Remove misc directory
This commit is contained in:
parent
a67912e89e
commit
8cab91f51a
1
.gitignore
vendored
1
.gitignore
vendored
@ -9,5 +9,4 @@ onyx/config/root.xml
|
||||
onyx/db/*.profile.php
|
||||
onyx/tpl/*/*.html
|
||||
submission/*
|
||||
misc/openssl.cnf
|
||||
libmcrypt-perl_2.5.7.0-1_amd64.deb
|
||||
|
19
Dockerfile
19
Dockerfile
@ -24,11 +24,11 @@ RUN apt-get -y update && \
|
||||
&& \
|
||||
apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
|
||||
|
||||
RUN useradd -d /var/www/fic-server/misc/ -M -N -g www-data synchro
|
||||
RUN useradd -d /var/www/fic-server -M -N -g www-data synchro
|
||||
|
||||
# Copying files #######################################################
|
||||
|
||||
WORKDIR /var/www/fic-server/misc
|
||||
WORKDIR /var/www/fic-server
|
||||
|
||||
ADD . /var/www/fic-server/
|
||||
|
||||
@ -49,22 +49,17 @@ RUN ln -sf /var/www/fic-server/onyx/config/sample.root.xml /var/www/fic-server/o
|
||||
# ENVIRONNEMENT #######################################################
|
||||
|
||||
EXPOSE 80/tcp 443/tcp
|
||||
VOLUME ["/var/www/fic-server/out","/var/www/fic-server/files","/var/www/fic-server/submission","/var/www/fic-server/misc/shared"]
|
||||
VOLUME ["/var/www/fic-server/out","/var/www/fic-server/files","/var/www/fic-server/submission","/var/www/fic-server/shared"]
|
||||
|
||||
CMD mkdir -p /var/www/fic-server/logs; \
|
||||
chown -R www-data:www-data /var/www/fic-server/misc; \
|
||||
chown -R www-data:www-data /var/www/fic-server/shared /var/www/fic-server/PKI; \
|
||||
chown -R synchro:www-data /var/www/fic-server/submission /var/www/fic-server/logs /var/www/fic-server/out; \
|
||||
chmod 660 /var/www/fic-server/submission; \
|
||||
if ! [ -f server.crt ]; \
|
||||
then \
|
||||
bash ./CA.sh -newserver; \
|
||||
fi; \
|
||||
bash ./CA.sh -gencrl && \
|
||||
service nginx start && \
|
||||
service php5-fpm start && \
|
||||
service mysql start && \
|
||||
../nginx_gen_team.sh > ../misc/shared/nginx-teams.conf && \
|
||||
./nginx_gen_team.sh > ./shared/nginx-teams.conf && \
|
||||
echo 'Copying files...' && \
|
||||
../gen_hash_link_files.sh --copy ../files-in ../files; \
|
||||
(../launch_local.sh &); \
|
||||
./gen_hash_link_files.sh --copy ./files-in ./files; \
|
||||
(./launch_local.sh &); \
|
||||
/bin/bash
|
||||
|
12
README.md
12
README.md
@ -30,7 +30,7 @@ characters. This key is used to generate the server certificate.
|
||||
When you see:
|
||||
|
||||
```
|
||||
root@xxxxxxxxxxxx:/var/www/fic-server/misc#
|
||||
root@xxxxxxxxxxxx:/var/www/fic-server#
|
||||
```
|
||||
|
||||
congratulations, the container is running!
|
||||
@ -99,11 +99,11 @@ CONNTRACK states.
|
||||
|
||||
Main Docker backend container relies on several other container:
|
||||
|
||||
* MySQL database ;
|
||||
* Database storage (as data only container) ;
|
||||
* PKI storage ;
|
||||
* PKI shared storage ;
|
||||
* challenge files containers ;
|
||||
* MySQL database;
|
||||
* Database storage (as data only container);
|
||||
* PKI storage;
|
||||
* PKI shared storage;
|
||||
* challenge files containers;
|
||||
* the backend.
|
||||
|
||||
To have a fully working backend:
|
||||
|
@ -20,7 +20,8 @@ then
|
||||
|
||||
mysqldump -u backup --password="$BCKP_PASS" fic > "$TO_BCKP"/db/`date +%Y%m%d-%H%M`.sql
|
||||
|
||||
rsync -avL misc "$TO_BCKP"
|
||||
rsync -avL shared "$TO_BCKP"
|
||||
rsync -avL pki "$TO_BCKP"
|
||||
rsync -avL .git "$TO_BCKP"
|
||||
rsync -avL logs "$TO_BCKP"
|
||||
rsync -avL /var/log "$TO_BCKP"
|
||||
|
4
check.pl
4
check.pl
@ -63,9 +63,9 @@ for my $p (<$conf>)
|
||||
close $conf;
|
||||
|
||||
my $end_time = 1999999999;
|
||||
if (-f "$root/misc/challenge_started")
|
||||
if (-f "$root/shared/challenge_started")
|
||||
{
|
||||
open my $conf, "<", "$root/misc/challenge_started";
|
||||
open my $conf, "<", "$root/shared/challenge_started";
|
||||
$end_time = <$conf>;
|
||||
close $conf;
|
||||
chomp($end_time);
|
||||
|
@ -18,15 +18,15 @@ server {
|
||||
access_log /var/log/nginx/fic.access_log;
|
||||
error_log /var/log/nginx/fic.error_log;
|
||||
|
||||
ssl_certificate /var/www/fic-server/misc/shared/server.crt;
|
||||
ssl_certificate_key /var/www/fic-server/misc/shared/server.key;
|
||||
ssl_certificate /var/www/fic-server/shared/server.crt;
|
||||
ssl_certificate_key /var/www/fic-server/shared/server.key;
|
||||
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
|
||||
ssl_prefer_server_ciphers on;
|
||||
# ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:!ADH:!AECDH:!MD5:!DSS;
|
||||
ssl_ciphers AES256+EECDH:AES256+EDH;
|
||||
ssl_client_certificate /var/www/fic-server/misc/shared/cacert.crt;
|
||||
ssl_client_certificate /var/www/fic-server/shared/cacert.crt;
|
||||
ssl_verify_client optional;
|
||||
ssl_crl /var/www/fic-server/misc/shared/crl.pem;
|
||||
ssl_crl /var/www/fic-server/shared/crl.pem;
|
||||
|
||||
add_header Strict-Transport-Security "max-age=2592000; includeSubdomains";
|
||||
add_header X-Frame-Options DENY;
|
||||
@ -46,7 +46,7 @@ server {
|
||||
|
||||
set $team 0;
|
||||
|
||||
include /var/www/fic-server/misc/shared/nginx-teams.conf;
|
||||
include /var/www/fic-server/shared/nginx-teams.conf;
|
||||
|
||||
if ($team) {
|
||||
root /var/www/fic-server/out/teams/$team$1;
|
||||
|
@ -184,7 +184,7 @@ sub manage
|
||||
elsif (/^RT(E(A(M(S)?)?)?)?/)
|
||||
{
|
||||
if (-x "nginx_gen_team.sh") {
|
||||
qx(./nginx_gen_team.sh > ./misc/shared/nginx-teams.conf)
|
||||
qx(./nginx_gen_team.sh > ./shared/nginx-teams.conf)
|
||||
} else {
|
||||
say "Unable to find nginx_gen_team.sh"
|
||||
}
|
||||
|
@ -2,8 +2,8 @@ server {
|
||||
listen 443 ssl;
|
||||
listen [::]:443 ipv6only=on ssl;
|
||||
|
||||
ssl_certificate /var/www/fic-server/misc/shared/server.crt;
|
||||
ssl_certificate_key /var/www/fic-server/misc/shared/server.key;
|
||||
ssl_certificate /var/www/fic-server/shared/server.crt;
|
||||
ssl_certificate_key /var/www/fic-server/shared/server.key;
|
||||
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
|
||||
ssl_prefer_server_ciphers on;
|
||||
# ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:!ADH:!AECDH:!MD5:!DSS;
|
||||
|
@ -3,7 +3,7 @@
|
||||
<config match="index.php">
|
||||
<var name="end_challenge">1386827772</var>
|
||||
<var name="files_dir">/var/www/fic-server/files/</var>
|
||||
<var name="misc_dir">/var/www/fic-server/misc/</var>
|
||||
<var name="misc_dir">/var/www/fic-server/</var>
|
||||
<var name="submission_dir">/var/www/fic-server/submission/</var>
|
||||
<var name="scheduler_socket">/tmp/scheduler.sock</var>
|
||||
<var name="prefix_public">challenge-public</var>
|
||||
|
@ -9,12 +9,12 @@ if (count($p) > 2)
|
||||
switch($p[2])
|
||||
{
|
||||
case "start":
|
||||
file_put_contents($VAR["misc_dir"]."/challenge_started", time() + (intval($_POST["time"]) - 240) * 60);
|
||||
file_put_contents($VAR["misc_dir"]."/shared/challenge_started", time() + (intval($_POST["time"]) - 240) * 60);
|
||||
pipe_backend_scheduler("resetreset:HOME:all:SY");
|
||||
break;
|
||||
|
||||
case "init":
|
||||
unlink($VAR["misc_dir"]."/challenge_started");
|
||||
unlink($VAR["misc_dir"]."/shared/challenge_started");
|
||||
pipe_backend_scheduler("resetreset:HOME:all:SY");
|
||||
break;
|
||||
}
|
||||
|
@ -5,9 +5,9 @@ if(!defined('ONYX')) exit;
|
||||
if (isset($VAR['misc_dir']))
|
||||
{
|
||||
$misc_dir = $VAR['misc_dir'];
|
||||
if (!is_writable($misc_dir))
|
||||
if (!is_writable("$misc_dir/shared"))
|
||||
{
|
||||
erreur("Dossier misc/ non accessible en écriture. (<i>$misc_dir</i>)");
|
||||
erreur("Dossier shared/ non accessible en écriture. (<i>$misc_dir</i>)");
|
||||
return "admin/home";
|
||||
}
|
||||
}
|
||||
|
@ -15,9 +15,9 @@ $template = new Template();
|
||||
|
||||
$template->assign("ERRmessage", false);
|
||||
|
||||
if (is_file($VAR["misc_dir"]."/challenge_started"))
|
||||
if (is_file($VAR["misc_dir"]."/shared/challenge_started"))
|
||||
{
|
||||
$VAR["start_challenge"] = intval(file_get_contents($VAR["misc_dir"]."/challenge_started"));
|
||||
$VAR["start_challenge"] = intval(file_get_contents($VAR["misc_dir"]."/shared/challenge_started"));
|
||||
$VAR["end_challenge"] = $VAR["start_challenge"] + 14400;
|
||||
$template->assign("END", $VAR['end_challenge']);
|
||||
}
|
||||
|
@ -3,10 +3,10 @@
|
||||
cd $(dirname "$0")
|
||||
|
||||
if [ -z "${PKI_BASEDIR}" ]; then
|
||||
PKI_BASEDIR=pki
|
||||
PKI_BASEDIR=$(dirname `pwd`) # equivalent to $(realpath `pwd`/..
|
||||
fi
|
||||
|
||||
PKI_DIR=${PKI_BASEDIR}/pki
|
||||
PKI_DIR=${PKI_BASEDIR}/PKI
|
||||
SHARED_DIR=${PKI_BASEDIR}/shared
|
||||
OPENSSL_CONF=`pwd`/openssl.cnf
|
||||
|
||||
|
@ -39,7 +39,7 @@ default_ca = CA_default # The default ca section
|
||||
####################################################################
|
||||
[ CA_default ]
|
||||
|
||||
dir = /var/www/fic-server/misc//pki #DIR # Where everything is kept
|
||||
dir = /var/www/fic-server/pki #DIR # Where everything is kept
|
||||
certs = $dir/certs # Where the issued certs are kept
|
||||
crl_dir = $dir/crl # Where the issued crl are kept
|
||||
database = $dir/index.txt # database index file.
|
||||
|
@ -23,7 +23,7 @@ fi
|
||||
# Synchronize HTML pages
|
||||
rsync -e ssh -av $OPTS out "$FRONTEND_HOSTNAME":~/
|
||||
rsync -e ssh -avL $OPTS files "$FRONTEND_HOSTNAME":~/
|
||||
rsync -e ssh -av $OPTS front/ misc/shared/ "$FRONTEND_HOSTNAME":~/
|
||||
rsync -e ssh -av $OPTS front/ shared/ "$FRONTEND_HOSTNAME":~/
|
||||
|
||||
# Synchronize submissions
|
||||
rsync -e ssh -av "$FRONTEND_HOSTNAME":~/submission/ submission/
|
||||
|
Loading…
Reference in New Issue
Block a user