mirror of
https://github.com/YunoHost-Apps/agendav_ynh.git
synced 2024-09-03 20:36:12 +02:00
Restructure install script
This commit is contained in:
parent
37249f444a
commit
0332ea782e
1 changed files with 155 additions and 77 deletions
232
scripts/install
232
scripts/install
|
@ -1,46 +1,57 @@
|
|||
#!/bin/bash
|
||||
|
||||
# Source local helpers
|
||||
source ./_common.sh
|
||||
#=================================================
|
||||
# GENERIC START
|
||||
#=================================================
|
||||
# IMPORT GENERIC HELPERS
|
||||
#=================================================
|
||||
|
||||
# Source app helpers
|
||||
source _common.sh
|
||||
source /usr/share/yunohost/helpers
|
||||
|
||||
# Abort script if errors
|
||||
#=================================================
|
||||
# MANAGE SCRIPT FAILURE
|
||||
#=================================================
|
||||
|
||||
# Exit if an error occurs during the execution of the script
|
||||
ynh_abort_if_errors
|
||||
|
||||
# Retrieve arguments
|
||||
#=================================================
|
||||
# RETRIEVE ARGUMENTS FROM THE MANIFEST
|
||||
#=================================================
|
||||
|
||||
domain=$YNH_APP_ARG_DOMAIN
|
||||
path_url=$YNH_APP_ARG_PATH
|
||||
language=$YNH_APP_ARG_LANGUAGE
|
||||
disablecacheck=$YNH_APP_ARG_DISABLECACHECK
|
||||
|
||||
# Set and store language
|
||||
language=${LANGUAGES[$language]}
|
||||
|
||||
# Set app specific variables
|
||||
app=$YNH_APP_INSTANCE_NAME
|
||||
dbname=$app
|
||||
dbuser=$app
|
||||
|
||||
#=================================================
|
||||
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
|
||||
#=================================================
|
||||
|
||||
final_path=/var/www/$app
|
||||
test ! -e "$final_path" || ynh_die "This path already contains a folder"
|
||||
|
||||
# Define LOGDIR (create it later when user is created)
|
||||
LOGDIR=/var/log/$app
|
||||
test ! -e "$LOGDIR" || ynh_die "This log path already contains a folder"
|
||||
|
||||
# Normalize the url path syntax
|
||||
path_url=$(ynh_normalize_url_path "$path_url")
|
||||
|
||||
# Set and store language
|
||||
language=${LANGUAGES[$language]}
|
||||
|
||||
ynh_app_setting_set "$app" language "$language"
|
||||
ynh_app_setting_set "$app" path "$path_url"
|
||||
|
||||
# Check web path availability
|
||||
ynh_webpath_available "$domain" "$path_url"
|
||||
# Register (book) web path
|
||||
ynh_webpath_register "$app" "$domain" "$path_url"
|
||||
|
||||
# Define LOGDIR (create it later when user is created)
|
||||
LOGDIR=/var/log/$app
|
||||
|
||||
# Check destination directory
|
||||
final_path=/var/www/$app
|
||||
test ! -e "$final_path" || ynh_die "This path already contains a folder"
|
||||
|
||||
mkdir -p "$final_path"
|
||||
|
||||
# Check whether Baïkal or Radicale is installed
|
||||
baikal_install=$(agendav_app_check_installation "baikal")
|
||||
|
@ -57,80 +68,147 @@ else
|
|||
ynh_die "Baikal or Radicale is mandatory"
|
||||
fi
|
||||
|
||||
#=================================================
|
||||
# STORE SETTINGS FROM MANIFEST
|
||||
#=================================================
|
||||
|
||||
ynh_app_setting_set "$app" language "$language"
|
||||
ynh_app_setting_set "$app" path "$path_url"
|
||||
ynh_app_setting_set "$app" domain "$domain"
|
||||
ynh_app_setting_set "$app" disablecacheck "$disablecacheck"
|
||||
ynh_app_setting_set "$app" final_path "$final_path"
|
||||
|
||||
#=================================================
|
||||
# STANDARD MODIFICATIONS
|
||||
#=================================================
|
||||
|
||||
# Install dependencies
|
||||
ynh_install_app_dependencies php5-cli
|
||||
|
||||
ynh_setup_source "$final_path"
|
||||
|
||||
# Generate random password and encryption key
|
||||
dbpass=$(ynh_string_random)
|
||||
encryptkey=$(ynh_string_random 24)
|
||||
ynh_app_setting_set "$app" encryptkey "$encryptkey"
|
||||
ynh_app_setting_set "$app" mysqlpwd "$dbpass"
|
||||
|
||||
# Copy and set AgenDAV configuration
|
||||
conf_path="${final_path}/web/config/settings.php"
|
||||
cp ../conf/settings.php "$conf_path"
|
||||
sed -i "s/{DBUSER}/${dbuser}/g" "$conf_path"
|
||||
sed -i "s/{DBPASS}/${dbpass}/g" "$conf_path"
|
||||
sed -i "s/{DBNAME}/${dbname}/g" "$conf_path"
|
||||
sed -i "s/{ENCRYPTKEY}/${encryptkey}/g" "$conf_path"
|
||||
sed -i "s@{LOGDIR}@${LOGDIR}@g" "$conf_path"
|
||||
sed -i "s@{TIMEZONE}@$(cat /etc/timezone)@g" "$conf_path"
|
||||
sed -i "s@{LANGUAGE}@${language}@g" "$conf_path"
|
||||
|
||||
if [ $disablecacheck -eq 0 ]; then
|
||||
ynh_replace_string "__CACHECK__" "true" "$conf_path"
|
||||
else
|
||||
ynh_replace_string "__CACHECK__" "false" "$conf_path"
|
||||
fi
|
||||
|
||||
# CalDAV config
|
||||
caldav_domain=$(ynh_app_setting_get "$caldav_app" domain)
|
||||
caldav_path=$(ynh_app_setting_get "$caldav_app" path)
|
||||
caldav_url="https://${caldav_domain}${caldav_path%/}"
|
||||
sed -i "s@{CALDAV_BASEURL}@${caldav_url}${caldav_baseurl}@g" "$conf_path"
|
||||
sed -i "s@{CALDAV_DOMAIN}@${caldav_domain}@g" "$conf_path"
|
||||
|
||||
ynh_system_user_create "$app"
|
||||
|
||||
chown -R root: "$final_path"
|
||||
|
||||
# Protect source code against modifications
|
||||
#find "${final_path}" -type f -exec chown root:root {} \; -exec chmod 644 {} \;
|
||||
#find "${final_path}" -type d -exec chown root:root {} \; -exec chmod 755 {} \;
|
||||
|
||||
# Only agendav user should write here
|
||||
chown -R $app "${final_path}/web/var/cache/"{profiler,twig}
|
||||
#chmod -R 750 "${final_path}/web/var/cache/"{profiler,twig}
|
||||
|
||||
# The agendav user should read here, but does not need to write
|
||||
# Other users should not be able to read as it stores passwords.
|
||||
#find "${final_path}/web/config" -type f -exec chown root:$app {} \; -exec chmod 640 {} \;
|
||||
#find "${final_path}/web/config" -type d -exec chown root:$app {} \; -exec chmod 750 {} \;
|
||||
|
||||
chown -R $app "${final_path}/web/config/"
|
||||
|
||||
# Create log directory
|
||||
install -m 750 -o $app -g adm -d "$LOGDIR"
|
||||
#=================================================
|
||||
# CREATE A MYSQL DATABASE
|
||||
#=================================================
|
||||
|
||||
# Initialize database
|
||||
dbpass=$(ynh_string_random)
|
||||
ynh_app_setting_set "$app" mysqlpwd "$dbpass"
|
||||
|
||||
ynh_mysql_create_db "$dbname" "$dbuser" "$dbpass"
|
||||
|
||||
# Run database migrations
|
||||
(
|
||||
cd $final_path
|
||||
php agendavcli migrations:migrate --no-interaction
|
||||
)
|
||||
#=================================================
|
||||
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
||||
#=================================================
|
||||
|
||||
ynh_setup_source "$final_path"
|
||||
|
||||
#=================================================
|
||||
# NGINX CONFIGURATION
|
||||
#=================================================
|
||||
|
||||
# Copy and set nginx configuration
|
||||
ynh_add_nginx_config
|
||||
|
||||
#=================================================
|
||||
# CREATE DEDICATED USER
|
||||
#=================================================
|
||||
|
||||
ynh_system_user_create "$app"
|
||||
|
||||
#=================================================
|
||||
# PHP-FPM CONFIGURATION
|
||||
#================================================
|
||||
|
||||
# Copy and set php-fpm configuration
|
||||
ynh_add_fpm_config
|
||||
|
||||
#=================================================
|
||||
# SPECIFIC SETUP
|
||||
#=================================================
|
||||
# Create settings.php
|
||||
#=================================================
|
||||
|
||||
# Generate random encryption key
|
||||
encryptkey=$(ynh_string_random 24)
|
||||
|
||||
ynh_app_setting_set "$app" encryptkey "$encryptkey"
|
||||
|
||||
# Copy and set AgenDAV configuration
|
||||
timezone=$(cat /etc/timezone)
|
||||
|
||||
caldav_domain=$(ynh_app_setting_get "$caldav_app" domain)
|
||||
caldav_path=$(ynh_app_setting_get "$caldav_app" path)
|
||||
caldav_url="https://${caldav_domain}${caldav_path%/}"
|
||||
|
||||
conf_path="${final_path}/web/config/settings.php"
|
||||
cp ../conf/settings.php "$conf_path"
|
||||
|
||||
ynh_replace_string "{DBUSER}" "${dbuser}" "$conf_path"
|
||||
ynh_replace_string "{DBPASS}" "${dbpass}" "$conf_path"
|
||||
ynh_replace_string "{DBNAME}" "${dbname}" "$conf_path"
|
||||
ynh_replace_string "{ENCRYPTKEY}" "${encryptkey}" "$conf_path"
|
||||
ynh_replace_string "{LOGDIR}" "${LOGDIR}" "$conf_path"
|
||||
ynh_replace_string "{TIMEZONE}" "$timezone" "$conf_path"
|
||||
ynh_replace_string "{LANGUAGE}" "${language}" "$conf_path"
|
||||
ynh_replace_string "{CALDAV_BASEURL}" "${caldav_url}${caldav_baseurl}" "$conf_path"
|
||||
ynh_replace_string "{CALDAV_DOMAIN}" "${caldav_domain}" "$conf_path"
|
||||
|
||||
if [ "$disablecacheck" -eq 0 ]; then
|
||||
ynh_replace_string "__CACHECK__" "true" "$conf_path"
|
||||
else
|
||||
ynh_replace_string "__CACHECK__" "false" "$conf_path"
|
||||
fi
|
||||
|
||||
#=================================================
|
||||
# STORE THE CHECKSUM OF THE CONFIG FILE
|
||||
#=================================================
|
||||
|
||||
ynh_store_file_checksum "$conf_path"
|
||||
|
||||
#=================================================
|
||||
# Run database migrations (includes initialization)
|
||||
#=================================================
|
||||
|
||||
(
|
||||
cd "$final_path"
|
||||
php agendavcli migrations:migrate --no-interaction
|
||||
)
|
||||
|
||||
#=================================================
|
||||
# SETUP LOG directory
|
||||
#=================================================
|
||||
|
||||
mkdir -p "$LOGDIR"
|
||||
chown -R "$app": "$LOGDIR"
|
||||
|
||||
#=================================================
|
||||
# GENERIC FINALIZATION
|
||||
#=================================================
|
||||
# SECURE FILES AND DIRECTORIES
|
||||
#=================================================
|
||||
|
||||
chown -R root: "$final_path"
|
||||
|
||||
# Only agendav user should write here
|
||||
chown -R "$app" "${final_path}/web/var/cache/"{profiler,twig}
|
||||
|
||||
# The agendav user should read here, but does not need to write
|
||||
chown -R root:"$app" "${final_path}/web/config/"
|
||||
chmod -R g+rx "${final_path}/web/config/"
|
||||
|
||||
# Other users should not be able to read as it stores passwords.
|
||||
chmod -R o-rwx "${final_path}/web/config/"
|
||||
|
||||
#=================================================
|
||||
# SETUP SSOWAT
|
||||
#=================================================
|
||||
|
||||
# Remove the public access
|
||||
ynh_app_setting_delete "$app" skipped_uris
|
||||
|
||||
#=================================================
|
||||
# RELOAD NGINX and FPM
|
||||
#=================================================
|
||||
|
||||
# Reload services
|
||||
service php5-fpm restart
|
||||
service nginx reload
|
||||
|
|
Loading…
Add table
Reference in a new issue