diff --git a/.github/workflows/build_ci.yml b/.github/workflows/build_ci.yml index 734518fca..fe73a9e36 100644 --- a/.github/workflows/build_ci.yml +++ b/.github/workflows/build_ci.yml @@ -30,7 +30,7 @@ jobs: strategy: fail-fast: false matrix: - os: [ jammy, bookworm, noble ] + os: [ jammy, bookworm, noble, trixie ] target: ${{ fromJson(needs.generate-matrix.outputs.target) }} runs-on: [ self-hosted, linux, x64, "${{ matrix.os }}" ] timeout-minutes: 35 diff --git a/src/config/nginx.conf b/src/config/nginx.conf index ade6dd0dd..4df03d507 100644 --- a/src/config/nginx.conf +++ b/src/config/nginx.conf @@ -9,11 +9,10 @@ http { send_timeout 600; server { - listen 443; + listen 443 ssl; server_name localhost; client_max_body_size 512M; - ssl on; ssl_certificate /etc/nginx/fact.crt; ssl_certificate_key /etc/nginx/fact.key; ssl_prefer_server_ciphers on; diff --git a/src/install/frontend.py b/src/install/frontend.py index 3c7f5f604..1b2ee2151 100644 --- a/src/install/frontend.py +++ b/src/install/frontend.py @@ -27,6 +27,7 @@ INSTALL_DIR = Path(__file__).parent PIP_DEPENDENCIES = INSTALL_DIR / 'requirements_frontend.txt' STATIC_WEB_DIR = INSTALL_DIR.parent / 'web_interface' / 'static' +CONFIG_DIR = INSTALL_DIR.parent / 'config' MIME_ICON_DIR = STATIC_WEB_DIR / 'file_icons' ICON_THEME_INSTALL_PATH = Path('/usr/share/icons/Papirus/24x24') NODEENV_DIR = 'nodeenv' @@ -83,6 +84,10 @@ def _install_nginx(distribution): ], error='restore selinux context', ) + if not Path('/run/nginx.pid').exists(): + proc = subprocess.run('sudo service nginx restart', shell=True, capture_output=True, text=True, check=False) + if proc.returncode != 0: + raise InstallationError(f'Failed to start nginx\n{proc.stderr}') nginx_process = subprocess.run('sudo nginx -s reload', shell=True, capture_output=True, text=True, check=False) if nginx_process.returncode != 0: raise InstallationError(f'Failed to start nginx\n{nginx_process.stderr}') @@ -103,18 +108,19 @@ def _generate_and_install_certificate(): def _configure_nginx(): logging.info('Configuring nginx') - execute_commands_and_raise_on_return_code( - [ - 'sudo cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak', - 'sudo rm /etc/nginx/nginx.conf', - # copy is better on redhat to respect selinux context - '(cd ../config && sudo install -m 644 $PWD/nginx.conf /etc/nginx/nginx.conf)', - '(sudo mkdir /etc/nginx/error || true)', - '(cd ../web_interface/templates/ ' - '&& sudo ln -s $PWD/maintenance.html /etc/nginx/error/maintenance.html) || true', - ], - error='configuring nginx', - ) + with OperateInDirectory(CONFIG_DIR): + execute_commands_and_raise_on_return_code( + [ + 'sudo cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak', + 'sudo rm /etc/nginx/nginx.conf', + # copy is better on redhat to respect selinux context + 'sudo install -m 644 $PWD/nginx.conf /etc/nginx/nginx.conf', + '(sudo mkdir /etc/nginx/error || true)', + '(cd ../web_interface/templates/ ' + '&& sudo ln -s $PWD/maintenance.html /etc/nginx/error/maintenance.html) || true', + ], + error='configure nginx', + ) def _install_docker_images(radare): @@ -167,7 +173,7 @@ def _install_nodejs(nodejs_version: str = '22'): def _find_latest_node_version(target_version: str) -> str: proc = subprocess.run(split('nodeenv --list'), capture_output=True, text=True, check=False) if proc.returncode != 0: - raise InstallationError('nodejs installation failed. Is nodeenv installed?') + raise InstallationError(f'nodejs installation failed. Is nodeenv installed?\n{proc.stderr}') available_versions = [ parse_version(v) for v in re.split(r'[\n\t ]', proc.stderr) if v and v.startswith(target_version) ] diff --git a/src/install/requirements_frontend.txt b/src/install/requirements_frontend.txt index 86177e611..6f55f9a71 100644 --- a/src/install/requirements_frontend.txt +++ b/src/install/requirements_frontend.txt @@ -10,7 +10,7 @@ flask-restx~=1.3.0 flask-sqlalchemy~=3.1.1 gql~=3.5.0 itsdangerous~=2.2.0 -matplotlib~=3.7.5 +matplotlib~=3.10.5 more-itertools~=10.5.0 prompt-toolkit~=3.0.50 python-dateutil~=2.9.0 @@ -19,7 +19,7 @@ uwsgi~=2.0.28 virtualenv~=20.29.1 # npm installation -nodeenv~=1.8.0 +nodeenv~=1.9.1 # must be below dependent packages (flask, flask-login, flask-restx) werkzeug~=3.0.6 diff --git a/src/install/requirements_pre_install.txt b/src/install/requirements_pre_install.txt index b63bd0fe3..aec332df1 100644 --- a/src/install/requirements_pre_install.txt +++ b/src/install/requirements_pre_install.txt @@ -10,7 +10,7 @@ pydantic==2.10.6 werkzeug~=3.0.6 toml==0.10.2 # needed during installation of cve_lookup plugin -ijson==3.3.0 +ijson==3.4.0 git+https://github.com/fkie-cad/common_helper_files.git diff --git a/src/plugins/analysis/binwalk/requirements.txt b/src/plugins/analysis/binwalk/requirements.txt index cb82452ad..107849437 100644 --- a/src/plugins/analysis/binwalk/requirements.txt +++ b/src/plugins/analysis/binwalk/requirements.txt @@ -1,3 +1,3 @@ capstone==4.0.2 cstruct==4.0 -matplotlib==3.7.3 +matplotlib==3.10.5 diff --git a/src/plugins/analysis/file_type/test/test_plugin_file_type.py b/src/plugins/analysis/file_type/test/test_plugin_file_type.py index 3b48a2992..b63dc636a 100644 --- a/src/plugins/analysis/file_type/test/test_plugin_file_type.py +++ b/src/plugins/analysis/file_type/test/test_plugin_file_type.py @@ -17,6 +17,6 @@ def test_detect_type_of_file(analysis_plugin): summary = analysis_plugin.summarize(result) assert result.mime == 'application/zip', 'mime-type not detected correctly' - assert result.full.startswith('Zip archive data, at least'), 'full type not correct' + assert result.full.startswith('Zip archive data,'), 'full type not correct' assert summary == ['application/zip']