diff --git a/check_process b/check_process index 5598173..7e60bfa 100644 --- a/check_process +++ b/check_process @@ -1,10 +1,10 @@ ;; Test complet ; Manifest - domain="domain.tld" (DOMAIN) - admin="john" (USER) + domain="domain.tld" + admin="john" admin_password="secret" language="en" - is_public=1 (PUBLIC|public=1|private=0) + is_public=1 ; Checks pkg_linter=1 setup_sub_dir=0 diff --git a/manifest.json b/manifest.json index 6e400a0..6554c7e 100644 --- a/manifest.json +++ b/manifest.json @@ -14,7 +14,7 @@ "email": "jimmy@monin.net" }, "requirements": { - "yunohost": ">= 4.1.7" + "yunohost": ">= 4.2.0" }, "multi_instance": true, "services": [ diff --git a/scripts/_common.sh b/scripts/_common.sh index 83c96be..49bfa34 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -6,6 +6,9 @@ YNH_PHP_VERSION="7.3" +# Composer version +YNH_COMPOSER_VERSION="2.0.13" + extra_php_dependencies="php${YNH_PHP_VERSION}-gd php${YNH_PHP_VERSION}-mbstring php${YNH_PHP_VERSION}-xml php${YNH_PHP_VERSION}-mysql php${YNH_PHP_VERSION}-sqlite3" #================================================= @@ -22,80 +25,6 @@ exec_artisan() { # EXPERIMENTAL HELPERS #================================================= -# Execute a command as another user -# usage: exec_as USER COMMAND [ARG ...] -ynh_exec_as() { - local USER=$1 - shift 1 - - if [[ $USER = $(whoami) ]]; then - eval "$@" - else - sudo -u "$USER" "$@" - fi -} - - -readonly YNH_DEFAULT_COMPOSER_VERSION=1.10.17 -# Declare the actual composer version to use. -# A packager willing to use another version of composer can override the variable into its _common.sh. -YNH_COMPOSER_VERSION=${YNH_COMPOSER_VERSION:-$YNH_DEFAULT_COMPOSER_VERSION} - -# Execute a command with Composer -# -# usage: ynh_composer_exec [--phpversion=phpversion] [--workdir=$final_path] --commands="commands" -# | arg: -v, --phpversion - PHP version to use with composer -# | arg: -w, --workdir - The directory from where the command will be executed. Default $final_path. -# | arg: -c, --commands - Commands to execute. -ynh_composer_exec () { - # Declare an array to define the options of this helper. - local legacy_args=vwc - declare -Ar args_array=( [v]=phpversion= [w]=workdir= [c]=commands= ) - local phpversion - local workdir - local commands - # Manage arguments with getopts - ynh_handle_getopts_args "$@" - workdir="${workdir:-$final_path}" - phpversion="${phpversion:-$YNH_PHP_VERSION}" - - COMPOSER_HOME="$workdir/.composer" \ - php${phpversion} "$workdir/composer.phar" $commands \ - -d "$workdir" --quiet --no-interaction -} - -# Install and initialize Composer in the given directory -# -# usage: ynh_install_composer [--phpversion=phpversion] [--workdir=$final_path] [--install_args="--optimize-autoloader"] [--composerversion=composerversion] -# | arg: -v, --phpversion - PHP version to use with composer -# | arg: -w, --workdir - The directory from where the command will be executed. Default $final_path. -# | arg: -a, --install_args - Additional arguments provided to the composer install. Argument --no-dev already include -# | arg: -c, --composerversion - Composer version to install -ynh_install_composer () { - # Declare an array to define the options of this helper. - local legacy_args=vwa - declare -Ar args_array=( [v]=phpversion= [w]=workdir= [a]=install_args= [c]=composerversion=) - local phpversion - local workdir - local install_args - local composerversion - # Manage arguments with getopts - ynh_handle_getopts_args "$@" - workdir="${workdir:-$final_path}" - phpversion="${phpversion:-$YNH_PHP_VERSION}" - install_args="${install_args:-}" - composerversion="${composerversion:-$YNH_COMPOSER_VERSION}" - - curl -sS https://getcomposer.org/installer \ - | COMPOSER_HOME="$workdir/.composer" \ - php${phpversion} -- --quiet --install-dir="$workdir" --version=$composerversion \ - || ynh_die "Unable to install Composer." - - # update dependencies to create composer.lock - ynh_composer_exec --phpversion="${phpversion}" --workdir="$workdir" --commands="install --no-dev $install_args" \ - || ynh_die "Unable to update core dependencies with Composer." -} - #================================================= # FUTURE OFFICIAL HELPERS #================================================= diff --git a/scripts/install b/scripts/install index 1ecbab6..af48e0b 100644 --- a/scripts/install +++ b/scripts/install @@ -70,6 +70,14 @@ db_user=$db_name ynh_app_setting_set --app=$app --key=db_name --value=$db_name ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Configuring system user..." --weight=2 + +# Create a system user +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -79,6 +87,10 @@ ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + #================================================= # NGINX CONFIGURATION #================================================= @@ -87,14 +99,6 @@ ynh_script_progression --message="Configuring NGINX web server..." --weight=1 # Create a dedicated NGINX config ynh_add_nginx_config -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." --weight=2 - -# Create a system user -ynh_system_user_create --username=$app - #================================================= # PHP-FPM CONFIGURATION #================================================= @@ -150,6 +154,8 @@ exec_artisan "cachet:install" # FINALIZE CACHET CONFIGURATION #================================================= +domain=$domain$path_url + # Populate MySQL database sql_conf="../conf/init-mysql.sql" ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain$path_url" --target_file="$sql_conf" @@ -166,22 +172,9 @@ ynh_mysql_connect_as --user="$db_name" --password="$db_pwd" --database="$db_name < "$sql_conf" # Create production.php to finalize installation -production_conf="$final_path/bootstrap/cachet/production.php" -cp ../conf/production.php $production_conf -ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain$path_url" --target_file="$production_conf" -ynh_replace_string --match_string="__LANGUAGE__" --replace_string="$language" --target_file="$production_conf" -chown $app: $final_path/bootstrap/cachet/production.php -ynh_store_file_checksum --file="$production_conf" - -#================================================= -# GENERIC FINALIZATION -#================================================= -# SECURE FILES AND DIRECTORIES -#================================================= - -# Set permissions to app files -chown -R root: $final_path -chown -R $app: "${final_path}/.env" "${final_path}/storage/" "${final_path}/bootstrap/" +domain=$domain$path_url +ynh_add_config --template="../conf/production.php" --destination="$final_path/bootstrap/cachet/production.php" +chown $app $final_path/bootstrap/cachet/production.php #================================================= # SETUP SSOWAT diff --git a/scripts/restore b/scripts/restore index 13e1968..b4e7bd5 100644 --- a/scripts/restore +++ b/scripts/restore @@ -51,6 +51,14 @@ test ! -d $final_path \ ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" +#================================================= +# RECREATE THE DEDICATED USER +#================================================= +ynh_script_progression --message="Recreating the dedicated system user..." --weight=3 + +# Create the dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # RESTORE THE APP MAIN DIR #================================================= @@ -58,21 +66,9 @@ ynh_script_progression --message="Restoring the app main directory..." --weight= ynh_restore_file --origin_path="$final_path" -#================================================= -# RECREATE THE DEDICATED USER -#================================================= -ynh_script_progression --message="Recreating the dedicated system user..." --weight=3 - -# Create the dedicated user (if not existing) -ynh_system_user_create --username=$app - -#================================================= -# RESTORE USER RIGHTS -#================================================= - -# Restore permissions on app files -chown -R root: $final_path -chown -R $app: "${final_path}/.env" "${final_path}/storage/" "${final_path}/bootstrap/" +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" #================================================= # RESTORE THE PHP-FPM CONFIGURATION diff --git a/scripts/upgrade b/scripts/upgrade index f5c4674..aa9dd0d 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -29,6 +29,20 @@ db_name=$(ynh_app_setting_get --app=$app --key=db_name) upgrade_type=$(ynh_check_app_version_changed) +#================================================= +# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +#================================================= +ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=4 + +# Backup the current version of the app +ynh_backup_before_upgrade +ynh_clean_setup () { + # restore it if the upgrade fails + ynh_restore_upgradebackup +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= @@ -53,20 +67,6 @@ if ynh_legacy_permissions_exists; then ynh_app_setting_delete --app=$app --key=is_public fi -#================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP -#================================================= -ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=4 - -# Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { - # restore it if the upgrade fails - ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - #================================================= # STANDARD UPGRADE STEPS #================================================= @@ -84,6 +84,14 @@ ynh_add_fpm_config --package="$extra_php_dependencies" # We need to have the required version of PHP, hence PHP-FPM block is executed beforehand exec_artisan "down" +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 + +# Create a dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -108,6 +116,10 @@ then ynh_secure_remove --file="$tmpdir" fi +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + #================================================= # NGINX CONFIGURATION #================================================= @@ -116,14 +128,6 @@ ynh_script_progression --message="Upgrading NGINX web server configuration..." - # Create a dedicated NGINX config ynh_add_nginx_config -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 - -# Create a dedicated user (if not existing) -ynh_system_user_create --username=$app - #================================================= # SPECIFIC UPGRADE #================================================= @@ -143,16 +147,6 @@ ynh_install_composer --install_args="--optimize-autoloader" exec_artisan "app:update" ynh_secure_remove --file=bootstrap/cache/* -#================================================= -# GENERIC FINALIZATION -#================================================= -# SECURE FILES AND DIRECTORIES -#================================================= - -# Set permissions on app files -chown -R root: $final_path -chown -R $app: "${final_path}/.env" "${final_path}/storage/" "${final_path}/bootstrap/" - #================================================= # SET MAINTENANCE MODE OFF #=================================================