1 |
d52a5b2f
|
jenselme
|
#!/bin/sh
|
2 |
|
|
|
3 |
653aeb8e
|
Julien Enselme
|
usage() {
|
4 |
|
|
echo "ARGS: [site_name]"
|
5 |
|
|
}
|
6 |
d52a5b2f
|
jenselme
|
|
7 |
653aeb8e
|
Julien Enselme
|
. /home/assos/bin/scripts-config.sh
|
8 |
|
|
. /home/assos/bin/print-help-if-required.sh
|
9 |
d52a5b2f
|
jenselme
|
|
10 |
d4c4525a
|
Julien Enselme
|
site="$1"
|
11 |
d52a5b2f
|
jenselme
|
|
12 |
8550e097
|
Julien Enselme
|
current_timestamp=$(date "+%s")
|
13 |
d52a5b2f
|
jenselme
|
|
14 |
8550e097
|
Julien Enselme
|
random_1=$(dd if=/dev/urandom count=1 2> /dev/null | cksum | cut -f1 -d" ")
|
15 |
|
|
random_2=$(dd if=/dev/urandom count=1 2> /dev/null | cksum | cut -f1 -d" ")
|
16 |
d52a5b2f
|
jenselme
|
|
17 |
|
|
####### General variables
|
18 |
d4c4525a
|
Julien Enselme
|
drush @"${site}" -yq vset --always-set reverse_proxy TRUE
|
19 |
|
|
drush @"${site}" -yq vset --always-set --format=json reverse_proxy_addresses '["147.94.19.16","147.94.19.17"]'
|
20 |
|
|
drush @"${site}" -yq ev "variable_set('update_notify_emails', array('$email_multi_assos_update'));"
|
21 |
|
|
drush @"${site}" -yq vset error_level 0
|
22 |
|
|
drush @"${site}" -yq vset dblog_row_limit 1000
|
23 |
|
|
drush @"${site}" -yq vset cron_safe_threshold 0
|
24 |
|
|
drush @"${site}" -yq vset file_temporary_path /var/tmp/assos/tmp
|
25 |
d52a5b2f
|
jenselme
|
|
26 |
ddbedad3
|
Florent Torregrosa
|
###### Captcha
|
27 |
d4c4525a
|
Julien Enselme
|
drush @"${site}" -yq en hidden_captcha
|
28 |
ddbedad3
|
Florent Torregrosa
|
# Do not log wrong answers.
|
29 |
d4c4525a
|
Julien Enselme
|
drush @"${site}" -yq vset captcha_enable_stats 0
|
30 |
|
|
drush @"${site}" -yq vset captcha_log_wrong_responses 0
|
31 |
d52a5b2f
|
jenselme
|
# Use hidden captcha for all forms.
|
32 |
d4c4525a
|
Julien Enselme
|
drush @"${site}" -yq sqlq --db-prefix "UPDATE {captcha_points} SET module = 'hidden_captcha', captcha_type = 'Hidden CAPTCHA' WHERE module is NULL;"
|
33 |
d52a5b2f
|
jenselme
|
# Flush captcha cache.
|
34 |
d4c4525a
|
Julien Enselme
|
drush @"${site}" -yq vdel captcha_placement_map_cache
|
35 |
ddbedad3
|
Florent Torregrosa
|
# Randomly generate a math question as the label of the hidden captcha field.
|
36 |
d4c4525a
|
Julien Enselme
|
drush @"${site}" -yq vset hidden_captcha_label "$random_1 + $random_2"
|
37 |
d52a5b2f
|
jenselme
|
|
38 |
|
|
|
39 |
16a50439
|
Florent Torregrosa
|
####### Matomo
|
40 |
|
|
d7-reset-matomo-variables.sh "${site}"
|
41 |
d52a5b2f
|
jenselme
|
|
42 |
|
|
###### Security review
|
43 |
|
|
# For untrusted roles:
|
44 |
|
|
# 1: anonymous user
|
45 |
|
|
# 2: authenticated user
|
46 |
|
|
# 3: administrator
|
47 |
d4c4525a
|
Julien Enselme
|
drush @"${site}" -yq en security_review
|
48 |
|
|
drush @"${site}" -yq ev "variable_set('security_review_untrusted_roles', array('1'));"
|
49 |
95df3862
|
Florent Torregrosa
|
# The default method to check settings.php do not work because we include a global and local settings.php
|
50 |
d4c4525a
|
Julien Enselme
|
drush @"${site}" -yq vset security_review_base_url_method include
|
51 |
d52a5b2f
|
jenselme
|
# Used to initialise entries in the database schema.
|
52 |
d4c4525a
|
Julien Enselme
|
drush @"${site}" -yq security-review --store
|
53 |
95df3862
|
Florent Torregrosa
|
# file_perms : Security Review can't check for files permissions on multi_assos if launched within the web interface.
|
54 |
|
|
# private_files : we have chosen a private path in the files repository and Security Review raise errors but this path is secure.
|
55 |
d4c4525a
|
Julien Enselme
|
drush @"${site}" -yq sqlq --db-prefix "UPDATE {security_review} SET skip = '1', skiptime = $current_timestamp, skipuid = '1' WHERE reviewcheck IN ('file_perms', 'private_files');"
|
56 |
|
|
drush @"${site}" -yq sqlq --db-prefix "UPDATE {security_review} SET skip = '0', skiptime = '0', skipuid = NULL WHERE reviewcheck NOT IN ('file_perms', 'private_files');"
|
57 |
565ac668
|
Florent Torregrosa
|
|
58 |
|
|
###### Performance
|
59 |
|
|
# Active cache
|
60 |
d4c4525a
|
Julien Enselme
|
drush @"${site}" -yq vset cache 1
|
61 |
|
|
drush @"${site}" -yq vset block_cache 1
|
62 |
565ac668
|
Florent Torregrosa
|
# Lifetime : 0, 60, 180, 300, 600, 900, 1800, 2700, 3600, 10800, 21600, 32400, 43200
|
63 |
d4c4525a
|
Julien Enselme
|
drush @"${site}" -yq vset cache_lifetime 0
|
64 |
|
|
drush @"${site}" -yq vset page_cache_maximum_age 300
|
65 |
565ac668
|
Florent Torregrosa
|
# Compression
|
66 |
d4c4525a
|
Julien Enselme
|
drush @"${site}" -yq vset page_compression 1
|
67 |
|
|
drush @"${site}" -yq vset preprocess_css 1
|
68 |
|
|
drush @"${site}" -yq vset preprocess_js 1 |