diff --git a/.env.example b/.env.example index 1779142bcc..7105d414ce 100644 --- a/.env.example +++ b/.env.example @@ -1,13 +1,13 @@ APP_NAME=Cypht -DB_CONNECTION_TYPE=host -DB_DRIVER=mysql +DB_CONNECTION_TYPE=socket +DB_DRIVER=sqlite DB_PORT= DB_HOST=localhost -DB_NAME=test -DB_USER=test -DB_PASS=123456 -DB_SOCKET=/var/lib/mysqld/mysqld.sock +DB_NAME=cypht_test +DB_NAME=cypht_test +DB_PASS=cypht_test +DB_SOCKET=/var/lib/hm3/cypht.sqlite SESSION_TYPE=PHP AUTH_TYPE=DB @@ -24,13 +24,11 @@ DEFAULT_SMTP_PORT= DEFAULT_SMTP_TLS= DEFAULT_SMTP_NO_AUTH= -USER_CONFIG_TYPE=file +USER_CONFIG_TYPE=DB USER_SETTINGS_DIR=/var/lib/hm3/users ATTACHMENT_DIR=/var/lib/hm3/attachments APP_DATA_DIR=/var/lib/hm3/app_data -DISABLE_ORIGIN_CHECK=false - ADMIN_USERS= COOKIE_DOMAIN= @@ -51,14 +49,14 @@ CSS_COMPRESS=false ALLOW_SESSION_CACHE=false CACHE_CLASS= -ENABLE_REDIS=true +ENABLE_REDIS=false REDIS_SERVER='127.0.0.1' REDIS_PORT=6379 REDIS_INDEX=1 REDIS_PASS= REDIS_SOCKET=/var/run/redis/redis-server.sock -ENABLE_MEMCACHED=true +ENABLE_MEMCACHED=false MEMCACHED_SERVER='127.0.0.1' MEMCACHED_PORT=11211 MEMCACHED_AUTH=false @@ -71,11 +69,8 @@ LONG_SESSION_LIFETIME=30 ENCRYPT_AJAX_REQUESTS= ENCRYPT_LOCAL_STORAGE= -ENCRYPT_LOCAL_STORAGE= - DISABLE_IP_CHECK=false - -DISABLE_ORIGIN_CHECK=true +DISABLE_ORIGIN_CHECK=false ALLOW_EXTERNAL_IMAGE_SOURCES=true @@ -147,7 +142,7 @@ GITHUB_CLIENT_ID= GITHUB_CLIENT_SECRET= GITHUB_REDIRECT_URI= GITHUB_AUTH_URL=https://github.com/login/oauth/authorize -GITHUB_AUTH_URL=https://github.com/login/oauth/access_token +# GITHUB_AUTH_URL=https://github.com/login/oauth/access_token #gmail GMAIL_CLIENT_ID= @@ -157,7 +152,7 @@ GMAIL_AUTH_URI=https://accounts.google.com/o/oauth2/auth GMAIL_TOKEN_URI=https://www.googleapis.com/oauth2/v3/token GMAIL_REFRESH_URI=https://www.googleapis.com/oauth2/v3/token -#aoutlook +#outlook OUTLOOK_CLIENT_ID= OUTLOOK_CLIENT_SECRET= OUTLOOK_CLIENT_URI= diff --git a/.github/docker/cypht_setup_database.php b/.github/docker/cypht_setup_database.php new file mode 100644 index 0000000000..c91f4897e6 --- /dev/null +++ b/.github/docker/cypht_setup_database.php @@ -0,0 +1,44 @@ +setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); + printf("Database connection successful ...\n"); + $connected = true; + } catch(PDOException $e){ + error_log('Waiting for database connection ... (' . $e->getMessage() . ')'); + sleep(1); + } +} +if ($session_type == 'DB') { + if ($db_driver == 'mysql') { + $stmt = "CREATE TABLE IF NOT EXISTS hm_user_session (hm_id varchar(250), data longblob, date timestamp, primary key (hm_id));"; + } elseif ($db_driver == 'pgsql') { + $stmt = "CREATE TABLE IF NOT EXISTS hm_user_session (hm_id varchar(250) primary key not null, data text, date timestamp);"; + } + printf("Creating database table hm_user_session ...\n"); + $conn->exec($stmt); +} +if ($auth_type == 'DB') { + if ($db_driver == 'mysql') { + $stmt = "CREATE TABLE IF NOT EXISTS hm_user (username varchar(250), hash varchar(250), primary key (username));"; + } elseif ($db_driver == 'pgsql') { + $stmt = "CREATE TABLE IF NOT EXISTS hm_user (username varchar(255) primary key not null, hash varchar(255));"; + } + printf("Creating database table hm_user ...\n"); + $conn->exec($stmt); +} +if ($user_config_type == 'DB') { + if ($db_driver == 'mysql') { + $stmt = "CREATE TABLE IF NOT EXISTS hm_user_settings(username varchar(250), settings longblob, primary key (username));"; + } elseif ($db_driver == 'pgsql') { + $stmt = "CREATE TABLE IF NOT EXISTS hm_user_settings (username varchar(250) primary key not null, settings text);"; + } + printf("Creating database table hm_user_settings ...\n"); + $conn->exec($stmt); +} \ No newline at end of file diff --git a/.github/docker/docker-entrypoint.sh b/.github/docker/docker-entrypoint.sh new file mode 100644 index 0000000000..4764b8a96c --- /dev/null +++ b/.github/docker/docker-entrypoint.sh @@ -0,0 +1,315 @@ +#!/bin/sh + +CYPHT_CONFIG_FILE=/usr/local/share/cypht/.env + +# +# Update ini file based on environment variables (only if the specific environment variable is set) +# + +# General Settings +## APP_NAME +if [ ! -z ${CYPHT_APP_NAME+x} ]; then sed -i "s/APP_NAME=.*/APP_NAME=${CYPHT_APP_NAME}/" ${CYPHT_CONFIG_FILE}; fi +## DB +if [ ! -z ${CYPHT_DB_CONNECTION_TYPE+x} ]; then sed -i "s/DB_CONNECTION_TYPE=.*/DB_CONNECTION_TYPE=${CYPHT_DB_CONNECTION_TYPE}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DB_DRIVER+x} ]; then sed -i "s/DB_DRIVER=.*/DB_DRIVER=${CYPHT_DB_DRIVER}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DB_PORT+x} ]; then sed -i "s/DB_PORT=.*/DB_PORT=${CYPHT_DB_PORT}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DB_HOST+x} ]; then sed -i "s/DB_HOST=.*/DB_HOST=${CYPHT_DB_HOST}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DB_NAME+x} ]; then sed -i "s/DB_NAME=.*/DB_NAME=${CYPHT_DB_NAME}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DB_USER+x} ]; then sed -i "s/DB_NAME=.*/DB_NAME=${CYPHT_DB_USER}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DB_PASS+x} ]; then sed -i "s/DB_PASS=.*/DB_PASS=${CYPHT_DB_PASS}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DB_SOCKET+x} ]; then sed -i "s/DB_SOCKET=.*/DB_SOCKET=${CYPHT_DB_SOCKET}/" ${CYPHT_CONFIG_FILE}; fi +## SESSION +if [ ! -z ${CYPHT_SESSION_TYPE+x} ]; then sed -i "s/SESSION_TYPE=.*/SESSION_TYPE=${CYPHT_SESSION_TYPE}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_AUTH_TYPE+x} ]; then sed -i "s/AUTH_TYPE=.*/AUTH_TYPE=${CYPHT_AUTH_TYPE}/" ${CYPHT_CONFIG_FILE}; fi +## IMAP +if [ ! -z ${CYPHT_IMAP_AUTH_NAME+x} ]; then sed -i "s/IMAP_AUTH_NAME=.*/IMAP_AUTH_NAME=${CYPHT_IMAP_AUTH_NAME}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_IMAP_AUTH_SERVER+x} ]; then sed -i "s/IMAP_AUTH_SERVER=.*/IMAP_AUTH_SERVER=${CYPHT_IMAP_AUTH_SERVER}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_IMAP_AUTH_PORT+x} ]; then sed -i "s/IMAP_AUTH_PORT=.*/IMAP_AUTH_PORT=${CYPHT_IMAP_AUTH_PORT}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_IMAP_AUTH_TLS+x} ]; then sed -i "s/IMAP_AUTH_TLS=.*/IMAP_AUTH_TLS=${CYPHT_IMAP_AUTH_TLS}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_IMAP_AUTH_SIEVE_CONF_HOST+x} ]; then sed -i "s/IMAP_AUTH_SIEVE_CONF_HOST=.*/IMAP_AUTH_SIEVE_CONF_HOST=${CYPHT_IMAP_AUTH_SIEVE_CONF_HOST}/" ${CYPHT_CONFIG_FILE}; fi +## SMTP +if [ ! -z ${CYPHT_DEFAULT_SMTP_NAME+x} ]; then sed -i "s/DEFAULT_SMTP_NAME=.*/DEFAULT_SMTP_NAME=${CYPHT_DEFAULT_SMTP_NAME}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SMTP_SERVER+x} ]; then sed -i "s/DEFAULT_SMTP_SERVER=.*/DEFAULT_SMTP_SERVER=${CYPHT_DEFAULT_SMTP_SERVER}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SMTP_PORT+x} ]; then sed -i "s/DEFAULT_SMTP_PORT=.*/DEFAULT_SMTP_PORT=${CYPHT_DEFAULT_SMTP_PORT}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SMTP_TLS+x} ]; then sed -i "s/DEFAULT_SMTP_TLS=.*/DEFAULT_SMTP_TLS=${CYPHT_DEFAULT_SMTP_TLS}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SMTP_NO_AUTH+x} ]; then sed -i "s/DEFAULT_SMTP_NO_AUTH=.*/DEFAULT_SMTP_NO_AUTH=${CYPHT_DEFAULT_SMTP_NO_AUTH}/" ${CYPHT_CONFIG_FILE}; fi +## User Settings +if [ ! -z ${CYPHT_USER_CONFIG_TYPE+x} ]; then sed -i "s/USER_CONFIG_TYPE=.*/USER_CONFIG_TYPE=${CYPHT_USER_CONFIG_TYPE}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_USER_SETTINGS_DIR+x} ]; then sed -i "s!USER_SETTINGS_DIR=.*!USER_SETTINGS_DIR=${CYPHT_USER_SETTINGS_DIR}!" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_ATTACHMENT_DIR+x} ]; then sed -i "s/ATTACHMENT_DIR=.*/ATTACHMENT_DIR=${CYPHT_ATTACHMENT_DIR}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_APP_DATA_DIR+x} ]; then sed -i "s/APP_DATA_DIR=.*/APP_DATA_DIR=${CYPHT_APP_DATA_DIR}/" ${CYPHT_CONFIG_FILE}; fi + +if [ ! -z ${CYPHT_ADMIN_USERS+x} ]; then sed -i "s/ADMIN_USERS=.*/ADMIN_USERS=${CYPHT_ADMIN_USERS}/" ${CYPHT_CONFIG_FILE}; fi + +## COOKIE +if [ ! -z ${CYPHT_COOKIE_DOMAIN+x} ]; then sed -i "s/COOKIE_DOMAIN=.*/COOKIE_DOMAIN=${CYPHT_COOKIE_DOMAIN}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_COOKIE_PATH+x} ]; then sed -i "s/COOKIE_PATH=.*/COOKIE_PATH=${CYPHT_COOKIE_PATH}/" ${CYPHT_CONFIG_FILE}; fi + +if [ ! -z ${CYPHT_DEFAULT_EMAIL_DOMAIN+x} ]; then sed -i "s/DEFAULT_EMAIL_DOMAIN=.*/DEFAULT_EMAIL_DOMAIN=${CYPHT_DEFAULT_EMAIL_DOMAIN}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_AUTO_CREATE_PROFILE+x} ]; then sed -i "s/AUTO_CREATE_PROFILE=.*/AUTO_CREATE_PROFILE=${CYPHT_AUTO_CREATE_PROFILE}/" ${CYPHT_CONFIG_FILE}; fi + +if [ ! -z ${CYPHT_REDIRECT_AFTER_LOGIN+x} ]; then sed -i "s/REDIRECT_AFTER_LOGIN=.*/REDIRECT_AFTER_LOGIN=${CYPHT_REDIRECT_AFTER_LOGIN}/" ${CYPHT_CONFIG_FILE}; fi + +if [ ! -z ${CYPHT_ALWAYS_MOBILE_UI+x} ]; then sed -i "s/ALWAYS_MOBILE_UI=.*/ALWAYS_MOBILE_UI=${CYPHT_ALWAYS_MOBILE_UI}/" ${CYPHT_CONFIG_FILE}; fi + +if [ ! -z ${CYPHT_DEFAULT_LANGUAGE+x} ]; then sed -i "s/DEFAULT_LANGUAGE=.*/DEFAULT_LANGUAGE=${CYPHT_DEFAULT_LANGUAGE}/" ${CYPHT_CONFIG_FILE}; fi + +if [ ! -z ${CYPHT_JS_COMPRESS+x} ]; then sed -i "s/JS_COMPRESS=.*/JS_COMPRESS=${CYPHT_JS_COMPRESS}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_CSS_COMPRESS+x} ]; then sed -i "s/CSS_COMPRESS=.*/CSS_COMPRESS=${CYPHT_CSS_COMPRESS}/" ${CYPHT_CONFIG_FILE}; fi + +## SESSION CACHE +if [ ! -z ${CYPHT_ALLOW_SESSION_CACHE+x} ]; then sed -i "s/ALLOW_SESSION_CACHE=.*/ALLOW_SESSION_CACHE=${CYPHT_ALLOW_SESSION_CACHE}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_CACHE_CLASS+x} ]; then sed -i "s/CACHE_CLASS=.*/CACHE_CLASS=${CYPHT_CACHE_CLASS}/" ${CYPHT_CONFIG_FILE}; fi + +## REDIS +if [ ! -z ${CYPHT_ENABLE_REDIS+x} ]; then sed -i "s/ENABLE_REDIS=.*/ENABLE_REDIS=${CYPHT_ENABLE_REDIS}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_REDIS_SERVER+x} ]; then sed -i "s/REDIS_SERVER=.*/REDIS_SERVER=${CYPHT_REDIS_SERVER}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_REDIS_PORT+x} ]; then sed -i "s/REDIS_PORT=.*/REDIS_PORT=${CYPHT_REDIS_PORT}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_REDIS_INDEX+x} ]; then sed -i "s/REDIS_INDEX=.*/REDIS_INDEX=${CYPHT_REDIS_INDEX}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_REDIS_PASS+x} ]; then sed -i "s/REDIS_PASS=.*/REDIS_PASS=${CYPHT_REDIS_PASS}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_REDIS_SOCKET+x} ]; then sed -i "s/REDIS_SOCKET=.*/REDIS_SOCKET=${CYPHT_REDIS_SOCKET}/" ${CYPHT_CONFIG_FILE}; fi +## MEMCACHED +if [ ! -z ${CYPHT_ENABLE_MEMCACHED+x} ]; then sed -i "s/ENABLE_MEMCACHED=.*/ENABLE_MEMCACHED=${CYPHT_ENABLE_MEMCACHED}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_MEMCACHED_SERVER+x} ]; then sed -i "s/MEMCACHED_SERVER=.*/MEMCACHED_SERVER=${CYPHT_MEMCACHED_SERVER}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_MEMCACHED_PORT+x} ]; then sed -i "s/MEMCACHED_PORT=.*/MEMCACHED_PORT=${CYPHT_MEMCACHED_PORT}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_MEMCACHED_AUTH+x} ]; then sed -i "s/MEMCACHED_AUTH=.*/MEMCACHED_AUTH=${CYPHT_MEMCACHED_AUTH}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_MEMCACHED_USER+x} ]; then sed -i "s/MEMCACHED_USER=.*/MEMCACHED_USER=${CYPHT_MEMCACHED_USER}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_MEMCACHED_PASS+x} ]; then sed -i "s/MEMCACHED_PASS=.*/MEMCACHED_PASS=${CYPHT_MEMCACHED_PASS}/" ${CYPHT_CONFIG_FILE}; fi + +if [ ! -z ${CYPHT_ALLOW_LONG_SESSION+x} ]; then sed -i "s/ALLOW_LONG_SESSION=.*/ALLOW_LONG_SESSION=${CYPHT_ALLOW_LONG_SESSION}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_LONG_SESSION_LIFETIME+x} ]; then sed -i "s/LONG_SESSION_LIFETIME=.*/LONG_SESSION_LIFETIME=${CYPHT_LONG_SESSION_LIFETIME}/" ${CYPHT_CONFIG_FILE}; fi + +if [ ! -z ${CYPHT_ENCRYPT_AJAX_REQUESTS+x} ]; then sed -i "s/ENCRYPT_AJAX_REQUESTS=.*/ENCRYPT_AJAX_REQUESTS=${CYPHT_ENCRYPT_AJAX_REQUESTS}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_ENCRYPT_LOCAL_STORAGE+x} ]; then sed -i "s/ENCRYPT_LOCAL_STORAGE=.*/ENCRYPT_LOCAL_STORAGE=${CYPHT_ENCRYPT_LOCAL_STORAGE}/" ${CYPHT_CONFIG_FILE}; fi + +if [ ! -z ${CYPHT_DISABLE_IP_CHECK+x} ]; then sed -i "s/DISABLE_IP_CHECK=.*/DISABLE_IP_CHECK=${CYPHT_DISABLE_IP_CHECK}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DISABLE_ORIGIN_CHECK+x} ]; then sed -i "s/DISABLE_ORIGIN_CHECK=.*/DISABLE_ORIGIN_CHECK=${CYPHT_DISABLE_ORIGIN_CHECK}/" ${CYPHT_CONFIG_FILE}; fi + +if [ ! -z ${CYPHT_ALLOW_EXTERNAL_IMAGE_SOURCES+x} ]; then sed -i "s/ALLOW_EXTERNAL_IMAGE_SOURCES=.*/ALLOW_EXTERNAL_IMAGE_SOURCES=${CYPHT_ALLOW_EXTERNAL_IMAGE_SOURCES}/" ${CYPHT_CONFIG_FILE}; fi + +if [ ! -z ${CYPHT_SINGLE_SERVER_MODE+x} ]; then sed -i "s/SINGLE_SERVER_MODE=.*/SINGLE_SERVER_MODE=${CYPHT_SINGLE_SERVER_MODE}/" ${CYPHT_CONFIG_FILE}; fi + +if [ ! -z ${CYPHT_DISABLE_EMPTY_SUPERGLOBALS+x} ]; then sed -i "s/DISABLE_EMPTY_SUPERGLOBALS=.*/DISABLE_EMPTY_SUPERGLOBALS=${CYPHT_DISABLE_EMPTY_SUPERGLOBALS}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DISABLE_OPEN_BASEDIR+x} ]; then sed -i "s/DISABLE_OPEN_BASE_DIR=.*/DISABLE_OPEN_BASE_DIR=${CYPHT_DISABLE_OPEN_BASEDIR}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DISABLE_INI_SETTINGS+x} ]; then sed -i "s/DISABLE_INI_SETTINGS=.*/DISABLE_INI_SETTINGS=${CYPHT_DISABLE_INI_SETTINGS}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DISABLE_FINGERPRINT+x} ]; then sed -i "s/DISABLE_FINGERPRINT=.*/DISABLE_FINGERPRINT=${CYPHT_DISABLE_FINGERPRINT}/" ${CYPHT_CONFIG_FILE}; fi + +if [ ! -z ${CYPHT_AUTH_CLASS+x} ]; then sed -i "s/AUTH_CLASS=.*/AUTH_CLASS=${CYPHT_AUTH_CLASS}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_SESSION_CLASS+x} ]; then sed -i "s/SESSION_CLASS=.*/SESSION_CLASS=${CYPHT_SESSION_CLASS}/" ${CYPHT_CONFIG_FILE}; fi + +if [ ! -z ${CYPHT_API_LOGIN_KEY+x} ]; then sed -i "s/API_LOGIN_KEY=.*/API_LOGIN_KEY=${CYPHT_API_LOGIN_KEY}/" ${CYPHT_CONFIG_FILE}; fi + +# Defaults +if [ ! -z ${CYPHT_DEFAULT_SETTING_NO_PASSWORD_SAVE+x} ]; then sed -i "s/DEFAULT_SETTING_NO_PASSWORD_SAVE=.*/DEFAULT_SETTING_NO_PASSWORD_SAVE=${CYPHT_DEFAULT_SETTING_NO_PASSWORD_SAVE}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_IMAP_PER_PAGE+x} ]; then sed -i "s/DEFAULT_SETTING_IMAP_PER_PAGE=.*/DEFAULT_SETTING_IMAP_PER_PAGE=${CYPHT_DEFAULT_SETTING_IMAP_PER_PAGE}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_SIMPLE_MSG_PARTS+x} ]; then sed -i "s/DEFAULT_SETTING_SIMPLE_MSG_PARTS=.*/DEFAULT_SETTING_SIMPLE_MSG_PARTS=${CYPHT_DEFAULT_SETTING_SIMPLE_MSG_PARTS}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_PAGINATE_LINKS+x} ]; then sed -i "s/DEFAULT_SETTING_PAGINATE_LINKS=.*/DEFAULT_SETTING_PAGINATE_LINKS=${CYPHT_DEFAULT_SETTING_PAGINATE_LINKS}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_MSG_PART_ICONS+x} ]; then sed -i "s/DEFAULT_SETTING_MSG_PART_ICONS=.*/DEFAULT_SETTING_MSG_PART_ICONS=${CYPHT_DEFAULT_SETTING_MSG_PART_ICONS}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_TEXT_ONLY+x} ]; then sed -i "s/DEFAULT_SETTING_TEXT_ONLY=.*/DEFAULT_SETTING_TEXT_ONLY=${CYPHT_DEFAULT_SETTING_TEXT_ONLY}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_SENT_PER_SOURCE+x} ]; then sed -i "s/DEFAULT_SETTING_SENT_PER_SOURCE=.*/DEFAULT_SETTING_SENT_PER_SOURCE=${CYPHT_DEFAULT_SETTING_SENT_PER_SOURCE}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_SENT_SINCE+x} ]; then sed -i "s/DEFAULT_SETTING_SENT_SINCE=.*/DEFAULT_SETTING_SENT_SINCE=${CYPHT_DEFAULT_SETTING_SENT_SINCE}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_SHOW_LIST_ICONS+x} ]; then sed -i "s/DEFAULT_SETTING_SHOW_LIST_ICONS=.*/DEFAULT_SETTING_SHOW_LIST_ICONS=${CYPHT_DEFAULT_SETTING_SHOW_LIST_ICONS}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_START_PAGE+x} ]; then sed -i "s/DEFAULT_SETTING_START_PAGE=.*/DEFAULT_SETTING_START_PAGE=${CYPHT_DEFAULT_SETTING_START_PAGE}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_DISABLE_DELETE_PROMPT+x} ]; then sed -i "s/DEFAULT_SETTING_DISABLE_DELETE_PROMPT=.*/DEFAULT_SETTING_DISABLE_DELETE_PROMPT=${CYPHT_DEFAULT_SETTING_DISABLE_DELETE_PROMPT}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_FLAGGED_PER_SOURCE+x} ]; then sed -i "s/DEFAULT_SETTING_FLAGGED_PER_SOURCE=.*/DEFAULT_SETTING_FLAGGED_PER_SOURCE=${CYPHT_DEFAULT_SETTING_FLAGGED_PER_SOURCE}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_NO_FOLDER_ICONS+x} ]; then sed -i "s/DEFAULT_SETTING_NO_FOLDER_ICONS=.*/DEFAULT_SETTING_NO_FOLDER_ICONS=${CYPHT_DEFAULT_SETTING_NO_FOLDER_ICONS}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_ALL_EMAIL_PER_SOURCE+x} ]; then sed -i "s/DEFAULT_SETTING_ALL_EMAIL_PER_SOURCE=.*/DEFAULT_SETTING_ALL_EMAIL_PER_SOURCE=${CYPHT_DEFAULT_SETTING_ALL_EMAIL_PER_SOURCE}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_ALL_EMAIL_SINCE+x} ]; then sed -i "s/DEFAULT_SETTING_ALL_EMAIL_SINCE=.*/DEFAULT_SETTING_ALL_EMAIL_SINCE=${CYPHT_DEFAULT_SETTING_ALL_EMAIL_SINCE}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_ALL_SINCE+x} ]; then sed -i "s/DEFAULT_SETTING_ALL_SINCE=.*/DEFAULT_SETTING_ALL_SINCE=${CYPHT_DEFAULT_SETTING_ALL_SINCE}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_ALL_PER_SOURCE+x} ]; then sed -i "s/DEFAULT_SETTING_ALL_PER_SOURCE=.*/DEFAULT_SETTING_ALL_PER_SOURCE=${CYPHT_DEFAULT_SETTING_ALL_PER_SOURCE}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_UNREAD_PER_SOURCE+x} ]; then sed -i "s/DEFAULT_SETTING_UNREAD_PER_SOURCE=.*/DEFAULT_SETTING_UNREAD_PER_SOURCE=${CYPHT_DEFAULT_SETTING_UNREAD_PER_SOURCE}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_FLAGGED_SINCE+x} ]; then sed -i "s/DEFAULT_SETTING_FLAGGED_SINCE=.*/DEFAULT_SETTING_FLAGGED_SINCE=${CYPHT_DEFAULT_SETTING_FLAGGED_SINCE}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_UNREAD_SINCE+x} ]; then sed -i "s/DEFAULT_SETTING_UNREAD_SINCE=.*/DEFAULT_SETTING_UNREAD_SINCE=${CYPHT_DEFAULT_SETTING_UNREAD_SINCE}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_TIMEZONE+x} ]; then sed -i "s/DEFAULT_SETTING_TIMEZONE=.*/DEFAULT_SETTING_TIMEZONE=${CYPHT_DEFAULT_SETTING_TIMEZONE}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_LIST_STYLE+x} ]; then sed -i "s/DEFAULT_SETTING_LIST_STYLE=.*/DEFAULT_SETTING_LIST_STYLE=${CYPHT_DEFAULT_SETTING_LIST_STYLE}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_LANGUAGE+x} ]; then sed -i "s/DEFAULT_SETTING_LANGUAGE=.*/DEFAULT_SETTING_LANGUAGE=${CYPHT_DEFAULT_SETTING_LANGUAGE}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_UNREAD_EXCLUDE_FEEDS+x} ]; then sed -i "s/DEFAULT_SETTING_UNREAD_EXCLUDE_FEEDS=.*/DEFAULT_SETTING_UNREAD_EXCLUDE_FEEDS=${CYPHT_DEFAULT_SETTING_UNREAD_EXCLUDE_FEEDS}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_FEED_LIMIT+x} ]; then sed -i "s/DEFAULT_SETTING_FEED_LIMIT=.*/DEFAULT_SETTING_FEED_LIMIT=${CYPHT_DEFAULT_SETTING_FEED_LIMIT}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_FEED_SINCE+x} ]; then sed -i "s/DEFAULT_SETTING_FEED_SINCE=.*/DEFAULT_SETTING_FEED_SINCE=${CYPHT_DEFAULT_SETTING_FEED_SINCE}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_SMTP_COMPOSE_TYPE+x} ]; then sed -i "s/DEFAULT_SETTING_SMTP_COMPOSE_TYPE=.*/DEFAULT_SETTING_SMTP_COMPOSE_TYPE=${CYPHT_DEFAULT_SETTING_SMTP_COMPOSE_TYPE}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_SMTP_AUTO_BCC+x} ]; then sed -i "s/DEFAULT_SETTING_SMTP_AUTO_BCC=.*/DEFAULT_SETTING_SMTP_AUTO_BCC=${CYPHT_DEFAULT_SETTING_SMTP_AUTO_BCC}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_THEME+x} ]; then sed -i "s/DEFAULT_SETTING_THEME=.*/DEFAULT_SETTING_THEME=${CYPHT_DEFAULT_SETTING_THEME}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_UNREAD_EXCLUDE_WORDPRESS+x} ]; then sed -i "s/DEFAULT_SETTING_UNREAD_EXCLUDE_WORDPRESS=.*/DEFAULT_SETTING_UNREAD_EXCLUDE_WORDPRESS=${CYPHT_DEFAULT_SETTING_UNREAD_EXCLUDE_WORDPRESS}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_WORDPRESS_SINCE+x} ]; then sed -i "s/DEFAULT_SETTING_WORDPRESS_SINCE=.*/DEFAULT_SETTING_WORDPRESS_SINCE=${CYPHT_DEFAULT_SETTING_WORDPRESS_SINCE}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_UNREAD_EXCLUDE_GITHUB+x} ]; then sed -i "s/DEFAULT_SETTING_UNREAD_EXCLUDE_GITHUB=.*/DEFAULT_SETTING_UNREAD_EXCLUDE_GITHUB=${CYPHT_DEFAULT_SETTING_UNREAD_EXCLUDE_GITHUB}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_GITHUB_LIMIT+x} ]; then sed -i "s/DEFAULT_SETTING_GITHUB_LIMIT=.*/DEFAULT_SETTING_GITHUB_LIMIT=${CYPHT_DEFAULT_SETTING_GITHUB_LIMIT}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_GITHUB_SINCE+x} ]; then sed -i "s/DEFAULT_SETTING_GITHUB_SINCE=.*/DEFAULT_SETTING_GITHUB_SINCE=${CYPHT_DEFAULT_SETTING_GITHUB_SINCE}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_INLINE_MESSAGE+x} ]; then sed -i "s/DEFAULT_SETTING_INLINE_MESSAGE=.*/DEFAULT_SETTING_INLINE_MESSAGE=${CYPHT_DEFAULT_SETTING_INLINE_MESSAGE}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_ENABLE_KEYBOARD_SHORTCUTS+x} ]; then sed -i "s/DEFAULT_SETTING_ENABLE_KEYBOARD_SHORTCUTS=.*/DEFAULT_SETTING_ENABLE_KEYBOARD_SHORTCUTS=${CYPHT_DEFAULT_SETTING_ENABLE_KEYBOARD_SHORTCUTS}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DEFAULT_SETTING_ENABLE_SIEVE_FILTER+x} ]; then sed -i "s/DEFAULT_SETTING_ENABLE_SIEVE_FILTER=.*/DEFAULT_SETTING_ENABLE_SIEVE_FILTER=${CYPHT_DEFAULT_SETTING_ENABLE_SIEVE_FILTER}/" ${CYPHT_CONFIG_FILE}; fi + +## APP 2FA +if [ ! -z ${CYPHT_APP_2FA_SECRET+x} ]; then sed -i "s/APP_2FA_SECRET=.*/APP_2FA_SECRET=${CYPHT_APP_2FA_SECRET}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_APP_2FA_SIMPLE+x} ]; then sed -i "s/APP_2FA_SIMPLE=.*/APP_2FA_SIMPLE=${CYPHT_APP_2FA_SIMPLE}/" ${CYPHT_CONFIG_FILE}; fi + +if [ ! -z ${CYPHT_CARD_DAV_SERVER+x} ]; then sed -i "s/CARD_DAV_SERVER=.*/CARD_DAV_SERVER=${CYPHT_CARD_DAV_SERVER}/" ${CYPHT_CONFIG_FILE}; fi + +## DYNAMIC LOGIN +if [ ! -z ${CYPHT_DYNAMIC_HOST+x} ]; then sed -i "s/DYNAMIC_HOST=.*/DYNAMIC_HOST=${CYPHT_DYNAMIC_HOST}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DYNAMIC_HOST_SUBDOMAIN+x} ]; then sed -i "s/DYNAMIC_HOST_SUBDOMAIN=.*/DYNAMIC_HOST_SUBDOMAIN=${CYPHT_DYNAMIC_HOST_SUBDOMAIN}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DYNAMIC_USER+x} ]; then sed -i "s/DYNAMIC_USER=.*/DYNAMIC_USER=${CYPHT_DYNAMIC_USER}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DYNAMIC_SMTP_SUBDOMAIN+x} ]; then sed -i "s/DYNAMIC_SMTP_SUBDOMAIN=.*/DYNAMIC_SMTP_SUBDOMAIN=${CYPHT_DYNAMIC_SMTP_SUBDOMAIN}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_DYNAMIC_MAIL_SUBDOMAIN+x} ]; then sed -i "s/DYNAMIC_MAIL_SUBDOMAIN=.*/DYNAMIC_MAIL_SUBDOMAIN=${CYPHT_DYNAMIC_MAIL_SUBDOMAIN}/" ${CYPHT_CONFIG_FILE}; fi + +## GITHUB +if [ ! -z ${CYPHT_GITHUB_CLIENT_ID+x} ]; then sed -i "s/GITHUB_CLIENT_ID=.*/GITHUB_CLIENT_ID=${CYPHT_GITHUB_CLIENT_ID}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_GITHUB_CLIENT_SECRET+x} ]; then sed -i "s/GITHUB_CLIENT_SECRET=.*/GITHUB_CLIENT_SECRET=${CYPHT_GITHUB_CLIENT_SECRET}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_GITHUB_REDIRECT_URI+x} ]; then sed -i "s/GITHUB_REDIRECT_URI=.*/GITHUB_REDIRECT_URI=${CYPHT_GITHUB_REDIRECT_URI}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_GITHUB_AUTH_URL+x} ]; then sed -i "s/GITHUB_AUTH_URL=.*/GITHUB_AUTH_URL=${CYPHT_GITHUB_AUTH_URL}/" ${CYPHT_CONFIG_FILE}; fi + +## Gmail +if [ ! -z ${CYPHT_GMAIL_CLIENT_ID+x} ]; then sed -i "s/GMAIL_CLIENT_ID=.*/GMAIL_CLIENT_ID=${CYPHT_GMAIL_CLIENT_ID}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_GMAIL_CLIENT_SECRET+x} ]; then sed -i "s/GMAIL_CLIENT_SECRET=.*/GMAIL_CLIENT_SECRET=${CYPHT_GMAIL_CLIENT_SECRET}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_GMAIL_CLIENT_URI+x} ]; then sed -i "s/GMAIL_CLIENT_URI=.*/GMAIL_CLIENT_URI=${CYPHT_GMAIL_CLIENT_URI}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_GMAIL_AUTH_URI+x} ]; then sed -i "s/GMAIL_AUTH_URI=.*/GMAIL_AUTH_URI=${CYPHT_GMAIL_AUTH_URI}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_GMAIL_TOKEN_URI+x} ]; then sed -i "s/GMAIL_TOKEN_URI=.*/GMAIL_TOKEN_URI=${CYPHT_CGMAIL_TOKEN_URI}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_GMAIL_REFRESH_URI+x} ]; then sed -i "s/GMAIL_REFRESH_URI=.*/GMAIL_REFRESH_URI=${CYPHT_GMAIL_REFRESH_URI}/" ${CYPHT_CONFIG_FILE}; fi + +## Outlook +if [ ! -z ${CYPHT_OUTLOOK_CLIENT_ID+x} ]; then sed -i "s/OUTLOOK_CLIENT_ID=.*/OUTLOOK_CLIENT_ID=${CYPHT_OUTLOOK_CLIENT_ID}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_OUTLOOK_CLIENT_SECRET+x} ]; then sed -i "s/OUTLOOK_CLIENT_SECRET=.*/OUTLOOK_CLIENT_SECRET=${CYPHT_OUTLOOK_CLIENT_SECRET}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_OUTLOOK_CLIENT_URI+x} ]; then sed -i "s/OUTLOOK_CLIENT_URI=.*/OUTLOOK_CLIENT_URI=${CYPHT_OUTLOOK_CLIENT_URI}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_OUTLOOK_AUTH_URI+x} ]; then sed -i "s/OUTLOOK_AUTH_URI=.*/OUTLOOK_AUTH_URI=${CYPHT_OUTLOOK_AUTH_URI}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_OUTLOOK_TOKEN_URI+x} ]; then sed -i "s/OUTLOOK_TOKEN_URI=.*/OUTLOOK_TOKEN_URI=${CYPHT_OUTLOOK_TOKEN_URI}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_OUTLOOK_REFRESH_URI+x} ]; then sed -i "s/OUTLOOK_REFRESH_URI=.*/OUTLOOK_REFRESH_URI=${CYPHT_OUTLOOK_REFRESH_URI}/" ${CYPHT_CONFIG_FILE}; fi + +## LDAP +if [ ! -z ${CYPHT_LDAP_SERVER+x} ]; then sed -i "s/LDAP_SERVER=.*/LDAP_SERVER=${CYPHT_LDAP_SERVER}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_LDAP_ENABLE_TLS+x} ]; then sed -i "s/LDAP_ENABLE_TLS=.*/LDAP_ENABLE_TLS=${CYPHT_LDAP_ENABLE_TLS}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_LDAP_PORT+x} ]; then sed -i "s/LDAP_PORT=.*/LDAP_PORT=${CYPHT_LDAP_PORT}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_LDAP_BASE_DN+x} ]; then sed -i "s/LDAP_BASE_DN=.*/LDAP_BASE_DN=${CYPHT_LDAP_BASE_DN}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_LDAP_SEARCH_TERM+x} ]; then sed -i "s/LDAP_SEARCH_TERM=.*/LDAP_SEARCH_TERM=${CYPHT_LDAP_SEARCH_TERM}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_LDAP_AUTH+x} ]; then sed -i "s/LDAP_AUTH=.*/LDAP_AUTH=${CYPHT_LDAP_AUTH}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_LDAP_USER+x} ]; then sed -i "s/LDAP_USER=.*/LDAP_USER=${CYPHT_LDAP_USER}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_LDAP_PASS+x} ]; then sed -i "s/LDAP_PASS=.*/LDAP_PASS=${CYPHT_LDAP_PASS}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_LDAP_OBJECT_CLASS+x} ]; then sed -i "s/LDAP_OBJECT_CLASS=.*/LDAP_OBJECT_CLASS=${CYPHT_LDAP_OBJECT_CLASS}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_LDAP_READ_WRITE+x} ]; then sed -i "s/LDAP_READ_WRITE=.*/LDAP_READ_WRITE=${CYPHT_LDAP_READ_WRITE}/" ${CYPHT_CONFIG_FILE}; fi + +## App.php +if [ ! -z ${CYPHT_LDAP_AUTH_PORT+x} ]; then sed -i "s/LDAP_AUTH_PORT=.*/LDAP_AUTH_PORT=${CYPHT_LDAP_AUTH_PORT}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_LDAP_AUTH_SERVER+x} ]; then sed -i "s/LDAP_AUTH_SERVER=.*/LDAP_AUTH_SERVER=${CYPHT_LDAP_AUTH_SERVER}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_LDAP_AUTH_TLS+x} ]; then sed -i "s/LDAP_AUTH_TLS=.*/LDAP_AUTH_TLS=${CYPHT_LDAP_AUTH_TLS}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_LDAP_AUTH_BASE_DN+x} ]; then sed -i "s/LDAP_AUTH_BASE_DN=.*/LDAP_AUTH_BASE_DN=${CYPHT_LDAP_AUTH_BASE_DN}/" ${CYPHT_CONFIG_FILE}; fi + +## Worldpress +if [ ! -z ${CYPHT_WORDPRESS_CLIENT_ID+x} ]; then sed -i "s/WORDPRESS_CLIENT_ID=.*/WORDPRESS_CLIENT_ID=${CYPHT_WORDPRESS_CLIENT_ID}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_WORDPRESS_CLIENT_SECRET+x} ]; then sed -i "s/WORDPRESS_CLIENT_SECRET=.*/WORDPRESS_CLIENT_SECRET=${CYPHT_WORDPRESS_CLIENT_SECRET}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_WORDPRESS_CLIENT_URI+x} ]; then sed -i "s/WORDPRESS_CLIENT_URI=.*/WORDPRESS_CLIENT_URI=${CYPHT_WORDPRESS_CLIENT_URI}/" ${CYPHT_CONFIG_FILE}; fi + +## RECAPTCHA +if [ ! -z ${CYPHT_RECAPTCHA_SECRET+x} ]; then sed -i "s/RECAPTCHA_SECRET=.*/RECAPTCHA_SECRET=${CYPHT_RECAPTCHA_SECRET}/" ${CYPHT_CONFIG_FILE}; fi +if [ ! -z ${CYPHT_RECAPTCHA_SITE_KEY+x} ]; then sed -i "s/RECAPTCHA_SITE_KEY=.*/RECAPTCHA_SITE_KEY=${CYPHT_RECAPTCHA_SITE_KEY}/" ${CYPHT_CONFIG_FILE}; fi + +## CYPHT_MODULES +if [ ! -z ${CYPHT_CYPHT_MODULES+x} ]; then sed -i "s/CYPHT_MODULES=.*/CYPHT_MODULES=${CYPHT_CYPHT_MODULES}/" ${CYPHT_CONFIG_FILE}; fi + +## Login page +if [ ! -z ${CYPHT_FANCY_LOGIN+x} ]; then sed -i "s/FANCY_LOGIN=.*/FANCY_LOGIN=${CYPHT_FANCY_LOGIN}/" ${CYPHT_CONFIG_FILE}; fi + + +if [ -z ${CYPHT_AUTH_USERNAME+x} ]; then CYPHT_AUTH_USERNAME=demo ; fi +if [ -z ${CYPHT_AUTH_PASSWORD+x} ]; then CYPHT_AUTH_PASSWORD=demo ; fi + +# +# Wait for database to be ready then setup tables for sessions, authentication, and settings as needed +# +session_type=$(sed -n 's/SESSION_TYPE=//p' ${CYPHT_CONFIG_FILE}) +auth_type=$(sed -n 's/AUTH_TYPE=//p' ${CYPHT_CONFIG_FILE}) +user_config_type=$(sed -n 's/USER_CONFIG_TYPE=//p' ${CYPHT_CONFIG_FILE}) +db_host=$(sed -n 's/DB_HOST=//p' ${CYPHT_CONFIG_FILE}) +db_name=$(sed -n 's/DB_NAME=//p' ${CYPHT_CONFIG_FILE}) +db_user=$(sed -n 's/DB_USER=//p' ${CYPHT_CONFIG_FILE}) +db_pass=$(sed -n 's/DB_PASS=//p' ${CYPHT_CONFIG_FILE}) +db_driver=$(sed -n 's/DB_DRIVER=//p' ${CYPHT_CONFIG_FILE}) +db_socket=$(sed -n 's/DB_SOCKET=//p' ${CYPHT_CONFIG_FILE}) + +if [ "${db_driver}" = "sqlite" ] && [ ! -f ${db_socket} ] +then + echo "Use SQLite database: ${db_socket}" + mkdir -p /var/lib/hm3 + touch ${db_socket} && chown www-data:www-data ${db_socket} + sqlite3 ${db_socket} 'create table hm_user (username varchar(255), hash varchar(255), primary key (username));' + sqlite3 ${db_socket} 'create table hm_user_session (hm_id varchar(255), data longblob, date timestamp, primary key (hm_id));' + sqlite3 ${db_socket} 'create table hm_user_settings(username varchar(255), settings longblob, primary key (username));' +fi + +if [ "${session_type}" = "DB" ] || [ "${auth_type}" = "DB" ] || [ "${user_config_type}" = "DB" ] +then + sed -i "s/CYPHT_SESSION_TYPE/${session_type}/" /tmp/cypht_setup_database.php + sed -i "s/CYPHT_AUTH_TYPE/${auth_type}/" /tmp/cypht_setup_database.php + sed -i "s/CYPHT_USER_CONFIG_TYPE/${user_config_type}/" /tmp/cypht_setup_database.php + sed -i "s/CYPHT_DB_HOST/${db_host}/" /tmp/cypht_setup_database.php + sed -i "s/CYPHT_DB_NAME/${db_name}/" /tmp/cypht_setup_database.php + sed -i "s/CYPHT_DB_USER/${db_user}/" /tmp/cypht_setup_database.php + sed -i "s/CYPHT_DB_PASS/${db_pass}/" /tmp/cypht_setup_database.php + sed -i "s/CYPHT_DB_DRIVER/${db_driver}/" /tmp/cypht_setup_database.php + php /tmp/cypht_setup_database.php +fi + +# +# Additional tasks based on the newly-configured settings +# + +# Settings Location - create directory if config type is "file" +user_config_type=$(sed -n 's/USER_CONFIG_TYPE=//p' ${CYPHT_CONFIG_FILE}) +user_settings_dir=$(sed -n 's/USER_SETTINGS_DIR=//p' ${CYPHT_CONFIG_FILE}) +if [ "${user_config_type}" = "file" ] +then + mkdir -p ${user_settings_dir} + chown www-data:www-data ${user_settings_dir} +fi + +# Attachment Location - create directory +attachment_dir=$(sed -n 's/ATTACHMENT_DIR=//p' ${CYPHT_CONFIG_FILE}) +mkdir -p ${attachment_dir} +chown www-data:www-data ${attachment_dir} + +# Application Data Location - create directory +app_data_dir=$(sed -n 's/APP_DATA_DIR=//p' ${CYPHT_CONFIG_FILE}) +mkdir -p ${app_data_dir} +chown www-data:www-data ${app_data_dir} + +# Change /var/lib/nginx owner from root to www-data to avoid "permission denied" error. +chown -R www-data:www-data /var/lib/nginx + +# +# Generate the run-time configuration +# +cd /usr/local/share/cypht +php ./scripts/config_gen.php + +# +# Enable the program in the web-server +# +rm -rf /var/www +if [ ! -z ${CYPHT_DEBUG+x} ] && [ ${CYPHT_DEBUG} = "true" ] +then + echo -e "\033[31mDebug mode is enabled\033[0m" + ln -sf /usr/local/share/cypht /var/www +else + echo -e "\033[32mDebug mode is disabled\033[0m" + ln -sf /usr/local/share/cypht/site /var/www +fi + + + +# +# Create user account in database (or change password if user already exists) +# +php ./scripts/create_account.php ${CYPHT_AUTH_USERNAME} ${CYPHT_AUTH_PASSWORD} +#OR maybe run the following if the user already exists... +#php ./scripts/update_password.php ${CYPHT_AUTH_USERNAME} ${CYPHT_AUTH_PASSWORD} + +# +# Close out tasks +# + +# now that we're definitely done writing configuration, let's clear out the relevant environment variables (so that stray "phpinfo()" calls don't leak secrets from our code) +#for e in "${envs[@]}"; do +# unset "$e" +#done + +# Start supervisord and services +/usr/bin/supervisord -c /etc/supervisord.conf + +exec "$@" \ No newline at end of file diff --git a/.github/docker/nginx.conf b/.github/docker/nginx.conf new file mode 100644 index 0000000000..223243594b --- /dev/null +++ b/.github/docker/nginx.conf @@ -0,0 +1,81 @@ +user www-data; +pid /run/nginx.pid; +worker_processes auto; +worker_rlimit_nofile 65535; +events { + multi_accept on; + worker_connections 65535; +} +http { + charset utf-8; + sendfile on; + tcp_nopush on; + tcp_nodelay on; + server_tokens off; + log_not_found off; + types_hash_max_size 2048; + types_hash_bucket_size 64; + client_max_body_size 100M; + include mime.types; + default_type application/octet-stream; + access_log off; + error_log /dev/null; + ssl_session_timeout 1d; + ssl_session_cache shared:SSL:10m; + ssl_session_tickets off; + ssl_protocols TLSv1.3; + ssl_stapling on; + ssl_stapling_verify on; + server { + listen 80; + listen [::]:80; + set $base /var/www; + root $base; + index index.php; + location / { + try_files $uri $uri/ /index.php?$query_string; + } + # favicon.ico + location = /favicon.ico { + log_not_found off; + } + # robots.txt + location = /robots.txt { + log_not_found off; + } + # assets, media + location ~* \.(?:css(\.map)?|js(\.map)?|jpe?g|png|gif|ico|cur|heic|webp|tiff?|mp3|m4a|aac|ogg|midi?|wav|mp4|mov|webm|mpe?g|avi|ogv|flv|wmv)$ { + expires 7d; + } + # svg, fonts + location ~* \.(?:svgz?|ttf|ttc|otf|eot|woff2?)$ { + add_header Access-Control-Allow-Origin "*"; + expires 7d; + } + # gzip + gzip on; + gzip_vary on; + gzip_proxied any; + gzip_comp_level 6; + gzip_types text/plain text/css text/xml application/json application/javascript application/rss+xml application/atom+xml image/svg+xml; + location ~ [^/]\.php(/|$) { + fastcgi_pass 127.0.0.1:9000; + # split path + fastcgi_split_path_info ^(.+\.php)(/.+)$; + set $_fastcgi_path_info $fastcgi_path_info; + # 404 + try_files $fastcgi_script_name =404; + # default fastcgi_params + include fastcgi_params; + # fastcgi settings + fastcgi_index index.php; + fastcgi_buffers 8 16k; + fastcgi_buffer_size 32k; + # fastcgi params + fastcgi_param DOCUMENT_ROOT $realpath_root; + fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; + fastcgi_param PATH_INFO $_fastcgi_path_info; + fastcgi_param PHP_ADMIN_VALUE "open_basedir=$base/:/usr/lib/php/:/tmp/:/var/lib/hm3"; + } + } +} diff --git a/.github/docker/supervisord.conf b/.github/docker/supervisord.conf new file mode 100644 index 0000000000..e195b7997c --- /dev/null +++ b/.github/docker/supervisord.conf @@ -0,0 +1,23 @@ +[supervisord] +user=root +nodaemon=true +logfile=/var/log/supervisord.log +pidfile=/var/run/supervisord.pid + +[program:nginx] +command=/usr/sbin/nginx -g "daemon off;" +autostart=true +autorestart=true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 + +[program:php-fpm] +command=php-fpm +autostart=true +autorestart=true +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 \ No newline at end of file diff --git a/.github/tests/.env b/.github/tests/.env index a6ef4d3891..11ebd01150 100644 --- a/.github/tests/.env +++ b/.github/tests/.env @@ -11,10 +11,6 @@ DB_SOCKET=/var/lib/mysqld/mysqld.sock SESSION_TYPE=PHP AUTH_TYPE=IMAP -LDAP_AUTH_SERVER=localhost -LDAP_AUTH_PORT=389 -LDAP_AUTH_TLS= -LDAP_AUTH_BASE_DN=example,dc=com IMAP_AUTH_NAME=localhost IMAP_AUTH_SERVER=localhost @@ -74,7 +70,6 @@ ENCRYPT_AJAX_REQUESTS= ENCRYPT_LOCAL_STORAGE= DISABLE_IP_CHECK=false - DISABLE_ORIGIN_CHECK=false ALLOW_EXTERNAL_IMAGE_SOURCES=true @@ -129,7 +124,6 @@ DEFAULT_SETTING_INLINE_MESSAGE=false DEFAULT_SETTING_ENABLE_KEYBOARD_SHORTCUTS=1 DEFAULT_SETTING_ENABLE_SIEVE_FILTER=false - APP_2FA_SECRET="" APP_2FA_SIMPLE=false @@ -176,6 +170,11 @@ LDAP_USER='' LDAP_PASS='' LDAP_READ_WRITE=true +LDAP_AUTH_SERVER=localhost +LDAP_AUTH_PORT=389 +LDAP_AUTH_TLS= +LDAP_AUTH_BASE_DN=example,dc=com + #WordPress WORDPRESS_CLIENT_ID= WORDPRESS_CLIENT_SECRET= diff --git a/.github/workflows/Nightly-Image.yml b/.github/workflows/Nightly-Image.yml index 1bcaaa9344..bf3e49df18 100644 --- a/.github/workflows/Nightly-Image.yml +++ b/.github/workflows/Nightly-Image.yml @@ -5,24 +5,73 @@ defaults: shell: bash on: + # push: + # branches: + # - master + # - dev + + # pull_request: + # branches: + # - master + # - dev + workflow_call: + # workflow_dispatch: + +# concurrency: +# group: build-nightly +# cancel-in-progress: true + +env: + REGISTRY: ghcr.io + IMAGE_NAME: ${{ github.repository }} jobs: Nightly-Image-Build: - name: Nightly-Image-${{ matrix.arch }}-PHP${{ matrix.php-versions }} + name: Nightly-Image runs-on: ubuntu-latest - - strategy: - matrix: - php-versions: ['7.4'] - arch: ['x64', 'aarch64'] + permissions: + contents: read + packages: write steps: - name: "Checkout code" uses: actions/checkout@v4 with: fetch-depth: 0 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 - - name: "Build Nightly Image" - run: | - echo "Publish each updated content to the nightly mirror, package and fix errors in time." \ No newline at end of file + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Log into registry ${{ env.REGISTRY }} + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Extract Docker metadata + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + tags: | + type=raw,value=nightly,enable=true + + + - name: Build and push + uses: docker/build-push-action@v5 + with: + context: . + platforms: linux/amd64,linux/arm64 + push: ${{ github.event_name != 'pull_request' }} + provenance: false + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=gha + cache-to: type=gha,mode=max + \ No newline at end of file diff --git a/.github/workflows/Test-Build.yml b/.github/workflows/Test-Build.yml index 1eb2dd21da..b7b4f8d72c 100644 --- a/.github/workflows/Test-Build.yml +++ b/.github/workflows/Test-Build.yml @@ -15,6 +15,10 @@ on: workflow_dispatch: +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + jobs: Test-phpunit: name: PHPUNIT (PHP-${{ matrix.php-versions }} && DB-${{ matrix.database }}) diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000000..4719fdf804 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,58 @@ +# FROM php:fpm-alpine +FROM php:7.4.33-fpm-alpine + +WORKDIR "/usr/local/share/cypht" + +COPY .github/docker/nginx.conf /etc/nginx/nginx.conf +COPY .github/docker/supervisord.conf /etc/supervisord.conf +COPY .github/docker/docker-entrypoint.sh /usr/local/bin/ +COPY .github/docker/cypht_setup_database.php /tmp/ + +COPY config/ config/ +COPY language/ language/ +COPY lib/ lib/ +COPY modules/ modules/ +COPY scripts/ scripts/ +COPY third_party/ third_party/ +COPY index.php index.php +COPY composer.json composer.json +COPY composer.lock composer.lock +COPY .env.example .env + +RUN set -e \ + rm -rf /var/www \ + && apk add --no-cache \ + bash \ + nginx \ + composer \ + supervisor \ + sqlite \ + # GD + freetype libpng libjpeg-turbo \ + php-session php-fileinfo php-dom php-xml libxml2-dev php-xmlwriter php-tokenizer \ + && apk add --no-cache --virtual .build-deps \ + wget \ + # For GD (2fa module) + libpng-dev libjpeg-turbo-dev freetype-dev \ + && docker-php-ext-configure gd --with-freetype=/usr/include/ --with-jpeg=/usr/include/ \ + && docker-php-ext-install gd pdo_mysql \ + && apk del .build-deps \ + && find . -type d -print | xargs chmod 755 \ + && find . -type f -print | xargs chmod 644 \ + && chown -R root:root ./ \ + && composer update \ + && composer install \ + && echo "post_max_size = 60M" >> /usr/local/etc/php/php.ini \ + && echo "upload_max_filesize = 50M" >> /usr/local/etc/php/php.ini + +RUN set -e \ + ln -sf /dev/stdout /var/log/nginx/access.log \ + && ln -sf /dev/stderr /var/log/nginx/error.log \ + && chmod 700 /tmp/cypht_setup_database.php \ + && chmod +x /usr/local/bin/docker-entrypoint.sh + +WORKDIR "/var/www" + +EXPOSE 80 + +ENTRYPOINT ["docker-entrypoint.sh"] \ No newline at end of file