Remove web logs (#718)

4 years ago · c793ef8de5
5 changed files with 0 additions and 24 deletions
--- a/SECURITY.md
+++ b/SECURITY.md
@ -12,10 +12,6 @@ The lack of signature verification means GitHub as a company could backdoor the

 During the beta phase we are making use of Node.js and its rich ecosystem of npm packages to rapidly build out features. However the npm ecosystem tends to make use of a large number of small focused modules. This can make audibility difficult as you end up with a huge dependency tree for even relatively simple projects.

-**Unauthenticated streaming of logs.**
-
-The lack of authentication on the logs page means that, in the correct circumstances, if someone could convince you to visit a malicious website, the website may be able to read the logs of your Umbrel.
-
 **Assuming the local network is secure**

 Umbrel currently makes the assumption that the local network is secure. This means local network communication is unencrypted using plain text HTTP. (Remote access via Tor is encrypted)
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -161,16 +161,6 @@ services:
                networks:
                    default:
                        ipv4_address: $NEUTRINO_SWITCHER_IP
-        frontail:
-            container_name: frontail
-            image: getumbrel/frontail:v4.9.1@sha256:9fa345b7a947361e2732909db8bd316b8157749d7dd9949abd8150eb023906db
-            restart: on-failure
-            command: "/var/log/syslog --url-path /logs --number 100 --disable-usage-stats"
-            volumes:
-                - /var/log:/var/log:ro
-            networks:
-                default:
-                    ipv4_address: $FRONTAIL_IP
        electrs:
              container_name: electrs
              image: getumbrel/electrs:v0.8.9@sha256:592fb50cdf16fa2b2e20f7c0a28d4a132c2ee636d89d4b9c24f14886763b5478
--- a/scripts/configure
+++ b/scripts/configure
@ -110,7 +110,6 @@ DASHBOARD_IP="10.21.21.3"
 MANAGER_IP="10.21.21.4"
 MIDDLEWARE_IP="10.21.21.5"
 NEUTRINO_SWITCHER_IP="10.21.21.6"
-FRONTAIL_IP="10.21.21.7"
 BITCOIN_IP="10.21.21.8"
 BITCOIN_RPC_PORT="8332"
 BITCOIN_P2P_PORT="8333"
@ -273,7 +272,6 @@ for template in "${NGINX_CONF_FILE}" "${BITCOIN_CONF_FILE}" "${LND_CONF_FILE}" "
  sed -i "s/<manager-ip>/${MANAGER_IP}/g" "${template}"
  sed -i "s/<middleware-ip>/${MIDDLEWARE_IP}/g" "${template}"
  sed -i "s/<neutrino-switcher-ip>/${NEUTRINO_SWITCHER_IP}/g" "${template}"
-  sed -i "s/<frontail-ip>/${FRONTAIL_IP}/g" "${template}"
  sed -i "s/<bitcoin-ip>/${BITCOIN_IP}/g" "${template}"
  sed -i "s/<lnd-ip>/${LND_IP}/g" "${template}"
  sed -i "s/<lnd-grpc-port>/${LND_GRPC_PORT}/g" "${template}"
--- a/templates/.env-sample
+++ b/templates/.env-sample
@ -7,7 +7,6 @@ DASHBOARD_IP=<dashboard-ip>
 MANAGER_IP=<manager-ip>
 MIDDLEWARE_IP=<middleware-ip>
 NEUTRINO_SWITCHER_IP=<neutrino-switcher-ip>
-FRONTAIL_IP=<frontail-ip>
 BITCOIN_NETWORK=<network>
 BITCOIN_IP=<bitcoin-ip>
 BITCOIN_RPC_PORT=<port>
--- a/templates/nginx-sample.conf
+++ b/templates/nginx-sample.conf
@ -25,13 +25,6 @@ http {
 			proxy_pass http://<manager-ip>:3006/;
 		}

-		location /logs {
-			proxy_pass http://<frontail-ip>:9001/logs;
-			proxy_http_version 1.1;
-			proxy_set_header Upgrade $http_upgrade;
-			proxy_set_header Connection "upgrade";
-		}
-
 		location / {
 			proxy_pass http://<dashboard-ip>:3004/;
 			proxy_http_version 1.1;