|
1
|
#!/bin/sh
|
|
2
|
|
|
3
|
usage() {
|
|
4
|
echo "ARGS: [site_name]"
|
|
5
|
}
|
|
6
|
|
|
7
|
. /home/assos/bin/scripts-config.sh
|
|
8
|
. /home/assos/bin/print-help-if-required.sh
|
|
9
|
|
|
10
|
site="$1"
|
|
11
|
|
|
12
|
current_timestamp=$(date "+%s")
|
|
13
|
|
|
14
|
random_1=$(dd if=/dev/urandom count=1 2> /dev/null | cksum | cut -f1 -d" ")
|
|
15
|
random_2=$(dd if=/dev/urandom count=1 2> /dev/null | cksum | cut -f1 -d" ")
|
|
16
|
|
|
17
|
####### General variables
|
|
18
|
drush @"${site}" -yq vset --always-set reverse_proxy TRUE
|
|
19
|
drush @"${site}" -yq vset --always-set --format=json reverse_proxy_addresses '["147.94.19.16","147.94.19.17"]'
|
|
20
|
drush @"${site}" -yq ev "variable_set('update_notify_emails', array('$email_multi_assos_update'));"
|
|
21
|
drush @"${site}" -yq vset error_level 0
|
|
22
|
drush @"${site}" -yq vset dblog_row_limit 1000
|
|
23
|
drush @"${site}" -yq vset cron_safe_threshold 0
|
|
24
|
drush @"${site}" -yq vset file_temporary_path /var/tmp/assos/tmp
|
|
25
|
|
|
26
|
###### Captcha
|
|
27
|
drush @"${site}" -yq en hidden_captcha
|
|
28
|
# Do not log wrong answers.
|
|
29
|
drush @"${site}" -yq vset captcha_enable_stats 0
|
|
30
|
drush @"${site}" -yq vset captcha_log_wrong_responses 0
|
|
31
|
# Use hidden captcha for all forms.
|
|
32
|
drush @"${site}" -yq sqlq --db-prefix "UPDATE {captcha_points} SET module = 'hidden_captcha', captcha_type = 'Hidden CAPTCHA' WHERE module is NULL;"
|
|
33
|
# Flush captcha cache.
|
|
34
|
drush @"${site}" -yq vdel captcha_placement_map_cache
|
|
35
|
# Randomly generate a math question as the label of the hidden captcha field.
|
|
36
|
drush @"${site}" -yq vset hidden_captcha_label "$random_1 + $random_2"
|
|
37
|
|
|
38
|
|
|
39
|
####### Matomo
|
|
40
|
d7-reset-matomo-variables.sh "${site}"
|
|
41
|
|
|
42
|
###### Security review
|
|
43
|
# For untrusted roles:
|
|
44
|
# 1: anonymous user
|
|
45
|
# 2: authenticated user
|
|
46
|
# 3: administrator
|
|
47
|
drush @"${site}" -yq en security_review
|
|
48
|
drush @"${site}" -yq ev "variable_set('security_review_untrusted_roles', array('1'));"
|
|
49
|
# The default method to check settings.php do not work because we include a global and local settings.php
|
|
50
|
drush @"${site}" -yq vset security_review_base_url_method include
|
|
51
|
# Used to initialise entries in the database schema.
|
|
52
|
drush @"${site}" -yq security-review --store
|
|
53
|
# file_perms : Security Review can't check for files permissions on multi_assos if launched within the web interface.
|
|
54
|
# private_files : we have chosen a private path in the files repository and Security Review raise errors but this path is secure.
|
|
55
|
drush @"${site}" -yq sqlq --db-prefix "UPDATE {security_review} SET skip = '1', skiptime = $current_timestamp, skipuid = '1' WHERE reviewcheck IN ('file_perms', 'private_files');"
|
|
56
|
drush @"${site}" -yq sqlq --db-prefix "UPDATE {security_review} SET skip = '0', skiptime = '0', skipuid = NULL WHERE reviewcheck NOT IN ('file_perms', 'private_files');"
|
|
57
|
|
|
58
|
###### Performance
|
|
59
|
# Active cache
|
|
60
|
drush @"${site}" -yq vset cache 1
|
|
61
|
drush @"${site}" -yq vset block_cache 1
|
|
62
|
# Lifetime : 0, 60, 180, 300, 600, 900, 1800, 2700, 3600, 10800, 21600, 32400, 43200
|
|
63
|
drush @"${site}" -yq vset cache_lifetime 0
|
|
64
|
drush @"${site}" -yq vset page_cache_maximum_age 300
|
|
65
|
# Compression
|
|
66
|
drush @"${site}" -yq vset page_compression 1
|
|
67
|
drush @"${site}" -yq vset preprocess_css 1
|
|
68
|
drush @"${site}" -yq vset preprocess_js 1
|
