From 5b1bf5c918f939f465ea21e4e5633a27c494469e Mon Sep 17 00:00:00 2001
From: "dave@tiredofit.ca" <dave@tiredofit.ca>
Date: Mon, 27 Jun 2022 06:03:29 -0700
Subject: [PATCH] Release 5.2.3 - See CHANGELOG.md

---
 CHANGELOG.md                                  |  6 ++++
 Dockerfile                                    |  2 +-
 .../etc/cont-init.d/30-self-service-password  | 32 +++++++++----------
 install/etc/nginx/sites.available/ssp.conf    |  6 ++--
 4 files changed, 26 insertions(+), 20 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index bb8bf20..c2137d6 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,9 @@
+## 5.2.3 2022-06-27 <dave at tiredofit dot ca>
+
+   ### Changed
+      - Bug fix to 5.2.2
+
+
 ## 5.2.2 2022-06-23 <dave at tiredofit dot ca>
 
    ### Added
diff --git a/Dockerfile b/Dockerfile
index 168ea3e..b986de6 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -4,7 +4,7 @@ LABEL maintainer="Dave Conroy (dave at tiredofit dot ca)"
 ENV SSP_VERSION=1.3 \
     PHP_ENABLE_LDAP=TRUE \
     PHP_ENABLE_CREATE_SAMPLE_PHP=FALSE \
-    NGINX_SITES_ENABLED=ssp \
+    NGINX_SITE_ENABLED=ssp \
     NGINX_WEBROOT="/www/ssp" \
     IMAGE_NAME="tiredofit/self-service-password" \
     IMAGE_REPO_URL="https://github.com/tiredofit/docker-self-service-password/"
diff --git a/install/etc/cont-init.d/30-self-service-password b/install/etc/cont-init.d/30-self-service-password
index 2fedb79..e2fc2d1 100755
--- a/install/etc/cont-init.d/30-self-service-password
+++ b/install/etc/cont-init.d/30-self-service-password
@@ -15,7 +15,7 @@ if [ ! -f "${NGINX_WEBROOT}"/index.php ] ; then
 fi
 
 ## Determine if we want to autoconfigure
-if [ "$SETUP_TYPE" = "AUTO" ]; then
+if [ "${SETUP_TYPE,,}" = "auto" ]; then
     print_warn "Autoconfiguring Settings based on defaults and evnironment variables"
 
     ## Remove Comments on Default Config File
@@ -34,24 +34,24 @@ if [ "$SETUP_TYPE" = "AUTO" ]; then
 
     ## Active Directory
     update_config_noquote ad_mode "$ADMODE"
-    sed -i "s#\$ad_options\['force_unlock'\].*#\$ad_options['force_unlock'] = ${AD_OPT_FORCE_UNLOCK};#g" "${NGINX_WEBROOT}"/conf/config.inc.php
-    sed -i "s#\$ad_options\['force_pwd_change'\].*#\$ad_options['force_pwd_changeunlock'] = ${AD_OPT_FORCE_PWD_CHANGE};#g" "${NGINX_WEBROOT}"/conf/config.inc.php
-    sed -i "s#\$ad_options\['change_expired_password'\].*#\$ad_options['change_expired_password'] = ${AD_OPT_CHANGE_EXPIRED_PASSWORD};#g" "${NGINX_WEBROOT}"/conf/config.inc.php
+    sed -i "s|\$ad_options\['force_unlock'\].*|\$ad_options['force_unlock'] = ${AD_OPT_FORCE_UNLOCK};|g" "${NGINX_WEBROOT}"/conf/config.inc.php
+    sed -i "s|\$ad_options\['force_pwd_change'\].*|\$ad_options['force_pwd_changeunlock'] = ${AD_OPT_FORCE_PWD_CHANGE};|g" "${NGINX_WEBROOT}"/conf/config.inc.php
+    sed -i "s|\$ad_options\['change_expired_password'\].*|\$ad_options['change_expired_password'] = ${AD_OPT_CHANGE_EXPIRED_PASSWORD};|g" "${NGINX_WEBROOT}"/conf/config.inc.php
 
     ## Samba
     update_config_noquote samba_mode "${SAMBA_MODE}"
-    sed -i "s#\$samba_options\['min_age'\].*#\$samba_options['min_age'] = ${SAMBA_MIN_AGE};#g" "${NGINX_WEBROOT}"/conf/config.inc.php
-    sed -i "s#\$samba_options\['max_age'\].*#\$samba_options['max_age'] = ${SAMBA_MAX_AGE};#g" "${NGINX_WEBROOT}"/conf/config.inc.php
-    sed -i "s#\$samba_options\['expire_days'\].*#\$samba_options\['expire_days'\] = ${SAMBA_EXPIRE_DAYS};#g" "${NGINX_WEBROOT}"/conf/config.inc.php
+    sed -i "s|\$samba_options\['min_age'\].*|\$samba_options['min_age'] = ${SAMBA_MIN_AGE};|g" "${NGINX_WEBROOT}"/conf/config.inc.php
+    sed -i "s|\$samba_options\['max_age'\].*|\$samba_options['max_age'] = ${SAMBA_MAX_AGE};|g" "${NGINX_WEBROOT}"/conf/config.inc.php
+    sed -i "s|\$samba_options\['expire_days'\].*|\$samba_options\['expire_days'\] = ${SAMBA_EXPIRE_DAYS};|g" "${NGINX_WEBROOT}"/conf/config.inc.php
 
     ## Shadow Options
-    sed -i "s#\$shadow_options\['update_shadowLastChange'\].*#\$shadow_options['update_shadowLastChange'] = ${SHADOW_OPT_UPDATE_SHADOWLASTCHANGE};#g" "${NGINX_WEBROOT}"/conf/config.inc.php
-    sed -i "s#\$shadow_options\['update_shadowExpire'\].*#\$shadow_options['update_shadowExpire'] = ${SHADOW_OPT_UPDATE_SHADOWEXPIRE};#g" "${NGINX_WEBROOT}"/conf/config.inc.php
+    sed -i "s|\$shadow_options\['update_shadowLastChange'\].*|\$shadow_options['update_shadowLastChange'] = ${SHADOW_OPT_UPDATE_SHADOWLASTCHANGE};|g" "${NGINX_WEBROOT}"/conf/config.inc.php
+    sed -i "s|\$shadow_options\['update_shadowExpire'\].*|\$shadow_options['update_shadowExpire'] = ${SHADOW_OPT_UPDATE_SHADOWEXPIRE};|g" "${NGINX_WEBROOT}"/conf/config.inc.php
 
     ## Hash
-    sed -i "s#\$hash_options\['crypt_salt_prefix'\].*#\$hash_options\['crypt_salt_prefix'\] = \"${PASSWORD_HASH_CRYPT_SALT_PREFIX}\";#g" "${NGINX_WEBROOT}"/conf/config.inc.php
-    sed -i "s#\$hash_options\['crypt_salt_length'\].*#\$hash_options\['crypt_salt_length'\] = ${PASSWORD_HASH_CRYPT_SALT_LENGTH};#g" "${NGINX_WEBROOT}"/conf/config.inc.php
-    sed -i "s#\$hash = .*#\$hash = \"${PASSWORD_HASH}\";#g" "${NGINX_WEBROOT}"/conf/config.inc.php
+    sed -i "s|\$hash_options\['crypt_salt_prefix'\].*|\$hash_options\['crypt_salt_prefix'\] = \"${PASSWORD_HASH_CRYPT_SALT_PREFIX}\";|g" "${NGINX_WEBROOT}"/conf/config.inc.php
+    sed -i "s|\$hash_options\['crypt_salt_length'\].*|\$hash_options\['crypt_salt_length'\] = ${PASSWORD_HASH_CRYPT_SALT_LENGTH};|g" "${NGINX_WEBROOT}"/conf/config.inc.php
+    sed -i "s|\$hash = .*|\$hash = \"${PASSWORD_HASH}\";|g" "${NGINX_WEBROOT}"/conf/config.inc.php
 
     ## Local Password Policy
     update_config_noquote pwd_min_length "${PASSWORD_MIN_LENGTH}"
@@ -140,10 +140,10 @@ if [ "$SETUP_TYPE" = "AUTO" ]; then
     update_config background_image "${BACKGROUND_IMAGE}"
 
     ## Logging
-    if var_true "$ENABLE_RESET_LOG" ; then
-         sed -i 's/#\$reset_request_logurl = /\$reset_request_log = /g' "${NGINX_WEBROOT}"/conf/config.inc.php
+    if var_true "${ENABLE_RESET_LOG}" ; then
+         sed -i 's|#\$reset_request_logurl = |\$reset_request_log = |g' "${NGINX_WEBROOT}"/conf/config.inc.php
     fi
-    update_config reset_request_log "${LOG_LOCATION}""${LOG_RESET}"
+    update_config reset_request_log "${LOG_LOCATION}" "${LOG_RESET}"
 
     ## CAPTCHA
     update_config_noquote use_recaptcha "${USE_RECAPTCHA}"
@@ -159,7 +159,7 @@ if [ "$SETUP_TYPE" = "AUTO" ]; then
 
     ## Reverse proxy Setup
     if [ "$IS_BEHIND_PROXY" = "true" ]; then
-    	 sed -i 's/#\$reset_url = /\$reset_url = /g' "${NGINX_WEBROOT}"/conf/config.inc.php
+    	 sed -i 's|#\$reset_url = |\$reset_url = |g' "${NGINX_WEBROOT}"/conf/config.inc.php
        if [ -n "${SITE_URL}"  ]; then
          update_config reset_url "${SITE_URL}"
        fi
diff --git a/install/etc/nginx/sites.available/ssp.conf b/install/etc/nginx/sites.available/ssp.conf
index bff5413..6b31b1d 100644
--- a/install/etc/nginx/sites.available/ssp.conf
+++ b/install/etc/nginx/sites.available/ssp.conf
@@ -8,7 +8,7 @@
     }
 
     location ~ \.php(/|$) {
-      include /etc/nginx/nginx.conf.d/php-fpm.conf;
+      include /etc/nginx/snippets/php-fpm.conf;
       fastcgi_split_path_info ^(.+?\.php)(/.+)$;
       fastcgi_param PATH_INFO $fastcgi_path_info;
       fastcgi_index index.php;
@@ -17,6 +17,6 @@
     }
 
     ### Don't edit past here
-    include /etc/nginx/nginx.conf.d/site_optimization.conf;
-    include /etc/nginx/nginx.conf.d/exploit_protection.conf;
+    include /etc/nginx/snippets/site_optimization.conf;
+    include /etc/nginx/snippets/exploit_protection.conf;
 }