-
Notifications
You must be signed in to change notification settings - Fork 238
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
INSTALL-UBUNTU.md #318
base: doc-improove
Are you sure you want to change the base?
INSTALL-UBUNTU.md #318
Conversation
Add example of variables.env file
Bumps [webpack-cli](https://github.com/webpack/webpack-cli) from 3.3.8 to 3.3.11. - [Release notes](https://github.com/webpack/webpack-cli/releases) - [Changelog](https://github.com/webpack/webpack-cli/blob/next/CHANGELOG_v3.md) - [Commits](webpack/webpack-cli@v3.3.8...v3.3.11) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
…rn-webpack-cli-3.3.11
Bumps [eslint-plugin-prettier](https://github.com/prettier/eslint-plugin-prettier) from 3.1.0 to 3.1.2. - [Release notes](https://github.com/prettier/eslint-plugin-prettier/releases) - [Changelog](https://github.com/prettier/eslint-plugin-prettier/blob/master/CHANGELOG.md) - [Commits](prettier/eslint-plugin-prettier@v3.1.0...v3.1.2) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
…rn-eslint-plugin-prettier-3.1.2
Added instructions to README and Kubernetes example files to docs folder.
Added Kubernetes instructions to docs
Bumps [babel-loader](https://github.com/babel/babel-loader) from 8.0.6 to 8.1.0. - [Release notes](https://github.com/babel/babel-loader/releases) - [Changelog](https://github.com/babel/babel-loader/blob/master/CHANGELOG.md) - [Commits](babel/babel-loader@v8.0.6...v8.1.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Bumps [nyc](https://github.com/istanbuljs/nyc) from 14.1.1 to 15.0.0. - [Release notes](https://github.com/istanbuljs/nyc/releases) - [Changelog](https://github.com/istanbuljs/nyc/blob/master/CHANGELOG.md) - [Commits](istanbuljs/nyc@v14.1.1...v15.0.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Bumps [react-redux](https://github.com/reduxjs/react-redux) from 7.1.1 to 7.2.0. - [Release notes](https://github.com/reduxjs/react-redux/releases) - [Changelog](https://github.com/reduxjs/react-redux/blob/master/CHANGELOG.md) - [Commits](reduxjs/react-redux@v7.1.1...v7.2.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
…rn-develop-react-redux-7.2.0 Bump react-redux from 7.1.1 to 7.2.0
Bumps [webpack-manifest-plugin](https://github.com/danethurber/webpack-manifest-plugin) from 2.0.4 to 2.2.0. - [Release notes](https://github.com/danethurber/webpack-manifest-plugin/releases) - [Commits](shellscape/webpack-manifest-plugin@v2.0.4...v2.2.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
…rn-develop-webpack-manifest-plugin-2.2.0 Bump webpack-manifest-plugin from 2.0.4 to 2.2.0
Bumps [@babel/preset-react](https://github.com/babel/babel) from 7.0.0 to 7.9.4. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md) - [Commits](babel/babel@v7.0.0...v7.9.4) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
remove GCP exclusive button branch
fix: [AdvancedMeetingPanel] ExpansionPanel component was renamed to A…
…silvanavlima docs: add silvanavlima as a contributor
refactor:[APPCONFIG] Refactoring magic number for variable
…-dark style: [theme] less saturated colors in dark theme
The logo of the matrix was without the attribute alt.
Release/v2.0.3
This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation. |
authenticationCallbackHandler({ | ||
successRedirect: routes.homePath, | ||
failureRedirect: routes.loginPath | ||
}) |
Check failure
Code scanning / CodeQL
Missing rate limiting High
authorization
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI about 2 months ago
To fix the problem, we need to introduce rate-limiting middleware to the Express application. The express-rate-limit
package is a well-known library for this purpose. We will set up a rate limiter and apply it to the routes that handle sensitive operations, such as the authenticationCallbackHandler
.
- Install the
express-rate-limit
package. - Import the
express-rate-limit
package in thebackend/app/app.routes.js
file. - Configure the rate limiter with appropriate settings (e.g., maximum 100 requests per 15 minutes).
- Apply the rate limiter to the routes that require protection.
-
Copy modified line R2 -
Copy modified lines R16-R20 -
Copy modified line R97
@@ -1,2 +1,3 @@ | ||
import express from "express"; | ||
import RateLimit from "express-rate-limit"; | ||
import authenticate from "./middlewares/authenticate"; | ||
@@ -14,2 +15,7 @@ | ||
|
||
const limiter = RateLimit({ | ||
windowMs: 15 * 60 * 1000, // 15 minutes | ||
max: 100, // max 100 requests per windowMs | ||
}); | ||
|
||
const routes = { | ||
@@ -90,2 +96,3 @@ | ||
routes.loginStrategyCallbackPath, | ||
limiter, | ||
authenticationCallbackHandler({ |
-
Copy modified lines R29-R30
@@ -28,3 +28,4 @@ | ||
"socket.io": "^2.2.0", | ||
"uuid": "^7.0.3" | ||
"uuid": "^7.0.3", | ||
"express-rate-limit": "^7.4.1" | ||
}, |
Package | Version | Security advisories |
express-rate-limit (npm) | 7.4.1 | None |
#Matrix Installation Instructions on Ubuntu 18.04 using docker container and Apache Web Server as reverse proxy
##Author: Mário Jorge Limeira dos Santos
###Data: 2020-04-27
###The server should have a registered domain and a configured SSL certificate.
###1. Install the web server (Apache ou nginx) to be the reverse proxy of the application.
###2. If the server is exclusive to #matrix, configure the apache to listen only on 443 port (/etc/apache2/ports.conf).
###3. Configure the Apache security on file "/etc/apache2/conf-available/security.conf".
###4. Replace the Apache default index.html file on directory "/var/www/html".
###5. Configure the SSL certificate on Apache:
###6. Install docker-ce
6.1. Follow the intructions at https://docs.docker.com/engine/install/ubuntu/
*Install a docker version equal or higher to 18.06.3
6.2. Add your non-root user to the docker group:
6.3. re-login with your user to use the new group settings
###7. Install docker-compose
###8. Install #matrix
8.1. Clone the #matrix repository using git:
8.2. The #matrix uses Google authentication and you need to create a credential before setting the environment variables.
See how to create this credential at https://github.com/ResultadosDigitais/matrix/blob/master/docs/GOOGLE-CREDENTIAL-STEP-BY-STEP.md
8.3. Enter the matrix directory, duplicate the "variables.example.env" file and rename it to "variables.env".
8.4. Edit the variables.env file and set the environment variables
Warning: Do not copy and paste the informations into the file. Type everything. Copy and paste can bring unexpected errors.
Credentials created on step 2:
Client ID
GOOGLE_CLIENT_ID=<clientid>.apps.googleusercontent.com
Password
GOOGLE_SECRET=<secret>
Callback url
GOOGLE_CALLBACK_URL=https://example.com/auth/google/callback
Max time session password (cookie)
Set true if the container is running ssl internally
ENFORCE_SSL=false
E-mail Domains that are allowed to enter the matrix
WHITELIST_DOMAINS="@example.com"
Definition of the location of the rooms' configuration. ENVIRONMENT defines that the configuration of the rooms is
in the ROOMS_DATA environment variable
It is possible to define ROOMS_SOURCE=REMOTE and create an external .json file with the definition of the rooms.
ROOMS_SOURCE=ENVIRONMENT
Rooms Definitions
Each room must have a unique id. "disableMeeting":true disables meetings in that room.
ROOMS_DATA=[ { "id":"0", "name":"Lounge", "disableMeeting":true }, { "id":"1", "name":"Room 01" }, { "id":"2", "name":"Room 02" }, { "id":"3", "name":"Room 03" }, { "id":"4", "name":"Kitchen" }]
The variables.env file should look like this:
In Ubuntu 18.04, for the docker containers to correctly resolve external web addresses it was necessary to create the file "/etc/docker/daemon.json"
and inform dns servers in that file and then restart the docker service.
Content of "/etc/docker/daemon.json" file:
Restart docker service:
###9. Start the matrix service
Inside the matrix directory do:
###10. To stop the matrix service
Inside the matrix directory do: