From 5ac0ae1580436c67ff8b55234ca8cd55a0c7689c Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Wed, 7 Jul 2021 09:04:38 +0200 Subject: [PATCH] Fix --- check_process | 14 +++---- manifest.json | 18 +-------- scripts/backup | 8 ++++ scripts/install | 49 +++++++++-------------- scripts/restore | 22 ++++++----- scripts/upgrade | 102 ++++++++++++++++++------------------------------ 6 files changed, 84 insertions(+), 129 deletions(-) diff --git a/check_process b/check_process index c530dfd..37f78ba 100644 --- a/check_process +++ b/check_process @@ -1,10 +1,10 @@ ;; Nom du test ; Manifest - domain="domain.tld" (DOMAIN) - path="/path" (PATH) - admin="john" (USER) - is_public=1 (PUBLIC|public=1|private=0) - admin_pwd="pass" + domain="domain.tld" + path="/path" + admin="john" + is_public=1 + admin_pwd="password-strong" login=1 ; Checks pkg_linter=1 @@ -16,11 +16,7 @@ upgrade=1 backup_restore=1 multi_instance=1 - incorrect_path=1 - port_already_use=0 change_url=1 -;;; Levels - Level 5=auto ;;; Options Email= Notification=none diff --git a/manifest.json b/manifest.json index b726049..94b2b9a 100644 --- a/manifest.json +++ b/manifest.json @@ -14,7 +14,7 @@ "email": "apulido@free.fr" }, "requirements": { - "yunohost": ">> 3.8.1" + "yunohost": ">> 4.2.4" }, "multi_instance": true, "services": [ @@ -26,29 +26,17 @@ { "name": "domain", "type": "domain", - "ask": { - "en": "Choose a domain name for BicBucStriim", - "fr": "Choisissez un nom de domaine pour BicBucStriim" - }, "example": "example.com" }, { "name": "path", "type": "path", - "ask": { - "en": "Choose a path for BicBucStriim", - "fr": "Choisissez un chemin pour BicBucStriim" - }, "example": "/bbs", "default": "/bbs" }, { "name": "admin", "type": "user", - "ask": { - "en": "Choose an admin user", - "fr": "Choisissez l’administrateur" - }, "example": "johndoe" }, { @@ -71,10 +59,6 @@ { "name": "is_public", "type": "boolean", - "ask": { - "en": "Is it a public application?", - "fr": "Est-ce une application publique ?" - }, "default": true } ] diff --git a/scripts/backup b/scripts/backup index 3c25ac4..6dd5e1d 100644 --- a/scripts/backup +++ b/scripts/backup @@ -24,6 +24,7 @@ app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app=$app --key=domain) phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) admin=$(ynh_app_setting_get --app=$app --key=admin) +phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= # DECLARE DATA AND CONF FILES TO BACKUP @@ -45,6 +46,13 @@ ynh_backup "$books_path" "data" ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" + +#================================================= +# BACKUP THE PHP-FPM CONFIGURATION +#================================================= + +ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" + #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/install b/scripts/install index e2afdd9..95f8a2b 100644 --- a/scripts/install +++ b/scripts/install @@ -55,6 +55,14 @@ ynh_app_setting_set --app=$app --key=path --value=$path_url ynh_app_setting_set --app=$app --key=admin --value=$admin ynh_app_setting_set --app=$app --key=is_public --value=$is_public +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Configuring system user..." --weight=1 + +# Create a system user +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -64,14 +72,9 @@ ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" -# # Copy source files -# #src_path=/var/www/$app -# mkdir -p $final_path -# wget -q -P "$final_path" http://projekte.textmulch.de/bicbucstriim/downloads/BicBucStriim-1.3.6.zip -O "$final_path"/bbs.zip -# unzip -q "$final_path"/bbs.zip -d "$final_path" -# cp -R "$final_path"/BicBucStriim-1.3.6/* "$final_path" -# rm "$final_path"/bbs.zip -# rm -rf "$final_path"/BicBucStriim-1.3.6 +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" #================================================= # NGINX CONFIGURATION @@ -81,21 +84,13 @@ ynh_script_progression --message="Configuring NGINX web server..." --weight=2 # Create a dedicated NGINX config ynh_add_nginx_config -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." --weight=1 - -# Create a system user -ynh_system_user_create --username=$app - #================================================= # PHP-FPM CONFIGURATION #================================================= ynh_script_progression --message="Configuring PHP-FPM..." --weight=2 # Create a dedicated PHP-FPM config -ynh_add_fpm_config --phpversion=$YNH_PHP_VERSION --package="$extra_php_dependencies" +ynh_add_fpm_config --package="$extra_php_dependencies" phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= @@ -116,12 +111,6 @@ fi # SECURE FILES AND DIRECTORIES #================================================= -# Set permissions to app files -chown -R root: $final_path -chmod -R ga+w $final_path/data -chown -R $admin "$books_path" - - cp password.php $final_path/ynh_password.php cd $final_path hash=$(php ynh_password.php $admin_pwd) @@ -141,14 +130,14 @@ cd - #================================================= # SETUP SSOWAT #================================================= -ynh_script_progression --message="Configuring SSOwat..." --weight=1 +ynh_script_progression --message="Configuring permissions..." --weight=1 -# If app is public, add url to SSOWat conf as skipped_uris -if [[ $is_public -eq 1 ]]; then - # unprotected_uris allows SSO credentials to be passed anyway. - ynh_app_setting_set "$app" unprotected_uris "/" -else - ynh_app_setting_set "$app" skipped_uris "/img/,/js/,/style/" +# Make app public if necessary +if [ $is_public -eq 1 ] +then + # Everyone can access the app. + # The "main" permission is automatically created before the install script. + ynh_permission_update --permission="main" --add="visitors" fi #================================================= diff --git a/scripts/restore b/scripts/restore index 95ce404..d23f0a5 100644 --- a/scripts/restore +++ b/scripts/restore @@ -26,6 +26,7 @@ app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get "$app" domain) path=$(ynh_app_setting_get "$app" path) admin=$(ynh_app_setting_get "$app" admin) + #================================================= # CHECK IF THE APP CAN BE RESTORED #================================================= @@ -44,6 +45,14 @@ test ! -d $final_path \ ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" +#================================================= +# RECREATE THE DEDICATED USER +#================================================= +ynh_script_progression --message="Recreating the dedicated system user..." --weight=1 + +# Create the dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # RESTORE THE APP MAIN DIR #================================================= @@ -51,13 +60,9 @@ ynh_script_progression --message="Restoring the app main directory..." --weight= ynh_restore_file --origin_path="$final_path" -#================================================= -# RECREATE THE DEDICATED USER -#================================================= -ynh_script_progression --message="Recreating the dedicated system user..." --weight=1 - -# Create the dedicated user (if not existing) -ynh_system_user_create --username=$app +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" #================================================= # RESTORE USER RIGHTS @@ -74,8 +79,7 @@ ynh_script_progression --message="Reconfiguring PHP-FPM..." --weight=50 ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" -ynh_add_fpm_config --phpversion=$YNH_PHP_VERSION --package="$extra_php_dependencies" - +ynh_add_fpm_config --package="$extra_php_dependencies" # # Restore sources & data diff --git a/scripts/upgrade b/scripts/upgrade index 8a4bb00..ddd7dfe 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -12,7 +12,7 @@ source /usr/share/yunohost/helpers #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading installation settings..." --weight=1 +ynh_script_progression --message="Loading installation settings..." --weight=1 app=$YNH_APP_INSTANCE_NAME @@ -21,6 +21,7 @@ path=$(ynh_app_setting_get "$app" path) admin=$(ynh_app_setting_get "$app" admin) is_public=$(ynh_app_setting_get "$app" is_public) language=$(ynh_app_setting_get "$app" language) +phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= # CHECK VERSION @@ -28,23 +29,6 @@ language=$(ynh_app_setting_get "$app" language) upgrade_type=$(ynh_check_app_version_changed) -#================================================= -# ENSURE DOWNWARD COMPATIBILITY -#================================================= -ynh_script_progression --message="Ensuring downward compatibility..." --weight=2 - -# If final_path doesn't exist, create it -if [ -z "$final_path" ]; then - final_path=/var/www/$app - ynh_app_setting_set --app=$app --key=final_path --value=$final_path -fi - -# If db_name doesn't exist, create it -if [ -z "$db_name" ]; then - db_name=$(ynh_sanitize_dbid --db_name=$app) - ynh_app_setting_set --app=$app --key=db_name --value=$db_name -fi - #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= @@ -59,6 +43,38 @@ ynh_clean_setup () { # Exit if an error occurs during the execution of the script ynh_abort_if_errors +#================================================= +# ENSURE DOWNWARD COMPATIBILITY +#================================================= +ynh_script_progression --message="Ensuring downward compatibility..." --weight=2 + +# If final_path doesn't exist, create it +if [ -z "$final_path" ]; then + final_path=/var/www/$app + ynh_app_setting_set --app=$app --key=final_path --value=$final_path +fi + +# If db_name doesn't exist, create it +if [ -z "$db_name" ]; then + db_name=$(ynh_sanitize_dbid --db_name=$app) + ynh_app_setting_set --app=$app --key=db_name --value=$db_name +fi + +# Cleaning legacy permissions +if ynh_legacy_permissions_exists; then + ynh_legacy_permissions_delete_all + + ynh_app_setting_delete --app=$app --key=is_public +fi + +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Configuring system user..." --weight=1 + +# Create a system user +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # STANDARD UPGRADE STEPS #================================================= @@ -76,23 +92,9 @@ then ynh_setup_source --dest_dir="$final_path" fi -#================================================= -# DOWNLOAD, CHECK AND UNPACK SOURCE -#================================================= -# ynh_script_progression --message="Setting up source files..." --weight=7 - -# ynh_app_setting_set --app=$app --key=final_path --value=$final_path -# # Download, check integrity, uncompress and patch the source from app.src -# #ynh_setup_source --dest_dir="$final_path" - -# # Copy source files -# #src_path=/var/www/$app -# mkdir -p $final_path -# wget -q -P "$final_path" http://projekte.textmulch.de/bicbucstriim/downloads/BicBucStriim-1.3.6.zip -O "$final_path"/bbs.zip -# unzip -q "$final_path"/bbs.zip -d "$final_path" -# cp -R "$final_path"/BicBucStriim-1.3.6/* "$final_path" -# rm "$final_path"/bbs.zip -# rm -rf "$final_path"/BicBucStriim-1.3.6 +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" #================================================= # NGINX CONFIGURATION @@ -102,41 +104,13 @@ ynh_script_progression --message="Configuring NGINX web server..." --weight=2 # Create a dedicated NGINX config ynh_add_nginx_config -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." --weight=1 - -# Create a system user -ynh_system_user_create --username=$app - #================================================= # PHP-FPM CONFIGURATION #================================================= ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=2 # Create a dedicated PHP-FPM config -ynh_add_fpm_config --phpversion=$YNH_PHP_VERSION --package="$extra_php_dependencies" - -#================================================= -# SECURE FILES AND DIRECTORIES -#================================================= -books_path=/home/$admin/calibre_library - -# Set permissions to app files -chown -R root: $final_path -#chmod -R ga+w $final_path/data -#chown -R $admin "$books_path" - -#================================================= -# SETUP SSOWAT -#================================================= - -# If app is public, add url to SSOWat conf as skipped_uris -if [[ $is_public -eq 1 ]]; then - # See install script - ynh_app_setting_set "$app" unprotected_uris "/" -fi +ynh_add_fpm_config --package="$extra_php_dependencies" #================================================= # GENERIC FINALIZATION