Improve zap config

src/freedombone-app-zap

@@ -48,6 +48,7 @@ zap_variables=(ONION_ONLY
                ZAP_DOMAIN_NAME
                ZAP_CODE
                DDNS_PROVIDER
+               MY_EMAIL_ADDRESS
                MY_USERNAME)
 
 function logging_on_zap {
@@ -394,8 +395,63 @@ function install_zap {
     function_check initialise_database
     initialise_database zap "$ZAP_PATH/install/schema_mysql.sql"
 
-    # NOTE: generating .htconfig.php currently doesn't work
-    touch "$ZAP_PATH/.htconfig.php"
+    ZAP_LOCATION_HASH="$(create_random_string 30)$(create_random_string 30)$(create_random_string 30)"
+
+    { echo '<?php';
+      echo '';
+      echo "\$db_host = '127.0.0.1';";
+      echo "\$db_port = '0';";
+      echo "\$db_user = 'root';";
+      echo "\$db_pass = '${MARIADB_PASSWORD}';";
+      echo "\$db_data = 'zap';";
+      echo "\$db_type = '0'; // an integer. 0 or unset for mysql, 1 for postgres";
+      echo '';
+      echo "define('NOMADIC',1);";
+      echo '';
+      echo "App::\$config['system']['timezone'] = 'Europe/London';";
+      echo '';
+      echo "App::\$config['system']['baseurl'] = 'https://${ZAP_DOMAIN_NAME}';";
+      echo "App::\$config['system']['sitename'] = 'Zap';";
+      echo "App::\$config['system']['location_hash'] = '${ZAP_LOCATION_HASH}';"
+      echo '';
+      echo "App::\$config['system']['transport_security_header'] = 1;";
+      echo "App::\$config['system']['content_security_policy'] = 1;";
+      echo "App::\$config['system']['ssl_cookie_protection'] = 1;";
+      echo '';
+      echo '// Your choices are REGISTER_OPEN, REGISTER_APPROVE, or REGISTER_CLOSED.';
+      echo "App::\$config['system']['register_policy'] = REGISTER_OPEN;";
+      echo "App::\$config['system']['register_text'] = '';";
+      echo "App::\$config['system']['admin_email'] = '$MY_EMAIL_ADDRESS';";
+      echo '';
+      echo "App::\$config['system']['verify_email'] = 0;";
+      echo '';
+      echo '// Your choices are ACCESS_PRIVATE, ACCESS_PAID, ACCESS_TIERED, and ACCESS_FREE.';
+      echo "App::\$config['system']['access_policy'] = ACCESS_PRIVATE;";
+      echo '';
+      echo "App::\$config['system']['sellpage'] = '';";
+      echo '';
+      echo '// Maximum size of an imported message, 0 is unlimited';
+      echo '';
+      echo "App::\$config['system']['max_import_size'] = 200000;";
+      echo '';
+      echo "App::\$config['system']['php_path'] = '/usr/bin/php';";
+      echo '';
+      echo '// Configure how we communicate with directory servers.';
+      echo '// DIRECTORY_MODE_NORMAL     = directory client, we will find a directory';
+      echo '// DIRECTORY_MODE_SECONDARY  = caching directory or mirror';
+      echo '// DIRECTORY_MODE_PRIMARY    = master directory server - one per realm';
+      echo '// DIRECTORY_MODE_STANDALONE = "off the grid" or private directory services';
+      echo '';
+      echo "App::\$config['system']['directory_mode']  = DIRECTORY_MODE_NORMAL;";
+      echo '';
+      echo "App::\$config['system']['theme'] = 'redbasic';";
+      echo '';
+      echo '// Uncomment the following 4 lines to turn on PHP error logging.';
+      echo '//error_reporting(E_ERROR | E_WARNING | E_PARSE );';
+      echo "//ini_set('error_log','php.out');";
+      echo "//ini_set('log_errors','1');";
+      echo "//ini_set('display_errors', '0');"; } > "$ZAP_PATH/.htconfig.php"
+
     chown www-data:www-data "$ZAP_PATH/.htconfig.php"
     chmod 755 "$ZAP_PATH/.htconfig.php"
 

src/freedombone-utils-passwords

@@ -108,13 +108,18 @@ function enforce_good_passwords {
     mark_completed "${FUNCNAME[0]}"
 }
 
+function create_random_string {
+    wait_for_enough_entropy
+    openssl rand -base64 32 | tr -dc A-Za-z0-9 | head -c "${1}" ; echo -n ''
+}
+
 function create_password {
     wait_for_enough_entropy
     newpass=$(diceware)
     if [ "$newpass" ]; then
         echo "$newpass"
     else
-        openssl rand -base64 32 | tr -dc A-Za-z0-9 | head -c "${1}" ; echo -n ''
+        create_random_string "${1}"
     fi
 }