diff --git a/conf/nginx.conf b/conf/nginx.conf index b053a41..8dc412a 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -4,14 +4,9 @@ location __PATH__/ { # Path to source alias __FINALPATH__/web/public/ ; - # Force usage of https - if ($scheme = http) { - rewrite ^ https://$server_name$request_uri? permanent; - } - index index.php; - # The seemingly weird syntax is due to a long-standing bug in nginx, + # The seemingly weird syntax is due to a long-standing bug in NGINX, # see: https://trac.nginx.org/nginx/ticket/97 try_files $uri __PATH__/__PATH__/index.php$is_args$args; diff --git a/conf/php-fpm.conf b/conf/php-fpm.conf index ad5b935..ab1a471 100644 --- a/conf/php-fpm.conf +++ b/conf/php-fpm.conf @@ -27,15 +27,13 @@ group = __USER__ ; Valid syntaxes are: ; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on ; a specific port; -; 'port' - to listen on a TCP socket to all addresses on a -; specific port; ; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on ; a specific port; ; 'port' - to listen on a TCP socket to all addresses ; (IPv6 and IPv4-mapped) on a specific port; ; '/path/to/unix/socket' - to listen on a unix socket. ; Note: This value is mandatory. - listen = /var/run/php/php__PHPVERSION__-fpm-__NAMETOCHANGE__.sock +listen = /var/run/php/php__PHPVERSION__-fpm-__NAMETOCHANGE__.sock ; Set listen(2) backlog. ; Default Value: 511 (-1 on FreeBSD and OpenBSD) @@ -49,7 +47,6 @@ group = __USER__ listen.owner = www-data listen.group = www-data ;listen.mode = 0660 - ; When POSIX Access Control Lists are supported you can set them using ; these options, value is a comma separated list of user/group names. ; When set, listen.owner and listen.group are ignored @@ -113,22 +110,22 @@ pm = dynamic ; forget to tweak pm.* to fit your needs. ; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' ; Note: This value is mandatory. -pm.max_children = 6 +pm.max_children = 5 ; The number of child processes created on startup. ; Note: Used only when pm is set to 'dynamic' ; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2 -pm.start_servers = 3 +pm.start_servers = 2 ; The desired minimum number of idle server processes. ; Note: Used only when pm is set to 'dynamic' ; Note: Mandatory when pm is set to 'dynamic' -pm.min_spare_servers = 3 +pm.min_spare_servers = 1 ; The desired maximum number of idle server processes. ; Note: Used only when pm is set to 'dynamic' ; Note: Mandatory when pm is set to 'dynamic' -pm.max_spare_servers = 5 +pm.max_spare_servers = 3 ; The number of seconds after which an idle process will be killed. ; Note: Used only when pm is set to 'ondemand' @@ -139,7 +136,7 @@ pm.max_spare_servers = 5 ; This can be useful to work around memory leaks in 3rd party libraries. For ; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. ; Default Value: 0 -; pm.max_requests = 500 +;pm.max_requests = 500 ; The URI to view the FPM status page. If this value is not set, no URI will be ; recognized as a status page. It shows the following informations: @@ -237,9 +234,9 @@ pm.max_spare_servers = 5 ; Note: The value must start with a leading slash (/). The value can be ; anything, but it may not be a good idea to use the .php extension or it ; may conflict with a real PHP file. -; Default Value: not set +; Default Value: not set ;pm.status_path = /status - + ; The ping URI to call the monitoring page of FPM. If this value is not set, no ; URI will be recognized as a ping page. This could be used to test from outside ; that FPM is alive and responding, or to @@ -318,12 +315,12 @@ pm.max_spare_servers = 5 ; %u: remote user ; ; Default: "%R - %u %t \"%m %r\" %s" -; access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%" +;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%" ; The log file for slow requests ; Default Value: not set ; Note: slowlog is mandatory if request_slowlog_timeout is set -; slowlog = log/$pool.log.slow +;slowlog = log/$pool.log.slow ; The timeout for serving a single request after which a PHP backtrace will be ; dumped to the 'slowlog' file. A value of '0s' means 'off'. @@ -356,13 +353,13 @@ request_terminate_timeout = 1d ; possible. However, all PHP paths will be relative to the chroot ; (error_log, sessions.save_path, ...). ; Default Value: not set -;chroot = - +;chroot = + ; Chdir to this directory at the start. ; Note: relative path can be used. ; Default Value: current directory or / when chroot chdir = __FINALPATH__ - + ; Redirect worker stdout and stderr into main error log. If not set, stdout and ; stderr will be redirected to /dev/null according to FastCGI specs. ; Note: on highloaded environement, this can cause some delay in the page @@ -420,3 +417,14 @@ chdir = __FINALPATH__ ;php_admin_value[error_log] = /var/log/fpm-php.www.log ;php_admin_flag[log_errors] = on ;php_admin_value[memory_limit] = 32M + +; Common values to change to increase file upload limit +; php_admin_value[upload_max_filesize] = 50M +; php_admin_value[post_max_size] = 50M +; php_admin_flag[mail.add_x_header] = Off + +; Other common parameters +; php_admin_value[max_execution_time] = 600 +; php_admin_value[max_input_time] = 300 +; php_admin_value[memory_limit] = 256M +; php_admin_flag[short_open_tag] = On diff --git a/conf/settings.php b/conf/settings.php index 9173926..1a923bc 100644 --- a/conf/settings.php +++ b/conf/settings.php @@ -20,9 +20,9 @@ $app['proxies'] = []; // Database settings $app['db.options'] = [ - 'dbname' => '__DBNAME__', - 'user' => '__DBUSER__', - 'password' => '__DBPASS__', + 'dbname' => '__DB_NAME__', + 'user' => '__DB_USER__', + 'password' => '__DB_PWD__', 'host' => 'localhost', 'driver' => 'pdo_mysql' ]; @@ -34,7 +34,7 @@ $app['csrf.secret'] = '__ENCRYPTKEY__'; $app['log.path'] = '__LOGDIR__/'; // Base URL -$app['caldav.baseurl'] = '__CALDAV_BASEURL__'; +$app['caldav.baseurl'] = '__CALDAV_URL__'; // Authentication method required by CalDAV server (basic or digest) $app['caldav.authmethod'] = 'basic'; @@ -46,7 +46,7 @@ $app['caldav.certificate.verify'] = false; $app['caldav.publicurls'] = true; // Whether to show public CalDAV urls -$app['caldav.baseurl.public'] = 'https://__CALDAV_DOMAIN__'; +$app['caldav.baseurl.public'] = 'https://__DOMAIN__'; // Email attribute name $app['principal.email.attribute'] = '{DAV:}email'; diff --git a/manifest.json b/manifest.json index 2e6f2d8..5741b5a 100644 --- a/manifest.json +++ b/manifest.json @@ -6,16 +6,23 @@ "en": "CalDAV web client", "fr": "Client web pour CalDAV" }, - "url": "http://agendav.org/", - "license": "GPL-3.0", "version": "2.4.0~ynh1", + "url": "http://agendav.org/", + "upstream": { + "license": "GPL-3.0", + "website": "http://agendav.org/", + "demo": "https://demo.yunohost.org/agendav/", + "admindoc": "https://agendav.readthedocs.io/en/2.2.0/", + "code": "https://github.com/agendav/agendav/" + }, + "license": "GPL-3.0", "maintainer": { "name": "julien", "email": "julien.malik@paraiso.me" }, "multi_instance": false, "requirements": { - "yunohost": ">= 4.2.4" + "yunohost": ">= 4.3.0" }, "services": [ "nginx", @@ -26,8 +33,7 @@ "install" : [ { "name": "domain", - "type": "domain", - "example": "domain.org" + "type": "domain" }, { "name": "path", diff --git a/scripts/_common.sh b/scripts/_common.sh index 16e3696..a0dccdb 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -6,7 +6,7 @@ YNH_PHP_VERSION="7.3" -extra_php_dependencies="php${YNH_PHP_VERSION}-cli php${YNH_PHP_VERSION}-mbstring php${YNH_PHP_VERSION}-curl" +pkg_dependencies="php${YNH_PHP_VERSION}-mysql php${YNH_PHP_VERSION}-xml php${YNH_PHP_VERSION}-cli php${YNH_PHP_VERSION}-mbstring php${YNH_PHP_VERSION}-curl" #================================================= # PERSONAL HELPERS diff --git a/scripts/backup b/scripts/backup index 323928f..e4a0cce 100644 --- a/scripts/backup +++ b/scripts/backup @@ -58,6 +58,12 @@ ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" +#================================================= +# BACKUP LOGROTATE +#================================================= + +ynh_backup --src_path="/etc/logrotate.d/$app" + #================================================= # BACKUP THE MYSQL DATABASE #================================================= @@ -65,14 +71,8 @@ ynh_print_info --message="Backing up the MySQL database..." ynh_mysql_dump_db --database="$db_name" > db.sql -#================================================= -# BACKUP LOGROTATE -#================================================= - -ynh_backup --src_path="/etc/logrotate.d/$app" - #================================================= # END OF SCRIPT #================================================= -ynh_print_info --message="Backup script completed for AgenDAV. (YunoHost will then actually copy those files to the archive)." +ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." diff --git a/scripts/change_url b/scripts/change_url index 6ce6d82..3bb167b 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -89,4 +89,4 @@ ynh_systemd_action --service_name=nginx --action=reload # END OF SCRIPT #================================================= -ynh_script_progression --message="Change of URL completed for AgenDAV" --last +ynh_script_progression --message="Change of URL completed for $app" --last diff --git a/scripts/install b/scripts/install index 672fd30..6f46b54 100644 --- a/scripts/install +++ b/scripts/install @@ -70,8 +70,24 @@ ynh_app_setting_set --app=$app --key=language --value=$language ynh_script_progression --message="Creating a MySQL database..." db_name=$(ynh_sanitize_dbid --db_name=$app) +db_user=$db_name ynh_app_setting_set --app=$app --key=db_name --value=$db_name -ynh_mysql_setup_db --db_user=$db_name --db_name=$db_name +ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name + +#================================================= +# INSTALL DEPENDENCIES +#================================================= +ynh_script_progression --message="Installing dependencies..." --weight=2 + +ynh_install_app_dependencies $pkg_dependencies + +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Configuring system user..." --weight=2 + +# Create a system user +ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE @@ -90,21 +106,13 @@ ynh_script_progression --message="Configuring NGINX web server..." --weight=3 # Copy and set NGINX configuration ynh_add_nginx_config -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." --weight=2 - -# Create a system user -ynh_system_user_create --username=$app - #================================================= # PHP-FPM CONFIGURATION #================================================ -ynh_script_progression --message="Configuring PHP-FPM.." +ynh_script_progression --message="Configuring PHP-FPM.." --weight=2 # Copy and set PHP-FPM configuration -ynh_add_fpm_config --package="$extra_php_dependencies" +ynh_add_fpm_config phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= @@ -121,30 +129,14 @@ ynh_app_setting_set --app=$app --key=encryptkey --value="$encryptkey" # Copy and set AgenDAV configuration timezone=$(cat /etc/timezone) -caldav_domain=$(ynh_app_setting_get --app=$caldav_app --key=domain) -caldav_path=$(ynh_app_setting_get --app=$caldav_app --key=path) -caldav_url="https://${caldav_domain}${caldav_path%/}" +caldav_url="https://${domain}${path%/}" -conf_path="${final_path}/web/config/settings.php" -cp ../conf/settings.php "$conf_path" +dir=__DIR__ -logdir=/var/log/$app +ynh_add_config --template="../conf/settings.php" --destination="$final_path/web/config/settings.php" -ynh_replace_string --match_string="__DBUSER__" --replace_string="$db_name" --target_file="$conf_path" -ynh_replace_string --match_string="__DBPASS__" --replace_string="$db_pwd" --target_file="$conf_path" -ynh_replace_string --match_string="__DBNAME__" --replace_string="$db_name" --target_file="$conf_path" -ynh_replace_string --match_string="__ENCRYPTKEY__" --replace_string="$encryptkey" --target_file="$conf_path" -ynh_replace_string --match_string="__LOGDIR__" --replace_string="$logdir" --target_file="$conf_path" -ynh_replace_string --match_string="__TIMEZONE__" --replace_string="$timezone" --target_file="$conf_path" -ynh_replace_string --match_string="__LANGUAGE__" --replace_string="$language" --target_file="$conf_path" -ynh_replace_string --match_string="__CALDAV_BASEURL__" --replace_string="${caldav_url}${caldav_baseurl}" --target_file="$conf_path" -ynh_replace_string --match_string="__CALDAV_DOMAIN__" --replace_string="$caldav_domain" --target_file="$conf_path" - -#================================================= -# STORE THE CHECKSUM OF THE CONFIG FILE -#================================================= - -ynh_store_file_checksum --file="$conf_path" +chmod 400 "$final_path/web/config/settings.php" +chown $app:$app "$final_path/web/config/settings.php" #================================================= # RUN DATABASE MIGRATIONS (INCLUDES INITIALIZATION) @@ -161,6 +153,7 @@ ynh_script_progression --message="Initialising AgenDAV..." --weight=3 #================================================= ynh_script_progression --message="Configuring log rotation..." +logdir=/var/log/$app mkdir -p $logdir chown -R $app: $logdir @@ -175,10 +168,10 @@ ynh_use_logrotate chown -R root: $final_path -# Only agendav user should write here +# Only AgenDav user should write here chown -R $app ${final_path}/web/var/cache/{profiler,twig} -# The agendav user should read here, but does not need to write +# The AgenDav user should read here, but does not need to write # Other users should not be able to read as it stores passwords. chown -R root:$app ${final_path}/web/config/ chmod -R 750 ${final_path}/web/config/ @@ -194,4 +187,4 @@ ynh_systemd_action --service_name=nginx --action=reload # END OF SCRIPT #================================================= -ynh_script_progression --message="Installation of AgenDAV completed" --last +ynh_script_progression --message="Installation of $app completed" --last diff --git a/scripts/remove b/scripts/remove index 609867a..0e0b296 100644 --- a/scripts/remove +++ b/scripts/remove @@ -81,4 +81,4 @@ ynh_system_user_delete --username=$app # END OF SCRIPT #================================================= -ynh_script_progression --message="Removal of AgenDAV completed" --last +ynh_script_progression --message="Removal of $app completed" --last diff --git a/scripts/restore b/scripts/restore index d554f25..3058107 100644 --- a/scripts/restore +++ b/scripts/restore @@ -26,6 +26,7 @@ domain=$(ynh_app_setting_get --app=$app --key=domain) path_url=$(ynh_app_setting_get --app=$app --key=path) final_path=$(ynh_app_setting_get --app=$app --key=final_path) db_name=$(ynh_app_setting_get --app=$app --key=db_name) +db_user=$db_name phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= @@ -33,8 +34,6 @@ phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= ynh_script_progression --message="Validating restoration parameters..." -ynh_webpath_available --domain=$domain --path_url=$path_url \ - || ynh_die --message="Path not available: ${domain}${path_url}" test ! -d $final_path \ || ynh_die --message="There is already a directory: $final_path " @@ -46,20 +45,20 @@ test ! -d $final_path \ ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" -#================================================= -# RESTORE THE APP MAIN DIR -#================================================= -ynh_script_progression --message="Restoring AgenDAV main directory..." - -ynh_restore_file --origin_path="$final_path" - #================================================= # RECREATE THE DEDICATED USER #================================================= ynh_script_progression --message="Recreating the dedicated system user..." --weight=2 # Create the dedicated user (if not existing) -ynh_system_user_create --username=$app +ynh_system_user_create --username=$app --home_dir="$final_path" + +#================================================= +# RESTORE THE APP MAIN DIR +#================================================= +ynh_script_progression --message="Restoring AgenDAV main directory..." + +ynh_restore_file --origin_path="$final_path" #================================================= # RESTORE USER RIGHTS @@ -82,7 +81,7 @@ ynh_script_progression --message="Reconfiguring PHP-FPM..." --weight=6 ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" -ynh_add_fpm_config --package="$extra_php_dependencies" +ynh_add_fpm_config #================================================= # SPECIFIC RESTORATION @@ -92,8 +91,8 @@ ynh_add_fpm_config --package="$extra_php_dependencies" ynh_script_progression --message="Restoring the MySQL database..." --weight=2 db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) -ynh_mysql_setup_db --db_user=$db_name --db_name=$db_name --db_pwd=$db_pwd -ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name < ./db.sql +ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd +ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql #================================================= # RESTORE THE LOGROTATE CONFIGURATION @@ -119,4 +118,4 @@ ynh_systemd_action --service_name=nginx --action=reload # END OF SCRIPT #================================================= -ynh_script_progression --message="Restoration completed for AgenDAV" --last +ynh_script_progression --message="Restoration completed for $app" --last diff --git a/scripts/upgrade b/scripts/upgrade index 506a167..8a10ace 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -29,6 +29,20 @@ phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) upgrade_type=$(ynh_check_app_version_changed) +#================================================= +# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +#================================================= +ynh_script_progression --message="Backing up AgenDAV before upgrading (may take a while)..." --weight=9 + +# Backup the current version of the app +ynh_backup_before_upgrade +ynh_clean_setup () { + # restore it if the upgrade fails + ynh_restore_upgradebackup +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= @@ -70,18 +84,12 @@ else fi #================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +# CREATE DEDICATED USER #================================================= -ynh_script_progression --message="Backing up AgenDAV before upgrading (may take a while)..." --weight=9 +ynh_script_progression --message="Making sure dedicated system user exists..." -# Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { - # restore it if the upgrade fails - ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors +# Create a dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= # STANDARD UPGRADE STEPS @@ -91,10 +99,10 @@ ynh_abort_if_errors if [ "$upgrade_type" == "UPGRADE_APP" ] then - ynh_script_progression --message="Upgrading source files..."0 + ynh_script_progression --message="Upgrading source files..." --weight=4 # Download, check integrity, uncompress and patch the source from app.src - ynh_setup_source --dest_dir="$final_path" + ynh_setup_source --dest_dir="$final_path" --keep="$final_path/web/config/settings.php" fi #================================================= @@ -105,63 +113,13 @@ ynh_script_progression --message="Upgrading NGINX web server configuration..." - # Copy and set NGINX configuration ynh_add_nginx_config -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Making sure dedicated system user exists..." - -# Create a dedicated user (if not existing) -ynh_system_user_create --username=$app - #================================================= # PHP-FPM CONFIGURATION #================================================= ynh_script_progression --message="Upgrading PHP-FPM configuration..." # Create a dedicated PHP-FPM config -ynh_add_fpm_config --package="$extra_php_dependencies" - -#================================================= -# SPECIFIC SETUP -#================================================= -# CREATE SETTINGS.PHP -#================================================= -ynh_script_progression --message="Upgrading AgenDAV configuration..." --weight=2 - -# Generate random encryption key -encryptkey=$(ynh_app_setting_get --app=$app --key=encryptkey) - -# Copy and set AgenDAV configuration -timezone=$(cat /etc/timezone) - -caldav_domain=$(ynh_app_setting_get --app=$caldav_app --key=domain) -caldav_path=$(ynh_app_setting_get --app=$caldav_app --key=path) -caldav_url="https://${caldav_domain}${caldav_path%/}" - -conf_path="${final_path}/web/config/settings.php" - -ynh_backup_if_checksum_is_different --file="$conf_path" - -cp ../conf/settings.php "$conf_path" - -logdir=/var/log/$app - -ynh_replace_string --match_string="__DBUSER__" --replace_string="$db_name" --target_file="$conf_path" -db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) -ynh_replace_string --match_string="__DBPASS__" --replace_string="$db_pwd" --target_file="$conf_path" -ynh_replace_string --match_string="__DBNAME__" --replace_string="$db_name" --target_file="$conf_path" -ynh_replace_string --match_string="__ENCRYPTKEY__" --replace_string="$encryptkey" --target_file="$conf_path" -ynh_replace_string --match_string="__LOGDIR__" --replace_string="$logdir" --target_file="$conf_path" -ynh_replace_string --match_string="__TIMEZONE__" --replace_string="$timezone" --target_file="$conf_path" -ynh_replace_string --match_string="__LANGUAGE__" --replace_string="$language" --target_file="$conf_path" -ynh_replace_string --match_string="__CALDAV_BASEURL__" --replace_string="${caldav_url}${caldav_baseurl}" --target_file="$conf_path" -ynh_replace_string --match_string="__CALDAV_DOMAIN__" --replace_string="$caldav_domain" --target_file="$conf_path" - -#================================================= -# STORE THE CHECKSUM OF THE CONFIG FILE -#================================================= - -ynh_store_file_checksum --file="$conf_path" +ynh_add_fpm_config #================================================= # RUN DATABASE MIGRATIONS (INCLUDES INITIALIZATION) @@ -178,6 +136,7 @@ ynh_script_progression --message="Upgrading AgenDAV..." #================================================= ynh_script_progression --message="Upgrading logrotate configuration..." --weight=2 +logdir=/var/log/$app mkdir -p $logdir chown -R $app: $logdir @@ -211,4 +170,4 @@ ynh_systemd_action --service_name=nginx --action=reload # END OF SCRIPT #================================================= -ynh_script_progression --message="Upgrade of AgenDAV completed" --last +ynh_script_progression --message="Upgrade of $app completed" --last