default ca section
|
||||||
####################################################################
|
####################################################################
|
||||||
[ CA_default ]
|
[ CA_default ]
|
||||||
|
|
||||||
dir = /var/www/fic-server/misc//pki #DIR # Where everything is kept
|
dir = /var/www/fic-server/pki #DIR # Where everything is kept
|
||||||
certs = $dir/certs # Where the issued certs are kept
|
certs = $dir/certs # Where the issued certs are kept
|
||||||
crl_dir = $dir/crl # Where the issued crl are kept
|
crl_dir = $dir/crl # Where the issued crl are kept
|
||||||
database = $dir/index.txt # database index file.
|
database = $dir/index.txt # database index file.
|
||||||
|
|
|
@ -23,7 +23,7 @@ fi
|
||||||
# Synchronize HTML pages
|
# Synchronize HTML pages
|
||||||
rsync -e ssh -av $OPTS out "$FRONTEND_HOSTNAME":~/
|
rsync -e ssh -av $OPTS out "$FRONTEND_HOSTNAME":~/
|
||||||
rsync -e ssh -avL $OPTS files "$FRONTEND_HOSTNAME":~/
|
rsync -e ssh -avL $OPTS files "$FRONTEND_HOSTNAME":~/
|
||||||
rsync -e ssh -av $OPTS front/ misc/shared/ "$FRONTEND_HOSTNAME":~/
|
rsync -e ssh -av $OPTS front/ shared/ "$FRONTEND_HOSTNAME":~/
|
||||||
|
|
||||||
# Synchronize submissions
|
# Synchronize submissions
|
||||||
rsync -e ssh -av "$FRONTEND_HOSTNAME":~/submission/ submission/
|
rsync -e ssh -av "$FRONTEND_HOSTNAME":~/submission/ submission/
|
||||||
|
|
Loading…
Reference in New Issue
Block a user