1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/cops_ynh.git synced 2024-09-03 18:25:57 +02:00
cops_ynh/scripts/install
2017-02-24 23:51:17 +00:00

162 lines
5.1 KiB
Bash
Executable file

#!/bin/bash
#set -eu
# Charge les fonctions génériques habituellement utilisées dans le script
source .fonctions
# Active trap pour arrêter le script si une erreur est détectée.
TRAP_ON
# Source app helpers
source /usr/share/yunohost/helpers
# Retrieve arguments
app=$YNH_APP_INSTANCE_NAME
domain=$YNH_APP_ARG_DOMAIN
path=$YNH_APP_ARG_PATH
is_public=$YNH_APP_ARG_IS_PUBLIC
calibre=$YNH_APP_ARG_CALIBRE
# No basic auth if app is private
if [ "$is_public" = "Yes" ];
then
basicauthcreate=$YNH_APP_ARG_BASICAUTHCREATE
basicauthname=$YNH_APP_ARG_BASICAUTHNAME
basicauthpass=$YNH_APP_ARG_BASICAUTHPASS
else
basicauthcreate="No"
fi
# We check variables are not empty
CHECK_VAR "$app" "app name not set"
# Check the path value and correct it (adds / at begining and removes it at the end)
CHECK_PATH;
# Check domain and path availibility
CHECK_DOMAINPATH
# Check destination folder is not used already
CHECK_FINALPATH
# We check that calibre path is correct
CHECK_CALIBRE;
final_path=/var/www/$app
# Define variables and Save app settings
ynh_app_setting_set "$app" domain "$domain"
ynh_app_setting_set "$app" is_public "$is_public"
ynh_app_setting_set "$app" final_path "$final_path"
ynh_app_setting_set "$app" calibre "$calibre"
ynh_app_setting_set "$app" basicauthcreate "$basicauthcreate"
finalnginxconf="/etc/nginx/conf.d/${domain}.d/${app}.conf"
ynh_app_setting_set "$app" finalnginxconf "$finalnginxconf"
finalphpconf="/etc/php5/fpm/pool.d/${app}.conf"
ynh_app_setting_set "$app" finalphpconf "$finalphpconf"
# Install dependencies using Helpers
ynh_package_install_from_equivs ../conf/cops-deps.control \
|| ynh_die "Unable to install dependencies"
# Creation of folder
sudo mkdir -p $final_path
# We download the sources and check the md5sum
cops_file=`sudo cat ../sources/source_file`;
sudo wget -nv -i ../sources/source_url -O $cops_file
sudo md5sum -c ../sources/source_md5 --status || (echo "Corrupt source" >&2 && false)
sudo unzip ${cops_file} -d $final_path
# Site adjustments
sed -i "s@CALIBRETOCHANGE@$calibre@g" ../conf/config_local.php
timezone=`sudo cat /etc/timezone`;
sed -i "s@TIMEZONETOCHANGE@$timezone@g" ../conf/config_local.php
sudo cp ../conf/config_local.php $final_path
sudo cp ../conf/robots.txt $final_path
# Create cops user and join nextcloud/owncloud/www-data groups
runninguser="${app}-ynh"
# 1. Create the user
# Create a system account for COPS if it doesn't already exists
if ! ynh_system_user_exists "$runninguser" ;
then
echo "The user $runninguser does not exist, we can create it"
sudo useradd -c "$runninguser system account" \
-d $final_path --system --user-group $runninguser \
|| ynh_die "Unable to create $runninguser system account"
else
echo "The user $runninguser exists, no need to create it"
fi
ynh_app_setting_set "$app" runninguser "$runninguser"
# 2. Add cops-ynh to groups www-data and nextcloud/owncloud if they exist
sudo usermod -a -G www-data $runninguser
for filesharing in "nextcloud" "owncloud"; do
app_id=$(sudo yunohost app list --installed -f "$filesharing" \
--output-as json | grep -Po '"id":[ ]?"\K.*?(?=")' | head -1)
[[ -z "$app_id" ]] || {
sudo usermod -a -G $filesharing $runninguser
}
done
# Set permissions
sudo chmod ug+rw -R $final_path
sudo chown -hR $runninguser:$runninguser $final_path
# Add basic auth if requested
if [ "$basicauthcreate" = "Yes" ];
then
ynh_app_setting_set "$app" basicauthname "$basicauthname"
ynh_app_setting_set "$app" basicauthpass "$basicauthpass"
# Generation of the htpasswd file according https://www.nginx.com/resources/wiki/community/faq/
SALT="$(openssl rand -base64 3)"
(SHA1=$(printf "$basicauthpass$SALT" |
openssl dgst -binary -sha1 | xxd -ps |
sed 's#$#'"`echo -n $SALT | xxd -ps`"'#' |
xxd -r -ps |
base64);printf "$basicauthname:{SSHA}$SHA1\n" >> ../sources/htpasswd)
sudo cp ../sources/htpasswd $final_path
sudo chmod 440 $final_path/htpasswd
sudo chown www-data:www-data $final_path/htpasswd
# Modif nginx
sed -i "s|^.*\bauth_basic\b.*$| auth_basic \"Private Library\";|" ../conf/nginx.conf;
sed -i "s|^.*\bauth_basic_user_file\b.*$| auth_basic_user_file $final_path/htpasswd;|" ../conf/nginx.conf;
else
echo "No basic auth";
fi
# Modify Nginx configuration file and copy it to Nginx conf.d directory
sed -i "s@PATHTOCHANGE@$path@g" ../conf/nginx.conf
sed -i "s@ALIASTOCHANGE@$final_path/@g" ../conf/nginx.conf
sed -i "s@NAMETOCHANGE@$app@g" ../conf/nginx.conf
sudo cp ../conf/nginx.conf $finalnginxconf
# Modify php-fpm configuration file and copy it to php-fpm pool.d directory
sed -i "s@NAMETOCHANGE@$app@g" ../conf/php-fpm.conf
sed -i "s@FOLDERTOCHANGE@$final_path@g" ../conf/php-fpm.conf
sed -i "s@USERTOCHANGE@$runninguser@g" ../conf/php-fpm.conf
sudo cp ../conf/php-fpm.conf $finalphpconf
sudo chown root: $finalphpconf
sudo chmod 644 $finalphpconf
# Make app public if necessary
is_public=$(ynh_app_setting_get $app is_public)
if [ "$is_public" = "Yes" ];
then
ynh_app_setting_set $app skipped_uris "/"
else
ynh_app_setting_set $app protected_uris "/"
fi
# Reload Nginx and regenerate SSOwat conf
sudo service php5-fpm reload
sudo service nginx reload
sudo yunohost app ssowatconf