eightball/all-in-one
1
0
Fork 0
mirror of https://github.com/nextcloud/all-in-one.git synced 2025-12-20 06:26:57 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 10

don't allow access from nextcloud-aio-nextcloud

Browse source 
Signed-off-by: szaimen <szaimen@e.mail.de>
This commit is contained in:
szaimen 2022-04-28 21:57:19 +02:00
parent f518ea7fee
commit 603ce7cca0
1 changed files with 14 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

14
Containers/mastercontainer/start.sh
View file

@ -130,6 +130,20 @@ chown www-data:www-data -R /mnt/docker-aio-config/session/
chown www-data:www-data -R /mnt/docker-aio-config/caddy/
chown root:root -R /mnt/docker-aio-config/certs/
# Don't allow access to the AIO interface directly from the Nextcloud container
# Probably more cosmetic than anything but at least an attempt
if ! grep -q '# nextcloud-aio-block' /etc/apache2/apache2.conf; then
cat << APACHE_CONF >> /etc/apache2/apache2.conf
# nextcloud-aio-block-start
<Location />
order allow,deny
deny from nextcloud-aio-nextcloud.nextcloud-aio
allow from all
</Location>
# nextcloud-aio-block-end
APACHE_CONF
fi
# Adjust certs
GENERATED_CERTS="/mnt/docker-aio-config/certs"
TMP_CERTS="/etc/apache2/certs"