From e54390b4301fd4d901c49d13ee5aabc19b7583f0 Mon Sep 17 00:00:00 2001 From: Pavaresorn Malai <61514399+Varkaria@users.noreply.github.com> Date: Sun, 27 Jun 2021 21:09:26 +0700 Subject: [PATCH 1/7] Create SECURITY.md --- SECURITY.md | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 SECURITY.md diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 00000000..034e8480 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,21 @@ +# Security Policy + +## Supported Versions + +Use this section to tell people about which versions of your project are +currently being supported with security updates. + +| Version | Supported | +| ------- | ------------------ | +| 5.1.x | :white_check_mark: | +| 5.0.x | :x: | +| 4.0.x | :white_check_mark: | +| < 4.0 | :x: | + +## Reporting a Vulnerability + +Use this section to tell people how to report a vulnerability. + +Tell them where to go, how often they can expect to get an update on a +reported vulnerability, what to expect if the vulnerability is accepted or +declined, etc. From 1ed40d62c491e4f8c1378d0e287687085b31cccb Mon Sep 17 00:00:00 2001 From: Pavaresorn Malai <61514399+Varkaria@users.noreply.github.com> Date: Thu, 8 Jul 2021 15:19:53 +0700 Subject: [PATCH 2/7] change: working nginx config (thanks lamp) --- ext/nginx.conf | 35 +++++++++++++++++------------------ 1 file changed, 17 insertions(+), 18 deletions(-) diff --git a/ext/nginx.conf b/ext/nginx.conf index f30aed76..9ebfcdeb 100644 --- a/ext/nginx.conf +++ b/ext/nginx.conf @@ -14,23 +14,22 @@ server { # ssl_certificate /etc/letsencrypt/live/varkaria.cyou/fullchain.pem; # ssl_certificate_key /etc/letsencrypt/live/varkaria.cyou/privkey.pem; - # This is where all the magic happens. - location / { - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header Host $http_host; - proxy_redirect off; - - # 8000 IS CURRENTLY THE DEFAULT ASSIGNED PORT WHEN RUNNING IN HYPERCORN (hypercorn main.py). - proxy_pass http://127.0.0.1:8000; - } + # gulag + location ~^/(?:web|api|users|ss|d|p|beatmaps|beatmapsets|community)/ { + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $http_host; + proxy_redirect off; + proxy_pass http://gulag; + } - # This is make for gulag api - location /api { - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header Host $http_host; - proxy_redirect off; - proxy_pass http://gulag; - } + # gulag-web + location / { + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $http_host; + proxy_redirect off; + # 8000 IS CURRENTLY THE DEFAULT ASSIGNED PORT WHEN RUNNING IN HYPERCORN (hypercorn main.py). + proxy_pass http://127.0.0.1:8000; + } } \ No newline at end of file From 37936fc26380703bf4c08e9908a920aecf72a5e3 Mon Sep 17 00:00:00 2001 From: Lamp Date: Mon, 26 Jul 2021 14:18:47 -0700 Subject: [PATCH 3/7] synchronize tweaks --- ext/nginx.conf | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/ext/nginx.conf b/ext/nginx.conf index 9ebfcdeb..e1fafd3e 100644 --- a/ext/nginx.conf +++ b/ext/nginx.conf @@ -15,7 +15,10 @@ server { # ssl_certificate_key /etc/letsencrypt/live/varkaria.cyou/privkey.pem; # gulag - location ~^/(?:web|api|users|ss|d|p|beatmaps|beatmapsets|community)/ { + location /home/account/edit { + return 301 https://$host/settings; + } + location ~^/(?:web|api|users|ss|d|p|beatmaps|beatmapsets|community) { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $http_host; @@ -32,4 +35,4 @@ server { # 8000 IS CURRENTLY THE DEFAULT ASSIGNED PORT WHEN RUNNING IN HYPERCORN (hypercorn main.py). proxy_pass http://127.0.0.1:8000; } -} \ No newline at end of file +} From f4af35cb5412b374ae1320c1f8d36d9adc50a61c Mon Sep 17 00:00:00 2001 From: Lamp Date: Mon, 26 Jul 2021 14:21:15 -0700 Subject: [PATCH 4/7] FIX INDENTING --- ext/nginx.conf | 52 +++++++++++++++++++++++++------------------------- 1 file changed, 26 insertions(+), 26 deletions(-) diff --git a/ext/nginx.conf b/ext/nginx.conf index e1fafd3e..358e038e 100644 --- a/ext/nginx.conf +++ b/ext/nginx.conf @@ -2,37 +2,37 @@ # You won't have to edit much of it other than domain name, and/or port if you change it. server { - listen 80; - # listen [::]:80; # Include this if you want IPv6 support! You wont usually need this but it's cool though. - # listen 443 ssl; # Include this if you want SSL support! You wont usually need this if you plan on proxying through CF. - # listen [::]:443; # Include this if you want IPv6 support! You wont usually need this but it's cool though. + listen 80; + # listen [::]:80; # Include this if you want IPv6 support! You wont usually need this but it's cool though. + # listen 443 ssl; # Include this if you want SSL support! You wont usually need this if you plan on proxying through CF. + # listen [::]:443; # Include this if you want IPv6 support! You wont usually need this but it's cool though. - # The domain or URL you want this to run guweb off of. - server_name web.example.com; + # The domain or URL you want this to run guweb off of. + server_name web.example.com; - # NOTE: You'll want to change these to your own SSL certificate if any. You wont usually need this if you plan on proxying through CF. - # ssl_certificate /etc/letsencrypt/live/varkaria.cyou/fullchain.pem; - # ssl_certificate_key /etc/letsencrypt/live/varkaria.cyou/privkey.pem; + # NOTE: You'll want to change these to your own SSL certificate if any. You wont usually need this if you plan on proxying through CF. + # ssl_certificate /etc/letsencrypt/live/varkaria.cyou/fullchain.pem; + # ssl_certificate_key /etc/letsencrypt/live/varkaria.cyou/privkey.pem; - # gulag + # gulag location /home/account/edit { - return 301 https://$host/settings; + return 301 https://$host/settings; } location ~^/(?:web|api|users|ss|d|p|beatmaps|beatmapsets|community) { - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header Host $http_host; - proxy_redirect off; - proxy_pass http://gulag; - } + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $http_host; + proxy_redirect off; + proxy_pass http://gulag; + } - # gulag-web - location / { - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header Host $http_host; - proxy_redirect off; - # 8000 IS CURRENTLY THE DEFAULT ASSIGNED PORT WHEN RUNNING IN HYPERCORN (hypercorn main.py). - proxy_pass http://127.0.0.1:8000; - } + # gulag-web + location / { + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $http_host; + proxy_redirect off; + # 8000 IS CURRENTLY THE DEFAULT ASSIGNED PORT WHEN RUNNING IN HYPERCORN (hypercorn main.py). + proxy_pass http://127.0.0.1:8000; + } } From a7b8b93b4f80b0c767fd4bf0809641bce47cfe98 Mon Sep 17 00:00:00 2001 From: Lamp Date: Mon, 26 Jul 2021 14:24:39 -0700 Subject: [PATCH 5/7] fix again wtf pls squash --- ext/nginx.conf | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ext/nginx.conf b/ext/nginx.conf index 358e038e..717daaff 100644 --- a/ext/nginx.conf +++ b/ext/nginx.conf @@ -16,11 +16,11 @@ server { # gulag location /home/account/edit { - return 301 https://$host/settings; + return 301 https://$host/settings; } location ~^/(?:web|api|users|ss|d|p|beatmaps|beatmapsets|community) { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $http_host; proxy_redirect off; proxy_pass http://gulag; @@ -29,7 +29,7 @@ server { # gulag-web location / { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $http_host; proxy_redirect off; # 8000 IS CURRENTLY THE DEFAULT ASSIGNED PORT WHEN RUNNING IN HYPERCORN (hypercorn main.py). From 876dc96254522f94cb23a76d35fd601373ecc69f Mon Sep 17 00:00:00 2001 From: gamerboy80 <68038215+gamerboy80@users.noreply.github.com> Date: Tue, 27 Jul 2021 00:03:06 -0700 Subject: [PATCH 6/7] =?UTF-8?q?=E2=9C=85=20based=20on=20gulag-web?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- main.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/main.py b/main.py index 69ee2596..34e6a369 100644 --- a/main.py +++ b/main.py @@ -79,4 +79,5 @@ async def page_not_found(e): return await render_template('404.html'), 404 os.chdir(os.path.dirname(os.path.realpath(__file__))) -app.run(debug=glob.config.debug) # blocking call +if __name__ == '__main__': + app.run(debug=glob.config.debug) # blocking call From 185644f5998c73a92215dc7bf4e6ef2a92a5c2bf Mon Sep 17 00:00:00 2001 From: Lamp Date: Wed, 28 Jul 2021 11:56:10 -0700 Subject: [PATCH 7/7] remove osu change avatar button redirect from nginx conf --- ext/nginx.conf | 3 --- 1 file changed, 3 deletions(-) diff --git a/ext/nginx.conf b/ext/nginx.conf index 717daaff..fdda276d 100644 --- a/ext/nginx.conf +++ b/ext/nginx.conf @@ -15,9 +15,6 @@ server { # ssl_certificate_key /etc/letsencrypt/live/varkaria.cyou/privkey.pem; # gulag - location /home/account/edit { - return 301 https://$host/settings; - } location ~^/(?:web|api|users|ss|d|p|beatmaps|beatmapsets|community) { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Real-IP $remote_addr;