#!/bin/bash # ============================================================================= # YUNOHOST 2.7 FORTHCOMING HELPERS # ============================================================================= # Create a dedicated nginx config # # usage: ynh_add_nginx_config ynh_add_nginx_config () { finalnginxconf="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_backup_if_checksum_is_different "$finalnginxconf" sudo cp ../conf/nginx.conf "$finalnginxconf" # To avoid a break by set -u, use a void substitution ${var:-}. If the variable is not set, it's simply set with an empty variable. # Substitute in a nginx config file only if the variable is not empty if test -n "${path_url:-}"; then ynh_replace_string "__PATH__" "$path_url" "$finalnginxconf" fi if test -n "${domain:-}"; then ynh_replace_string "__DOMAIN__" "$domain" "$finalnginxconf" fi if test -n "${port:-}"; then ynh_replace_string "__PORT__" "$port" "$finalnginxconf" fi if test -n "${app:-}"; then ynh_replace_string "__NAME__" "$app" "$finalnginxconf" fi if test -n "${final_path:-}"; then ynh_replace_string "__FINALPATH__" "$final_path" "$finalnginxconf" fi ynh_store_file_checksum "$finalnginxconf" sudo systemctl reload nginx } # Remove the dedicated nginx config # # usage: ynh_remove_nginx_config ynh_remove_nginx_config () { ynh_secure_remove "/etc/nginx/conf.d/$domain.d/$app.conf" sudo systemctl reload nginx } # Create a dedicated php-fpm config # # usage: ynh_add_fpm_config ynh_add_fpm_config () { finalphpconf="/etc/php5/fpm/pool.d/$app.conf" ynh_backup_if_checksum_is_different "$finalphpconf" sudo cp ../conf/php-fpm.conf "$finalphpconf" ynh_replace_string "__NAMETOCHANGE__" "$app" "$finalphpconf" ynh_replace_string "__FINALPATH__" "$final_path" "$finalphpconf" ynh_replace_string "__USER__" "$app" "$finalphpconf" sudo chown root: "$finalphpconf" ynh_store_file_checksum "$finalphpconf" if [ -e "../conf/php-fpm.ini" ] then finalphpini="/etc/php5/fpm/conf.d/20-$app.ini" ynh_backup_if_checksum_is_different "$finalphpini" sudo cp ../conf/php-fpm.ini "$finalphpini" sudo chown root: "$finalphpini" ynh_store_file_checksum "$finalphpini" fi sudo systemctl reload php5-fpm } # Remove the dedicated php-fpm config # # usage: ynh_remove_fpm_config ynh_remove_fpm_config () { ynh_secure_remove "/etc/php5/fpm/pool.d/$app.conf" ynh_secure_remove "/etc/php5/fpm/conf.d/20-$app.ini" 2>&1 sudo systemctl reload php5-fpm } # Create a dedicated systemd config # # usage: ynh_add_systemd_config ynh_add_systemd_config () { finalsystemdconf="/etc/systemd/system/$app.service" ynh_backup_if_checksum_is_different "$finalsystemdconf" sudo cp ../conf/systemd.service "$finalsystemdconf" # To avoid a break by set -u, use a void substitution ${var:-}. If the variable is not set, it's simply set with an empty variable. # Substitute in a nginx config file only if the variable is not empty if test -n "${final_path:-}"; then ynh_replace_string "__FINALPATH__" "$final_path" "$finalsystemdconf" fi if test -n "${app:-}"; then ynh_replace_string "__APP__" "$app" "$finalsystemdconf" fi ynh_store_file_checksum "$finalsystemdconf" sudo chown root: "$finalsystemdconf" sudo systemctl enable $app sudo systemctl daemon-reload } # Remove the dedicated systemd config # # usage: ynh_remove_systemd_config ynh_remove_systemd_config () { finalsystemdconf="/etc/systemd/system/$app.service" if [ -e "$finalsystemdconf" ]; then sudo systemctl stop $app sudo systemctl disable $app ynh_secure_remove "$finalsystemdconf" fi } #================================================= # POSTGRES HELPERS #================================================= # Open a connection as a user # # example: ynh_psql_connect_as 'user' 'pass' <<< "UPDATE ...;" # example: ynh_psql_connect_as 'user' 'pass' < /path/to/file.sql # # usage: ynh_psql_connect_as user pwd [db] # | arg: user - the user name to connect as # | arg: pwd - the user password # | arg: db - the database to connect to ynh_psql_connect_as() { user="$1" pwd="$2" db="$3" su --command="PGUSER=\"${user}\" PGPASSWORD=\"${pwd}\" psql \"${db}\"" postgres } # # Execute a command as root user # # usage: ynh_psql_execute_as_root sql [db] # | arg: sql - the SQL command to execute # | arg: db - the database to connect to ynh_psql_execute_as_root () { sql="$1" su --command="psql" postgres <<< "$sql" } # Execute a command from a file as root user # # usage: ynh_psql_execute_file_as_root file [db] # | arg: file - the file containing SQL commands # | arg: db - the database to connect to ynh_psql_execute_file_as_root() { file="$1" db="$2" su -c "psql $db" postgres < "$file" } # Create a database, an user and its password. Then store the password in the app's config # # After executing this helper, the password of the created database will be available in $db_pwd # It will also be stored as "psqlpwd" into the app settings. # # usage: ynh_psql_setup_db user name [pwd] # | arg: user - Owner of the database # | arg: name - Name of the database # | arg: pwd - Password of the database. If not given, a password will be generated ynh_psql_setup_db () { db_user="$1" app="$1" db_name="$2" new_db_pwd=$(ynh_string_random) # Generate a random password # If $3 is not given, use new_db_pwd instead for db_pwd. db_pwd="${3:-$new_db_pwd}" ynh_psql_create_db "$db_name" "$db_user" "$db_pwd" # Create the database ynh_app_setting_set "$app" psqlpwd "$db_pwd" # Store the password in the app's config } # Create a database and grant optionnaly privilegies to a user # # usage: ynh_psql_create_db db [user [pwd]] # | arg: db - the database name to create # | arg: user - the user to grant privilegies # | arg: pwd - the user password ynh_psql_create_db() { db="$1" user="$2" pwd="$3" ynh_psql_create_user "$user" "$pwd" su --command="createdb --owner=\"${user}\" \"${db}\"" postgres } # Drop a database # # usage: ynh_psql_drop_db db user # | arg: db - the database name to drop # | arg: user - the user to drop ynh_psql_remove_db() { db="$1" user="$2" su --command="dropdb \"${db}\"" postgres ynh_psql_drop_user "${user}" } # Dump a database # # example: ynh_psql_dump_db 'roundcube' > ./dump.sql # # usage: ynh_psql_dump_db db # | arg: db - the database name to dump # | ret: the psqldump output ynh_psql_dump_db() { db="$1" su --command="pg_dump \"${db}\"" postgres } # Create a user # # usage: ynh_psql_create_user user pwd [host] # | arg: user - the user name to create ynh_psql_create_user() { user="$1" pwd="$2" su --command="psql -c\"CREATE USER ${user} WITH PASSWORD '${pwd}'\"" postgres } # Drop a user # # usage: ynh_psql_drop_user user # | arg: user - the user name to drop ynh_psql_drop_user() { user="$1" su --command="dropuser \"${user}\"" postgres } ynh_psql_test_if_first_run() { if [ -f /etc/yunohost/psql ]; then echo "PostgreSQL is already installed, no need to create master password" else pgsql=$(ynh_string_random) pg_hba="" echo "$pgsql" >> /etc/yunohost/psql if [ -e /etc/postgresql/9.4/ ] then pg_hba=/etc/postgresql/9.4/main/pg_hba.conf elif [ -e /etc/postgresql/9.6/ ] then pg_hba=/etc/postgresql/9.6/main/pg_hba.conf else ynh_die "postgresql shoud be 9.4 or 9.6" fi systemctl start postgresql su --command="psql -c\"ALTER user postgres WITH PASSWORD '${pgsql}'\"" postgres # we can't use peer since YunoHost create users with nologin sed -i '/local\s*all\s*all\s*peer/i \ local all all password' "$pg_hba" systemctl enable postgresql systemctl reload postgresql fi }