From 406d91fdb97b8d5279b9a3892c790a7bf49ddf59 Mon Sep 17 00:00:00 2001
From: Alexandre <44178713+alexbelgium@users.noreply.github.com>
Date: Thu, 8 Aug 2024 21:00:17 +0200
Subject: [PATCH] update
 https://github.com/alexbelgium/hassio-addons/issues/1505#issuecomment-2276178804

---
 fireflyiii/config.json                        | 10 +-
 fireflyiii/rootfs/etc/cont-init.d/30-ssl.sh   | 31 ------
 .../rootfs/etc/nginx/includes/mime.types      | 96 -------------------
 .../etc/nginx/includes/proxy_params.conf      | 15 ---
 .../rootfs/etc/nginx/includes/resolver.conf   |  1 -
 .../etc/nginx/includes/server_params.conf     |  6 --
 .../rootfs/etc/nginx/includes/ssl_params.conf |  9 --
 .../rootfs/etc/nginx/includes/upstream.conf   |  3 -
 fireflyiii/rootfs/etc/nginx/nginx.conf        | 56 -----------
 fireflyiii/rootfs/etc/nginx/servers/ssl.conf  | 35 -------
 10 files changed, 3 insertions(+), 259 deletions(-)
 delete mode 100755 fireflyiii/rootfs/etc/cont-init.d/30-ssl.sh
 delete mode 100644 fireflyiii/rootfs/etc/nginx/includes/mime.types
 delete mode 100644 fireflyiii/rootfs/etc/nginx/includes/proxy_params.conf
 delete mode 100644 fireflyiii/rootfs/etc/nginx/includes/resolver.conf
 delete mode 100644 fireflyiii/rootfs/etc/nginx/includes/server_params.conf
 delete mode 100644 fireflyiii/rootfs/etc/nginx/includes/ssl_params.conf
 delete mode 100644 fireflyiii/rootfs/etc/nginx/includes/upstream.conf
 delete mode 100644 fireflyiii/rootfs/etc/nginx/nginx.conf
 delete mode 100644 fireflyiii/rootfs/etc/nginx/servers/ssl.conf

diff --git a/fireflyiii/config.json b/fireflyiii/config.json
index eef11931275..709a86868f5 100644
--- a/fireflyiii/config.json
+++ b/fireflyiii/config.json
@@ -71,8 +71,7 @@
   "image": "ghcr.io/alexbelgium/fireflyiii-{arch}",
   "map": [
     "config:rw",
-    "share:rw",
-    "ssl"
+    "share:rw"
   ],
   "name": "Firefly iii",
   "options": {
@@ -99,10 +98,7 @@
     "DB_PORT": "str?",
     "DB_USERNAME": "str?",
     "Updates": "list(|hourly|daily|weekly)?",
-    "certfile": "str",
-    "keyfile": "str",
-    "silent": "bool?",
-    "ssl": "bool"
+    "silent": "bool?"
   },
   "services": [
     "mysql:want"
@@ -111,6 +107,6 @@
   "startup": "services",
   "udev": true,
   "url": "https://github.com/alexbelgium/hassio-addons",
-  "version": "6.1.18-2test",
+  "version": "6.1.19",
   "webui": "[PROTO:ssl]://[HOST]:[PORT:8080]"
 }
diff --git a/fireflyiii/rootfs/etc/cont-init.d/30-ssl.sh b/fireflyiii/rootfs/etc/cont-init.d/30-ssl.sh
deleted file mode 100755
index 862bf767230..00000000000
--- a/fireflyiii/rootfs/etc/cont-init.d/30-ssl.sh
+++ /dev/null
@@ -1,31 +0,0 @@
-#!/usr/bin/with-contenv bashio
-# shellcheck shell=bash
-set -e
-
-###############
-# SSL SETTING #
-###############
-declare port
-declare certfile
-declare keyfile
-
-# Ssl values
-if bashio::config.true 'ssl'; then
-    echo "Defining ssl configuration"
-    bashio::config.require.ssl
-    certfile=$(bashio::config 'certfile')
-    keyfile=$(bashio::config 'keyfile')
-
-    #Check if files exist
-    echo "... checking if referenced certificates exist"
-    [ ! -f /ssl/"$certfile" ] && bashio::log.fatal "... use_own_certs is true but certificate /ssl/$certfile not found" && bashio::exit.nok
-    [ ! -f /ssl/"$keyfile" ] && bashio::log.fatal "... use_own_certs is true but certificate /ssl/$keyfile not found" && bashio::exit.nok
-
-
-    sed -i "/proxy_params.conf/a ssl_certificate /ssl/$certfile;" /etc/nginx/servers/ssl.conf
-    sed -i "/proxy_params.conf/a ssl_certificate_key /ssl/$keyfile;" /etc/nginx/servers/ssl.conf
-    bashio::log.info "Ssl enabled, please use https for connection. UI is at https://YOURIP:$(bashio::addon.port 8443)"
-
-    bashio::log.info "Starting nginx..."
-    nginx & true
-fi
diff --git a/fireflyiii/rootfs/etc/nginx/includes/mime.types b/fireflyiii/rootfs/etc/nginx/includes/mime.types
deleted file mode 100644
index 7c7cdef2d1a..00000000000
--- a/fireflyiii/rootfs/etc/nginx/includes/mime.types
+++ /dev/null
@@ -1,96 +0,0 @@
-types {
-    text/html                                        html htm shtml;
-    text/css                                         css;
-    text/xml                                         xml;
-    image/gif                                        gif;
-    image/jpeg                                       jpeg jpg;
-    application/javascript                           js;
-    application/atom+xml                             atom;
-    application/rss+xml                              rss;
-
-    text/mathml                                      mml;
-    text/plain                                       txt;
-    text/vnd.sun.j2me.app-descriptor                 jad;
-    text/vnd.wap.wml                                 wml;
-    text/x-component                                 htc;
-
-    image/png                                        png;
-    image/svg+xml                                    svg svgz;
-    image/tiff                                       tif tiff;
-    image/vnd.wap.wbmp                               wbmp;
-    image/webp                                       webp;
-    image/x-icon                                     ico;
-    image/x-jng                                      jng;
-    image/x-ms-bmp                                   bmp;
-
-    font/woff                                        woff;
-    font/woff2                                       woff2;
-
-    application/java-archive                         jar war ear;
-    application/json                                 json;
-    application/mac-binhex40                         hqx;
-    application/msword                               doc;
-    application/pdf                                  pdf;
-    application/postscript                           ps eps ai;
-    application/rtf                                  rtf;
-    application/vnd.apple.mpegurl                    m3u8;
-    application/vnd.google-earth.kml+xml             kml;
-    application/vnd.google-earth.kmz                 kmz;
-    application/vnd.ms-excel                         xls;
-    application/vnd.ms-fontobject                    eot;
-    application/vnd.ms-powerpoint                    ppt;
-    application/vnd.oasis.opendocument.graphics      odg;
-    application/vnd.oasis.opendocument.presentation  odp;
-    application/vnd.oasis.opendocument.spreadsheet   ods;
-    application/vnd.oasis.opendocument.text          odt;
-    application/vnd.openxmlformats-officedocument.presentationml.presentation
-                                                     pptx;
-    application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
-                                                     xlsx;
-    application/vnd.openxmlformats-officedocument.wordprocessingml.document
-                                                     docx;
-    application/vnd.wap.wmlc                         wmlc;
-    application/x-7z-compressed                      7z;
-    application/x-cocoa                              cco;
-    application/x-java-archive-diff                  jardiff;
-    application/x-java-jnlp-file                     jnlp;
-    application/x-makeself                           run;
-    application/x-perl                               pl pm;
-    application/x-pilot                              prc pdb;
-    application/x-rar-compressed                     rar;
-    application/x-redhat-package-manager             rpm;
-    application/x-sea                                sea;
-    application/x-shockwave-flash                    swf;
-    application/x-stuffit                            sit;
-    application/x-tcl                                tcl tk;
-    application/x-x509-ca-cert                       der pem crt;
-    application/x-xpinstall                          xpi;
-    application/xhtml+xml                            xhtml;
-    application/xspf+xml                             xspf;
-    application/zip                                  zip;
-
-    application/octet-stream                         bin exe dll;
-    application/octet-stream                         deb;
-    application/octet-stream                         dmg;
-    application/octet-stream                         iso img;
-    application/octet-stream                         msi msp msm;
-
-    audio/midi                                       mid midi kar;
-    audio/mpeg                                       mp3;
-    audio/ogg                                        ogg;
-    audio/x-m4a                                      m4a;
-    audio/x-realaudio                                ra;
-
-    video/3gpp                                       3gpp 3gp;
-    video/mp2t                                       ts;
-    video/mp4                                        mp4;
-    video/mpeg                                       mpeg mpg;
-    video/quicktime                                  mov;
-    video/webm                                       webm;
-    video/x-flv                                      flv;
-    video/x-m4v                                      m4v;
-    video/x-mng                                      mng;
-    video/x-ms-asf                                   asx asf;
-    video/x-ms-wmv                                   wmv;
-    video/x-msvideo                                  avi;
-}
diff --git a/fireflyiii/rootfs/etc/nginx/includes/proxy_params.conf b/fireflyiii/rootfs/etc/nginx/includes/proxy_params.conf
deleted file mode 100644
index 1990d495964..00000000000
--- a/fireflyiii/rootfs/etc/nginx/includes/proxy_params.conf
+++ /dev/null
@@ -1,15 +0,0 @@
-proxy_http_version          1.1;
-proxy_ignore_client_abort   off;
-proxy_read_timeout          86400s;
-proxy_redirect              off;
-proxy_send_timeout          86400s;
-proxy_max_temp_file_size    0;
-
-proxy_set_header Accept-Encoding "";
-proxy_set_header Connection $connection_upgrade;
-proxy_set_header Host $http_host;
-proxy_set_header Upgrade $http_upgrade;
-proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-proxy_set_header X-Forwarded-Proto $scheme;
-proxy_set_header X-NginX-Proxy true;
-proxy_set_header X-Real-IP $remote_addr;
diff --git a/fireflyiii/rootfs/etc/nginx/includes/resolver.conf b/fireflyiii/rootfs/etc/nginx/includes/resolver.conf
deleted file mode 100644
index 70f4982b9b7..00000000000
--- a/fireflyiii/rootfs/etc/nginx/includes/resolver.conf
+++ /dev/null
@@ -1 +0,0 @@
-resolver 127.0.0.11 ipv6=off;
diff --git a/fireflyiii/rootfs/etc/nginx/includes/server_params.conf b/fireflyiii/rootfs/etc/nginx/includes/server_params.conf
deleted file mode 100644
index 09c06543eae..00000000000
--- a/fireflyiii/rootfs/etc/nginx/includes/server_params.conf
+++ /dev/null
@@ -1,6 +0,0 @@
-root            /dev/null;
-server_name     $hostname;
-
-add_header X-Content-Type-Options nosniff;
-add_header X-XSS-Protection "1; mode=block";
-add_header X-Robots-Tag none;
diff --git a/fireflyiii/rootfs/etc/nginx/includes/ssl_params.conf b/fireflyiii/rootfs/etc/nginx/includes/ssl_params.conf
deleted file mode 100644
index 6f150059981..00000000000
--- a/fireflyiii/rootfs/etc/nginx/includes/ssl_params.conf
+++ /dev/null
@@ -1,9 +0,0 @@
-ssl_protocols TLSv1.2;
-ssl_prefer_server_ciphers on;
-ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA;
-ssl_ecdh_curve secp384r1;
-ssl_session_timeout  10m;
-ssl_session_cache shared:SSL:10m;
-ssl_session_tickets off;
-ssl_stapling on;
-ssl_stapling_verify on;
diff --git a/fireflyiii/rootfs/etc/nginx/includes/upstream.conf b/fireflyiii/rootfs/etc/nginx/includes/upstream.conf
deleted file mode 100644
index b292326bd7d..00000000000
--- a/fireflyiii/rootfs/etc/nginx/includes/upstream.conf
+++ /dev/null
@@ -1,3 +0,0 @@
-upstream backend {
-    server 127.0.0.1:8080;
-}
diff --git a/fireflyiii/rootfs/etc/nginx/nginx.conf b/fireflyiii/rootfs/etc/nginx/nginx.conf
deleted file mode 100644
index 7e5bc6f7cbe..00000000000
--- a/fireflyiii/rootfs/etc/nginx/nginx.conf
+++ /dev/null
@@ -1,56 +0,0 @@
-# Run nginx in foreground.
-daemon off;
-
-# This is run inside Docker.
-user root;
-
-# Pid storage location.
-pid /var/run/nginx.pid;
-
-# Set number of worker processes.
-worker_processes 1;
-
-# Enables the use of JIT for regular expressions to speed-up their processing.
-pcre_jit on;
-
-# Write error log to Hass.io add-on log.
-error_log /proc/1/fd/1 error;
-
-# Load allowed environment vars
-env HASSIO_TOKEN;
-
-# Load dynamic modules.
-include /etc/nginx/modules/*.conf;
-
-# Max num of simultaneous connections by a worker process.
-events {
-    worker_connections 512;
-}
-
-http {
-    include /etc/nginx/includes/mime.types;
-
-    log_format hassio '[$time_local] $status '
-                        '$http_x_forwarded_for($remote_addr) '
-                        '$request ($http_user_agent)';
-
-    access_log              /proc/1/fd/1 hassio;
-    client_max_body_size    4G;
-    default_type            application/octet-stream;
-    gzip                    on;
-    keepalive_timeout       65;
-    sendfile                on;
-    server_tokens           off;
-    tcp_nodelay             on;
-    tcp_nopush              on;
-
-    map $http_upgrade $connection_upgrade {
-        default upgrade;
-        ''      close;
-    }
-
-    include /etc/nginx/includes/resolver.conf;
-    include /etc/nginx/includes/upstream.conf;
-
-    include /etc/nginx/servers/*.conf;
-}
diff --git a/fireflyiii/rootfs/etc/nginx/servers/ssl.conf b/fireflyiii/rootfs/etc/nginx/servers/ssl.conf
deleted file mode 100644
index dc65b8073f3..00000000000
--- a/fireflyiii/rootfs/etc/nginx/servers/ssl.conf
+++ /dev/null
@@ -1,35 +0,0 @@
-server {
-    listen 8443;
-
-    include /etc/nginx/includes/server_params.conf;
-    include /etc/nginx/includes/proxy_params.conf;
-
-    ssl_certificate /ssl/%%certfile%%;
-    ssl_certificate_key /ssl/%%keyfile%%;
-
-    client_max_body_size 0;
-
-	root /var/www/firefly-iii/public;
-
-	index index.html;
-    large_client_header_buffers 8 32k;
-    client_max_body_size 300M;
-    index index.php index.html index.htm;
-    server_name firefly.home.internal;
-
-   location / {
-        try_files $uri $uri/ /index.php?$query_string;
-        autoindex on;
-        sendfile off;
-   }
-
-    location ~ \.php$ {
-        try_files $uri =404;
-        fastcgi_pass unix:/var/run/php/php8.3-fpm.sock;
-        fastcgi_index index.php;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        include fastcgi_params;
-        fastcgi_read_timeout 300;
-    }
-
-}