update setup to secure backup download

apxtri/setup/nginx.wwwscf

@@ -26,8 +26,16 @@ location /adminapi/Checkjson.js {
 location /setup.sh {
     alias {{{townpath}}}/adminapi/apxtri/setup/setup.sh;
 }
-location ~ ^/([^/]+)/setup.*\.tar\.gz$  {
+location ~ ^/([^/]+)/backups/.*\.(objects|pytri|schema)\.tar\.gz$  {
-    rewrite ^/([^/]+)/(setup.*\.tar\.gz)$ /$1/backups/$2 break;
+    set $secure_code "{{{nginx.secure_accessbackup}}}";
+    set $code $arg_code;
+    if ($arg_code = "") {
+        set $code "";
+    }
+    if ($code != $secure_code) {
+        return 403;
+    }
+    rewrite ^/([^/]+)/backups/(.+\.(objects|pytri|schema)\.tar\.gz)$ /$1/backups/$2 break;
     root {{{townpath}}}/;
 }
 location ~* /objectimg/.*/img/ {

apxtri/setup/setup.sh

@@ -26,12 +26,13 @@
 tribe=$1   # name of the tribe to install
 url=$2     # url to get the data from OR newtribe
 gitrepo=$3 # url to get apxtri code from a git repo (empty if must come from a backup or the url)
+codekey=$4 # code to access backend of the tribe in case it is not newtribe or adminapi tribe
 
 function help {
-   echo "Need more params, cmd must be $ . setup.sh <tribename> <url to get data> <gitrepourl>"
+   echo "Need more params, cmd must be $ . setup.sh <tribename> <url to get data> <gitrepourl> <codekey to getdata>"
-   echo "Example1: . setup.sh adminapi https://testwall-ants.ndda.fr https://gitea.ndda.fr/apxtri/adminapi"
+   echo "Example1: . setup.sh adminapi https://app1.smatchit.io https://gitea.ndda.fr/apxtri/adminapi"
    echo "          install adminapi from the repo (with git accessright) and get data for adminapi from testwall-ants.nnda.fr"
-   echo "Example2: setup.sh smatchit https://testwall-ants.ndda.fr"
+   echo "Example2: setup.sh smatchit https://admin.smatchit.io 1234"
    echo "          install smatchit as a copy of testwall-ants.ndda.fr but not from the git (you don't need to have git acess but need to know a specific code)"
    echo "Example3: setup.sh smatchit newtribe"
    echo "          create a new empty tribe"
@@ -44,18 +45,18 @@ else
    if [ "$url" == "newtribe" ]; then
       mkdir -p "${tribe}"
    else
-      wget "${url}/${tribe}/setup.objects.tar.gz"
+      wget "${url}/${tribe}/setup.objects.tar.gz?code=${codekey}" -o setup.objects.tar.gz
       if [[ $? -ne 0 ]]; then
-         echo "Check the url:$url seems not answer"
+         echo "Check the url:$url that seems not answer, check with tribe's admin if your access code is still valid"
          help
       else
          # add 127.0.0.1 town.nation in /ertc/hoss if not already exist to make localhost available
          #dns=$(basename "$PWD" | sed 's/-/./g')
          #grep -q "^127.0.0.1 $dns" /etc/hosts || echo "127.0.0.1 $dns" | sudo tee -a /etc/hosts > /dev/null
          if [ -z "$gitrepo" ]; then
-            wget "${url}/${tribe}/setup.apxtri.tar.gz"
+            wget "${url}/${tribe}/setup.apxtri.tar.gz?code=${codekey}" -o setup.objects.tar.gz
             tar -xzf setup.apxtri.tar.gz -C . -p && rm setup.apxtri.tar.gz
-            wget "${url}/${tribe}/setup.schema.tar.gz"
+            wget "${url}/${tribe}/setup.schema.tar.gz?code=${codekey}" -o setup.objects.tar.gz
             tar -xzf setup.schema.tar.gz -C . -p && rm setup.schema.tar.gz
             #wget "${url}/${tribe}/setup.nginx.tar.gz"
             #tar -xzf setup.nginx.tar.gz -C . -p && rm setup.nginx.tar.gz
@@ -72,6 +73,8 @@ else
    mkdir -p "${tribe}/tmp"
    mkdir -p "${tribe}/logs"
    mkdir -p "${tribe}/logs/nginx"
+   mkdir -p "${tribe}/logs/apxtri"
+   mkdir -p "${tribe}/logs/pytri"
    mkdir -p "${tribe}/backups"
    # add specific dependancy for tribe if apxtri exist
    cd "$tribe"