diff --git a/scripts/install b/scripts/install index 905be7f..75827c3 100644 --- a/scripts/install +++ b/scripts/install @@ -1,46 +1,57 @@ #!/bin/bash -# Source local helpers -source ./_common.sh +#================================================= +# GENERIC START +#================================================= +# IMPORT GENERIC HELPERS +#================================================= -# Source app helpers +source _common.sh source /usr/share/yunohost/helpers -# Abort script if errors +#================================================= +# MANAGE SCRIPT FAILURE +#================================================= + +# Exit if an error occurs during the execution of the script ynh_abort_if_errors -# Retrieve arguments +#================================================= +# RETRIEVE ARGUMENTS FROM THE MANIFEST +#================================================= + domain=$YNH_APP_ARG_DOMAIN path_url=$YNH_APP_ARG_PATH language=$YNH_APP_ARG_LANGUAGE disablecacheck=$YNH_APP_ARG_DISABLECACHECK +# Set and store language +language=${LANGUAGES[$language]} + # Set app specific variables app=$YNH_APP_INSTANCE_NAME dbname=$app dbuser=$app +#================================================= +# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS +#================================================= + +final_path=/var/www/$app +test ! -e "$final_path" || ynh_die "This path already contains a folder" + +# Define LOGDIR (create it later when user is created) +LOGDIR=/var/log/$app +test ! -e "$LOGDIR" || ynh_die "This log path already contains a folder" + +# Normalize the url path syntax path_url=$(ynh_normalize_url_path "$path_url") -# Set and store language -language=${LANGUAGES[$language]} - -ynh_app_setting_set "$app" language "$language" -ynh_app_setting_set "$app" path "$path_url" - # Check web path availability ynh_webpath_available "$domain" "$path_url" # Register (book) web path ynh_webpath_register "$app" "$domain" "$path_url" -# Define LOGDIR (create it later when user is created) -LOGDIR=/var/log/$app - -# Check destination directory -final_path=/var/www/$app -test ! -e "$final_path" || ynh_die "This path already contains a folder" - -mkdir -p "$final_path" # Check whether Baïkal or Radicale is installed baikal_install=$(agendav_app_check_installation "baikal") @@ -57,80 +68,147 @@ else ynh_die "Baikal or Radicale is mandatory" fi +#================================================= +# STORE SETTINGS FROM MANIFEST +#================================================= + +ynh_app_setting_set "$app" language "$language" +ynh_app_setting_set "$app" path "$path_url" +ynh_app_setting_set "$app" domain "$domain" +ynh_app_setting_set "$app" disablecacheck "$disablecacheck" +ynh_app_setting_set "$app" final_path "$final_path" + +#================================================= +# STANDARD MODIFICATIONS +#================================================= + # Install dependencies ynh_install_app_dependencies php5-cli -ynh_setup_source "$final_path" - -# Generate random password and encryption key -dbpass=$(ynh_string_random) -encryptkey=$(ynh_string_random 24) -ynh_app_setting_set "$app" encryptkey "$encryptkey" -ynh_app_setting_set "$app" mysqlpwd "$dbpass" - -# Copy and set AgenDAV configuration -conf_path="${final_path}/web/config/settings.php" -cp ../conf/settings.php "$conf_path" -sed -i "s/{DBUSER}/${dbuser}/g" "$conf_path" -sed -i "s/{DBPASS}/${dbpass}/g" "$conf_path" -sed -i "s/{DBNAME}/${dbname}/g" "$conf_path" -sed -i "s/{ENCRYPTKEY}/${encryptkey}/g" "$conf_path" -sed -i "s@{LOGDIR}@${LOGDIR}@g" "$conf_path" -sed -i "s@{TIMEZONE}@$(cat /etc/timezone)@g" "$conf_path" -sed -i "s@{LANGUAGE}@${language}@g" "$conf_path" - -if [ $disablecacheck -eq 0 ]; then - ynh_replace_string "__CACHECK__" "true" "$conf_path" -else - ynh_replace_string "__CACHECK__" "false" "$conf_path" -fi - -# CalDAV config -caldav_domain=$(ynh_app_setting_get "$caldav_app" domain) -caldav_path=$(ynh_app_setting_get "$caldav_app" path) -caldav_url="https://${caldav_domain}${caldav_path%/}" -sed -i "s@{CALDAV_BASEURL}@${caldav_url}${caldav_baseurl}@g" "$conf_path" -sed -i "s@{CALDAV_DOMAIN}@${caldav_domain}@g" "$conf_path" - -ynh_system_user_create "$app" - -chown -R root: "$final_path" - -# Protect source code against modifications -#find "${final_path}" -type f -exec chown root:root {} \; -exec chmod 644 {} \; -#find "${final_path}" -type d -exec chown root:root {} \; -exec chmod 755 {} \; - -# Only agendav user should write here -chown -R $app "${final_path}/web/var/cache/"{profiler,twig} -#chmod -R 750 "${final_path}/web/var/cache/"{profiler,twig} - -# The agendav user should read here, but does not need to write -# Other users should not be able to read as it stores passwords. -#find "${final_path}/web/config" -type f -exec chown root:$app {} \; -exec chmod 640 {} \; -#find "${final_path}/web/config" -type d -exec chown root:$app {} \; -exec chmod 750 {} \; - -chown -R $app "${final_path}/web/config/" - -# Create log directory -install -m 750 -o $app -g adm -d "$LOGDIR" +#================================================= +# CREATE A MYSQL DATABASE +#================================================= # Initialize database +dbpass=$(ynh_string_random) +ynh_app_setting_set "$app" mysqlpwd "$dbpass" + ynh_mysql_create_db "$dbname" "$dbuser" "$dbpass" -# Run database migrations -( - cd $final_path - php agendavcli migrations:migrate --no-interaction -) +#================================================= +# DOWNLOAD, CHECK AND UNPACK SOURCE +#================================================= + +ynh_setup_source "$final_path" + +#================================================= +# NGINX CONFIGURATION +#================================================= # Copy and set nginx configuration ynh_add_nginx_config +#================================================= +# CREATE DEDICATED USER +#================================================= + +ynh_system_user_create "$app" + +#================================================= +# PHP-FPM CONFIGURATION +#================================================ + # Copy and set php-fpm configuration ynh_add_fpm_config +#================================================= +# SPECIFIC SETUP +#================================================= +# Create settings.php +#================================================= + +# Generate random encryption key +encryptkey=$(ynh_string_random 24) + +ynh_app_setting_set "$app" encryptkey "$encryptkey" + +# Copy and set AgenDAV configuration +timezone=$(cat /etc/timezone) + +caldav_domain=$(ynh_app_setting_get "$caldav_app" domain) +caldav_path=$(ynh_app_setting_get "$caldav_app" path) +caldav_url="https://${caldav_domain}${caldav_path%/}" + +conf_path="${final_path}/web/config/settings.php" +cp ../conf/settings.php "$conf_path" + +ynh_replace_string "{DBUSER}" "${dbuser}" "$conf_path" +ynh_replace_string "{DBPASS}" "${dbpass}" "$conf_path" +ynh_replace_string "{DBNAME}" "${dbname}" "$conf_path" +ynh_replace_string "{ENCRYPTKEY}" "${encryptkey}" "$conf_path" +ynh_replace_string "{LOGDIR}" "${LOGDIR}" "$conf_path" +ynh_replace_string "{TIMEZONE}" "$timezone" "$conf_path" +ynh_replace_string "{LANGUAGE}" "${language}" "$conf_path" +ynh_replace_string "{CALDAV_BASEURL}" "${caldav_url}${caldav_baseurl}" "$conf_path" +ynh_replace_string "{CALDAV_DOMAIN}" "${caldav_domain}" "$conf_path" + +if [ "$disablecacheck" -eq 0 ]; then + ynh_replace_string "__CACHECK__" "true" "$conf_path" +else + ynh_replace_string "__CACHECK__" "false" "$conf_path" +fi + +#================================================= +# STORE THE CHECKSUM OF THE CONFIG FILE +#================================================= + +ynh_store_file_checksum "$conf_path" + +#================================================= +# Run database migrations (includes initialization) +#================================================= + +( + cd "$final_path" + php agendavcli migrations:migrate --no-interaction +) + +#================================================= +# SETUP LOG directory +#================================================= + +mkdir -p "$LOGDIR" +chown -R "$app": "$LOGDIR" + +#================================================= +# GENERIC FINALIZATION +#================================================= +# SECURE FILES AND DIRECTORIES +#================================================= + +chown -R root: "$final_path" + +# Only agendav user should write here +chown -R "$app" "${final_path}/web/var/cache/"{profiler,twig} + +# The agendav user should read here, but does not need to write +chown -R root:"$app" "${final_path}/web/config/" +chmod -R g+rx "${final_path}/web/config/" + +# Other users should not be able to read as it stores passwords. +chmod -R o-rwx "${final_path}/web/config/" + +#================================================= +# SETUP SSOWAT +#================================================= + +# Remove the public access ynh_app_setting_delete "$app" skipped_uris +#================================================= +# RELOAD NGINX and FPM +#================================================= + # Reload services service php5-fpm restart service nginx reload