Froxlor icon indicating copy to clipboard operation
Froxlor copied to clipboard

Published 20 hours ago verified publisher icon froxlor

[WIP] Disable default 'root' directive in nginx

Open patschi opened this issue 2 years ago • 1 comments

Description

These two rather simple changes solved two very specific use-cases for me. I had these two workarounds in place hard-coded, but I thought it might be beneficial and allowing more flexibility when implementing them in the UI for everyone.

image

I'm running a a forum system which needs the folder public/ to be set as the webroot, as it contains the public-facing PHP files there. However when setting webroot to /var/customers/webs/user/domain.tld/public/ the website fails as open_basedir uses the webroot path, blocking access to required PHP files one folder up.

Currently I have set webroot as /var/customers/webs/user/domain.tld/ in Froxlor and the default root directive disabled, and using root /var/customers/webs/user/domain.tld/public/ in the custom vhost configuration.

Type of change

Please delete options that are not relevant.

  • [ ] Bug fix (non-breaking change which fixes an issue)
  • [X] New feature (non-breaking change which adds functionality)
  • [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • [ ] This change requires a documentation update

How Has This Been Tested?

  • [X] Disabled both options on above screenshot and run cronjob, the automated root and location / {} blocks are not added.
  • [X] By default the values are enabled, not affecting existing installations.
  • [ ] Tested the update or installation of Froxlor with the new database changes (not selected on purpose)

Test Configuration:

  • Distribution: Ubuntu 20.04
  • Webserver: nginx
  • PHP: 8.0

Checklist:

  • [X] I have performed a self-review of my own code
  • [X] I have commented my code, particularly in hard-to-understand areas
  • [ ] I have made corresponding changes to the documentation
  • [X] My changes generate no new warnings
  • [ ] I have added tests that prove my fix is effective or that my feature works
  • [ ] New and existing unit tests pass locally with my changes

patschi avatar May 08 '22 19:05 patschi

Sounds rather like a way to use a "hack" to get around open_basedir in a weird way. I think the root-issue here is what is discussed here: https://github.com/Froxlor/Froxlor/issues/515

d00p avatar May 09 '22 06:05 d00p

froxlor-2.0 has the option to set the openbasedir to the parent-directory of the domain-documentroot, exactly what you've described

d00p avatar Nov 05 '22 08:11 d00p