wbrawner/server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
51570 commits 157 branches 562 tags 714 MiB
Commit graph

65 commits

Author SHA1 Message Date
MichaIng
4384806f61
Merge branch 'master' into patch-1 2019-12-04 12:42:55 +01:00
Roeland Jago Douma
c106a9d293
Set last-password-confirmation for setup 
Else you have to enter your password directly after setup if you do
anything admin worthy.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2019-12-03 19:31:31 +01:00
Arthur Schiwon
cdf8c16942
reformat Setup.php 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2019-11-25 14:01:25 +01:00
Arthur Schiwon
7ff15c9756
fix documentation, get and createGroup may return null 
* also have stricter checks in place

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2019-11-25 14:01:25 +01:00
MichaIng
5afd7abf44
Add missing newlines to .htaccess 
Signed-off-by: MichaIng <micha@dietpi.com>
 2019-10-31 20:15:49 +01:00
MichaIng
c7e66ec848
Add "Order" to assure that no parental "Allow" can grant access 
Signed-off-by: MichaIng <micha@dietpi.com>
 2019-09-26 12:38:58 +02:00
MichaIng
51a35bb1cb
Minor syntax 
+ Use Apache syntax with cases according to official docs: https://github.com/nextcloud/server/pull/16792/files#r315207691
+ Add missing whitespace for concatenating strings to variable: https://github.com/nextcloud/server/pull/16792/files#r315207520
+ Apache 2.5 will be released as 2.6: https://github.com/nextcloud/server/pull/16792/files#r315206147

Signed-off-by: Micha Felle <micha@dietpi.com>
 2019-08-19 15:50:48 +02:00
MichaIng
01b558c8b4
Update lib/private/Setup.php 
+ Remove unnecessary spaces from code

Co-Authored-By: Daniel Kesselberg <mail@danielkesselberg.de>
 2019-08-19 15:29:48 +02:00
MichaIng
dcbf8fa8e3
Harden data protection .htaccess 
+ Set "Satisfy All" whenever available, as well on Apache 2.4+. This is required to override possible "Satisfy Any" on parent dir, which otherwise would allow direct access to data, regardless of "Require" directive.
+ Set "Deny from all" as well whenever available, to block access regardless of which access control directive takes priority.
+ Assume Apache 2.2 only, if mod_authz_core and mod_access_compat are both not available, to avoid doubled directives. In this case set "Deny from all" directive only if the providing mod_authz_host module is available. "Satisfy" is a core directive on Apache 2.2.
+ Update Apache version strings. Regarding the used directives/modules, Apache 2.4 and 2.5 behave the same.
+ Add ordering spaces to better reflect the nested directives and to match style of other .htaccess files.

Fixes: https://github.com/nextcloud/server/issues/6449

Signed-off-by: Micha Felle <micha@dietpi.com>
 2019-08-19 15:09:44 +02:00
Julius Härtl
3ef1780646
Allow to access source maps on apache 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2019-06-19 09:54:49 +02:00
Bjoern Schiessle
bdf48d8b4e
make sure that the ocm end-point discovery /ocm-provider is not redirected to the index.php 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2019-02-20 10:35:14 +01:00
Julius Härtl
b9f2ce2796
Fix loading of .woff2 files in .htaccess 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2018-11-18 11:02:20 +01:00
Morris Jobke
8ede3f6346
Merge pull request #11446 from nextcloud/bugfix/10678/pretty-urls-dont-work 
Allow overwrite.cli.url without trailing slash
 2018-10-02 23:39:30 +02:00
Daniel Kesselberg
a4eb3ee508
Validate email in occ command 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2018-10-02 22:24:30 +02:00
Daniel Kesselberg
13877c2d20
Use setUserValue instead setEMailAddress because latter omits an changeUser events. 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2018-10-02 22:24:30 +02:00
Daniel Kesselberg
6c805ec9ba
Add --admin-email to cli installer 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2018-10-02 22:24:30 +02:00
Daniel Kesselberg
c275beeceb
Allow url without / for overwrite.cli.url 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2018-09-28 22:32:19 +02:00
Daniel Kesselberg
3b7ac0c94d
Change visibility to private 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2018-09-13 12:24:06 +02:00
Daniel Kesselberg
603a578a1c
Change return false to throw new 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2018-09-10 22:45:40 +02:00
Daniel Kesselberg
62c03beb1d
Extract logic for webroot into method and add test 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2018-09-10 22:33:35 +02:00
Roeland Jago Douma
253f962241
Add the job 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-05-14 13:25:55 +02:00
Dan Callahan
8797590099
Correct mistaken regex wildcard in .htaccess 
Fixes #8578

Signed-off-by: Dan Callahan <dan.callahan@gmail.com>
 2018-02-28 13:50:54 +00:00
Morris Jobke
4ee539fde8
Fix proper overwrite URL on CLI install 
* regression from #7835

Steps

* having a my.config.php with a proper `overwrite.cli.url` and `htaccess.RewriteBase` set
* install with this
* before: short URLs where broken and you need to call `occ maintenance:update:htaccess` additionally to fix this
* after: occ install results in a proper htaccess like on stable13

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2018-02-07 11:40:35 +01:00
Robert Scheck
7583615bab Handle SSL certificate verifications for others than Let's Encrypt 
Do no longer (wrongly) rewrite URLs like

  * http://example.net/.well-known/pki-validation/file.txt (Comodo)
  * http://example.net/.well-known/pki-validation/fileauth.txt (DigiCert, Thawte, GeoTrust)
  * http://example.net/.well-known/pki-validation/gsdv.txt (GlobalSign)
  * http://example.net/.well-known/pki-validation/starfield.htm (Starfield, GoDaddy)
  * http://example.net/.well-known/pki-validation/swisssign-check.txt (SwissSign)

for automated SSL certificate verifications. All (common commercial)
certificate authorities (CA) except Let's Encrypt (via ACME) seem to
use "pki-validation" rather "acme-challenge" for their domain control
validation (DCV).

Signed-off-by: Robert Scheck <robert@fedoraproject.org>
 2018-02-05 15:33:42 +01:00
Morris Jobke
82869b6d81
Fix case when overwrite URL is empty during setup 
Found while testing strict typing for PHP 7+.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2018-01-15 11:15:38 +01:00
Morris Jobke
0e2f00ec59
Get the Installer via DI 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-11-25 12:00:57 +01:00
Morris Jobke
732c951ae1
Revert "Only allow colons in db host for IPv6 addresses" 
This reverts commit 1287d6ddb3.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-11-08 10:47:35 +01:00
Morris Jobke
4866314ce0
Run updated license header updater 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-11-07 13:47:42 +01:00
Morris Jobke
0eebff152a
Update license headers 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-11-06 16:56:19 +01:00
Roeland Jago Douma
e2139d4b56
Add logrote as a default background job 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-10-24 08:28:06 +02:00
Joas Schilling
fe3b2385ab
Code clean up 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-09-26 14:27:42 +02:00
Joas Schilling
1287d6ddb3
Only allow colons in db host for IPv6 addresses 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-09-26 14:20:04 +02:00
Roeland Jago Douma
ede15f0988
Fix L10N::t 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-08-01 08:20:17 +02:00
Morris Jobke
0de90cfc67 Fix 403 and 404 redirect 
* Nextcloud is not properly loaded in the standalone version (especially the theming)
* it is already not listed anymore in the Nginx config (see nextcloud/documentation#392)
* the index.php-free version doesn't support this

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-07-26 16:30:09 +02:00
Joas Schilling
5e04254d40
Install from migrations 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-07-25 12:47:37 +02:00
Joas Schilling
15eec7b83c Start migrations 
Fixme:
- Install and update of apps
- No revert on live systems (debug only)
- Service adjustment to our interface
- Loading via autoloader

Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-07-05 13:01:19 +02:00
Lukas Reschke
ccd0ded812
Don't redirect requests to /core/img/manifest.json 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-05-09 00:02:37 +02:00
Lukas Reschke
47cd976035
Add app bundles 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-04-26 20:07:49 +02:00
Morris Jobke
5b4adf66e5
Move OC_Defaults to OCP\Defaults 
* currently there are two ways to access default values:
  OCP\Defaults or OC_Defaults (which is extended by
  OCA\Theming\ThemingDefaults)
* our code used a mixture of both of them, which made
  it hard to work on theme values
* this extended the public interface with the missing
  methods and uses them everywhere to only rely on the
  public interface

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-04-09 21:43:01 -05:00
Morris Jobke
edd55b0ea9
Use SystemConfig instead of AllConfig for DB stuff 
* preparation for followup PRs to clean up the DB bootstrapping

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-03-19 15:53:49 -06:00
Morris Jobke
d99ce3971b
Namespace and array syntax fixes 
* minor fixes in preparation of a bigger DB and config PR

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-03-19 14:52:54 -06:00
Frank Isemann
3c18096812 Serve robots.txt if the RewriteBase is configured 2017-03-06 21:55:29 +01:00
KB7777
7347849bf9 Update Setup.php 2017-02-24 12:13:26 +01:00
Morris Jobke
254c98bb9e Merge pull request #3576 from robert-scheck/timezone 
According to issue #3553, the default logtimezone is always UTC
 2017-02-23 15:36:50 -06:00
Robert Scheck
568ff4ba38 According to issue #3553, the default logtimezone is always UTC 
Signed-off-by: Robert Scheck <robert@fedoraproject.org>
 2017-02-23 00:15:45 +01:00
Robert Scheck
25a2cb8c6e Only request "IndexIgnore" if mod_autoindex is loaded 
Signed-off-by: Robert Scheck <robert@fedoraproject.org>
 2017-02-20 13:09:15 +01:00
Morris Jobke
d548329543
Set vendor during install 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-02-09 23:37:00 -06:00
Morris Jobke
4536ead454
Remove useless dependency on SQLite (non-PDO) 
* we only require the PDO driver
* fixes #481

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-01-25 22:23:05 -06:00
Thomas Müller
506ccdbd8d
Introduce an event for first time login based on the last login time stamp 
Use firstLogin event to trigger creation of default calendar and default address book

Delay login of admin user after setup so that firstLogin event can properly be processed for the admin

Fixing tests ...

Skeleton files are not copied over -> only 3 cache entries are remaining

Use updateLastLoginTimestamp to properly setup lastLogin value for a test user
 2016-11-14 14:50:10 +01:00
Joas Schilling
4b26d7d86a
Update docs 2016-09-13 10:51:48 +02:00