From 72be30c25fed514c3197fd9eb03cab787efd67cd Mon Sep 17 00:00:00 2001
From: Alexandre <alexandre.pary@gmail.com>
Date: Sat, 27 Jul 2024 09:54:48 +0200
Subject: [PATCH] Revert "trusted proxies"

This reverts commit a3ec318891b82c37c4fb43d318cf8758262be551.
---
 fireflyiii/config.json                        | 13 +++-----
 fireflyiii/rootfs/etc/cont-init.d/30-ssl.sh   | 30 -------------------
 .../nginx/servers/{ssl.conf => ingress.conf}  | 17 ++++-------
 3 files changed, 10 insertions(+), 50 deletions(-)
 delete mode 100644 fireflyiii/rootfs/etc/cont-init.d/30-ssl.sh
 rename fireflyiii/rootfs/etc/nginx/servers/{ssl.conf => ingress.conf} (65%)

diff --git a/fireflyiii/config.json b/fireflyiii/config.json
index c2eccde38..cd588a36a 100644
--- a/fireflyiii/config.json
+++ b/fireflyiii/config.json
@@ -82,12 +82,10 @@
     "silent": "true"
   },
   "ports": {
-    "8080/tcp": 3473,
-    "8443/tcp": null
+    "8080/tcp": 3473
   },
   "ports_description": {
-    "8080/tcp": "web interface",
-    "8443/tcp": "ssl web interface"
+    "8080/tcp": "web interface"
   },
   "schema": {
     "APP_KEY": "str",
@@ -99,10 +97,7 @@
     "DB_PORT": "str?",
     "DB_USERNAME": "str?",
     "Updates": "list(|hourly|daily|weekly)?",
-    "keyfile": "str",
-    "certfile": "str",
-    "silent": "bool?",
-    "ssl": "bool"
+    "silent": "bool?"
   },
   "services": [
     "mysql:want"
@@ -111,6 +106,6 @@
   "startup": "services",
   "udev": true,
   "url": "https://github.com/alexbelgium/hassio-addons",
-  "version": "6.1.18-2",
+  "version": "6.1.19",
   "webui": "[PROTO:ssl]://[HOST]:[PORT:8080]"
 }
diff --git a/fireflyiii/rootfs/etc/cont-init.d/30-ssl.sh b/fireflyiii/rootfs/etc/cont-init.d/30-ssl.sh
deleted file mode 100644
index f5d92562d..000000000
--- a/fireflyiii/rootfs/etc/cont-init.d/30-ssl.sh
+++ /dev/null
@@ -1,30 +0,0 @@
-#!/usr/bin/with-contenv bashio
-# shellcheck shell=bash
-set -e
-
-###############
-# SSL SETTING #
-###############
-declare port
-declare certfile
-declare keyfile
-
-# Ssl values
-if bashio::config.true 'ssl'; then
-    echo "Defining ssl configuration"
-    bashio::config.require.ssl
-    certfile=$(bashio::config 'certfile')
-    keyfile=$(bashio::config 'keyfile')
-
-    #Check if files exist
-    echo "... checking if referenced certificates exist"
-    [ ! -f /ssl/"$certfile" ] && bashio::log.fatal "... use_own_certs is true but certificate /ssl/$certfile not found" && bashio::exit.nok
-    [ ! -f /ssl/"$keyfile" ] && bashio::log.fatal "... use_own_certs is true but certificate /ssl/$keyfile not found" && bashio::exit.nok
-
-
-    sed -i "/proxy_params.conf/a ssl_certificate /ssl/$certfile;" /etc/nginx/servers/ssl.conf
-    sed -i "/proxy_params.conf/a ssl_certificate_key /ssl/$keyfile;" /etc/nginx/servers/ssl.conf
-    bashio::log.info "Ssl enabled, please use https for connection. UI is at https://YOURIP:$(bashio::addon.port 2342)"
-else
-    rm -r /etc/nginx/servers/ssl.conf
-fi
diff --git a/fireflyiii/rootfs/etc/nginx/servers/ssl.conf b/fireflyiii/rootfs/etc/nginx/servers/ingress.conf
similarity index 65%
rename from fireflyiii/rootfs/etc/nginx/servers/ssl.conf
rename to fireflyiii/rootfs/etc/nginx/servers/ingress.conf
index 98242a331..04c7b1a32 100644
--- a/fireflyiii/rootfs/etc/nginx/servers/ssl.conf
+++ b/fireflyiii/rootfs/etc/nginx/servers/ingress.conf
@@ -1,21 +1,14 @@
 server {
-    listen 8443;
+    listen %%interface%%:%%port%% default_server;
 
     include /etc/nginx/includes/server_params.conf;
     include /etc/nginx/includes/proxy_params.conf;
 
-    ssl_certificate /ssl/%%certfile%%;
-    ssl_certificate_key /ssl/%%keyfile%%;
-
     client_max_body_size 0;
 
-	root /var/www/firefly-iii/public/;
-
-	index index.html;
-
-    location / {
-        root /var/www/firefly-iii/public/;
-    }
+  location / {
+    root /var/www/firefly-iii/public/;
+  }
 
    location ~* \.php(?:$|/) {
       include snippets/fastcgi-php.conf;
@@ -24,3 +17,5 @@ server {
       fastcgi_pass unix:/run/php/php8.0-fpm.sock;
    }
 }
+
+