diff --git a/.github/ISSUE_TEMPLATE.md b/.github/ISSUE_TEMPLATE.md new file mode 100755 index 0000000..2729a6b --- /dev/null +++ b/.github/ISSUE_TEMPLATE.md @@ -0,0 +1,55 @@ +--- +name: Bug report +about: When creating a bug report, please use the following template to provide all the relevant information and help debugging efficiently. + +--- + +**How to post a meaningful bug report** +1. *Read this whole template first.* +2. *Determine if you are on the right place:* + - *If you were performing an action on the app from the webadmin or the CLI (install, update, backup, restore, change_url...), you are on the right place!* + - *Otherwise, the issue may be due to the app itself. Refer to its documentation or repository for help.* + - *When in doubt, post here and we will figure it out together.* +3. *Delete the italic comments as you write over them below, and remove this guide.* +--- + +### Describe the bug + +*A clear and concise description of what the bug is.* + +### Context + +- Hardware: *VPS bought online / Old laptop or computer / Raspberry Pi at home / Internet Cube with VPN / Other ARM board / ...* +- YunoHost version: x.x.x +- I have access to my server: *Through SSH | through the webadmin | direct access via keyboard / screen | ...* +- Are you in a special context or did you perform some particular tweaking on your YunoHost instance?: *no / yes* + - If yes, please explain: +- Using, or trying to install package version/branch: +- If upgrading, current package version: *can be found in the admin, or with `yunohost app info $app_id`* + +### Steps to reproduce + +- *If you performed a command from the CLI, the command itself is enough. For example:* + ```sh + sudo yunohost app install the_app + ``` +- *If you used the webadmin, please perform the equivalent command from the CLI first.* +- *If the error occurs in your browser, explain what you did:* + 1. *Go to '...'* + 2. *Click on '...'* + 3. *Scroll down to '...'* + 4. *See error* + +### Expected behavior + +*A clear and concise description of what you expected to happen. You can remove this section if the command above is enough to understand your intent.* + +### Logs + +*When an operation fails, YunoHost provides a simple way to share the logs.* +- *In the webadmin, the error message contains a link to the relevant log page. On that page, you will be able to 'Share with Yunopaste'. If you missed it, the logs of previous operations are also available under Tools > Logs.* +- *In command line, the command to share the logs is displayed at the end of the operation and looks like `yunohost log display [log name] --share`. If you missed it, you can find the log ID of a previous operation using `yunohost log list`.* + +*After sharing the log, please copypaste directly the link provided by YunoHost (to help readability, no need to copypaste the entire content of the log here, just the link is enough...)* + +*If applicable and useful, add screenshots to help explain your problem.* diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md new file mode 100755 index 0000000..ef70e18 --- /dev/null +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -0,0 +1,16 @@ +## Problem + +- *Description of why you made this PR* + +## Solution + +- *And how do you fix that problem* + +## PR Status + +- [ ] Code finished and ready to be reviewed/tested +- [ ] The fix/enhancement were manually tested (if applicable) + +## Automatic tests + +Automatic tests can be triggered on https://ci-apps-dev.yunohost.org/ *after creating the PR*, by commenting "!testme", "!gogogadgetoci" or "By the power of systemd, I invoke The Great App CI to test this Pull Request!". (N.B. : for this to work you need to be a member of the Yunohost-Apps organization) diff --git a/.github/workflows/updater.sh b/.github/workflows/updater.sh new file mode 100755 index 0000000..50c6881 --- /dev/null +++ b/.github/workflows/updater.sh @@ -0,0 +1,134 @@ +#!/bin/bash + +#================================================= +# PACKAGE UPDATING HELPER +#================================================= + +# This script is meant to be run by GitHub Actions +# The YunoHost-Apps organisation offers a template Action to run this script periodically +# Since each app is different, maintainers can adapt its contents so as to perform +# automatic actions when a new upstream release is detected. + +# Remove this exit command when you are ready to run this Action +#exit 1 + +#================================================= +# FETCHING LATEST RELEASE AND ITS ASSETS +#================================================= + +# Fetching information +current_version=$(cat manifest.json | jq -j '.version|split("~")[0]') +repo=$(cat manifest.json | jq -j '.upstream.code|split("https://github.com/")[1]') +# Some jq magic is needed, because the latest upstream release is not always the latest version (e.g. security patches for older versions) +version=$(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '.[] | select( .prerelease != true ) | .tag_name' | sort -V | tail -1) +assets=($(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '[ .[] | select(.tag_name=="'$version'").assets[].browser_download_url ] | join(" ") | @sh' | tr -d "'")) + +# Later down the script, we assume the version has only digits and dots +# Sometimes the release name starts with a "v", so let's filter it out. +# You may need more tweaks here if the upstream repository has different naming conventions. +if [[ ${version:0:1} == "v" || ${version:0:1} == "V" ]]; then + version=${version:1} +fi + +# Setting up the environment variables +echo "Current version: $current_version" +echo "Latest release from upstream: $version" +echo "VERSION=$version" >> $GITHUB_ENV +echo "REPO=$repo" >> $GITHUB_ENV +# For the time being, let's assume the script will fail +echo "PROCEED=false" >> $GITHUB_ENV + +# Proceed only if the retrieved version is greater than the current one +if ! dpkg --compare-versions "$current_version" "lt" "$version" ; then + echo "::warning ::No new version available" + exit 0 +# Proceed only if a PR for this new version does not already exist +elif git ls-remote -q --exit-code --heads https://github.com/$GITHUB_REPOSITORY.git ci-auto-update-v$version ; then + echo "::warning ::A branch already exists for this update" + exit 0 +fi + +# Each release can hold multiple assets (e.g. binaries for different architectures, source code, etc.) +echo "${#assets[@]} available asset(s)" + +#================================================= +# UPDATE SOURCE FILES +#================================================= + +# Here we use the $assets variable to get the resources published in the upstream release. +# Here is an example for Grav, it has to be adapted in accordance with how the upstream releases look like. + +# Let's loop over the array of assets URLs +for asset_url in ${assets[@]}; do + +echo "Handling asset at $asset_url" + +# Assign the asset to a source file in conf/ directory +# Here we base the source file name upon a unique keyword in the assets url (admin vs. update) +# Leave $src empty to ignore the asset +case $asset_url in + *"baikal-"*".zip") + src="app" + ;; + *) + src="" + ;; +esac + +# If $src is not empty, let's process the asset +if [ ! -z "$src" ]; then + +# Create the temporary directory +tempdir="$(mktemp -d)" + +# Download sources and calculate checksum +filename=${asset_url##*/} +curl --silent -4 -L $asset_url -o "$tempdir/$filename" +checksum=$(sha256sum "$tempdir/$filename" | head -c 64) + +# Delete temporary directory +rm -rf $tempdir + +# Get extension +if [[ $filename == *.tar.gz ]]; then + extension=tar.gz +else + extension=${filename##*.} +fi + +# Rewrite source file +cat < conf/$src.src +SOURCE_URL=$asset_url +SOURCE_SUM=$checksum +SOURCE_SUM_PRG=sha256sum +SOURCE_FORMAT=$extension +SOURCE_IN_SUBDIR=true +SOURCE_FILENAME= +EOT +echo "... conf/$src.src updated" + +else +echo "... asset ignored" +fi + +done + +#================================================= +# SPECIFIC UPDATE STEPS +#================================================= + +# Any action on the app's source code can be done. +# The GitHub Action workflow takes care of committing all changes after this script ends. + +#================================================= +# GENERIC FINALIZATION +#================================================= + +# Replace new version in manifest +echo "$(jq -s --indent 4 ".[] | .version = \"$version~ynh1\"" manifest.json)" > manifest.json + +# No need to update the README, yunohost-bot takes care of it + +# The Action will proceed only if the PROCEED environment variable is set to true +echo "PROCEED=true" >> $GITHUB_ENV +exit 0 diff --git a/README.md b/README.md index 1f62aff..8773d2d 100644 --- a/README.md +++ b/README.md @@ -1,66 +1,43 @@ + + # Baïkal for YunoHost [![Integration level](https://dash.yunohost.org/integration/baikal.svg)](https://dash.yunohost.org/appci/app/baikal) ![](https://ci-apps.yunohost.org/ci/badges/baikal.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/baikal.maintain.svg) [![Install Baïkal with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=baikal) -> *This package allow you to install Baïkal quickly and simply on a YunoHost server. -If you don't have YunoHost, please see [here](https://yunohost.org/install) to know how to install and enjoy it.* +*[Lire ce readme en français.](./README_fr.md)* + +> *This package allows you to install Baïkal quickly and simply on a YunoHost server. +If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/install) to learn how to install it.* ## Overview -[Baïkal](http://baikal-server.com/) is a CalDAV and CardDAV server, based on -sabre/dav, that includes an administration interface for easy management. -**Shipped version:** 0.7.1 +[Baïkal](http://baikal-server.com/) is a lightweight CalDAV+CardDAV server. It offers an extensive web interface with easy management of users, address books and calendars. It is fast and simple to install and only needs a basic php capable server. The data can be stored in a MySQL or a SQLite database. + +Baïkal allows to seamlessly access your contacts and calendars from every device. It is compatible with iOS, Mac OS X, DAVx5 on Android, Mozilla Thunderbird and every other CalDAV and CardDAV capable application. Protect your privacy by hosting calendars and contacts yourself - with Baïkal. + +**Shipped version:** 0.9.2~ynh1 + +**Demo:** https://demo.yunohost.org/baikal/admin/ ## Screenshots -![](http://www.baikal-server.com/res/img/screenshots/dashboard.png) +![](./doc/screenshots/baikal-in-use.png) -## Demo +## Documentation and resources -* [YunoHost demo](https://demo.yunohost.org/baikal/admin/) - * Accounts: - * `demo/demo` then `admin/demo` +* Official app website: http://sabre.io/baikal/ +* Official admin documentation: https://sabre.io/dav/ +* Upstream app code repository: https://github.com/sabre-io/Baikal +* YunoHost documentation for this app: https://yunohost.org/app_baikal +* Report a bug: https://github.com/YunoHost-Apps/baikal_ynh/issues -## Configuration +## Developer info -## Documentation - - * Official documentation: http://sabre.io/baikal/ - * YunoHost documentation: https://yunohost.org/en/app_baikal - -## YunoHost specific features - -In addition to Baïkal core features, the following are made available with this package: - - * Serve `/.well-known` paths for CalDAV and CardDAV on the domain - -#### Multi-users support - -#### Supported architectures - -* x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/baikal.svg)](https://ci-apps.yunohost.org/ci/apps/baikal/) -* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/baikal.svg)](https://ci-apps-arm.yunohost.org/ci/apps/baikal/) - -## Limitations - -## Additional information - -* There is a breaking change in the management of the administrator password when upgrading to 0.7.0 You must change the admin password! -* To be able to change the admin password, please visit the page: `https://you.domain.tld/yunohost/admin/#/apps/baikal/actions` and set a new password. - -## Links - - * Report a bug: https://github.com/YunoHost-Apps/baikal_ynh/issues - * Baïkal website: http://baikal-server.com/ - * Upstream app repository: https://github.com/sabre-io/Baikal - * YunoHost website: https://yunohost.org/ - ---- - -## Developers infos - -Please do your pull request to the [testing branch](https://github.com/YunoHost-Apps/baikal_ynh/tree/testing). +Please send your pull request to the [testing branch](https://github.com/YunoHost-Apps/baikal_ynh/tree/testing). To try the testing branch, please proceed like that. ``` @@ -68,3 +45,5 @@ sudo yunohost app install https://github.com/YunoHost-Apps/baikal_ynh/tree/testi or sudo yunohost app upgrade baikal -u https://github.com/YunoHost-Apps/baikal_ynh/tree/testing --debug ``` + +**More info regarding app packaging:** https://yunohost.org/packaging_apps \ No newline at end of file diff --git a/README_fr.md b/README_fr.md new file mode 100644 index 0000000..7847b6e --- /dev/null +++ b/README_fr.md @@ -0,0 +1,45 @@ +# Baïkal pour YunoHost + +[![Niveau d'intégration](https://dash.yunohost.org/integration/baikal.svg)](https://dash.yunohost.org/appci/app/baikal) ![](https://ci-apps.yunohost.org/ci/badges/baikal.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/baikal.maintain.svg) +[![Installer Baïkal avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=baikal) + +*[Read this readme in english.](./README.md)* +*[Lire ce readme en français.](./README_fr.md)* + +> *Ce package vous permet d'installer Baïkal rapidement et simplement sur un serveur YunoHost. +Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.* + +## Vue d'ensemble + +[Baïkal](http://baikal-server.com/) is a lightweight CalDAV+CardDAV server. It offers an extensive web interface with easy management of users, address books and calendars. It is fast and simple to install and only needs a basic php capable server. The data can be stored in a MySQL or a SQLite database. + +Baïkal allows to seamlessly access your contacts and calendars from every device. It is compatible with iOS, Mac OS X, DAVx5 on Android, Mozilla Thunderbird and every other CalDAV and CardDAV capable application. Protect your privacy by hosting calendars and contacts yourself - with Baïkal. + +**Version incluse :** 0.9.2~ynh1 + +**Démo :** https://demo.yunohost.org/baikal/admin/ + +## Captures d'écran + +![](./doc/screenshots/baikal-in-use.png) + +## Documentations et ressources + +* Site officiel de l'app : http://sabre.io/baikal/ +* Documentation officielle de l'admin : https://sabre.io/dav/ +* Dépôt de code officiel de l'app : https://github.com/sabre-io/Baikal +* Documentation YunoHost pour cette app : https://yunohost.org/app_baikal +* Signaler un bug : https://github.com/YunoHost-Apps/baikal_ynh/issues + +## Informations pour les développeurs + +Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/baikal_ynh/tree/testing). + +Pour essayer la branche testing, procédez comme suit. +``` +sudo yunohost app install https://github.com/YunoHost-Apps/baikal_ynh/tree/testing --debug +ou +sudo yunohost app upgrade baikal -u https://github.com/YunoHost-Apps/baikal_ynh/tree/testing --debug +``` + +**Plus d'infos sur le packaging d'applications :** https://yunohost.org/packaging_apps \ No newline at end of file diff --git a/check_process b/check_process index db9882c..3f57549 100644 --- a/check_process +++ b/check_process @@ -1,8 +1,8 @@ ;; Test complet ; Manifest - domain="domain.tld" (DOMAIN) - path="/path" (PATH) - password="mysecret" + domain="domain.tld" + path="/path" + password="1Strong-Password" ; Checks pkg_linter=1 setup_sub_dir=1 @@ -11,7 +11,8 @@ setup_private=0 setup_public=0 upgrade=1 - upgrade=1 from_commit=099f63413f120982232a77fd4ff5f62530d546ad + #0.7.1~ynh2 + upgrade=1 from_commit=7c074c7b18322cde08c4eb57ffbc5ae174b7ae65 backup_restore=1 multi_instance=0 change_url=1 @@ -19,6 +20,6 @@ Email= Notification=none ;;; Upgrade options - ; commit=099f63413f120982232a77fd4ff5f62530d546ad - name=Testing (#57) + ; commit=7c074c7b18322cde08c4eb57ffbc5ae174b7ae65 + name=Testing #60 manifest_arg=domain=DOMAIN&path=PATH&password=mysecret& diff --git a/conf/app.src b/conf/app.src index 7eb737e..ee5cd22 100644 --- a/conf/app.src +++ b/conf/app.src @@ -1,5 +1,5 @@ -SOURCE_URL=https://github.com/sabre-io/Baikal/releases/download/0.7.1/baikal-0.7.1.zip -SOURCE_SUM=dade7d8dd740ed66f6d87368a6ceff845938ba57d7f45063f8b9cea6278c1c0a +SOURCE_URL=https://github.com/sabre-io/Baikal/releases/download/0.9.2/baikal-0.9.2.zip +SOURCE_SUM=5feb8488c74fe6b625680654f3d51cdb080dcc6180c1b558543cb25f18f38c65 SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=zip SOURCE_IN_SUBDIR=true diff --git a/conf/baikal.yaml b/conf/baikal.yaml index 09fb85c..b6504a9 100644 --- a/conf/baikal.yaml +++ b/conf/baikal.yaml @@ -1,5 +1,5 @@ system: - configured_version: '0.7.1' + configured_version: '0.9.2' timezone: '__TIMEZONE__' card_enabled: true cal_enabled: true @@ -8,22 +8,22 @@ system: admin_passwordhash: __PASSWORD_HASH__ auth_realm: BaikalDAV base_uri: '__PATH__' -# Auth Backend LDAP-UserBind; LDAP URI + # Auth Backend LDAP-UserBind; LDAP URI dav_ldap_uri: 'ldap://127.0.0.1/' -# Auth Backend LDAP-UserBind; Template for userbind -# %n => username -# %u => user part of username when it is an email -# %u => domain part of username when it is an email + # Auth Backend LDAP-UserBind; Template for userbind + # %n => username + # %u => user part of username when it is an email + # %u => domain part of username when it is an email dav_ldap_dn_template: 'uid=%n,ou=users,dc=yunohost,dc=org' -# Auth Backend LDAP-UserBind; attribute for displayname + # Auth Backend LDAP-UserBind; attribute for displayname dav_ldap_displayname_attr: 'cn' -# Auth Backend LDAP-UserBind; attribute for email + # Auth Backend LDAP-UserBind; attribute for email dav_ldap_email_attr: 'mail' database: - encryption_key: '__DESKEY__' + encryption_key: '__ENCRYPT_KEY__' sqlite_file: "absolute/path/to/Specific/db/db.sqlite" mysql: true mysql_host: 'localhost' mysql_dbname: '__DB_NAME__' - mysql_username: '__DB_NAME__' + mysql_username: '__DB_USER__' mysql_password: '__DB_PWD__' diff --git a/conf/nginx.conf b/conf/nginx.conf index 518275c..d29b7e1 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,9 +1,9 @@ location = /.well-known/carddav { - return 301 https://$server_name__PATH__/card.php; + return 301 https://$server_name__PATH__/dav.php; } location = /.well-known/caldav { - return 301 https://$server_name__PATH__/cal.php; + return 301 https://$server_name__PATH__/dav.php; } #sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; @@ -12,11 +12,6 @@ location __PATH__/ { # Path to source alias __FINALPATH__/html/; - # Force usage of https - if ($scheme = http) { - rewrite ^ https://$server_name$request_uri? permanent; - } - index index.php; location ~ ^(.+\.php)(.*)$ { @@ -27,7 +22,12 @@ location __PATH__/ { fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock; } - location ~ ^__PATH__/(\.|Core|Specific) { + #location ~ ^__PATH__/(\.|Core|Specific) { + # deny all; + #} + + location ~ ^__PATH__/(\.ht|Core|Specific|config) { deny all; + return 404; } } diff --git a/doc/DESCRIPTION.md b/doc/DESCRIPTION.md new file mode 100644 index 0000000..832cca8 --- /dev/null +++ b/doc/DESCRIPTION.md @@ -0,0 +1,3 @@ +[Baïkal](http://baikal-server.com/) is a lightweight CalDAV+CardDAV server. It offers an extensive web interface with easy management of users, address books and calendars. It is fast and simple to install and only needs a basic php capable server. The data can be stored in a MySQL or a SQLite database. + +Baïkal allows to seamlessly access your contacts and calendars from every device. It is compatible with iOS, Mac OS X, DAVx5 on Android, Mozilla Thunderbird and every other CalDAV and CardDAV capable application. Protect your privacy by hosting calendars and contacts yourself - with Baïkal. \ No newline at end of file diff --git a/doc/screenshots/baikal-in-use.png b/doc/screenshots/baikal-in-use.png new file mode 100644 index 0000000..5095a53 Binary files /dev/null and b/doc/screenshots/baikal-in-use.png differ diff --git a/manifest.json b/manifest.json index 8d171b8..5a99050 100644 --- a/manifest.json +++ b/manifest.json @@ -1,33 +1,39 @@ { + "name": "Baïkal", "id": "baikal", - "name": "Baikal", "packaging_format": 1, "description": { "en": "Lightweight CalDAV and CardDAV server", "fr": "Serveur CalDAV et CardDAV léger" }, - "version": "0.7.1~ynh2", + "version": "0.9.2~ynh1", "url": "http://baikal-server.com/", + "upstream": { + "license": "GPL-3.0", + "website": "http://sabre.io/baikal/", + "demo": "https://demo.yunohost.org/baikal/admin/", + "admindoc": "https://sabre.io/dav/", + "code": "https://github.com/sabre-io/Baikal" + }, "license": "GPL-3.0", "maintainer": { "name": "julien", "email": "julien.malik@paraiso.me" }, "requirements": { - "yunohost": ">= 4.1.7" + "yunohost": ">= 4.3.0" }, "multi_instance": false, "services": [ "nginx", - "php7.3-fpm", + "php8.0-fpm", "mysql" ], "arguments": { "install" : [ { "name": "domain", - "type": "domain", - "example": "domain.org" + "type": "domain" }, { "name": "path", @@ -37,8 +43,7 @@ }, { "name": "password", - "type": "password", - "example": "mysecret" + "type": "password" } ] } diff --git a/pull_request_template.md b/pull_request_template.md deleted file mode 100644 index 0a198cf..0000000 --- a/pull_request_template.md +++ /dev/null @@ -1,16 +0,0 @@ -## Problem -- *Description of why you made this PR* - -## Solution -- *And how you fix that* - -## PR Status -- [ ] Code finished. -- [ ] Tested with Package_check. -- [ ] Fix or enhancement tested. -- [ ] Upgrade from last version tested. -- [ ] Can be reviewed and tested. - -## Package_check results ---- -* An automatic package_check will be launch at https://ci-apps-dev.yunohost.org/, when you add a specific comment to your Pull Request: "!testme", "!gogogadgetoci" or "By the power of systemd, I invoke The Great App CI to test this Pull Request!"* diff --git a/scripts/_common.sh b/scripts/_common.sh index 6eef4b8..e77b284 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -5,9 +5,9 @@ #================================================= # dependencies used by the app -YNH_PHP_VERSION="7.3" +YNH_PHP_VERSION="8.0" -pkg_dependencies="php${YNH_PHP_VERSION}-xml php${YNH_PHP_VERSION}-mbstring php${YNH_PHP_VERSION}-mysql" +pkg_dependencies="php${YNH_PHP_VERSION}-xml php${YNH_PHP_VERSION}-mbstring php${YNH_PHP_VERSION}-mysql php${YNH_PHP_VERSION}-ldap" #================================================= # EXPERIMENTAL HELPERS diff --git a/scripts/actions/reset_admin_password b/scripts/actions/reset_admin_password index c2b0be8..9086523 100644 --- a/scripts/actions/reset_admin_password +++ b/scripts/actions/reset_admin_password @@ -43,15 +43,15 @@ ynh_script_progression --message="Changing the password..." --weight=1 bk_conf="${final_path}/config/baikal.yaml" -ynh_backup_if_checksum_is_different --file="${final_path}/config/baikal.yaml" +ynh_backup_if_checksum_is_different --file="$final_path/config/baikal.yaml" -ynh_replace_string --match_string="${password_hash_old}" --replace_string="${password_hash}" --target_file="$bk_conf" +ynh_replace_string --match_string="${password_hash_old}" --replace_string="${password_hash}" --target_file="$final_path/config/baikal.yaml" ynh_app_setting_set --app=$app --key=password_hash --value=$password_hash -ynh_store_file_checksum --file="${final_path}/config/baikal.yaml" +ynh_store_file_checksum --file="$final_path/config/baikal.yaml" #================================================= # END OF SCRIPT #================================================= -ynh_script_progression --message="Execution completed" --last \ No newline at end of file +ynh_script_progression --message="Execution completed" --last diff --git a/scripts/backup b/scripts/backup index 3a806bb..e20a222 100644 --- a/scripts/backup +++ b/scripts/backup @@ -62,4 +62,4 @@ ynh_mysql_dump_db --database="$db_name" > db.sql # END OF SCRIPT #================================================= -ynh_print_info --message="Backup script completed for Baïkal. (YunoHost will then actually copy those files to the archive)." +ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." diff --git a/scripts/change_url b/scripts/change_url index 4d491c8..54431ae 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -94,20 +94,20 @@ fi #================================================= # UPDATE CONFIGURATION #================================================= -ynh_script_progression --message="Updating Baïkal configuration..." +ynh_script_progression --message="Updating $app configuration..." --weight=2 -ynh_backup_if_checksum_is_different --file="${final_path}/config/baikal.yaml" +ynh_backup_if_checksum_is_different --file="$final_path/config/baikal.yaml" -ynh_replace_string --match_string="base_uri: '$old_path'" --replace_string="base_uri: '$new_path'" --target_file="${final_path}/config/baikal.yaml" +ynh_replace_string --match_string="base_uri: '$old_path'" --replace_string="base_uri: '$new_path'" --target_file="$final_path/config/baikal.yaml" -ynh_store_file_checksum --file="${final_path}/config/baikal.yaml" +ynh_store_file_checksum --file="$final_path/config/baikal.yaml" #================================================= # GENERIC FINALISATION #================================================= # RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading NGINX web server..." +ynh_script_progression --message="Reloading NGINX web server..." --weight=1 ynh_systemd_action --service_name=nginx --action=reload @@ -115,4 +115,4 @@ ynh_systemd_action --service_name=nginx --action=reload # END OF SCRIPT #================================================= -ynh_script_progression --message="Change of URL completed for Baïkal" --last +ynh_script_progression --message="Change of URL completed for $app" --last diff --git a/scripts/install b/scripts/install index ebbd114..9169e1b 100644 --- a/scripts/install +++ b/scripts/install @@ -22,13 +22,16 @@ ynh_abort_if_errors domain=$YNH_APP_ARG_DOMAIN path_url=$YNH_APP_ARG_PATH password=$YNH_APP_ARG_PASSWORD +timezone=$(cat /etc/timezone) +encrypt_key=$(ynh_string_random 24) +password_hash=$(echo -n admin:BaikalDAV:$password | sha256sum | cut -d ' ' -f 1) app=$YNH_APP_INSTANCE_NAME #================================================= # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS #================================================= -ynh_script_progression --message="Validating installation parameters..." +ynh_script_progression --message="Validating installation parameters..." --weight=1 final_path=/var/www/$app test ! -e "$final_path" || ynh_die "This path already contains a folder" @@ -49,6 +52,8 @@ ynh_script_progression --message="Storing installation settings..." --weight=2 ynh_app_setting_set --app=$app --key=domain --value=$domain ynh_app_setting_set --app=$app --key=path --value=$path_url +ynh_app_setting_set --app=$app --key=encrypt_key --value="$encrypt_key" +ynh_app_setting_set --app=$app --key=password_hash --value="$password_hash" #================================================= # STANDARD MODIFICATIONS @@ -59,14 +64,23 @@ ynh_script_progression --message="Installing dependencies..." --weight=5 ynh_install_app_dependencies $pkg_dependencies +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Configuring system user..." --weight=1 + +# Create a system user +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # CREATE A MYSQL DATABASE #================================================= -ynh_script_progression --message="Creating a MySQL database..." +ynh_script_progression --message="Creating a MySQL database..." --weight=2 db_name=$(ynh_sanitize_dbid $app) +db_user=$db_name ynh_app_setting_set --app=$app --key=db_name --value=$db_name -ynh_mysql_setup_db --db_user=$db_name --db_name=$db_name +ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE @@ -77,67 +91,51 @@ ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + #================================================= # NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Configuring NGINX web server..." +ynh_script_progression --message="Configuring NGINX web server..." --weight=1 # Create a dedicated NGINX config ynh_add_nginx_config -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." --weight=3 - -# Create a system user -ynh_system_user_create --username=$app - #================================================= # PHP-FPM CONFIGURATION #================================================= -ynh_script_progression --message="Configuring PHP-FPM..." +ynh_script_progression --message="Configuring PHP-FPM..." --weight=2 # Create a dedicated PHP-FPM config ynh_add_fpm_config +phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= # SPECIFIC SETUP #================================================= # INITIALIZE DATABASE #================================================= -ynh_script_progression --message="Configuring Baïkal..." --weight=3 +ynh_script_progression --message="Configuring $app..." --weight=3 -ynh_mysql_connect_as --user=$db_name --password="$db_pwd" --database=$db_name \ - < "${final_path}/Core/Resources/Db/MySQL/db.sql" +ynh_mysql_connect_as --user=$db_user --password="$db_pwd" --database=$db_name \ + < "$final_path/Core/Resources/Db/MySQL/db.sql" #================================================= # CONFIGURE BAIKAL #================================================= +ynh_script_progression --message="Adding a configuration file..." --weight=1 -bk_conf="${final_path}/config/baikal.yaml" -timezone=$(cat /etc/timezone) -password_hash=$(echo -n admin:BaikalDAV:$password | sha256sum | cut -d ' ' -f 1) -ynh_app_setting_set --app=$app --key=password_hash --value=$password_hash +#bk_conf="${final_path}/config/baikal.yaml" path=${path_url%/} -deskey=$(ynh_string_random 24) -ynh_app_setting_set --app=$app --key=encrypt_key --value="$deskey" -ynh_add_config --template="../conf/baikal.yaml" --destination="$bk_conf" +ynh_add_config --template="../conf/baikal.yaml" --destination="$final_path/config/baikal.yaml" +chown $app: "$final_path/config/baikal.yaml" +chmod 640 "$final_path/config/baikal.yaml" # Disable installation -touch "${final_path}/Specific/INSTALL_DISABLED" - -#================================================= -# GENERIC FINALIZATION -#================================================= -# SECURE FILES AND DIRECTORIES -#================================================= - -# Set permissions -chown -R root: "$final_path" -chown $app "$final_path/config/baikal.yaml" -chmod 640 "$final_path/config/baikal.yaml" +touch "$final_path/Specific/INSTALL_DISABLED" #================================================= # SETUP SSOWAT @@ -152,7 +150,7 @@ ynh_permission_create --permission="admin" --url="/admin" --allowed="all_users" #================================================= # RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading NGINX web server..." +ynh_script_progression --message="Reloading NGINX web server..." --weight=1 ynh_systemd_action --service_name=nginx --action=reload @@ -160,4 +158,4 @@ ynh_systemd_action --service_name=nginx --action=reload # END OF SCRIPT #================================================= -ynh_script_progression --message="Installation of Baïkal completed" --last +ynh_script_progression --message="Installation of $app completed" --last diff --git a/scripts/remove b/scripts/remove index 1c3060c..7da7426 100644 --- a/scripts/remove +++ b/scripts/remove @@ -12,12 +12,13 @@ source /usr/share/yunohost/helpers #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading installation settings..." +ynh_script_progression --message="Loading installation settings..." --weight=1 app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app=$app --key=domain) db_name=$(ynh_app_setting_get --app=$app --key=db_name) +db_user=$db_name final_path=$(ynh_app_setting_get --app=$app --key=final_path) #================================================= @@ -25,15 +26,15 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path) #================================================= # REMOVE THE MYSQL DATABASE #================================================= -ynh_script_progression --message="Removing the MySQL database" --weight=2 +ynh_script_progression --message="Removing the MySQL database" --weight=1 # Remove a database if it exists, along with the associated user -ynh_mysql_remove_db --db_user=$db_name --db_name=$db_name +ynh_mysql_remove_db --db_user=$db_user --db_name=$db_name #================================================= # REMOVE DEPENDENCIES #================================================= -ynh_script_progression --message="Removing dependencies..." --weight=4 +ynh_script_progression --message="Removing dependencies..." --weight=3 # Remove metapackage and its dependencies ynh_remove_app_dependencies @@ -41,7 +42,7 @@ ynh_remove_app_dependencies #================================================= # REMOVE APP MAIN DIR #================================================= -ynh_script_progression --message="Removing Baïkal main directory" +ynh_script_progression --message="Removing app main directory" --weight=3 # Remove the app directory securely ynh_secure_remove --file="$final_path" @@ -49,7 +50,7 @@ ynh_secure_remove --file="$final_path" #================================================= # REMOVE NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Removing NGINX web server configuration" +ynh_script_progression --message="Removing NGINX web server configuration" --weight=1 # Remove the dedicated NGINX config ynh_remove_nginx_config @@ -57,7 +58,7 @@ ynh_remove_nginx_config #================================================= # REMOVE PHP-FPM CONFIGURATION #================================================= -ynh_script_progression --message="Removing PHP-FPM configuration" +ynh_script_progression --message="Removing PHP-FPM configuration" --weight=1 # Remove the dedicated PHP-FPM config ynh_remove_fpm_config @@ -67,7 +68,7 @@ ynh_remove_fpm_config #================================================= # REMOVE DEDICATED USER #================================================= -ynh_script_progression --message="Removing the dedicated system user" +ynh_script_progression --message="Removing the dedicated system user" --weight=1 # Delete a system user ynh_system_user_delete --username=$app @@ -76,4 +77,4 @@ ynh_system_user_delete --username=$app # END OF SCRIPT #================================================= -ynh_script_progression --message="Removal of Baïkal completed" --last +ynh_script_progression --message="Removal of $app completed" --last diff --git a/scripts/restore b/scripts/restore index 820e1de..e87e437 100644 --- a/scripts/restore +++ b/scripts/restore @@ -19,7 +19,7 @@ ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading settings..." +ynh_script_progression --message="Loading settings..." --weight=1 app=$YNH_APP_INSTANCE_NAME @@ -27,6 +27,7 @@ domain=$(ynh_app_setting_get --app=$app --key=domain) path_url=$(ynh_app_setting_get --app=$app --key=path) final_path=$(ynh_app_setting_get --app=$app --key=final_path) db_name=$(ynh_app_setting_get --app=$app --key=db_name) +db_user=$db_name phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= @@ -34,8 +35,6 @@ phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= ynh_script_progression --message="Validating restoration parameters..." --weight=2 -ynh_webpath_available --domain=$domain --path_url=$path_url \ - || ynh_die --message="Path not available: ${domain}${path_url}" test ! -d $final_path \ || ynh_die --message="There is already a directory: $final_path " @@ -57,45 +56,50 @@ ynh_install_app_dependencies $pkg_dependencies #================================================= # RESTORE THE NGINX CONFIGURATION #================================================= +ynh_script_progression --message="Restoring the NGINX web server configuration..." --weight=1 ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" -#================================================= -# RESTORE THE APP MAIN DIR -#================================================= -ynh_script_progression --message="Restoring Baïkal main directory..." - -ynh_restore_file --origin_path="$final_path" - -#================================================= -# RESTORE THE MYSQL DATABASE -#================================================= -ynh_script_progression --message="Restoring the MySQL database..." --weight=2 - -db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) -ynh_mysql_setup_db --db_user=$db_name --db_name=$db_name --db_pwd=$db_pwd -ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name < ./db.sql - #================================================= # RECREATE THE DEDICATED USER #================================================= ynh_script_progression --message="Recreating the dedicated system user..." --weight=3 # Create the dedicated user (if not existing) -ynh_system_user_create --username=$app +ynh_system_user_create --username=$app --home_dir="$final_path" + +#================================================= +# RESTORE THE APP MAIN DIR +#================================================= +ynh_script_progression --message="Restoring the app main directory..." --weight=3 + +ynh_restore_file --origin_path="$final_path" + +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + +#================================================= +# RESTORE THE MYSQL DATABASE +#================================================= +ynh_script_progression --message="Restoring the MySQL database..." --weight=2 + +db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) +ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd +ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql #================================================= # RESTORE USER RIGHTS #================================================= # Set permissions -chown -R root: "$final_path" -chown $app "$final_path/config/baikal.yaml" +chown $app: "$final_path/config/baikal.yaml" chmod 640 "$final_path/config/baikal.yaml" #================================================= # RESTORE THE PHP-FPM CONFIGURATION #================================================= +ynh_script_progression --message="Restoring the PHP-FPM configuration..." --weight=1 ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" @@ -104,7 +108,7 @@ ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" #================================================= # RELOAD NGINX AND PHP-FPM #================================================= -ynh_script_progression --message="Reloading NGINX web server and PHP-FPM..." +ynh_script_progression --message="Reloading NGINX web server and PHP-FPM..." --weight=1 ynh_systemd_action --service_name=php$phpversion-fpm --action=reload ynh_systemd_action --service_name=nginx --action=reload @@ -113,4 +117,4 @@ ynh_systemd_action --service_name=nginx --action=reload # END OF SCRIPT #================================================= -ynh_script_progression --message="Restoration completed for Baïkal" --last +ynh_script_progression --message="Restoration completed for $app" --last diff --git a/scripts/upgrade b/scripts/upgrade index 21ab67d..f92c1e8 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -20,9 +20,11 @@ domain=$(ynh_app_setting_get --app=$app --key=domain) path_url=$(ynh_app_setting_get --app=$app --key=path) final_path=$(ynh_app_setting_get --app=$app --key=final_path) db_name=$(ynh_app_setting_get --app=$app --key=db_name) -phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) +db_user=$db_name db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) +phpversion=$YNH_PHP_VERSION password_hash=$(ynh_app_setting_get --app=$app --key=password_hash) +encrypt_key=$(ynh_app_setting_get --app=$app --key=encrypt_key) #================================================= # CHECK VERSION @@ -30,10 +32,24 @@ password_hash=$(ynh_app_setting_get --app=$app --key=password_hash) upgrade_type=$(ynh_check_app_version_changed) +#================================================= +# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +#================================================= +ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=4 + +# Backup the current version of the app +ynh_backup_before_upgrade +ynh_clean_setup () { + # restore it if the upgrade fails + ynh_restore_upgradebackup +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= -ynh_script_progression --message="Ensuring downward compatibility..." +ynh_script_progression --message="Ensuring downward compatibility..." --weight=1 # If final_path doesn't exist, create it if [ -z "$final_path" ]; then @@ -47,6 +63,14 @@ if [ -z "$db_name" ]; then ynh_app_setting_set --app=$app --key=db_name --value=$db_name fi +# If password_hash doesn't exist, create it +if [ -z "$password_hash" ]; then + password=$(ynh_app_setting_get --app=$app --key=password) + password_hash=$(echo -n admin:BaikalDAV:$password | md5sum | cut -d ' ' -f 1) + ynh_app_setting_set --app=$app --key=password_hash --value=$password_hash +fi + + # Cleaning legacy permissions if ynh_legacy_permissions_exists; then ynh_legacy_permissions_delete_all @@ -60,18 +84,12 @@ if ! ynh_permission_exists --permission="admin"; then fi #================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +# CREATE DEDICATED USER #================================================= -ynh_script_progression --message="Backing up Baïkal before upgrading (may take a while)..." --weight=4 +ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 -# Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { - # restore it if the upgrade fails - ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors +# Create a dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= # STANDARD UPGRADE STEPS @@ -83,26 +101,17 @@ if [ "$upgrade_type" == "UPGRADE_APP" ] then ynh_script_progression --message="Upgrading source files..." --weight=3 - # Keep the Specific and config folders intact: https://sabre.io/baikal/upgrade/ - mkdir -p "$final_path/config" - temp_folder=$(mktemp -d) - mv "$final_path/Specific" "$temp_folder" - mv "$final_path/config" "$temp_folder" - # Download, check integrity, uncompress and patch the source from app.src - ynh_setup_source --dest_dir="$final_path" - - ynh_secure_remove --file="$final_path/Specific" - ynh_secure_remove --file="$final_path/config" - - mv "$temp_folder/Specific" "$final_path" - mv "$temp_folder/config" "$final_path" - ynh_secure_remove --file="$temp_folder" + ynh_setup_source --dest_dir="$final_path" --keep="$final_path/Specific $final_path/config" fi +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + #================================================= # NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Upgrading NGINX web server configuration..." +ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=1 # Create a dedicated NGINX config ynh_add_nginx_config @@ -114,14 +123,6 @@ ynh_script_progression --message="Upgrading dependencies..." --weight=5 ynh_install_app_dependencies $pkg_dependencies -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Making sure dedicated system user exists..." - -# Create a dedicated user (if not existing) -ynh_system_user_create --username=$app - #================================================= # PHP-FPM CONFIGURATION #================================================= @@ -136,61 +137,26 @@ ynh_add_fpm_config # UPGRADE BAIKAL #================================================= +# We keep this to allow upgrade the config file in case it needs to be changed. + if [ "$upgrade_type" == "UPGRADE_APP" ] then #================================================= # UPGRADE BAIKAL CONFIGURATION #================================================= - ynh_script_progression --message="Upgrading Baïkal configuration..." --weight=2 + ynh_script_progression --message="Upgrading the configuration file..." --weight=2 - if [ -z "$password_hash" ]; then - password=$(ynh_app_setting_get --app=$app --key=password) - password_hash=$(echo -n admin:BaikalDAV:$password | md5sum | cut -d ' ' -f 1) - ynh_app_setting_set --app=$app --key=password_hash --value=$password_hash - fi - - bk_conf="${final_path}/config/baikal.yaml" timezone=$(cat /etc/timezone) path=${path_url%/} - deskey=$(ynh_app_setting_get --app=$app --key=encrypt_key) - ynh_app_setting_set --app=$app --key=encrypt_key --value="$deskey" - - ynh_add_config --template="../conf/baikal.yaml" --destination="$bk_conf" - - #================================================= - # UPGRADE BAIKAL - #================================================= - ynh_script_progression --message="Upgrading Baïkal..." - - # Run Baikal upgrade - php"${phpversion}" "${final_path}/bin/upgrade.sh" - - # Cleanup old baikal-admin sessions - # since we may have changed owner of the session file - grep --files-with-matches --recursive "CSRF_TOKEN|s:" /var/lib/php/sessions | xargs rm -f - - # Store the config file checksum into the app settings - ynh_store_file_checksum --file="$bk_conf" - # Remove checksums of old files - ynh_delete_file_checksum --file="${final_path}/Specific/config.php" - ynh_delete_file_checksum --file="${final_path}/Specific/config.system.php" + ynh_add_config --template="../conf/baikal.yaml" --destination="$final_path/config/baikal.yaml" + chown $app: "$final_path/config/baikal.yaml" + chmod 640 "$final_path/config/baikal.yaml" fi -#================================================= -# GENERIC FINALIZATION -#================================================= -# SECURE FILES AND DIRECTORIES -#================================================= - -# Set permissions -chown -R root: "$final_path" -chown $app "$final_path/config/baikal.yaml" -chmod 640 "$final_path/config/baikal.yaml" - #================================================= # RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading NGINX web server..." +ynh_script_progression --message="Reloading NGINX web server..." --weight=1 ynh_systemd_action --service_name=nginx --action=reload @@ -198,4 +164,4 @@ ynh_systemd_action --service_name=nginx --action=reload # END OF SCRIPT #================================================= -ynh_script_progression --message="Upgrade of Baïkal completed" --last +ynh_script_progression --message="Upgrade of $app completed" --last diff --git a/sources/patches/app-add-ldap-auth.patch b/sources/patches/app-add-ldap-auth.patch index eb51c42..d5849b7 100644 --- a/sources/patches/app-add-ldap-auth.patch +++ b/sources/patches/app-add-ldap-auth.patch @@ -2,12 +2,14 @@ diff --git a/Core/Frameworks/Baikal/Core/Server.php b/Core/Frameworks/Baikal/Cor index e96fe39..b90b49e 100644 --- a/Core/Frameworks/Baikal/Core/Server.php +++ b/Core/Frameworks/Baikal/Core/Server.php -@@ -133,6 +133,8 @@ class Server { +@@ -133,8 +133,8 @@ if ($this->authType === 'Basic') { $authBackend = new \Baikal\Core\PDOBasicAuth($this->pdo, $this->authRealm); -+ } elseif ($this->authType === 'LDAP-UserBind') { -+ $authBackend = new \Baikal\Core\LDAPUserBindAuth($this->pdo, $this->authRealm); +- } elseif ($this->authType === 'Apache') { +- $authBackend = new \Sabre\DAV\Auth\Backend\Apache(); ++ } elseif ($this->authType === 'LDAP-UserBind') { ++ $authBackend = new \Baikal\Core\LDAPUserBindAuth($this->pdo, $this->authRealm); } else { $authBackend = new \Sabre\DAV\Auth\Backend\PDO($this->pdo); $authBackend->setRealm($this->authRealm); @@ -15,10 +17,14 @@ diff --git a/Core/Frameworks/Baikal/Model/Config/Standard.php b/Core/Frameworks/ index 1ef5a51..32ec217 100644 --- a/Core/Frameworks/Baikal/Model/Config/Standard.php +++ b/Core/Frameworks/Baikal/Model/Config/Standard.php -@@ -51,6 +51,22 @@ class Standard extends \Baikal\Model\Config { - "type" => "string", - "comment" => "HTTP authentication type for WebDAV; default Digest" - ], +@@ -37,6 +37,26 @@ + "card_enabled" => true, + "cal_enabled" => true, + "dav_auth_type" => "Digest", ++ "dav_ldap_uri" => "ldapi:///", ++ "dav_ldap_dn_template" => "uid=%n,dc=example,dc=com", ++ "dav_ldap_displayname_attr" => "cn", ++ "dav_ldap_email_attr" => "mail", + "dav_ldap_uri" => [ + "type" => "string", + "comment" => "URI to LDAP Server (for ldap-userbind auth); default ldapi:///" @@ -35,25 +41,14 @@ index 1ef5a51..32ec217 100644 + "type" => "string", + "comment" => "LDAP-attribute for email; default mail" + ], - "admin_passwordhash" => [ - "type" => "string", - "comment" => "Baïkal Web admin password hash; Set via Baïkal Web Admin", -@@ -64,6 +80,10 @@ class Standard extends \Baikal\Model\Config { - "card_enabled" => true, - "cal_enabled" => true, - "dav_auth_type" => "Digest", -+ "dav_ldap_uri" => "ldapi:///", -+ "dav_ldap_dn_template" => "uid=%n,dc=example,dc=com", -+ "dav_ldap_displayname_attr" => "cn", -+ "dav_ldap_email_attr" => "mail", - "admin_passwordhash" => "", - "auth_realm" => "BaikalDAV", - "base_uri" => "" -@@ -103,7 +123,31 @@ class Standard extends \Baikal\Model\Config { + "admin_passwordhash" => "", + "failed_access_message" => "user %u authentication failure for Baikal", + // While not editable as will change admin & any existing user passwords, +@@ -79,7 +99,31 @@ $oMorpho->add(new \Formal\Element\Listbox([ "prop" => "dav_auth_type", "label" => "WebDAV authentication type", -- "options" => ["Digest", "Basic"] +- "options" => ["Digest", "Basic", "Apache"], + "options" => ["Digest", "Basic", "LDAP-UserBind"] + ])); +