diff --git a/conf/aeneria.cron b/conf/aeneria.cron index e9b4b3a..6da777c 100644 --- a/conf/aeneria.cron +++ b/conf/aeneria.cron @@ -1 +1 @@ -*/20 * * * * #USER# php7.3 #DESTDIR#/bin/console aeneria:fetch-data +*/20 * * * * __APP__ /usr/bin/php__PHPVERSION__ __FINALPATH__/bin/console aeneria:fetch-data diff --git a/manifest.json b/manifest.json index 54aa162..d14eb1a 100644 --- a/manifest.json +++ b/manifest.json @@ -1,5 +1,5 @@ { - "name": "aeneria", + "name": "æneria", "id": "aeneria", "packaging_format": 1, "description": { @@ -14,7 +14,7 @@ "email": "bonjour@aeneria.com" }, "requirements": { - "yunohost": ">= 4.1.7" + "yunohost": ">= 4.2.4" }, "multi_instance": true, "services": [ diff --git a/scripts/_common.sh b/scripts/_common.sh index d311cb1..eb5147a 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -19,19 +19,6 @@ extra_php_dependencies="php${YNH_PHP_VERSION}-zip php${YNH_PHP_VERSION}-pgsql ph # EXPERIMENTAL HELPERS #================================================= -# Execute a command as another user -# usage: exec_as USER COMMAND [ARG ...] -ynh_exec_as() { - local USER=$1 - shift 1 - - if [[ $USER = $(whoami) ]]; then - eval "$@" - else - sudo -u "$USER" "$@" - fi -} - # Check available space before creating a temp directory. # # usage: ynh_smart_mktemp --min_size="Min size" diff --git a/scripts/install b/scripts/install index a75d459..a3d16db 100644 --- a/scripts/install +++ b/scripts/install @@ -57,7 +57,15 @@ ynh_app_setting_set --app=$app --key=deskey --value=$deskey #================================================= ynh_script_progression --message="Installing dependencies..." --weight=1 -ynh_install_app_dependencies $pkg_dependencies +ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies + +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Configuring system user..." --weight=1 + +# Create a system user +ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= # CREATE A PSQL DATABASE @@ -80,6 +88,10 @@ ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + #================================================= # NGINX CONFIGURATION #================================================= @@ -88,14 +100,6 @@ ynh_script_progression --message="Configuring NGINX web server..." --weight=1 # Create a dedicated nginx config ynh_add_nginx_config -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." --weight=1 - -# Create a system user -ynh_system_user_create --username=$app - #================================================= # PHP-FPM CONFIGURATION #================================================= @@ -124,10 +128,6 @@ chmod 600 "$aeneria_conf" #================================================= ynh_script_progression --message="Installing aeneria..." --weight=1 -# Set permissions to app files -chown -R $app: $final_path -chmod 755 $final_path - # Install aeneria pushd $final_path ynh_exec_as $app php$phpversion bin/console aeneria:install "$app" -n @@ -148,15 +148,11 @@ popd #================================================= # SET UP CRON JOB #================================================= -ynh_script_progression --message="Setuping a cron job..." --weight=1 +ynh_script_progression --message="Setuping a cron..." --weight=1 -cron_path="/etc/cron.d/$app" -cp -a ../conf/aeneria.cron "$cron_path" -chown root: "$cron_path" -chmod 644 "$cron_path" - -ynh_replace_string "#USER#" "$app" "$cron_path" -ynh_replace_string "#DESTDIR#" "$final_path" "$cron_path" +ynh_add_config --template="../conf/aeneria.cron" --destination="/etc/cron.d/$app" +chown root: "/etc/cron.d/$app" +chmod 644 "/etc/cron.d/$app" #================================================= # ADAPT HOOK FOR AENERIA INSTANCE @@ -166,17 +162,6 @@ ynh_script_progression --message="Adapting hooks..." --weight=1 ynh_replace_string --match_string="APPNAMETOCHANGE" --replace_string="$app" --target_file="../hooks/post_user_create" ynh_replace_string --match_string="APPNAMETOCHANGE" --replace_string="$app" --target_file="../hooks/post_user_delete" -#================================================= -# GENERIC FINALIZATION -#================================================= -# SECURE FILES AND DIRECTORIES -#================================================= -ynh_script_progression --message="Securing files and directories..." --weight=1 - -# Set permissions to app files -chown -R $app: $final_path -chmod 755 $final_path - #================================================= # SETUP SSOWAT #================================================= diff --git a/scripts/remove b/scripts/remove index 21966eb..e5dfdea 100644 --- a/scripts/remove +++ b/scripts/remove @@ -50,7 +50,7 @@ ynh_secure_remove --file="$final_path" #================================================= # REMOVE NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Removing nginx web server configuration..." --weight=1 +ynh_script_progression --message="Removing NGINX web server configuration..." --weight=1 # Remove the dedicated nginx config ynh_remove_nginx_config @@ -58,7 +58,7 @@ ynh_remove_nginx_config #================================================= # REMOVE PHP-FPM CONFIGURATION #================================================= -ynh_script_progression --message="Removing php-fpm configuration..." --weight=1 +ynh_script_progression --message="Removing PHP-FPM configuration..." --weight=1 # Remove the dedicated php-fpm config ynh_remove_fpm_config diff --git a/scripts/restore b/scripts/restore index 87e3ae3..5325b8b 100644 --- a/scripts/restore +++ b/scripts/restore @@ -36,8 +36,6 @@ phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= ynh_script_progression --message="Validating restoration parameters..." --weight=1 -ynh_webpath_available --domain=$domain --path_url=$path_url \ - || ynh_die --message="Path not available: ${domain}${path_url}" test ! -d $final_path \ || ynh_die --message="There is already a directory: $final_path " @@ -50,6 +48,14 @@ ynh_script_progression --message="Restoring the nginx configuration..." --weight ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" +#================================================= +# RECREATE THE DEDICATED USER +#================================================= +ynh_script_progression --message="Recreating the dedicated system user..." --weight=1 + +# Create the dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # RESTORE THE APP MAIN DIR #================================================= @@ -57,21 +63,9 @@ ynh_script_progression --message="Restoring the app main directory..." --weight= ynh_restore_file --origin_path="$final_path" -#================================================= -# RECREATE THE DEDICATED USER -#================================================= -ynh_script_progression --message="Recreating the dedicated system user..." --weight=1 - -# Create the dedicated user (if not existing) -ynh_system_user_create --username=$app - -#================================================= -# RESTORE USER RIGHTS -#================================================= -ynh_script_progression --message="Restoring user rights..." - -# Restore permissions on app files -chown -R $app: $final_path +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" #================================================= # RESTORE THE PHP-FPM CONFIGURATION @@ -92,7 +86,7 @@ ynh_add_fpm_config --usage=low --footprint=low --package="$extra_php_dependencie ynh_script_progression --message="Reinstalling dependencies..." --weight=1 # Define and install dependencies -ynh_install_app_dependencies $pkg_dependencies +ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies #================================================= # RESTORE THE PSQL DATABASE diff --git a/scripts/upgrade b/scripts/upgrade index a139870..2b52f6f 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -33,6 +33,20 @@ ynh_script_progression --message="Checking version..." upgrade_type=$(ynh_check_app_version_changed) +#================================================= +# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +#================================================= +ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." + +# Backup the current version of the app +ynh_backup_before_upgrade +ynh_clean_setup () { + # restore it if the upgrade fails + ynh_restore_upgradebackup +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= @@ -58,18 +72,12 @@ if ynh_legacy_permissions_exists; then fi #================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +# CREATE DEDICATED USER #================================================= -ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." +ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 -# Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { - # restore it if the upgrade fails - ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors +# Create a dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= # STANDARD UPGRADE STEPS @@ -99,6 +107,10 @@ then ynh_secure_remove --file="$tmpdir" fi +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + #================================================= # NGINX CONFIGURATION #================================================= @@ -112,15 +124,7 @@ ynh_add_nginx_config #================================================= ynh_script_progression --message="Upgrading dependencies..." --weight=1 -ynh_install_app_dependencies "$pkg_dependencies" - -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 - -# Create a dedicated user (if not existing) -ynh_system_user_create --username=$app +ynh_exec_warn_less ynh_install_app_dependencies "$pkg_dependencies" #================================================= # PHP-FPM CONFIGURATION @@ -149,10 +153,6 @@ chmod 600 "$aeneria_conf" #================================================= ynh_script_progression --message="Upgrading aeneria..." --weight=1 -# Set permissions on app files -chown -R $app: $final_path -chmod 755 $final_path - # Install dependencies and aeneria pushd $final_path ynh_exec_as $app php$phpversion bin/console cache:clear -n @@ -183,36 +183,22 @@ popd #================================================= ynh_script_progression --message="Setuping a cron job..." --weight=1 -cron_path="/etc/cron.d/$app" -cp -a ../conf/aeneria.cron "$cron_path" -chown root: "$cron_path" -chmod 644 "$cron_path" - -ynh_replace_string --match_string="#USER#" --replace_string="$app" --target_file="$cron_path" -ynh_replace_string --match_string="#DESTDIR#" --replace_string="$final_path" --target_file="$cron_path" +ynh_add_config --template="../conf/aeneria.cron" --destination="/etc/cron.d/$app" +chown root: "/etc/cron.d/$app" +chmod 644 "/etc/cron.d/$app" #================================================= # ADAPT HOOK FOR AENERIA INSTANCE #================================================= ynh_script_progression --message="Adapting hooks..." --weight=1 + ynh_replace_string --match_string="APPNAMETOCHANGE" --replace_string=$app --target_file="../hooks/post_user_create" ynh_replace_string --match_string="APPNAMETOCHANGE" --replace_string=$app --target_file="../hooks/post_user_delete" -#================================================= -# GENERIC FINALIZATION -#================================================= -# SECURE FILES AND DIRECTORIES -#================================================= -ynh_script_progression --message="Securing files and directories..." - -# Set permissions on app files -chown -R $app: $final_path -chmod 755 $final_path - #================================================= # RELOAD NGINX #================================================= -ynh_script_progression --message="ReloadingNGINX web server..." --weight=1 +ynh_script_progression --message="Reloading NGINX web server..." --weight=1 ynh_systemd_action --service_name=nginx --action=reload