correction

conf/nginx.conf

@@ -18,6 +18,16 @@ location YNH_EXAMPLE_PATH {
 		fastcgi_param SCRIPT_FILENAME $request_filename;
 	}
 	
+	location ~ (uploads|private|thumbs) {
+                deny all;
+        }
+        location ~ core {
+                deny all;
+                location ~* \.js$ {
+                        allow all;
+                }
+        }
+	
 	# Include SSOWAT user panel.
 	include conf.d/yunohost_panel.conf.inc;
 }

scripts/install

@@ -32,25 +32,21 @@ sudo yunohost app setting $app is_public -v "$is_public"
 sudo yunohost app setting $app domain -v "$domain"
 sudo yunohost app setting $app path -v "$path"
 
-#create path for copying
+# Create path for copying
 final_path=/var/www/$app
 sudo mkdir -p $final_path
-data_path=/home/yunohost.app/$app
-sudo mkdir -p $data_path
 
-#copy files to final folder and set permissions
+# Copy files to final folder and set permissions
 sudo cp -R ../sources/* $final_path/
 sudo find $final_path -type f -name ".htaccess" | xargs sudo rm
-
-#setup permissions
 sudo chown -R root: $final_path
 sudo find $final_path -type f | xargs sudo chmod 644
 sudo find $final_path -type d | xargs sudo chmod 755
-sudo chown -R www-data: $data_path
-sudo find $data_path -type f | xargs sudo chmod 644
-sudo find $data_path -type d | xargs sudo chmod 755
 
-#configure nginx settings
+# Configure config file
+sudo sed -i "s@'en'@$default_lang'@g" $final_path/config.php
+
+# Configure nginx settings
 folder_path=${path%/}
 sudo sed -i "s@YNH_EXAMPLE_PATH@$path@g" ../conf/nginx.conf
 # If path is only / (without subfolder), add trailing slash to alias
@@ -60,35 +56,30 @@ sudo sed -i "s@YNH_EXAMPLE_ALIAS@$alias_path@g" ../conf/nginx.conf
 sudo sed -i "s@YNH_EXAMPLE_FOLDER@$folder_path@g" ../conf/nginx.conf
 sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf
 
-#temporary set public accessible
+# Temporary set public accessible
 sudo yunohost app setting $app unprotected_uris -v "/"
 
 # Restart services
 sudo service nginx reload
 sudo yunohost app ssowatconf
 
-#temporary add domain name to /etc/hosts
+# Temporary add domain name to /etc/hosts
 sudo sed -i "1 i\127.0.0.1 $domain #bozon_hosts" /etc/hosts
 
-# Configure config file
-sudo sed -i "s@'uploads/'@'/home/yunohost.app/$app/uploads/'@g" $final_path/config.php
-sudo sed -i "s@'private/'@'/home/yunohost.app/$app/private/'@g" $final_path/config.php
-
 #make request to install app
 #get the html page 
-curl_path=$([ "$path" == "/" ] || echo $path)
+#curl_path=$([ "$path" == "/" ] || echo $path)
 #curl -kL -o install_page.html https://$domain$curl_path/index.php?p=admin >/dev/null 2>&1
 
 
 #get the token for form validation
 #token=$(cat install_page.html | grep "input" | grep "token" | tail -1 | cut -d' ' -f3 | cut -d'"' -f2)
 #send http POST values
-#curl -k -X POST \
+curl -k -X POST \
   --data-urlencode "login=$admin" \
   --data-urlencode "pass=$password" \
   --data-urlencode "confirm=$password" \
-  --data-urlencode "token=$token" \
-  https://$domain$curl_path/index.php?p=admin > /dev/null 2>&1
+  https://$domain$curl_path/index.php?p=login > /dev/null 2>&1
 
 #remove domain name from /etc/hosts
 sudo sed -i "/#bozon_hosts/d" /etc/hosts
@@ -99,11 +90,11 @@ then
   sudo yunohost app setting $app unprotected_uris -d
 fi
 
-#adding admin to the allowed users
+# Adding admin to the allowed users
 sudo yunohost app addaccess $app -u $admin
 
-#allow only allowed users to access admin panel
-#sudo yunohost app setting bozon protected_uris -v "/core/admin/"
+# Allow only allowed users to access admin panel
+sudo yunohost app setting bozon protected_uris -v "index.php?p=login"
 
 # Restart services
 sudo service nginx reload