From 3a3ae2202d2cdf62de0fbce573a5ec12f1c91e80 Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 22 Apr 2020 09:08:13 -0400 Subject: [PATCH 1/3] iiab-diagnostics: redact most all passwords, if line does not begin with # --- scripts/iiab-diagnostics | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/scripts/iiab-diagnostics b/scripts/iiab-diagnostics index 302c9c6e3..e307f5c05 100755 --- a/scripts/iiab-diagnostics +++ b/scripts/iiab-diagnostics @@ -38,12 +38,13 @@ function cat_file_raw() { # $1 = path/filename; $2 = # of lines, for tail echo "FILE EXISTS BUT IS EMPTY!" >> $outfile elif [ $# -eq 1 ]; then echo >> $outfile - # Redact most passwords from /etc/hostapd/hostapd.conf, /etc/wpa_supplicant/wpa_supplicant.conf, /etc/iiab/local_vars.yml -- not much to worry about in /etc/iiab/iiab.ini + # Redact most passwords from /etc/hostapd/hostapd.conf, /etc/wpa_supplicant/wpa_supplicant.conf, /etc/iiab/local_vars.yml, /etc/netplan/* -- not much to worry about in /etc/iiab/iiab.ini cat $1 | sed -e 's/^\(\s*psk=\).*/\1[REDACTED]/; s/^\(\s*wpa_passphrase=\).*/\1[REDACTED]/; s/^\([^#].*assword:\).*/\1 [REDACTED]/' | iconv -t UTF-8//IGNORE >> $outfile else # e.g. last 100 lines, maximum echo " ...ITS LAST $2 LINES FOLLOW..." >> $outfile echo >> $outfile - tail -$2 $1 | iconv -t UTF-8//IGNORE >> $outfile + # Redact most passwords from /etc/hostapd/hostapd.conf, /etc/wpa_supplicant/wpa_supplicant.conf, /etc/iiab/local_vars.yml, /etc/netplan/* -- not much to worry about in /etc/iiab/iiab.ini + tail -$2 $1 | sed -e 's/^\(\s*psk=\).*/\1[REDACTED]/; s/^\(\s*wpa_passphrase=\).*/\1[REDACTED]/; s/^\([^#].*assword:\).*/\1 [REDACTED]/' | iconv -t UTF-8//IGNORE >> $outfile fi echo >> $outfile elif [ -h $1 ]; then From 2f05ac208c22272d70e53f0cd87ec912c4395232 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Wed, 22 Apr 2020 09:28:38 -0500 Subject: [PATCH 2/3] nginx requires trailing slash to function properly --- roles/kolibri/templates/kolibri-nginx.conf.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/kolibri/templates/kolibri-nginx.conf.j2 b/roles/kolibri/templates/kolibri-nginx.conf.j2 index fc4309fbb..8ebf3627d 100644 --- a/roles/kolibri/templates/kolibri-nginx.conf.j2 +++ b/roles/kolibri/templates/kolibri-nginx.conf.j2 @@ -1,4 +1,4 @@ -location {{ kolibri_url_without_slash }} { +location {{ kolibri_url_without_slash }}/ { proxy_set_header Host $http_host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Scheme $scheme; From e7e7a3e719b401c687b77c37ffc1513ade25603a Mon Sep 17 00:00:00 2001 From: A Holt Date: Wed, 22 Apr 2020 10:33:55 -0400 Subject: [PATCH 3/3] kolibri-nginx.conf requires trailing slash /kolibri/ so use {{ kolibri_url }} --- roles/kolibri/templates/kolibri-nginx.conf.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/kolibri/templates/kolibri-nginx.conf.j2 b/roles/kolibri/templates/kolibri-nginx.conf.j2 index 8ebf3627d..c917516d5 100644 --- a/roles/kolibri/templates/kolibri-nginx.conf.j2 +++ b/roles/kolibri/templates/kolibri-nginx.conf.j2 @@ -1,4 +1,4 @@ -location {{ kolibri_url_without_slash }}/ { +location {{ kolibri_url }} { proxy_set_header Host $http_host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Scheme $scheme;