diff --git a/adguardhome/Makefile b/adguardhome/Makefile index 6b71547e6..1aa19b921 100644 --- a/adguardhome/Makefile +++ b/adguardhome/Makefile @@ -6,11 +6,11 @@ include $(TOPDIR)/rules.mk PKG_NAME:=adguardhome -PKG_VERSION:=0.107.18 -PKG_RELEASE:=73 +PKG_VERSION:=0.107.19 +PKG_RELEASE:=74 PKG_SOURCE_PROTO:=git -PKG_SOURCE_VERSION:=67fe064fcfc5ead40d3d6b86ba67a418ee8386ab +PKG_SOURCE_VERSION:=03d9803238e73e7f7b6caeafc84e0eaa9530ace7 PKG_SOURCE_URL:=https://github.com/AdguardTeam/AdGuardHome PKG_MIRROR_HASH:=skip diff --git a/luci-app-unishare/Makefile b/luci-app-unishare/Makefile new file mode 100755 index 000000000..512f05622 --- /dev/null +++ b/luci-app-unishare/Makefile @@ -0,0 +1,13 @@ + +include $(TOPDIR)/rules.mk + +LUCI_TITLE:=LuCI for UniShare +LUCI_PKGARCH:=all +LUCI_DEPENDS:=+unishare +PKG_VERSION:=1.0.0-3 +PKG_RELEASE:= +PKG_MAINTAINER:=jjm2473 + +include $(TOPDIR)/feeds/luci/luci.mk + +# call BuildPackage - OpenWrt buildroot signature diff --git a/luci-app-unishare/luasrc/controller/unishare.lua b/luci-app-unishare/luasrc/controller/unishare.lua new file mode 100644 index 000000000..cc746b2fd --- /dev/null +++ b/luci-app-unishare/luasrc/controller/unishare.lua @@ -0,0 +1,13 @@ + +module("luci.controller.unishare", package.seeall) + +function index() + if not nixio.fs.access("/etc/config/unishare") then + return + end + + entry({"admin", "nas", "unishare"}, alias("admin", "nas", "unishare", "index"), _("UniShare"), 2).dependent = true + entry({"admin", "nas", "unishare", "index"}, cbi("unishare/index"), _("UniShare"), 1) + entry({"admin", "nas", "unishare", "users"}, cbi("unishare/users"), _("Users"), 2) + entry({"admin", "nas", "unishare", "share"}, cbi("unishare/share", {hideapplybtn=true})).leaf = true +end diff --git a/luci-app-unishare/luasrc/model/cbi/unishare/index.lua b/luci-app-unishare/luasrc/model/cbi/unishare/index.lua new file mode 100644 index 000000000..e6f788f23 --- /dev/null +++ b/luci-app-unishare/luasrc/model/cbi/unishare/index.lua @@ -0,0 +1,77 @@ + +m = Map("unishare", nil, translate("Configure multiple file sharing protocols in one page (Samba, WebDAV, maybe more in the future?)")) + +s = m:section(TypedSection, "global", translate("Global")) +s:tab("general", translate("General Setup")) +s:tab("webdav", translate("WebDAV")) +s.anonymous = true +s.addremove = false + +o = s:taboption("general", Flag, "enabled", translate("Enabled")) +o.default = 0 + +o = s:taboption("general", Flag, "anonymous", translate("Allow Anonymous")) +o.default = 0 + +o = s:taboption("webdav", Value, "webdav_port", translate("WebDAV Port")) +o.datatype = "port" + +s = m:section(TypedSection, "share", translate("Shares"), translate("(The user marked in Bold has write access)")) +s.anonymous = true +s.addremove = true +s.template = "cbi/tblsection" +s.extedit = luci.dispatcher.build_url("admin", "nas", "unishare", "share", "%s") +function s.create(...) + local sid = TypedSection.create(...) + luci.http.redirect(s.extedit % sid) +end + +path = s:option(Value, "path", translate("Path")) +path.datatype = "string" +path.rmempty = false +path.validate = function(self, value, section) + if value then + if value == "/" or string.match(value, "^/.+[^/]$") then + if value == "/" and (nil == name:formvalue(section) or "" == name:formvalue(section)) then + return nil, translate("Name cannot be empty when Path is /") + end + return value + else + return nil, translate("Path must starts with '/' and not ends with '/'") + end + end + return AbstractValue.validate(self, value, section) +end + +name = s:option(Value, "name", translate("Name")) +name.datatype = "string" +name.rmempty = true +name.validate = function(self, value, section) + if value and string.match(value, "[`&|;<>/\\*?$#]") then + return nil, translatef("Name must not contains '%s'", "`&|;<>/\\*?$#") + end + return AbstractValue.validate(self, value, section) +end + +local function uci2string(v, s) + if v == nil then + return "—" + end + if type(v) == "table" then + return table.concat(v, s) + else + return v + end +end + +o = s:option(DummyValue, "users", translate("Users")) +o.rawhtml = true +function o.cfgvalue(self, s) + return "" .. uci2string(self.map:get(s, "rw"), " ") .. "
" .. uci2string(self.map:get(s, "ro"), " ") .. "" +end + +o = s:option(StaticList, "proto", translate("Protocol")) +o:value("samba", "Samba") +o:value("webdav", "WebDAV") + +return m diff --git a/luci-app-unishare/luasrc/model/cbi/unishare/share.lua b/luci-app-unishare/luasrc/model/cbi/unishare/share.lua new file mode 100644 index 000000000..a7577a3fd --- /dev/null +++ b/luci-app-unishare/luasrc/model/cbi/unishare/share.lua @@ -0,0 +1,66 @@ + +local uci = luci.model.uci.cursor() + +local users = {} +uci:foreach("unishare", "user", function(e) + users[#users+1] = e["username"] +end) + +m = Map("unishare", translate("Configure Share")) +m.redirect = luci.dispatcher.build_url("admin", "nas", "unishare", "index") +function m.on_save() + luci.http.redirect(m.redirect) +end + +s = m:section(NamedSection, arg[1], "share", "") +s.addremove = false +s.dynamic = false + +path = s:option(Value, "path", translate("Path")) +path.datatype = "string" +path.rmempty = false +path.validate = function(self, value, section) + if value then + if value == "/" or string.match(value, "^/.+[^/]$") then + if value == "/" and (nil == name:formvalue(section) or "" == name:formvalue(section)) then + return nil, translate("Name cannot be empty when Path is /") + end + return value + else + return nil, translate("Path must starts with '/' and not ends with '/'") + end + end + return AbstractValue.validate(self, value, section) +end + +name = s:option(Value, "name", translate("Name")) +name.datatype = "string" +name.rmempty = true +name.validate = function(self, value, section) + if value and string.match(value, "[`&|;<>/\\*?$#]") then + return nil, translatef("Name must not contains '%s'", "`&|;<>/\\*?$#") + end + return AbstractValue.validate(self, value, section) +end + +o = s:option(StaticList, "rw", translate("Read/Write Users"), + translatef("'Everyone' includes anonymous if enabled, 'Logged Users' includes all users configured in '%s' tab", + ""..translate("Users").."")) +o:value("everyone", translate("Everyone")) +o:value("users", translate("Logged Users")) +for k, u in pairs(users) do + o:value(u) +end + +o = s:option(StaticList, "ro", translate("Read Only Users")) +o:value("everyone", translate("Everyone")) +o:value("users", translate("Logged Users")) +for k, u in pairs(users) do + o:value(u) +end + +o = s:option(StaticList, "proto", translate("Protocol")) +o:value("samba", "Samba") +o:value("webdav", "WebDAV") + +return m diff --git a/luci-app-unishare/luasrc/model/cbi/unishare/users.lua b/luci-app-unishare/luasrc/model/cbi/unishare/users.lua new file mode 100644 index 000000000..bc7fe1f5d --- /dev/null +++ b/luci-app-unishare/luasrc/model/cbi/unishare/users.lua @@ -0,0 +1,25 @@ + +m = Map("unishare") + +s = m:section(TypedSection, "user", translate("Users")) +s.anonymous = true +s.addremove = true +s.template = "cbi/tblsection" + +o = s:option(Value, "username", translate("Username")) +o.datatype = "string" +o.rmempty = false +o.validate = function(self, value) + if value and string.match(value, "^%l[%l%d_-]*$") then + return value + else + return nil, translatef("Username must matchs regex '%s'", "^[a-z][a-z0-9_-]*$") + end +end + +o = s:option(Value, "password", translate("Password")) +o.datatype = "string" +o.password = true +o.rmempty = true + +return m diff --git a/luci-app-unishare/po/zh-cn/unishare.po b/luci-app-unishare/po/zh-cn/unishare.po new file mode 100644 index 000000000..b9d899c4d --- /dev/null +++ b/luci-app-unishare/po/zh-cn/unishare.po @@ -0,0 +1,56 @@ +msgid "" +msgstr "" + +msgid "UniShare" +msgstr "统一文件共享" + +msgid "Configure multiple file sharing protocols in one page (Samba, WebDAV, maybe more in the future?)" +msgstr "在一个页面中配置多种文件共享协议(Samba,WebDAV,也许以后会支持更多?)" + +msgid "Global" +msgstr "全局" + +msgid "Allow Anonymous" +msgstr "允许匿名用户" + +msgid "WebDAV Port" +msgstr "WebDAV 端口" + +msgid "Shares" +msgstr "共享" + +msgid "(The user marked in Bold has write access)" +msgstr "(加粗的用户具有写权限)" + +msgid "Users" +msgstr "用户" + +msgid "Configure Share" +msgstr "配置共享" + +msgid "Read/Write Users" +msgstr "读写用户" + +msgid "Read Only Users" +msgstr "只读用户" + +msgid "Everyone" +msgstr "任何人" + +msgid "Logged Users" +msgstr "登录用户" + +msgid "'Everyone' includes anonymous if enabled, 'Logged Users' includes all users configured in '%s' tab" +msgstr "'任何人'包括所有登录用户和匿名用户(如果允许匿名用户),'登录用户'包括所有在'%s'标签页配置的用户" + +msgid "Name cannot be empty when Path is /" +msgstr "路径是/时,名称不能为空" + +msgid "Path must starts with '/' and not ends with '/'" +msgstr "路径必须以/开头,且不能以/结尾" + +msgid "Name must not contains '%s'" +msgstr "名称不能包含这些特殊字符'%s'" + +msgid "Username must matchs regex '%s'" +msgstr "用户名必须满足正则表达式'%s'" diff --git a/luci-app-unishare/po/zh_Hans b/luci-app-unishare/po/zh_Hans new file mode 120000 index 000000000..41451e4a1 --- /dev/null +++ b/luci-app-unishare/po/zh_Hans @@ -0,0 +1 @@ +zh-cn \ No newline at end of file diff --git a/natflow/Makefile b/natflow/Makefile index 42f13e563..45f0e2306 100644 --- a/natflow/Makefile +++ b/natflow/Makefile @@ -9,10 +9,10 @@ include $(TOPDIR)/rules.mk include $(INCLUDE_DIR)/kernel.mk PKG_NAME:=natflow -PKG_VERSION:=20221117 +PKG_VERSION:=20221124 PKG_SOURCE_URL:=https://codeload.github.com/ptpt52/natflow/tar.gz/$(PKG_VERSION)? -PKG_HASH:=808d6420f5e36389ba65a7712a6b029dc3577c12fa0810cf04015e87c7a94c8c +PKG_HASH:=d760373b41900534b3714a4d3f28e5e1745b0aa397e84576797860f3691fd774 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_MAINTAINER:=Chen Minqiang diff --git a/unishare/Makefile b/unishare/Makefile new file mode 100644 index 000000000..e3b83f44e --- /dev/null +++ b/unishare/Makefile @@ -0,0 +1,46 @@ +# +# Copyright (C) 2022 jjm2473 +# +# This is free software, licensed under the MIT License. +# + +include $(TOPDIR)/rules.mk + + +PKG_NAME:=unishare +PKG_VERSION:=1.0.1 +PKG_RELEASE:=1 +PKG_MAINTAINER:=jjm2473 + +include $(INCLUDE_DIR)/package.mk + +define Package/$(PKG_NAME) + SECTION:=net + CATEGORY:=Network + SUBMENU:=File Transfer + TITLE:=Unified Network Shares Manager + DEPENDS:=+samba4-server +webdav2 + PKGARCH:=all +endef + +define Package/$(PKG_NAME)/description + Configure samba, webdav (maybe more?) in one app +endef + +define Package/$(PKG_NAME)/conffiles +/etc/config/unishare +endef + +define Build/Configure +endef + +define Build/Compile +endef + +define Package/$(PKG_NAME)/install + $(INSTALL_DIR) $(1)/etc/init.d $(1)/etc/config + $(INSTALL_BIN) ./files/unishare.init $(1)/etc/init.d/unishare + $(INSTALL_CONF) ./files/unishare.config $(1)/etc/config/unishare +endef + +$(eval $(call BuildPackage,$(PKG_NAME))) diff --git a/unishare/files/unishare.config b/unishare/files/unishare.config new file mode 100644 index 000000000..c8923e1c7 --- /dev/null +++ b/unishare/files/unishare.config @@ -0,0 +1,41 @@ +config global + option enabled '0' + option anonymous '1' + option webdav_port '8888' + +config user + option username 'admin' + option password 'password' + +config user + option username 'jim' + option password 'abcdef' + +config share + option path '/mnt' + option name 'mnt' + list rw 'admin' + list proto 'samba' + +config share + option path '/root/share' + option name 'public' + list rw 'admin' + list ro 'everyone' + list proto 'samba' + list proto 'webdav' + +config share + option path '/root/work' + list rw 'admin' + list rw 'tim' + list ro 'users' + list proto 'samba' + +config share + option path '/root/share' + option name 'www' + list ro 'everyone' + list proto 'samba' + list proto 'webdav' + diff --git a/unishare/files/unishare.init b/unishare/files/unishare.init new file mode 100755 index 000000000..6a763aeeb --- /dev/null +++ b/unishare/files/unishare.init @@ -0,0 +1,294 @@ +#!/bin/sh /etc/rc.common + +START=97 +STOP=05 +USE_PROCD=1 + +# $section $proto callback $args +validate_share() { + local path + local name + local rw + local ro + local proto + config_get proto $1 proto + echo "$proto" | grep -qFw "$2" || return 0 + config_get path $1 path + [ -z "$path" ] && return 1 + config_get name $1 name + [ -z "$name" ] && name=${path##*/} + config_get rw $1 rw + config_get ro $1 ro + + shift + shift + $@ "$path" "$name" "$rw" "$ro" +} + +clean_unishare() { + local unishare + config_get unishare $1 unishare "0" + if [[ $unishare == 1 ]]; then + uci delete "$2.$1" + fi +} + +clean_unishare_users() { + local users=`grep -s '^unishare:' /etc/group | cut -d: -f4 | sed 's/,/ /g'` + local username + [ -z "$users" ] && return 0 + for username in $users; do + smbpasswd -L -x "$username" >/dev/null 2>&1 + done + lock /var/lock/group + sed -i -E 's/^unishare:x:(\d+):.+/unishare:x:\1:/' /etc/group + lock -u /var/lock/group + users=`grep -s ':unishare:' /etc/passwd | cut -d: -f1` + [ -z "$users" ] && return 0 + lock /var/lock/passwd + for username in $users; do + sed -i "/^$username:/d" /etc/shadow + done + sed -i -E '/^[^:]+:x:\d+:\d+:unishare:.*/d' /etc/passwd + lock -u /var/lock/passwd +} + +clean_samba() { + clean_unishare_users + config_load samba4 + config_foreach clean_unishare sambashare samba4 +} + +add_samba_user() { + local username + local password + local gid=$2 + config_get username $1 username + [ -z "$username" ] && return 1 + user_exists "$username" || user_add "$username" "" $gid "unishare" + group_add_user "unishare" "$username" + config_get password $1 password + if [ -z "$password" ]; then + smbpasswd -L -c /var/etc/smb.conf -a -n "$username" >/dev/null 2>&1 + else + { echo "$password" ; echo "$password" ; } | smbpasswd -L -c /var/etc/smb.conf -a -s "$username" >/dev/null 2>&1 + fi +} + +# $smbcfg $path $name $rw $ro +add_samba_share() { + local rw=$4 + local ro=$5 + rw=`echo "$rw" | sed -e 's/everyone/guest nobody @unishare/g' -e 's/users/@unishare/g'` + ro=`echo "$ro" | sed -e 's/everyone/guest nobody @unishare/g' -e 's/users/@unishare/g'` + { + cat <<-EOF + add $1 sambashare + set $1.@sambashare[-1].unishare=1 + set $1.@sambashare[-1].path=$2 + set $1.@sambashare[-1].name=$3 + set $1.@sambashare[-1].read_only=yes + set $1.@sambashare[-1].force_root=1 + set $1.@sambashare[-1].inherit_owner=yes + set $1.@sambashare[-1].create_mask=0666 + set $1.@sambashare[-1].dir_mask=0777 + set $1.@sambashare[-1].users='$rw $ro' +EOF + [[ $UNISHARE_G_ANONYMOUS == 1 ]] && echo " set $1.@sambashare[-1].guest_ok=yes" + [ -n "$rw" ] && echo " set $1.@sambashare[-1].write_list='$rw'" + [ -n "$ro" ] && echo " set $1.@sambashare[-1].read_list='$ro'" + } | uci batch >/dev/null +} + +config_samba() { + local gid=`group_add_next unishare` + [ -z "$gid" ] && return 1 + [ -f "/var/etc/smb.conf" ] || cat <<-EOF >/var/etc/smb.conf +[global] + security = user + null passwords = yes + passdb backend = smbpasswd +EOF + config_foreach add_samba_user user $gid + config_foreach validate_share share samba add_samba_share samba4 +} + +reconfig_samba() { + config_samba || { uci revert samba4; return 1; } + uci commit samba4 +} + +# $path $name $rw $ro +add_webdav_share() { + local rw="$3" + local ro="$4" + local u + local var + local v + for u in $rw; do + var="UNISHARE_DAV_${u}_rw" + eval "v=\$$var" + export -n "$var=${v:+$v }$name" + done + for u in $ro; do + var="UNISHARE_DAV_${u}_ro" + eval "v=\$$var" + export -n "$var=${v:+$v }$name" + done + ln -s "$path" "/var/run/unishare/root/$name" +} + +clean_webdav_user() { + local username + config_get username $1 username + [ -z "$username" ] && return 0 + export -n "UNISHARE_DAV_${username}_rw=" + export -n "UNISHARE_DAV_${username}_ro=" +} + +add_webdav_user() { + local username + local password + config_get username $1 username + [ -z "$username" ] && return 1 + config_get password $1 password + echo " - username: $username" + echo " password: $password" + echo " rules:" + local v + local r + eval "v=\$UNISHARE_DAV_${username}_rw" + for r in $v; do + echo " - path: /$r" + echo " modify: true" + done + for r in $UNISHARE_DAV_users_rw; do + echo " - path: /$r" + echo " modify: true" + done + eval "v=\$UNISHARE_DAV_${username}_ro" + for r in $v; do + echo " - path: /$r" + echo " allow: true" + done + for r in $UNISHARE_DAV_users_ro; do + echo " - path: /$r" + echo " allow: true" + done +} + +config_webdav_header() { + local r + local anonymous=false + [[ $UNISHARE_G_ANONYMOUS == 1 ]] && anonymous=true + cat <<-EOF +# Server related settings +address: 0.0.0.0 +port: $UNISHARE_G_DAVPORT +auth: true +anonymous: $anonymous +tls: false +cert: cert.pem +key: key.pem +prefix: / +no_sniff: true +debug: false + +# Default user settings (will be merged) +scope: /var/run/unishare/root +modify: false +rules: +EOF + for r in $UNISHARE_DAV_everyone_rw; do + echo " - path: /$r" + echo " modify: true" + done + for r in $UNISHARE_DAV_everyone_ro; do + echo " - path: /$r" + echo " allow: true" + done + cat <<-EOF + - regex: true + allow: false + path: ^/.+ + - regex: false + allow: true + path: / + +# CORS configuration +cors: + enabled: true + credentials: true + allowed_headers: + - Depth + allowed_hosts: + - http://localhost:$UNISHARE_G_DAVPORT + allowed_methods: + - GET + exposed_headers: + - Content-Length + - Content-Range + +users: +EOF +} + +config_webdav() { + rm -rf /var/run/unishare 2>/dev/null + mkdir -p /var/run/unishare/root || return 1 + config_foreach clean_webdav_user user + config_foreach validate_share share webdav add_webdav_share + { config_webdav_header ; config_foreach add_webdav_user user ; } > /var/run/unishare/webdav.yml +} + +global_config() { + local enabled + local anonymous + local webdav_port + config_get enabled $1 enabled + config_get anonymous $1 anonymous + config_get webdav_port $1 webdav_port + export -n "UNISHARE_G_ENABLED=$enabled" + export -n "UNISHARE_G_ANONYMOUS=$anonymous" + export -n "UNISHARE_G_DAVPORT=$webdav_port" +} + +boot() { + export -n ONBOOT=1 + start "$@" +} + +start_service() { + clean_samba + config_load unishare + config_foreach global_config global + [ "$UNISHARE_G_ENABLED" = "1" ] || { + uci commit samba4 + [ "$ONBOOT" = "1" ] || /etc/init.d/samba4 reload + return 0 + } + [ -z "$UNISHARE_G_DAVPORT" ] && UNISHARE_G_DAVPORT=8080 + reconfig_samba || return 1 + [ "$ONBOOT" = "1" ] || /etc/init.d/samba4 reload + config_webdav || return 1 + + # start webdav2 daemon + procd_open_instance + procd_set_param command /usr/sbin/webdav2 -c /var/run/unishare/webdav.yml + procd_set_param respawn + procd_set_param file /var/run/unishare/webdav.yml + procd_set_param limits nofile=16384 + procd_close_instance +} + +service_stopped() { + clean_samba + [ `uci changes samba4 | wc -l` -gt 0 ] && { + uci commit samba4 + /etc/init.d/samba4 reload + } +} + +service_triggers() { + procd_add_reload_trigger "unishare" +} diff --git a/webdav2/Makefile b/webdav2/Makefile new file mode 100644 index 000000000..b3f1fdef0 --- /dev/null +++ b/webdav2/Makefile @@ -0,0 +1,56 @@ +include $(TOPDIR)/rules.mk + +PKG_NAME:=webdav2 +PKG_VERSION:=4.3.1 +PKG_RELEASE:=1 + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_SOURCE_URL:=https://codeload.github.com/jjm2473/webdav/tar.gz/v$(PKG_VERSION)? +PKG_HASH:=bcf62572725d031e835f7e7c6fa6a707abf6708030c4d3c81459df19dafcb47d +PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION) + +PKG_MAINTAINER:=jjm2473 +PKG_LICENSE:=MIT +PKG_LICENSE_FILES:=LICENSE + +PKG_BUILD_DEPENDS:=golang/host +PKG_BUILD_PARALLEL:=1 +PKG_USE_MIPS16:=0 + +GO_PKG:=github.com/hacdias/webdav + +GO_PKG_LDFLAGS_X:= \ + github.com/hacdias/webdav/cmd.version=$(PKG_VERSION) + +include $(INCLUDE_DIR)/package.mk +include $(TOPDIR)/feeds/packages/lang/golang/golang-package.mk + +TAR_OPTIONS:=--strip-components 1 $(TAR_OPTIONS) +TAR_CMD=$(HOST_TAR) -C $(PKG_BUILD_DIR) $(TAR_OPTIONS) + +define Package/webdav2 + SECTION:=net + CATEGORY:=Network + SUBMENU:=File Transfer + TITLE:=Simple Go WebDAV server. + URL:=https://github.com/hacdias/webdav + DEPENDS:=$(GO_ARCH_DEPENDS) +endef + +define Package/webdav2/description + A Simple Go WebDAV server that supports acls. +endef + +define Package/webdav2/conffiles +/etc/config/webdav2 +endef + +define Package/webdav2/install + $(INSTALL_DIR) $(1)/usr/sbin $(1)/etc/config $(1)/etc/init.d + $(INSTALL_BIN) $(GO_PKG_BUILD_BIN_DIR)/webdav $(1)/usr/sbin/webdav2 + $(INSTALL_CONF) ./files/webdav2.config $(1)/etc/config/webdav2 + $(INSTALL_BIN) ./files/webdav2.init $(1)/etc/init.d/webdav2 +endef + +$(eval $(call GoBinPackage,webdav2)) +$(eval $(call BuildPackage,webdav2)) diff --git a/webdav2/files/webdav2.config b/webdav2/files/webdav2.config new file mode 100644 index 000000000..a11b5ae45 --- /dev/null +++ b/webdav2/files/webdav2.config @@ -0,0 +1,28 @@ +config global + option enabled '0' + option anonymous '1' + option port '8888' + option root '/etc/webdav2/root' + +config user 'everyone' + option username 'everyone' + option onlyroot '1' + list ro '/public' + list ro '/www' + +config user 'users' + option username 'users' + list ro '/work' + +config user + option username 'admin' + option password 'password' + list rw '/mnt' + list rw '/public' + list rw '/work' + +config user + option username 'jim' + option password 'abcdef' + list rw '/work' + diff --git a/webdav2/files/webdav2.init b/webdav2/files/webdav2.init new file mode 100755 index 000000000..87e421b35 --- /dev/null +++ b/webdav2/files/webdav2.init @@ -0,0 +1,139 @@ +#!/bin/sh /etc/rc.common + +START=98 +STOP=05 +USE_PROCD=1 + +add_webdav_user() { + local username + local password + local rw + local ro + config_get username $1 username + [ -z "$username" ] && return 1 + [ "$username" = "everyone" -o "$username" = "users" ] && return 0 + config_get password $1 password + config_get rw $1 rw + config_get ro $1 ro + echo " - username: $username" + echo " password: $password" + echo " rules:" + + local r + for r in $rw; do + echo " - path: $r" + echo " modify: true" + done + for r in `uci -q get webdav2.users.rw`; do + echo " - path: $r" + echo " modify: true" + done + for r in $ro; do + echo " - path: $r" + echo " allow: true" + done + for r in `uci -q get webdav2.users.ro`; do + echo " - path: $r" + echo " allow: true" + done +} + +config_webdav_header() { + local r + local anonymous=false + [[ $WEBDAV2_G_ANONYMOUS == 1 ]] && anonymous=true + cat <<-EOF +# Server related settings +address: 0.0.0.0 +port: $WEBDAV2_G_PORT +auth: true +anonymous: $anonymous +tls: false +cert: cert.pem +key: key.pem +prefix: / +no_sniff: true +debug: false + +# Default user settings (will be merged) +scope: $WEBDAV2_G_ROOT +modify: false +rules: +EOF + for r in `uci -q get webdav2.everyone.rw`; do + echo " - path: $r" + echo " modify: true" + done + for r in `uci -q get webdav2.everyone.ro`; do + echo " - path: $r" + echo " allow: true" + done + [ "`uci -q get webdav2.everyone.onlyroot`" = "1" ] && cat <<-EOF + - regex: true + allow: false + path: ^/.+ +EOF + + cat <<-EOF + - regex: false + allow: true + path: / + +# CORS configuration +cors: + enabled: true + credentials: true + allowed_headers: + - Depth + allowed_hosts: + - http://localhost:$WEBDAV2_G_PORT + allowed_methods: + - GET + exposed_headers: + - Content-Length + - Content-Range + +users: +EOF +} + +config_webdav2() { + rm -rf /var/run/webdav2 2>/dev/null + mkdir -p /var/run/webdav2 || return 1 + + { config_webdav_header ; config_foreach add_webdav_user user ; } > /var/run/webdav2/webdav.yml +} + +global_config() { + local enabled + local anonymous + local port + local root + config_get enabled $1 enabled + config_get anonymous $1 anonymous + config_get port $1 port + config_get root $1 root + export -n "WEBDAV2_G_ENABLED=$enabled" + export -n "WEBDAV2_G_ANONYMOUS=$anonymous" + export -n "WEBDAV2_G_PORT=$port" + export -n "WEBDAV2_G_ROOT=$root" +} + +start_service() { + config_load webdav2 + config_foreach global_config global + [ "$WEBDAV2_G_ENABLED" = "1" ] || return 0 + [ -z "$WEBDAV2_G_PORT" ] && WEBDAV2_G_PORT=8888 + config_webdav2 || return 1 + + # start webdav2 daemon + procd_open_instance + procd_set_param command /usr/sbin/webdav2 -c /var/run/webdav2/webdav.yml + procd_set_param respawn + procd_set_param limits nofile=16384 + procd_close_instance +} + +service_triggers() { + procd_add_reload_trigger "webdav2" +}