YunoHost-Apps/dokuwiki_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/dokuwiki_ynh.git synced 2024-09-03 18:26:20 +02:00
Code Issues Activity Actions

Merge pull request #49 from YunoHost-Apps/testing

Browse source 
Testing
This commit is contained in:
Maniack Crudelis 2019-07-13 12:36:21 +02:00 committed by GitHub
commit 31b50434a4
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
16 changed files with 464 additions and 297 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

90
README.md
View file

@ -1,47 +1,77 @@
# Dokuwiki for YunoHost
# DokuWiki for YunoHost
[![Integration level](https://dash.yunohost.org/integration/dokuwiki.svg)](https://dash.yunohost.org/appci/app/dokuwiki)
[![Install DokuWiki with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=dokuwiki)
[![Install Dokuwiki with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=dokuwiki)
*[Lire ce readme en français.](./README_fr.md)*
> *This package allows you to install DokuWiki quickly and simply on a YunoHost server.
If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to know how to install and enjoy it.*
## Dokuwiki c'est quoi ?
DokuWiki est un logiciel wiki Open Source simple à utiliser et très polyvalent qui ne nécessite pas de base de données. Il est apprécié par les utilisateurs pour sa syntaxe propre et lisible. La facilité de maintenance, de sauvegarde et d'intégration en fait un favori d'administrateur. Des contrôles d'accès et des connecteurs d'authentification intégrés rendent DokuWiki particulièrement utile dans le contexte de l'entreprise et le grand nombre de plugins apportés par sa communauté dynamique permettent un large éventail de cas d'utilisation au-delà d'un wiki traditionnel.
Source: [dokuwiki.org](https://www.dokuwiki.org/)
### Installation
`$ sudo yunohost app install https://github.com/YunoHost-Apps/dokuwiki_ynh.git`
### Mise à jour
`$ sudo yunohost app upgrade --verbose dokuwiki -u https://github.com/YunoHost-Apps/dokuwiki_ynh.git`
Lors de la mise à jour de dokuwiki, les plugins officiels sont également mis à jour. Nous vous recommandons toutefois de vérifier le bon fonctionnement des plugins dans le panel d'administration après cette upgrade. Nous ne pouvons pas savoir si des plugins spéciaux posent problèmes.
## What is Dokuwiki?
## Overview
DokuWiki is a simple to use and highly versatile Open Source wiki software that doesn't require a database. It is loved by users for its clean and readable syntax. The ease of maintenance, backup and integration makes it an administrator's favorite. Built in access controls and authentication connectors make DokuWiki especially useful in the enterprise context and the large number of plugins contributed by its vibrant community allow for a broad range of use cases beyond a traditional wiki.
Source: [dokuwiki.org](https://www.dokuwiki.org/)
**Shipped version:** 2018-04-22a "Greebo"
### Install
## Screenshots
`$ sudo yunohost app install https://github.com/YunoHost-Apps/dokuwiki_ynh.git`
![](https://www.dokuwiki.org/_media/dokuwikimainwindow.png)
### Update
## Demo
`$ sudo yunohost app upgrade --verbose dokuwiki -u https://github.com/YunoHost-Apps/dokuwiki_ynh.git`
* [YunoHost demo](https://demo.yunohost.org/dokuwiki/doku.php?id=start&do=login&u=demo&p=demo)
When updating dokuwiki, the official plugins are also updated. However, we recommend that you check the plugins in the administration panel after this upgrade. We can't know if special plugins are causing problems.
## Configuration
## Versionning
## Documentation
### Version 1.1.0 (07/03/17)
* Official documentation: https://www.dokuwiki.org/manual
* YunoHost documentation: https://yunohost.org/#/app_dokuwiki
- Update app
## YunoHost specific features
### Version 1.0.0 (11/02/14)
* Integrate with YunoHost users and SSO - i.e. logout button
* Allow one user to be the "administrator" (set at the installation)
* Default authorization is set as read only so guest people cannot edit pages. (Especially needed if wiki is public to avoid spam and defacing. Can be changed from admin panel)
* During the upgrade, official plugins are also upgraded. We recommend that you should check that they run properly in the administration panel after the upgrade. We cannot know if some plugins are broken...
- Create script app
### Supported architectures
* x86-64b - [![Build Status](https://ci-apps.yunohost.org/ci/logs/dokuwiki%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/dokuwiki/)
* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/dokuwiki%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/dokuwiki/)
* Jessie x86-64b - [![Build Status](https://ci-stretch.nohost.me/ci/logs/dokuwiki%20%28Apps%29.svg)](https://ci-stretch.nohost.me/ci/apps/dokuwiki/)
## Limitations
* Cannot create or login with dokuwiki internal users, only users from Yunohost (Work needed for [authchained plugin](https://www.dokuwiki.org/plugin:authchained))
## Additional information
### Changelog
* *Many missing - List taken from previous documentation*
* 07 Mar 2017 - Update app
* 11 Feb 2017 - Create script app
## Links
* Report a bug: https://github.com/YunoHost-Apps/dokuwiki_ynh/issues
* App website: https://www.dokuwiki.org
* Upstream app repository: https://github.com/splitbrain/dokuwiki
* YunoHost website: https://yunohost.org
---
## Developers infos
**Only if you know what you are doing AND want to switch to an unstable branch for testing or coding**
Instead of merging directly into `master`, please do your pull request to the [`testing` branch](https://github.com/YunoHost-Apps/dokuwiki_ynh/tree/testing)
To try the `testing` branch, please proceed like that.
```
sudo yunohost app install https://github.com/YunoHost-Apps/dokuwiki_ynh/tree/testing --debug
or
sudo yunohost app upgrade dokuwiki -u https://github.com/YunoHost-Apps/dokuwiki_ynh/tree/testing --debug
```

77
README_fr.md Normal file
View file

@ -0,0 +1,77 @@
# Dokuwiki pour YunoHost
[![Niveau d'intégration](https://dash.yunohost.org/integration/dokuwiki.svg)](https://dash.yunohost.org/appci/app/dokuwiki)
[![Installer DokuWiki grâce à YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=dokuwiki)
*[Read this readme in english.](./README.md)*
> *Ce package vous permet d'installer Dokuwiki rapidement et simplement sur un serveur Yunohost.
Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.*
## Vue d'ensemble
DokuWiki est un logiciel wiki Open Source simple à utiliser et très polyvalent qui ne nécessite pas de base de données. Il est apprécié par les utilisateurs pour sa syntaxe propre et lisible. La facilité de maintenance, de sauvegarde et d'intégration en fait un favori d'administrateur. Des contrôles d'accès et des connecteurs d'authentification intégrés rendent DokuWiki particulièrement utile dans le contexte de l'entreprise et le grand nombre de plugins apportés par sa communauté dynamique permettent un large éventail de cas d'utilisation au-delà d'un wiki traditionnel.
**Version incluse:** 2018-04-22a "Greebo"
## Captures d'écran
![](https://www.dokuwiki.org/_media/dokuwikimainwindow.png)
## Démo
* [Démo YunoHost](https://demo.yunohost.org/dokuwiki/doku.php?id=start&do=login&u=demo&p=demo)
## Configuration
## Documentation
* Documentation officielle: https://www.dokuwiki.org/manual
* Documentation YunoHost: https://yunohost.org/#/app_dokuwiki
## Caractéristiques spécifiques YunoHost
* Fonctionne avec les utilisateurs YunoHost ainsi que le SSO - i.e. button de déconnexion
* Définit un utilisateur "administrateur" lors de l'installation
* Droits d'édition par défaut du wiki définis en lecture seule afin que les invités ne puissent éditer les pages. (Nécessaire surtout lorsque le wiki est public pour éviter le spam et le vandalisme. Peut être changé depuis la partie administration du wiki)
* Lors de la mise à jour, les plugins officiels sont également mis à jour. Nous vous recommandons toutefois de vérifier le bon fonctionnement des plugins dans le panneau d'administration après cette opération. Nous ne pouvons pas savoir si des plugins spéciaux posent problèmes...
### Architectures matérielles supportées
* x86-64b - [![Build Status](https://ci-apps.yunohost.org/ci/logs/dokuwiki%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/dokuwiki/)
* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/dokuwiki%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/dokuwiki/)
* Jessie x86-64b - [![Build Status](https://ci-stretch.nohost.me/ci/logs/dokuwiki%20%28Apps%29.svg)](https://ci-stretch.nohost.me/ci/apps/dokuwiki/)
## Limitations
* Impossible d'ajouter et d'utiliser les utilisateurs internes de DokuWiki, seulement ceux de Yunohost (travail nécessaire pour [authchained plugin](https://www.dokuwiki.org/plugin:authchained))
## Informations additionnelles
### Historique des versions
* *Many missing - List taken from previous documentation*
* 07 Mar 2017 - Update app
* 11 Feb 2017 - Create script app
## Liens
* Signaler un bug: https://github.com/YunoHost-Apps/dokuwiki_ynh/issues
* Site de l'application:https://www.dokuwiki.org
* Dépôt de l'application principale: https://github.com/splitbrain/dokuwiki
* Site web YunoHost: https://yunohost.org/
---
## Informations pour les développeurs
**Seulement si vous voulez utiliser une branche de test pour le codage, au lieu de fusionner directement dans la banche principale.**
Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/REPLACEBYYOURAPP_ynh/tree/testing).
Pour essayer la branche testing, procédez comme suit.
```
sudo yunohost app install https://github.com/YunoHost-Apps/dokuwiki_ynh/tree/testing --debug
ou
sudo yunohost app upgrade dokuwiki -u https://github.com/YunoHost-Apps/dokuwiki_ynh/tree/testing --debug
```

23
check_process
View file

@ -1,8 +1,3 @@
# See here for more informations
# https://github.com/YunoHost/package_check#syntax-check_process-file
# Move this file from check_process.default to check_process when you have filled it.
;; Test complet
auto_remove=1
; Manifest
@ -10,6 +5,7 @@
path="/path" (PATH)
admin="john" (USER)
is_public=1 (PUBLIC|public=1|private=0)
language=en
; Checks
pkg_linter=1
setup_sub_dir=1
@ -25,20 +21,11 @@
port_already_use=0
change_url=1
;;; Levels
Level 1=auto
Level 2=auto
Level 3=auto
Level 4=1
Level 5=auto
Level 6=auto
Level 7=auto
Level 8=0
Level 9=0
Level 10=0
;;; Upgrade options
; commit=01add99d3d903ca6d07f863045edf2ba46cf18d5
name=Create check_process
manifest_arg=domain=DOMAIN&path=PATH&admin=USER&is_public=Yes&
;;; Options
Email=
Notification=none
;;; Upgrade options
; commit=01add99d3d903ca6d07f863045edf2ba46cf18d5
name=Create check_process
manifest_arg=domain=DOMAIN&path=PATH&admin=USER&is_public=Yes&language=en&

6
conf/logautherror.src Normal file
View file

@ -0,0 +1,6 @@
SOURCE_URL=https://github.com/mallchin/dokuwiki_plugin_logautherror/archive/master.zip
SOURCE_SUM=ac36038a710d8f4823a006416ef28c46
SOURCE_SUM_PRG=md5sum
SOURCE_FORMAT=zip
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=

14
conf/nginx.conf
View file

@ -4,11 +4,11 @@ location __PATH__/ {
# Path to source
alias __FINALPATH__/ ;
# Force usage of https
if ($scheme = http) {
rewrite ^ https://$server_name$request_uri? permanent;
}
# Example PHP configuration (remove if not used)
index index.php;
# Common parameter to increase upload size limit in conjuction with dedicated php-fpm file
@ -17,14 +17,7 @@ location __PATH__/ {
try_files $uri $uri/ index.php;
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
fastcgi_pass unix:/var/run/php5-fpm-__NAME__.sock;
# If you don't use a dedicated fpm config for your app,
# use a general fpm pool.
# This is to be used INSTEAD of line above
# Don't forget to adjust scripts install/upgrade/remove/backup accordingly
#
#fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_pass unix:/var/run/php/php7.0-fpm-__NAME__.sock;
fastcgi_index index.php;
include fastcgi_params;
@ -33,11 +26,8 @@ location __PATH__/ {
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $request_filename;
}
# PHP configuration end
# Secure DokuWiki
# Try this ?
#location __PATH__/(data|conf|bin|inc)/ { {
location ~ ^__PATH__/(data|conf|bin|inc)/ {
deny all;
}

78
conf/php-fpm.conf
View file

@ -1,10 +1,11 @@
; Start a new pool named 'www'.
; the variable $pool can we used in any directive and will be replaced by the
; the variable $pool can be used in any directive and will be replaced by the
; pool name ('www' here)
[__NAMETOCHANGE__]
; Per pool prefix
; It only applies on the following directives:
; - 'access.log'
; - 'slowlog'
; - 'listen' (unixsocket)
; - 'chroot'
@ -24,17 +25,19 @@ group = __USER__
; The address on which to accept FastCGI requests.
; Valid syntaxes are:
; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific address on
; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on
; a specific port;
; 'port' - to listen on a TCP socket to all addresses on a
; specific port;
; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
; a specific port;
; 'port' - to listen on a TCP socket to all addresses
; (IPv6 and IPv4-mapped) on a specific port;
; '/path/to/unix/socket' - to listen on a unix socket.
; Note: This value is mandatory.
listen = /var/run/php5-fpm-__NAMETOCHANGE__.sock
listen = /var/run/php/php7.0-fpm-__NAMETOCHANGE__.sock
; Set listen(2) backlog. A value of '-1' means unlimited.
; Default Value: 128 (-1 on FreeBSD and OpenBSD)
;listen.backlog = 128
; Set listen(2) backlog.
; Default Value: 511 (-1 on FreeBSD and OpenBSD)
;listen.backlog = 511
; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many
@ -44,8 +47,13 @@ listen = /var/run/php5-fpm-__NAMETOCHANGE__.sock
listen.owner = www-data
listen.group = www-data
;listen.mode = 0660
; When POSIX Access Control Lists are supported you can set them using
; these options, value is a comma separated list of user/group names.
; When set, listen.owner and listen.group are ignored
;listen.acl_users =
;listen.acl_groups =
; List of ipv4 addresses of FastCGI clients which are allowed to connect.
; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect.
; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
; must be separated by a comma. If this value is left blank, connections will be
@ -59,7 +67,13 @@ listen.group = www-data
; - The pool processes will inherit the master process priority
; unless it specified otherwise
; Default Value: no set
; priority = -19
; process.priority = -19
; Set the process dumpable flag (PR_SET_DUMPABLE prctl) even if the process user
; or group is differrent than the master process user. It allows to create process
; core dump and ptrace the process for the pool user.
; Default Value: no
; process.dumpable = yes
; Choose how the process manager will control the number of child processes.
; Possible Values:
@ -96,7 +110,7 @@ pm = dynamic
; forget to tweak pm.* to fit your needs.
; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand'
; Note: This value is mandatory.
pm.max_children = 10
pm.max_children = 5
; The number of child processes created on startup.
; Note: Used only when pm is set to 'dynamic'
@ -122,7 +136,7 @@ pm.max_spare_servers = 3
; This can be useful to work around memory leaks in 3rd party libraries. For
; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
; Default Value: 0
pm.max_requests = 500
;pm.max_requests = 500
; The URI to view the FPM status page. If this value is not set, no URI will be
; recognized as a status page. It shows the following informations:
@ -215,7 +229,7 @@ pm.max_requests = 500
; last request memory: 0
;
; Note: There is a real-time FPM status monitoring sample web page available
; It's available in: ${prefix}/share/fpm/status.html
; It's available in: /usr/share/php/7.0/fpm/status.html
;
; Note: The value must start with a leading slash (/). The value can be
; anything, but it may not be a good idea to use the .php extension or it
@ -275,7 +289,7 @@ pm.max_requests = 500
; - %{megabytes}M
; - %{mega}M
; %n: pool name
; %o: ouput header
; %o: output header
; it must be associated with embraces to specify the name of the header:
; - %{Content-Type}o
; - %{X-Powered-By}o
@ -291,9 +305,13 @@ pm.max_requests = 500
; %t: server time the request was received
; it can accept a strftime(3) format:
; %d/%b/%Y:%H:%M:%S %z (default)
; The strftime(3) format must be encapsuled in a %{<strftime_format>}t tag
; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
; %T: time the log has been written (the request has finished)
; it can accept a strftime(3) format:
; %d/%b/%Y:%H:%M:%S %z (default)
; The strftime(3) format must be encapsuled in a %{<strftime_format>}t tag
; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
; %u: remote user
;
; Default: "%R - %u %t \"%m %r\" %s"
@ -302,13 +320,13 @@ pm.max_requests = 500
; The log file for slow requests
; Default Value: not set
; Note: slowlog is mandatory if request_slowlog_timeout is set
slowlog = /var/log/nginx/__NAMETOCHANGE__.slow.log
;slowlog = log/$pool.log.slow
; The timeout for serving a single request after which a PHP backtrace will be
; dumped to the 'slowlog' file. A value of '0s' means 'off'.
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
; Default Value: 0
request_slowlog_timeout = 5s
;request_slowlog_timeout = 0
; The timeout for serving a single request after which the worker process will
; be killed. This option should be used when the 'max_execution_time' ini option
@ -347,15 +365,24 @@ chdir = __FINALPATH__
; Note: on highloaded environement, this can cause some delay in the page
; process time (several ms).
; Default Value: no
catch_workers_output = yes
;catch_workers_output = yes
; Clear environment in FPM workers
; Prevents arbitrary environment variables from reaching FPM worker processes
; by clearing the environment in workers before env vars specified in this
; pool configuration are added.
; Setting to "no" will make all environment variables available to PHP code
; via getenv(), $_ENV and $_SERVER.
; Default Value: yes
;clear_env = no
; Limits the extensions of the main script FPM will allow to parse. This can
; prevent configuration mistakes on the web server side. You should only limit
; FPM to .php extensions to prevent malicious users to use other extensions to
; exectute php code.
; execute php code.
; Note: set an empty value to allow all extensions.
; Default Value: .php
;security.limit_extensions = .php .php3 .php4 .php5
;security.limit_extensions = .php .php3 .php4 .php5 .php7
; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
; the current environment.
@ -390,3 +417,16 @@ catch_workers_output = yes
;php_admin_value[error_log] = /var/log/fpm-php.www.log
;php_admin_flag[log_errors] = on
;php_admin_value[memory_limit] = 32M
; Common values to change to increase file upload limit
; php_admin_value[upload_max_filesize] = 50M
; php_admin_value[post_max_size] = 50M
; php_admin_flag[mail.add_x_header] = Off
; Other common parameters
; php_admin_value[max_execution_time] = 600
; php_admin_value[max_input_time] = 300
; php_admin_value[memory_limit] = 256M
; php_admin_flag[short_open_tag] = On
php_admin_value[upload_max_filesize] = 30M
php_admin_value[post_max_size] = 30M

3
conf/php-fpm.ini
View file

@ -1,3 +0,0 @@
upload_max_filesize=30M
post_max_size=30M
; max_execution_time=60

19
manifest.json
View file

@ -2,9 +2,6 @@
"name": "Dokuwiki",
"id": "dokuwiki",
"packaging_format": 1,
"requirements": {
"yunohost": ">> 2.7.14"
},
"description": {
"en": "DokuWiki is a simple to use and highly versatile Open Source wiki software that doesn't require a database.",
"fr": "DokuWiki est un wiki Open Source simple à utiliser et très polyvalent qui n'exige aucune base de données.",
@ -12,8 +9,9 @@
"es": "DokuWiki es un sistema de Wiki de uso sencillicimo y compatible con los estándares.",
"it": "DokuWiki è un Wiki aderente agli standard, semplice da usare, finalizzato principalmente alla creazione di documentazione di qualsiasi tipo."
},
"version": "2018-04-22a~ynh1",
"version": "2018-04-22a~ynh2",
"url": "https://www.dokuwiki.org",
"license": "GPL-2.0-or-later",
"maintainer": {
"name": "Gofannon",
"email": "gofannon@riseup.net"
@ -21,16 +19,16 @@
"previous_maintainers": [
{
"name": "opi",
"email": "opi@zeropi.net",
"url": ""
}
],
"email": "opi@zeropi.net"
}],
"requirements": {
"yunohost": ">= 3.5.0"
},
"multi_instance": true,
"services": [
"nginx",
"php5-fpm"
"php7.0-fpm"
],
"license": "GPL-2.0-or-later",
"arguments": {
"install" : [
{
@ -72,6 +70,7 @@
},
{
"name": "language",
"type": "string",
"ask": {
"en": "Choose the application language",
"fr": "Choisissez la langue de l'application"

5
pull_request_template.md
View file

@ -19,7 +19,6 @@
- [ ] **Approval (LGTM)** :
- [ ] **Approval (LGTM)** :
- **CI succeeded** :
[![Build Status](https://ci-apps-dev.yunohost.org/jenkins/job/dokuwiki_ynh%20-BRANCH-%20(Official)/badge/icon)](https://ci-apps-dev.yunohost.org/jenkins/job/dokuwiki_ynh%20-BRANCH-%20(Official)/) *Please replace '-BRANCH-' in this link for a PR from a local branch.*
or
[![Build Status](https://ci-apps-dev.yunohost.org/jenkins/job/dokuwiki_ynh%20PR-NUM-%20(Official_fork)/badge/icon)](https://ci-apps-dev.yunohost.org/jenkins/job/dokuwiki_ynh%20PR-NUM-%20(Official_fork)/) *Replace '-NUM-' by the PR number in this link for a PR from a forked repository.*
[![Build Status](https://ci-apps-hq.yunohost.org/jenkins/job/dokuwiki_ynh%20PR-NUM-/badge/icon)](https://ci-apps-hq.yunohost.org/jenkins/job/dokuwiki_ynh%20PR-NUM-/)
*Please replace '-NUM-' in this link by the PR number.*
When the PR is marked as ready to merge, you have to wait for 3 days before really merging it.

12
scripts/_common.sh
View file

@ -1,13 +1 @@
#!/bin/bash
# ============= FUTURE YUNOHOST HELPER =============
# Delete a file checksum from the app settings
#
# $app should be defined when calling this helper
#
# usage: ynh_remove_file_checksum file
# | arg: file - The file for which the checksum will be deleted
ynh_delete_file_checksum () {
local checksum_setting_name=checksum_${1//[\/ ]/_} # Replace all '/' and ' ' by '_'
ynh_app_setting_delete $app $checksum_setting_name
}

26
scripts/backup
View file

@ -19,34 +19,46 @@ ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..."
app=$YNH_APP_INSTANCE_NAME
final_path=$(ynh_app_setting_get $app final_path)
domain=$(ynh_app_setting_get $app domain)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
domain=$(ynh_app_setting_get --app=$app --key=domain)
#=================================================
# STANDARD BACKUP STEPS
#=================================================
# BACKUP THE APP MAIN DIR
#=================================================
ynh_script_progression --message="Backing up the main app directory..."
ynh_backup "$final_path"
ynh_backup --src_path="$final_path"
#=================================================
# BACKUP THE NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Backing up nginx web server configuration..."
ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# BACKUP THE PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Backing up php-fpm configuration..." --weight=2
ynh_backup "/etc/php5/fpm/pool.d/$app.conf"
ynh_backup "/etc/php5/fpm/conf.d/20-$app.ini"
ynh_backup --src_path="/etc/php/7.0/fpm/pool.d/$app.conf"
#=================================================
# SPECIFIC BACKUP
# BACKUP FAIL2BAN CONFIGURATION
#=================================================
ynh_script_progression --message="Backing up fail2ban configuration..."
ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf"
ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf"
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." --last

35
scripts/change_url
View file

@ -24,18 +24,10 @@ app=$YNH_APP_INSTANCE_NAME
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..."
# Needed for helper "ynh_add_nginx_config"
final_path=$(ynh_app_setting_get $app final_path)
#=================================================
# CHECK THE SYNTAX OF THE PATHS
#=================================================
test -n "$old_path" || old_path="/"
test -n "$new_path" || new_path="/"
new_path=$(ynh_normalize_url_path $new_path)
old_path=$(ynh_normalize_url_path $old_path)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
#=================================================
# CHECK WHICH PARTS SHOULD BE CHANGED
@ -58,6 +50,7 @@ fi
#=================================================
# MODIFY URL IN NGINX CONF
#=================================================
ynh_script_progression --message="Updating nginx web server configuration..." --weight=2
nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
@ -65,12 +58,10 @@ nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
if [ $change_path -eq 1 ]
then
# Make a backup of the original nginx config file if modified
ynh_backup_if_checksum_is_different "$nginx_conf_path"
ynh_backup_if_checksum_is_different --file="$nginx_conf_path"
# Set global variables for nginx helper
domain="$old_domain"
path_url="$new_path"
# Store path_url setting
ynh_app_setting_set $app path "$path_url"
# Create a dedicated nginx config
ynh_add_nginx_config
fi
@ -79,22 +70,32 @@ fi
if [ $change_domain -eq 1 ]
then
# Delete file checksum for the old conf file location
ynh_delete_file_checksum "$nginx_conf_path"
ynh_delete_file_checksum --file="$nginx_conf_path"
mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf
# Store file checksum for the new config file location
ynh_store_file_checksum "/etc/nginx/conf.d/$new_domain.d/$app.conf"
ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
fi
#=================================================
# SPECIFIC MODIFICATIONS
#=================================================
# ...
# UPGRADE FAIL2BAN
#=================================================
ynh_script_progression --message="Reconfiguring fail2ban..." --weight=6
ynh_add_fail2ban_config --logpath="/var/log/nginx/$new_domain-error.log" --failregex="^.*authentication failure. while reading response header from upstream, client: <HOST>,.*POST $new_path.*$" --max_retry=5
#=================================================
# GENERIC FINALISATION
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading nginx web server..."
systemctl reload nginx
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Change of URL completed for $app" --last

98
scripts/install
View file

@ -26,56 +26,45 @@ admin=$YNH_APP_ARG_ADMIN
is_public=$YNH_APP_ARG_IS_PUBLIC
language=$YNH_APP_ARG_LANGUAGE
# This is a multi-instance app, meaning it can be installed several times independently
# The id of the app as stated in the manifest is available as $YNH_APP_ID
# The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2", ...)
# The app instance name is available as $YNH_APP_INSTANCE_NAME
# - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample
# - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2
# - ynhexample__{N} for the subsequent installations, with N=3,4, ...
# The app instance name is probably what you are interested the most, since this is
# guaranteed to be unique. This is a good unique identifier to define installation path,
# db names, ...
app=$YNH_APP_INSTANCE_NAME
#=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#=================================================
ynh_script_progression --message="Validating installation parameters..." --weight=2
final_path=/var/www/$app
test ! -e "$final_path" || ynh_die "This path already contains a folder"
test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
# Normalize the url path syntax
path_url=$(ynh_normalize_url_path $path_url)
# Check web path availability
ynh_webpath_available $domain $path_url
# Register (book) web path
ynh_webpath_register $app $domain $path_url
ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
ynh_script_progression --message="Storing installation settings..." --weight=2
ynh_app_setting_set $app domain $domain
ynh_app_setting_set $app path $path_url
ynh_app_setting_set $app admin $admin
ynh_app_setting_set $app is_public $is_public
ynh_app_setting_set $app language $language
ynh_app_setting_set --app=$app --key=domain --value=$domain
ynh_app_setting_set --app=$app --key=path --value=$path_url
ynh_app_setting_set --app=$app --key=admin --value=$admin
ynh_app_setting_set --app=$app --key=is_public --value=$is_public
ynh_app_setting_set --app=$app --key=language --value=$language
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression --message="Setting up source files..." --weight=2
ynh_app_setting_set $app final_path $final_path
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source "$final_path"
ynh_setup_source --dest_dir="$final_path"
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring nginx web server..." --weight=2
# Create a dedicated nginx config
ynh_add_nginx_config
@ -83,13 +72,15 @@ ynh_add_nginx_config
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Configuring system user..." --weight=2
# Create a system user
ynh_system_user_create $app
ynh_system_user_create --username=$app
#=================================================
# PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring php-fpm..." --weight=2
# Create a dedicated php-fpm config
ynh_add_fpm_config
@ -99,6 +90,7 @@ ynh_add_fpm_config
#=================================================
# CUSTOMIZE DOKUWIKI
#=================================================
ynh_script_progression --message="Configuring dokuwiki..." --weight=2
# Loading order of configuration files
#
@ -117,7 +109,7 @@ ynh_add_fpm_config
cp ../conf/local.protected.php $final_path/conf
# Set the "admin" user
ynh_replace_string "__YNH_ADMIN_USER__" "$admin" "$final_path/conf/local.protected.php"
ynh_replace_string --match_string="__YNH_ADMIN_USER__" --replace_string="$admin" --target_file="$final_path/conf/local.protected.php"
# This file might be modified by dokuwiki admin panel or by plugins
@ -125,7 +117,7 @@ ynh_replace_string "__YNH_ADMIN_USER__" "$admin" "$final_path/conf/local.prot
cp ../conf/local.php $final_path/conf
# Set the "language"
ynh_replace_string "__YNH_LANGUAGE__" "$language" "$final_path/conf/local.php"
ynh_replace_string --match_string="__YNH_LANGUAGE__" --replace_string="$language" --target_file="$final_path/conf/local.php"
# Restrict user rights by enforcing "read-only" mode for all users
@ -141,7 +133,6 @@ cp ../conf/acl.auth.php $final_path/conf
# Other files will be read ony and owned by root.
# See https://www.dokuwiki.org/install:permissions
cp $final_path/conf/local.php.dist $final_path/conf/local.php.bak
cp $final_path/conf/users.auth.php.dist $final_path/conf/users.auth.php
@ -162,11 +153,15 @@ cp ../conf/plugins.local.php $final_path/conf/plugins.local.php.bak
#=================================================
# Calculate and store the config file checksum into the app settings
ynh_store_file_checksum "$final_path/conf/local.protected.php"
### Files can be modified by user, no need to store checksum as they cannot be overwritten safely by package
#ynh_store_file_checksum "$final_path/conf/local.php"
#ynh_store_file_checksum "$final_path/conf/acl.auth.php"
ynh_store_file_checksum --file="$final_path/conf/local.protected.php"
### Files '$final_path/conf/local.php' and '$final_path/conf/acl.auth.php' can be modified by user, no need to store checksum as they cannot be overwritten safely by the upgrade script
#=================================================
# INSTALL LOGAUTHERROR PLUGIN FOR FAIL2BAN
#=================================================
ynh_script_progression --message="Installing logautherror plugin for fail2ban..." --weight=2
ynh_setup_source --dest_dir="$final_path/lib/plugins/logautherror" --source_id=logautherror
#=================================================
# GENERIC FINALIZATION
@ -180,19 +175,19 @@ ynh_store_file_checksum "$final_path/conf/local.protected.php"
# Files owned by DokuWiki can just read
chown -R root: $final_path
# DokuWiki needs to write inside these folders. Do "DokuWiki" owner
chown $app:root $final_path/conf
chown $app:root $final_path/inc
# DokuWiki needs to write inside these folders. Make "DokuWiki" owner
chown $app:root $final_path/{conf,inc}
# Do "DokuWiki" owner of configuration files that must be writable
# Make "DokuWiki" owner of configuration files that must be writable
chown $app:root $final_path/conf/{local.php,local.php.bak,users.auth.php,acl.auth.php,plugins.local.php,plugins.local.php.bak}
# Usefull for some plugins like https://www.dokuwiki.org/plugin:siteexport
# See https://www.dokuwiki.org/devel:preload
chown $app:root $final_path/inc/preload.php
# Grant read-only to all files as files copied above are owned by root by defaut and nginx cannot read them
# There are only files in the folder and there are no sublevels. No need to use "find"
chmod -R a+r $final_path/conf
chmod -R a+r $final_path/inc
chmod -R a+r $final_path/{conf,inc}
# Give write access to "data" and subfolders
chown -R $app:root $final_path/data
@ -211,27 +206,34 @@ find $final_path/lib -type d -print0 | xargs -0 chmod 0755
# chmod : -rwxr-xr-x 1 root root 241 May 3 08:36 index.html => BAD
# find : -rw-r--r-- 1 1001 1002 241 May 3 08:36 index.html => GOOD
#=================================================
# SETUP FAIL2BAN
#=================================================
ynh_script_progression --message="Configuring fail2ban..." --weight=7
ynh_add_fail2ban_config --logpath="/var/log/nginx/$domain-error.log" --failregex="^.*authentication failure. while reading response header from upstream, client: <HOST>,.*POST $path_url.*$" --max_retry=5
#=================================================
# SETUP SSOWAT
#=================================================
# Not needed as no skipped_uris have been added before.
# Example : "ynh_app_setting_set $app skipped_uris ..."
# See https://github.com/YunoHost-Apps/dokuwiki_ynh/pull/37 for explanation
#if [ $is_public -eq 0 ]
#then # Remove the public access
# ynh_app_setting_delete $app skipped_uris
#fi
ynh_script_progression --message="Configuring SSOwat..."
# Make app public if necessary
if [ $is_public -eq 1 ]
then
# unprotected_uris allows SSO credentials to be passed anyway.
ynh_app_setting_set $app unprotected_uris "/"
ynh_app_setting_set --app=$app --key=unprotected_uris --value="/"
fi
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading nginx web server..."
systemctl reload nginx
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Installation of $app completed" --last

25
scripts/remove
View file

@ -12,26 +12,27 @@ source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..."
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get $app domain)
final_path=$(ynh_app_setting_get $app final_path)
domain=$(ynh_app_setting_get --app=$app --key=domain)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
#=================================================
# STANDARD REMOVE
#=================================================
#=================================================
# REMOVE APP MAIN DIR
#=================================================
ynh_script_progression --message="Removing app main directory..."
# Remove the app directory securely
ynh_secure_remove "$final_path"
ynh_secure_remove --file="$final_path"
#=================================================
# REMOVE NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Removing nginx web server configuration..."
# Remove the dedicated nginx config
ynh_remove_nginx_config
@ -39,20 +40,30 @@ ynh_remove_nginx_config
#=================================================
# REMOVE PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Removing php-fpm configuration..." --weight=2
# Remove the dedicated php-fpm config
ynh_remove_fpm_config
#=================================================
# SPECIFIC REMOVE
# REMOVE FAIL2BAN CONFIGURATION
#=================================================
ynh_script_progression --message="Removing fail2ban configuration..." --weight=7
ynh_remove_fail2ban_config
#=================================================
# GENERIC FINALIZATION
#=================================================
# REMOVE DEDICATED USER
#=================================================
ynh_script_progression --message="Removing the dedicated system user..."
# Delete a system user
ynh_system_user_delete $app
ynh_system_user_delete --username=$app
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Removal of $app completed" --last

69
scripts/restore
View file

@ -19,21 +19,23 @@ ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading settings..." --weight=2
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get $app domain)
path_url=$(ynh_app_setting_get $app path)
final_path=$(ynh_app_setting_get $app final_path)
domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app=$app --key=path)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
#=================================================
# CHECK IF THE APP CAN BE RESTORED
#=================================================
ynh_script_progression --message="Validating restoration parameters..." --weight=2
ynh_webpath_available $domain $path_url \
|| ynh_die "Path not available: ${domain}${path_url}"
ynh_webpath_available --domain=$domain --path_url=$path_url \
|| ynh_die --message="Path not available: ${domain}${path_url}"
test ! -d $final_path \
|| ynh_die "There is already a directory: $final_path "
|| ynh_die --message="There is already a directory: $final_path "
#=================================================
# STANDARD RESTORATION STEPS
@ -41,20 +43,22 @@ test ! -d $final_path \
# RESTORE THE NGINX CONFIGURATION
#=================================================
ynh_restore_file "/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# RESTORE THE APP MAIN DIR
#=================================================
ynh_script_progression --message="Restoring the app main directory..."
ynh_restore_file "$final_path"
ynh_restore_file --origin_path="$final_path"
#=================================================
# RECREATE THE DEDICATED USER
#=================================================
ynh_script_progression --message="Recreating the dedicated system user..." --weight=2
# Create the dedicated user (if not existing)
ynh_system_user_create $app
ynh_system_user_create --username=$app
#=================================================
# RESTORE USER RIGHTS
@ -63,58 +67,51 @@ ynh_system_user_create $app
# Try to use "least privilege" to grant minimal access
# For details, see https://www.dokuwiki.org/install:permissions
# Files owned by DokuWiki can just read
chown -R root: $final_path
# DokuWiki needs to write inside these folders. Make "DokuWiki" owner
chown $app:root $final_path/{conf,inc}
# DokuWiki needs to write inside these folders. Do "DokuWiki" owner
chown $app:root $final_path/conf
chown $app:root $final_path/inc
# Do "DokuWiki" owner of configuration files that must be writable
# Make "DokuWiki" owner of configuration files that must be writable
chown $app:root $final_path/conf/{local.php,local.php.bak,users.auth.php,acl.auth.php,plugins.local.php,plugins.local.php.bak}
# Useful for some plugins like https://www.dokuwiki.org/plugin:siteexport
# Usefull for some plugins like https://www.dokuwiki.org/plugin:siteexport
# See https://www.dokuwiki.org/devel:preload
chown $app:root $final_path/inc/preload.php
# Grant read-only to all files as files copied above are owned by root by defaut and nginx cannot read them
# There are only files in the folder and there are no sublevels. No need to use "find"
chmod -R a+r $final_path/conf
chmod -R a+r $final_path/inc
# Give write access to "data" and subfolders
chown -R $app:root $final_path/data
# Remove access to "other"
chmod -R o-rwx $final_path/data
# Allow the web admin panel to run, aka "Extension Manager"
chown -R $app:root $final_path/lib/plugins
# Allow to install templates
chown -R $app:root $final_path/lib/tpl
# Allow access to public assets like style sheets
find $final_path/lib -type f -print0 | xargs -0 chmod 0644
find $final_path/lib -type d -print0 | xargs -0 chmod 0755
# Using "find" instead of "chmod -R 755" so files does not become executable too
# chmod : -rwxr-xr-x 1 root root 241 May 3 08:36 index.html => BAD
# find : -rw-r--r-- 1 1001 1002 241 May 3 08:36 index.html => GOOD
#=================================================
# RESTORE THE PHP-FPM CONFIGURATION
#=================================================
ynh_restore_file "/etc/php5/fpm/pool.d/$app.conf"
ynh_restore_file "/etc/php5/fpm/conf.d/20-$app.ini"
ynh_restore_file --origin_path="/etc/php/7.0/fpm/pool.d/$app.conf"
#=================================================
# SPECIFIC RESTORATION
# RESTORE FAIL2BAN CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the fail2ban configuration..." --weight=7
ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf"
ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf"
ynh_systemd_action --action=restart --service_name=fail2ban
#=================================================
# GENERIC FINALIZATION
#=================================================
# RELOAD NGINX AND PHP-FPM
#=================================================
ynh_script_progression --message="Reloading nginx web server and php-fpm..." --weight=2
systemctl reload php5-fpm
systemctl reload nginx
ynh_systemd_action --service_name=php7.0-fpm --action=reload
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Restoration completed for $app" --last

181
scripts/upgrade
View file

@ -12,55 +12,61 @@ source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..." --weight=2
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get $app domain)
path_url=$(ynh_app_setting_get $app path)
admin=$(ynh_app_setting_get $app admin)
is_public=$(ynh_app_setting_get $app is_public)
# Not needed during upgrade as user might have change it since installation from Dokuwiki admin panel
#language=$(ynh_app_setting_get $app language)
final_path=$(ynh_app_setting_get $app final_path)
domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app=$app --key=path)
admin=$(ynh_app_setting_get --app=$app --key=admin)
is_public=$(ynh_app_setting_get --app=$app --key=is_public)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
#=================================================
# CHECK VERSION
#=================================================
upgrade_type=$(ynh_check_app_version_changed)
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
ynh_script_progression --message="Ensuring downward compatibility..."
# Fix is_public as a boolean value
if [ "$is_public" = "Yes" ]; then
ynh_app_setting_set $app is_public 1
ynh_app_setting_set --app=$app --key=is_public --value=1
is_public=1
elif [ "$is_public" = "No" ]; then
ynh_app_setting_set $app is_public 0
ynh_app_setting_set --app=$app --key=is_public --value=0
is_public=0
fi
# If final_path doesn't exist, create it
if [ -z $final_path ]; then
if [ -z "$final_path" ]; then
final_path=/var/www/$app
ynh_app_setting_set $app final_path $final_path
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
fi
# TODO Not sure if still needed ??
# admin default value, if not set
if [ -z "$admin" ]; then
admin=$(sudo yunohost user list | grep 'username' -m1 | awk '{print $2}')
sudo ynh_app_setting_set $app is_public -v "$is_public"
admin=$(yunohost user list | grep 'username' -m1 | awk '{print $2}')
ynh_app_setting_set --app=$app --key=is_public --value=$is_public
fi
# language default value, if not set
if [ -z "$language" ]; then
language='en'
ynh_app_setting_set $app language $language
ynh_app_setting_set --app=$app --key=language --value=$language
fi
# Yunohost specific configuration, if not exists
# Yunohost specific configuration, if it isn't exist already
# Previously, these settings were store a unique "dokuwiki.php"
# Now, they are split in multiples files to ease upgrading process (separate Yunohost config from user config)
# Previously, these settings were store in an unique "dokuwiki.php"
# Now, they are split in multiple files to ease upgrading process (separate Yunohost config from user config)
# Loading order of configuration files
#
@ -72,14 +78,12 @@ fi
#
# See https://www.dokuwiki.org/plugin:config#protecting_settings
# Configuration dedicated to Yunohost (LDAP and admin mainly)
# Create file if it does not exist
# Create an empty configuration file if it does not exist
# This file will be overwritten anyway later in the part "# LDAP Configuration"
# The file is created here to prevent a failure of the helper `ynh_backup_if_checksum_is_different`
if [ ! -f "$final_path/conf/local.protected.php" ]; then
cp ../conf/local.protected.php $final_path/conf
# Set the default "admin"
ynh_replace_string "__YNH_ADMIN_USER__" "$admin" "$final_path/conf/local.protected.php"
touch $final_path/conf/local.protected.php
fi
# Do not overwrite existing dokuwiki configuration as it could have user customization's and settings.
@ -88,7 +92,7 @@ if [ ! -f "$final_path/conf/local.php" ]; then
cp ../conf/local.php $final_path/conf
# Set the default "language"
ynh_replace_string "__YNH_LANGUAGE__" "$language" "$final_path/conf/local.php"
ynh_replace_string --match_string="__YNH_LANGUAGE__" --replace_string="$language" --target_file="$final_path/conf/local.php"
fi
# Do not overwrite existing ACL configuration file as it could have user customization's and settings.
@ -98,8 +102,6 @@ if [ ! -f "$final_path/conf/acl.auth.php" ]; then
cp ../conf/acl.auth.php $final_path/conf
fi
# For securing DokuWiki installation, create default files that will be writable in the "conf" folder.
# Other files will be read ony and owned by root.
# See https://www.dokuwiki.org/install:permissions
@ -139,6 +141,7 @@ fi
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=9
# Backup the current version of the app
ynh_backup_before_upgrade
@ -154,7 +157,7 @@ ynh_abort_if_errors
#=================================================
# Normalize the URL path syntax
path_url=$(ynh_normalize_url_path $path_url)
path_url=$(ynh_normalize_url_path --path_url=$path_url)
#=================================================
# STANDARD UPGRADE STEPS
@ -162,12 +165,18 @@ path_url=$(ynh_normalize_url_path $path_url)
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source "$final_path"
if [ "$upgrade_type" == "UPGRADE_APP" ]
then
ynh_script_progression --message="Upgrading source files..." --weight=2
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$final_path"
fi
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Upgrading nginx web server configuration..." --weight=2
# Create a dedicated nginx config
ynh_add_nginx_config
@ -175,13 +184,15 @@ ynh_add_nginx_config
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Making sure dedicated system user exists..."
# Create a system user
ynh_system_user_create $app
ynh_system_user_create --username=$app
#=================================================
# PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Upgrading php-fpm configuration..."
# Create a dedicated php-fpm config
ynh_add_fpm_config
@ -190,59 +201,64 @@ ynh_add_fpm_config
# SPECIFIC UPGRADE
#=================================================
# Remove upgrade notification inside Dokuwiki's admin panel
# See https://www.dokuwiki.org/update_check
touch $final_path/doku.php
if [ "$upgrade_type" == "UPGRADE_APP" ]
then
ynh_script_progression --message="Upgrading dokuwiki..." --weight=7
# Remove files not used anymore after upgrade
# See https://www.dokuwiki.org/install:unused_files
if [ -f "$final_path/data/deleted.files" ]; then
# Remove upgrade notification inside Dokuwiki's admin panel
# See https://www.dokuwiki.org/update_check
touch $final_path/doku.php
# Use a "sub process" to start a new shell to run these commands
# Allow to use only one "cd" and to be more efficent
(
# Move to the dokuwiki installation folder so the "official" commands can be used without adaptation
cd $final_path
# Remove files not used anymore after upgrade
# See https://www.dokuwiki.org/install:unused_files
if [ -f "$final_path/data/deleted.files" ]; then
# This command could not remove directory
#grep -Ev '^($|#)' data/deleted.files | xargs -n 1 rm -vf
# => "rm: cannot remove 'vendor/easybook/geshi': Is a directory"
# Use a "sub process" to start a new shell to run these commands
# Allow to use only one "cd" and to be more efficent
(
# Move to the dokuwiki installation folder so the "official" commands can be used without adaptation
cd $final_path
# That one works as expected
grep -Ev '^($|#)' data/deleted.files | xargs -n 1 rm -fr
)
grep --extended-regexp --invert-match '^($|#)' data/deleted.files | xargs --max-args=1 rm --force --dir || true
)
fi
# TODO Taken from old "upgrade" script. Should check if it is needed and what it does
# Update all plugins
for name_plugin in $(sudo -s cat $final_path/lib/plugins/*/plugin.info.txt | grep url | awk -F ':' '{print $3}');
do
# Get a official plugin for dokuwiki, not update a no-official
wget -nv --quiet "https://github.com/splitbrain/dokuwiki-plugin-$name_plugin/zipball/master" -O "${name_plugin}.zip" -o /dev/null || true
if [ -s "${name_plugin}.zip" ]; then
unzip ${name_plugin}.zip
cp -a splitbrain-dokuwiki-plugin-${name_plugin}*/. "$final_path/lib/plugins/$name_plugin/"
fi
done
fi
# TODO Taken from old "upgrade" script. Should check if it is needed and what it does
# Update all plugins
for name_plugin in $(sudo -s cat $final_path/lib/plugins/*/plugin.info.txt | grep url | awk -F ':' '{print $3}');
do
# Get a official plugin for dokuwiki, not update a no-official
sudo wget -nv --quiet "https://github.com/splitbrain/dokuwiki-plugin-${name_plugin}/zipball/master" -O "${name_plugin}.zip" -o /dev/null || true
if [ -s "${name_plugin}.zip" ]; then
sudo unzip ${name_plugin}.zip
sudo cp -a splitbrain-dokuwiki-plugin-${name_plugin}*/. "${final_path}/lib/plugins/${name_plugin}/"
fi
done
#=================================================
#=================================================
# LDAP Configuration
#=================================================
### Verify the checksum of a file, stored by `ynh_store_file_checksum` in the install script.
### And create a backup of this file if the checksum is different. So the file will be backed up if the admin had modified it.
ynh_backup_if_checksum_is_different "$final_path/conf/local.protected.php"
ynh_backup_if_checksum_is_different --file="$final_path/conf/local.protected.php"
# Always overwrite local file with the one from package.
cp ../conf/local.protected.php $final_path/conf
# Set the "admin" user
ynh_replace_string "__YNH_ADMIN_USER__" "$admin" "$final_path/conf/local.protected.php"
ynh_replace_string --match_string="__YNH_ADMIN_USER__" --replace_string="$admin" --target_file="$final_path/conf/local.protected.php"
# Recalculate and store the checksum of the file for the next upgrade.
ynh_store_file_checksum "$final_path/conf/local.protected.php"
ynh_store_file_checksum --file="$final_path/conf/local.protected.php"
#=================================================
# INSTALL LOGAUTHERROR PLUGIN FOR FAIL2BAN
#=================================================
ynh_script_progression --message="Upgrading logautherror plugin for fail2ban..." --weight=2
ynh_setup_source --dest_dir="$final_path/lib/plugins/logautherror" --source_id=logautherror
#=================================================
# GENERIC FINALIZATION
@ -256,19 +272,19 @@ ynh_store_file_checksum "$final_path/conf/local.protected.php"
# Files owned by DokuWiki can just read
chown -R root: $final_path
# DokuWiki needs to write inside these folders. Do "DokuWiki" owner
chown $app:root $final_path/conf
chown $app:root $final_path/inc
# DokuWiki needs to write inside these folders. Make "DokuWiki" owner
chown $app:root $final_path/{conf,inc}
# Do "DokuWiki" owner of configuration files that must be writable
# Make "DokuWiki" owner of configuration files that must be writable
chown $app:root $final_path/conf/{local.php,local.php.bak,users.auth.php,acl.auth.php,plugins.local.php,plugins.local.php.bak}
# Useful for some plugins like https://www.dokuwiki.org/plugin:siteexport
# Usefull for some plugins like https://www.dokuwiki.org/plugin:siteexport
# See https://www.dokuwiki.org/devel:preload
chown $app:root $final_path/inc/preload.php
# Grant read-only to all files as files copied above are owned by root by defaut and nginx cannot read them
# There are only files in the folder and there is sublevels. No need to use "find"
chmod -R a+r $final_path/conf
chmod -R a+r $final_path/inc
# There are only files in the folder and there are no sublevels. No need to use "find"
chmod -R a+r $final_path/{conf,inc}
# Give write access to "data" and subfolders
chown -R $app:root $final_path/data
@ -287,23 +303,38 @@ find $final_path/lib -type d -print0 | xargs -0 chmod 0755
# chmod : -rwxr-xr-x 1 root root 241 May 3 08:36 index.html => BAD
# find : -rw-r--r-- 1 1001 1002 241 May 3 08:36 index.html => GOOD
#=================================================
# SETUP FAIL2BAN
#=================================================
ynh_script_progression --message="Reconfiguring fail2ban..." --weight=7
ynh_add_fail2ban_config --logpath="/var/log/nginx/$domain-error.log" --failregex="^.*authentication failure. while reading response header from upstream, client: <HOST>,.*POST $path_url.*$" --max_retry=5
#=================================================
# SETUP SSOWAT
#=================================================
ynh_script_progression --message="Upgrading SSOwat configuration..."
if [ $is_public -eq 0 ]
then # Remove the public access
ynh_app_setting_delete $app skipped_uris
ynh_app_setting_delete --app=$app --key=skipped_uris
fi
# Make app public if necessary
if [ $is_public -eq 1 ]
then
# unprotected_uris allows SSO credentials to be passed anyway
ynh_app_setting_set $app unprotected_uris "/"
ynh_app_setting_set --app=$app --key=unprotected_uris --value="/"
fi
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading nginx web server..."
systemctl reload nginx
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Upgrade of $app completed" --last