Well, I’m discovering
I can Have a new tab
I Have a checkbox for AllowUrlfOpen
I’m fighting against a dropdown menu
To be continued
Well, I’m discovering
I can Have a new tab
I Have a checkbox for AllowUrlfOpen
I’m fighting against a dropdown menu
To be continued
Ahaha your’re my favorite fighter Steph! Hope you win your battle against NethGui
I’m rooting for you
If you need, just write down what you want to achieve and I will provide you a code snippet as a starting point.
Thats not fair…it is a good training…once achieved you will review and comment my work.
I won the battle of the dropdown menu
Maybe I will need a hand for the validators, I need to use php and nethgui framework, but I know none of them.
Continuing the discussion from Today I’m working on NethServer:
Hi @stephdl! I read your pull request on GitHub and want to thank you for you work!
Before going any further I propose to merge the two “Web” tabs together: having two “Web” tabs sounds a bit confusing to me. This is the current Web access
tab:
The “Allow .htaccess” and “Force SSL” checkboxes could be added under “Protect by password”, and the PHP options, inserted into a collapsable “Advanced PHP settings” section.
Folks, what do you think?
I Thought about that, but the only ‘cons’ I had is that you will have a menu where you must scroll down if you want to activate some settings. Of course it only depends of the size of your screens…On my TV all is fine
@stephdl what do you think if we put this parameters into the core, so directly into web access panel?
All other Web Settings could be moved into a new modules for nethforge, called for example nethserver-websettings
Could it works for you?
I prefer one tab for web access.
Also, the various adjustable parameters are in two different classes:
So, I’d keep them clearly separate. I see two options:
@filippo_carletti The option 2 is quite good for me, one tab for specific http settings, another for php settings. That’s Kiss.
@alefattorini All can be done concerning a module for that, but I modified some core rpm so it needs to be integrated or designed again.
Hi Folks, you are awesome!
I’m just working today on a ibay configuration for hosting a web application in PHP (also if I like pyhton ) and I stumbled across the problem indicated by @davidep
And I found this good topic. I’m lucky…
I agree with this: two separate tab in the future could remain useful to implement other specific tabs for web applications written in languages different from PHP (I’ve said that I like Python? )
Just one thing at the end: I haven’t seen in the implementation of @stephdl the capability to set the write permission for apache user over the directory. Could it be made via web interface or do you think that it should be a security weakness if made on the whole ibay and it could be made via command line?
Anyway, a useful improvement. Compliments!
You’re right guys, so I like adding SSL and .htaccess to “Web access” tab and keeping PHP (and any other language) options on a separate tab.
This is an important point: now read permissions for apache
are set with POSIX ACLs. The Reset permissions
button clears any ACL that is not from the “ACL” tab and /etc/e-smith/templates/ibays/system-acls/
template. The responsible for this task is action nethserver-ibays-set-permissions
.
If admin sets special ACLs on a specific subdirectory, to grant rw
access to apache
could we assume he is smart enough to not press Reset permission
button and wipe them out? If you feel NO
is the answer, we need to maintain a special subdirectory whitelist.
It should not be too hard to implement a rule in nethserver-ibays-set-permissions
that skips setfacl
on any directory in the whitelist.
Of course, I’ll take care of the core package: the need for “Force SSL” was already solicited in the past and is partially implemented in nethserver-httpd
.
If @stephdl agrees, he could bundle the PHP settings tab into a separate package… Stéphane, is it ok for you?
Well I’m facing the murphy’s laws these last days, so my free time is unfortunately limited…welcome in the real life
@etino could you write a draft of your needs with python and apache, I do not know at all about python, but I do know about templates and SME/NETH(a bit less) internal workings. So for my personal culture I would be interested by what you are looking for.
@davidep could you add what the ssl redirection is missing, I’m still curious
At the moment I haven’t studied in depth a well organized implementation of a python webpp using Nethserver ibays. I’ve installed a Flask python app on an ibay just for filesystem access convenience and then via ssh I run manually it using gunicorn
Probably Python will need less server parameter configuration than PHP becouse it can run on a virtuallized environment with his library and configuration.
I promised myself to better reorganize it on a more linear and clean manner, when done, if some interesting things should emerge, I will be happy to share it here.
@etino, if you want to see how we used gunicorn for a python webapp, look at the webvirtmgr software module. It also has an upstart job to run the service.
Well I turned a bit around the issue and I can not figured how I could modify the shared folder settings without providing some code to nethserver-httpd like I did in my first push-request Add {AllowUrlfOpen,MemoryLimit,UpMaxFileSize,PostMaxSize,MaxExecTime,… · stephdl/nethserver-httpd@f0f23e2 · GitHub
So I would know if you can accept some code in the shared folder templates and I will provide a panel (with a separate rpm) to modify the settings. All values will be turned to disabled, hidden and available only by the command line, except of course if you install the module which provide the panel
Hi @stephdl,
these days I’m really focused on 6.6 release and cannot start another front. I’m delaying this issue until 6.6 comes out, I hope it doesn’t hurt!
It seems everybody agrees to add The “force SSL” and “.htaccess” options in the current Web Settings tab: we can start from your code, of course.
Moreover, I’d add a way to grant the web app write permissions on specific subfolders. This must be consistent with the “Reset permissions” action.
Everything else should go into a separate RPM.
Ok we will see it after the release of ns6.6