Add is_public, use ynh_system_user_create

check_process

@@ -3,22 +3,21 @@
 	; Manifest
 		domain="domain.tld"	(DOMAIN)
 		path="/path"	(PATH)
+		is_public=1	(PUBLIC|public=1|private=0)
 		language="fr"
 	; Checks
 		pkg_linter=1
 		setup_sub_dir=1
 		setup_root=1
 		setup_nourl=0
-		setup_private=0
-		setup_public=0
-		upgrade=0
-		backup_restore=0
-		multi_instance=0
-		incorrect_path=0
-		corrupt_source=0
-		fail_download_source=0
+		setup_private=1
+		setup_public=1
+		upgrade=1
+		backup_restore=1
+		multi_instance=1
+		incorrect_path=1
 		port_already_use=0
-		final_path_already_use=0
+		change_url=0
 ;;; Levels
 	Level 1=auto
 	Level 2=auto

conf/nginx.conf

@@ -1,41 +1,41 @@
 location {PATH}/ {
-    alias {DESTDIR}/web/public/;
-    index index.php;
+	alias {DESTDIR}/web/public/;
+	index index.php;
 
-    if ($scheme = http) {
-        rewrite ^ https://$server_name$request_uri? permanent;
-    }
+	if ($scheme = http) {
+		rewrite ^ https://$server_name$request_uri? permanent;
+	}
 
-    # The seemingly weird syntax is due to a long-standing bug in nginx,
-    # see: https://trac.nginx.org/nginx/ticket/97
-    try_files $uri {PATH}/{PATH}/index.php$is_args$args;
+	# The seemingly weird syntax is due to a long-standing bug in nginx,
+	# see: https://trac.nginx.org/nginx/ticket/97
+	try_files $uri {PATH}/{PATH}/index.php$is_args$args;
 
-    # Another alternative to the weird try_files is to use a rewrite, like this :
-    # 
-    #   if (-f $request_filename) {
-    #      break;
-    #   }
-    #   rewrite (.*) {LOCATION}/index.php$request_uri;
-    #
-    # But remember that if-is-evil :
-    #   https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/#check-if-file-exists
+	# Another alternative to the weird try_files is to use a rewrite, like this :
+	#
+	#   if (-f $request_filename) {
+	#      break;
+	#   }
+	#   rewrite (.*) {LOCATION}/index.php$request_uri;
+	#
+	# But remember that if-is-evil :
+	#   https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/#check-if-file-exists
 
-    location ~ ^{PATH}/index\.php(/|$) {
-        fastcgi_split_path_info ^(.+?\.php)(/.*)$;
-        fastcgi_pass unix:/var/run/php5-fpm-{POOLNAME}.sock;
-        fastcgi_index index.php;
-        include fastcgi_params;
-        fastcgi_param REMOTE_USER     $remote_user;
-        fastcgi_param PATH_INFO       $fastcgi_path_info;
-        fastcgi_param SCRIPT_FILENAME $request_filename;
-    }
+	location ~ ^{PATH}/index\.php(/|$) {
+		fastcgi_split_path_info ^(.+?\.php)(/.*)$;
+		fastcgi_pass unix:/var/run/php5-fpm-{POOLNAME}.sock;
+		fastcgi_index index.php;
+		include fastcgi_params;
+		fastcgi_param REMOTE_USER     $remote_user;
+		fastcgi_param PATH_INFO       $fastcgi_path_info;
+		fastcgi_param SCRIPT_FILENAME $request_filename;
+	}
 
-    location ~ \.php$ {
-        return 404;
-    }
+	location ~ \.php$ {
+		return 404;
+	}
 
-    # Include SSOWAT user panel.
-    include conf.d/yunohost_panel.conf.inc;
+	# Include SSOWAT user panel.
+	include conf.d/yunohost_panel.conf.inc;
 }
 
 # append trailing slash in case of a subpath

manifest.json

@@ -43,6 +43,14 @@
                 "example": "/agendav",
                 "default": "/agendav"
             },
+            {
+		"name": "is_public",
+		"type": "boolean",
+		"ask": {
+			"en": "Should Agendav be publicly accessible?"
+		},
+		"default": "0"
+	    },
             {
                 "name": "language",
                 "ask": {

scripts/_common.sh

@@ -17,4 +17,6 @@ declare -A LANGUAGES=(
 # Common helpers
 #
 
-
+agendav_app_check_installation() {
+	echo $(yunohost app list --installed -f "$1" | grep "id:")
+}

scripts/install

@@ -13,21 +13,27 @@ ynh_abort_if_errors
 domain=$YNH_APP_ARG_DOMAIN
 path=$YNH_APP_ARG_PATH
 language=$YNH_APP_ARG_LANGUAGE
+is_public=$YNH_APP_ARG_IS_PUBLIC
 
 # Set app specific variables
 app=$YNH_APP_INSTANCE_NAME
 dbname=$app
 dbuser=$app
 
+path=$(ynh_normalize_url_path "$path")
+
+# Set and store language
+language=${LANGUAGES[$language]}
+
+ynh_app_setting_set "$app" language "$language"
+ynh_app_setting_set "$app" is_public "$is_public"
+ynh_app_setting_set "$app" path "$path"
+
 # Check web path availability
 ynh_webpath_available "$domain" "$path"
 # Register (book) web path
 ynh_webpath_register "$app" "$domain" "$path"
 
-# Set and store language
-language=${LANGUAGES[$3]}
-ynh_app_setting_set "$app" language "$language"
-
 # Define LOGDIR (create it later when user is created)
 LOGDIR=/var/log/$app
 
@@ -37,23 +43,27 @@ DESTDIR="/var/www/${app}"
 "The destination directory '${DESTDIR}' already exists.\
  You should safely delete it before installing this app."
 
+mkdir -p "$DESTDIR"
+
 # Check whether Baïkal or Radicale is installed
-if yunohost app list --installed -f baikal | grep -q id ; then
+baikal_install=$(agendav_app_check_installation "baikal")
+radicale_install=$(agendav_app_check_installation "radicale")
+if [[ -n "$baikal_install" ]]
+then
     caldav_app="baikal"
     caldav_baseurl="/cal.php/"
-elif yunohost app list --installed -f radicale | grep -q id ; then
+elif [[ -n "$radicale_install" ]]
+then
     caldav_app="radicale"
     caldav_baseurl="/"
 else
-    ynh_die "You must install Baïkal or Radicale before"
+    ynh_die "Baikal or Radicale is mandatory"
 fi
 
 # Install dependencies
-ynh_install_app_dependencies "php5-cli"
+ynh_install_app_dependencies php5-cli
 
-# Create tmp directory and fetch app inside
-TMPDIR=$(mktemp -d)
-ynh_setup_source "$TMPDIR"
+ynh_setup_source "$DESTDIR"
 
 # Generate random password and encryption key
 dbpass=$(ynh_string_random)
@@ -62,7 +72,7 @@ ynh_app_setting_set "$app" encryptkey "$encryptkey"
 ynh_app_setting_set "$app" mysqlpwd "$dbpass"
 
 # Copy and set AgenDAV configuration
-conf_path="${TMPDIR}/web/config/settings.php"
+conf_path="${DESTDIR}/web/config/settings.php"
 cp ../conf/settings.php "$conf_path"
 sed -i "s/{DBUSER}/${dbuser}/g"              "$conf_path"
 sed -i "s/{DBPASS}/${dbpass}/g"              "$conf_path"
@@ -79,12 +89,7 @@ caldav_url="https://${caldav_domain}${caldav_path%/}"
 sed -i "s@{CALDAV_BASEURL}@${caldav_url}${caldav_baseurl}@g" "$conf_path"
 sed -i "s@{CALDAV_DOMAIN}@${caldav_domain}@g"                "$conf_path"
 
-# Install files and set permissions
-mv "$TMPDIR" "$DESTDIR"
-
-useradd -c "$app system account" \
-  -d /var/www/$app --system --user-group $app --shell /usr/sbin/nologin \
-  || ynh_die "Unable to create $app system account"
+ynh_system_user_create "$app" "$DESTDIR"
 
 # Protect source code against modifications
 find "${DESTDIR}" -type f -exec chown root:root {} \; -exec chmod 644 {} \;
@@ -104,9 +109,12 @@ install -m 750 -o $app -g adm -d "$LOGDIR"
 
 # Initialize database
 ynh_mysql_create_db "$dbname" "$dbuser" "$dbpass"
-(cd "$DESTDIR" && -u $app \
-    php agendavcli migrations:migrate --no-interaction) \
-  || ynh_die "Unable to create AgenDAV tables"
+
+# Run database migrations
+(
+	cd $DESTDIR
+	php agendavcli migrations:migrate --no-interaction
+)
 
 # Copy and set nginx configuration
 nginx_conf="/etc/nginx/conf.d/${domain}.d/${app}.conf"
@@ -126,6 +134,22 @@ sed -i "s@{USER}@${app}@g"     ../conf/php-fpm.conf
 sed -i "s@{GROUP}@${app}@g"     ../conf/php-fpm.conf
 cp ../conf/php-fpm.conf "$phpfpm_conf"
 
+if [ "$is_public" -eq 0 ]
+then	# Remove the public access
+	ynh_app_setting_delete "$app" skipped_uris
+fi
+# Make app public if necessary
+if [ "$is_public" -eq 1 ]
+then
+	# unprotected_uris allows SSO credentials to be passed anyway.
+	ynh_app_setting_set "$app" unprotected_uris "/"
+
+	# ynh panel is not needed
+	ynh_replace_string "	include conf.d/"  "	#include conf.d/"  "$nginx_conf"
+
+	ynh_store_file_checksum "$nginx_conf"
+fi
+
 # Reload services
 service php5-fpm restart
 service nginx reload

scripts/upgrade

@@ -17,10 +17,10 @@ dbuser=$app
 # Retrieve arguments
 domain=$(ynh_app_setting_get "$app" domain)
 path=$(ynh_app_setting_get "$app" path)
-path=${path%/}
 dbpass=$(ynh_app_setting_get "$app" mysqlpwd)
 encryptkey=$(ynh_app_setting_get "$app" encryptkey)
 language=$(ynh_app_setting_get "$app" language)
+is_public=$(ynh_app_setting_get "$app" is_public)
 
 # Set and store language
 if [[ -z "$language" ]]; then
@@ -42,26 +42,30 @@ DESTDIR="/var/www/$app"
 "The destination directory '$DESTDIR' does not exist.\
  The app is not correctly installed, you should remove it first."
 
+mkdir -p "$DESTDIR"
+
 # Check whether Baïkal or Radicale is installed
-if yunohost app list --installed -f baikal | grep -q id ; then
+baikal_install=$(agendav_app_check_installation "baikal")
+radicale_install=$(agendav_app_check_installation "radicale")
+if [[ -n "$baikal_install" ]]
+then
     caldav_app="baikal"
     caldav_baseurl="/cal.php/"
-elif yunohost app list --installed -f radicale | grep -q id ; then
+elif [[ -n "$radicale_install" ]]
+then
     caldav_app="radicale"
     caldav_baseurl="/"
 else
-    ynh_die "You must install Baïkal or Radicale before"
+    ynh_die "Baikal or Radicale is mandatory"
 fi
 
 # Install dependencies
-ynh_install_app_dependencies "php5-cli"
+ynh_install_app_dependencies php5-cli
 
-# Create tmp directory and fetch app inside
-TMPDIR=$(mktemp -d)
-ynh_setup_source "$TMPDIR"
+ynh_setup_source "$DESTDIR"
 
 # Copy and set AgenDAV configuration
-conf_path="${TMPDIR}/web/config/settings.php"
+conf_path="${DESTDIR}/web/config/settings.php"
 cp ../conf/settings.php "$conf_path"
 sed -i "s/{DBUSER}/${dbuser}/g"              "$conf_path"
 sed -i "s/{DBPASS}/${dbpass}/g"              "$conf_path"
@@ -78,14 +82,7 @@ caldav_url="https://${caldav_domain}${caldav_path%/}"
 sed -i "s@{CALDAV_BASEURL}@${caldav_url}${caldav_baseurl}@g" "$conf_path"
 sed -i "s@{CALDAV_DOMAIN}@${caldav_domain}@g"                "$conf_path"
 
-# Replace files and set permissions
-rm -rf "$DESTDIR"
-mv "$TMPDIR" "$DESTDIR"
-if ! id -u $app > /dev/null 2>&1 ; then
-  useradd -c "$app system account" \
-    -d /var/www/$app --system --user-group $app --shell /usr/sbin/nologin \
-    || ynh_die "Unable to create $app system account"
-fi
+ynh_system_user_create "$app" "$DESTDIR"
 
 # Protect source code against modifications
 find "${DESTDIR}" -type f -exec chown root:root {} \; -exec chmod 644 {} \;
@@ -104,9 +101,11 @@ find "${DESTDIR}/web/config" -type d -exec chown root:$app {} \; -exec chmod 750
 install -m 750 -o $app -g adm -d "$LOGDIR"
 
 # Run database migrations
-(cd "$DESTDIR" && -u $app \
-    php agendavcli migrations:migrate --no-interaction) \
-  || ynh_die "Unable to run AgenDAV database migration"
+(
+	cd $DESTDIR
+	php agendavcli migrations:migrate --no-interaction
+)
+
 
 # Copy and set nginx configuration
 nginx_conf="/etc/nginx/conf.d/${domain}.d/${app}.conf"
@@ -126,6 +125,23 @@ sed -i "s@{USER}@${app}@g"     ../conf/php-fpm.conf
 sed -i "s@{GROUP}@${app}@g"     ../conf/php-fpm.conf
 cp ../conf/php-fpm.conf "$phpfpm_conf"
 
+
+if [ $is_public -eq 0 ]
+then	# Remove the public access
+	ynh_app_setting_delete "$app" skipped_uris
+fi
+# Make app public if necessary
+if [ $is_public -eq 1 ]
+then
+	# unprotected_uris allows SSO credentials to be passed anyway
+	ynh_app_setting_set "$app" unprotected_uris "/"
+
+	# ynh panel is not needed
+	ynh_replace_string "	include conf.d/"  "	#include conf.d/"  "$nginx_conf"
+
+	ynh_store_file_checksum "$nginx_conf"
+fi
+
 # Reload services
 service php5-fpm restart || true
 service nginx reload || true