diff --git a/scripts/backup b/scripts/backup index 89f6257..14de8e1 100644 --- a/scripts/backup +++ b/scripts/backup @@ -18,7 +18,7 @@ ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= -ynh_print_info --message="Backing up Converse..." +ynh_print_info --message="Loading installation settings..." app=$YNH_APP_INSTANCE_NAME @@ -46,4 +46,4 @@ ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" # END OF SCRIPT #================================================= -ynh_print_info --message="Backup script completed for Converse. (YunoHost will then actually copy those files to the archive)." +ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." diff --git a/scripts/change_url b/scripts/change_url index a0de805..1148530 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -34,7 +34,7 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path) #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= -ynh_script_progression --message="Backing up Converse before changing its URL (may take a while)..." --weight=2 +ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=2 # Backup the current version of the app ynh_backup_before_upgrade @@ -104,4 +104,4 @@ ynh_systemd_action --service_name=nginx --action=reload # END OF SCRIPT #================================================= -ynh_script_progression --message="Change of URL completed for Converse" --last +ynh_script_progression --message="Change of URL completed for $app" --last diff --git a/scripts/install b/scripts/install index 4b8e439..5b26b47 100755 --- a/scripts/install +++ b/scripts/install @@ -46,6 +46,14 @@ ynh_script_progression --message="Storing installation settings..." --weight=2 ynh_app_setting_set --app=$app --key=domain --value=$domain ynh_app_setting_set --app=$app --key=path --value=$path_url +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Configuring system user..." --weight=1 + +# Create a system user +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # STANDARD MODIFICATIONS #================================================= @@ -61,6 +69,10 @@ mkdir -p $final_path && cp -a ../sources/* $final_path ynh_replace_string --match_string="__PATH__" --replace_string="$path_url" --target_file="$final_path/index.html" ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$final_path/index.html" +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + #================================================= # NGINX CONFIGURATION #================================================= @@ -69,15 +81,6 @@ ynh_script_progression --message="Configuring NGINX web server..." --weight=2 # Create a dedicated NGINX config ynh_add_nginx_config -#================================================= -# GENERIC FINALIZATION -#================================================= -# SECURE FILES AND DIRECTORIES -#================================================= - -# Set permissions to app files -chown -R root: $final_path - #================================================= # SETUP SSOWAT #================================================= @@ -99,4 +102,4 @@ ynh_systemd_action --service_name=nginx --action=reload # END OF SCRIPT #================================================= -ynh_script_progression --message="Installation of Converse completed" --last +ynh_script_progression --message="Installation of $app completed" --last diff --git a/scripts/remove b/scripts/remove index 5515180..b07dbbe 100755 --- a/scripts/remove +++ b/scripts/remove @@ -23,11 +23,19 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path) #================================================= # REMOVE APP MAIN DIR #================================================= -ynh_script_progression --message="Removing Converse main directory..." --weight=3 +ynh_script_progression --message="Removing app main directory..." --weight=3 # Remove the app directory securely ynh_secure_remove --file="$final_path" +#================================================= +# REMOVE DEDICATED USER +#================================================= +ynh_script_progression --message="Removing the dedicated system user..." --weight=1 + +# Delete a system user +ynh_system_user_delete --username=$app + #================================================= # REMOVE NGINX CONFIGURATION #================================================= @@ -40,4 +48,4 @@ ynh_remove_nginx_config # END OF SCRIPT #================================================= -ynh_script_progression --message="Removal of Converse completed" --last +ynh_script_progression --message="Removal of $app completed" --last diff --git a/scripts/restore b/scripts/restore index e7611d4..13a821f 100644 --- a/scripts/restore +++ b/scripts/restore @@ -43,19 +43,24 @@ test ! -d $final_path \ ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" +#================================================= +# RECREATE THE DEDICATED USER +#================================================= +ynh_script_progression --message="Recreating the dedicated system user..." --weight=1 + +# Create the dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # RESTORE THE APP MAIN DIR #================================================= -ynh_script_progression --message="Restoring Converse main directory..." --weight=2 +ynh_script_progression --message="Restoring the app main directory..." --weight=2 ynh_restore_file --origin_path="$final_path" -#================================================= -# RESTORE USER RIGHTS -#================================================= - -# Restore permissions on app files -chown -R root: $final_path +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" #================================================= # GENERIC FINALIZATION @@ -70,4 +75,4 @@ ynh_systemd_action --service_name=nginx --action=reload # END OF SCRIPT #================================================= -ynh_script_progression --message="Restoration completed for Converse" --last +ynh_script_progression --message="Restoration completed for $app" --last diff --git a/scripts/upgrade b/scripts/upgrade index 2ef7ba6..74b243e 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -25,6 +25,20 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path) upgrade_type=$(ynh_check_app_version_changed) +#================================================= +# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +#================================================= +ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=3 + +# Backup the current version of the app +ynh_backup_before_upgrade +ynh_clean_setup () { + # restore it if the upgrade fails + ynh_restore_upgradebackup +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= @@ -44,18 +58,12 @@ if ynh_legacy_permissions_exists; then fi #================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +# CREATE DEDICATED USER #================================================= -ynh_script_progression --message="Backing up Converse before upgrading (may take a while)..." --weight=3 +ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 -# Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { - # restore it if the upgrade fails - ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors +# Create a dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE @@ -74,6 +82,10 @@ then ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$final_path/index.html" fi +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + #================================================= # NGINX CONFIGURATION #================================================= @@ -82,13 +94,6 @@ ynh_script_progression --message="Upgrading NGINX web server configuration..." - # Create a dedicated NGINX config ynh_add_nginx_config -#================================================= -# SECURE FILES AND DIRECTORIES -#================================================= - -# Set permissions on app files -chown -R root: $final_path - #================================================= # RELOAD NGINX #================================================= @@ -100,4 +105,4 @@ ynh_systemd_action --service_name=nginx --action=reload # END OF SCRIPT #================================================= -ynh_script_progression --message="Upgrade of Converse completed" --last +ynh_script_progression --message="Upgrade of $app completed" --last