[00:02] <tomreyn> temporal prime directive probably...
[00:04] <tomreyn> need to fix bug#1 first to advance to the next level and meet the volcanians
[00:05] <sarnold> ahhhhhhhhh.
[00:05] <sarnold> that explains so much
[00:07] <tomreyn> gnu hurd might also come into play there, not sure.
[00:10] <sarnold> hehe :)
[00:36] <teward> sarnold: if you're still around, see PMs
[00:58] <Haris> hello all
[00:58] <Haris> on 14.04, in apache, for status mod, I'v configured require ip line. but its still opening /server-status for all other configured vhosts .. regardless?
[01:04] <Haris> what context does ubuntu load the httpd modules enabled config files in?
[01:06] <sarnold> Haris: the top-level apache2.conf file has a diagram showing how the config files are read in
[01:07] <sarnold> Haris: here's the file *before* it gets preprocessed and put into the package http://paste.ubuntu.com/p/jrxYgRSgpj/
[01:07] <sarnold> (I don't have easy access to the "real" thing, but the text at the top shouldn't matter)
[01:07] <Haris> I need the context. this diagram doesn't mention the context
[01:09] <Haris> putting in require ip line in /etc/apache2/mods-enabled/status.conf has no affect to who can access /server-status
[01:09] <Haris> apache guys are telling me to check for which context this mod's config is loaded in
[01:12] <sarnold> aha! http://paste.ubuntu.com/p/RPpXv4GSb5/
[01:12] <sarnold> check around line 150 through 165
[01:14] <Haris> doesn't make sense
[01:15] <Haris> doesn't seem relative here
[01:15] <Haris> related+
[01:16] <sarnold> really? it seems to me that it's your situation exactly :) you have a config, you want it enabled on only one vhost, so you should use a2disconf to disable it globally, and then add it manually to the one vhost where you do want it
[01:19] <Haris> hmm
[01:37] <Haris> how does one hide dot files on this same box
[01:37] <Haris> https://pastebin.com/ye13Fn2A
[01:38] <Haris> this is my apache2 config for this vhost. I can't seem to hide dot files, be it via FilesMatch or Location blocks
[01:44] <sarnold> hmm, your FilesMatch bit looks pretty close to what's on here https://httpd.apache.org/docs/2.4/sections.html
[01:46] <sarnold> is there anything in the logs that might indicate why that one didn't work? that one looked good :/
[01:49] <tomreyn> Haris: whats an example file url path that should have been blocked but was not?
[01:50] <Haris> the /.env /.env.example /.git /.gitignore
[01:50] <tomreyn> also define 'hidden', maybe you don'T actually mean to deny access but to remove off directory listings?
[01:50] <Haris> deny access via web. allow access via dir locally
[01:51] <Haris> for eg I have a laravel based app. it uses .env file for global config constants
[01:51] <Haris> I don't want the file containing global config constats to be readable via direct url access
[01:51] <Haris> but only readable by app for including
[01:52] <tomreyn> in line 29 you want either LocationMatch or Location ~
[01:53] <tomreyn> https://httpd.apache.org/docs/2.4/mod/core.html#location
[01:55] <tomreyn> Still, I guess a URL path of /.env should still have been blocked by the Directory block.
[01:56] <tomreyn> or the FilesMatch one there rather
[01:57] <sarnold> I never got the hang of directory vs location in apache. I found it easier to switch to nginx than learn apache. but the block from lines 8 through 17 all kinda looked plausible
[01:58] <Haris> location is for url paths context. directory is for dir paths context
[01:58] <Haris> but apache community suggests to use dir context. and not use location context
[01:59] <sarnold> yeah I think I came to the same conclusion, that directory was more reliable than location, to the extent I ever got it working
[02:02] <tomreyn> same here. you can use either, and combine the two, but filesystem paths are really the more reliable approach.
[02:04] <tomreyn> i actually like apache httpd's approach there better than nginx's, since it's more precise IMO, and more specific.
[02:05] <tomreyn> and most of all much better documented
[02:06] <tomreyn> this is relevant, too, and important to remember when combingin Location* and Directory* https://httpd.apache.org/docs/2.4/sections.html#merging
[02:08] <Haris> ubuntu should have enabled locationmatch directive in 14.04
[02:08] <Haris> a single regex doing most of the work
[02:08] <Haris> is it enabled in apache on 16.x or 18.x?
[02:09] <sarnold> tomreyn: 100% agreed on the better apache docs. no doubt. nginx docs have been adequate for the little I do..
[02:09] <Haris> I'v had to put per url Location block in my apache2 vhost config file(s)
[02:09] <Haris> makes for lengthy config files
[02:10] <tomreyn> sarnold: have you ever needed to prevent access to dotfiles except for /.well-known in nginx? have fun figuring this one out.
[02:10] <sarnold> tomreyn: no, everything in the directory is meant for public consumption. :) "the little I do" :)
[02:11] <tomreyn> Haris: i'm convinced that LocationMatch works in 14.04. what makes you thhink it does not?
[02:11] <sarnold> time for the weekend! good luck Haris, thanks tomreyn :)
[02:11] <tomreyn> sarnold: :-) enjoy yours!
[02:11] <Haris> apache syntax check gives msg that its not yet implemented on it yet and it doesn't wrok
[02:11] <Haris> work+
[02:11] <Haris> good luck sarnold =)
[02:11] <sarnold> :D
[02:12] <tomreyn> Haris: hmm and your apache2 package version is?
[02:12] <Haris> 2.4.7-1
[02:12] <Haris> 2.4.7-1ubuntu4.20
[02:12] <Haris> amd64
[02:12] <Haris> on 14.04
[02:13] <tomreyn> weird. ok. and Location ~ doesn't work either?
[02:13] <Haris> yep. it says it is not yet built for taking more than one argument
[02:13] <Haris> for Location or LocationMatch or FilesMatch
[02:13] <tomreyn> well, then i guess it's good it's reaching end of life in three weeks.
[02:14] <Haris> yep
[02:14] <tomreyn> there are 2.4.10 backports
=== Wryhder is now known as Lucas_Gray
[18:19] <MJCD> Hey all
[18:19] <MJCD> Anyone used Git Virtual File System? (GVFS) ?
[18:20] <MJCD> i've heard it's not what I expect
[18:20] <rypervenche> MJCD: What are you expecting it to be?
[18:20] <MJCD> basically what I want is a CI and then an autocommit on save, automatic pulls, automatic versioning, etc
[18:21] <MJCD> accessible as a filesystem
[18:21] <MJCD> auto-update from core repo
[18:21] <MJCD> all sorts of stuff
[18:22] <MJCD> at a more basic level
[18:22] <MJCD> just versioning of files, auto pull, auto commit
[18:22] <MJCD> CI determines whether it happens at all and triggers the thing
[18:23] <MJCD> and just auto incrementing revisions
[18:23] <MJCD> idc if the x.x.version is like 320491
[18:23] <MJCD> haha
[18:25] <MJCD> but i've heard it's infact nothing like that
[18:26] <MJCD> like it SOUNDS like it should be that
[18:26] <MJCD> but isn't, and I can't remember
=== tanuki_ is now known as tanuki
[21:10] <tinoco> rafaeldtinoco was removed by: rafaeldtinoco