Skip to content

feat(settings): Check for unused data directory #53980

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
joshtrichards wants to merge 3 commits into
base: master
Choose a base branch
from
Open

feat(settings): Check for unused data directory #53980

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
15ef262
feat(settings): Check for unused data directory
joshtrichards Jul 16, 2025
efeac5d
fix: add translation to success message
joshtrichards Jul 16, 2025
b6cc514
fixup: lint
joshtrichards Jul 16, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
38 changes: 31 additions & 7 deletions apps/settings/lib/SetupChecks/DataDirectoryProtected.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,16 +33,17 @@ public function __construct(
}

public function getCategory(): string {
return 'network';
return 'security';
}

public function getName(): string {
return $this->l10n->t('Data directory protected');
return $this->l10n->t('Data directory status');
}

public function run(): SetupResult {
$dataDir = str_replace(\OC::$SERVERROOT . '/', '', $this->config->getSystemValueString('datadirectory', ''));
$dataUrl = $this->urlGenerator->linkTo('', $dataDir . '/.ncdata');
$dataDirActual = $this->config->getSystemValueString('datadirectory', '');
$dataDirUriPath = str_replace(\OC::$SERVERROOT . '/', '', $dataDirActual);
$dataUrl = $this->urlGenerator->linkTo('', $dataDirUriPath . '/.ncdata');

$noResponse = true;
foreach ($this->runRequest('GET', $dataUrl, [ 'httpErrors' => false ]) as $response) {
Expand All @@ -55,17 +56,40 @@ public function run(): SetupResult {
}

if (str_contains($body, '# Nextcloud data directory')) {
return SetupResult::error($this->l10n->t('Your data directory and files are probably accessible from the internet. The .htaccess file is not working. It is strongly recommended that you configure your web server so that the data directory is no longer accessible, or move the data directory outside the web server document root.'));
return SetupResult::error(
$this->l10n->t(
'Your data directory and files are probably accessible from the Internet. The .htaccess file is not working. It is strongly recommended that you configure your web server so that the data directory is no longer accessible, or move the data directory outside the web server document root.'
)
);
}
} else {
$this->logger->debug('[expected] Could not access data directory from outside.', ['url' => $dataUrl]);
}
}

if ($noResponse) {
return SetupResult::warning($this->l10n->t('Could not check that the data directory is protected. Please check manually that your server does not allow access to the data directory.') . "\n" . $this->serverConfigHelp());
return SetupResult::warning(
$this->l10n->t(
'Could not check that the data directory is protected. Please check manually that your server does not allow access to the data directory.'
)
. "\n"
. $this->serverConfigHelp()
);
}
return SetupResult::success();

// check for unused /data folder
$dataDirDefault = \OC::$SERVERROOT . '/data';
if ($dataDirActual !== $dataDirDefault
&& file_exists($dataDirDefault)
) {
return SetupResult::info(
$this->l10n->t(
'Dormant data directory found at "%s". You may want to remove this unused directory (to avoid confusion with the in-use one and to free up storage space).',
$dataDirDefault
)
);
}

return SetupResult::success($this->l10n->t('Protected'));
}
}
Loading