Procházet zdrojové kódy
Fix Shellcheck SC2129: Consider using {..} >> file
Consider using { cmd1; cmd2; } >> file instead of individual redirects.
https://github.com/koalaman/shellcheck/wiki/SC2129
Signed-off-by: Dan Callahan <danc@element.io>
tags/v1.47.0rc1
Dan Callahan
před 2 roky
V databázi nebyl nalezen žádný známý klíč pro tento podpis
ID GPG klíče: 5FAD56482D9EB851
1 změnil soubory, kde provedl 63 přidání a 60 odebrání
-
+63 -60demo/start.sh
+ 63
- 60
demo/start.sh
Zobrazit soubor
| @@ -29,69 +29,72 @@ for port in 8080 8081 8082; do | |||
| --report-stats no | |||
| if ! grep -F "Customisation made by demo/start.sh" -q "$DIR/etc/$port.config"; then | |||
| printf '\n\n# Customisation made by demo/start.sh\n' >> "$DIR/etc/$port.config" | |||
| echo "public_baseurl: http://localhost:$port/" >> "$DIR/etc/$port.config" | |||
| echo 'enable_registration: true' >> "$DIR/etc/$port.config" | |||
| # Warning, this heredoc depends on the interaction of tabs and spaces. Please don't | |||
| # accidentaly bork me with your fancy settings. | |||
| listeners=$(cat <<-PORTLISTENERS | |||
| # Configure server to listen on both $https_port and $port | |||
| # This overides some of the default settings above | |||
| listeners: | |||
| - port: $https_port | |||
| type: http | |||
| tls: true | |||
| resources: | |||
| - names: [client, federation] | |||
| - port: $port | |||
| tls: false | |||
| bind_addresses: ['::1', '127.0.0.1'] | |||
| type: http | |||
| x_forwarded: true | |||
| resources: | |||
| - names: [client, federation] | |||
| compress: false | |||
| PORTLISTENERS | |||
| ) | |||
| echo "${listeners}" >> "$DIR/etc/$port.config" | |||
| # Disable tls for the servers | |||
| printf '\n\n# Disable tls on the servers.' >> "$DIR/etc/$port.config" | |||
| echo '# DO NOT USE IN PRODUCTION' >> "$DIR/etc/$port.config" | |||
| echo 'use_insecure_ssl_client_just_for_testing_do_not_use: true' >> "$DIR/etc/$port.config" | |||
| echo 'federation_verify_certificates: false' >> "$DIR/etc/$port.config" | |||
| # Set tls paths | |||
| echo "tls_certificate_path: \"$DIR/etc/localhost:$https_port.tls.crt\"" >> "$DIR/etc/$port.config" | |||
| echo "tls_private_key_path: \"$DIR/etc/localhost:$https_port.tls.key\"" >> "$DIR/etc/$port.config" | |||
| # Generate tls keys | |||
| openssl req -x509 -newkey rsa:4096 -keyout "$DIR/etc/localhost:$https_port.tls.key" -out "$DIR/etc/localhost:$https_port.tls.crt" -days 365 -nodes -subj "/O=matrix" | |||
| # Ignore keys from the trusted keys server | |||
| echo '# Ignore keys from the trusted keys server' >> "$DIR/etc/$port.config" | |||
| echo 'trusted_key_servers:' >> "$DIR/etc/$port.config" | |||
| echo ' - server_name: "matrix.org"' >> "$DIR/etc/$port.config" | |||
| echo ' accept_keys_insecurely: true' >> "$DIR/etc/$port.config" | |||
| # Reduce the blacklist | |||
| blacklist=$(cat <<-BLACK | |||
| # Set the blacklist so that it doesn't include 127.0.0.1, ::1 | |||
| federation_ip_range_blacklist: | |||
| - '10.0.0.0/8' | |||
| - '172.16.0.0/12' | |||
| - '192.168.0.0/16' | |||
| - '100.64.0.0/10' | |||
| - '169.254.0.0/16' | |||
| - 'fe80::/64' | |||
| - 'fc00::/7' | |||
| BLACK | |||
| ) | |||
| echo "${blacklist}" >> "$DIR/etc/$port.config" | |||
| # Regenerate configuration | |||
| { | |||
| printf '\n\n# Customisation made by demo/start.sh\n' | |||
| echo "public_baseurl: http://localhost:$port/" | |||
| echo 'enable_registration: true' | |||
| # Warning, this heredoc depends on the interaction of tabs and spaces. | |||
| # Please don't accidentaly bork me with your fancy settings. | |||
| listeners=$(cat <<-PORTLISTENERS | |||
| # Configure server to listen on both $https_port and $port | |||
| # This overides some of the default settings above | |||
| listeners: | |||
| - port: $https_port | |||
| type: http | |||
| tls: true | |||
| resources: | |||
| - names: [client, federation] | |||
| - port: $port | |||
| tls: false | |||
| bind_addresses: ['::1', '127.0.0.1'] | |||
| type: http | |||
| x_forwarded: true | |||
| resources: | |||
| - names: [client, federation] | |||
| compress: false | |||
| PORTLISTENERS | |||
| ) | |||
| echo "${listeners}" | |||
| # Disable tls for the servers | |||
| printf '\n\n# Disable tls on the servers.' | |||
| echo '# DO NOT USE IN PRODUCTION' | |||
| echo 'use_insecure_ssl_client_just_for_testing_do_not_use: true' | |||
| echo 'federation_verify_certificates: false' | |||
| # Set tls paths | |||
| echo "tls_certificate_path: \"$DIR/etc/localhost:$https_port.tls.crt\"" | |||
| echo "tls_private_key_path: \"$DIR/etc/localhost:$https_port.tls.key\"" | |||
| # Ignore keys from the trusted keys server | |||
| echo '# Ignore keys from the trusted keys server' | |||
| echo 'trusted_key_servers:' | |||
| echo ' - server_name: "matrix.org"' | |||
| echo ' accept_keys_insecurely: true' | |||
| # Reduce the blacklist | |||
| blacklist=$(cat <<-BLACK | |||
| # Set the blacklist so that it doesn't include 127.0.0.1, ::1 | |||
| federation_ip_range_blacklist: | |||
| - '10.0.0.0/8' | |||
| - '172.16.0.0/12' | |||
| - '192.168.0.0/16' | |||
| - '100.64.0.0/10' | |||
| - '169.254.0.0/16' | |||
| - 'fe80::/64' | |||
| - 'fc00::/7' | |||
| BLACK | |||
| ) | |||
| echo "${blacklist}" | |||
| } >> "$DIR/etc/$port.config" | |||
| fi | |||
| # Check script parameters | |||