Laudende Default seite entfernen
parent
5f3d76e7e8
commit
93ba754738
|
|
@ -32,12 +32,34 @@ mkdir -p /etc/mysql/mariadb.conf.d
|
|||
[[ -f /etc/mysql/mariadb.cnf ]] || echo '!include /etc/mysql/mariadb.conf.d/*.cnf' > /etc/mysql/mariadb.cnf
|
||||
|
||||
log "Redis absichern …"
|
||||
REDIS_CONF="/etc/redis/redis.conf"
|
||||
# Aktiven Redis-Config-Pfad aus systemd holen (Fallback: Standard)
|
||||
REDIS_CONF="$(systemctl show -p ExecStart redis-server \
|
||||
| sed -n 's/^ExecStart=.*redis-server[[:space:]]\+\([^[:space:]]\+\).*/\1/p')"
|
||||
REDIS_CONF="${REDIS_CONF:-/etc/redis/redis.conf}"
|
||||
|
||||
# Einmaliges, zufälliges Passwort (falls nicht von außen gesetzt)
|
||||
REDIS_PASS="${REDIS_PASS:-$(openssl rand -hex 16)}"
|
||||
sed -i 's/^\s*#\?\s*bind .*/bind 127.0.0.1/' "$REDIS_CONF"
|
||||
sed -i 's/^\s*#\?\s*protected-mode .*/protected-mode yes/' "$REDIS_CONF"
|
||||
grep -qE '^\s*#?\s*requirepass ' "$REDIS_CONF" \
|
||||
&& sed -i "s/^\s*#\?\s*requirepass .*/requirepass ${REDIS_PASS}/" "$REDIS_CONF" \
|
||||
|| printf "\nrequirepass %s\n" "${REDIS_PASS}" >> "$REDIS_CONF"
|
||||
|
||||
# Bind + protected-mode hart setzen
|
||||
sed -i 's/^[[:space:]]*#\?[[:space:]]*bind .*/bind 127.0.0.1/' "$REDIS_CONF"
|
||||
sed -i 's/^[[:space:]]*#\?[[:space:]]*protected-mode .*/protected-mode yes/' "$REDIS_CONF"
|
||||
|
||||
# Vorherige requirepass-Zeilen entfernen (kommentiert/unkommentiert), dann neu schreiben
|
||||
sed -i '/^[[:space:]]*#\?[[:space:]]*requirepass[[:space:]]\+/d' "$REDIS_CONF"
|
||||
printf '\nrequirepass %s\n' "${REDIS_PASS}" >> "$REDIS_CONF"
|
||||
|
||||
# Dienst aktivieren & neu starten
|
||||
systemctl enable --now redis-server
|
||||
systemctl restart redis-server || true
|
||||
systemctl restart redis-server || true
|
||||
|
||||
# Passwort für spätere Steps persistieren (damit 80-app.sh es hat)
|
||||
install -d -m 0755 /etc/mailwolt
|
||||
echo "REDIS_PASS=${REDIS_PASS}" > /etc/mailwolt/installer.env
|
||||
chmod 600 /etc/mailwolt/installer.env
|
||||
|
||||
# Sanity-Check (kein harter Exit, nur Log)
|
||||
if redis-cli -a "${REDIS_PASS}" ping 2>/dev/null | grep -q PONG; then
|
||||
log "Redis mit Passwort OK."
|
||||
else
|
||||
warn "Redis PING mit Passwort fehlgeschlagen – bitte /etc/redis/redis.conf prüfen."
|
||||
fi
|
||||
|
|
@ -53,6 +53,8 @@ else
|
|||
fi
|
||||
fi
|
||||
|
||||
[ -z "${REDIS_PASS:-}" ] && REDIS_PASS="$(awk '/^[[:space:]]*requirepass[[:space:]]+/ {print $2}' /etc/redis/redis.conf | tail -n1 || true)"
|
||||
|
||||
# --- .env schreiben (vollständig wie vorher) --------------------------------
|
||||
upsert_env APP_URL "${APP_URL_VAL}"
|
||||
upsert_env APP_HOST "${APP_HOST_VAL}"
|
||||
|
|
@ -102,7 +104,7 @@ upsert_env SESSION_SAMESITE "lax"
|
|||
upsert_env REDIS_CLIENT "phpredis"
|
||||
upsert_env REDIS_HOST "127.0.0.1"
|
||||
upsert_env REDIS_PORT "6379"
|
||||
upsert_env REDIS_PASSWORD "${REDIS_PASS:-}"
|
||||
upsert_env REDIS_PASSWORD "${REDIS_PASS}"
|
||||
upsert_env REDIS_DB "0"
|
||||
upsert_env REDIS_CACHE_DB "1"
|
||||
upsert_env REDIS_CACHE_CONNECTION "cache"
|
||||
|
|
|
|||
|
|
@ -1,5 +1,6 @@
|
|||
#!/usr/bin/env bash
|
||||
set -euo pipefail
|
||||
[ -f /etc/mailwolt/installer.env ] && . /etc/mailwolt/installer.env
|
||||
|
||||
# ── Styling ────────────────────────────────────────────────────────────────
|
||||
GREEN="$(printf '\033[1;32m')"; YELLOW="$(printf '\033[1;33m')"
|
||||
|
|
|
|||
Loading…
Reference in New Issue