nanopenguin/bachelor-thesis
Archived
1
0
Fork 0
Code Actions
This repository has been archived on 2025-09-29. You can view files and clone it, but cannot push or open issues or pull requests.
bachelor-thesis/webserver/insecure.patch
Benedikt Galbavy a14b7dc0df asdfgh
2025-05-20 00:43:52 +02:00

89 lines
2.8 KiB
Diff
Raw Permalink Blame History

diff --color -ruN hybrid/sandbox/docker-compose.yml insecure/sandbox/docker-compose.yml
--- hybrid/sandbox/docker-compose.yml 2025-05-18 15:04:00.800680098 +0200
+++ insecure/sandbox/docker-compose.yml 2025-05-19 13:21:23.282832190 +0200
@@ -16,7 +16,7 @@
- "postgres:172.18.0.1"
gitea:
- image: docker.gitea.com/gitea:latest
+ image: docker.gitea.com/gitea:1.16.6
container_name: gitea
environment:
- USER_UID=1000
@@ -27,6 +27,8 @@
- GITEA__database__USER=gitea
- GITEA__database__PASSWD=gitea
- GITEA__security__INSTALL_LOCK=true
+ - GITEA__server__ROOT_URL=https://gitea.vm.local/
+ - GITEA__migrations__ALLOW_LOCALNETWORKS=true
restart: unless-stopped
networks:
- internal
@@ -34,6 +36,8 @@
- ./gitea:/data
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
+ ports:
+ - 3000:3000
expose:
- 3000
- 22
diff --color -ruN hybrid/sandbox/playbook.yml insecure/sandbox/playbook.yml
--- hybrid/sandbox/playbook.yml 2025-05-17 15:34:46.781062066 +0200
+++ insecure/sandbox/playbook.yml 2025-05-18 20:20:58.296668091 +0200
@@ -7,6 +7,17 @@
default_container_image: hello-world
default_container_command: sleep 1
tasks:
+ - name: Add PostgreSQL APT repository key
+ apt_key:
+ url: https://www.postgresql.org/media/keys/ACCC4CF8.asc
+ state: present
+
+ - name: Add PostgreSQL APT repository
+ apt_repository:
+ repo: deb http://apt.postgresql.org/pub/repos/apt jammy-pgdg main
+ state: present
+ filename: 'pgdg'
+
- name: Install required system packages
apt:
pkg:
@@ -16,12 +27,17 @@
- software-properties-common
- virtualenv
- python3-psycopg2
- - postgresql
- acl
- bc
- sysstat
state: latest
update_cache: true
+
+ - name: Install PostgreSQL 9.6
+ apt:
+ name: postgresql-9.6
+ state: present
+ update_cache: yes
- name: Copy nginx conf
copy:
@@ -194,7 +210,7 @@
- name: Set PostgreSQL to listen on localhost and Docker bridge IP
become: yes
lineinfile:
- path: /etc/postgresql/14/main/postgresql.conf
+ path: /etc/postgresql/9.6/main/postgresql.conf
regexp: '^#?listen_addresses\s*='
line: "listen_addresses = 'localhost,172.18.0.1'"
notify: Restart PostgreSQL
@@ -202,7 +218,7 @@
- name: Allow connections from Docker subnet in pg_hba.conf
become: yes
lineinfile:
- path: /etc/postgresql/14/main/pg_hba.conf
+ path: /etc/postgresql/9.6/main/pg_hba.conf
line: 'host all all 172.18.0.0/16 md5'
create: yes
insertafter: EOF
View Git Blame Copy Permalink