diff --git a/.gitignore b/.gitignore index 89ab23a..ca2af4a 100644 --- a/.gitignore +++ b/.gitignore @@ -1,6 +1,6 @@ vendor/ app/deploy_files -sums/ +sums/*.sum run/*.lck log/*.txt *.pub diff --git a/app/neato.php b/app/neato.php index 31c521c..1ef071a 100644 --- a/app/neato.php +++ b/app/neato.php @@ -18,7 +18,7 @@ if ($pk === false) { if (!isset($argv[1])) { echo 'Please give Script to run, example: ./neato_deploy.sh apache' . PHP_EOL; echo "Note: deploy_ is added to the beginning of the filename and .php is added to the end!" . PHP_EOL; - echo "Also, the deployment file must be in the same path if local file." . PHP_EOL; + echo "Also, the deployment file must be in the deploy_files path." . PHP_EOL; echo "Insecure: you may pass a http web site text file: IE http://mysite.com/apache.txt" . PHP_EOL; exit(1); } @@ -27,6 +27,7 @@ define('CONFIG_FILE', basename($argv[1]) ); require "neato_common.php"; +/** @phpstan-ignore-next-line Variable $os_like might not be defined */ if ($os_like == 'debian') { putenv("DEBIAN_FRONTEND=noninteractive"); } diff --git a/app/neato_enc.php b/app/neato_enc.php index d8f3c46..8225a7f 100644 --- a/app/neato_enc.php +++ b/app/neato_enc.php @@ -32,8 +32,14 @@ class enc { $plain = ""; $my_key = hex2bin($my_key); - + + /** + * @param false|string $decoded did it base64_code? + * base64_decode may return a false!!! + * Ignore the error in phpstan!! It is all correct here: + */ $decoded = base64_decode($encrypted); + // @phpstan-ignore-next-line if ($decoded === false) { throw new \Exception("The encoding failed!"); } diff --git a/app/neato_fns.php b/app/neato_fns.php index 9573c12..fa587de 100644 --- a/app/neato_fns.php +++ b/app/neato_fns.php @@ -1,5 +1,5 @@ rand(16, 26)]); +/** @phpstan-ignore-next-line Variable $cwd $os might not be defined */ $templates_dir = $cwd . '/templates/' . $os['name'] . '/'; configure::set('preinstall', [ diff --git a/deploy_files/deploy_mysql_ex1.php b/deploy_files/deploy_mysql_ex1.php index ac226a6..172c5ba 100644 --- a/deploy_files/deploy_mysql_ex1.php +++ b/deploy_files/deploy_mysql_ex1.php @@ -5,8 +5,10 @@ configure::set('syslog', false); configure::set('passwords', ['length' => rand(16, 26)]); configure::set('pre_actions', [ + /** @phpstan-ignore-next-line Variable $cwd might not be defined */ 'make_dir' => [$cwd . '/my_vaults'=>'', '/etc/neato_secrets'=>''], 'chmod_file_or_dir' => +/** @phpstan-ignore-next-line Variable $cwd might not be defined */ [ $cwd . '/my_vaults' => 'keydir', '/etc/neato_secrets' => 'keydir' ], ]); @@ -18,10 +20,13 @@ file_loop(configure::get('pre_actions')); $my_key = enc::make_key_file("/etc/neato_secrets/mysql_key"); +/** @phpstan-ignore-next-line Variable $cwd might not be defined */ if (!file_exists($cwd . "/my_vaults/mysql_secrets")) { $root_password = make_password(configure::get('passwords', 'length')); $obj = new stdClass(); $obj->root = $root_password; + + /** @phpstan-ignore-next-line Variable $cwd might not be defined */ enc::encode_file($cwd . "/my_vaults/mysql_secrets", $obj, $my_key); } diff --git a/deploy_files/deploy_mysql_ex2.php b/deploy_files/deploy_mysql_ex2.php index e3a811d..0086316 100644 --- a/deploy_files/deploy_mysql_ex2.php +++ b/deploy_files/deploy_mysql_ex2.php @@ -8,6 +8,8 @@ configure::set('syslog', false); force_root(); $my_key = read_file("/etc/neato_secrets/mysql_key"); + +/** @phpstan-ignore-next-line Variable $cwd might not be defined */ $o = enc::decode_file($cwd . "/my_vaults/mysql_secrets", $my_key); echo $o->root; diff --git a/make-installer.sh b/make-installer.sh index 798a708..c228dfb 100755 --- a/make-installer.sh +++ b/make-installer.sh @@ -1,4 +1,10 @@ #!/bin/bash + +if [ "$EUID" -ne 0 ]; then + /usr/bin/echo "Please run as root!" + exit +fi + pushd build || exit 2 generate_password() {