Bug 13799 introduced the api_secret_passphrase on source installs, but missed to do so on packages.
This patch introduces the entry on the template koha-conf-site.xml.in file, and
patches koha-create so it generates a randomized string (64 chars) to put in it.
To test:
- Apply the patch
- Grab the new template file:
$ sudo cp kohaclone/debian/templates/koha-conf-site.xml.in \
/etc/koha
- Create a new instance:
$ kohaclone/debian/scripts/koha-create --create-db blah
=> SUCCESS: The script runs fine, /etc/koha/sites/blah/koha-conf.xml
contains the api_secret_passphrase entry.
- Sign off :-D
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
-e "s/__END_BIBLIOS_RETRIEVAL_INFO__/`echo $END_BIBLIOS_RETRIEVAL_INFO`/g" \
-e "s/__START_AUTHORITIES_RETRIEVAL_INFO__/`echo $START_AUTHORITIES_RETRIEVAL_INFO`/g" \
-e "s/__END_AUTHORITIES_RETRIEVAL_INFO__/`echo $END_AUTHORITIES_RETRIEVAL_INFO`/g" \
+ -e "s/__API_SECRET__/$API_SECRET/g" \
-e "s/__DB_NAME__/$mysqldb/g" \
-e "s/__DB_HOST__/$mysqlhost/g" \
-e "s/__DB_USER__/$mysqluser/g" \
UPLOAD_PATH_BASE="/var/lib/koha"
UPLOAD_DIR="uploads"
UPLOAD_PATH=""
-
+# Generate a randomizaed API secret
+API_SECRET="$(pwgen -s 64 1)"
# SRU server variables
ENABLE_SRU="no"
SRU_SERVER_PORT=""
<memcached_servers>__MEMCACHED_SERVERS__</memcached_servers>
<memcached_namespace>__MEMCACHED_NAMESPACE__</memcached_namespace>
-<!-- true type font mapping accoding to type from $font_types in C4/Creators/Lib.pm -->
+ <!-- Secret passphrase used by Mojolicious for signed cookies -->
+ <api_secret_passphrase>__API_SECRET__</api_secret_passphrase>
+
+ <!-- true type font mapping accoding to type from $font_types in C4/Creators/Lib.pm -->
<ttf>
<font type="TR" >/usr/share/fonts/truetype/ttf-dejavu/DejaVuSerif.ttf</font>
<font type="TB" >/usr/share/fonts/truetype/ttf-dejavu/DejaVuSerif-Bold.ttf</font>