cops_ynh/scripts/install

#!/bin/bash
#set -eu

# Charge les fonctions génériques habituellement utilisées dans le script
#source fonctions

# Active trap pour arrêter le script si une erreur est détectée.
EXIT_PROPERLY () {      # Provoque l'arrêt du script en cas d'erreur. Et nettoye les résidus.
        exit_code=$?
        if [ "$exit_code" -eq 0 ]; then
                        exit 0  # Quitte sans erreur si le script se termine correctement.
        fi
        trap '' EXIT
        set +eu
        echo -e "\e[91m \e[1m"  # Shell in light red bold
        echo -e "!!\n  $app install's script has encountered an error. Installation was cancelled.\n!!" >&2

        if type -t CLEAN_SETUP > /dev/null; then        # Vérifie l'existance de la fonction avant de l'exécuter.
                CLEAN_SETUP     # Appel la fonction de nettoyage spécifique du script install.
        fi

        # Compense le bug de ssowat qui ne supprime pas l'entrée de l'app en cas d'erreur d'installation.
        sudo sed -i "\@\"$domain$path/\":@d" /etc/ssowat/conf.json

        ynh_die
}

TRAP_ON () {    # Activate signal capture
        set -eu # Exit if a command fail, and if a variable is used unset.
        trap EXIT_PROPERLY EXIT # Capturing exit signals on shell script
}

TRAP_ON

# Source app helpers
source /usr/share/yunohost/helpers

# Retrieve arguments
app=$YNH_APP_INSTANCE_NAME
domain=$YNH_APP_ARG_DOMAIN
path=$YNH_APP_ARG_PATH
is_public=$YNH_APP_ARG_IS_PUBLIC
runninguser=$YNH_APP_ARG_RUNNINGUSER
calibre=$YNH_APP_ARG_CALIBRE

# No basic auth if app is private
if [ "$is_public" = "Yes" ];
then
	basicauthcreate=$YNH_APP_ARG_BASICAUTHCREATE
	basicauthname=$YNH_APP_ARG_BASICAUTHNAME
	basicauthpass=$YNH_APP_ARG_BASICAUTHPASS
else
	basicauthcreate="No"
fi

# We check variables are not empty
CHECK_VAR () {  # Vérifie que la variable n'est pas vide.
# $1 = Variable à vérifier
# $2 = Texte à afficher en cas d'erreur
        test -n "$1" || (echo "$2" >&2 && false)
}

CHECK_VAR "$app" "app name not set"

# Check the path value and correct it (adds / at begining and removes it at the end)
CHECK_PATH () { # Vérifie la présence du / en début de path. Et son absence à la fin.
        if [ "${path:0:1}" != "/" ]; then    # Si le premier caractère n'est pas un /
                path="/$path"    # Ajoute un / en début de path
        fi
        if [ "${path:${#path}-1}" == "/" ] && [ ${#path} -gt 1 ]; then    # Si le dernier caractère est un / et que ce n'est pas l$
                path="${path:0:${#path}-1}"     # Supprime le dernier caractère
        fi
}

CHECK_PATH;

# Check domain and path availibility
CHECK_DOMAINPATH () {   # Vérifie la disponibilité du path et du domaine.
        sudo yunohost app checkurl $domain$path -a $app
}

CHECK_DOMAINPATH

# Check destination folder is not used already
CHECK_FINALPATH () {    # Vérifie que le dossier de destination n'est pas déjà utilisé.
        final_path=/var/www/$app
        if [ -e "$final_path" ]
        then
                echo "This path already contains a folder" >&2
                false
        fi
}

CHECK_FINALPATH

# We check that calibre path is correct
CHECK_CALIBRE () {  # Vérifie la présence du / en début de path. Et son absence à la fin.
        if [ "${calibre:0:1}" != "/" ]; then    # Si le premier caractère n'est pas un /
                calibre="/$calibre"    # Ajoute un / en début de path
        fi
        if [ "${calibre:${#calibre}-1}" == "/" ] && [ ${#calibre} -gt 1 ]; then    # Si le dernier caractère est un / $
                calibre="${calibre:0:${#calibre}-1}"        # Supprime le dernier caractère
        fi
}

CHECK_CALIBRE;

final_path=/var/www/$app

# Define variables and Save app settings
ynh_app_setting_set "$app" domain "$domain"
#ynh_app_setting_set "$app" path "$path"
ynh_app_setting_set "$app" is_public "$is_public"
ynh_app_setting_set "$app" final_path "$final_path"
ynh_app_setting_set "$app" runninguser "$runninguser"
ynh_app_setting_set "$app" calibre "$calibre"
ynh_app_setting_set "$app" basicauthcreate "$basicauthcreate"

finalnginxconf="/etc/nginx/conf.d/${domain}.d/${app}.conf"
ynh_app_setting_set "$app" finalnginxconf "$finalnginxconf"

finalphpconf="/etc/php5/fpm/pool.d/${app}.conf"
ynh_app_setting_set "$app" finalphpconf "$finalphpconf"

# We install dependencies
sudo apt-get update -y
sudo apt-get install php5-gd php5-sqlite php5-json php5-intl -y

# Creation of folder
sudo mkdir -p $final_path

# We download the sources and check the md5sum
cops_file=`sudo cat ../sources/source_file`;
sudo wget -nv -i ../sources/source_url -O $cops_file
sudo md5sum -c ../sources/source_md5 --status || (echo "Corrupt source" >&2 && false)
sudo unzip ${cops_file} -d $final_path

# Site adjustments
sed -i "s@CALIBRETOCHANGE@$calibre@g" ../conf/config_local.php
timezone=`sudo cat /etc/timezone`;
sed -i "s@TIMEZONETOCHANGE@$timezone@g" ../conf/config_local.php

sudo cp ../conf/config_local.php $final_path
sudo cp ../conf/robots.txt $final_path

# Set permissions
sudo chmod 775 -R $final_path
sudo chown -hR $runninguser:$runninguser $final_path

# Add basic auth if requested
if [ "$basicauthcreate" = "Yes" ];
then
	ynh_app_setting_set "$app" basicauthname "$basicauthname"
	ynh_app_setting_set "$app" basicauthpass "$basicauthpass"

	# Generation of the htpasswd file according https://www.nginx.com/resources/wiki/community/faq/
	SALT="$(openssl rand -base64 3)"
	(SHA1=$(printf "$basicauthpass$SALT" |
	openssl dgst -binary -sha1 | xxd -ps |
	sed 's#$#'"`echo -n $SALT | xxd -ps`"'#' |
	xxd -r -ps |
	base64);printf "$basicauthname:{SSHA}$SHA1\n" >> ../sources/htpasswd)
	sudo cp ../sources/htpasswd $final_path
	sudo chmod 440 $final_path/htpasswd
	sudo chown www-data:www-data $final_path/htpasswd

	# Modif nginx
	sed -i "s|^.*\bauth_basic\b.*$|       auth_basic \"Private Library\";|" ../conf/nginx.conf;
	sed -i "s|^.*\bauth_basic_user_file\b.*$|       auth_basic_user_file $final_path/htpasswd;|" ../conf/nginx.conf;
else
	echo "No basic auth";
fi

# Modify Nginx configuration file and copy it to Nginx conf.d directory
sed -i "s@PATHTOCHANGE@$path@g" ../conf/nginx.conf
sed -i "s@ALIASTOCHANGE@$final_path/@g" ../conf/nginx.conf
sed -i "s@NAMETOCHANGE@$app@g" ../conf/nginx.conf
sudo cp ../conf/nginx.conf $finalnginxconf

# Modify php-fpm configuration file and copy it to php-fpm pool.d directory
sed -i "s@NAMETOCHANGE@$app@g" ../conf/php-fpm.conf
sed -i "s@FOLDERTOCHANGE@$final_path@g" ../conf/php-fpm.conf
sed -i "s@USERTOCHANGE@$runninguser@g" ../conf/php-fpm.conf
sudo cp ../conf/php-fpm.conf $finalphpconf
sudo chown root: $finalphpconf
sudo chmod 644 $finalphpconf

# Make app public if necessary
is_public=$(ynh_app_setting_get $app is_public)
if [ "$is_public" = "Yes" ];
then
	ynh_app_setting_set $app skipped_uris "/"
else
        ynh_app_setting_set $app protected_uris "/"
fi

# Reload Nginx and regenerate SSOwat conf
sudo service php5-fpm reload
sudo service nginx reload
sudo yunohost app ssowatconf
Initial scripts commit 2016-12-21 18:46:36 +01:00			`#!/bin/bash`
We download sources instead of having them in the depot 2016-12-23 21:24:09 +01:00			`#set -eu`
Initial scripts commit 2016-12-21 18:46:36 +01:00
			`# Charge les fonctions génériques habituellement utilisées dans le script`
Cleaning 2016-12-23 23:55:35 +01:00			`#source fonctions`
Initial scripts commit 2016-12-21 18:46:36 +01:00
			`# Active trap pour arrêter le script si une erreur est détectée.`
Activate TRAP for install script 2016-12-24 03:02:06 +01:00			`EXIT_PROPERLY () { # Provoque l'arrêt du script en cas d'erreur. Et nettoye les résidus.`
			`exit_code=$?`
			`if [ "$exit_code" -eq 0 ]; then`
			`exit 0 # Quitte sans erreur si le script se termine correctement.`
			`fi`
			`trap '' EXIT`
			`set +eu`
			`echo -e "\e[91m \e[1m" # Shell in light red bold`
			`echo -e "!!\n $app install's script has encountered an error. Installation was cancelled.\n!!" >&2`

			`if type -t CLEAN_SETUP > /dev/null; then # Vérifie l'existance de la fonction avant de l'exécuter.`
			`CLEAN_SETUP # Appel la fonction de nettoyage spécifique du script install.`
			`fi`

			`# Compense le bug de ssowat qui ne supprime pas l'entrée de l'app en cas d'erreur d'installation.`
			`sudo sed -i "\@\"$domain$path/\":@d" /etc/ssowat/conf.json`

			`ynh_die`
			`}`

			`TRAP_ON () { # Activate signal capture`
			`set -eu # Exit if a command fail, and if a variable is used unset.`
			`trap EXIT_PROPERLY EXIT # Capturing exit signals on shell script`
			`}`

			`TRAP_ON`
Initial scripts commit 2016-12-21 18:46:36 +01:00
			`# Source app helpers`
			`source /usr/share/yunohost/helpers`

			`# Retrieve arguments`
			`app=$YNH_APP_INSTANCE_NAME`
			`domain=$YNH_APP_ARG_DOMAIN`
			`path=$YNH_APP_ARG_PATH`
			`is_public=$YNH_APP_ARG_IS_PUBLIC`
Update of manifest.json to request further parameters 2016-12-22 03:42:11 +01:00			`runninguser=$YNH_APP_ARG_RUNNINGUSER`
Avoid path confusion in manifest.json 2016-12-23 23:02:50 +01:00			`calibre=$YNH_APP_ARG_CALIBRE`
No basicauth if app is private 2016-12-24 03:00:25 +01:00
			`# No basic auth if app is private`
			`if [ "$is_public" = "Yes" ];`
			`then`
			`basicauthcreate=$YNH_APP_ARG_BASICAUTHCREATE`
			`basicauthname=$YNH_APP_ARG_BASICAUTHNAME`
			`basicauthpass=$YNH_APP_ARG_BASICAUTHPASS`
			`else`
			`basicauthcreate="No"`
			`fi`
Initial scripts commit 2016-12-21 18:46:36 +01:00
			`# We check variables are not empty`
Cleaning 2016-12-23 23:55:35 +01:00			`CHECK_VAR () { # Vérifie que la variable n'est pas vide.`
			`# $1 = Variable à vérifier`
			`# $2 = Texte à afficher en cas d'erreur`
			`test -n "$1" \|\| (echo "$2" >&2 && false)`
			`}`

Initial scripts commit 2016-12-21 18:46:36 +01:00			`CHECK_VAR "$app" "app name not set"`

			`# Check the path value and correct it (adds / at begining and removes it at the end)`
Cleaning 2016-12-23 23:55:35 +01:00			`CHECK_PATH () { # Vérifie la présence du / en début de path. Et son absence à la fin.`
			`if [ "${path:0:1}" != "/" ]; then # Si le premier caractère n'est pas un /`
			`path="/$path" # Ajoute un / en début de path`
			`fi`
			`if [ "${path:${#path}-1}" == "/" ] && [ ${#path} -gt 1 ]; then # Si le dernier caractère est un / et que ce n'est pas l$`
			`path="${path:0:${#path}-1}" # Supprime le dernier caractère`
			`fi`
			`}`

We download sources instead of having them in the depot 2016-12-23 21:24:09 +01:00			`CHECK_PATH;`
Cleaning 2016-12-23 23:55:35 +01:00
Initial scripts commit 2016-12-21 18:46:36 +01:00			`# Check domain and path availibility`
Cleaning 2016-12-23 23:55:35 +01:00			`CHECK_DOMAINPATH () { # Vérifie la disponibilité du path et du domaine.`
			`sudo yunohost app checkurl $domain$path -a $app`
			`}`

Initial scripts commit 2016-12-21 18:46:36 +01:00			`CHECK_DOMAINPATH`
Cleaning 2016-12-23 23:55:35 +01:00
Initial scripts commit 2016-12-21 18:46:36 +01:00			`# Check destination folder is not used already`
Cleaning 2016-12-23 23:55:35 +01:00			`CHECK_FINALPATH () { # Vérifie que le dossier de destination n'est pas déjà utilisé.`
			`final_path=/var/www/$app`
			`if [ -e "$final_path" ]`
			`then`
			`echo "This path already contains a folder" >&2`
			`false`
			`fi`
			`}`

Initial scripts commit 2016-12-21 18:46:36 +01:00			`CHECK_FINALPATH`

Avoid path confusion in manifest.json 2016-12-23 23:02:50 +01:00			`# We check that calibre path is correct`
			`CHECK_CALIBRE () { # Vérifie la présence du / en début de path. Et son absence à la fin.`
			`if [ "${calibre:0:1}" != "/" ]; then # Si le premier caractère n'est pas un /`
			`calibre="/$calibre" # Ajoute un / en début de path`
			`fi`
			`if [ "${calibre:${#calibre}-1}" == "/" ] && [ ${#calibre} -gt 1 ]; then # Si le dernier caractère est un / $`
			`calibre="${calibre:0:${#calibre}-1}" # Supprime le dernier caractère`
			`fi`
			`}`

			`CHECK_CALIBRE;`
Re-order of checks 2016-12-23 22:01:37 +01:00
Initial scripts commit 2016-12-21 18:46:36 +01:00			`final_path=/var/www/$app`

			`# Define variables and Save app settings`
			`ynh_app_setting_set "$app" domain "$domain"`
No need to set path 2016-12-23 18:05:13 +01:00			`#ynh_app_setting_set "$app" path "$path"`
Initial scripts commit 2016-12-21 18:46:36 +01:00			`ynh_app_setting_set "$app" is_public "$is_public"`
			`ynh_app_setting_set "$app" final_path "$final_path"`
Update of manifest.json to request further parameters 2016-12-22 03:42:11 +01:00			`ynh_app_setting_set "$app" runninguser "$runninguser"`
Avoid path confusion in manifest.json 2016-12-23 23:02:50 +01:00			`ynh_app_setting_set "$app" calibre "$calibre"`
Cleaning 2016-12-22 13:22:16 +01:00			`ynh_app_setting_set "$app" basicauthcreate "$basicauthcreate"`
Initial scripts commit 2016-12-21 18:46:36 +01:00
			`finalnginxconf="/etc/nginx/conf.d/${domain}.d/${app}.conf"`
			`ynh_app_setting_set "$app" finalnginxconf "$finalnginxconf"`

			`finalphpconf="/etc/php5/fpm/pool.d/${app}.conf"`
			`ynh_app_setting_set "$app" finalphpconf "$finalphpconf"`

Installation of dependencies : php5-gd php5-sqlite php5-json php5-intl 2016-12-22 01:47:34 +01:00			`# We install dependencies`
options at the end for apt-get 2016-12-23 13:16:34 +01:00			`sudo apt-get update -y`
			`sudo apt-get install php5-gd php5-sqlite php5-json php5-intl -y`
Initial scripts commit 2016-12-21 18:46:36 +01:00
			`# Creation of folder`
			`sudo mkdir -p $final_path`

We download sources instead of having them in the depot 2016-12-23 21:24:09 +01:00			`# We download the sources and check the md5sum`
			cops_file=`sudo cat ../sources/source_file`;
Adjustments on md5sum 2016-12-23 21:59:20 +01:00			`sudo wget -nv -i ../sources/source_url -O $cops_file`
We download sources instead of having them in the depot 2016-12-23 21:24:09 +01:00			`sudo md5sum -c ../sources/source_md5 --status \|\| (echo "Corrupt source" >&2 && false)`
Adjustments on md5sum 2016-12-23 21:56:43 +01:00			`sudo unzip ${cops_file} -d $final_path`
We download sources instead of having them in the depot 2016-12-23 21:24:09 +01:00
Update of manifest.json to request further parameters 2016-12-22 03:42:11 +01:00			`# Site adjustments`
Avoid path confusion in manifest.json 2016-12-23 23:02:50 +01:00			`sed -i "s@CALIBRETOCHANGE@$calibre@g" ../conf/config_local.php`
Automatically adjust timezone 2016-12-22 14:08:07 +01:00			timezone=`sudo cat /etc/timezone`;
We download sources instead of having them in the depot 2016-12-23 21:24:09 +01:00			`sed -i "s@TIMEZONETOCHANGE@$timezone@g" ../conf/config_local.php`
Automatically adjust timezone 2016-12-22 14:08:07 +01:00
We download sources instead of having them in the depot 2016-12-23 21:24:09 +01:00			`sudo cp ../conf/config_local.php $final_path`
			`sudo cp ../conf/robots.txt $final_path`
Update of manifest.json to request further parameters 2016-12-22 03:42:11 +01:00
We download sources instead of having them in the depot 2016-12-23 21:24:09 +01:00			`# Set permissions`
			`sudo chmod 775 -R $final_path`
			`sudo chown -hR $runninguser:$runninguser $final_path`
Add Basic Auth capability for public OPDS/HTML Library 2016-12-22 13:01:20 +01:00
			`# Add basic auth if requested`
			`if [ "$basicauthcreate" = "Yes" ];`
			`then`
Cleaning 2016-12-23 23:55:35 +01:00			`ynh_app_setting_set "$app" basicauthname "$basicauthname"`
Add Basic Auth capability for public OPDS/HTML Library 2016-12-22 13:01:20 +01:00			`ynh_app_setting_set "$app" basicauthpass "$basicauthpass"`

			`# Generation of the htpasswd file according https://www.nginx.com/resources/wiki/community/faq/`
			`SALT="$(openssl rand -base64 3)"`
			`(SHA1=$(printf "$basicauthpass$SALT" \|`
			`openssl dgst -binary -sha1 \| xxd -ps \|`
			sed 's#$#'"`echo -n $SALT \| xxd -ps`"'#' \|
			`xxd -r -ps \|`
Cleaning 2016-12-23 23:55:35 +01:00			`base64);printf "$basicauthname:{SSHA}$SHA1\n" >> ../sources/htpasswd)`
We download sources instead of having them in the depot 2016-12-23 21:24:09 +01:00			`sudo cp ../sources/htpasswd $final_path`
			`sudo chmod 440 $final_path/htpasswd`
			`sudo chown www-data:www-data $final_path/htpasswd`
Add Basic Auth capability for public OPDS/HTML Library 2016-12-22 13:01:20 +01:00
			`# Modif nginx`
Update issue on quotes and escaping 2016-12-22 13:34:28 +01:00			`sed -i "s\|^.\bauth_basic\b.$\| auth_basic \"Private Library\";\|" ../conf/nginx.conf;`
			`sed -i "s\|^.\bauth_basic_user_file\b.$\| auth_basic_user_file $final_path/htpasswd;\|" ../conf/nginx.conf;`
Add Basic Auth capability for public OPDS/HTML Library 2016-12-22 13:01:20 +01:00			`else`
			`echo "No basic auth";`
			`fi`

We download sources instead of having them in the depot 2016-12-23 21:24:09 +01:00			`# Modify Nginx configuration file and copy it to Nginx conf.d directory`
Initial scripts commit 2016-12-21 18:46:36 +01:00			`sed -i "s@PATHTOCHANGE@$path@g" ../conf/nginx.conf`
			`sed -i "s@ALIASTOCHANGE@$final_path/@g" ../conf/nginx.conf`
			`sed -i "s@NAMETOCHANGE@$app@g" ../conf/nginx.conf`
			`sudo cp ../conf/nginx.conf $finalnginxconf`

We download sources instead of having them in the depot 2016-12-23 21:24:09 +01:00			`# Modify php-fpm configuration file and copy it to php-fpm pool.d directory`
Initial scripts commit 2016-12-21 18:46:36 +01:00			`sed -i "s@NAMETOCHANGE@$app@g" ../conf/php-fpm.conf`
Add missing _ in final_path 2016-12-22 01:08:35 +01:00			`sed -i "s@FOLDERTOCHANGE@$final_path@g" ../conf/php-fpm.conf`
Use of runninguser instead of usergroup 2016-12-22 01:44:07 +01:00			`sed -i "s@USERTOCHANGE@$runninguser@g" ../conf/php-fpm.conf`
Initial scripts commit 2016-12-21 18:46:36 +01:00			`sudo cp ../conf/php-fpm.conf $finalphpconf`
			`sudo chown root: $finalphpconf`
			`sudo chmod 644 $finalphpconf`

			`# Make app public if necessary`
			`is_public=$(ynh_app_setting_get $app is_public)`
			`if [ "$is_public" = "Yes" ];`
			`then`
			`ynh_app_setting_set $app skipped_uris "/"`
No basicauth if app is private 2016-12-24 03:00:25 +01:00			`else`
CLeaning 2016-12-24 11:10:00 +01:00			`ynh_app_setting_set $app protected_uris "/"`
Initial scripts commit 2016-12-21 18:46:36 +01:00			`fi`

			`# Reload Nginx and regenerate SSOwat conf`
			`sudo service php5-fpm reload`
			`sudo service nginx reload`
			`sudo yunohost app ssowatconf`