feat: added more checks for insecure passwords

lgsm/config-default/config-lgsm/inssserver/_default.cfg

@@ -13,7 +13,7 @@ ip="0.0.0.0"
 port="27102"
 queryport="27131"
 rconport="27015"
-rconpassword=""
+rconpassword="CHANGE_ME"
 servername="LinuxGSM"
 defaultmap="Oilfield"
 defaultscenario="Scenario_Refinery_Push_Security"

lgsm/config-default/config-lgsm/ns2cserver/_default.cfg

@@ -15,7 +15,7 @@ defaultmap="co_core"
 maxplayers="24"
 servername="LinuxGSM"
 httpuser="admin"
-httppassword="admin"
+httppassword="CHANGE_ME"
 httpport="8080"
 mods=""
 serverpassword=""

lgsm/config-default/config-lgsm/ns2server/_default.cfg

@@ -16,7 +16,7 @@ maxplayers="20"
 maxspectators="5"
 servername="LinuxGSM"
 httpuser="admin"
-httppassword="admin"
+httppassword="CHANGE_ME"
 httpport="8080"
 modserverport="27031"
 serverpassword=""

lgsm/config-default/config-lgsm/wurmserver/_default.cfg

@@ -27,7 +27,7 @@ homekingdom="4"
 
 # Unlocks the admin commands from within the game, that can be used to change
 # the gameplay settings of the server, such as skill gain rate and field growth time.
-adminpassword="ADMINPASSWORD"
+adminpassword="CHANGE_ME"
 
 # If true the server will follow the rules from the Epic servers in Wurm Online.
 # For instance it will use the skill curve.

lgsm/modules/check_config.sh

@@ -19,8 +19,15 @@ if [ "${shortname}" == "rust" ] && [ -v rconpassword ] && [ -z "${rconpassword}"
 	fn_print_fail_nl "RCON password is not set"
 	fn_script_log_warn "RCON password is not set"
 elif [ -v rconpassword ] && [ "${rconpassword}" == "CHANGE_ME" ]; then
-	fn_print_warn_nl "Default RCON Password detected"
-	fn_script_log_warn "Default RCON Password detected"
+	fn_print_warn_nl "Default RCON password detected"
+	fn_script_log_warn "Default RCON password detected"
+elif [ -v httppassword ] && [ "${httppassword}" == "CHANGE_ME" ]; then
+	fn_print_warn_nl "Default Web password detected"
+	fn_script_log_warn "Default Web password detected"
+elif [ -v adminpassword ] && [ "${adminpassword}" == "CHANGE_ME" ]; then
+	fn_print_warn_nl "Default Admin password detected"
+	fn_script_log_warn "Default Admin password detected"
+
 fi
 
 if [ "${shortname}" == "vh" ] && [ -z "${serverpassword}" ]; then

lgsm/modules/info_game.sh

@@ -1832,14 +1832,7 @@ fn_info_game_rw() {
 # example: hostname "SERVERNAME"
 # filetypes: cfg
 fn_info_game_samp() {
-	# Config
-	if [ ! -f "${servercfgfullpath}" ]; then
-		servername="unnamed server"
-		rconpassword="${unavailable}"
-		port="7777"
-		rconport="${port}"
-		maxplayers="50"
-	else
+	if [ -f "${servercfgfullpath}" ]; then
 		servername=$(grep "hostname" "${servercfgfullpath}" | sed -e 's/^[ \t]*//g' -e '/^\//d' -e 's/hostname//g' | tr -d '=\";,:' | sed -e 's/^[ \t]*//' -e 's/[ \t]*$//')
 		rconpassword=$(grep "rcon_password" "${servercfgfullpath}" | sed -e 's/^[ \t]*//g' -e '/^#/d' -e 's/^rcon_password//g' | tr -d '=\";,:' | sed -e 's/^[ \t]*//' -e 's/[ \t]*$//')
 		port=$(grep "port" "${servercfgfullpath}" | grep -v "#" | tr -cd '[:digit:]')