From e26a721cf819f4e79819aee8457ea09c92595b98 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Fri, 10 Sep 2021 21:24:22 +0200 Subject: [PATCH] Fix --- check_process | 12 +++--------- manifest.json | 4 ++-- scripts/install | 21 ++++++++++++--------- scripts/remove | 10 ++++++++++ scripts/restore | 20 ++++++++++++-------- scripts/upgrade | 41 ++++++++++++++++++++++------------------- 6 files changed, 61 insertions(+), 47 deletions(-) diff --git a/check_process b/check_process index 77d3074..eb1df2b 100644 --- a/check_process +++ b/check_process @@ -1,13 +1,8 @@ -# See here for more information -# https://github.com/YunoHost/package_check#syntax-check_process-file - -# Move this file from check_process.default to check_process when you have filled it. - ;; Test complet ; Manifest - domain="domain.tld" (DOMAIN) - path="/path" (PATH) - is_public=1 (PUBLIC|public=1|private=0) + domain="domain.tld" + path="/path" + is_public=1 ; Checks pkg_linter=1 setup_sub_dir=1 @@ -18,7 +13,6 @@ upgrade=1 backup_restore=1 multi_instance=1 - port_already_use=0 change_url=1 ;;; Options Email= diff --git a/manifest.json b/manifest.json index fe8459f..ee0c409 100644 --- a/manifest.json +++ b/manifest.json @@ -3,8 +3,8 @@ "id": "anarchism", "packaging_format": 1, "description": { - "en": "An exhaustive exploration of Anarchist theory and practice.", - "fr": "Exploration exhaustive de la théorie et de la pratique anarchiste." + "en": "Exhaustive exploration of Anarchist theory and practice", + "fr": "Exploration exhaustive de la théorie et de la pratique anarchiste" }, "version": "15.3-3~ynh1", "url": "https://salsa.debian.org/debian/anarchism/", diff --git a/scripts/install b/scripts/install index 7c8aa2e..5510e3d 100755 --- a/scripts/install +++ b/scripts/install @@ -49,6 +49,14 @@ ynh_script_progression --message="Storing installation settings..." --weight=1 ynh_app_setting_set --app=$app --key=domain --value=$domain ynh_app_setting_set --app=$app --key=path --value=$path_url +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Configuring system user..." --weight=1 + +# Create a system user +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # STANDARD MODIFICATIONS #================================================= @@ -60,6 +68,10 @@ ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + #================================================= # NGINX CONFIGURATION #================================================= @@ -68,15 +80,6 @@ ynh_script_progression --message="Configuring NGINX web server..." --weight=1 # Create a dedicated nginx config ynh_add_nginx_config -#================================================= -# GENERIC FINALIZATION -#================================================= -# SECURE FILES AND DIRECTORIES -#================================================= - -# Set permissions to app files -chown -R root: $final_path - #================================================= # SETUP SSOWAT #================================================= diff --git a/scripts/remove b/scripts/remove index 1b2d038..2d3c5ff 100755 --- a/scripts/remove +++ b/scripts/remove @@ -29,6 +29,16 @@ ynh_script_progression --message="Removing app main directory..." --weight=1 # Remove the app directory securely ynh_secure_remove --file="$final_path" +#================================================= +# GENERIC FINALIZATION +#================================================= +# REMOVE DEDICATED USER +#================================================= +ynh_script_progression --message="Removing the dedicated system user..." --weight=1 + +# Delete a system user +ynh_system_user_delete --username=$app + #================================================= # REMOVE NGINX CONFIGURATION #================================================= diff --git a/scripts/restore b/scripts/restore index 3b97dd4..ecaa0bf 100644 --- a/scripts/restore +++ b/scripts/restore @@ -36,8 +36,6 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path) #================================================= ynh_script_progression --message="Validating restoration parameters..." --weight=1 -ynh_webpath_available --domain=$domain --path_url=$path_url \ - || ynh_die --message="Path not available: ${domain}${path_url}" test ! -d $final_path \ || ynh_die --message="There is already a directory: $final_path " @@ -46,9 +44,18 @@ test ! -d $final_path \ #================================================= # RESTORE THE NGINX CONFIGURATION #================================================= +ynh_script_progression --message="Restoring the NGINX configuration..." --weight=1 ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" +#================================================= +# RECREATE THE DEDICATED USER +#================================================= +ynh_script_progression --message="Recreating the dedicated system user..." --weight=1 + +# Create the dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # RESTORE THE APP MAIN DIR #================================================= @@ -56,12 +63,9 @@ ynh_script_progression --message="Restoring the app main directory..." --weight= ynh_restore_file --origin_path="$final_path" -#================================================= -# RESTORE USER RIGHTS -#================================================= - -# Restore permissions on app files -chown -R root: $final_path +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" #================================================= # GENERIC FINALIZATION diff --git a/scripts/upgrade b/scripts/upgrade index 4dcf663..aea78fa 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -26,6 +26,20 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path) upgrade_type=$(ynh_check_app_version_changed) +#================================================= +# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +#================================================= +ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=3 + +# Backup the current version of the app +ynh_backup_before_upgrade +ynh_clean_setup () { + # restore it if the upgrade fails + ynh_restore_upgradebackup +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= @@ -52,18 +66,12 @@ if ynh_legacy_permissions_exists; then fi #================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +# CREATE DEDICATED USER #================================================= -ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=3 +ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 -# Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { - # restore it if the upgrade fails - ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors +# Create a dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= # STANDARD UPGRADE STEPS @@ -79,6 +87,10 @@ then ynh_setup_source --dest_dir="$final_path" fi +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + #================================================= # NGINX CONFIGURATION #================================================= @@ -87,15 +99,6 @@ ynh_script_progression --message="Upgrading NGINX web server configuration..." - # Create a dedicated nginx config ynh_add_nginx_config -#================================================= -# GENERIC FINALIZATION -#================================================= -# SECURE FILES AND DIRECTORIES -#================================================= - -# Set permissions on app files -chown -R root: $final_path - #================================================= # RELOAD NGINX #=================================================