From 889f1592b02027971db78d806cd30b7fa52946e4 Mon Sep 17 00:00:00 2001 From: Ricardo Olsen Date: Sat, 18 May 2024 08:13:57 -0300 Subject: [PATCH] RHEL9 install script and configs updated. --- platform-rhel9/json-scada-install.sh | 2 +- platform-rhel9/json_scada_access_control.conf | 18 ---------------- platform-rhel9/json_scada_http.conf | 21 +++++++++++++------ platform-rhel9/json_scada_https.conf | 12 +++++++++-- 4 files changed, 26 insertions(+), 27 deletions(-) delete mode 100644 platform-rhel9/json_scada_access_control.conf diff --git a/platform-rhel9/json-scada-install.sh b/platform-rhel9/json-scada-install.sh index d53ec17a..26535221 100644 --- a/platform-rhel9/json-scada-install.sh +++ b/platform-rhel9/json-scada-install.sh @@ -74,7 +74,7 @@ sudo cp postgresql.conf /var/lib/pgsql/16/data/ sudo chown postgres:postgres /var/lib/pgsql/16/data/postgresql.conf sudo systemctl enable postgresql-16 -sudo cp json_scada_*.conf //etc/nginx/conf.d/ +sudo cp json_scada_*.conf /etc/nginx/conf.d/ sudo systemctl enable nginx sudo dnf -y install mongodb-org diff --git a/platform-rhel9/json_scada_access_control.conf b/platform-rhel9/json_scada_access_control.conf deleted file mode 100644 index 42415650..00000000 --- a/platform-rhel9/json_scada_access_control.conf +++ /dev/null @@ -1,18 +0,0 @@ - - #--------------------------- - # IP-based access control - - # allow local access only by default - - # permite somente acesso local por padrĂ£o - - allow 127.0.0.1; - - # to allow more clients/severs, configure the following option - # allow _IP_hmi_client; - # allow _IP_hmi_redundant_server; - - deny all; - - #--------------------------- - diff --git a/platform-rhel9/json_scada_http.conf b/platform-rhel9/json_scada_http.conf index e4f94649..34c470a4 100644 --- a/platform-rhel9/json_scada_http.conf +++ b/platform-rhel9/json_scada_http.conf @@ -19,9 +19,18 @@ gzip_disable msie6; charset UTF-8; - - # list of IP addresses with access granted - include json_scada_access_control.conf; + + # IP-based access control + + # allow local access only by default + allow 127.0.0.1; + + # to allow more clients/severs, configure the following option + # allow _IP_hmi_client; + # allow _IP_hmi_redundant_server; + + deny all; + location / { root "/home/jsonscada/json-scada/src/htdocs/"; @@ -96,15 +105,15 @@ # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # location ~ .php$ { - include ../platform-windows/nginx_php-runtime/conf/fastcgi_params; - root "c:/json-scada/src/htdocs/"; + include fastcgi.conf; + root "/home/jsonscada/json-scada/src/htdocs/"; fastcgi_pass php-fpm; fastcgi_keep_conn on; fastcgi_index index.php; fastcgi_read_timeout 10s; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; } - + # deny access to .htaccess files location ~ /\.ht { deny all; diff --git a/platform-rhel9/json_scada_https.conf b/platform-rhel9/json_scada_https.conf index 892af72a..f6d7465c 100644 --- a/platform-rhel9/json_scada_https.conf +++ b/platform-rhel9/json_scada_https.conf @@ -25,8 +25,16 @@ # charset UTF-8; # #charset ISO-8859-1; -# # list of IP addresses with access granted -# include json_scada_access_control.conf; +# # IP-based access control +# +# # allow local access only by default +# allow 127.0.0.1; +# +# # to allow more clients/severs, configure the following option +# # allow _IP_hmi_client; +# # allow _IP_hmi_redundant_server; +# +# deny all; # location / { # root "/home/jsonscada/json-scada/src/htdocs/";