Merge branch 'master' into jessie

DOLIBARR_PACKAGES/apply_patch.sh

-#!/bin/bash
-# echo "Fixing Dolibarr bug #7420"
-# sed -i.bak "178s@'\(__[^_]*__\)'@'/\1/'@g"  /usr/share/dolibarr/htdocs/includes/odtphp/Segment.php
-echo "Fixing issue with barcode generation"
-sed -i.bak "s/\$result=\$productstatic->setValueFrom('barcode', \$nextvalue, '', '', 'date', '', \$user, 'PRODUCT_MODIFY');/\$result=\$productstatic->setValueFrom('barcode', \$nextvalue, '', '', 'text', '', \$user, 'PRODUCT_MODIFY');/" /usr/share/dolibarr/htdocs/barcode/codeinit.php

etc/apt-cacher-ng/backends_mint

+## From https://github.com/morph027/apt-cacher-ng-remap/blob/master/linuxmint_mirrors
+##
+## taken from /usr/share/mint-mirrors/linuxmint.list (package mint-mirrors)
+##
+## grep -vE '^#' /usr/share/mint-mirrors/linuxmint.list | awk '{print $1}'
+##
+## acng.conf:
+## Remap-linuxmint: file:linuxmint_mirrors
+##
+
+http://mirrors.epst-tlemcen.dz/mint/
+http://mirror.is.co.za/mirrors/linuxmint.com/packages/
+http://mirror.ufs.ac.za/linuxmint-packages/
+http://mirror.rasanegar.com/linuxmint/packages/
+http://mirrors.cqu.edu.cn/linuxmint/
+https://mirrors.tuna.tsinghua.edu.cn/linuxmint/
+http://mirrors.ustc.edu.cn/linuxmint/
+http://kartolo.sby.datautama.net.id/linuxmint/
+http://ftp.jaist.ac.jp/pub/Linux/linuxmint/packages/
+http://ftp.kaist.ac.kr/linuxmint/
+http://mirror.neolabs.kz/linuxmint/packages/
+http://mirror.0x.sg/linuxmint/
+http://mirror1.ku.ac.th/linuxmint-packages/
+http://mirrors.psu.ac.th/linuxmint-packages/
+http://free.nchc.org.tw/linuxmint/packages/
+http://ftp.tku.edu.tw/Linux/LinuxMint/linuxmint/
+http://ftp.yzu.edu.tw/Linux/linuxmint/packages/
+http://mirror.freedif.org/LinuxMint/packages/
+http://mirror.aarnet.edu.au/pub/linuxmint-packages/
+http://mirror.internode.on.net/pub/linuxmint-packages/
+http://mirror.lagoon.nc/pub/linuxmint-packages/
+http://mirror.inode.at/linuxmint/packages/
+http://mint.ipacct.com/packages/
+http://mirrors.netix.net/LinuxMint/linuxmint-repo/
+http://mirror.telepoint.bg/mint_packages/
+http://mirrors.uni-ruse.bg/linuxmint/packages/
+http://ftp.mgts.by/pub/linuxmint/packages/
+http://mirrors.nic.cz/linuxmint-packages/
+http://ucho.ignum.cz/linuxmint/
+http://mint.5zs.de/
+http://mirrors.cicku.me/linuxmint/
+http://mirror.bauhuette.fh-aachen.de/linuxmint/
+http://ftp.fau.de/mint/packages/
+http://linux-mint.froonix.org/
+http://ftp-stud.hs-esslingen.de/pub/Mirrors/packages.linuxmint.com/
+http://mirror.netcologne.de/linuxmint/packages/
+http://mirrors.dotsrc.org/linuxmint-packages/
+http://ftp.klid.dk/ftp/linuxmint-packages/
+http://linuxmintpkg.efemef.ovh/
+http://mint-mirror.gwendallebihan.net/packages/
+http://mirror6.layerjet.com/linuxmint/packages/
+http://www.mirrorservice.org/sites/packages.linuxmint.com/packages/
+http://mirror.greennet.gl/linuxmint/packages/
+http://ftp.otenet.gr/linux/linuxmint-packages/
+http://ftp.cc.uoc.gr/mirrors/linux/linuxmint/packages/
+http://ftp.heanet.ie/pub/packages.linuxmint.com/
+http://ftp.nluug.nl/os/Linux/distr/linuxmint/packages/
+http://mintlinux.mirror.triple-it.nl/packages/
+http://mirror.chmuri.net/mint/
+http://ftp.icm.edu.pl/pub/Linux/dist/linuxmint/packages/
+http://mirror.onet.pl/pub/mirrors/linuxmint/packages/
+http://piotrkosoft.net/pub/mirrors/linuxmint/packages/
+http://mirrors.fe.up.pt/linuxmint-packages/
+http://mirrors.m247.ro/linuxmint/packages/
+http://mirrors.serverhost.ro/mint/packages/
+http://mirror.pmf.kg.ac.rs/mint/packages.linuxmint.com/
+http://mirror.2rz.ru/linuxmint/packages/
+http://mirror.yandex.ru/linuxmint-packages/
+http://ftp.acc.umu.se/mirror/linuxmint.com/packages/
+https://mirrors.c0urier.net/linux/linuxmint/packages/
+http://linuxmint-packages.ip-connect.vn.ua/
+http://muug.ca/mirror/linuxmint/packages/
+http://mirror.csclub.uwaterloo.ca/linuxmint-packages/
+http://packages.linuxmint.com/
+http://mirrors.advancedhosters.com/linuxmint/packages/
+http://mirror.clarkson.edu/linuxmint/packages/
+http://mirrors.seas.harvard.edu/linuxmint-packages/
+http://mirror.jmu.edu/pub/linuxmint/packages/
+http://mirrors.kernel.org/linuxmint-packages/
+http://mirror.metrocast.net/linuxmint-packages/
+http://mirror.nexcess.net/linuxmint/packages/
+http://mirror.os6.org/linuxmint.com/packages/
+http://linuxmint.mirrors.pair.com/packages/
+http://mirror.stjschools.org/public/linuxmint-packages/
+http://mirror.team-cymru.org/mint-packages/
+http://reflection.oss.ou.edu/linuxmint/repos/
+http://mirrors.usinternet.com/mint/packages/
+http://mintpackages.xfree.com.ar/
+http://mint-packages.c3sl.ufpr.br/
+http://mirror.edatel.net.co/linuxmint-packages/
+http://mirror.cedia.org.ec/linuxmint-packages/
+http://mirror.epn.edu.ec/linuxmint-packages/
+http://mirrors.evowise.com/linuxmint/packages/
+http://mirror.unlockforus.com/linuxmint/packages/

getLastDolibarrDeb.sh

+#!/bin/bash
+# Get Dolideb version list
+curl \
+    https://sourceforge.net/projects/dolibarr/files/Dolibarr%20installer%20for%20Debian-Ubuntu%20%28DoliDeb%29/ \
+    2> /dev/null | sed 's/,/\n/g'| grep '^ "download_url"' > $$-list
+
+# Get next version number
+current_major=`echo $current_version | cut -d . -f 1`
+if [ -z "$1"  ]
+then
+    num='[0-9][0-9]*'
+else
+    num=$1
+fi
+
+url=`grep "[^\d\.]$num\..*" $$-list | sort -r | head -n 1 \
+    | sed 's/.*"\(https.*\)"/\1/'`
+rm $$-list
+ver=`echo $url | sed 's@.*/\([0-9\.]*\)/download.*@\1@'`
+# Fix bad download URL
+url=`echo $url | sed "s@/download@/dolibarr_$ver-4_all.deb/download@"`
+echo $url $ver

id_rsa.pub

-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC0G13rWLIYxpFv/SZ/LsOYDc6iPjsMRolhH9VlVsYLYs8WDDdRbWlsRe/TikkpXbt5TU7f7SqGbWjy/IaN5qiWHeioXJDAdA0XI/tajrDFgCvpWQTEP41pLKNU7ORytOfIdagCSWQMFcrKoV7+iBa5BcOav/ePUy6rwGo9+K5lStZzEohhnWmfuW79Ve9X0u9qZ+qNdbs72OkvsnD8JI7d3i2gcplXF/K+gx5U5hOGUntN503HX0CuKciUuKan4S8ptJLNEoEx2Gg6//MuDneqK4rp6NJkHeZJughULVuFhDkKltCaf4iPaRb7Ios0fx6oejuE62E55kyIDoQM9IYB maintenance@tetrix
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCt1zk4q3dzwKLZ/jPZ8hFNHELQlMBK2ciej4pMGk9lEDvHIrlIny11/XQV5avPButCSGdcmoSp9icWyStnygMitUbijRFt2TDqQvo2VlbZY93mJTKo3w8873lqphVK7CSDMEHYWtbkPzJFXviou64GzUw7fJbtkpp5YUCmyRku41IClG6NqW+AeF0ce69t52utoOoan6FusCd7c5lsMb0vE8oaSrvA/+NwpfuUP7jNVF1s4kpn2tRg7z/CGZ5S8haIzJc8vXudRmIf/ApFiRUi6dCgoPIHPeb+SKp/yRYQXUyHdL0vqxGIV6RBfRqH1htTZF/O18qsE6ktJvXVxT7l maintenance@tetrix

installAptCacher.sh

+#!/bin/bash
+
+DIR=`dirname $0`
+
+apt-get update
+apt-get -y install apt-cacher-ng
+
+# Set port
+# Add PassThrough for HTTPS backends
+# Disable statistic page
+sed -i \
+    -e 's/^# \(Port:3142\)/\1/' \
+    -e 's/^# \(PassThroughPattern: \.\*\)/\1/' \
+    -e 's/^\([^#]*ReportPage:.*$\)/#\1/' \
+    /etc/apt-cacher-ng/acng.conf
+
+# Add mint backend
+if [ -z "`grep linuxmint /etc/apt-cacher-ng/acng.conf`" ]
+then
+    cp $DIR/etc/apt-cacher-ng/backends_mint /etc/apt-cacher-ng/
+    echo "Remap-linuxmint: file:backends_mint" >> \
+        /etc/apt-cacher-ng/acng.conf
+fi
+
+# Start service
+systemctl start apt-cacher-ng.service
+systemctl enable apt-cacher-ng.service
+
+# Use proxy
+if [ -z "`grep Acquire::Http::Proxy /etc/apt/apt.conf.d/70debconf`" ]
+then
+    echo 'Acquire::Http::Proxy "http://127.0.0.1:3142";' >> \
+        /etc/apt/apt.conf.d/70debconf
+fi
+
+# Allow proxy on local network
+ufw allow from $(ip a | awk '/inet .* (eth|enp)/{print $2}') to any port 3142

installBase.sh

@@ -126,3 +126,26 @@ systemctl restart ssh
 #eth0
 echo -e "auto eth0\nallow-hotplug eth0\niface eth0 inet dhcp" \
     >> /etc/network/interface
+
+# opendkim
+cd /etc/dkimkeys/
+opendkim-genkey -s mail mail -d $DOMAIN
+mv mail.private dkim.key
+sed -i.bak \
+    -e 's/^#Domain .*/Domain */' \
+    -e 's/^#Selector .*/Selector mail/' \
+    -e 's@^#KeyFile .*@KeyFile /etc/dkimkeys/dkim.key@' \
+    -e 's/^#\(Socket .*inet.*$\)/\1/' \
+    -e 's/^\(Socket .*local.*$\)/#\1/' \
+    /etc/opendkim.conf
+echo "
+# DKIM
+milter_default_action = accept
+milter_protocol = 2
+smtpd_milters = inet:localhost:8892
+non_smtpd_milters = inet:localhost:8892
+" >> /etc/postfix/main.cf
+systemctl restart postfix opendkim
+echo "DKIM is now configured, do not forget to add the following DNS entry"
+cat mail.txt
+cd -

installCertbot.sh

@@ -21,8 +21,14 @@
 
 apt-get update && apt-get install certbot
 
+if [ -z "$1" ]
+then
     DOMAINS="$(echo `echo ${MODS} | tr ' ' '\n' | grep -v 'Base\|MySQL'` \
         | tr [:upper:] [:lower:] | sed -e "s/ /.${DOMAIN},/g" -e "s/tetrasback/tetras-back/" ).${DOMAIN}"
+else
+    DOMAINS=$1
+fi
+
 ARGS="--hsts --email=${SERVER_ADMIN} --domains=${DOMAINS} --text --agree-tos"
 line="0 1 * * `date +%u` /usr/bin/certbot renew > /var/log/certbot.log \
     2>&1 > /dev/null"

installCollabora.sh

@@ -36,6 +36,7 @@ DEBIAN_FRONTEND='noninteractive' apt-get update \
        ca-certificates \
        curl \
        gnupg2 \
+       seccomp \
        software-properties-common
 
 curl -fsSL https://download.docker.com/linux/debian/gpg | apt-key add -

installDolibarr.sh

@@ -26,7 +26,6 @@ fi
 
 DOLIBARR_INSTALL_DIR=${DOLIBARR_INSTALL_DIR:-/var/www/}
 SCRIPT_DIRECTORY=`pwd`
-DOLIBARR_PKG_NAME=`ls ${SCRIPT_DIRECTORY%%/}/DOLIBARR_PACKAGES`
 DOLIBARR_LOGFILE="${SCRIPT_DIRECTORY%%/}/installDolibarr.log"
 RUNNING_DATE_TIME="$(date +%Y%m%d%H%M%S)"
 DOLIBARR_CONFIG_ServerName=${DOLIBARR_CONFIG_ServerName:-dolibarr.${DOMAIN}}
@@ -47,14 +46,17 @@ then
     mkdir -p${VERBOSE:+v} ${DOLIBARR_INSTALL_DIR}
 fi
 
-cp ${VERBOSE:+-v} `pwd`"/DOLIBARR_PACKAGES/"${DOLIBARR_PKG_NAME} \
-    ${DOLIBARR_INSTALL_DIR%%/}/
 
 echo "cd ${DOLIBARR_INSTALL_DIR}"
 cd ${DOLIBARR_INSTALL_DIR}
 
-echo "dpkg -i `pwd`/DOLIBARR_PACKAGES/${DOLIBARR_PKG_NAME}"
-dpkg -i `pwd`/DOLIBARR_PACKAGES/${DOLIBARR_PKG_NAME}
+url=`$DIR/getLastDolibarrDeb.sh $num`
+
+DOLIBARR_PKG_NAME="Dolibarr-`echo $url | cut -d ' ' -f 2`.deb"
+url=`echo $url | cut -d ' ' -f 1`
+wget -O $DOLIBARR_PKG_NAME "$url"
+echo "dpkg -i ${DOLIBARR_PKG_NAME}"
+dpkg -i ${DOLIBARR_PKG_NAME}
 echo "apt-get install -yf"
 DEBIAN_FRONTEND='noninteractive' apt-get install -yf
 

installNextcloud.env

@@ -3,7 +3,7 @@
 # wget configuration
 NEXTCLOUD_DIRECTORY_SOURCES=/root/NextcloudSources/
 NEXTCLOUD_WGET_INPUT=nextcloudSource.txt
-NEXTCLOUD_VERSION="latest-12"
+NEXTCLOUD_VERSION="latest-14"
 NEXTCLOUD_PACKAGE="$NEXTCLOUD_VERSION.tar.bz2"
 
 # extract configuration

installNextcloudApps.sh

@@ -16,53 +16,18 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 NEXTCLOUD_INSTALL_DIR="/var/www/nextcloud/"
-NEXTCLOUD_APPS_DIR="${NEXTCLOUD_INSTALL_DIR}apps/"
+APPS= "tasks news talk calendar contacts impersonate"
 
-# Take 2 parameters: app_id app_url
+# Take 1 parameters: app_id
 install_app () {
     application=$1
-    url=$2
-    archive=`echo $url | sed 's@^.*/\(.*\)$@\1@'`
-    echo "INSTALL ${application}"
-    echo "\tDownload ${application} from ${url}"
-    wget "${url}"
-    echo "\tDownload ${application} : terminated, code $?"
-    echo "\tExtract ${application}"
-    tar xzf ${PWD}/${archive}
-    echo "\tExtract ${application} : terminated, code $?"
-    echo "\tMove extracted file to ${NEXTCLOUD_APPS_DIR}"
-    cp -r --verbose ${PWD}/${application} ${NEXTCLOUD_APPS_DIR}
-    echo "\tMove extracted file to ${NEXTCLOUD_APPS_DIR} : terminated, code $?"
-    chown -R www-data:www-data ${NEXTCLOUD_APPS_DIR}${application}
-    sudo -u www-data php ${NEXTCLOUD_INSTALL_DIR}occ app:enable ${application}
+    sudo -u www-data php ${NEXTCLOUD_INSTALL_DIR}occ app:install ${application}
     echo "\tEnable ${application} : terminated, code $?"
-    rm -r ${PWD}/${application}*
 }
 
-# Install tasks
-install_app "tasks" "https://github.com/nextcloud/tasks/releases/download/v0.9.4/tasks.tar.gz"
-
-# Install news
-install_app "news" "https://github.com/nextcloud/news/releases/download/10.1.0/news.tar.gz"
-
-# Install direct_menu
-install_app "direct_menu" "https://github.com/juliushaertl/direct_menu/releases/download/0.9.3/direct_menu.tar.gz"
-
-# Install keeweb
-install_app "keeweb" "https://github.com/jhass/nextcloud-keeweb/releases/download/v0.3.0/keeweb-0.3.0.tar.gz"
-
-# Install calendar
-install_app "calendar" "https://github.com/nextcloud/calendar/releases/download/v1.4.1/calendar.tar.gz"
-
-# Install contacts
-install_app "contacts" "https://github.com/nextcloud/contacts/releases/download/v1.5.2/contacts.tar.gz"
-
-# Install Markdown editor
-install_app "files_markdown" "https://github.com/icewind1991/files_markdown/releases/download/v1.0.0/files_markdown.tar.gz"
-
-# Install Markdown editor
-install_app "mail" "https://github.com/nextcloud/mail/releases/download/nightly-20170117/mail.tar.gz"
-
+for app in APPS
+do
+    install_app $app
+done
 
 unset NEXTCLOUD_INSTALL_DIR
-unset NEXTCLOUD_APPS_DIR

upgradeAll.sh

@@ -31,7 +31,8 @@ if [ "$MAINTENANCE_LEVEL" == "upgrade" ]
 then
     aptitude upgrade
 else
-    unattended-upgrade
+    unattended-upgrade -d
+    apt-get install `apt-get -s dist-upgrade | awk '/^Inst.*Security/{print $2}'`
 fi
 
 # Update modules
@@ -69,6 +70,14 @@ else
     less /var/log/clamav.log
 fi
 
+df -h
+
+# Check docker is running
+if [ ! -z "`echo $MODS | grep -i collabora`" ]
+then
+    docker ps -a
+fi
+
 # Restart services
 services="`checkrestart | awk '/^service/{print $2} /^systemctl/{print $3}'` \
     $EXTRAS_SERVICES_TO_RESTART"
@@ -81,6 +90,7 @@ then
 else
     awk '/^[ \t]*(server_name|server_alias)/{gsub(/;$/, "", $2); print "https://"$2}' /etc/nginx/*-enabled/* | sort -u
 fi
+
 # Check if reeboot is requird
 last_kernel="$(dpkg -l | awk '/linux-image-[0-9]/{print $2}' | sort -rn | head -n 1)"
 running_kernel="linux-image-$(uname -r)"

upgradeDolibarr.sh

@@ -24,31 +24,93 @@ then
     echo "Dolibarr not installed, aborting"
     exit 1
 fi
-if [ "$MAINTENANCE_LEVEL" == "security" ] && [ "$1" != "force" ]
+
+current_version=`apt-cache policy dolibarr | grep Installed \
+    | awk '{print $2}' | sed 's/-[^-*]$//'`
+echo "Current version of Dolibarr: $current_version"
+current_major=`echo $current_version | cut -d . -f 1`
+
+echo "Retrieving list of Dolibarr versions"
+if [ "$1" == "force" ]
 then
-    echo "Dolibar upgrade is disabled for security mode, to force upgrade, run:"
-    echo -e "\t$0 force"
-    exit 1
+    update_type="major"
+    num=''
+else
+    update_type="minor"
+    num=$current_major
 fi
-git pull
-current_version=`apt-cache policy dolibarr | grep Installed | awk '{print $2}'`
-echo "Current version of Dolibarr: $current_version"
-package=`/bin/ls DOLIBARR_PACKAGES/*.deb`
-last_repo_version=`echo $package | sed 's/.*dolibarr_\([^_]*\)_.*/\1/'`
-echo "Version of Dolibarr on our repo: $last_repo_version"
-if [ "$current_version" == "$last_repo_version" ]
+
+
+url=`$DIR/getLastDolibarrDeb.sh $num`
+
+last_ver=`echo $url | cut -d ' ' -f 2`
+url=`echo $url | cut -d ' ' -f 1`
+if [ "$current_major" != "`echo $last_ver | cut -d . -f 1`" ]
+then
+    if [ "`echo $last_ver | cut -d . -f 2-3`" == "0.0" ]
+    then
+        echo "Not installing version $last_ver, waiting for .1 release"
+        exit
+    fi
+    # Force interaction on major version upgrade
+    read -p "Are you sure you want to upgrade from $current_version to $last_ver [y/N]" answer
+    if [ "$answer" != "y" ]
+    then
+        echo "Aborting"
+        exit
+    fi
+fi
+
+echo "Last $update_type version is $last_ver"
+
+if [ "$current_version" == "$last_ver" ]
 then
-echo "Current version of Dolibarr is the last version in our repo, nothing to do"
+echo "This server is running $update_type version of Dolibarr, nothing to do"
     exit
 fi
+
+# Get sources
+OLDDIR=$PWD
+if [ ! -e "/opt/dolibarr" ]
+then
+    cd /opt
+    git clone https://github.com/Dolibarr/dolibarr/
+fi
+cd /opt/dolibarr
+git reset --hard HEAD
+git checkout -b $current_version $current_version
+git branch -v
+
+# Get local changes
+cp -r /usr/share/dolibarr/htdocs/* htdocs/
+cd $OLDDIR
+
 echo "Backing up database"
 mysqldump --databases $DOLIBARR_DB > /root/$DOLIBARR_DB.sql
 mysqldump --all-databases > /root/dbs.sql
+
+echo "Downloading Dolibarr $last_ver"
+package=dolibarr-$last_ver.deb
+wget -O  $package $url
+
 echo "Installing $package"
 dpkg -i $package
+rm $package
+
 echo "Fixing dependencies"
 apt-get -f install
+
 rm /usr/share/dolibarr/documents/install.lock
-[ -f "DOLIBARR_PACKAGES/apply_patch.sh" ] && /bin/bash DOLIBARR_PACKAGES/apply_patch.sh
-echo "One final step is required to upgrade to Dolibarr $last_repo_version:"
+echo "One final step is required to upgrade to Dolibarr $last_ver:"
 echo "Please go to your Dolibarr page and run the manual upgrade step"
+
+echo "There might be local changes to Dolibarr previous to upgrade, see below:"
+cd /opt/dolibarr
+git diff > patch
+cat patch
+git status
+cd $OLDDIR
+read -p "Hit enter when you are done with the manual upgrade step"
+echo "En cas d'erreur de type The maximum column sze is 767 bytes, please adapt the following query:"
+echo "ALTER TABLE llx_my_table ROW_FORMAT=DYNAMIC ;"
+echo "After running it, restart the manual upgrade"

upgradeNextcloud.sh

@@ -35,6 +35,7 @@ then
     exit 1
 fi
 
+sudo -u www-data php /var/www/nextcloud/occ app:update --all
 current_vesion=`sudo -u www-data php /var/www/nextcloud/occ status \
     | awk '/versionstring/{print $3}'`
 echo "Nextclous is installed, version $current_vesion"
@@ -42,7 +43,7 @@ if [ $MAINTENANCE_LEVEL == "upgrade" ]
 then
     echo "Checking version  from changelog page (upgrade)"
     target_version=`curl -silent https://nextcloud.com/changelog/ \
-        | sed 's/>/>\n/g' | awk '/^<h3 id=/{print $2}' | head -n 1 \
+        | sed 's/>/>\n/g' | awk '/^\s*<h3 id=/{print $2}' | head -n 1 \
         | sed -e 's/id="\(.*\)">/\1/' -e 's/-/./g'`
 else
     echo "Checking version  from install page (security)"
@@ -89,5 +90,6 @@ if [ "$FAILED" != "" ]
 then
     echo "Failed to enable some apps: '$FAILED'"
 fi
+sudo -u www-data php /var/www/nextcloud/occ app:update --all
 echo "Please check difference between old and new .htaccess file"
 vimdiff $NEXTCLOUD_INSTALL_DIR{,.bak}/.htaccess