Verified Commit bb353e42 authored by Jelle van der Waa's avatar Jelle van der Waa 🚧

Update bbs to PHP 8

Update fluxbb to the latest commit with PHP 8 compatibility, fix
permissions being to strict so http can't access it and rate limit
searching.
parent dde2bb8a
......@@ -4,4 +4,4 @@ fluxbb_dir: /srv/http/fluxbb
fluxbb_cookie_name: flux_cookie_eezohm0o
fluxbb_funnyquestion_hash: aixuGahCh4eng3bu
fluxbb_version: 3e9fba035f2273c70ed2d4a609cc9ecbdc820116
fluxbb_version: 8d95fbd95b82dd0a996603cc28f79b36b8e54253
......@@ -6,12 +6,12 @@
- name: clone fluxbb
git:
repo: https://git.archlinux.org/vhosts/bbs.archlinux.org.git/
repo: https://gitlab.archlinux.org/archlinux/archbbs.git
dest: "{{ fluxbb_dir }}"
version: "{{ fluxbb_version }}"
- name: fix home permissions
file: state=directory owner=fluxbb group=fluxbb mode=0750 recurse=yes path="{{ fluxbb_dir }}"
file: state=directory owner=fluxbb group=fluxbb mode=0755 path="{{ fluxbb_dir }}"
changed_when: false
- name: create uploads directory
......
......@@ -17,6 +17,7 @@ server {
# limit to 1 requests per minute, with a burst defined when we use this
# limiter in the location directive below
limit_req_zone $binary_remote_addr zone=rsslimit:8m rate=1r/m;
limit_req_zone $binary_remote_addr zone=searchlimit:10m rate=1r/s;
limit_req_status 429;
server {
......@@ -37,6 +38,15 @@ server {
deny all;
}
location = /search.php {
limit_req zone=searchlimit burst=10;
fastcgi_pass unix:/run/php-fpm/fluxbb.socket;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param HTTPS on;
include fastcgi_params;
}
location ~ /extern\.php {
limit_req zone=rsslimit burst=10 nodelay;
fastcgi_pass unix:/run/php-fpm/fluxbb.socket;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment