Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Default config broken. #4

Closed
couling opened this issue Dec 21, 2018 · 1 comment
Closed

Default config broken. #4

couling opened this issue Dec 21, 2018 · 1 comment
Assignees
@couling
Labels
bug
Milestone
Version 1.1

Comments

@couling
Copy link
Owner

couling commented Dec 21, 2018

Partial work towards locking down the server has broken the default config.

WebDAV-Daemon/package-with/conf.xml

Lines 63 to 65 in 9afaa74

<!-- Not yet supported until multiple servers is implemeted (see <server>
above). Planned to setup a lockdown on the main session -->
<restricted>nobody</restricted>

Because of this, the server cannot even create it's own log file to say whats wrong and a default install simply won't start.

Also, the default SSL settings leave port 443 unable to open and port 80 configured as a simple redirect to port 443.

WebDAV-Daemon/package-with/conf.xml

Lines 12 to 53 in 9afaa74

<listen>
<port>80</port>
<!-- A host tag will bind the server to listen on that IP. Domains will
be convertied to an IP before binding. -->
<!-- <host>myHost.domain.tld</host> -->
<encryption>none</encryption>
<!-- It is NOT recomended to host content on unencrypted chanels. So this
port will just forward to an encrypted one -->
<forward-to>
<port>443</port>
<!-- Forwarding by default forwards to the same domain as the request.
If you want to specify a static domain then set it here -->
<!-- <host>another-domain.tld</host> -->
<!-- Is the client being forwarded to http ("none") or https ("ssl").
The following defaults to "ssl" if fowarding to port 443 and "none" for all
other ports -->
<!-- <encryption>ssl</encryption> -->
</forward-to>
</listen>
<!-- The following will listen on all ips and be encrypted -->
<listen>
<port>443</port>
<!-- Only "none" and "ssl" are currently supported. Encrypting with SSL
requires one or more <ssl-cert> certificates (see below) -->
<encryption>ssl</encryption>
</listen>

WebDAV-Daemon/package-with/conf.xml

Lines 104 to 117 in 9afaa74

<ssl-cert>
<!-- The PEM encoded certificate file -->
<certificate>/etc/ssl/certs/local/server.crt</certificate>
<!-- If the certificate requires intermediary ca certificates then add
as many <chain> nodes as required. These must be added in order starting
with the closest to the <certificate> and finishing with the closest to the
root ca -->
<!-- <chain>/etc/ssl/certs/local/chain_server.crt</chain> -->
<!-- The key for <certificate> -->
<key>/etc/ssl/private/server.key</key>
</ssl-cert>

@couling couling added the bug label Dec 21, 2018
couling added a commit that referenced this issue Dec 21, 2018
@couling
Fixed default config #4
f118cc1
@couling couling self-assigned this Dec 21, 2018
@couling couling added this to the Version 1.1 milestone Dec 21, 2018
@couling
Copy link
Owner Author

couling commented Dec 21, 2018

Fixed

@couling couling closed this as completed Dec 21, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@couling couling

Labels
bug
Projects
None yet
Milestone
Version 1.1
Development

No branches or pull requests
1 participant
@couling