From 49a8493ce03896fcc8888fb8d451db2d86e44944 Mon Sep 17 00:00:00 2001 From: Gofannon Date: Sun, 12 Aug 2018 15:33:54 +0200 Subject: [PATCH 01/19] [enh] Rewrite README * Languages : english and french * Update to reflect current state of Yunohost package and DokuWiki --- README.md | 162 +++++++++++++++++++++++++++++++++++++++++++----------- 1 file changed, 131 insertions(+), 31 deletions(-) diff --git a/README.md b/README.md index 1876be1..ee95ec1 100644 --- a/README.md +++ b/README.md @@ -1,47 +1,147 @@ -# Dokuwiki for YunoHost +# DokuWiki for YunoHost - [English Version] +[![Integration level](https://dash.yunohost.org/integration/dokuwiki.svg)](https://ci-apps-dev.yunohost.org/jenkins/job/dokuwiki%20%28Official%29/lastBuild/consoleFull) +[![Install DokuWiki with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=dokuwiki) -[![Install Dokuwiki with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=dokuwiki) +> *This package allow you to install DokuWiki quickly and simply on a YunoHost server. +If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to know how to install and enjoy it.* - -## Dokuwiki c'est quoi ? - -DokuWiki est un logiciel wiki Open Source simple à utiliser et très polyvalent qui ne nécessite pas de base de données. Il est apprécié par les utilisateurs pour sa syntaxe propre et lisible. La facilité de maintenance, de sauvegarde et d'intégration en fait un favori d'administrateur. Des contrôles d'accès et des connecteurs d'authentification intégrés rendent DokuWiki particulièrement utile dans le contexte de l'entreprise et le grand nombre de plugins apportés par sa communauté dynamique permettent un large éventail de cas d'utilisation au-delà d'un wiki traditionnel. - -Source: [dokuwiki.org](https://www.dokuwiki.org/) - -### Installation - -`$ sudo yunohost app install https://github.com/YunoHost-Apps/dokuwiki_ynh.git` - -### Mise à jour - -`$ sudo yunohost app upgrade --verbose dokuwiki -u https://github.com/YunoHost-Apps/dokuwiki_ynh.git` - -Lors de la mise à jour de dokuwiki, les plugins officiels sont également mis à jour. Nous vous recommandons toutefois de vérifier le bon fonctionnement des plugins dans le panel d'administration après cette upgrade. Nous ne pouvons pas savoir si des plugins spéciaux posent problèmes. - -## What is Dokuwiki? +## What is DokuWiki? DokuWiki is a simple to use and highly versatile Open Source wiki software that doesn't require a database. It is loved by users for its clean and readable syntax. The ease of maintenance, backup and integration makes it an administrator's favorite. Built in access controls and authentication connectors make DokuWiki especially useful in the enterprise context and the large number of plugins contributed by its vibrant community allow for a broad range of use cases beyond a traditional wiki. -Source: [dokuwiki.org](https://www.dokuwiki.org/) +**Shipped version:** 2018-04-22a "Greebo" -### Install +## Screenshots -`$ sudo yunohost app install https://github.com/YunoHost-Apps/dokuwiki_ynh.git` +![](https://www.dokuwiki.org/_media/dokuwikimainwindow.png) -### Update +## Documentation -`$ sudo yunohost app upgrade --verbose dokuwiki -u https://github.com/YunoHost-Apps/dokuwiki_ynh.git` +* Official documentation: https://www.dokuwiki.org/manual +* YunoHost documentation: There is no dedicated documentation, feel free [to contribute](https://yunohost.org/#/app_dokuwiki) -When updating dokuwiki, the official plugins are also updated. However, we recommend that you check the plugins in the administration panel after this upgrade. We can't know if special plugins are causing problems. +## YunoHost specific features -## Versionning +* Integrate with YunoHost users and SSO - i.e. logout button +* Allow one user to be the "administrator" (set at the installation) +* Default authorization is set as read only so guest people cannot edit pages. (Especially needed if wiki is public to avoid spam and defacing. Can be changed from admin panel) +* During the upgrade, official plugins are also upgraded. We recommend that you should check that they run properly in the administration panel after the upgrade. We cannot know if some plugins are broken... -### Version 1.1.0 (07/03/17) +### Supported architectures -- Update app +* x86-64b - [![Build Status](https://ci-apps.yunohost.org/jenkins/job/dokuwiki%20(Official)/lastBuild/console/badge/icon)](https://ci-apps.yunohost.org/jenkins/job/dokuwiki%20(Official)/lastBuild/console) +* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/jenkins/job/dokuwiki_ynh%20(Official)%20(%7EARM%7E)/badge/icon)](https://ci-apps-arm.yunohost.org/jenkins/job/dokuwiki_ynh%20(Official)%20(%7EARM%7E)) +* Jessie x86-64b - [![Build Status](https://ci-stretch.nohost.me/jenkins/job/dokuwiki_ynh%20(Official)/badge/icon)](https://ci-stretch.nohost.me/jenkins/job/dokuwiki_ynh%20(Official)) -### Version 1.0.0 (11/02/14) +## Limitations -- Create script app +* Cannot create or login with dokuwiki internal users, only users from Yunohost (Work needed for [authchained plugin](https://www.dokuwiki.org/plugin:authchained)) + +## Links + + * Report a bug: https://github.com/YunoHost-Apps/dokuwiki_ynh/issues + * App website: https://www.dokuwiki.org + * YunoHost website: https://yunohost.org + +--- + +## Developers infos + +**Only if you know what you are doing AND want to switch to an unstable branch for testing or coding** + +Instead of merging directly into `master`, please do your pull request to the [`testing` branch](https://github.com/YunoHost-Apps/dokuwiki_ynh/tree/testing) + +To try the `testing` branch, please proceed like that. +``` +sudo yunohost app install https://github.com/YunoHost-Apps/dokuwiki_ynh/tree/testing --debug +or +sudo yunohost app upgrade dokuwiki -u https://github.com/YunoHost-Apps/dokuwiki_ynh/tree/testing --debug +``` + +## Changelog + +### _Testing Branch_ + + * 1 Aug 2018 [#37](https://github.com/YunoHost-Apps/dokuwiki_ynh/pull/37) - Upgrade DokuWiki to version "Greebo 2018-04-22a" and rework of the Yunohost package + +### _Master branch (Official release)_ +* *Many missing - List taken from previous documentation* +* 07 Mar 2017 - Update app +* 11 Feb 2017 - Create script app + + + +------------------ +------------------ + + + +# Dokuwiki pour YunoHost - [Version Française] + +[![Niveau d'intégration](https://dash.yunohost.org/integration/dokuwiki.svg)](https://ci-apps-dev.yunohost.org/jenkins/job/dokuwiki%20%28Official%29/lastBuild/consoleFull) +[![Installer DokuWiki grâce à YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=dokuwiki) + +## Dokuwiki, c'est quoi ? + +DokuWiki est un logiciel wiki Open Source simple à utiliser et très polyvalent qui ne nécessite pas de base de données. Il est apprécié par les utilisateurs pour sa syntaxe propre et lisible. La facilité de maintenance, de sauvegarde et d'intégration en fait un favori d'administrateur. Des contrôles d'accès et des connecteurs d'authentification intégrés rendent DokuWiki particulièrement utile dans le contexte de l'entreprise et le grand nombre de plugins apportés par sa communauté dynamique permettent un large éventail de cas d'utilisation au-delà d'un wiki traditionnel. + +**Version actuelle:** 2018-04-22a "Greebo" + +## Captures d'écran + +![](https://www.dokuwiki.org/_media/dokuwikimainwindow.png) + +## Documentation + +* Documentation officielle : https://www.dokuwiki.org/manual +* Documentation YunoHost : Pas de documentation dédiée, merci de [contribuer](https://yunohost.org/#/app_dokuwiki_fr) si vous le pouvez + +## Fonctionnalités spécifiques YunoHost + +* Fonctionne avec les utilisateurs YunoHost ainsi que le SSO - i.e. button de déconnexion +* Définit un utilisateur "administrateur" lors de l'installation +* Droits d'édition par défaut du wiki définis en lecture seule afin que les invités ne puissent éditer les pages. (Nécessaire surtout lorsque le wiki est public pour éviter le spam et le vandalisme. Peut être changé depuis la partie administration du wiki) +* Lors de la mise à jour, les plugins officiels sont également mis à jour. Nous vous recommandons toutefois de vérifier le bon fonctionnement des plugins dans le panneau d'administration après cette opération. Nous ne pouvons pas savoir si des plugins spéciaux posent problèmes... + +### Architectures matérielles supportées + +* x86-64b - [![Build Status](https://ci-apps.yunohost.org/jenkins/job/dokuwiki%20(Official)/lastBuild/console/badge/icon)](https://ci-apps.yunohost.org/jenkins/job/dokuwiki%20(Official)/lastBuild/console) +* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/jenkins/job/dokuwiki_ynh%20(Official)%20(%7EARM%7E)/badge/icon)](https://ci-apps-arm.yunohost.org/jenkins/job/dokuwiki_ynh%20(Official)%20(%7EARM%7E)) +* Jessie x86-64b - [![Build Status](https://ci-stretch.nohost.me/jenkins/job/dokuwiki_ynh%20(Official)/badge/icon)](https://ci-stretch.nohost.me/jenkins/job/dokuwiki_ynh%20(Official)) + +## Limitations + +* Impossible d'ajouter et d'utiliser les utilisateurs internes de DokuWiki, seulement ceux de Yunohost (travail nécessaire pour [authchained plugin](https://www.dokuwiki.org/plugin:authchained)) + +## Liens + + * Déclarer un bogue: https://github.com/YunoHost-Apps/dokuwiki_ynh/issues + * Site officiel: https://www.dokuwiki.org + * Site YunoHost: https://yunohost.org + +--- + +## Informations pour développeurs et développeuses + +**Si vous savez ce que vous faites ET que vous souhaitez passer sur une version instable pour tester ou coder** + +Au lieu de fusionner directement dans `master`, merci d'envoyer vos "pull request" dans la [branche de test `testing`](https://github.com/YunoHost-Apps/dokuwiki_ynh/tree/testing) + +Pour basculer sur la branche `testing`, merci de procéder ainsi: +``` +sudo yunohost app install https://github.com/YunoHost-Apps/dokuwiki_ynh/tree/testing --debug +or +sudo yunohost app upgrade dokuwiki -u https://github.com/YunoHost-Apps/dokuwiki_ynh/tree/testing --debug +``` + +## Historique des versions + +### _Testing Branch_ + + * 1 Aug 2018 [#37](https://github.com/YunoHost-Apps/dokuwiki_ynh/pull/37) - Mise à jour de DokuWiki vers la version "Greebo 2018-04-22a" et rénovation du paquet Yunohost + +### _Master branch (Official release)_ +* *Many missing - List taken from previous documentation* +* 07 Mar 2017 - Update app +* 11 Feb 2017 - Create script app From 5ddef3e44e5a76e44f1f3c40effcf63559962fad Mon Sep 17 00:00:00 2001 From: JimboJoe Date: Sat, 25 Aug 2018 22:41:30 +0200 Subject: [PATCH 02/19] Typo fix --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index ee95ec1..b0ab2c0 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,7 @@ [![Integration level](https://dash.yunohost.org/integration/dokuwiki.svg)](https://ci-apps-dev.yunohost.org/jenkins/job/dokuwiki%20%28Official%29/lastBuild/consoleFull) [![Install DokuWiki with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=dokuwiki) -> *This package allow you to install DokuWiki quickly and simply on a YunoHost server. +> *This package allows you to install DokuWiki quickly and simply on a YunoHost server. If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to know how to install and enjoy it.* ## What is DokuWiki? From af622d3c1fe58e40b92dfdab0fef39ca8a0eef36 Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Tue, 2 Oct 2018 00:32:39 +0200 Subject: [PATCH 03/19] Remove ini file for php --- conf/php-fpm.conf | 3 +++ conf/php-fpm.ini | 3 --- scripts/backup | 1 - scripts/restore | 1 - 4 files changed, 3 insertions(+), 5 deletions(-) delete mode 100644 conf/php-fpm.ini diff --git a/conf/php-fpm.conf b/conf/php-fpm.conf index 2aec4a2..aabb874 100644 --- a/conf/php-fpm.conf +++ b/conf/php-fpm.conf @@ -390,3 +390,6 @@ catch_workers_output = yes ;php_admin_value[error_log] = /var/log/fpm-php.www.log ;php_admin_flag[log_errors] = on ;php_admin_value[memory_limit] = 32M + +php_admin_value[upload_max_filesize] = 30M +php_admin_value[post_max_size] = 30M diff --git a/conf/php-fpm.ini b/conf/php-fpm.ini deleted file mode 100644 index 55e2ba7..0000000 --- a/conf/php-fpm.ini +++ /dev/null @@ -1,3 +0,0 @@ -upload_max_filesize=30M -post_max_size=30M -; max_execution_time=60 \ No newline at end of file diff --git a/scripts/backup b/scripts/backup index 9c63df7..8b1be79 100755 --- a/scripts/backup +++ b/scripts/backup @@ -44,7 +44,6 @@ ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= ynh_backup "/etc/php5/fpm/pool.d/$app.conf" -ynh_backup "/etc/php5/fpm/conf.d/20-$app.ini" #================================================= # SPECIFIC BACKUP diff --git a/scripts/restore b/scripts/restore index f8363c7..5a1a0d1 100755 --- a/scripts/restore +++ b/scripts/restore @@ -102,7 +102,6 @@ find $final_path/lib -type d -print0 | xargs -0 chmod 0755 #================================================= ynh_restore_file "/etc/php5/fpm/pool.d/$app.conf" -ynh_restore_file "/etc/php5/fpm/conf.d/20-$app.ini" #================================================= # SPECIFIC RESTORATION From 70d8aea655dc578370b16f21ecd41bd7b4d31cd1 Mon Sep 17 00:00:00 2001 From: anmol Date: Wed, 21 Nov 2018 02:33:53 +0530 Subject: [PATCH 04/19] Added Fail2ban --- scripts/_common.sh | 66 +++++++++++++++++++++++++++++++++++++++++++++- scripts/backup | 7 +++++ scripts/change_url | 5 +++- scripts/install | 6 +++++ scripts/remove | 3 +++ scripts/restore | 6 +++++ scripts/upgrade | 6 +++++ 7 files changed, 97 insertions(+), 2 deletions(-) diff --git a/scripts/_common.sh b/scripts/_common.sh index bb04a03..217a16a 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -10,4 +10,68 @@ ynh_delete_file_checksum () { local checksum_setting_name=checksum_${1//[\/ ]/_} # Replace all '/' and ' ' by '_' ynh_app_setting_delete $app $checksum_setting_name -} \ No newline at end of file +} + +#================================================= +# EXPERIMENTAL HELPERS +#================================================= + +# Create a dedicated fail2ban config (jail and filter conf files) +# +# usage: ynh_add_fail2ban_config log_file filter [max_retry [ports]] +# | arg: log_file - Log file to be checked by fail2ban +# | arg: failregex - Failregex to be looked for by fail2ban +# | arg: max_retry - Maximum number of retries allowed before banning IP address - default: 3 +# | arg: ports - Ports blocked for a banned IP address - default: http,https +ynh_add_fail2ban_config () { + # Process parameters + logpath=$1 + failregex=$2 + max_retry=${3:-3} + ports=${4:-http,https} + + test -n "$logpath" || ynh_die "ynh_add_fail2ban_config expects a logfile path as first argument and received nothing." + test -n "$failregex" || ynh_die "ynh_add_fail2ban_config expects a failure regex as second argument and received nothing." + + finalfail2banjailconf="/etc/fail2ban/jail.d/$app.conf" + finalfail2banfilterconf="/etc/fail2ban/filter.d/$app.conf" + ynh_backup_if_checksum_is_different "$finalfail2banjailconf" 1 + ynh_backup_if_checksum_is_different "$finalfail2banfilterconf" 1 + + sudo tee $finalfail2banjailconf <&2 + echo "WARNING${fail2ban_error#*WARNING}" >&2 + fi +} + +# Remove the dedicated fail2ban config (jail and filter conf files) +# +# usage: ynh_remove_fail2ban_config +ynh_remove_fail2ban_config () { + ynh_secure_remove "/etc/fail2ban/jail.d/$app.conf" + ynh_secure_remove "/etc/fail2ban/filter.d/$app.conf" + sudo systemctl restart fail2ban +} diff --git a/scripts/backup b/scripts/backup index 9c63df7..e24e312 100755 --- a/scripts/backup +++ b/scripts/backup @@ -50,3 +50,10 @@ ynh_backup "/etc/php5/fpm/conf.d/20-$app.ini" # SPECIFIC BACKUP #================================================= +#================================================= +# BACKUP FAIL2BAN CONFIGURATION +#================================================= + +ynh_backup "/etc/fail2ban/jail.d/$app.conf" +ynh_backup "/etc/fail2ban/filter.d/$app.conf" + diff --git a/scripts/change_url b/scripts/change_url index 2af51af..8f11601 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -75,7 +75,7 @@ then ynh_add_nginx_config fi -# Change the domain for nginx +# Change the domain for nginx and impliment Fail2ban if [ $change_domain -eq 1 ] then # Delete file checksum for the old conf file location @@ -83,6 +83,9 @@ then mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf # Store file checksum for the new config file location ynh_store_file_checksum "/etc/nginx/conf.d/$new_domain.d/$app.conf" + # Fail2ban configuration + ynh_add_fail2ban_config "/var/log/nginx/$new_domain-error.log" "^.*authentication failure\" while reading response header from upstream, client: ,.*$" 5 + fi #================================================= diff --git a/scripts/install b/scripts/install index 046c816..d0102b8 100755 --- a/scripts/install +++ b/scripts/install @@ -211,6 +211,12 @@ find $final_path/lib -type d -print0 | xargs -0 chmod 0755 # chmod : -rwxr-xr-x 1 root root 241 May 3 08:36 index.html => BAD # find : -rw-r--r-- 1 1001 1002 241 May 3 08:36 index.html => GOOD +#================================================= +# SETUP FAIL2BAN +#================================================= + +ynh_add_fail2ban_config "/var/log/nginx/$domain-error.log" "^.*authentication failure\" while reading response header from upstream, client: ,.*$" 5 + #================================================= # SETUP SSOWAT #================================================= diff --git a/scripts/remove b/scripts/remove index f453065..96dfb72 100755 --- a/scripts/remove +++ b/scripts/remove @@ -46,7 +46,10 @@ ynh_remove_fpm_config #================================================= # SPECIFIC REMOVE #================================================= +# REMOVE FAIL2BAN CONFIGURATION +#================================================= +ynh_remove_fail2ban_config #================================================= # GENERIC FINALIZATION diff --git a/scripts/restore b/scripts/restore index f8363c7..23153b2 100755 --- a/scripts/restore +++ b/scripts/restore @@ -108,7 +108,13 @@ ynh_restore_file "/etc/php5/fpm/conf.d/20-$app.ini" # SPECIFIC RESTORATION #================================================= +#================================================= +# RESTORE FAIL2BAN CONFIGURATION +#================================================= +ynh_restore_file "/etc/fail2ban/jail.d/$app.conf" +ynh_restore_file "/etc/fail2ban/filter.d/$app.conf" +systemctl restart fail2ban #================================================= # GENERIC FINALIZATION diff --git a/scripts/upgrade b/scripts/upgrade index 75be9a7..25b70b0 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -287,6 +287,12 @@ find $final_path/lib -type d -print0 | xargs -0 chmod 0755 # chmod : -rwxr-xr-x 1 root root 241 May 3 08:36 index.html => BAD # find : -rw-r--r-- 1 1001 1002 241 May 3 08:36 index.html => GOOD +#================================================= +# SETUP FAIL2BAN +#================================================= + +ynh_add_fail2ban_config "/var/log/nginx/$domain-error.log" "^.*authentication failure\" while reading response header from upstream, client: ,.*$" 5 + #================================================= # SETUP SSOWAT #================================================= From 78aeea55d22443053a8f4d4612745edbe213f35a Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Wed, 5 Dec 2018 20:11:30 +0100 Subject: [PATCH 05/19] Update README.md --- README.md | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index b0ab2c0..d14bd31 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # DokuWiki for YunoHost - [English Version] -[![Integration level](https://dash.yunohost.org/integration/dokuwiki.svg)](https://ci-apps-dev.yunohost.org/jenkins/job/dokuwiki%20%28Official%29/lastBuild/consoleFull) +[![Integration level](https://dash.yunohost.org/integration/dokuwiki.svg)](https://ci-apps-dev.yunohost.org/jenkins/job/dokuwiki%20%28Official%29/lastBuild/consoleFull) [![Install DokuWiki with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=dokuwiki) > *This package allows you to install DokuWiki quickly and simply on a YunoHost server. @@ -30,9 +30,9 @@ DokuWiki is a simple to use and highly versatile Open Source wiki software that ### Supported architectures -* x86-64b - [![Build Status](https://ci-apps.yunohost.org/jenkins/job/dokuwiki%20(Official)/lastBuild/console/badge/icon)](https://ci-apps.yunohost.org/jenkins/job/dokuwiki%20(Official)/lastBuild/console) -* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/jenkins/job/dokuwiki_ynh%20(Official)%20(%7EARM%7E)/badge/icon)](https://ci-apps-arm.yunohost.org/jenkins/job/dokuwiki_ynh%20(Official)%20(%7EARM%7E)) -* Jessie x86-64b - [![Build Status](https://ci-stretch.nohost.me/jenkins/job/dokuwiki_ynh%20(Official)/badge/icon)](https://ci-stretch.nohost.me/jenkins/job/dokuwiki_ynh%20(Official)) +* x86-64b - ![](https://ci-apps.yunohost.org/ci/logs/dokuwiki%20%28Official%29.svg) +* ARMv8-A - ![](https://ci-apps-arm.yunohost.org/ci/logs/dokuwiki%20%28Official%29.svg) +* Jessie x86-64b - ![](https://ci-stretch.nohost.me/ci/logs/dokuwiki%20%28Official%29.svg) ## Limitations @@ -79,7 +79,7 @@ sudo yunohost app upgrade dokuwiki -u https://github.com/YunoHost-Apps/dokuwiki_ # Dokuwiki pour YunoHost - [Version Française] -[![Niveau d'intégration](https://dash.yunohost.org/integration/dokuwiki.svg)](https://ci-apps-dev.yunohost.org/jenkins/job/dokuwiki%20%28Official%29/lastBuild/consoleFull) +[![Niveau d'intégration](https://dash.yunohost.org/integration/dokuwiki.svg)](https://ci-apps-dev.yunohost.org/jenkins/job/dokuwiki%20%28Official%29/lastBuild/consoleFull) [![Installer DokuWiki grâce à YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=dokuwiki) ## Dokuwiki, c'est quoi ? @@ -105,10 +105,9 @@ DokuWiki est un logiciel wiki Open Source simple à utiliser et très polyvalent * Lors de la mise à jour, les plugins officiels sont également mis à jour. Nous vous recommandons toutefois de vérifier le bon fonctionnement des plugins dans le panneau d'administration après cette opération. Nous ne pouvons pas savoir si des plugins spéciaux posent problèmes... ### Architectures matérielles supportées - -* x86-64b - [![Build Status](https://ci-apps.yunohost.org/jenkins/job/dokuwiki%20(Official)/lastBuild/console/badge/icon)](https://ci-apps.yunohost.org/jenkins/job/dokuwiki%20(Official)/lastBuild/console) -* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/jenkins/job/dokuwiki_ynh%20(Official)%20(%7EARM%7E)/badge/icon)](https://ci-apps-arm.yunohost.org/jenkins/job/dokuwiki_ynh%20(Official)%20(%7EARM%7E)) -* Jessie x86-64b - [![Build Status](https://ci-stretch.nohost.me/jenkins/job/dokuwiki_ynh%20(Official)/badge/icon)](https://ci-stretch.nohost.me/jenkins/job/dokuwiki_ynh%20(Official)) +* x86-64b - ![](https://ci-apps.yunohost.org/ci/logs/dokuwiki%20%28Official%29.svg) +* ARMv8-A - ![](https://ci-apps-arm.yunohost.org/ci/logs/dokuwiki%20%28Official%29.svg) +* Jessie x86-64b - ![](https://ci-stretch.nohost.me/ci/logs/dokuwiki%20%28Official%29.svg) ## Limitations From c4ae1aacd065ebfa0ef37b95fb525e80b17b97bc Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Tue, 12 Feb 2019 19:39:23 +0100 Subject: [PATCH 06/19] Normalization from example_ynh --- README.md | 116 +++++++++------------------------------------ README_fr.md | 76 +++++++++++++++++++++++++++++ check_process | 14 ++---- conf/nginx.conf | 12 +---- manifest.json | 17 ++++--- scripts/_common.sh | 12 ----- scripts/backup | 4 -- scripts/change_url | 8 ---- scripts/install | 38 +++------------ scripts/remove | 7 --- scripts/restore | 31 ++---------- scripts/upgrade | 34 +++++-------- 12 files changed, 137 insertions(+), 232 deletions(-) create mode 100644 README_fr.md diff --git a/README.md b/README.md index d14bd31..d379fdb 100644 --- a/README.md +++ b/README.md @@ -1,12 +1,14 @@ -# DokuWiki for YunoHost - [English Version] +# DokuWiki for YunoHost -[![Integration level](https://dash.yunohost.org/integration/dokuwiki.svg)](https://ci-apps-dev.yunohost.org/jenkins/job/dokuwiki%20%28Official%29/lastBuild/consoleFull) +[![Integration level](https://dash.yunohost.org/integration/dokuwiki.svg)](https://dash.yunohost.org/appci/app/dokuwiki) [![Install DokuWiki with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=dokuwiki) +*[Lire ce readme en français.](./README_fr.md)* + > *This package allows you to install DokuWiki quickly and simply on a YunoHost server. If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to know how to install and enjoy it.* -## What is DokuWiki? +## Overview DokuWiki is a simple to use and highly versatile Open Source wiki software that doesn't require a database. It is loved by users for its clean and readable syntax. The ease of maintenance, backup and integration makes it an administrator's favorite. Built in access controls and authentication connectors make DokuWiki especially useful in the enterprise context and the large number of plugins contributed by its vibrant community allow for a broad range of use cases beyond a traditional wiki. @@ -16,10 +18,16 @@ DokuWiki is a simple to use and highly versatile Open Source wiki software that ![](https://www.dokuwiki.org/_media/dokuwikimainwindow.png) +## Demo + +* [YunoHost demo](https://demo.yunohost.org/dokuwiki/) + +## Configuration + ## Documentation * Official documentation: https://www.dokuwiki.org/manual -* YunoHost documentation: There is no dedicated documentation, feel free [to contribute](https://yunohost.org/#/app_dokuwiki) +* YunoHost documentation: https://yunohost.org/#/app_dokuwiki ## YunoHost specific features @@ -30,14 +38,22 @@ DokuWiki is a simple to use and highly versatile Open Source wiki software that ### Supported architectures -* x86-64b - ![](https://ci-apps.yunohost.org/ci/logs/dokuwiki%20%28Official%29.svg) -* ARMv8-A - ![](https://ci-apps-arm.yunohost.org/ci/logs/dokuwiki%20%28Official%29.svg) -* Jessie x86-64b - ![](https://ci-stretch.nohost.me/ci/logs/dokuwiki%20%28Official%29.svg) +* x86-64b - [![Build Status](https://ci-apps.yunohost.org/ci/logs/dokuwiki%20%28Official%29.svg)](https://ci-apps.yunohost.org/ci/apps/dokuwiki/) +* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/dokuwiki%20%28Official%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/dokuwiki/) +* Jessie x86-64b - [![Build Status](https://ci-stretch.nohost.me/ci/logs/dokuwiki%20%28Official%29.svg)](https://ci-stretch.nohost.me/ci/apps/dokuwiki/) ## Limitations * Cannot create or login with dokuwiki internal users, only users from Yunohost (Work needed for [authchained plugin](https://www.dokuwiki.org/plugin:authchained)) +## Additional information + +### Changelog + +* *Many missing - List taken from previous documentation* +* 07 Mar 2017 - Update app +* 11 Feb 2017 - Create script app + ## Links * Report a bug: https://github.com/YunoHost-Apps/dokuwiki_ynh/issues @@ -58,89 +74,3 @@ sudo yunohost app install https://github.com/YunoHost-Apps/dokuwiki_ynh/tree/tes or sudo yunohost app upgrade dokuwiki -u https://github.com/YunoHost-Apps/dokuwiki_ynh/tree/testing --debug ``` - -## Changelog - -### _Testing Branch_ - - * 1 Aug 2018 [#37](https://github.com/YunoHost-Apps/dokuwiki_ynh/pull/37) - Upgrade DokuWiki to version "Greebo 2018-04-22a" and rework of the Yunohost package - -### _Master branch (Official release)_ -* *Many missing - List taken from previous documentation* -* 07 Mar 2017 - Update app -* 11 Feb 2017 - Create script app - - - ------------------- ------------------- - - - -# Dokuwiki pour YunoHost - [Version Française] - -[![Niveau d'intégration](https://dash.yunohost.org/integration/dokuwiki.svg)](https://ci-apps-dev.yunohost.org/jenkins/job/dokuwiki%20%28Official%29/lastBuild/consoleFull) -[![Installer DokuWiki grâce à YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=dokuwiki) - -## Dokuwiki, c'est quoi ? - -DokuWiki est un logiciel wiki Open Source simple à utiliser et très polyvalent qui ne nécessite pas de base de données. Il est apprécié par les utilisateurs pour sa syntaxe propre et lisible. La facilité de maintenance, de sauvegarde et d'intégration en fait un favori d'administrateur. Des contrôles d'accès et des connecteurs d'authentification intégrés rendent DokuWiki particulièrement utile dans le contexte de l'entreprise et le grand nombre de plugins apportés par sa communauté dynamique permettent un large éventail de cas d'utilisation au-delà d'un wiki traditionnel. - -**Version actuelle:** 2018-04-22a "Greebo" - -## Captures d'écran - -![](https://www.dokuwiki.org/_media/dokuwikimainwindow.png) - -## Documentation - -* Documentation officielle : https://www.dokuwiki.org/manual -* Documentation YunoHost : Pas de documentation dédiée, merci de [contribuer](https://yunohost.org/#/app_dokuwiki_fr) si vous le pouvez - -## Fonctionnalités spécifiques YunoHost - -* Fonctionne avec les utilisateurs YunoHost ainsi que le SSO - i.e. button de déconnexion -* Définit un utilisateur "administrateur" lors de l'installation -* Droits d'édition par défaut du wiki définis en lecture seule afin que les invités ne puissent éditer les pages. (Nécessaire surtout lorsque le wiki est public pour éviter le spam et le vandalisme. Peut être changé depuis la partie administration du wiki) -* Lors de la mise à jour, les plugins officiels sont également mis à jour. Nous vous recommandons toutefois de vérifier le bon fonctionnement des plugins dans le panneau d'administration après cette opération. Nous ne pouvons pas savoir si des plugins spéciaux posent problèmes... - -### Architectures matérielles supportées -* x86-64b - ![](https://ci-apps.yunohost.org/ci/logs/dokuwiki%20%28Official%29.svg) -* ARMv8-A - ![](https://ci-apps-arm.yunohost.org/ci/logs/dokuwiki%20%28Official%29.svg) -* Jessie x86-64b - ![](https://ci-stretch.nohost.me/ci/logs/dokuwiki%20%28Official%29.svg) - -## Limitations - -* Impossible d'ajouter et d'utiliser les utilisateurs internes de DokuWiki, seulement ceux de Yunohost (travail nécessaire pour [authchained plugin](https://www.dokuwiki.org/plugin:authchained)) - -## Liens - - * Déclarer un bogue: https://github.com/YunoHost-Apps/dokuwiki_ynh/issues - * Site officiel: https://www.dokuwiki.org - * Site YunoHost: https://yunohost.org - ---- - -## Informations pour développeurs et développeuses - -**Si vous savez ce que vous faites ET que vous souhaitez passer sur une version instable pour tester ou coder** - -Au lieu de fusionner directement dans `master`, merci d'envoyer vos "pull request" dans la [branche de test `testing`](https://github.com/YunoHost-Apps/dokuwiki_ynh/tree/testing) - -Pour basculer sur la branche `testing`, merci de procéder ainsi: -``` -sudo yunohost app install https://github.com/YunoHost-Apps/dokuwiki_ynh/tree/testing --debug -or -sudo yunohost app upgrade dokuwiki -u https://github.com/YunoHost-Apps/dokuwiki_ynh/tree/testing --debug -``` - -## Historique des versions - -### _Testing Branch_ - - * 1 Aug 2018 [#37](https://github.com/YunoHost-Apps/dokuwiki_ynh/pull/37) - Mise à jour de DokuWiki vers la version "Greebo 2018-04-22a" et rénovation du paquet Yunohost - -### _Master branch (Official release)_ -* *Many missing - List taken from previous documentation* -* 07 Mar 2017 - Update app -* 11 Feb 2017 - Create script app diff --git a/README_fr.md b/README_fr.md new file mode 100644 index 0000000..32b3c6a --- /dev/null +++ b/README_fr.md @@ -0,0 +1,76 @@ +# Dokuwiki pour YunoHost + +[![Niveau d'intégration](https://dash.yunohost.org/integration/dokuwiki.svg)](https://dash.yunohost.org/appci/app/dokuwiki) +[![Installer DokuWiki grâce à YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=dokuwiki) + +*[Read this readme in english.](./README.md)* + +> *Ce package vous permet d'installer Dokuwiki rapidement et simplement sur un serveur Yunohost. +Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.* + +## Vue d'ensemble + +DokuWiki est un logiciel wiki Open Source simple à utiliser et très polyvalent qui ne nécessite pas de base de données. Il est apprécié par les utilisateurs pour sa syntaxe propre et lisible. La facilité de maintenance, de sauvegarde et d'intégration en fait un favori d'administrateur. Des contrôles d'accès et des connecteurs d'authentification intégrés rendent DokuWiki particulièrement utile dans le contexte de l'entreprise et le grand nombre de plugins apportés par sa communauté dynamique permettent un large éventail de cas d'utilisation au-delà d'un wiki traditionnel. + +**Version incluse:** 2018-04-22a "Greebo" + +## Captures d'écran + +![](https://www.dokuwiki.org/_media/dokuwikimainwindow.png) + +## Démo + +* [Démo YunoHost](https://demo.yunohost.org/dokuwiki/) + +## Configuration + +## Documentation + +* Documentation officielle: https://www.dokuwiki.org/manual +* Documentation YunoHost: https://yunohost.org/#/app_dokuwiki + +## Caractéristiques spécifiques YunoHost + +* Fonctionne avec les utilisateurs YunoHost ainsi que le SSO - i.e. button de déconnexion +* Définit un utilisateur "administrateur" lors de l'installation +* Droits d'édition par défaut du wiki définis en lecture seule afin que les invités ne puissent éditer les pages. (Nécessaire surtout lorsque le wiki est public pour éviter le spam et le vandalisme. Peut être changé depuis la partie administration du wiki) +* Lors de la mise à jour, les plugins officiels sont également mis à jour. Nous vous recommandons toutefois de vérifier le bon fonctionnement des plugins dans le panneau d'administration après cette opération. Nous ne pouvons pas savoir si des plugins spéciaux posent problèmes... + +### Architectures matérielles supportées + +* x86-64b - [![Build Status](https://ci-apps.yunohost.org/ci/logs/dokuwiki%20%28Official%29.svg)](https://ci-apps.yunohost.org/ci/apps/dokuwiki/) +* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/dokuwiki%20%28Official%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/dokuwiki/) +* Jessie x86-64b - [![Build Status](https://ci-stretch.nohost.me/ci/logs/dokuwiki%20%28Official%29.svg)](https://ci-stretch.nohost.me/ci/apps/dokuwiki/) + +## Limitations + +* Impossible d'ajouter et d'utiliser les utilisateurs internes de DokuWiki, seulement ceux de Yunohost (travail nécessaire pour [authchained plugin](https://www.dokuwiki.org/plugin:authchained)) + +## Informations additionnelles + +### Historique des versions + +* *Many missing - List taken from previous documentation* +* 07 Mar 2017 - Update app +* 11 Feb 2017 - Create script app + +## Liens + + * Signaler un bug: https://github.com/YunoHost-Apps/dokuwiki_ynh/issues + * Site de l'application:https://www.dokuwiki.org + * Site web YunoHost: https://yunohost.org/ + +--- + +## Informations pour les développeurs + +**Seulement si vous voulez utiliser une branche de test pour le codage, au lieu de fusionner directement dans la banche principale.** + +Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/REPLACEBYYOURAPP_ynh/tree/testing). + +Pour essayer la branche testing, procédez comme suit. +``` +sudo yunohost app install https://github.com/YunoHost-Apps/dokuwiki_ynh/tree/testing --debug +ou +sudo yunohost app upgrade dokuwiki -u https://github.com/YunoHost-Apps/dokuwiki_ynh/tree/testing --debug +``` diff --git a/check_process b/check_process index 9407579..8e7a1e4 100644 --- a/check_process +++ b/check_process @@ -1,8 +1,3 @@ -# See here for more informations -# https://github.com/YunoHost/package_check#syntax-check_process-file - -# Move this file from check_process.default to check_process when you have filled it. - ;; Test complet auto_remove=1 ; Manifest @@ -10,6 +5,7 @@ path="/path" (PATH) admin="john" (USER) is_public=1 (PUBLIC|public=1|private=0) + language=en ; Checks pkg_linter=1 setup_sub_dir=1 @@ -35,10 +31,10 @@ Level 8=0 Level 9=0 Level 10=0 -;;; Upgrade options - ; commit=01add99d3d903ca6d07f863045edf2ba46cf18d5 - name=Create check_process - manifest_arg=domain=DOMAIN&path=PATH&admin=USER&is_public=Yes& ;;; Options Email= Notification=none +;;; Upgrade options + ; commit=01add99d3d903ca6d07f863045edf2ba46cf18d5 + name=Create check_process + manifest_arg=domain=DOMAIN&path=PATH&admin=USER&is_public=Yes&language=en& diff --git a/conf/nginx.conf b/conf/nginx.conf index 0f68b0c..5895234 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -4,11 +4,11 @@ location __PATH__/ { # Path to source alias __FINALPATH__/ ; + # Force usage of https if ($scheme = http) { rewrite ^ https://$server_name$request_uri? permanent; } - # Example PHP configuration (remove if not used) index index.php; # Common parameter to increase upload size limit in conjuction with dedicated php-fpm file @@ -19,13 +19,6 @@ location __PATH__/ { fastcgi_split_path_info ^(.+?\.php)(/.*)$; fastcgi_pass unix:/var/run/php5-fpm-__NAME__.sock; - # If you don't use a dedicated fpm config for your app, - # use a general fpm pool. - # This is to be used INSTEAD of line above - # Don't forget to adjust scripts install/upgrade/remove/backup accordingly - # - #fastcgi_pass unix:/var/run/php5-fpm.sock; - fastcgi_index index.php; include fastcgi_params; fastcgi_param HTTPS on if_not_empty; @@ -33,11 +26,8 @@ location __PATH__/ { fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param SCRIPT_FILENAME $request_filename; } - # PHP configuration end # Secure DokuWiki - # Try this ? - #location __PATH__/(data|conf|bin|inc)/ { { location ~ ^__PATH__/(data|conf|bin|inc)/ { deny all; } diff --git a/manifest.json b/manifest.json index 6c60053..f3e249f 100644 --- a/manifest.json +++ b/manifest.json @@ -2,9 +2,6 @@ "name": "Dokuwiki", "id": "dokuwiki", "packaging_format": 1, - "requirements": { - "yunohost": ">> 2.7.14" - }, "description": { "en": "DokuWiki is a simple to use and highly versatile Open Source wiki software that doesn't require a database.", "fr": "DokuWiki est un wiki Open Source simple à utiliser et très polyvalent qui n'exige aucune base de données.", @@ -12,8 +9,9 @@ "es": "DokuWiki es un sistema de Wiki de uso sencillicimo y compatible con los estándares.", "it": "DokuWiki è un Wiki aderente agli standard, semplice da usare, finalizzato principalmente alla creazione di documentazione di qualsiasi tipo." }, - "version": "2018-04-22a~ynh1", + "version": "2018-04-22a~ynh2", "url": "https://www.dokuwiki.org", + "license": "GPL-2.0-or-later", "maintainer": { "name": "Gofannon", "email": "gofannon@riseup.net" @@ -21,16 +19,16 @@ "previous_maintainers": [ { "name": "opi", - "email": "opi@zeropi.net", - "url": "" - } -], + "email": "opi@zeropi.net" + }], + "requirements": { + "yunohost": ">= 3.0" + }, "multi_instance": true, "services": [ "nginx", "php5-fpm" ], - "license": "GPL-2.0-or-later", "arguments": { "install" : [ { @@ -72,6 +70,7 @@ }, { "name": "language", + "type": "string", "ask": { "en": "Choose the application language", "fr": "Choisissez la langue de l'application" diff --git a/scripts/_common.sh b/scripts/_common.sh index bb04a03..a9bf588 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -1,13 +1 @@ #!/bin/bash - -# ============= FUTURE YUNOHOST HELPER ============= -# Delete a file checksum from the app settings -# -# $app should be defined when calling this helper -# -# usage: ynh_remove_file_checksum file -# | arg: file - The file for which the checksum will be deleted -ynh_delete_file_checksum () { - local checksum_setting_name=checksum_${1//[\/ ]/_} # Replace all '/' and ' ' by '_' - ynh_app_setting_delete $app $checksum_setting_name -} \ No newline at end of file diff --git a/scripts/backup b/scripts/backup index 8b1be79..ff0b22c 100755 --- a/scripts/backup +++ b/scripts/backup @@ -45,7 +45,3 @@ ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf" ynh_backup "/etc/php5/fpm/pool.d/$app.conf" -#================================================= -# SPECIFIC BACKUP -#================================================= - diff --git a/scripts/change_url b/scripts/change_url index 2af51af..a4eed15 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -69,8 +69,6 @@ then # Set global variables for nginx helper domain="$old_domain" path_url="$new_path" - # Store path_url setting - ynh_app_setting_set $app path "$path_url" # Create a dedicated nginx config ynh_add_nginx_config fi @@ -85,12 +83,6 @@ then ynh_store_file_checksum "/etc/nginx/conf.d/$new_domain.d/$app.conf" fi -#================================================= -# SPECIFIC MODIFICATIONS -#================================================= -# ... -#================================================= - #================================================= # GENERIC FINALISATION #================================================= diff --git a/scripts/install b/scripts/install index 046c816..3abe706 100755 --- a/scripts/install +++ b/scripts/install @@ -26,16 +26,6 @@ admin=$YNH_APP_ARG_ADMIN is_public=$YNH_APP_ARG_IS_PUBLIC language=$YNH_APP_ARG_LANGUAGE -# This is a multi-instance app, meaning it can be installed several times independently -# The id of the app as stated in the manifest is available as $YNH_APP_ID -# The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2", ...) -# The app instance name is available as $YNH_APP_INSTANCE_NAME -# - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample -# - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2 -# - ynhexample__{N} for the subsequent installations, with N=3,4, ... -# The app instance name is probably what you are interested the most, since this is -# guaranteed to be unique. This is a good unique identifier to define installation path, -# db names, ... app=$YNH_APP_INSTANCE_NAME #================================================= @@ -48,8 +38,6 @@ test ! -e "$final_path" || ynh_die "This path already contains a folder" # Normalize the url path syntax path_url=$(ynh_normalize_url_path $path_url) -# Check web path availability -ynh_webpath_available $domain $path_url # Register (book) web path ynh_webpath_register $app $domain $path_url @@ -141,7 +129,6 @@ cp ../conf/acl.auth.php $final_path/conf # Other files will be read ony and owned by root. # See https://www.dokuwiki.org/install:permissions - cp $final_path/conf/local.php.dist $final_path/conf/local.php.bak cp $final_path/conf/users.auth.php.dist $final_path/conf/users.auth.php @@ -163,10 +150,7 @@ cp ../conf/plugins.local.php $final_path/conf/plugins.local.php.bak # Calculate and store the config file checksum into the app settings ynh_store_file_checksum "$final_path/conf/local.protected.php" -### Files can be modified by user, no need to store checksum as they cannot be overwritten safely by package -#ynh_store_file_checksum "$final_path/conf/local.php" -#ynh_store_file_checksum "$final_path/conf/acl.auth.php" -#================================================= +### Files '$final_path/conf/local.php' and '$final_path/conf/acl.auth.php' can be modified by user, no need to store checksum as they cannot be overwritten safely by the upgrade script #================================================= # GENERIC FINALIZATION @@ -180,19 +164,19 @@ ynh_store_file_checksum "$final_path/conf/local.protected.php" # Files owned by DokuWiki can just read chown -R root: $final_path -# DokuWiki needs to write inside these folders. Do "DokuWiki" owner -chown $app:root $final_path/conf -chown $app:root $final_path/inc +# DokuWiki needs to write inside these folders. Make "DokuWiki" owner +chown $app:root $final_path/{conf,inc} -# Do "DokuWiki" owner of configuration files that must be writable +# Make "DokuWiki" owner of configuration files that must be writable chown $app:root $final_path/conf/{local.php,local.php.bak,users.auth.php,acl.auth.php,plugins.local.php,plugins.local.php.bak} + # Usefull for some plugins like https://www.dokuwiki.org/plugin:siteexport # See https://www.dokuwiki.org/devel:preload chown $app:root $final_path/inc/preload.php + # Grant read-only to all files as files copied above are owned by root by defaut and nginx cannot read them # There are only files in the folder and there are no sublevels. No need to use "find" -chmod -R a+r $final_path/conf -chmod -R a+r $final_path/inc +chmod -R a+r $final_path/{conf,inc} # Give write access to "data" and subfolders chown -R $app:root $final_path/data @@ -215,14 +199,6 @@ find $final_path/lib -type d -print0 | xargs -0 chmod 0755 # SETUP SSOWAT #================================================= -# Not needed as no skipped_uris have been added before. -# Example : "ynh_app_setting_set $app skipped_uris ..." -# See https://github.com/YunoHost-Apps/dokuwiki_ynh/pull/37 for explanation -#if [ $is_public -eq 0 ] -#then # Remove the public access -# ynh_app_setting_delete $app skipped_uris -#fi - # Make app public if necessary if [ $is_public -eq 1 ] then diff --git a/scripts/remove b/scripts/remove index f453065..44de0f8 100755 --- a/scripts/remove +++ b/scripts/remove @@ -20,8 +20,6 @@ final_path=$(ynh_app_setting_get $app final_path) #================================================= # STANDARD REMOVE -#================================================= - #================================================= # REMOVE APP MAIN DIR #================================================= @@ -43,11 +41,6 @@ ynh_remove_nginx_config # Remove the dedicated php-fpm config ynh_remove_fpm_config -#================================================= -# SPECIFIC REMOVE -#================================================= - - #================================================= # GENERIC FINALIZATION #================================================= diff --git a/scripts/restore b/scripts/restore index 5a1a0d1..bae8058 100755 --- a/scripts/restore +++ b/scripts/restore @@ -63,51 +63,30 @@ ynh_system_user_create $app # Try to use "least privilege" to grant minimal access # For details, see https://www.dokuwiki.org/install:permissions -# Files owned by DokuWiki can just read -chown -R root: $final_path +# DokuWiki needs to write inside these folders. Make "DokuWiki" owner +chown $app:root $final_path/{conf,inc} -# DokuWiki needs to write inside these folders. Do "DokuWiki" owner -chown $app:root $final_path/conf -chown $app:root $final_path/inc - -# Do "DokuWiki" owner of configuration files that must be writable +# Make "DokuWiki" owner of configuration files that must be writable chown $app:root $final_path/conf/{local.php,local.php.bak,users.auth.php,acl.auth.php,plugins.local.php,plugins.local.php.bak} -# Useful for some plugins like https://www.dokuwiki.org/plugin:siteexport + +# Usefull for some plugins like https://www.dokuwiki.org/plugin:siteexport # See https://www.dokuwiki.org/devel:preload chown $app:root $final_path/inc/preload.php -# Grant read-only to all files as files copied above are owned by root by defaut and nginx cannot read them -# There are only files in the folder and there are no sublevels. No need to use "find" -chmod -R a+r $final_path/conf -chmod -R a+r $final_path/inc # Give write access to "data" and subfolders chown -R $app:root $final_path/data -# Remove access to "other" -chmod -R o-rwx $final_path/data # Allow the web admin panel to run, aka "Extension Manager" chown -R $app:root $final_path/lib/plugins # Allow to install templates chown -R $app:root $final_path/lib/tpl -# Allow access to public assets like style sheets -find $final_path/lib -type f -print0 | xargs -0 chmod 0644 -find $final_path/lib -type d -print0 | xargs -0 chmod 0755 -# Using "find" instead of "chmod -R 755" so files does not become executable too -# chmod : -rwxr-xr-x 1 root root 241 May 3 08:36 index.html => BAD -# find : -rw-r--r-- 1 1001 1002 241 May 3 08:36 index.html => GOOD - #================================================= # RESTORE THE PHP-FPM CONFIGURATION #================================================= ynh_restore_file "/etc/php5/fpm/pool.d/$app.conf" -#================================================= -# SPECIFIC RESTORATION -#================================================= - - #================================================= # GENERIC FINALIZATION diff --git a/scripts/upgrade b/scripts/upgrade index 75be9a7..fd72d31 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -19,8 +19,6 @@ domain=$(ynh_app_setting_get $app domain) path_url=$(ynh_app_setting_get $app path) admin=$(ynh_app_setting_get $app admin) is_public=$(ynh_app_setting_get $app is_public) -# Not needed during upgrade as user might have change it since installation from Dokuwiki admin panel -#language=$(ynh_app_setting_get $app language) final_path=$(ynh_app_setting_get $app final_path) #================================================= @@ -57,10 +55,10 @@ fi -# Yunohost specific configuration, if not exists +# Yunohost specific configuration, if it isn't exist already -# Previously, these settings were store a unique "dokuwiki.php" -# Now, they are split in multiples files to ease upgrading process (separate Yunohost config from user config) +# Previously, these settings were store in an unique "dokuwiki.php" +# Now, they are split in multiple files to ease upgrading process (separate Yunohost config from user config) # Loading order of configuration files # @@ -72,14 +70,10 @@ fi # # See https://www.dokuwiki.org/plugin:config#protecting_settings - # Configuration dedicated to Yunohost (LDAP and admin mainly) # Create file if it does not exist if [ ! -f "$final_path/conf/local.protected.php" ]; then - cp ../conf/local.protected.php $final_path/conf - - # Set the default "admin" - ynh_replace_string "__YNH_ADMIN_USER__" "$admin" "$final_path/conf/local.protected.php" + touch $final_path/conf/local.protected.php fi # Do not overwrite existing dokuwiki configuration as it could have user customization's and settings. @@ -98,8 +92,6 @@ if [ ! -f "$final_path/conf/acl.auth.php" ]; then cp ../conf/acl.auth.php $final_path/conf fi - - # For securing DokuWiki installation, create default files that will be writable in the "conf" folder. # Other files will be read ony and owned by root. # See https://www.dokuwiki.org/install:permissions @@ -225,8 +217,6 @@ do fi done -#================================================= - #================================================= # LDAP Configuration #================================================= @@ -256,19 +246,19 @@ ynh_store_file_checksum "$final_path/conf/local.protected.php" # Files owned by DokuWiki can just read chown -R root: $final_path -# DokuWiki needs to write inside these folders. Do "DokuWiki" owner -chown $app:root $final_path/conf -chown $app:root $final_path/inc +# DokuWiki needs to write inside these folders. Make "DokuWiki" owner +chown $app:root $final_path/{conf,inc} -# Do "DokuWiki" owner of configuration files that must be writable +# Make "DokuWiki" owner of configuration files that must be writable chown $app:root $final_path/conf/{local.php,local.php.bak,users.auth.php,acl.auth.php,plugins.local.php,plugins.local.php.bak} -# Useful for some plugins like https://www.dokuwiki.org/plugin:siteexport + +# Usefull for some plugins like https://www.dokuwiki.org/plugin:siteexport # See https://www.dokuwiki.org/devel:preload chown $app:root $final_path/inc/preload.php + # Grant read-only to all files as files copied above are owned by root by defaut and nginx cannot read them -# There are only files in the folder and there is sublevels. No need to use "find" -chmod -R a+r $final_path/conf -chmod -R a+r $final_path/inc +# There are only files in the folder and there are no sublevels. No need to use "find" +chmod -R a+r $final_path/{conf,inc} # Give write access to "data" and subfolders chown -R $app:root $final_path/data From d884f346183ac63695ceee343266a2ac4ed5f776 Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Tue, 12 Feb 2019 19:40:15 +0100 Subject: [PATCH 07/19] Use php7 --- conf/nginx.conf | 2 +- conf/php-fpm.conf | 75 +++++++++++++++++++++++++++++++++++------------ manifest.json | 2 +- scripts/backup | 3 +- scripts/restore | 5 ++-- 5 files changed, 61 insertions(+), 26 deletions(-) diff --git a/conf/nginx.conf b/conf/nginx.conf index 5895234..c17758d 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -17,7 +17,7 @@ location __PATH__/ { try_files $uri $uri/ index.php; location ~ [^/]\.php(/|$) { fastcgi_split_path_info ^(.+?\.php)(/.*)$; - fastcgi_pass unix:/var/run/php5-fpm-__NAME__.sock; + fastcgi_pass unix:/var/run/php/php7.0-fpm-__NAME__.sock; fastcgi_index index.php; include fastcgi_params; diff --git a/conf/php-fpm.conf b/conf/php-fpm.conf index aabb874..74a8089 100644 --- a/conf/php-fpm.conf +++ b/conf/php-fpm.conf @@ -1,10 +1,11 @@ ; Start a new pool named 'www'. -; the variable $pool can we used in any directive and will be replaced by the +; the variable $pool can be used in any directive and will be replaced by the ; pool name ('www' here) [__NAMETOCHANGE__] ; Per pool prefix ; It only applies on the following directives: +; - 'access.log' ; - 'slowlog' ; - 'listen' (unixsocket) ; - 'chroot' @@ -24,17 +25,19 @@ group = __USER__ ; The address on which to accept FastCGI requests. ; Valid syntaxes are: -; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific address on +; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on ; a specific port; -; 'port' - to listen on a TCP socket to all addresses on a -; specific port; +; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on +; a specific port; +; 'port' - to listen on a TCP socket to all addresses +; (IPv6 and IPv4-mapped) on a specific port; ; '/path/to/unix/socket' - to listen on a unix socket. ; Note: This value is mandatory. -listen = /var/run/php5-fpm-__NAMETOCHANGE__.sock +listen = /var/run/php/php7.0-fpm-__NAMETOCHANGE__.sock -; Set listen(2) backlog. A value of '-1' means unlimited. -; Default Value: 128 (-1 on FreeBSD and OpenBSD) -;listen.backlog = 128 +; Set listen(2) backlog. +; Default Value: 511 (-1 on FreeBSD and OpenBSD) +;listen.backlog = 511 ; Set permissions for unix socket, if one is used. In Linux, read/write ; permissions must be set in order to allow connections from a web server. Many @@ -44,8 +47,13 @@ listen = /var/run/php5-fpm-__NAMETOCHANGE__.sock listen.owner = www-data listen.group = www-data ;listen.mode = 0660 +; When POSIX Access Control Lists are supported you can set them using +; these options, value is a comma separated list of user/group names. +; When set, listen.owner and listen.group are ignored +;listen.acl_users = +;listen.acl_groups = -; List of ipv4 addresses of FastCGI clients which are allowed to connect. +; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect. ; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original ; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address ; must be separated by a comma. If this value is left blank, connections will be @@ -59,7 +67,13 @@ listen.group = www-data ; - The pool processes will inherit the master process priority ; unless it specified otherwise ; Default Value: no set -; priority = -19 +; process.priority = -19 + +; Set the process dumpable flag (PR_SET_DUMPABLE prctl) even if the process user +; or group is differrent than the master process user. It allows to create process +; core dump and ptrace the process for the pool user. +; Default Value: no +; process.dumpable = yes ; Choose how the process manager will control the number of child processes. ; Possible Values: @@ -96,7 +110,7 @@ pm = dynamic ; forget to tweak pm.* to fit your needs. ; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' ; Note: This value is mandatory. -pm.max_children = 10 +pm.max_children = 5 ; The number of child processes created on startup. ; Note: Used only when pm is set to 'dynamic' @@ -122,7 +136,7 @@ pm.max_spare_servers = 3 ; This can be useful to work around memory leaks in 3rd party libraries. For ; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. ; Default Value: 0 -pm.max_requests = 500 +;pm.max_requests = 500 ; The URI to view the FPM status page. If this value is not set, no URI will be ; recognized as a status page. It shows the following informations: @@ -215,7 +229,7 @@ pm.max_requests = 500 ; last request memory: 0 ; ; Note: There is a real-time FPM status monitoring sample web page available -; It's available in: ${prefix}/share/fpm/status.html +; It's available in: /usr/share/php/7.0/fpm/status.html ; ; Note: The value must start with a leading slash (/). The value can be ; anything, but it may not be a good idea to use the .php extension or it @@ -275,7 +289,7 @@ pm.max_requests = 500 ; - %{megabytes}M ; - %{mega}M ; %n: pool name -; %o: ouput header +; %o: output header ; it must be associated with embraces to specify the name of the header: ; - %{Content-Type}o ; - %{X-Powered-By}o @@ -291,9 +305,13 @@ pm.max_requests = 500 ; %t: server time the request was received ; it can accept a strftime(3) format: ; %d/%b/%Y:%H:%M:%S %z (default) +; The strftime(3) format must be encapsuled in a %{}t tag +; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t ; %T: time the log has been written (the request has finished) ; it can accept a strftime(3) format: ; %d/%b/%Y:%H:%M:%S %z (default) +; The strftime(3) format must be encapsuled in a %{}t tag +; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t ; %u: remote user ; ; Default: "%R - %u %t \"%m %r\" %s" @@ -302,13 +320,13 @@ pm.max_requests = 500 ; The log file for slow requests ; Default Value: not set ; Note: slowlog is mandatory if request_slowlog_timeout is set -slowlog = /var/log/nginx/__NAMETOCHANGE__.slow.log +;slowlog = log/$pool.log.slow ; The timeout for serving a single request after which a PHP backtrace will be ; dumped to the 'slowlog' file. A value of '0s' means 'off'. ; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) ; Default Value: 0 -request_slowlog_timeout = 5s +;request_slowlog_timeout = 0 ; The timeout for serving a single request after which the worker process will ; be killed. This option should be used when the 'max_execution_time' ini option @@ -347,15 +365,24 @@ chdir = __FINALPATH__ ; Note: on highloaded environement, this can cause some delay in the page ; process time (several ms). ; Default Value: no -catch_workers_output = yes +;catch_workers_output = yes + +; Clear environment in FPM workers +; Prevents arbitrary environment variables from reaching FPM worker processes +; by clearing the environment in workers before env vars specified in this +; pool configuration are added. +; Setting to "no" will make all environment variables available to PHP code +; via getenv(), $_ENV and $_SERVER. +; Default Value: yes +;clear_env = no ; Limits the extensions of the main script FPM will allow to parse. This can ; prevent configuration mistakes on the web server side. You should only limit ; FPM to .php extensions to prevent malicious users to use other extensions to -; exectute php code. +; execute php code. ; Note: set an empty value to allow all extensions. ; Default Value: .php -;security.limit_extensions = .php .php3 .php4 .php5 +;security.limit_extensions = .php .php3 .php4 .php5 .php7 ; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from ; the current environment. @@ -391,5 +418,15 @@ catch_workers_output = yes ;php_admin_flag[log_errors] = on ;php_admin_value[memory_limit] = 32M +; Common values to change to increase file upload limit +; php_admin_value[upload_max_filesize] = 50M +; php_admin_value[post_max_size] = 50M +; php_admin_flag[mail.add_x_header] = Off + +; Other common parameters +; php_admin_value[max_execution_time] = 600 +; php_admin_value[max_input_time] = 300 +; php_admin_value[memory_limit] = 256M +; php_admin_flag[short_open_tag] = On php_admin_value[upload_max_filesize] = 30M php_admin_value[post_max_size] = 30M diff --git a/manifest.json b/manifest.json index f3e249f..18a16d3 100644 --- a/manifest.json +++ b/manifest.json @@ -27,7 +27,7 @@ "multi_instance": true, "services": [ "nginx", - "php5-fpm" + "php7.0-fpm" ], "arguments": { "install" : [ diff --git a/scripts/backup b/scripts/backup index ff0b22c..c77f9dd 100755 --- a/scripts/backup +++ b/scripts/backup @@ -43,5 +43,4 @@ ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf" # BACKUP THE PHP-FPM CONFIGURATION #================================================= -ynh_backup "/etc/php5/fpm/pool.d/$app.conf" - +ynh_backup "/etc/php/7.0/fpm/pool.d/$app.conf" diff --git a/scripts/restore b/scripts/restore index bae8058..d3bd930 100755 --- a/scripts/restore +++ b/scripts/restore @@ -85,8 +85,7 @@ chown -R $app:root $final_path/lib/tpl # RESTORE THE PHP-FPM CONFIGURATION #================================================= -ynh_restore_file "/etc/php5/fpm/pool.d/$app.conf" - +ynh_restore_file "/etc/php/7.0/fpm/pool.d/$app.conf" #================================================= # GENERIC FINALIZATION @@ -94,5 +93,5 @@ ynh_restore_file "/etc/php5/fpm/pool.d/$app.conf" # RELOAD NGINX AND PHP-FPM #================================================= -systemctl reload php5-fpm +systemctl reload php7.0-fpm systemctl reload nginx From dc6168a0e305ccceb9c8958ee1242ae923dba8c3 Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Tue, 12 Feb 2019 19:53:33 +0100 Subject: [PATCH 08/19] Do not use rm -rf ! --- scripts/upgrade | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/scripts/upgrade b/scripts/upgrade index fd72d31..2e1cd5a 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -196,12 +196,7 @@ if [ -f "$final_path/data/deleted.files" ]; then # Move to the dokuwiki installation folder so the "official" commands can be used without adaptation cd $final_path - # This command could not remove directory - #grep -Ev '^($|#)' data/deleted.files | xargs -n 1 rm -vf - # => "rm: cannot remove 'vendor/easybook/geshi': Is a directory" - - # That one works as expected - grep -Ev '^($|#)' data/deleted.files | xargs -n 1 rm -fr + grep --extended-regexp --invert-match '^($|#)' data/deleted.files | xargs --max-args=1 rm --force --dir || true ) fi From 64191ca55aa3c9b114490b07c20c2e45eb627248 Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Sun, 17 Feb 2019 20:54:36 +0100 Subject: [PATCH 09/19] Add progression with ynh_print_info --- scripts/backup | 10 ++++++++++ scripts/change_url | 9 +++++++++ scripts/install | 15 +++++++++++++++ scripts/remove | 11 +++++++++++ scripts/restore | 11 +++++++++++ scripts/upgrade | 16 ++++++++++++++++ 6 files changed, 72 insertions(+) diff --git a/scripts/backup b/scripts/backup index c77f9dd..4f1f855 100755 --- a/scripts/backup +++ b/scripts/backup @@ -19,6 +19,7 @@ ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= +ynh_print_info "Loading installation settings..." app=$YNH_APP_INSTANCE_NAME @@ -30,17 +31,26 @@ domain=$(ynh_app_setting_get $app domain) #================================================= # BACKUP THE APP MAIN DIR #================================================= +ynh_print_info "Backing up the main app directory..." ynh_backup "$final_path" #================================================= # BACKUP THE NGINX CONFIGURATION #================================================= +ynh_print_info "Backing up nginx web server configuration..." ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= # BACKUP THE PHP-FPM CONFIGURATION #================================================= +ynh_print_info "Backing up php-fpm configuration..." ynh_backup "/etc/php/7.0/fpm/pool.d/$app.conf" + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_print_info "Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." diff --git a/scripts/change_url b/scripts/change_url index a4eed15..e4eed90 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -24,6 +24,7 @@ app=$YNH_APP_INSTANCE_NAME #================================================= # LOAD SETTINGS #================================================= +ynh_print_info "Loading installation settings..." # Needed for helper "ynh_add_nginx_config" final_path=$(ynh_app_setting_get $app final_path) @@ -58,6 +59,7 @@ fi #================================================= # MODIFY URL IN NGINX CONF #================================================= +ynh_print_info "Updating nginx web server configuration..." nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf @@ -88,5 +90,12 @@ fi #================================================= # RELOAD NGINX #================================================= +ynh_print_info "Reloading nginx web server..." systemctl reload nginx + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_print_info "Change of url completed for $app" diff --git a/scripts/install b/scripts/install index 3abe706..6e509f6 100755 --- a/scripts/install +++ b/scripts/install @@ -31,6 +31,7 @@ app=$YNH_APP_INSTANCE_NAME #================================================= # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS #================================================= +ynh_print_info "Validating installation parameters..." final_path=/var/www/$app test ! -e "$final_path" || ynh_die "This path already contains a folder" @@ -44,6 +45,7 @@ ynh_webpath_register $app $domain $path_url #================================================= # STORE SETTINGS FROM MANIFEST #================================================= +ynh_print_info "Storing installation settings..." ynh_app_setting_set $app domain $domain ynh_app_setting_set $app path $path_url @@ -56,6 +58,7 @@ ynh_app_setting_set $app language $language #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= +ynh_print_info "Setting up source files..." ynh_app_setting_set $app final_path $final_path # Download, check integrity, uncompress and patch the source from app.src @@ -64,6 +67,7 @@ ynh_setup_source "$final_path" #================================================= # NGINX CONFIGURATION #================================================= +ynh_print_info "Configuring nginx web server..." # Create a dedicated nginx config ynh_add_nginx_config @@ -71,6 +75,7 @@ ynh_add_nginx_config #================================================= # CREATE DEDICATED USER #================================================= +ynh_print_info "Configuring system user..." # Create a system user ynh_system_user_create $app @@ -78,6 +83,7 @@ ynh_system_user_create $app #================================================= # PHP-FPM CONFIGURATION #================================================= +ynh_print_info "Configuring php-fpm..." # Create a dedicated php-fpm config ynh_add_fpm_config @@ -87,6 +93,7 @@ ynh_add_fpm_config #================================================= # CUSTOMIZE DOKUWIKI #================================================= +ynh_print_info "Configuring dokuwiki..." # Loading order of configuration files # @@ -198,6 +205,7 @@ find $final_path/lib -type d -print0 | xargs -0 chmod 0755 #================================================= # SETUP SSOWAT #================================================= +ynh_print_info "Configuring SSOwat..." # Make app public if necessary if [ $is_public -eq 1 ] @@ -209,5 +217,12 @@ fi #================================================= # RELOAD NGINX #================================================= +ynh_print_info "Reloading nginx web server..." systemctl reload nginx + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_print_info "Installation of $app completed" diff --git a/scripts/remove b/scripts/remove index 44de0f8..5d7882d 100755 --- a/scripts/remove +++ b/scripts/remove @@ -12,6 +12,7 @@ source /usr/share/yunohost/helpers #================================================= # LOAD SETTINGS #================================================= +ynh_print_info "Loading installation settings..." app=$YNH_APP_INSTANCE_NAME @@ -23,6 +24,7 @@ final_path=$(ynh_app_setting_get $app final_path) #================================================= # REMOVE APP MAIN DIR #================================================= +ynh_print_info "Removing app main directory" # Remove the app directory securely ynh_secure_remove "$final_path" @@ -30,6 +32,7 @@ ynh_secure_remove "$final_path" #================================================= # REMOVE NGINX CONFIGURATION #================================================= +ynh_print_info "Removing nginx web server configuration" # Remove the dedicated nginx config ynh_remove_nginx_config @@ -37,6 +40,7 @@ ynh_remove_nginx_config #================================================= # REMOVE PHP-FPM CONFIGURATION #================================================= +ynh_print_info "Removing php-fpm configuration" # Remove the dedicated php-fpm config ynh_remove_fpm_config @@ -46,6 +50,13 @@ ynh_remove_fpm_config #================================================= # REMOVE DEDICATED USER #================================================= +ynh_print_info "Removing the dedicated system user" # Delete a system user ynh_system_user_delete $app + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_print_info "Removal of $app completed" diff --git a/scripts/restore b/scripts/restore index d3bd930..347cfa0 100755 --- a/scripts/restore +++ b/scripts/restore @@ -19,6 +19,7 @@ ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= +ynh_print_info "Loading settings..." app=$YNH_APP_INSTANCE_NAME @@ -29,6 +30,7 @@ final_path=$(ynh_app_setting_get $app final_path) #================================================= # CHECK IF THE APP CAN BE RESTORED #================================================= +ynh_print_info "Validating restoration parameters..." ynh_webpath_available $domain $path_url \ || ynh_die "Path not available: ${domain}${path_url}" @@ -46,12 +48,14 @@ ynh_restore_file "/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= # RESTORE THE APP MAIN DIR #================================================= +ynh_print_info "Restoring the app main directory..." ynh_restore_file "$final_path" #================================================= # RECREATE THE DEDICATED USER #================================================= +ynh_print_info "Recreating the dedicated system user..." # Create the dedicated user (if not existing) ynh_system_user_create $app @@ -92,6 +96,13 @@ ynh_restore_file "/etc/php/7.0/fpm/pool.d/$app.conf" #================================================= # RELOAD NGINX AND PHP-FPM #================================================= +ynh_print_info "Reloading nginx web server and php-fpm..." systemctl reload php7.0-fpm systemctl reload nginx + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_print_info "Restoration completed for $app" diff --git a/scripts/upgrade b/scripts/upgrade index 2e1cd5a..749083b 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -12,6 +12,7 @@ source /usr/share/yunohost/helpers #================================================= # LOAD SETTINGS #================================================= +ynh_print_info "Loading installation settings..." app=$YNH_APP_INSTANCE_NAME @@ -24,6 +25,7 @@ final_path=$(ynh_app_setting_get $app final_path) #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= +ynh_print_info "Ensuring downward compatibility..." # Fix is_public as a boolean value if [ "$is_public" = "Yes" ]; then @@ -131,6 +133,7 @@ fi #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= +ynh_print_info "Backing up the app before upgrading (may take a while)..." # Backup the current version of the app ynh_backup_before_upgrade @@ -153,6 +156,7 @@ path_url=$(ynh_normalize_url_path $path_url) #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= +ynh_print_info "Upgrading source files..." # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source "$final_path" @@ -160,6 +164,7 @@ ynh_setup_source "$final_path" #================================================= # NGINX CONFIGURATION #================================================= +ynh_print_info "Upgrading nginx web server configuration..." # Create a dedicated nginx config ynh_add_nginx_config @@ -167,6 +172,7 @@ ynh_add_nginx_config #================================================= # CREATE DEDICATED USER #================================================= +ynh_print_info "Making sure dedicated system user exists..." # Create a system user ynh_system_user_create $app @@ -174,6 +180,7 @@ ynh_system_user_create $app #================================================= # PHP-FPM CONFIGURATION #================================================= +ynh_print_info "Upgrading php-fpm configuration..." # Create a dedicated php-fpm config ynh_add_fpm_config @@ -181,6 +188,7 @@ ynh_add_fpm_config #================================================= # SPECIFIC UPGRADE #================================================= +ynh_print_info "Upgrading dokuwiki..." # Remove upgrade notification inside Dokuwiki's admin panel # See https://www.dokuwiki.org/update_check @@ -275,6 +283,7 @@ find $final_path/lib -type d -print0 | xargs -0 chmod 0755 #================================================= # SETUP SSOWAT #================================================= +ynh_print_info "Upgrading SSOwat configuration..." if [ $is_public -eq 0 ] then # Remove the public access @@ -290,5 +299,12 @@ fi #================================================= # RELOAD NGINX #================================================= +ynh_print_info "Reloading nginx web server..." systemctl reload nginx + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_print_info "Upgrade of $app completed" From 299f3d2e567645d180fd8d550390613f296acf67 Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Thu, 21 Feb 2019 19:29:39 +0100 Subject: [PATCH 10/19] Update upgrade --- scripts/upgrade | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/scripts/upgrade b/scripts/upgrade index 749083b..7a0fb2a 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -73,7 +73,9 @@ fi # See https://www.dokuwiki.org/plugin:config#protecting_settings # Configuration dedicated to Yunohost (LDAP and admin mainly) -# Create file if it does not exist +# Create an empty configuration file if it does not exist +# This file will be overwritten anyway later in the part "# LDAP Configuration" +# The file is created here to prevent a failure of the helper `ynh_backup_if_checksum_is_different` if [ ! -f "$final_path/conf/local.protected.php" ]; then touch $final_path/conf/local.protected.php fi From b4eb49aca9d1542ea91393086e2972647bcc0e0c Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Thu, 21 Feb 2019 23:39:44 +0100 Subject: [PATCH 11/19] Update demo link --- README.md | 2 +- README_fr.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index d379fdb..328031e 100644 --- a/README.md +++ b/README.md @@ -20,7 +20,7 @@ DokuWiki is a simple to use and highly versatile Open Source wiki software that ## Demo -* [YunoHost demo](https://demo.yunohost.org/dokuwiki/) +* [YunoHost demo](https://demo.yunohost.org/dokuwiki/doku.php?id=start&do=login&u=demo&p=demo) ## Configuration diff --git a/README_fr.md b/README_fr.md index 32b3c6a..a24d623 100644 --- a/README_fr.md +++ b/README_fr.md @@ -20,7 +20,7 @@ DokuWiki est un logiciel wiki Open Source simple à utiliser et très polyvalent ## Démo -* [Démo YunoHost](https://demo.yunohost.org/dokuwiki/) +* [Démo YunoHost](https://demo.yunohost.org/dokuwiki/doku.php?id=start&do=login&u=demo&p=demo) ## Configuration From 89751eb3e78be3a2fa408c1391217187030709dd Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Sun, 24 Mar 2019 16:45:19 +0100 Subject: [PATCH 12/19] Update pull_request_template.md --- pull_request_template.md | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/pull_request_template.md b/pull_request_template.md index 2dcfc1d..40c99cd 100644 --- a/pull_request_template.md +++ b/pull_request_template.md @@ -19,7 +19,6 @@ - [ ] **Approval (LGTM)** : - [ ] **Approval (LGTM)** : - **CI succeeded** : -[![Build Status](https://ci-apps-dev.yunohost.org/jenkins/job/dokuwiki_ynh%20-BRANCH-%20(Official)/badge/icon)](https://ci-apps-dev.yunohost.org/jenkins/job/dokuwiki_ynh%20-BRANCH-%20(Official)/) *Please replace '-BRANCH-' in this link for a PR from a local branch.* -or -[![Build Status](https://ci-apps-dev.yunohost.org/jenkins/job/dokuwiki_ynh%20PR-NUM-%20(Official_fork)/badge/icon)](https://ci-apps-dev.yunohost.org/jenkins/job/dokuwiki_ynh%20PR-NUM-%20(Official_fork)/) *Replace '-NUM-' by the PR number in this link for a PR from a forked repository.* +[![Build Status](https://ci-apps-dev.yunohost.org/jenkins/job/dokuwiki_ynh%20PR-NUM-/badge/icon)](https://ci-apps-dev.yunohost.org/jenkins/job/dokuwiki_ynh%20PR-NUM-/) +*Please replace '-NUM-' in this link by the PR number.* When the PR is marked as ready to merge, you have to wait for 3 days before really merging it. From 8aa9539c58f22652a9255baeab366e6c1e4ccce2 Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Mon, 15 Apr 2019 20:56:09 +0200 Subject: [PATCH 13/19] Move from ci-apps-dev to ci-apps-hq --- pull_request_template.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pull_request_template.md b/pull_request_template.md index 40c99cd..fceb723 100644 --- a/pull_request_template.md +++ b/pull_request_template.md @@ -19,6 +19,6 @@ - [ ] **Approval (LGTM)** : - [ ] **Approval (LGTM)** : - **CI succeeded** : -[![Build Status](https://ci-apps-dev.yunohost.org/jenkins/job/dokuwiki_ynh%20PR-NUM-/badge/icon)](https://ci-apps-dev.yunohost.org/jenkins/job/dokuwiki_ynh%20PR-NUM-/) +[![Build Status](https://ci-apps-hq.yunohost.org/jenkins/job/dokuwiki_ynh%20PR-NUM-/badge/icon)](https://ci-apps-hq.yunohost.org/jenkins/job/dokuwiki_ynh%20PR-NUM-/) *Please replace '-NUM-' in this link by the PR number.* When the PR is marked as ready to merge, you have to wait for 3 days before really merging it. From 78c573822aec07ce37a31e7bacdf9ccac05676d9 Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Sat, 11 May 2019 01:13:45 +0200 Subject: [PATCH 14/19] Normalization from example_ynh --- README.md | 7 +-- README_fr.md | 7 +-- check_process | 9 ---- manifest.json | 2 +- scripts/backup | 20 +++---- scripts/change_url | 27 ++++------ scripts/install | 55 ++++++++++--------- scripts/remove | 20 +++---- scripts/restore | 36 ++++++------- scripts/upgrade | 132 +++++++++++++++++++++++++-------------------- 10 files changed, 156 insertions(+), 159 deletions(-) diff --git a/README.md b/README.md index 328031e..fea004e 100644 --- a/README.md +++ b/README.md @@ -38,9 +38,9 @@ DokuWiki is a simple to use and highly versatile Open Source wiki software that ### Supported architectures -* x86-64b - [![Build Status](https://ci-apps.yunohost.org/ci/logs/dokuwiki%20%28Official%29.svg)](https://ci-apps.yunohost.org/ci/apps/dokuwiki/) -* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/dokuwiki%20%28Official%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/dokuwiki/) -* Jessie x86-64b - [![Build Status](https://ci-stretch.nohost.me/ci/logs/dokuwiki%20%28Official%29.svg)](https://ci-stretch.nohost.me/ci/apps/dokuwiki/) +* x86-64b - [![Build Status](https://ci-apps.yunohost.org/ci/logs/dokuwiki%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/dokuwiki/) +* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/dokuwiki%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/dokuwiki/) +* Jessie x86-64b - [![Build Status](https://ci-stretch.nohost.me/ci/logs/dokuwiki%20%28Apps%29.svg)](https://ci-stretch.nohost.me/ci/apps/dokuwiki/) ## Limitations @@ -58,6 +58,7 @@ DokuWiki is a simple to use and highly versatile Open Source wiki software that * Report a bug: https://github.com/YunoHost-Apps/dokuwiki_ynh/issues * App website: https://www.dokuwiki.org + * Upstream app repository: https://github.com/splitbrain/dokuwiki * YunoHost website: https://yunohost.org --- diff --git a/README_fr.md b/README_fr.md index a24d623..fe39537 100644 --- a/README_fr.md +++ b/README_fr.md @@ -38,9 +38,9 @@ DokuWiki est un logiciel wiki Open Source simple à utiliser et très polyvalent ### Architectures matérielles supportées -* x86-64b - [![Build Status](https://ci-apps.yunohost.org/ci/logs/dokuwiki%20%28Official%29.svg)](https://ci-apps.yunohost.org/ci/apps/dokuwiki/) -* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/dokuwiki%20%28Official%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/dokuwiki/) -* Jessie x86-64b - [![Build Status](https://ci-stretch.nohost.me/ci/logs/dokuwiki%20%28Official%29.svg)](https://ci-stretch.nohost.me/ci/apps/dokuwiki/) +* x86-64b - [![Build Status](https://ci-apps.yunohost.org/ci/logs/dokuwiki%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/dokuwiki/) +* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/dokuwiki%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/dokuwiki/) +* Jessie x86-64b - [![Build Status](https://ci-stretch.nohost.me/ci/logs/dokuwiki%20%28Apps%29.svg)](https://ci-stretch.nohost.me/ci/apps/dokuwiki/) ## Limitations @@ -58,6 +58,7 @@ DokuWiki est un logiciel wiki Open Source simple à utiliser et très polyvalent * Signaler un bug: https://github.com/YunoHost-Apps/dokuwiki_ynh/issues * Site de l'application:https://www.dokuwiki.org + * Dépôt de l'application principale: https://github.com/splitbrain/dokuwiki * Site web YunoHost: https://yunohost.org/ --- diff --git a/check_process b/check_process index 8e7a1e4..f6fdd01 100644 --- a/check_process +++ b/check_process @@ -21,16 +21,7 @@ port_already_use=0 change_url=1 ;;; Levels - Level 1=auto - Level 2=auto - Level 3=auto - Level 4=1 Level 5=auto - Level 6=auto - Level 7=auto - Level 8=0 - Level 9=0 - Level 10=0 ;;; Options Email= Notification=none diff --git a/manifest.json b/manifest.json index 18a16d3..8f68fac 100644 --- a/manifest.json +++ b/manifest.json @@ -22,7 +22,7 @@ "email": "opi@zeropi.net" }], "requirements": { - "yunohost": ">= 3.0" + "yunohost": ">= 3.5.0" }, "multi_instance": true, "services": [ diff --git a/scripts/backup b/scripts/backup index 4f1f855..af18011 100755 --- a/scripts/backup +++ b/scripts/backup @@ -19,38 +19,38 @@ ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= -ynh_print_info "Loading installation settings..." +ynh_script_progression --message="Loading installation settings..." app=$YNH_APP_INSTANCE_NAME -final_path=$(ynh_app_setting_get $app final_path) -domain=$(ynh_app_setting_get $app domain) +final_path=$(ynh_app_setting_get --app=$app --key=final_path) +domain=$(ynh_app_setting_get --app=$app --key=domain) #================================================= # STANDARD BACKUP STEPS #================================================= # BACKUP THE APP MAIN DIR #================================================= -ynh_print_info "Backing up the main app directory..." +ynh_script_progression --message="Backing up the main app directory..." -ynh_backup "$final_path" +ynh_backup --src_path="$final_path" #================================================= # BACKUP THE NGINX CONFIGURATION #================================================= -ynh_print_info "Backing up nginx web server configuration..." +ynh_script_progression --message="Backing up nginx web server configuration..." -ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf" +ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= # BACKUP THE PHP-FPM CONFIGURATION #================================================= -ynh_print_info "Backing up php-fpm configuration..." +ynh_script_progression --message="Backing up php-fpm configuration..." --weight=2 -ynh_backup "/etc/php/7.0/fpm/pool.d/$app.conf" +ynh_backup --src_path="/etc/php/7.0/fpm/pool.d/$app.conf" #================================================= # END OF SCRIPT #================================================= -ynh_print_info "Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." +ynh_script_progression --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." --last diff --git a/scripts/change_url b/scripts/change_url index e4eed90..14c221d 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -24,19 +24,10 @@ app=$YNH_APP_INSTANCE_NAME #================================================= # LOAD SETTINGS #================================================= -ynh_print_info "Loading installation settings..." +ynh_script_progression --message="Loading installation settings..." # Needed for helper "ynh_add_nginx_config" -final_path=$(ynh_app_setting_get $app final_path) - -#================================================= -# CHECK THE SYNTAX OF THE PATHS -#================================================= - -test -n "$old_path" || old_path="/" -test -n "$new_path" || new_path="/" -new_path=$(ynh_normalize_url_path $new_path) -old_path=$(ynh_normalize_url_path $old_path) +final_path=$(ynh_app_setting_get --app=$app --key=final_path) #================================================= # CHECK WHICH PARTS SHOULD BE CHANGED @@ -59,7 +50,7 @@ fi #================================================= # MODIFY URL IN NGINX CONF #================================================= -ynh_print_info "Updating nginx web server configuration..." +ynh_script_progression --message="Updating nginx web server configuration..." --weight=2 nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf @@ -67,7 +58,7 @@ nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf if [ $change_path -eq 1 ] then # Make a backup of the original nginx config file if modified - ynh_backup_if_checksum_is_different "$nginx_conf_path" + ynh_backup_if_checksum_is_different --file="$nginx_conf_path" # Set global variables for nginx helper domain="$old_domain" path_url="$new_path" @@ -79,10 +70,10 @@ fi if [ $change_domain -eq 1 ] then # Delete file checksum for the old conf file location - ynh_delete_file_checksum "$nginx_conf_path" + ynh_delete_file_checksum --file="$nginx_conf_path" mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf # Store file checksum for the new config file location - ynh_store_file_checksum "/etc/nginx/conf.d/$new_domain.d/$app.conf" + ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" fi #================================================= @@ -90,12 +81,12 @@ fi #================================================= # RELOAD NGINX #================================================= -ynh_print_info "Reloading nginx web server..." +ynh_script_progression --message="Reloading nginx web server..." -systemctl reload nginx +ynh_systemd_action --service_name=nginx --action=reload #================================================= # END OF SCRIPT #================================================= -ynh_print_info "Change of url completed for $app" +ynh_script_progression --message="Change of URL completed for $app" --last diff --git a/scripts/install b/scripts/install index 6e509f6..2d7974f 100755 --- a/scripts/install +++ b/scripts/install @@ -31,43 +31,42 @@ app=$YNH_APP_INSTANCE_NAME #================================================= # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS #================================================= -ynh_print_info "Validating installation parameters..." +ynh_script_progression --message="Validating installation parameters..." --weight=2 final_path=/var/www/$app -test ! -e "$final_path" || ynh_die "This path already contains a folder" - -# Normalize the url path syntax -path_url=$(ynh_normalize_url_path $path_url) +test ! -e "$final_path" || ynh_die --message="This path already contains a folder" # Register (book) web path -ynh_webpath_register $app $domain $path_url +ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url #================================================= # STORE SETTINGS FROM MANIFEST #================================================= -ynh_print_info "Storing installation settings..." +ynh_script_progression --message="Storing installation settings..." --weight=2 -ynh_app_setting_set $app domain $domain -ynh_app_setting_set $app path $path_url -ynh_app_setting_set $app admin $admin -ynh_app_setting_set $app is_public $is_public -ynh_app_setting_set $app language $language +ynh_app_setting_set --app=$app --key=domain --value=$domain +ynh_app_setting_set --app=$app --key=path --value=$path_url +ynh_app_setting_set --app=$app --key=admin --value=$admin +ynh_app_setting_set --app=$app --key=is_public --value=$is_public +ynh_app_setting_set --app=$app --key=language --value=$language #================================================= # STANDARD MODIFICATIONS #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= -ynh_print_info "Setting up source files..." +ynh_script_progression --message="Setting up source files..." --weight=2 -ynh_app_setting_set $app final_path $final_path +ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src -ynh_setup_source "$final_path" +ynh_setup_source --dest_dir="$final_path" #================================================= # NGINX CONFIGURATION #================================================= -ynh_print_info "Configuring nginx web server..." +ynh_script_progression --message="Configuring nginx web server..." --weight=2 + +### `ynh_add_nginx_config` will use the file conf/nginx.conf # Create a dedicated nginx config ynh_add_nginx_config @@ -75,15 +74,15 @@ ynh_add_nginx_config #================================================= # CREATE DEDICATED USER #================================================= -ynh_print_info "Configuring system user..." +ynh_script_progression --message="Configuring system user..." --weight=2 # Create a system user -ynh_system_user_create $app +ynh_system_user_create --username=$app #================================================= # PHP-FPM CONFIGURATION #================================================= -ynh_print_info "Configuring php-fpm..." +ynh_script_progression --message="Configuring php-fpm..." --weight=2 # Create a dedicated php-fpm config ynh_add_fpm_config @@ -93,7 +92,7 @@ ynh_add_fpm_config #================================================= # CUSTOMIZE DOKUWIKI #================================================= -ynh_print_info "Configuring dokuwiki..." +ynh_script_progression --message="Configuring dokuwiki..." --weight=2 # Loading order of configuration files # @@ -112,7 +111,7 @@ ynh_print_info "Configuring dokuwiki..." cp ../conf/local.protected.php $final_path/conf # Set the "admin" user -ynh_replace_string "__YNH_ADMIN_USER__" "$admin" "$final_path/conf/local.protected.php" +ynh_replace_string --match_string="__YNH_ADMIN_USER__" --replace_string="$admin" --target_file="$final_path/conf/local.protected.php" # This file might be modified by dokuwiki admin panel or by plugins @@ -120,7 +119,7 @@ ynh_replace_string "__YNH_ADMIN_USER__" "$admin" "$final_path/conf/local.prot cp ../conf/local.php $final_path/conf # Set the "language" -ynh_replace_string "__YNH_LANGUAGE__" "$language" "$final_path/conf/local.php" +ynh_replace_string --match_string="__YNH_LANGUAGE__" --replace_string="$language" --target_file="$final_path/conf/local.php" # Restrict user rights by enforcing "read-only" mode for all users @@ -156,7 +155,7 @@ cp ../conf/plugins.local.php $final_path/conf/plugins.local.php.bak #================================================= # Calculate and store the config file checksum into the app settings -ynh_store_file_checksum "$final_path/conf/local.protected.php" +ynh_store_file_checksum --file="$final_path/conf/local.protected.php" ### Files '$final_path/conf/local.php' and '$final_path/conf/acl.auth.php' can be modified by user, no need to store checksum as they cannot be overwritten safely by the upgrade script #================================================= @@ -205,24 +204,24 @@ find $final_path/lib -type d -print0 | xargs -0 chmod 0755 #================================================= # SETUP SSOWAT #================================================= -ynh_print_info "Configuring SSOwat..." +ynh_script_progression --message="Configuring SSOwat..." # Make app public if necessary if [ $is_public -eq 1 ] then # unprotected_uris allows SSO credentials to be passed anyway. - ynh_app_setting_set $app unprotected_uris "/" + ynh_app_setting_set --app=$app --key=unprotected_uris --value="/" fi #================================================= # RELOAD NGINX #================================================= -ynh_print_info "Reloading nginx web server..." +ynh_script_progression --message="Reloading nginx web server..." -systemctl reload nginx +ynh_systemd_action --service_name=nginx --action=reload #================================================= # END OF SCRIPT #================================================= -ynh_print_info "Installation of $app completed" +ynh_script_progression --message="Installation of $app completed" --last diff --git a/scripts/remove b/scripts/remove index 5d7882d..e925e64 100755 --- a/scripts/remove +++ b/scripts/remove @@ -12,27 +12,27 @@ source /usr/share/yunohost/helpers #================================================= # LOAD SETTINGS #================================================= -ynh_print_info "Loading installation settings..." +ynh_script_progression --message="Loading installation settings..." app=$YNH_APP_INSTANCE_NAME -domain=$(ynh_app_setting_get $app domain) -final_path=$(ynh_app_setting_get $app final_path) +domain=$(ynh_app_setting_get --app=$app --key=domain) +final_path=$(ynh_app_setting_get --app=$app --key=final_path) #================================================= # STANDARD REMOVE #================================================= # REMOVE APP MAIN DIR #================================================= -ynh_print_info "Removing app main directory" +ynh_script_progression --message="Removing app main directory..." # Remove the app directory securely -ynh_secure_remove "$final_path" +ynh_secure_remove --file="$final_path" #================================================= # REMOVE NGINX CONFIGURATION #================================================= -ynh_print_info "Removing nginx web server configuration" +ynh_script_progression --message="Removing nginx web server configuration..." # Remove the dedicated nginx config ynh_remove_nginx_config @@ -40,7 +40,7 @@ ynh_remove_nginx_config #================================================= # REMOVE PHP-FPM CONFIGURATION #================================================= -ynh_print_info "Removing php-fpm configuration" +ynh_script_progression --message="Removing php-fpm configuration..." --weight=2 # Remove the dedicated php-fpm config ynh_remove_fpm_config @@ -50,13 +50,13 @@ ynh_remove_fpm_config #================================================= # REMOVE DEDICATED USER #================================================= -ynh_print_info "Removing the dedicated system user" +ynh_script_progression --message="Removing the dedicated system user..." # Delete a system user -ynh_system_user_delete $app +ynh_system_user_delete --username=$app #================================================= # END OF SCRIPT #================================================= -ynh_print_info "Removal of $app completed" +ynh_script_progression --message="Removal of $app completed" --last diff --git a/scripts/restore b/scripts/restore index 347cfa0..0fdc450 100755 --- a/scripts/restore +++ b/scripts/restore @@ -19,23 +19,23 @@ ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= -ynh_print_info "Loading settings..." +ynh_script_progression --message="Loading settings..." --weight=2 app=$YNH_APP_INSTANCE_NAME -domain=$(ynh_app_setting_get $app domain) -path_url=$(ynh_app_setting_get $app path) -final_path=$(ynh_app_setting_get $app final_path) +domain=$(ynh_app_setting_get --app=$app --key=domain) +path_url=$(ynh_app_setting_get --app=$app --key=path) +final_path=$(ynh_app_setting_get --app=$app --key=final_path) #================================================= # CHECK IF THE APP CAN BE RESTORED #================================================= -ynh_print_info "Validating restoration parameters..." +ynh_script_progression --message="Validating restoration parameters..." --weight=2 -ynh_webpath_available $domain $path_url \ - || ynh_die "Path not available: ${domain}${path_url}" +ynh_webpath_available --domain=$domain --path_url=$path_url \ + || ynh_die --message="Path not available: ${domain}${path_url}" test ! -d $final_path \ - || ynh_die "There is already a directory: $final_path " + || ynh_die --message="There is already a directory: $final_path " #================================================= # STANDARD RESTORATION STEPS @@ -43,22 +43,22 @@ test ! -d $final_path \ # RESTORE THE NGINX CONFIGURATION #================================================= -ynh_restore_file "/etc/nginx/conf.d/$domain.d/$app.conf" +ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= # RESTORE THE APP MAIN DIR #================================================= -ynh_print_info "Restoring the app main directory..." +ynh_script_progression --message="Restoring the app main directory..." -ynh_restore_file "$final_path" +ynh_restore_file --origin_path="$final_path" #================================================= # RECREATE THE DEDICATED USER #================================================= -ynh_print_info "Recreating the dedicated system user..." +ynh_script_progression --message="Recreating the dedicated system user..." --weight=2 # Create the dedicated user (if not existing) -ynh_system_user_create $app +ynh_system_user_create --username=$app #================================================= # RESTORE USER RIGHTS @@ -89,20 +89,20 @@ chown -R $app:root $final_path/lib/tpl # RESTORE THE PHP-FPM CONFIGURATION #================================================= -ynh_restore_file "/etc/php/7.0/fpm/pool.d/$app.conf" +ynh_restore_file --origin_path="/etc/php/7.0/fpm/pool.d/$app.conf" #================================================= # GENERIC FINALIZATION #================================================= # RELOAD NGINX AND PHP-FPM #================================================= -ynh_print_info "Reloading nginx web server and php-fpm..." +ynh_script_progression --message="Reloading nginx web server and php-fpm..." --weight=2 -systemctl reload php7.0-fpm -systemctl reload nginx +ynh_systemd_action --service_name=php7.0-fpm --action=reload +ynh_systemd_action --service_name=nginx --action=reload #================================================= # END OF SCRIPT #================================================= -ynh_print_info "Restoration completed for $app" +ynh_script_progression --message="Restoration completed for $app" --last diff --git a/scripts/upgrade b/scripts/upgrade index 7a0fb2a..cc93890 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -12,47 +12,53 @@ source /usr/share/yunohost/helpers #================================================= # LOAD SETTINGS #================================================= -ynh_print_info "Loading installation settings..." +ynh_script_progression --message="Loading installation settings..." --weight=2 app=$YNH_APP_INSTANCE_NAME -domain=$(ynh_app_setting_get $app domain) -path_url=$(ynh_app_setting_get $app path) -admin=$(ynh_app_setting_get $app admin) -is_public=$(ynh_app_setting_get $app is_public) -final_path=$(ynh_app_setting_get $app final_path) +domain=$(ynh_app_setting_get --app=$app --key=domain) +path_url=$(ynh_app_setting_get --app=$app --key=path) +admin=$(ynh_app_setting_get --app=$app --key=admin) +is_public=$(ynh_app_setting_get --app=$app --key=is_public) +final_path=$(ynh_app_setting_get --app=$app --key=final_path) + +#================================================= +# CHECK VERSION +#================================================= + +upgrade_type=$(ynh_check_app_version_changed) #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= -ynh_print_info "Ensuring downward compatibility..." +ynh_script_progression --message="Ensuring downward compatibility..." # Fix is_public as a boolean value if [ "$is_public" = "Yes" ]; then - ynh_app_setting_set $app is_public 1 + ynh_app_setting_set --app=$app --key=is_public --value=1 is_public=1 elif [ "$is_public" = "No" ]; then - ynh_app_setting_set $app is_public 0 + ynh_app_setting_set --app=$app --key=is_public --value=0 is_public=0 fi # If final_path doesn't exist, create it -if [ -z $final_path ]; then +if [ -z "$final_path" ]; then final_path=/var/www/$app - ynh_app_setting_set $app final_path $final_path + ynh_app_setting_set --app=$app --key=final_path --value=$final_path fi # TODO Not sure if still needed ?? # admin default value, if not set if [ -z "$admin" ]; then - admin=$(sudo yunohost user list | grep 'username' -m1 | awk '{print $2}') - sudo ynh_app_setting_set $app is_public -v "$is_public" + admin=$(yunohost user list | grep 'username' -m1 | awk '{print $2}') + ynh_app_setting_set --app=$app --key=is_public --value=$is_public fi # language default value, if not set if [ -z "$language" ]; then language='en' - ynh_app_setting_set $app language $language + ynh_app_setting_set --app=$app --key=language --value=$language fi @@ -86,7 +92,7 @@ if [ ! -f "$final_path/conf/local.php" ]; then cp ../conf/local.php $final_path/conf # Set the default "language" - ynh_replace_string "__YNH_LANGUAGE__" "$language" "$final_path/conf/local.php" + ynh_replace_string --match_string="__YNH_LANGUAGE__" --replace_string="$language" --target_file="$final_path/conf/local.php" fi # Do not overwrite existing ACL configuration file as it could have user customization's and settings. @@ -135,7 +141,7 @@ fi #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= -ynh_print_info "Backing up the app before upgrading (may take a while)..." +ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=9 # Backup the current version of the app ynh_backup_before_upgrade @@ -151,22 +157,26 @@ ynh_abort_if_errors #================================================= # Normalize the URL path syntax -path_url=$(ynh_normalize_url_path $path_url) +path_url=$(ynh_normalize_url_path --path_url=$path_url) #================================================= # STANDARD UPGRADE STEPS #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= -ynh_print_info "Upgrading source files..." -# Download, check integrity, uncompress and patch the source from app.src -ynh_setup_source "$final_path" +if [ "$upgrade_type" == "UPGRADE_APP" ] +then + ynh_script_progression --message="Upgrading source files..." --weight=2 + + # Download, check integrity, uncompress and patch the source from app.src + ynh_setup_source --dest_dir="$final_path" +fi #================================================= # NGINX CONFIGURATION #================================================= -ynh_print_info "Upgrading nginx web server configuration..." +ynh_script_progression --message="Upgrading nginx web server configuration..." --weight=2 # Create a dedicated nginx config ynh_add_nginx_config @@ -174,15 +184,15 @@ ynh_add_nginx_config #================================================= # CREATE DEDICATED USER #================================================= -ynh_print_info "Making sure dedicated system user exists..." +ynh_script_progression --message="Making sure dedicated system user exists..." # Create a system user -ynh_system_user_create $app +ynh_system_user_create --username=$app #================================================= # PHP-FPM CONFIGURATION #================================================= -ynh_print_info "Upgrading php-fpm configuration..." +ynh_script_progression --message="Upgrading php-fpm configuration..." # Create a dedicated php-fpm config ynh_add_fpm_config @@ -190,54 +200,58 @@ ynh_add_fpm_config #================================================= # SPECIFIC UPGRADE #================================================= -ynh_print_info "Upgrading dokuwiki..." -# Remove upgrade notification inside Dokuwiki's admin panel -# See https://www.dokuwiki.org/update_check -touch $final_path/doku.php +if [ "$upgrade_type" == "UPGRADE_APP" ] +then + ynh_script_progression --message="Upgrading dokuwiki..." --weight=7 -# Remove files not used anymore after upgrade -# See https://www.dokuwiki.org/install:unused_files -if [ -f "$final_path/data/deleted.files" ]; then + # Remove upgrade notification inside Dokuwiki's admin panel + # See https://www.dokuwiki.org/update_check + touch $final_path/doku.php - # Use a "sub process" to start a new shell to run these commands - # Allow to use only one "cd" and to be more efficent - ( - # Move to the dokuwiki installation folder so the "official" commands can be used without adaptation - cd $final_path + # Remove files not used anymore after upgrade + # See https://www.dokuwiki.org/install:unused_files + if [ -f "$final_path/data/deleted.files" ]; then - grep --extended-regexp --invert-match '^($|#)' data/deleted.files | xargs --max-args=1 rm --force --dir || true - ) + # Use a "sub process" to start a new shell to run these commands + # Allow to use only one "cd" and to be more efficent + ( + # Move to the dokuwiki installation folder so the "official" commands can be used without adaptation + cd $final_path + + grep --extended-regexp --invert-match '^($|#)' data/deleted.files | xargs --max-args=1 rm --force --dir || true + ) + fi + + # TODO Taken from old "upgrade" script. Should check if it is needed and what it does + # Update all plugins + for name_plugin in $(sudo -s cat $final_path/lib/plugins/*/plugin.info.txt | grep url | awk -F ':' '{print $3}'); + do + # Get a official plugin for dokuwiki, not update a no-official + wget -nv --quiet "https://github.com/splitbrain/dokuwiki-plugin-$name_plugin/zipball/master" -O "${name_plugin}.zip" -o /dev/null || true + if [ -s "${name_plugin}.zip" ]; then + unzip ${name_plugin}.zip + cp -a splitbrain-dokuwiki-plugin-${name_plugin}*/. "$final_path/lib/plugins/$name_plugin/" + fi + done fi -# TODO Taken from old "upgrade" script. Should check if it is needed and what it does -# Update all plugins -for name_plugin in $(sudo -s cat $final_path/lib/plugins/*/plugin.info.txt | grep url | awk -F ':' '{print $3}'); -do - # Get a official plugin for dokuwiki, not update a no-official - sudo wget -nv --quiet "https://github.com/splitbrain/dokuwiki-plugin-${name_plugin}/zipball/master" -O "${name_plugin}.zip" -o /dev/null || true - if [ -s "${name_plugin}.zip" ]; then - sudo unzip ${name_plugin}.zip - sudo cp -a splitbrain-dokuwiki-plugin-${name_plugin}*/. "${final_path}/lib/plugins/${name_plugin}/" - fi -done - #================================================= # LDAP Configuration #================================================= ### Verify the checksum of a file, stored by `ynh_store_file_checksum` in the install script. ### And create a backup of this file if the checksum is different. So the file will be backed up if the admin had modified it. -ynh_backup_if_checksum_is_different "$final_path/conf/local.protected.php" +ynh_backup_if_checksum_is_different --file="$final_path/conf/local.protected.php" # Always overwrite local file with the one from package. cp ../conf/local.protected.php $final_path/conf # Set the "admin" user -ynh_replace_string "__YNH_ADMIN_USER__" "$admin" "$final_path/conf/local.protected.php" +ynh_replace_string --match_string="__YNH_ADMIN_USER__" --replace_string="$admin" --target_file="$final_path/conf/local.protected.php" # Recalculate and store the checksum of the file for the next upgrade. -ynh_store_file_checksum "$final_path/conf/local.protected.php" +ynh_store_file_checksum --file="$final_path/conf/local.protected.php" #================================================= # GENERIC FINALIZATION @@ -285,28 +299,28 @@ find $final_path/lib -type d -print0 | xargs -0 chmod 0755 #================================================= # SETUP SSOWAT #================================================= -ynh_print_info "Upgrading SSOwat configuration..." +ynh_script_progression --message="Upgrading SSOwat configuration..." if [ $is_public -eq 0 ] then # Remove the public access - ynh_app_setting_delete $app skipped_uris + ynh_app_setting_delete --app=$app --key=skipped_uris fi # Make app public if necessary if [ $is_public -eq 1 ] then # unprotected_uris allows SSO credentials to be passed anyway - ynh_app_setting_set $app unprotected_uris "/" + ynh_app_setting_set --app=$app --key=unprotected_uris --value="/" fi #================================================= # RELOAD NGINX #================================================= -ynh_print_info "Reloading nginx web server..." +ynh_script_progression --message="Reloading nginx web server..." -systemctl reload nginx +ynh_systemd_action --service_name=nginx --action=reload #================================================= # END OF SCRIPT #================================================= -ynh_print_info "Upgrade of $app completed" +ynh_script_progression --message="Upgrade of $app completed" --last From 5951478de2dd1c8037d8ae0295b973e0dedb559f Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Sun, 12 May 2019 17:06:51 +0200 Subject: [PATCH 15/19] Fix fail2ban and add logautherror plugin --- conf/logautherror.src | 6 ++++ scripts/_common.sh | 64 ------------------------------------------- scripts/change_url | 2 +- scripts/install | 7 ++++- scripts/upgrade | 8 +++++- 5 files changed, 20 insertions(+), 67 deletions(-) create mode 100644 conf/logautherror.src diff --git a/conf/logautherror.src b/conf/logautherror.src new file mode 100644 index 0000000..56bab0d --- /dev/null +++ b/conf/logautherror.src @@ -0,0 +1,6 @@ +SOURCE_URL=https://github.com/mallchin/dokuwiki_plugin_logautherror/archive/master.zip +SOURCE_SUM=ac36038a710d8f4823a006416ef28c46 +SOURCE_SUM_PRG=md5sum +SOURCE_FORMAT=zip +SOURCE_IN_SUBDIR=true +SOURCE_FILENAME= diff --git a/scripts/_common.sh b/scripts/_common.sh index 217a16a..24bd7ba 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -11,67 +11,3 @@ ynh_delete_file_checksum () { local checksum_setting_name=checksum_${1//[\/ ]/_} # Replace all '/' and ' ' by '_' ynh_app_setting_delete $app $checksum_setting_name } - -#================================================= -# EXPERIMENTAL HELPERS -#================================================= - -# Create a dedicated fail2ban config (jail and filter conf files) -# -# usage: ynh_add_fail2ban_config log_file filter [max_retry [ports]] -# | arg: log_file - Log file to be checked by fail2ban -# | arg: failregex - Failregex to be looked for by fail2ban -# | arg: max_retry - Maximum number of retries allowed before banning IP address - default: 3 -# | arg: ports - Ports blocked for a banned IP address - default: http,https -ynh_add_fail2ban_config () { - # Process parameters - logpath=$1 - failregex=$2 - max_retry=${3:-3} - ports=${4:-http,https} - - test -n "$logpath" || ynh_die "ynh_add_fail2ban_config expects a logfile path as first argument and received nothing." - test -n "$failregex" || ynh_die "ynh_add_fail2ban_config expects a failure regex as second argument and received nothing." - - finalfail2banjailconf="/etc/fail2ban/jail.d/$app.conf" - finalfail2banfilterconf="/etc/fail2ban/filter.d/$app.conf" - ynh_backup_if_checksum_is_different "$finalfail2banjailconf" 1 - ynh_backup_if_checksum_is_different "$finalfail2banfilterconf" 1 - - sudo tee $finalfail2banjailconf <&2 - echo "WARNING${fail2ban_error#*WARNING}" >&2 - fi -} - -# Remove the dedicated fail2ban config (jail and filter conf files) -# -# usage: ynh_remove_fail2ban_config -ynh_remove_fail2ban_config () { - ynh_secure_remove "/etc/fail2ban/jail.d/$app.conf" - ynh_secure_remove "/etc/fail2ban/filter.d/$app.conf" - sudo systemctl restart fail2ban -} diff --git a/scripts/change_url b/scripts/change_url index 8f11601..c3eb541 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -84,7 +84,7 @@ then # Store file checksum for the new config file location ynh_store_file_checksum "/etc/nginx/conf.d/$new_domain.d/$app.conf" # Fail2ban configuration - ynh_add_fail2ban_config "/var/log/nginx/$new_domain-error.log" "^.*authentication failure\" while reading response header from upstream, client: ,.*$" 5 + ynh_add_fail2ban_config --logpath="/var/log/nginx/$new_domain-error.log" --failregex="^.*authentication failure. while reading response header from upstream, client: ,.*POST $path_url.*$" --max_retry=5 fi diff --git a/scripts/install b/scripts/install index d0102b8..690bc16 100755 --- a/scripts/install +++ b/scripts/install @@ -166,7 +166,12 @@ ynh_store_file_checksum "$final_path/conf/local.protected.php" ### Files can be modified by user, no need to store checksum as they cannot be overwritten safely by package #ynh_store_file_checksum "$final_path/conf/local.php" #ynh_store_file_checksum "$final_path/conf/acl.auth.php" + #================================================= +# INSTALL LOGAUTHERROR PLUGIN FOR FAIL2BAN +#================================================= + +ynh_setup_source --dest_dir="$final_path/lib/plugins/logautherror" --source_id=logautherror #================================================= # GENERIC FINALIZATION @@ -215,7 +220,7 @@ find $final_path/lib -type d -print0 | xargs -0 chmod 0755 # SETUP FAIL2BAN #================================================= -ynh_add_fail2ban_config "/var/log/nginx/$domain-error.log" "^.*authentication failure\" while reading response header from upstream, client: ,.*$" 5 +ynh_add_fail2ban_config --logpath="/var/log/nginx/$domain-error.log" --failregex="^.*authentication failure. while reading response header from upstream, client: ,.*POST $path_url.*$" --max_retry=5 #================================================= # SETUP SSOWAT diff --git a/scripts/upgrade b/scripts/upgrade index 25b70b0..0be6262 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -244,6 +244,12 @@ ynh_replace_string "__YNH_ADMIN_USER__" "$admin" "$final_path/conf/local.protec # Recalculate and store the checksum of the file for the next upgrade. ynh_store_file_checksum "$final_path/conf/local.protected.php" +#================================================= +# INSTALL LOGAUTHERROR PLUGIN FOR FAIL2BAN +#================================================= + +ynh_setup_source --dest_dir="$final_path/lib/plugins/logautherror" --source_id=logautherror + #================================================= # GENERIC FINALIZATION #================================================= @@ -291,7 +297,7 @@ find $final_path/lib -type d -print0 | xargs -0 chmod 0755 # SETUP FAIL2BAN #================================================= -ynh_add_fail2ban_config "/var/log/nginx/$domain-error.log" "^.*authentication failure\" while reading response header from upstream, client: ,.*$" 5 +ynh_add_fail2ban_config --logpath="/var/log/nginx/$domain-error.log" --failregex="^.*authentication failure. while reading response header from upstream, client: ,.*POST $path_url.*$" --max_retry=5 #================================================= # SETUP SSOWAT From d058c86a478471a014ed60424ae567687f8dcaa6 Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Sun, 12 May 2019 17:09:42 +0200 Subject: [PATCH 16/19] Typo fix --- scripts/change_url | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/scripts/change_url b/scripts/change_url index c3eb541..a91a6fd 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -75,7 +75,7 @@ then ynh_add_nginx_config fi -# Change the domain for nginx and impliment Fail2ban +# Change the domain for nginx and update Fail2ban if [ $change_domain -eq 1 ] then # Delete file checksum for the old conf file location @@ -83,9 +83,9 @@ then mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf # Store file checksum for the new config file location ynh_store_file_checksum "/etc/nginx/conf.d/$new_domain.d/$app.conf" - # Fail2ban configuration - ynh_add_fail2ban_config --logpath="/var/log/nginx/$new_domain-error.log" --failregex="^.*authentication failure. while reading response header from upstream, client: ,.*POST $path_url.*$" --max_retry=5 + # Update Fail2ban configuration + ynh_add_fail2ban_config --logpath="/var/log/nginx/$new_domain-error.log" --failregex="^.*authentication failure. while reading response header from upstream, client: ,.*POST $path_url.*$" --max_retry=5 fi #================================================= From 71b270ab186ca96782877db03a13c2a94d184508 Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Sun, 12 May 2019 17:22:25 +0200 Subject: [PATCH 17/19] Normalization... --- scripts/backup | 5 +++-- scripts/install | 2 ++ scripts/remove | 1 + scripts/restore | 7 ++++--- scripts/upgrade | 2 ++ 5 files changed, 12 insertions(+), 5 deletions(-) diff --git a/scripts/backup b/scripts/backup index 36a90b8..bb1439a 100755 --- a/scripts/backup +++ b/scripts/backup @@ -52,9 +52,10 @@ ynh_backup "/etc/php/7.0/fpm/pool.d/$app.conf" #================================================= # BACKUP FAIL2BAN CONFIGURATION #================================================= +ynh_script_progression --message="Backing up fail2ban configuration..." -ynh_backup "/etc/fail2ban/jail.d/$app.conf" -ynh_backup "/etc/fail2ban/filter.d/$app.conf" +ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf" +ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf" #================================================= # END OF SCRIPT diff --git a/scripts/install b/scripts/install index 5262e1a..ef4f3e7 100755 --- a/scripts/install +++ b/scripts/install @@ -161,6 +161,7 @@ ynh_store_file_checksum "$final_path/conf/local.protected.php" #================================================= # INSTALL LOGAUTHERROR PLUGIN FOR FAIL2BAN #================================================= +ynh_script_progression --message="Installing logautherror plugin for fail2ban..." --weight=2 ynh_setup_source --dest_dir="$final_path/lib/plugins/logautherror" --source_id=logautherror @@ -210,6 +211,7 @@ find $final_path/lib -type d -print0 | xargs -0 chmod 0755 #================================================= # SETUP FAIL2BAN #================================================= +ynh_script_progression --message="Configuring fail2ban..." --weight=7 ynh_add_fail2ban_config --logpath="/var/log/nginx/$domain-error.log" --failregex="^.*authentication failure. while reading response header from upstream, client: ,.*POST $path_url.*$" --max_retry=5 diff --git a/scripts/remove b/scripts/remove index f1d9798..5797d12 100755 --- a/scripts/remove +++ b/scripts/remove @@ -48,6 +48,7 @@ ynh_remove_fpm_config #================================================= # REMOVE FAIL2BAN CONFIGURATION #================================================= +ynh_script_progression --message="Removing fail2ban configuration..." --weight=7 ynh_remove_fail2ban_config diff --git a/scripts/restore b/scripts/restore index ac6fec6..2e7c1cd 100755 --- a/scripts/restore +++ b/scripts/restore @@ -94,10 +94,11 @@ ynh_restore_file "/etc/php/7.0/fpm/pool.d/$app.conf" #================================================= # RESTORE FAIL2BAN CONFIGURATION #================================================= +ynh_script_progression --message="Restoring the fail2ban configuration..." --weight=7 -ynh_restore_file "/etc/fail2ban/jail.d/$app.conf" -ynh_restore_file "/etc/fail2ban/filter.d/$app.conf" -systemctl restart fail2ban +ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf" +ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf" +ynh_systemd_action --action=restart --service_name=fail2ban #================================================= # GENERIC FINALIZATION diff --git a/scripts/upgrade b/scripts/upgrade index 5fc992e..1f07a9c 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -242,6 +242,7 @@ ynh_store_file_checksum "$final_path/conf/local.protected.php" #================================================= # INSTALL LOGAUTHERROR PLUGIN FOR FAIL2BAN #================================================= +ynh_script_progression --message="Upgrading logautherror plugin for fail2ban..." --weight=2 ynh_setup_source --dest_dir="$final_path/lib/plugins/logautherror" --source_id=logautherror @@ -291,6 +292,7 @@ find $final_path/lib -type d -print0 | xargs -0 chmod 0755 #================================================= # SETUP FAIL2BAN #================================================= +ynh_script_progression --message="Reconfiguring fail2ban..." --weight=7 ynh_add_fail2ban_config --logpath="/var/log/nginx/$domain-error.log" --failregex="^.*authentication failure. while reading response header from upstream, client: ,.*POST $path_url.*$" --max_retry=5 From eb4f85bd841211de9bf8bede9f2b20d38352a420 Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Thu, 30 May 2019 00:14:48 +0200 Subject: [PATCH 18/19] Upgrade fail2ban for new_path and new_domain --- scripts/change_url | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/scripts/change_url b/scripts/change_url index d705d5e..249d73b 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -75,7 +75,7 @@ then ynh_add_nginx_config fi -# Change the domain for nginx and update Fail2ban +# Change the domain for nginx if [ $change_domain -eq 1 ] then # Delete file checksum for the old conf file location @@ -83,11 +83,17 @@ then mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf # Store file checksum for the new config file location ynh_store_file_checksum "/etc/nginx/conf.d/$new_domain.d/$app.conf" - - # Update Fail2ban configuration - ynh_add_fail2ban_config --logpath="/var/log/nginx/$new_domain-error.log" --failregex="^.*authentication failure. while reading response header from upstream, client: ,.*POST $path_url.*$" --max_retry=5 fi +#================================================= +# SPECIFIC MODIFICATIONS +#================================================= +# UPGRADE FAIL2BAN +#================================================= +ynh_script_progression --message="Reconfiguring fail2ban..." --weight=6 + +ynh_add_fail2ban_config --logpath="/var/log/nginx/$new_domain-error.log" --failregex="^.*authentication failure. while reading response header from upstream, client: ,.*POST $new_path.*$" --max_retry=5 + #================================================= # GENERIC FINALISATION #================================================= From 7de40f5a7c51b29248cdf24e408b014c9008119b Mon Sep 17 00:00:00 2001 From: Kayou Date: Tue, 9 Jul 2019 09:55:36 +0200 Subject: [PATCH 19/19] Remove useless comment --- scripts/install | 2 -- 1 file changed, 2 deletions(-) diff --git a/scripts/install b/scripts/install index 6421a75..4ceb331 100755 --- a/scripts/install +++ b/scripts/install @@ -66,8 +66,6 @@ ynh_setup_source --dest_dir="$final_path" #================================================= ynh_script_progression --message="Configuring nginx web server..." --weight=2 -### `ynh_add_nginx_config` will use the file conf/nginx.conf - # Create a dedicated nginx config ynh_add_nginx_config