Increased modsecurity bodynofileslimit so larger files can be synced (#…

…993) Signed-off-by: Nikolaos Perrakis <[email protected]> Signed-off-by: nachoparker <[email protected]>
nextcloud · Sep 12, 2019 · d6afea3 · d6afea3
1 parent 4bd06e6
commit d6afea3
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 2 deletions.
diff --git a/bin/ncp/SECURITY/modsecurity.sh b/bin/ncp/SECURITY/modsecurity.sh
@@ -70,8 +70,8 @@ configure()
   SecRuleRemoveById 981401             # Content-Type Response Header is Missing and X-Content-Type-Options is either missing or not set to 'nosniff'
   SecRuleRemoveById 200002             # Failed to parse request body
 
-  # UPLOADS ( 5 MB max excluding file size )
-  SecRequestBodyNoFilesLimit 5242880
+  # UPLOADS ( https://github.com/nextcloud/nextcloudpi/issues/959#issuecomment-529150562 )
+  SecRequestBodyNoFilesLimit 536870912
 
   # GENERAL
   SecRuleRemoveById 920350             # Host header is a numeric IP address

diff --git a/updates/1.17.0.sh b/updates/1.17.0.sh
@@ -15,6 +15,11 @@ sed -i "s/buster/$RELEASE/g" /etc/apt/sources.list.d/* &>/dev/null || true
 apt-get update
 apt-get install -y --no-install-recommends php${PHPVER}-gmp
 
+# Update modsecurity config file only if user is already in buster and
+# modsecurity is used.
+# https://github.com/nextcloud/nextcloudpi/issues/959
+is_active_app modsecurity && run_app modsecurity
+
 # docker images only
 [[ -f /.docker-image ]] && {
   :