Create a new sharedFolder UI plugin for WEB Settings

Well, I’m discovering :smile:
I can Have a new tab
I Have a checkbox for AllowUrlfOpen
I’m fighting against a dropdown menu :smile:

To be continued

2 Likes

Ahaha your’re my favorite fighter Steph! Hope you win your battle against NethGui :wink:

I’m rooting for you :wink:

If you need, just write down what you want to achieve and I will provide you a code snippet as a starting point.

Thats not fair…it is a good training…once achieved you will review and comment my work.

I won the battle of the dropdown menu

5 Likes

Maybe I will need a hand for the validators, I need to use php and nethgui framework, but I know none of them.

1 Like

Continuing the discussion from Today I’m working on NethServer:

Hi @stephdl! I read your pull request on GitHub and want to thank you for you work!

Before going any further I propose to merge the two “Web” tabs together: having two “Web” tabs sounds a bit confusing to me. This is the current Web access tab:

The “Allow .htaccess” and “Force SSL” checkboxes could be added under “Protect by password”, and the PHP options, inserted into a collapsable “Advanced PHP settings” section.

Folks, what do you think?

2 Likes

I Thought about that, but the only ‘cons’ I had is that you will have a menu where you must scroll down if you want to activate some settings. Of course it only depends of the size of your screens…On my TV all is fine :stuck_out_tongue:

@stephdl what do you think if we put this parameters into the core, so directly into web access panel?

  • force SSL option"
  • enable .htaccess

All other Web Settings could be moved into a new modules for nethforge, called for example nethserver-websettings
Could it works for you?

I prefer one tab for web access.
Also, the various adjustable parameters are in two different classes:

  1. SSL and htaccess are features of the i-bay
  2. all PHP vars adjust an app behaviour

So, I’d keep them clearly separate. I see two options:

  1. move php to a section called Advanced or PHP in the Web access tab
  2. add SSL and htaccess to web access and add a PHP tab
1 Like

@filippo_carletti The option 2 is quite good for me, one tab for specific http settings, another for php settings. That’s Kiss.

@alefattorini All can be done concerning a module for that, but I modified some core rpm so it needs to be integrated or designed again.

@davidep could you help steph to do this?

Hi Folks, you are awesome! :smile:

I’m just working today on a ibay configuration for hosting a web application in PHP (also if I like pyhton :stuck_out_tongue: ) and I stumbled across the problem indicated by @davidep

And I found this good topic. I’m lucky…

I agree with this: two separate tab in the future could remain useful to implement other specific tabs for web applications written in languages different from PHP (I’ve said that I like Python? :wink:)

Just one thing at the end: I haven’t seen in the implementation of @stephdl the capability to set the write permission for apache user over the directory. Could it be made via web interface or do you think that it should be a security weakness if made on the whole ibay and it could be made via command line?

Anyway, a useful improvement. Compliments!

2 Likes

You’re right guys, so I like adding SSL and .htaccess to “Web access” tab and keeping PHP (and any other language) options on a separate tab.

This is an important point: now read permissions for apache are set with POSIX ACLs. The Reset permissions button clears any ACL that is not from the “ACL” tab and /etc/e-smith/templates/ibays/system-acls/ template. The responsible for this task is action nethserver-ibays-set-permissions.

If admin sets special ACLs on a specific subdirectory, to grant rw access to apache could we assume he is smart enough to not press Reset permission button and wipe them out? :slight_smile: If you feel NO is the answer, we need to maintain a special subdirectory whitelist.

It should not be too hard to implement a rule in nethserver-ibays-set-permissions that skips setfacl on any directory in the whitelist.

Of course, I’ll take care of the core package: the need for “Force SSL” was already solicited in the past and is partially implemented in nethserver-httpd.

If @stephdl agrees, he could bundle the PHP settings tab into a separate package… Stéphane, is it ok for you?

2 Likes

Well I’m facing the murphy’s laws these last days, so my free time is unfortunately limited…welcome in the real life :smile:

@etino could you write a draft of your needs with python and apache, I do not know at all about python, but I do know about templates and SME/NETH(a bit less) internal workings. So for my personal culture I would be interested by what you are looking for.

@davidep could you add what the ssl redirection is missing, I’m still curious :smile:

1 Like

At the moment I haven’t studied in depth a well organized implementation of a python webpp using Nethserver ibays. I’ve installed a Flask python app on an ibay just for filesystem access convenience and then via ssh I run manually it using gunicorn

Probably Python will need less server parameter configuration than PHP becouse it can run on a virtuallized environment with his library and configuration.

I promised myself to better reorganize it on a more linear and clean manner, when done, if some interesting things should emerge, I will be happy to share it here.

@etino, if you want to see how we used gunicorn for a python webapp, look at the webvirtmgr software module. It also has an upstart job to run the service.

1 Like

Well I turned a bit around the issue and I can not figured how I could modify the shared folder settings without providing some code to nethserver-httpd like I did in my first push-request Add {AllowUrlfOpen,MemoryLimit,UpMaxFileSize,PostMaxSize,MaxExecTime,… · stephdl/nethserver-httpd@f0f23e2 · GitHub

So I would know if you can accept some code in the shared folder templates and I will provide a panel (with a separate rpm) to modify the settings. All values will be turned to disabled, hidden and available only by the command line, except of course if you install the module which provide the panel

Hi @stephdl,
these days I’m really focused on 6.6 release and cannot start another front. I’m delaying this issue until 6.6 comes out, I hope it doesn’t hurt!

It seems everybody agrees to add The “force SSL” and “.htaccess” options in the current Web Settings tab: we can start from your code, of course.

Moreover, I’d add a way to grant the web app write permissions on specific subfolders. This must be consistent with the “Reset permissions” action.

Everything else should go into a separate RPM.

1 Like

Ok we will see it after the release of ns6.6