Coderabit

install/production-filesystem/README.md

@@ -3,18 +3,18 @@ This is the default filesystem for NetAlertX. it contains
 
 - `/app` - The main application location.  This structure is where the source code (back, front and server directories) is copied and executed in read-only form. It also provides default structures for the working directories, such as: config, db, and log. All other directories are not required in the production image and are not tracked.
 - `/build` - a place where services can be initialized during docker container build. This folder is copied in, executed near the end of the build before the system is locked down, and then deleted.  It is only available during build time.
-- `/opt/venv/lib/pthon3.12/site-acakges/aiofreebox` - this holds a certificate used by aiofreebox package, which interacts with freebox OS.
+- `/opt/venv/lib/python3.12/site-packages/aiofreebox` - this holds a certificate used by aiofreebox package, which interacts with freebox OS.
 - `/services` - a directory where all scripts which control system executions are held
     - `/services/config` - a directory which holds all configuration files and `conf.d` folders used in the production image.
         - `/services/config/cond` - `crond` daemon config.
         - `/services/config/nginx` - `nginx` conf files.
         - `/services/config/php` - php conf file.
-            `/services/config/php/php-fmp.d` - a `.d` style directory, debugger parameters or other configurations can be dropped in here.
+            - `/services/config/php/php-fpm.d` - a `.d` style directory, debugger parameters or other configurations can be dropped in here.
         - `/services/config/python-backend-extra-launch-parameters` - the contents of this file are added to launch params. It can be used to add debugging capabilities.
-    - `/services/capcheck.sh` - This is run at startup to warn the user if the container does not hold requried permissions to operate certain raw-packet tools.
+    - `/services/capcheck.sh` - This is run at startup to warn the user if the container does not hold required permissions to operate certain raw-packet tools.
     - `/services/healthcheck.sh` - The system healthcheck. This script tests the services and reports if something fails.
     - `/services/start-backend.sh` - The launcher for python services. This is called at startup by `entrypoint.sh`.
     - `/services/start-crond.sh` - The launcher for crond task scheduler. This is called at startup by `entrypoint.sh`.
     - `/services/start-nginx.sh` - The launcher for nginx frontend/website services. This is called at startup by `entrypoint.sh`.
     - `/services/start-php-fpm.sh` - The launcher for php-fpm, used to interpret php for the frontend website. This is called at startup by `entrypoint.sh`.
-- `/entrypoint.sh` - Called at system startup to launch all services and servers requried by NetAlertX.
+- `/entrypoint.sh` - Called at system startup to launch all services and servers required by NetAlertX.

install/production-filesystem/services/config/nginx/netalertx.conf

@@ -13,7 +13,6 @@ server {
     root /app/front;
     index index.php;
     add_header X-Forwarded-Prefix "/app" always;
-    proxy_set_header X-Forwarded-Prefix "/app";
 
     # # Authentication endpoint
     # location = /auth {

install/production-filesystem/services/config/nginx/nginx.conf

@@ -49,7 +49,7 @@ http {
 
 	# Enables the specified protocols. Default is TLSv1 TLSv1.1 TLSv1.2.
 	# TIP: If you're not obligated to support ancient clients, remove TLSv1.1.
-	ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
+	ssl_protocols TLSv1.2 TLSv1.3;
 
 	# Path of the file with Diffie-Hellman parameters for EDH ciphers.
 	# TIP: Generate with: `openssl dhparam -out /etc/ssl/nginx/dh2048.pem 2048`