#!/bin/bash #set -eu # Charge les fonctions génériques habituellement utilisées dans le script #source fonctions # Active trap pour arrêter le script si une erreur est détectée. EXIT_PROPERLY () { # Provoque l'arrêt du script en cas d'erreur. Et nettoye les résidus. exit_code=$? if [ "$exit_code" -eq 0 ]; then exit 0 # Quitte sans erreur si le script se termine correctement. fi trap '' EXIT set +eu echo -e "\e[91m \e[1m" # Shell in light red bold echo -e "!!\n $app install's script has encountered an error. Installation was cancelled.\n!!" >&2 if type -t CLEAN_SETUP > /dev/null; then # Vérifie l'existance de la fonction avant de l'exécuter. CLEAN_SETUP # Appel la fonction de nettoyage spécifique du script install. fi # Compense le bug de ssowat qui ne supprime pas l'entrée de l'app en cas d'erreur d'installation. sudo sed -i "\@\"$domain$path/\":@d" /etc/ssowat/conf.json ynh_die } TRAP_ON () { # Activate signal capture set -eu # Exit if a command fail, and if a variable is used unset. trap EXIT_PROPERLY EXIT # Capturing exit signals on shell script } TRAP_ON # Source app helpers source /usr/share/yunohost/helpers # Retrieve arguments app=$YNH_APP_INSTANCE_NAME domain=$YNH_APP_ARG_DOMAIN path=$YNH_APP_ARG_PATH is_public=$YNH_APP_ARG_IS_PUBLIC #runninguser=$YNH_APP_ARG_RUNNINGUSER calibre=$YNH_APP_ARG_CALIBRE # No basic auth if app is private if [ "$is_public" = "Yes" ]; then basicauthcreate=$YNH_APP_ARG_BASICAUTHCREATE basicauthname=$YNH_APP_ARG_BASICAUTHNAME basicauthpass=$YNH_APP_ARG_BASICAUTHPASS else basicauthcreate="No" fi # We check variables are not empty CHECK_VAR () { # Vérifie que la variable n'est pas vide. # $1 = Variable à vérifier # $2 = Texte à afficher en cas d'erreur test -n "$1" || (echo "$2" >&2 && false) } CHECK_VAR "$app" "app name not set" # Check the path value and correct it (adds / at begining and removes it at the end) CHECK_PATH () { # Vérifie la présence du / en début de path. Et son absence à la fin. if [ "${path:0:1}" != "/" ]; then # Si le premier caractère n'est pas un / path="/$path" # Ajoute un / en début de path fi if [ "${path:${#path}-1}" == "/" ] && [ ${#path} -gt 1 ]; then # Si le dernier caractère est un / et que ce n'est pas l$ path="${path:0:${#path}-1}" # Supprime le dernier caractère fi } CHECK_PATH; # Check domain and path availibility CHECK_DOMAINPATH () { # Vérifie la disponibilité du path et du domaine. sudo yunohost app checkurl $domain$path -a $app } CHECK_DOMAINPATH # Check destination folder is not used already CHECK_FINALPATH () { # Vérifie que le dossier de destination n'est pas déjà utilisé. final_path=/var/www/$app if [ -e "$final_path" ] then echo "This path already contains a folder" >&2 false fi } CHECK_FINALPATH # We check that calibre path is correct CHECK_CALIBRE () { # Vérifie la présence du / en début de path. Et son absence à la fin. if [ "${calibre:0:1}" != "/" ]; then # Si le premier caractère n'est pas un / calibre="/$calibre" # Ajoute un / en début de path fi if [ "${calibre:${#calibre}-1}" == "/" ] && [ ${#calibre} -gt 1 ]; then # Si le dernier caractère est un / $ calibre="${calibre:0:${#calibre}-1}" # Supprime le dernier caractère fi } CHECK_CALIBRE; final_path=/var/www/$app # Define variables and Save app settings ynh_app_setting_set "$app" domain "$domain" #ynh_app_setting_set "$app" path "$path" ynh_app_setting_set "$app" is_public "$is_public" ynh_app_setting_set "$app" final_path "$final_path" ynh_app_setting_set "$app" calibre "$calibre" ynh_app_setting_set "$app" basicauthcreate "$basicauthcreate" finalnginxconf="/etc/nginx/conf.d/${domain}.d/${app}.conf" ynh_app_setting_set "$app" finalnginxconf "$finalnginxconf" finalphpconf="/etc/php5/fpm/pool.d/${app}.conf" ynh_app_setting_set "$app" finalphpconf "$finalphpconf" # We install dependencies #sudo apt-get update -y #sudo apt-get install php5-gd php5-sqlite php5-json php5-intl -y # Install dependencies using Helpers ynh_package_install_from_equivs ../conf/cops-deps.control \ || ynh_die "Unable to install dependencies" # Creation of folder sudo mkdir -p $final_path # We download the sources and check the md5sum cops_file=`sudo cat ../sources/source_file`; sudo wget -nv -i ../sources/source_url -O $cops_file sudo md5sum -c ../sources/source_md5 --status || (echo "Corrupt source" >&2 && false) sudo unzip ${cops_file} -d $final_path # Site adjustments sed -i "s@CALIBRETOCHANGE@$calibre@g" ../conf/config_local.php timezone=`sudo cat /etc/timezone`; sed -i "s@TIMEZONETOCHANGE@$timezone@g" ../conf/config_local.php sudo cp ../conf/config_local.php $final_path sudo cp ../conf/robots.txt $final_path # Create cops user and join nextcloud/owncloud/www-data groups runninguser="${app}-ynh" # 1. Create the user # Create a system account for COPS if it doesn't already exists test="$(grep ^${runninguser}: /etc/passwd)" if [ -n "${test}" ]; then echo "The user $runninguser does not exist, we can create it" sudo useradd -c "$runninguser system account" \ -d $final_path --system --user-group $runninguser \ || ynh_die "Unable to create $runninguser system account" else echo "The user $runninguser exists, no need to create it" fi ynh_app_setting_set "$app" runninguser "$runninguser" # 2. Add cops-ynh to groups www-data and nextcloud/owncloud if they exist sudo usermod -a -G www-data $runninguser for filesharing in "nextcloud" "owncloud"; do app_id=$(sudo yunohost app list --installed -f "$filesharing" \ --output-as json | grep -Po '"id":[ ]?"\K.*?(?=")' | head -1) [[ -z "$app_id" ]] || { sudo usermod -a -G $filesharing $runninguser } done # Set permissions sudo chmod ug+rw -R $final_path sudo chown -hR $runninguser:$runninguser $final_path # Add basic auth if requested if [ "$basicauthcreate" = "Yes" ]; then ynh_app_setting_set "$app" basicauthname "$basicauthname" ynh_app_setting_set "$app" basicauthpass "$basicauthpass" # Generation of the htpasswd file according https://www.nginx.com/resources/wiki/community/faq/ SALT="$(openssl rand -base64 3)" (SHA1=$(printf "$basicauthpass$SALT" | openssl dgst -binary -sha1 | xxd -ps | sed 's#$#'"`echo -n $SALT | xxd -ps`"'#' | xxd -r -ps | base64);printf "$basicauthname:{SSHA}$SHA1\n" >> ../sources/htpasswd) sudo cp ../sources/htpasswd $final_path sudo chmod 440 $final_path/htpasswd sudo chown www-data:www-data $final_path/htpasswd # Modif nginx sed -i "s|^.*\bauth_basic\b.*$| auth_basic \"Private Library\";|" ../conf/nginx.conf; sed -i "s|^.*\bauth_basic_user_file\b.*$| auth_basic_user_file $final_path/htpasswd;|" ../conf/nginx.conf; else echo "No basic auth"; fi # Modify Nginx configuration file and copy it to Nginx conf.d directory sed -i "s@PATHTOCHANGE@$path@g" ../conf/nginx.conf sed -i "s@ALIASTOCHANGE@$final_path/@g" ../conf/nginx.conf sed -i "s@NAMETOCHANGE@$app@g" ../conf/nginx.conf sudo cp ../conf/nginx.conf $finalnginxconf # Modify php-fpm configuration file and copy it to php-fpm pool.d directory sed -i "s@NAMETOCHANGE@$app@g" ../conf/php-fpm.conf sed -i "s@FOLDERTOCHANGE@$final_path@g" ../conf/php-fpm.conf sed -i "s@USERTOCHANGE@$runninguser@g" ../conf/php-fpm.conf sudo cp ../conf/php-fpm.conf $finalphpconf sudo chown root: $finalphpconf sudo chmod 644 $finalphpconf # Make app public if necessary is_public=$(ynh_app_setting_get $app is_public) if [ "$is_public" = "Yes" ]; then ynh_app_setting_set $app skipped_uris "/" else ynh_app_setting_set $app protected_uris "/" fi # Reload Nginx and regenerate SSOwat conf sudo service php5-fpm reload sudo service nginx reload sudo yunohost app ssowatconf