External-Mirrors/nextcloudpi
2
0
Fork 0
mirror of https://github.com/nextcloud/nextcloudpi.git synced 2026-01-10 15:12:01 -03:30
Code Issues Packages Projects Releases Wiki Activity

added ncp-web

Browse Source
This commit is contained in:
nachoparker 2017-07-13 23:43:13 +02:00
parent c0a69703ae
commit 41e71b4cbb
15 changed files with 1493 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
batch.sh
View File

@ -30,7 +30,7 @@ NO_HALT_STEP=1 ./installer.sh prepare.sh $IP $IMGBASE ||
./installer.sh $NC_INSTALL $IP $( ls -1t *.img | head -1 ) || exit 1
./installer.sh $NC_CONFIG $IP $( ls -1t *.img | head -1 ) || exit 1
./installer.sh nextcloudpi.sh $IP $( ls -1t *.img | head -1 ) || exit 1
# ./installer.sh test-devel.sh $IP $( ls -1t *.img | head -1 ) || exit 1
# ./installer.sh build-devel.sh $IP $( ls -1t *.img | head -1 ) || exit 1
IMGFILE=$( ls -1t *.img | head -1 )
IMGNAME=$( basename "$IMGFILE" _base_prepare_lamp_nc-nextcloud_nc-init_nextcloudpi.img )

8
etc/library.sh
View File

@ -204,11 +204,17 @@ function install_script()
}
function activate_script()
{
local SCRIPT=$1
echo -e "Activating \e[1m$( basename $SCRIPT .sh )\e[0m"
launch_script $SCRIPT
}
function launch_script()
{
(
local SCRIPT=$1
source ./$SCRIPT
echo -e "Activating \e[1m$( basename $SCRIPT .sh )\e[0m"
set +x
configure
)

18
etc/nextcloudpi-config.d/nc-nextcloud.sh
View File

@ -116,14 +116,14 @@ EOF
chown ${rootuser}:${htgroup} ${ocpath}/data/.htaccess
fi
# create and configure opcache dir
OPCACHEDIR=/var/www/nextcloud/data/.opcache
sed -i "s|^opcache.file_cache=.*|opcache.file_cache=$OPCACHEDIR|" /etc/php/7.0/mods-available/opcache.ini
mkdir -p $OPCACHEDIR
chown -R www-data:www-data $OPCACHEDIR
# create and configure opcache dir
OPCACHEDIR=/var/www/nextcloud/data/.opcache
sed -i "s|^opcache.file_cache=.*|opcache.file_cache=$OPCACHEDIR|" /etc/php/7.0/mods-available/opcache.ini
mkdir -p $OPCACHEDIR
chown -R www-data:www-data $OPCACHEDIR
## SET APACHE VHOST
cat > /etc/apache2/sites-available/nextcloud.conf <<'EOF'
## SET APACHE VHOST
cat > /etc/apache2/sites-available/nextcloud.conf <<'EOF'
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
DocumentRoot /var/www/nextcloud
@ -144,10 +144,10 @@ EOF
</Directory>
</IfModule>
EOF
a2ensite nextcloud
a2ensite nextcloud
echo "Setting up Apache..."
cat > /etc/apache2/sites-available/000-default.conf <<'EOF'
cat > /etc/apache2/sites-available/000-default.conf <<'EOF'
<VirtualHost _default_:80>
DocumentRoot /var/www/nextcloud
<IfModule mod_rewrite.c>

50
ncp-web/csrf.php Normal file
View File

@ -0,0 +1,50 @@
<?php
///
// NextcloudPi Web Panel CSRF protection library
//
// Inspired by http://blog.ircmaxell.com/2013/02/preventing-csrf-attacks.html
//
// Copyleft 2017 by Ignacio Nunez Hernanz <nacho _a_t_ ownyourbits _d_o_t_ com>
// GPL licensed (see end of file) * Use at your own risk!
//
// More at https://ownyourbits.com/2017/02/13/nextcloud-ready-raspberry-pi-image/
///
function getCSRFToken()
{
$nonce = base64_encode( random_bytes(32) );
if (empty($_SESSION['csrf_tokens']))
$_SESSION['csrf_tokens'] = array();
$_SESSION['csrf_tokens'][$nonce] = true;
return $nonce;
}
function validateCSRFToken($token)
{
if (isset($_SESSION['csrf_tokens'][$token]))
{
unset($_SESSION['csrf_tokens'][$token]);
return true;
}
return false;
}
// License
//
// This script is free software; you can redistribute it and/or modify it
// under the terms of the GNU General Public License as published by
// the Free Software Foundation; either version 2 of the License, or
// (at your option) any later version.
//
// This script is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this script; if not, write to the
// Free Software Foundation, Inc., 59 Temple Place, Suite 330,
// Boston, MA 02111-1307 USA
?>

BIN
ncp-web/favicon.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.8 KiB

130
ncp-web/index.php Normal file
View File

@ -0,0 +1,130 @@
<!--
NextcloudPi Web Panel javascript library
Copyleft 2017 by Ignacio Nunez Hernanz <nacho _a_t_ ownyourbits _d_o_t_ com>
GPL licensed (see end of file) * Use at your own risk!
More at https://ownyourbits.com/2017/02/13/nextcloud-ready-raspberry-pi-image/
-->
<!DOCTYPE html>
<html class="ng-csp" data-placeholder-focus="false" lang="en" >
<head>
<meta charset="utf-8">
<title>NextCloudPi Panel</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
<meta name="referrer" content="never">
<meta name="viewport" content="width=device-width, initial-scale=1.0, minimum-scale=1.0, maximum-scale=1.0">
<meta name="mobile-web-app-capable" content="yes">
<?php
session_start();
// security headers
header("Content-Security-Policy: default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self';");
header("X-XSS-Protection: 1; mode=block");
header("X-Content-Type-Options: nosniff");
header("X-Robots-Tag: none");
header("X-Permitted-Cross-Domain-Policies: none");
header("X-Frame-Options: DENY");
header("Cache-Control: max-age=15778463");
ini_set('session.cookie_httponly', 1);
if ( isset($_SERVER['HTTPS']) )
ini_set('session.cookie_secure', 1);
// HTTP2 push headers
header("Link: </minified.js>; rel=preload; as=script;,</ncp.js>; rel=preload; as=script;,</ncp.css>; rel=preload; as=style;,</ncp-logo.png>; rel=preload; as=image;, </loading-small.gif>; rel=preload; as=image;, rel=preconnect href=ncp-launcher.php;");
?>
<link rel="icon" type="image/png" href="favicon.png" />
<link rel="stylesheet" href="ncp.css">
</head>
<body id="body-user">
<noscript>
<div id="nojavascript"> <div>This application requires JavaScript for correct operation. Please <a href="http://enable-javascript.com/" target="_blank" rel="noreferrer">enable JavaScript</a> and reload the page. </div> </div>
</noscript>
<div id="notification-container">
<div id="notification"></div>
</div>
<header role="banner"><div id="header">
<div id="header-left">
<a href="https://ownyourbits.com/2017/02/13/nextcloud-ready-raspberry-pi-image/"
id="nextcloudpi" tabindex="1" target="_blank">
<div class="logo-icon">
<h1 class="hidden-visually">NextCloudPi</h1>
</div>
</a>
</div>
</header>
<div id="content-wrapper">
<div id="content" class="app-files" role="main">
<div id="app-navigation">
<ul id="ncp-options">
<?php
// fill options with contents from directory
$path = '/usr/local/etc/nextcloudpi-config.d/';
$files = array_diff(scandir($path), array('.', '..','nc-wifi.sh'));
foreach($files as $file)
{
$script = pathinfo( $file , PATHINFO_FILENAME );
$fh = fopen( $path . $file ,'r');
while ($line = fgets($fh))
if ( preg_match('/^DESCRIPTION="(.*)"$/', $line, $matches) )
{
echo "<li id=\"$script\" class=\"nav-recent\">";
echo "<a href=\"#\"> $script </a>";
echo "<input type=\"hidden\" value=\"$matches[1]\" />";
echo "</li>";
}
fclose($fh);
}
?>
</ul>
</div>
<div id="app-content">
<h2 id="config-box-title">Configure NextCloudPi features</h2>
<br/>
<div id="config-box-wrapper" class="hidden">
<form>
<div id="config-box"></div>
<div id="config-button-wrapper">
<button id="config-button">Run</button>
<img id="loading-gif" src="loading-small.gif">
</div>
</form>
<textarea readonly id="details-box" rows="25" cols="60"></textarea>
</div>
</div>
</div>
<?php
include ('csrf.php');
echo '<input type="hidden" id="csrf-token" name="csrf-token" value="' . getCSRFToken() . '"/>';
?>
<script src="minified.js"></script>
<script src="ncp.js"></script>
</body>
</html>
<!--
License
This script is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This script is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this script; if not, write to the
Free Software Foundation, Inc., 59 Temple Place, Suite 330,
Boston, MA 02111-1307 USA
-->

BIN
ncp-web/loading-small.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.7 KiB

1
ncp-web/menu.svg Normal file
View File

@ -0,0 +1 @@
<svg xmlns="http://www.w3.org/2000/svg" height="16" width="16"><path d="M2 2v2h12V2zm0 5v2h12V7zm0 5v2h12v-2z"/></svg>
Side by Side

After

Width:  |  Height:  |  Size: 118 B

1
ncp-web/minified.js Normal file
View File

File diff suppressed because one or more lines are too long

107
ncp-web/ncp-launcher.php Normal file
View File

@ -0,0 +1,107 @@
<?php
///
// NextcloudPi Web Panel backend
//
// Copyleft 2017 by Ignacio Nunez Hernanz <nacho _a_t_ ownyourbits _d_o_t_ com>
// GPL licensed (see end of file) * Use at your own risk!
//
// More at https://ownyourbits.com/2017/02/13/nextcloud-ready-raspberry-pi-image/
///
include ('csrf.php');
session_start();
if ( !$_POST['ref'] ) exit( '{ "output": "Invalid request" }' );
if ( $_POST['action'] == "cfgreq" )
{
//CSFR check
$token = isset($_POST['csrf_token']) ? $_POST['csrf_token'] : '';
if ( empty($token) || !validateCSRFToken($token) )
exit( '{ "output": "Unauthorized request" }' );
$path = '/usr/local/etc/nextcloudpi-config.d/';
$files = array_diff(scandir($path), array('.', '..'));
$fh = fopen( $path . $_POST['ref'] . '.sh' ,'r')
or exit( '{ "output": "' . $file . ' read error" }' );
// Get new token
echo '{ "token": "' . getCSRFToken() . '",';
echo ' "output": ';
$output = "<table>";
while ( $line = fgets($fh) )
{
if ( preg_match('/^(\w+)_=(.*)$/', $line, $matches) )
{
$output = $output . "<tr>";
$output = $output . "<td><label for=\"$matches[1]\">$matches[1]</label></td>";
$output = $output . "<td><input type=\"text\" name=\"$matches[1]\" id=\"$matches[1]\" value=\"$matches[2]\" size=\"40\"></td>";
$output = $output . "</tr>";
}
}
$output = $output . "</table>";
fclose($fh);
echo json_encode( $output ) . ' }'; // close JSON
}
else if ( $_POST['action'] == "launch" && $_POST['config'] )
{
// CSRF check
$token = isset($_POST['csrf_token']) ? $_POST['csrf_token'] : '';
if ( empty($token) || !validateCSRFToken($token) )
exit( '{ "output": "Unauthorized request" }' );
chdir('/usr/local/etc/nextcloudpi-config.d/');
$file = $_POST['ref'] . '.sh';
if ( $_POST['config'] != "{}" )
$params = json_decode( $_POST['config'], true )
or exit( '{ "output": "Invalid request" }' );
$code = file_get_contents( $file )
or exit( '{ "output": "' . $file . ' read error" }' );
foreach( $params as $name => $value)
{
preg_match( '/^[\w.@_\/-]+$/' , $value , $matches )
or exit( '{ "output": "Invalid input" , "token": "' . getCSRFToken() . '" }' );
$code = preg_replace( '/\n' . $name . '_=.*' . PHP_EOL . '/' ,
PHP_EOL . $name . '_=' . $value . PHP_EOL ,
$code )
or exit();
}
file_put_contents($file, $code )
or exit( '{ "output": "' . $file . ' write error" }' );
// Get new token
echo '{ "token": "' . getCSRFToken() . '",';
echo ' "output": ';
echo json_encode( shell_exec( 'bash -c "sudo /home/www/ncp-launcher.sh ' . $file . '"' ) ) . ' }';
}
// License
//
// This script is free software; you can redistribute it and/or modify it
// under the terms of the GNU General Public License as published by
// the Free Software Foundation; either version 2 of the License, or
// (at your option) any later version.
//
// This script is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this script; if not, write to the
// Free Software Foundation, Inc., 59 Temple Place, Suite 330,
// Boston, MA 02111-1307 USA
?>

BIN
ncp-web/ncp-logo.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 4.7 KiB

1037
ncp-web/ncp.css Normal file
View File

File diff suppressed because it is too large Load Diff

96
ncp-web/ncp.js Normal file
View File

@ -0,0 +1,96 @@
///
// NextcloudPi Web Panel javascript library
//
// Copyleft 2017 by Ignacio Nunez Hernanz <nacho _a_t_ ownyourbits _d_o_t_ com>
// GPL licensed (see end of file) * Use at your own risk!
//
// More at https://ownyourbits.com/2017/02/13/nextcloud-ready-raspberry-pi-image/
///
var MINI = require('minified');
var $ = MINI.$, $$ = MINI.$$, EE = MINI.EE;
var selectedID = null;
var confLock = false;
function errorMsg()
{
$('#config-box').fill( "Something went wrong. Try refreshing the page" );
}
$(function()
{
// Show selected option configuration box
$( 'li' , '#app-navigation' ).on('click', function(e)
{
if ( confLock ) return;
confLock = true;
var that = this;
$.request('post', 'ncp-launcher.php', { action:'cfgreq',
ref:this.get('.id') ,
csrf_token: $( '#csrf-token' ).get( '.value' ) }).then(
function success( result )
{
selectedID = that.get('.id');
var ret = $.parseJSON( result );
if ( ret.token )
$('#csrf-token').set( { value: ret.token } );
$('#config-box').ht( ret.output );
$('#config-box-title').fill( $( 'input' , '#' + selectedID ).get( '.value' ) );
$('#config-box-wrapper').show();
confLock = false;
}).error( errorMsg );
//clear details box
$('#details-box').hide( '' );
});
// Launch selected script
$( '#config-button' ).on('click', function(e)
{
confLock = true;
$('#details-box').hide( '' );
$('#config-button').set('@disabled',true);
$('#loading-gif').set( { $display: 'inline' } );
// create configuration object
var cfg = {};
$( 'input' , '#config-box' ).each( function(item){
cfg[item.name] = item.value;
} );
// request
$.request('post', 'ncp-launcher.php', { action:'launch',
ref:selectedID ,
config: $.toJSON(cfg) ,
csrf_token: $( '#csrf-token' ).get( '.value' ) }).then(
function success( result )
{
var ret = $.parseJSON( result );
if ( ret.token )
$('#csrf-token').set( { value: ret.token } );
$('#details-box').fill(ret.output);
$('#details-box').show();
$('#config-button').set('@disabled',null);
$('#loading-gif').hide();
confLock = false;
}).error( errorMsg );
});
});
// License
//
// This script is free software; you can redistribute it and/or modify it
// under the terms of the GNU General Public License as published by
// the Free Software Foundation; either version 2 of the License, or
// (at your option) any later version.
//
// This script is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this script; if not, write to the
// Free Software Foundation, Inc., 59 Temple Place, Suite 330,
// Boston, MA 02111-1307 USA

48
nextcloudpi.sh
View File

@ -30,6 +30,52 @@ install()
sed -i '/Change User Password/i"0 NextCloudPi Configuration" "Configuration of NextCloudPi" \\\\' /usr/bin/raspi-config
sed -i '/1\\\\ \*) do_change_pass ;;/i0\\\\ *) nextcloudpi-config ;;' /usr/bin/raspi-config
# NEXTCLOUDPI-CONFIG WEB
##########################################
cat > /etc/apache2/sites-available/ncp.conf <<'EOF'
Listen 8089
<VirtualHost _default_:8089>
DocumentRoot /var/www/ncp-web
</VirtualHost>
<Directory /var/www/ncp-web/>
Require host localhost
Require ip 127.0.0.1
Require ip 192.168
Require ip 10
</Directory>
Listen 4443
<VirtualHost _default_:4443>
DocumentRoot /var/www/ncp-web
SSLEngine on
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
</VirtualHost>
<Directory /var/www/ncp-web/>
Require host localhost
Require ip 127.0.0.1
Require ip 192.168
Require ip 10
</Directory>
EOF
a2ensite ncp
mkdir /home/www -p
chown www-data:www-data /home/www
chmod 700 /home/www
cat > /home/www/ncp-launcher.sh <<'EOF'
#!/bin/bash
DIR=/usr/local/etc/nextcloudpi-config.d
test -f $DIR/$1 || { echo "File not found"; exit 1; }
source /usr/local/etc/library.sh
cd $DIR
launch_script $1
EOF
chmod 700 /home/www/ncp-launcher.sh
echo "www-data ALL = NOPASSWD: /home/www/ncp-launcher.sh" >> /etc/sudoers
# NEXTCLOUDPI MOTD
##########################################
mkdir /etc/update-motd.d
@ -121,7 +167,7 @@ EOF
mkdir -p "$UPLOADTMPDIR"
chown www-data:www-data "$UPLOADTMPDIR"
sed -i "s|^;\?upload_tmp_dir =.*$|upload_tmp_dir = $UPLOADTMPDIR|" /etc/php/7.0/fpm/php.ini
sed -i "s|^;\?sys_temp_dir =.*$|sys_temp_dir = $UPLOADTMPDIR|" /etc/php/7.0/fpm/php.ini
sed -i "s|^;\?sys_temp_dir =.*$|sys_temp_dir = $UPLOADTMPDIR|" /etc/php/7.0/fpm/php.ini
# update to latest version from github as part of the build process
/usr/local/bin/ncp-update

8
update.sh
View File

@ -42,7 +42,13 @@ for file in etc/nextcloudpi-config.d/*; do
done
# these files can contain sensitive information, such as passwords
chmod 700 /usr/local/etc/nextcloudpi-config.d/*
chown -R root:www-data /usr/local/etc/nextcloudpi-config.d
chmod 660 /usr/local/etc/nextcloudpi-config.d/*
# install web interface
cp -r ncp-web /var/www/
chown www-data:www-data /var/www/ncp-web
chmod 770 /var/www/ncp-web
# License
#