summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Pointner <equinox@helsinki.at>2015-03-19 22:11:15 (GMT)
committerChristian Pointner <equinox@helsinki.at>2015-03-19 22:16:10 (GMT)
commit259e1c7a81ea9a096c227a6bc44114a7a9cf3a50 (patch)
tree051c708e449b5e5afb6ba25bce169b280045f254
parentd7795f99ed3fb52564fa6d2340d928ae9b191e5b (diff)
implemented a more secure directory structure
-rw-r--r--README76
-rwxr-xr-xauthtoken.json2
-rwxr-xr-xlib/rddb.pm (renamed from rh-bin/rddb.pm)0
-rwxr-xr-xrh-bin/listdropboxes.cgi2
-rw-r--r--www/img/audio_file.png (renamed from img/audio_file.png)bin2705 -> 2705 bytes
-rw-r--r--www/img/dz-backdrop.png (renamed from img/dz-backdrop.png)bin15972 -> 15972 bytes
-rw-r--r--www/img/dz-backdrop.svg (renamed from img/dz-backdrop.svg)0
-rw-r--r--www/img/helsinki.png (renamed from img/helsinki.png)bin5005 -> 5005 bytes
-rw-r--r--www/index.html (renamed from index.html)0
-rw-r--r--www/js/apps.js (renamed from js/apps.js)0
-rw-r--r--www/js/auth.js (renamed from js/auth.js)0
-rw-r--r--www/js/dropzone.js (renamed from js/dropzone.js)0
-rw-r--r--www/js/musicpools.js (renamed from js/musicpools.js)0
-rw-r--r--www/js/shows.js (renamed from js/shows.js)0
-rw-r--r--www/js/utils.js (renamed from js/utils.js)0
-rw-r--r--www/styles/auth.css (renamed from styles/auth.css)0
-rw-r--r--www/styles/musicpools.css (renamed from styles/musicpools.css)0
-rw-r--r--www/styles/shows.css (renamed from styles/shows.css)0
18 files changed, 42 insertions, 38 deletions
diff --git a/README b/README
index 5c63071..fb2aa55 100644
--- a/README
+++ b/README
@@ -45,40 +45,44 @@ LDAPTrustedGlobalCert CA_BASE64 /etc/ldap/ldapscert.pem
add the following to the virtualhost config:
~~~snip~~~
- DocumentRoot /var/www/
- <Directory /var/www/>
- Options -Indexes -FollowSymLinks MultiViews
- AllowOverride None
- Order allow,deny
- allow from all
- RedirectMatch 404 /\\.svn(/|$)
- </Directory>
- <Directory /var/www/config>
- Order allow,deny
- Deny from all
- </Directory>
-
- Include /etc/rivendell/apache.conf
-
- <Location /rh-bin/>
- SetHandler perl-script
- PerlResponseHandler ModPerl::Registry
- PerlOptions +ParseHeaders
- Options +ExecCGI
- </Location>
- <Location /authtoken.json>
- SetHandler perl-script
- PerlResponseHandler ModPerl::Registry
- PerlOptions +ParseHeaders
- Options +ExecCGI
- Order deny,allow
- Deny from All
- AuthName "Radio Helsinki - Automation Import"
- AuthType Basic
- AuthBasicProvider ldap
- AuthzLDAPAuthoritative off
- AuthLDAPUrl ldap://ldap.helsinki.at/ou=People,dc=helsinki,dc=at?uid TLS
- Require valid-user
- Satisfy any
- </Location>
+ DocumentRoot /var/www/rhwebimport/www/
+
+ <Directory /var/www/rhwebimport/>
+ Options -Indexes -FollowSymLinks
+ AllowOverride None
+
+ Require all denied
+ </Directory>
+ <Directory /var/www/rhwebimport/www>
+ Require all granted
+ </Directory>
+
+ Include /etc/rivendell/apache-2.4.conf
+ Include /etc/apache2/conf-available/javascript-common.conf
+
+ <Location /rh-bin/>
+ SetHandler perl-script
+ PerlResponseHandler ModPerl::Registry
+ PerlOptions +ParseHeaders
+ Options +ExecCGI
+
+ Require all granted
+ </Location>
+ Alias /rh-bin/ /var/www/rhwebimport/rh-bin/
+
+ <Location /authtoken.json>
+ SetHandler perl-script
+ PerlResponseHandler ModPerl::Registry
+ PerlOptions +ParseHeaders
+ Options +ExecCGI
+
+ AuthName "Radio Helsinki - Automation Import"
+ AuthType Basic
+ AuthBasicProvider ldap
+ AuthLDAPUrl ldap://ldap.helsinki.at/ou=People,dc=helsinki,dc=at?uid TLS
+
+ Require all denied
+ Require valid-user
+ </Location>
+ Alias /authtoken.json /var/www/rhwebimport/authtoken.json
~~~/snip~~~
diff --git a/authtoken.json b/authtoken.json
index 94d5042..c65eb64 100755
--- a/authtoken.json
+++ b/authtoken.json
@@ -2,7 +2,7 @@
use strict;
use File::Basename;
-use lib dirname( __FILE__ ) . '/rh-bin';
+use lib dirname( __FILE__ ) . '/lib';
use rddb;
my $status = 'ERROR';
diff --git a/rh-bin/rddb.pm b/lib/rddb.pm
index 34321d2..34321d2 100755
--- a/rh-bin/rddb.pm
+++ b/lib/rddb.pm
diff --git a/rh-bin/listdropboxes.cgi b/rh-bin/listdropboxes.cgi
index 14ecf11..8f2be64 100755
--- a/rh-bin/listdropboxes.cgi
+++ b/rh-bin/listdropboxes.cgi
@@ -3,7 +3,7 @@
use strict;
use CGI;
use File::Basename;
-use lib dirname( __FILE__ );
+use lib dirname( __FILE__ ) . '../lib';
use rddb;
my $status = 'ERROR';
diff --git a/img/audio_file.png b/www/img/audio_file.png
index e084457..e084457 100644
--- a/img/audio_file.png
+++ b/www/img/audio_file.png
Binary files differ
diff --git a/img/dz-backdrop.png b/www/img/dz-backdrop.png
index dd73694..dd73694 100644
--- a/img/dz-backdrop.png
+++ b/www/img/dz-backdrop.png
Binary files differ
diff --git a/img/dz-backdrop.svg b/www/img/dz-backdrop.svg
index 5083915..5083915 100644
--- a/img/dz-backdrop.svg
+++ b/www/img/dz-backdrop.svg
diff --git a/img/helsinki.png b/www/img/helsinki.png
index ec74fc3..ec74fc3 100644
--- a/img/helsinki.png
+++ b/www/img/helsinki.png
Binary files differ
diff --git a/index.html b/www/index.html
index 772e2e5..772e2e5 100644
--- a/index.html
+++ b/www/index.html
diff --git a/js/apps.js b/www/js/apps.js
index 12c9f76..12c9f76 100644
--- a/js/apps.js
+++ b/www/js/apps.js
diff --git a/js/auth.js b/www/js/auth.js
index 29dde31..29dde31 100644
--- a/js/auth.js
+++ b/www/js/auth.js
diff --git a/js/dropzone.js b/www/js/dropzone.js
index 499f4e0..499f4e0 100644
--- a/js/dropzone.js
+++ b/www/js/dropzone.js
diff --git a/js/musicpools.js b/www/js/musicpools.js
index c9c8ac0..c9c8ac0 100644
--- a/js/musicpools.js
+++ b/www/js/musicpools.js
diff --git a/js/shows.js b/www/js/shows.js
index cbf4d73..cbf4d73 100644
--- a/js/shows.js
+++ b/www/js/shows.js
diff --git a/js/utils.js b/www/js/utils.js
index 0237594..0237594 100644
--- a/js/utils.js
+++ b/www/js/utils.js
diff --git a/styles/auth.css b/www/styles/auth.css
index 8100ecd..8100ecd 100644
--- a/styles/auth.css
+++ b/www/styles/auth.css
diff --git a/styles/musicpools.css b/www/styles/musicpools.css
index e69de29..e69de29 100644
--- a/styles/musicpools.css
+++ b/www/styles/musicpools.css
diff --git a/styles/shows.css b/www/styles/shows.css
index a6a4696..a6a4696 100644
--- a/styles/shows.css
+++ b/www/styles/shows.css