diff options
author | Miquel Lionel <lionel@les-miquelots.net> | 2021-07-02 12:09:24 +0100 |
---|---|---|
committer | Miquel Lionel <lionelmiquel@sfr.fr> | 2021-07-04 00:28:00 +0100 |
commit | 2137a587bb3a314ac13327d4cdb53f0ee8b9d970 (patch) | |
tree | cea28ad0f1b4782a5eea556f5346f712108d1c6e /config.def.mk | |
parent | 23c6d4753895870224209a44624c1350e934f762 (diff) | |
download | gpigeon-2137a587bb3a314ac13327d4cdb53f0ee8b9d970.tar.gz gpigeon-2137a587bb3a314ac13327d4cdb53f0ee8b9d970.zip |
Better way to validate cookies and others improvs
- Added GPLv3+ short header in source files (genpass.pl, gpigeon-template.cgi and link-template-tmpl.cgi).
- Added some security headers in the example nginx configuration
file, and renamed the NGINXCONFDIR variable in the Makefile to SITESENABLED, it makes a bit more sense.
- Hastily drawed a more fitting .ico/mascot for the project
- Tweaked the styles.css to be somewhat more
responsive. Some tags in index.html and
gpigeon-template.cgi and link-template-tmpl.cgi
have now an id for styling.
- Fixed and improved cookie validation.
While working on the multi-user alternative, I
noticed that the ValidCookies() function was flimsy, I
was used eq... I learned about 'cmp' and throwed some UA
and IP address match to make it a bit more robust.
- Improved the genpass.pl script, if you want a
argon2id of your password, you can now launch it in interactive mode with the '-i' arg. It'll fill the ARGON2ID_HASH variable in the existing config.mk with the hash of the provided password
- Fixed inconsistencies in the Makefile. I was overwriting changes
with sed for no good reason instead of using the -i switch ! I also moved
the mail address, mail sender, and gpg id checks to the top of the file
since they are the most important. Also, the 0xlong is not needed in
config.def.mk anymore, we extract via the mail address.
Diffstat (limited to 'config.def.mk')
-rw-r--r-- | config.def.mk | 11 |
1 files changed, 5 insertions, 6 deletions
diff --git a/config.def.mk b/config.def.mk index b02f14f..28c435c 100644 --- a/config.def.mk +++ b/config.def.mk @@ -2,27 +2,26 @@ # paths PREFIX = /usr/share/gpigeon +WWWPREFIX = /var/www COOKIES_DIR = $(PREFIX)/cookies _GPG_HOMEDIR = $(PREFIX)/gnupg LINK_TEMPLATE_PATH = $(PREFIX)/link-tmpl.cgi -WWWPREFIX = /var/www GPIGEON_PATH = $(WWWPREFIX)/cgi-bin/gpigeon.cgi # system stuff WEBUSER=www-data #it must match up with your nginx user. For ex. on arch it's 'http' -# CGI tuning stuff +# form customization stuff MSG_FORM_CHAR_LIMIT = 3000 # argon2id hash. generated by genpass.pl if empty when running make ARGON2ID_HASH = -# gpg and email vars +# email related HAS_MAILSERVER = 0# choose 0 if you'll use an external mail server, 1 if local mail server installed. -# you don't need to set the 3 last variables if you got a local mailserver. -MYGPG_ID_0XLONG =# the 0xlong format of your gpg key. - required MYMAIL_ADDR =# your mail address - required MAILSENDER =# the mailer address that'll send you the encrypted mails - required +# you don't need to set the 3 last variables if you got a local mailserver. MAILSENDER_PW =# password for the mailer address SMTP_DOMAIN =# smtp domain pour the mailer SMTP_PORT =# smtp port for the mailer @@ -30,4 +29,4 @@ SMTP_PORT =# smtp port for the mailer #optional, domain to generate nginx config for #and where to put the config WWWDOMAIN= -NGINXCONFDIR=/etc/nginx/sites-enabled +SITESENABLED=/etc/nginx/sites-enabled |