diff --git a/.devcontainer/.gitignore b/.devcontainer/.gitignore index 2eea525..4c49bd7 100644 --- a/.devcontainer/.gitignore +++ b/.devcontainer/.gitignore @@ -1 +1 @@ -.env \ No newline at end of file +.env diff --git a/.devcontainer/.vscode/launch.json b/.devcontainer/.vscode/launch.json index c39b4eb..8166a78 100644 --- a/.devcontainer/.vscode/launch.json +++ b/.devcontainer/.vscode/launch.json @@ -1,14 +1,14 @@ { // Use IntelliSense to learn about possible attributes. // Hover to view descriptions of existing attributes. // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387 "version": "0.2.0", "configurations": [ { "name": "Listen for Xdebug", "type": "php", "request": "launch", - "port": 9001 + "port": 9003 }, ] -} \ No newline at end of file +} diff --git a/.devcontainer/application/config/aphlict.phorge.json b/.devcontainer/application/config/aphlict.phorge.json index 1abb2e4..24bfe08 100644 --- a/.devcontainer/application/config/aphlict.phorge.json +++ b/.devcontainer/application/config/aphlict.phorge.json @@ -1,13 +1,13 @@ [{ "type": "client", "host": "phorge.localhost", "port": 22280, "protocol": "http" }, { "type": "admin", "host": "127.0.0.1", "port": 22281, "protocol": "http" } -] \ No newline at end of file +] diff --git a/.devcontainer/application/config/aphlict.sv.conf b/.devcontainer/application/config/aphlict.sv.conf index 9dc7635..a3005dc 100644 --- a/.devcontainer/application/config/aphlict.sv.conf +++ b/.devcontainer/application/config/aphlict.sv.conf @@ -1,3 +1,3 @@ [program:aphlict] command=/srv/phorge/phorge/bin/aphlict debug --config /srv/phorge/phorge/conf/aphlict/aphlict.default.json -user=phorge-daemon \ No newline at end of file +user=phorge-daemon diff --git a/.devcontainer/application/config/nginx.conf.org b/.devcontainer/application/config/nginx.conf.org index 3c64fc7..bd81238 100644 --- a/.devcontainer/application/config/nginx.conf.org +++ b/.devcontainer/application/config/nginx.conf.org @@ -1,45 +1,44 @@ worker_processes 1; daemon off; pid /run/nginx.pid; events { worker_connections 1024; use epoll; } http { include mime.types; default_type application/octet-stream; sendfile on; keepalive_timeout 65; gzip on; client_max_body_size 200M; client_body_buffer_size 200M; server { listen *:80; access_log /var/log/nginx/access.log; error_log /var/log/nginx/access.log; root /srv/phorge/phorge/webroot; try_files $uri $uri/ /index.php; location / { index index.php; if ( !-f $request_filename ) { rewrite ^/(.*)$ /index.php?__path__=/$1 last; break; } } location /index.php { include /etc/nginx/fastcgi.conf; fastcgi_param PATH "/usr/local/bin:/usr/bin:/sbin:/usr/sbin:/bin:/usr/games"; fastcgi_pass unix:/tmp/php-fpm-phorge.sock; } } } - diff --git a/.devcontainer/application/config/nginx.sv.conf b/.devcontainer/application/config/nginx.sv.conf index 9c664a7..dfa1572 100644 --- a/.devcontainer/application/config/nginx.sv.conf +++ b/.devcontainer/application/config/nginx.sv.conf @@ -1,2 +1,2 @@ [program:nginx] -command=nginx \ No newline at end of file +command=nginx diff --git a/.devcontainer/application/config/phorge-sshd.sv.conf b/.devcontainer/application/config/phorge-sshd.sv.conf index ede0546..c7f5a8c 100644 --- a/.devcontainer/application/config/phorge-sshd.sv.conf +++ b/.devcontainer/application/config/phorge-sshd.sv.conf @@ -1,2 +1,2 @@ [program:phorge-sshd] -command=/usr/sbin/sshd -D -f /etc/phorge-ssh/sshd_config.phorge \ No newline at end of file +command=/usr/sbin/sshd -D -f /etc/phorge-ssh/sshd_config.phorge diff --git a/.devcontainer/application/config/php.ini b/.devcontainer/application/config/php.ini index 7a663b0..340dfa7 100644 --- a/.devcontainer/application/config/php.ini +++ b/.devcontainer/application/config/php.ini @@ -1,196 +1,190 @@ [PHP] engine = On short_open_tag = Off asp_tags = Off precision = 14 y2k_compliance = On output_buffering = 4096 zlib.output_compression = Off unserialize_callback_func = serialize_precision = 17 allow_call_time_pass_reference = Off safe_mode = Off safe_mode_gid = Off safe_mode_include_dir = safe_mode_exec_dir = safe_mode_allowed_env_vars = PHP_ safe_mode_protected_env_vars = LD_LIBRARY_PATH disable_functions = disable_classes = zend.enable_gc = On expose_php = On max_input_time = 60 memory_limit = 4G error_reporting = E_ALL & ~E_DEPRECATED display_errors = On display_startup_errors = Off log_errors = On log_errors_max_len = 1024 ignore_repeated_errors = Off ignore_repeated_source = Off report_memleaks = On track_errors = Off error_log = /tmp/php_errors.log variables_order = "GPCS" request_order = "GP" register_globals = Off register_long_arrays = Off auto_globals_jit = On post_max_size = 4G magic_quotes_gpc = Off magic_quotes_runtime = Off magic_quotes_sybase = Off auto_prepend_file = auto_append_file = default_mimetype = "text/html" include_path = ".:/usr/share/php7:/usr/share/php7/PEAR:/srv/phorge/PHPExcel/Classes" doc_root = user_dir = enable_dl = Off file_uploads = On upload_max_filesize = 4G max_file_uploads = 20 allow_url_fopen = On allow_url_include = Off default_socket_timeout = 60 opcache.validate_timestamps = On opcache.revalidate_freq = 0 -xdebug.remote_enable=1 -xdebug.remote_autostart=1 -xdebug.remote_port="9001" -xdebug.profiler_enable=0 -xdebug.profiler_output_dir="/tmp" -xdebug.max_nesting_level=1000 -xdebug.idekey = "PHPSTORM" +xdebug.mode=debug +xdebug.start_with_request=true [Date] date.timezone = 'UTC' [filter] [iconv] [intl] [sqlite] [sqlite3] [Pcre] [Pdo] [Pdo_mysql] pdo_mysql.cache_size = 2000 pdo_mysql.default_socket= [Phar] [Syslog] define_syslog_variables = Off [mail function] SMTP = localhost smtp_port = 25 mail.add_x_header = On [SQL] sql.safe_mode = Off [ODBC] odbc.allow_persistent = On odbc.check_persistent = On odbc.max_persistent = -1 odbc.max_links = -1 odbc.defaultlrl = 4096 odbc.defaultbinmode = 1 [Interbase] ibase.allow_persistent = 1 ibase.max_persistent = -1 ibase.max_links = -1 ibase.timestampformat = "%Y-%m-%d %H:%M:%S" ibase.dateformat = "%Y-%m-%d" ibase.timeformat = "%H:%M:%S" [MySQL] mysql.allow_local_infile = On mysql.allow_persistent = Off mysql.cache_size = 2000 mysql.max_persistent = -1 mysql.max_links = -1 mysql.default_port = mysql.default_socket = mysql.default_host = mysql.default_user = mysql.default_password = mysql.connect_timeout = 3 mysql.trace_mode = Off [MySQLi] mysqli.max_persistent = -1 mysqli.allow_persistent = Off mysqli.max_links = -1 mysqli.cache_size = 2000 mysqli.default_port = 3306 mysqli.default_socket = mysqli.default_host = mysqli.default_user = mysqli.default_pw = mysqli.reconnect = Off [mysqlnd] mysqlnd.collect_statistics = On mysqlnd.collect_memory_statistics = Off [OCI8] [PostgreSQL] pgsql.allow_persistent = On pgsql.auto_reset_persistent = Off pgsql.max_persistent = -1 pgsql.max_links = -1 pgsql.ignore_notice = 0 pgsql.log_notice = 0 [Sybase-CT] sybct.allow_persistent = On sybct.max_persistent = -1 sybct.max_links = -1 sybct.min_server_severity = 10 sybct.min_client_severity = 10 [bcmath] bcmath.scale = 0 [browscap] [Session] session.save_handler = files session.save_path = "/var/lib/php5" session.use_cookies = 1 session.use_only_cookies = 1 session.name = PHPSESSID session.auto_start = 0 session.cookie_lifetime = 0 session.cookie_path = / session.cookie_domain = session.cookie_httponly = session.serialize_handler = php session.gc_probability = 1 session.gc_divisor = 1000 session.gc_maxlifetime = 1440 session.bug_compat_42 = Off session.bug_compat_warn = Off session.referer_check = session.entropy_length = 32 session.entropy_file = /dev/urandom session.cache_limiter = nocache session.cache_expire = 180 session.use_trans_sid = 0 session.hash_function = sha256 session.hash_bits_per_character = 5 url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" [MSSQL] mssql.allow_persistent = On mssql.max_persistent = -1 mssql.max_links = -1 mssql.min_error_severity = 10 mssql.min_message_severity = 10 mssql.compatability_mode = Off mssql.secure_connection = Off [Assertion] [COM] [mbstring] [gd] [exif] [Tidy] tidy.clean_output = Off [soap] soap.wsdl_cache_enabled=1 soap.wsdl_cache_dir="/tmp" soap.wsdl_cache_ttl=86400 soap.wsdl_cache_limit = 5 [sysvshm] [ldap] ldap.max_links = -1 [mcrypt] [dba] [xsl] - diff --git a/.devcontainer/application/config/sshd_config.phorge b/.devcontainer/application/config/sshd_config.phorge index e397c37..6477458 100644 --- a/.devcontainer/application/config/sshd_config.phorge +++ b/.devcontainer/application/config/sshd_config.phorge @@ -1,24 +1,23 @@ # NOTE: You must have OpenSSHD 6.2 or newer; support for AuthorizedKeysCommand # was added in this version. # NOTE: Edit these to the correct values for your setup. AuthorizedKeysCommand /etc/phorge-ssh/phorge-ssh-hook.sh AuthorizedKeysCommandUser git AllowUsers git # You may need to tweak these options, but mostly they just turn off everything # dangerous. Port 2222 Protocol 2 PermitRootLogin no AllowAgentForwarding no AllowTcpForwarding no PrintMotd no PrintLastLog no PasswordAuthentication no AuthorizedKeysFile none PidFile /run/sshd-phorge.pid - diff --git a/.devcontainer/application/config/supervisord.conf b/.devcontainer/application/config/supervisord.conf index 49500f1..180e8ec 100644 --- a/.devcontainer/application/config/supervisord.conf +++ b/.devcontainer/application/config/supervisord.conf @@ -1,29 +1,29 @@ ; supervisor config file [unix_http_server] file=/var/run/supervisor.sock ; (the path to the socket file) chmod=0700 ; sockef file mode (default 0700) [supervisord] nodaemon=true logfile=/var/log/supervisor/supervisord.log ; (main log file;default $CWD/supervisord.log) pidfile=/var/run/supervisord.pid ; (supervisord pidfile;default supervisord.pid) childlogdir=/var/log/supervisor ; ('AUTO' child log dir, default $TEMP) ; the below section must remain in the config file for RPC ; (supervisorctl/web interface) to work, additional interfaces may be ; added by defining them in separate rpcinterface: sections [rpcinterface:supervisor] supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface [supervisorctl] serverurl=unix:///var/run/supervisor.sock ; use a unix:// URL for a unix socket ; The [include] section can just contain the "files" setting. This ; setting can list multiple files (separated by whitespace or ; newlines). It can also contain wildcards. The filenames are ; interpreted as relative to this file. Included files *cannot* ; include files themselves. [include] -files = /etc/supervisor/conf.d/*.conf \ No newline at end of file +files = /etc/supervisor/conf.d/*.conf diff --git a/.devcontainer/application/install_scripts/add_users.sh b/.devcontainer/application/install_scripts/add_users.sh index 5fa3685..cb92425 100644 --- a/.devcontainer/application/install_scripts/add_users.sh +++ b/.devcontainer/application/install_scripts/add_users.sh @@ -1,20 +1,20 @@ #!/bin/bash # Add users echo "git:x:2000:2000:user for phorge ssh:/srv/phorge:/bin/bash" >> /etc/passwd echo "phorge-daemon:x:2001:2000:user for phorge daemons:/srv/phorge:/bin/bash" >> /etc/passwd echo "wwwgrp-phorge:!:2000:nginx" >> /etc/group usermod -p NP git # Add repo directory mkdir -p /var/repo/ chown phorge-daemon:2000 /var/repo/ mkdir -p /var/tmp/phd/pid chmod 0777 /var/tmp/phd/pid # Add git to sudoers echo "git ALL=(phorge-daemon) SETENV: NOPASSWD: /usr/bin/git-upload-pack, /usr/bin/git-receive-pack, /usr/bin/git, /usr/lib/git-core/git-http-backend" > /etc/sudoers.d/git -echo 'export PATH="/srv/phorge/arcanist/bin:$PATH"' >> /root/.bashrc +echo 'export PATH="/srv/phorge/arcanist/bin:$PATH"' >> /root/.bashrc echo 'export PATH="/srv/phorge/phorge/bin:$PATH"' >> /root/.bashrc diff --git a/.devcontainer/application/setup.php b/.devcontainer/application/setup.php new file mode 100644 index 0000000..c1686ef --- /dev/null +++ b/.devcontainer/application/setup.php @@ -0,0 +1,65 @@ +#!/usr/bin/env php +setViewer(PhabricatorUser::getOmnipotentUser()) + ->withIDs(array(1)) + ->executeOne(); + +if ($config) { + echo phutil_console_wrap("User/Password Auth Provider already configured\n"); + return; +} + +$password1 = new PhutilOpaqueEnvelope('hunter2'); + +$config = id(new PhabricatorAuthProviderConfig()) + ->setIsEnabled(1) + ->setShouldAllowLogin(1) + ->setShouldAllowRegistration(true) + ->setShouldAllowLink(1) + ->setShouldAllowUnlink(true) + ->setProviderType('password') + ->setProviderDomain('self') + ->setProviderClass('PhabricatorPasswordAuthProvider') + ->save(); + +$user = new PhabricatorUser(); +$user->setUsername('admin'); +$user->setRealName('admin'); + +$email = id(new PhabricatorUserEmail()) + ->setAddress('admin@example.com') + ->setIsVerified(1); + +$user->setIsApproved(1); + +id(new PhabricatorUserEditor()) + ->setActor(PhabricatorUser::getOmnipotentUser()) + ->createNewUser($user, $email); + +$xactions = array(); +$xactions[] = id(new PhabricatorUserTransaction()) + ->setTransactionType( + PhabricatorUserEmpowerTransaction::TRANSACTIONTYPE) + ->setNewValue(true); + +$source = id(new PhabricatorUnknownContentSource()); +$actor = PhabricatorUser::getOmnipotentUser(); +$people_application_phid = id(new PhabricatorPeopleApplication()) + ->getPHID(); + +$editor = id(new PhabricatorUserTransactionEditor()) + ->setActor($actor) + ->setContentSource($source) + ->setActingAsPHID($people_application_phid) + ->setContinueOnMissingFields(true); + +$editor->applyTransactions($user, $xactions); + +$pass = PhabricatorAuthPassword::initializeNewPassword($user, PhabricatorAuthPassword::PASSWORD_TYPE_ACCOUNT) + ->setPassword($password1, $user) + ->save(); diff --git a/.devcontainer/application/startup.sh b/.devcontainer/application/startup.sh index d145399..2beed01 100755 --- a/.devcontainer/application/startup.sh +++ b/.devcontainer/application/startup.sh @@ -1,58 +1,57 @@ - #!/bin/bash set -x echo "Waiting for mysql" until mysql -h"$SQL_HOST" -P"$SQL_PORT" -u"$SQL_USER" -p"$SQL_PASSWORD" &> /dev/null do printf "." sleep 1 done echo -e "\nmysql ready" pushd /srv/phorge/phorge ./bin/config set mysql.host $SQL_HOST ./bin/config set mysql.port $SQL_PORT ./bin/config set mysql.user $SQL_USER ./bin/config set mysql.pass $SQL_PASSWORD ./bin/config set phabricator.base-uri $BASE_URI ./bin/config set phd.user phorge-daemon ./bin/config set diffusion.ssh-user git ./bin/config set diffusion.ssh-port 2222 ./bin/config set diffusion.allow-http-auth true ./bin/config set phabricator.developer-mode true ./bin/config set phabricator.show-prototypes true ./bin/config set darkconsole.enabled true ./bin/config set storage.mysql-engine.max-size 268435456 ./bin/config set pygments.enabled true ./bin/config set environment.append-paths '["/usr/lib/git-core"]' ./bin/config set notification.servers --stdin < /install_scripts/aphlict.phorge.json echo '["/srv/phorge/deepclone/src"]' | ./bin/config set load-libraries --stdin if [ -e /user-config/script.post ]; then echo "Applying post-configuration script..." /user-config/script.post fi popd pushd /srv/phorge/phorge/support/aphlict/server npm ci popd find /srv/phorge/deepclone cp /etc/nginx/nginx.conf.org /etc/nginx/nginx.conf /srv/phorge/phorge/bin/storage upgrade --force diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index 549780d..c2f3955 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -1,25 +1,29 @@ // For format details, see https://aka.ms/devcontainer.json. For config options, see the README at: // https://github.com/microsoft/vscode-dev-containers/tree/v0.183.0/containers/docker-existing-docker-compose { "name": "Phorge Dev", // Update the 'dockerComposeFile' list if you have more compose files or use different names. // The .devcontainer/docker-compose.yml file contains any overrides you need/want to make. "dockerComposeFile": [ "docker-compose.yml" ], // The 'service' property is the name of the service for the container that VS Code should // use. Update this value and .devcontainer/docker-compose.yml to the real service name. "service": "app", // The optional 'workspaceFolder' property is the path VS Code should open by default when // connected. This is typically a file mount in .devcontainer/docker-compose.yml "workspaceFolder": "/srv/phorge", // Add the IDs of extensions you want installed when the container is created. - "extensions": [ - "bmewburn.vscode-intelephense-client", - "felixfbecker.php-debug" - ] + "customizations": { + "vscode": { + "extensions": [ + "bmewburn.vscode-intelephense-client", + "xdebug.php-debug" + ] + } + } } diff --git a/.devcontainer/docker-compose.yml b/.devcontainer/docker-compose.yml index 565e847..b989fcc 100644 --- a/.devcontainer/docker-compose.yml +++ b/.devcontainer/docker-compose.yml @@ -1,24 +1,25 @@ version: "3.9" services: db: image: mariadb restart: always volumes: - ./mysql:/etc/mysql/conf.d:ro environment: MYSQL_ROOT_PASSWORD: phorge-dev app: build: ./application ports: - "${PHORGE_WEB_PORT:-80}:80" - "${PHORGE_SSH_PORT:-22280}:22280" environment: SQL_HOST: db SQL_PORT: 3306 SQL_USER: root SQL_PASSWORD: phorge-dev BASE_URI: "${PHORGE_BASE_URI:-http://phorge.localhost/}" volumes: - "./.vscode:/srv/phorge/.vscode" - "..:/srv/phorge/deepclone" - "./application/startup.sh:/startup.sh" + - "./application/setup.php:/srv/phorge/phorge/setup.php" diff --git a/.devcontainer/mysql/custom.cnf b/.devcontainer/mysql/custom.cnf index d9d4abe..e716fac 100644 --- a/.devcontainer/mysql/custom.cnf +++ b/.devcontainer/mysql/custom.cnf @@ -1,5 +1,5 @@ [mysqld] sql_mode=STRICT_ALL_TABLES max_allowed_packet=33554432 innodb_buffer_pool_size=1600M -local_infile=0 \ No newline at end of file +local_infile=0