YunoHost-Apps/dokuwiki_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/dokuwiki_ynh.git synced 2024-09-03 18:26:20 +02:00
Code Issues Activity Actions

Merge pull request #37 from Gofannon/refactor

Browse source 
Refactor
This commit is contained in:
JimboJoe 2018-08-01 07:52:30 +02:00 committed by GitHub
commit 46f3fd4c10
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
20 changed files with 934 additions and 747 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
check_process
View file

@ -1,3 +1,8 @@
# See here for more informations
# https://github.com/YunoHost/package_check#syntax-check_process-file
# Move this file from check_process.default to check_process when you have filled it.
;; Test complet
auto_remove=1
; Manifest
@ -16,13 +21,9 @@
upgrade=1 from_commit=01add99d3d903ca6d07f863045edf2ba46cf18d5
backup_restore=1
multi_instance=1
wrong_user=1
wrong_path=1
incorrect_path=1
corrupt_source=0
fail_download_source=0
port_already_use=0
final_path_already_use=0
change_url=1
;;; Levels
Level 1=auto
Level 2=auto
@ -38,3 +39,6 @@
; commit=01add99d3d903ca6d07f863045edf2ba46cf18d5
name=Create check_process
manifest_arg=domain=DOMAIN&path=PATH&admin=USER&is_public=Yes&
;;; Options
Email=
Notification=none

6
conf/app.src Normal file
View file

@ -0,0 +1,6 @@
SOURCE_URL=https://download.dokuwiki.org/src/dokuwiki/dokuwiki-2018-04-22a.tgz
SOURCE_SUM=18765a29508f96f9882349a304bffc03
SOURCE_SUM_PRG=md5sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=

188
conf/dokuwiki.php
View file

@ -1,188 +0,0 @@
<?php
/**
* This is DokuWiki's Main Configuration file
*
* All the default values are kept here, you should not modify it but use
* a local.php file instead to override the settings from here.
*
* This is a piece of PHP code so PHP syntax applies!
*
* For help with the configuration and a more detailed explanation of the various options
* see http://www.dokuwiki.org/config
*/
/* Basic Settings */
$conf['title'] = 'DokuWiki'; //what to show in the title
$conf['start'] = 'start'; //name of start page
$conf['lang'] = 'en'; //your language
$conf['template'] = 'dokuwiki'; //see lib/tpl directory
$conf['tagline'] = ''; //tagline in header (if template supports it)
$conf['sidebar'] = 'sidebar'; //name of sidebar in root namespace (if template supports it)
$conf['license'] = 'cc-by-nc-sa'; //see conf/license.php
$conf['savedir'] = './data'; //where to store all the files
$conf['basedir'] = ''; //absolute dir from serveroot - blank for autodetection
$conf['baseurl'] = ''; //URL to server including protocol - blank for autodetect
$conf['cookiedir'] = ''; //path to use in cookies - blank for basedir
$conf['dmode'] = 0755; //set directory creation mode
$conf['fmode'] = 0644; //set file creation mode
$conf['allowdebug'] = 0; //allow debug output, enable if needed 0|1
/* Display Settings */
$conf['recent'] = 20; //how many entries to show in recent
$conf['recent_days'] = 7; //How many days of recent changes to keep. (days)
$conf['breadcrumbs'] = 10; //how many recent visited pages to show
$conf['youarehere'] = 0; //show "You are here" navigation? 0|1
$conf['fullpath'] = 0; //show full path of the document or relative to datadir only? 0|1
$conf['typography'] = 1; //smartquote conversion 0=off, 1=doublequotes, 2=all quotes
$conf['dformat'] = '%Y/%m/%d %H:%M'; //dateformat accepted by PHPs strftime() function
$conf['signature'] = ' --- //[[@MAIL@|@NAME@]] @DATE@//'; //signature see wiki page for details
$conf['showuseras'] = 'loginname'; // 'loginname' users login name
// 'username' users full name
// 'email' e-mail address (will be obfuscated as per mailguard)
// 'email_link' e-mail address as a mailto: link (obfuscated)
$conf['toptoclevel'] = 1; //Level starting with and below to include in AutoTOC (max. 5)
$conf['tocminheads'] = 3; //Minimum amount of headlines that determines if a TOC is built
$conf['maxtoclevel'] = 3; //Up to which level include into AutoTOC (max. 5)
$conf['maxseclevel'] = 3; //Up to which level create editable sections (max. 5)
$conf['camelcase'] = 0; //Use CamelCase for linking? (I don't like it) 0|1
$conf['deaccent'] = 1; //deaccented chars in pagenames (1) or romanize (2) or keep (0)?
$conf['useheading'] = 0; //use the first heading in a page as its name
$conf['sneaky_index']= 0; //check for namespace read permission in index view (0|1) (1 might cause unexpected behavior)
$conf['hidepages'] = ''; //Regexp for pages to be skipped from RSS, Search and Recent Changes
/* Authentication Settings */
$conf['useacl'] = 1; //Use Access Control Lists to restrict access?
$conf['openregister']= 0;
$conf['autopasswd'] = 1; //autogenerate passwords and email them to user
$conf['authtype'] = 'authldap'; //which authentication backend should be used
$conf['passcrypt'] = 'sha1'; //Used crypt method (smd5,md5,sha1,ssha,crypt,mysql,my411)
$conf['defaultgroup']= 'user'; //Default groups new Users are added to
$conf['superuser'] = 'YNH_ADMIN_USER'; //The admin can be user or @group or comma separated list user1,@group1,user2
$conf['manager'] = 'YNH_ADMIN_USER'; //The manager can be user or @group or comma separated list user1,@group1,user2
$conf['profileconfirm'] = 1; //Require current password to confirm changes to user profile
$conf['rememberme'] = 1; //Enable/disable remember me on login
$conf['disableactions'] = ''; //comma separated list of actions to disable
$conf['auth_security_timeout'] = 900; //time (seconds) auth data is considered valid, set to 0 to recheck on every page view
$conf['securecookie'] = 1; //never send HTTPS cookies via HTTP
$conf['remote'] = 0; //Enable/disable remote interfaces
$conf['remoteuser'] = '!!not set !!'; //user/groups that have access to remote interface (comma separated)
/* LDAP Yunohost config */
$conf['plugin']['authldap']['server'] = 'localhost';
$conf['plugin']['authldap']['port'] = 389;
$conf['plugin']['authldap']['version'] = 3;
$conf['plugin']['authldap']['usertree'] = 'ou=users,dc=yunohost,dc=org';
$conf['plugin']['authldap']['userfilter'] = '(&(uid=%{user})(objectClass=posixAccount))';
# no groups
#$conf['plugin']['authldap']['grouptree'] = 'ou=Group, dc=server, dc=tld';
#$conf['plugin']['authldap']['groupfilter'] = '(&(objectClass=posixGroup)(|(gidNumber=%{gid})(memberUID=%{user})))';
/* Antispam Features */
$conf['usewordblock']= 1; //block spam based on words? 0|1
$conf['relnofollow'] = 1; //use rel="nofollow" for external links?
$conf['indexdelay'] = 60*60*24*5; //allow indexing after this time (seconds) default is 5 days
$conf['mailguard'] = 'hex'; //obfuscate email addresses against spam harvesters?
//valid entries are:
// 'visible' - replace @ with [at], . with [dot] and - with [dash]
// 'hex' - use hex entities to encode the mail address
// 'none' - do not obfuscate addresses
$conf['iexssprotect']= 1; // check for JavaScript and HTML in uploaded files 0|1
/* Editing Settings */
$conf['usedraft'] = 1; //automatically save a draft while editing (0|1)
$conf['htmlok'] = 0; //may raw HTML be embedded? This may break layout and XHTML validity 0|1
$conf['phpok'] = 0; //may PHP code be embedded? Never do this on the internet! 0|1
$conf['locktime'] = 15*60; //maximum age for lockfiles (defaults to 15 minutes)
$conf['cachetime'] = 60*60*24; //maximum age for cachefile in seconds (defaults to a day)
/* Link Settings */
// Set target to use when creating links - leave empty for same window
$conf['target']['wiki'] = '';
$conf['target']['interwiki'] = '';
$conf['target']['extern'] = '';
$conf['target']['media'] = '';
$conf['target']['windows'] = '';
/* Media Settings */
$conf['mediarevisions'] = 1; //enable/disable media revisions
$conf['refcheck'] = 1; //check for references before deleting media files
$conf['gdlib'] = 2; //the GDlib version (0, 1 or 2) 2 tries to autodetect
$conf['im_convert'] = ''; //path to ImageMagicks convert (will be used instead of GD)
$conf['jpg_quality'] = '70'; //quality of compression when scaling jpg images (0-100)
$conf['fetchsize'] = 0; //maximum size (bytes) fetch.php may download from extern, disabled by default
/* Notification Settings */
$conf['subscribers'] = 0; //enable change notice subscription support
$conf['subscribe_time'] = 24*60*60; //Time after which digests / lists are sent (in sec, default 1 day)
//Should be smaller than the time specified in recent_days
$conf['notify'] = ''; //send change info to this email (leave blank for nobody)
$conf['registernotify'] = ''; //send info about newly registered users to this email (leave blank for nobody)
$conf['mailfrom'] = ''; //use this email when sending mails
$conf['mailprefix'] = ''; //use this as prefix of outgoing mails
$conf['htmlmail'] = 1; //send HTML multipart mails
/* Syndication Settings */
$conf['sitemap'] = 0; //Create a google sitemap? How often? In days.
$conf['rss_type'] = 'rss1'; //type of RSS feed to provide, by default:
// 'rss' - RSS 0.91
// 'rss1' - RSS 1.0
// 'rss2' - RSS 2.0
// 'atom' - Atom 0.3
// 'atom1' - Atom 1.0
$conf['rss_linkto'] = 'diff'; //what page RSS entries link to:
// 'diff' - page showing revision differences
// 'page' - the revised page itself
// 'rev' - page showing all revisions
// 'current' - most recent revision of page
$conf['rss_content'] = 'abstract'; //what to put in the items by default?
// 'abstract' - plain text, first paragraph or so
// 'diff' - plain text unified diff wrapped in <pre> tags
// 'htmldiff' - diff as HTML table
// 'html' - the full page rendered in XHTML
$conf['rss_media'] = 'both'; //what should be listed?
// 'both' - page and media changes
// 'pages' - page changes only
// 'media' - media changes only
$conf['rss_update'] = 5*60; //Update the RSS feed every n seconds (defaults to 5 minutes)
$conf['rss_show_summary'] = 1; //Add revision summary to title? 0|1
/* Advanced Settings */
$conf['updatecheck'] = 0; //automatically check for new releases?
$conf['userewrite'] = 0; //this makes nice URLs: 0: off 1: .htaccess 2: internal
$conf['useslash'] = 0; //use slash instead of colon? only when rewrite is on
$conf['sepchar'] = '_'; //word separator character in page names; may be a
// letter, a digit, '_', '-', or '.'.
$conf['canonical'] = 0; //Should all URLs use full canonical http://... style?
$conf['fnencode'] = 'url'; //encode filenames (url|safe|utf-8)
$conf['autoplural'] = 0; //try (non)plural form of nonexisting files?
$conf['compression'] = 'gz'; //compress old revisions: (0: off) ('gz': gnuzip) ('bz2': bzip)
// bz2 generates smaller files, but needs more cpu-power
$conf['gzip_output'] = 0; //use gzip content encodeing for the output xhtml (if allowed by browser)
$conf['compress'] = 1; //Strip whitespaces and comments from Styles and JavaScript? 1|0
$conf['cssdatauri'] = 0; //Maximum byte size of small images to embed into CSS, won't work on IE<8
$conf['send404'] = 0; //Send a HTTP 404 status for non existing pages?
$conf['broken_iua'] = 0; //Platform with broken ignore_user_abort (IIS+CGI) 0|1
$conf['xsendfile'] = 0; //Use X-Sendfile (1 = lighttpd, 2 = standard)
$conf['renderer_xhtml'] = 'xhtml'; //renderer to use for main page generation
$conf['readdircache'] = 0; //time cache in second for the readdir operation, 0 to deactivate.
/* Network Settings */
$conf['dnslookups'] = 1; //disable to disallow IP to hostname lookups
// Proxy setup - if your Server needs a proxy to access the web set these
$conf['proxy']['host'] = '';
$conf['proxy']['port'] = '';
$conf['proxy']['user'] = '';
$conf['proxy']['pass'] = '';
$conf['proxy']['ssl'] = 0;
$conf['proxy']['except'] = '';
// Safemode Hack - read http://www.dokuwiki.org/config:safemodehack !
$conf['safemodehack'] = 0;
$conf['ftp']['host'] = 'localhost';
$conf['ftp']['port'] = '21';
$conf['ftp']['user'] = 'user';
$conf['ftp']['pass'] = 'password';
$conf['ftp']['root'] = '/home/user/htdocs';

13
conf/local.php Normal file
View file

@ -0,0 +1,13 @@
<?php
/**
* This is an example of how a local.php could look like.
* Simply copy the options you want to change from dokuwiki.php
* to this file and change them.
*
* When using the installer, a correct local.php file be generated for
* you automatically.
*/
/* Basic Settings */
$conf['lang'] = '__YNH_LANGUAGE__'; //your language

33
conf/local.protected.php Normal file
View file

@ -0,0 +1,33 @@
<?php
/**
* This file is used for configuration settings which cannot be modified by Dokuwiki admin panel
* See here for explanations : https://www.dokuwiki.org/config
*
* Yunohost dedicated settings are stored here in order to be able to upgrade the Yunohost package safely latter for Yunohost packager ( Yeah \o/ )
*
* You should not modify this file direclty as it will be overwritten by Yunohost package
* Use "local.php" instead. You have been warned !
*/
/* Authentication Settings */
$conf['useacl'] = 1; //Use Access Control Lists to restrict access?
$conf['authtype'] = 'authldap'; //which authentication backend should be used
$conf['passcrypt'] = 'sha1'; //Used crypt method (smd5,md5,sha1,ssha,crypt,mysql,my411)
$conf['superuser'] = '__YNH_ADMIN_USER__'; //The admin can be user or @group or comma separated list user1,@group1,user2
$conf['manager'] = '__YNH_ADMIN_USER__'; //The manager can be user or @group or comma separated list user1,@group1,user2
/* LDAP Yunohost config */
$conf['plugin']['authldap']['server'] = 'localhost';
$conf['plugin']['authldap']['port'] = 389;
$conf['plugin']['authldap']['version'] = 3;
$conf['plugin']['authldap']['usertree'] = 'ou=users,dc=yunohost,dc=org';
$conf['plugin']['authldap']['userfilter'] = '(&(uid=%{user})(objectClass=posixAccount))';
# no groups
#$conf['plugin']['authldap']['grouptree'] = 'ou=Group, dc=server, dc=tld';
#$conf['plugin']['authldap']['groupfilter'] = '(&(objectClass=posixGroup)(|(gidNumber=%{gid})(memberUID=%{user})))';
/* Advanced Settings */
$conf['updatecheck'] = 0; //automatically check for new releases?
// Taken from previous package. Don't know what it does. Maybe Yunohost corner logo ?
$conf['cssdatauri'] = 512; //Maximum byte size of small images to embed into CSS, won't work on IE<8

83
conf/nginx.conf
View file

@ -1,42 +1,57 @@
location __PATHTOCHANGE__ {
alias __FINALPATH__/;
#sub_path_only rewrite ^__PATH__$ __PATH__/ permanent;
location __PATH__/ {
if ($scheme = http) {
rewrite ^ https://$server_name$request_uri? permanent;
}
# Path to source
alias __FINALPATH__/ ;
index index.php;
try_files $uri $uri/ index.php;
if ($scheme = http) {
rewrite ^ https://$server_name$request_uri? permanent;
}
client_max_body_size 25M;
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
fastcgi_pass unix:/var/run/php5-fpm-__NAMETOCHANGE__.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param HTTPS on if_not_empty;
fastcgi_param REMOTE_USER $remote_user;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $request_filename;
}
# Example PHP configuration (remove if not used)
index index.php;
# Secure DokuWiki
location ~ ^__PATHTOCHANGE__/(data|conf|bin|inc)/ {
deny all;
}
# Common parameter to increase upload size limit in conjuction with dedicated php-fpm file
client_max_body_size 25M;
# Deny Access to htaccess-Files for Apache
location ~ /\.ht {
deny all;
}
try_files $uri $uri/ index.php;
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
fastcgi_pass unix:/var/run/php5-fpm-__NAME__.sock;
# Serve static files
location ~ ^/lib.*\.(gif|png|ico|jpg)$ {
expires 30d;
}
# If you don't use a dedicated fpm config for your app,
# use a general fpm pool.
# This is to be used INSTEAD of line above
# Don't forget to adjust scripts install/upgrade/remove/backup accordingly
#
#fastcgi_pass unix:/var/run/php5-fpm.sock;
#--PRIVATE--# Include SSOWAT user panel.
#--PRIVATE--include conf.d/yunohost_panel.conf.inc;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param HTTPS on if_not_empty;
fastcgi_param REMOTE_USER $remote_user;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $request_filename;
}
# PHP configuration end
# Secure DokuWiki
# Try this ?
#location __PATH__/(data|conf|bin|inc)/ { {
location ~ ^__PATH__/(data|conf|bin|inc)/ {
deny all;
}
# Deny Access to htaccess-Files for Apache
location ~ /\.ht {
deny all;
}
# Serve static files
location ~ ^/lib.*\.(gif|png|ico|jpg)$ {
expires 30d;
}
# Include SSOWAT user panel.
include conf.d/yunohost_panel.conf.inc;
}

42
conf/php-fpm.conf
View file

@ -32,19 +32,19 @@ group = __USER__
; Note: This value is mandatory.
listen = /var/run/php5-fpm-__NAMETOCHANGE__.sock
; Set listen(2) backlog.
; Set listen(2) backlog. A value of '-1' means unlimited.
; Default Value: 128 (-1 on FreeBSD and OpenBSD)
;listen.backlog = 128
; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many
; BSD-derived systems allow connections regardless of permissions.
; BSD-derived systems allow connections regardless of permissions.
; Default Values: user and group are set as the running user
; mode is set to 0660
listen.owner = www-data
listen.group = www-data
;listen.mode = 0660
; List of ipv4 addresses of FastCGI clients which are allowed to connect.
; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
@ -117,7 +117,7 @@ pm.max_spare_servers = 3
; Note: Used only when pm is set to 'ondemand'
; Default Value: 10s
;pm.process_idle_timeout = 10s;
; The number of requests each child process should execute before respawning.
; This can be useful to work around memory leaks in 3rd party libraries. For
; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
@ -170,7 +170,7 @@ pm.max_requests = 500
;
; By default the status page only outputs short status. Passing 'full' in the
; query string will also return status for each pool process.
; Example:
; Example:
; http://www.foo.bar/status?full
; http://www.foo.bar/status?json&full
; http://www.foo.bar/status?html&full
@ -220,9 +220,9 @@ pm.max_requests = 500
; Note: The value must start with a leading slash (/). The value can be
; anything, but it may not be a good idea to use the .php extension or it
; may conflict with a real PHP file.
; Default Value: not set
; Default Value: not set
;pm.status_path = /status
; The ping URI to call the monitoring page of FPM. If this value is not set, no
; URI will be recognized as a ping page. This could be used to test from outside
; that FPM is alive and responding, or to
@ -283,7 +283,7 @@ pm.max_requests = 500
; - ....
; %p: PID of the child that serviced the request
; %P: PID of the parent of the child that serviced the request
; %q: the query string
; %q: the query string
; %Q: the '?' character if query string exists
; %r: the request URI (without the query string, see %q and %Q)
; %R: remote IP address
@ -298,50 +298,50 @@ pm.max_requests = 500
;
; Default: "%R - %u %t \"%m %r\" %s"
;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"
; The log file for slow requests
; Default Value: not set
; Note: slowlog is mandatory if request_slowlog_timeout is set
slowlog = /var/log/nginx/__NAMETOCHANGE__.slow.log
; The timeout for serving a single request after which a PHP backtrace will be
; dumped to the 'slowlog' file. A value of '0s' means 'off'.
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
; Default Value: 0
request_slowlog_timeout = 5s
; The timeout for serving a single request after which the worker process will
; be killed. This option should be used when the 'max_execution_time' ini option
; does not stop script execution for some reason. A value of '0' means 'off'.
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
; Default Value: 0
request_terminate_timeout = 1d
; Set open file descriptor rlimit.
; Default Value: system defined value
;rlimit_files = 1024
; Set max core size rlimit.
; Possible Values: 'unlimited' or an integer greater or equal to 0
; Default Value: system defined value
;rlimit_core = 0
; Chroot to this directory at the start. This value must be defined as an
; absolute path. When this value is not set, chroot is not used.
; Note: you can prefix with '$prefix' to chroot to the pool prefix or one
; of its subdirectories. If the pool prefix is not set, the global prefix
; will be used instead.
; Note: chrooting is a great security feature and should be used whenever
; Note: chrooting is a great security feature and should be used whenever
; possible. However, all PHP paths will be relative to the chroot
; (error_log, sessions.save_path, ...).
; Default Value: not set
;chroot =
;chroot =
; Chdir to this directory at the start.
; Note: relative path can be used.
; Default Value: current directory or / when chroot
chdir = __FINALPATH__
; Redirect worker stdout and stderr into main error log. If not set, stdout and
; stderr will be redirected to /dev/null according to FastCGI specs.
; Note: on highloaded environement, this can cause some delay in the page
@ -356,7 +356,7 @@ catch_workers_output = yes
; Note: set an empty value to allow all extensions.
; Default Value: .php
;security.limit_extensions = .php .php3 .php4 .php5
; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
; the current environment.
; Default Value: clean env
@ -370,7 +370,7 @@ catch_workers_output = yes
; overwrite the values previously defined in the php.ini. The directives are the
; same as the PHP SAPI:
; php_value/php_flag - you can set classic ini defines which can
; be overwritten from PHP call 'ini_set'.
; be overwritten from PHP call 'ini_set'.
; php_admin_value/php_admin_flag - these directives won't be overwritten by
; PHP call 'ini_set'
; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no.
@ -389,4 +389,4 @@ catch_workers_output = yes
;php_flag[display_errors] = off
;php_admin_value[error_log] = /var/log/fpm-php.www.log
;php_admin_flag[log_errors] = on
;php_admin_value[memory_limit] = 32M
;php_admin_value[memory_limit] = 32M

8
conf/plugins.local.php Normal file
View file

@ -0,0 +1,8 @@
<?php
/*
* Local plugin enable/disable settings
* Auto-generated through plugin/extension manager
*
* NOTE: Plugins will not be added to this file unless there is a need to override a default setting. Plugins are
* enabled by default.
*/

26
manifest.json
View file

@ -3,7 +3,7 @@
"id": "dokuwiki",
"packaging_format": 1,
"requirements": {
"yunohost": ">> 2.3.15"
"yunohost": ">> 2.7.14"
},
"description": {
"en": "DokuWiki is a simple to use and highly versatile Open Source wiki software that doesn't require a database.",
@ -12,18 +12,25 @@
"es": "DokuWiki es un sistema de Wiki de uso sencillicimo y compatible con los estándares.",
"it": "DokuWiki è un Wiki aderente agli standard, semplice da usare, finalizzato principalmente alla creazione di documentazione di qualsiasi tipo."
},
"version": "1.1.0",
"version": "2018-04-22a~ynh1",
"url": "https://www.dokuwiki.org",
"maintainer": {
"name": "opi",
"email": "opi@zeropi.net"
"name": "Gofannon",
"email": "gofannon@riseup.net"
},
"previous_maintainers": [
{
"name": "opi",
"email": "opi@zeropi.net",
"url": ""
}
],
"multi_instance": true,
"services": [
"nginx",
"php5-fpm"
],
"license": "free",
"license": "GPL-2.0-or-later",
"arguments": {
"install" : [
{
@ -62,6 +69,15 @@
"fr": "Est-ce un site public ?"
},
"default": "true"
},
{
"name": "language",
"ask": {
"en": "Choose the application language",
"fr": "Choisissez la langue de l'application"
},
"choices": ["en", "fr"],
"default": "en"
}
]
}

254
scripts/.fonctions
View file

@ -1,254 +0,0 @@
#!/bin/bash
ynh_version="2.4"
YNH_VERSION () { # Display number version of the YunoHost moulinette
ynh_version=$(sudo yunohost -v | grep "moulinette:" | cut -d' ' -f2 | cut -d'.' -f1,2)
}
CHECK_VAR () { # Check variable is not empty
# $1 = Checking variable
# $2 = Text to display on error
test -n "$1" || (echo "$2" >&2 && false)
}
EXIT_PROPERLY () { # Causes the script to stop in the event of an error. And clean the residue.
trap '' ERR
echo -e "\e[91m \e[1m" # Shell in light red bold
echo -e "!!\n $app install's script has encountered an error. Installation was cancelled.\n!!" >&2
if type -t CLEAN_SETUP > /dev/null; then # Checks the existence of the function before executing it.
CLEAN_SETUP # Call the specific cleanup function of the install script.
fi
sudo sed -i "\@\"$domain$path/\":@d" /etc/ssowat/conf.json
if [ "$ynh_version" = "2.2" ]; then
/bin/bash $script_dir/remove # Call the remove script. In 2.2, this behavior is not automatic.
fi
ynh_die
}
TRAP_ON () { # Activate signal capture
trap EXIT_PROPERLY ERR # Capturing exit signals on error
}
TRAP_OFF () { # Ignoring signal capture until TRAP_ON
trap '' ERR # Ignoring exit signals
}
CHECK_USER () { # Check the validity of the user admin
# $1 = User admin variable
ynh_user_exists "$1" || (echo "Wrong admin" >&2 && false)
}
CHECK_PATH () { # Checks / at the beginning of the path. And his absence at the end.
if [ "${path:0:1}" != "/" ]; then # If the first character is not /
path="/$path" # Add / at the beginning of path
fi
if [ "${path:${#path}-1}" == "/" ] && [ ${#path} -gt 1 ]; then # If the last character is a / and it is not the only character.
path="${path:0:${#path}-1}" # Delete last character
fi
}
CHECK_DOMAINPATH () { # Checks the availability of the path and domain.
sudo yunohost app checkurl $domain$path -a $app
}
CHECK_FINALPATH () { # Checks that the destination folder is not already in use.
final_path=/var/www/$app
if [ -e "$final_path" ]
then
echo "This path already contains a folder" >&2
false
fi
}
SETUP_SOURCE () { # Download source, decompress and copu into $final_path
src=$(cat ../sources/source_md5 | awk -F' ' {'print $2'})
sudo wget -nv -i ../sources/source_url -O $src
# Checks the checksum of the downloaded source.
md5sum -c ../sources/source_md5 --status || ynh_die "Corrupt source"
# Decompress source
if [ "$(echo ${src##*.})" == "tgz" ]; then
tar -x -f $src
elif [ "$(echo ${src##*.})" == "zip" ]; then
unzip -q $src
else
false # Unsupported archive format.
fi
# Copy file source
sudo cp -a $(cat ../sources/source_dir)/. "$final_path"
# Copy additional file and modified
if test -e "../sources/ajouts"; then
sudo cp -a ../sources/ajouts/. "$final_path"
fi
}
POOL_FPM () { # Create the php-fpm pool configuration file and configure it.
sed -i "s@__NAMETOCHANGE__@$app@g" ../conf/php-fpm.conf
sed -i "s@__FINALPATH__@$final_path@g" ../conf/php-fpm.conf
sed -i "s@__USER__@$app@g" ../conf/php-fpm.conf
finalphpconf=/etc/php5/fpm/pool.d/$app.conf
sudo cp ../conf/php-fpm.conf $finalphpconf
sudo chown root: $finalphpconf
finalphpini=/etc/php5/fpm/conf.d/20-$app.ini
sudo cp ../conf/php-fpm.ini $finalphpini
sudo chown root: $finalphpini
sudo systemctl reload php5-fpm
}
STORE_MD5_CONFIG () { # Saves the checksum of the config file
# $1 = Name of the conf file for storage in settings.yml
# $2 = Full name and path of the conf file.
ynh_app_setting_set $app $1_file_md5 $(sudo md5sum "$2" | cut -d' ' -f1)
}
CHECK_MD5_CONFIG () { # Created a backup of the config file if it was changed.
# $1 = Name of the conf file for storage in settings.yml
# $2 = Full name and path of the conf file.onf.
if [ "$(ynh_app_setting_get $app $1_file_md5)" != $(sudo md5sum "$2" | cut -d' ' -f1) ]; then
sudo cp -a "$2" "$2.backup.$(date '+%d.%m.%y_%Hh%M,%Ss')" # Si le fichier de config a été modifié, créer un backup.
fi
}
FIND_PORT () { # Search free port
# $1 = Port number to start the search.
port=$1
while ! sudo yunohost app checkport $port ; do
port=$((port+1))
done
CHECK_VAR "$port" "port empty"
}
### REMOVE SCRIPT
REMOVE_NGINX_CONF () { # Delete nginx configuration
if [ -e "/etc/nginx/conf.d/$domain.d/$app.conf" ]; then
echo "Delete nginx config"
sudo rm "/etc/nginx/conf.d/$domain.d/$app.conf"
sudo systemctl reload nginx
fi
}
REMOVE_FPM_CONF () { # Delete pool php-fpm configuration
if [ -e "/etc/php5/fpm/pool.d/$app.conf" ]; then # Delete fpm config
echo "Delete fpm config"
sudo rm "/etc/php5/fpm/pool.d/$app.conf"
fi
if [ -e "/etc/php5/fpm/conf.d/20-$app.ini" ]; then # Delete php config
echo "Delete php config"
sudo rm "/etc/php5/fpm/conf.d/20-$app.ini"
fi
sudo systemctl reload php5-fpm
}
REMOVE_LOGROTATE_CONF () { # Delete logrotate configuration
if [ -e "/etc/logrotate.d/$app" ]; then
echo "Delete logrotate config"
sudo rm "/etc/logrotate.d/$app"
fi
}
SECURE_REMOVE () { # Deleting a folder with variable verification
chaine="$1" # The argument must be given between simple quotes '', to avoid interpreting the variables.
no_var=0
while (echo "$chaine" | grep -q '\$') # Loop as long as there are $ in the string
do
no_var=1
global_var=$(echo "$chaine" | cut -d '$' -f 2) # Isole the first variable found.
only_var=\$$(expr "$global_var" : '\([A-Za-z0-9_]*\)') # Isole completely the variable by adding the $ at the beginning and keeping only the name of the variable. Mostly gets rid of / and a possible path behind.
real_var=$(eval "echo ${only_var}") # `eval "echo ${var}` Allows to interpret a variable contained in a variable.
if test -z "$real_var" || [ "$real_var" = "/" ]; then
echo "Variable $only_var is empty, suppression of $chaine cancelled." >&2
return 1
fi
chaine=$(echo "$chaine" | sed "s@$only_var@$real_var@") # Replaces variable with its value in the string.
done
if [ "$no_var" -eq 1 ]
then
if [ -e "$chaine" ]; then
echo "Delete directory $chaine"
sudo rm -r "$chaine"
fi
return 0
else
echo "No detected variable." >&2
return 1
fi
}
# Check if a YunoHost user exists
#
# example: ynh_user_exists 'toto' || exit 1
#
# usage: ynh_user_exists username
# | arg: username - the username to check
ynh_user_exists() {
sudo yunohost user list --output-as json | grep -q "\"username\": \"${1}\""
}
# Retrieve a YunoHost user information
#
# example: mail=$(ynh_user_get_info 'toto' 'mail')
#
# usage: ynh_user_get_info username key
# | arg: username - the username to retrieve info from
# | arg: key - the key to retrieve
# | ret: string - the key's value
ynh_user_get_info() {
sudo yunohost user info "$1" --output-as plain | ynh_get_plain_key "$2"
}
# Get the list of YunoHost users
#
# example: for u in $(ynh_user_list); do ...
#
# usage: ynh_user_list
# | ret: string - one username per line
ynh_user_list() {
sudo yunohost user list --output-as plain --quiet \
| awk '/^##username$/{getline; print}'
}
# Check if a user exists on the system
#
# usage: ynh_system_user_exists username
# | arg: username - the username to check
ynh_system_user_exists() {
getent passwd "$1" &>/dev/null
}
# Create a system user
#
# usage: ynh_system_user_create user_name [home_dir]
# | arg: user_name - Name of the system user that will be create
# | arg: home_dir - Path of the home dir for the user. Usually the final path of the app. If this argument is omitted, the user will be created without home
ynh_system_user_create () {
if ! ynh_system_user_exists "$1" # Check if the user exists on the system
then # If the user doesn't exist
if [ $# -ge 2 ]; then # If a home dir is mentioned
user_home_dir="-d $2"
else
user_home_dir="--no-create-home"
fi
sudo useradd $user_home_dir --system --user-group $1 --shell /usr/sbin/nologin || ynh_die "Unable to create $1 system account"
fi
}
# Delete a system user
#
# usage: ynh_system_user_delete user_name
# | arg: user_name - Name of the system user that will be create
ynh_system_user_delete () {
if ynh_system_user_exists "$1" # Check if the user exists on the system
then
echo "Remove the user $1" >&2
sudo userdel $1
else
echo "The user $1 was not found" >&2
fi
}

13
scripts/_common.sh Normal file
View file

@ -0,0 +1,13 @@
#!/bin/bash
# ============= FUTURE YUNOHOST HELPER =============
# Delete a file checksum from the app settings
#
# $app should be defined when calling this helper
#
# usage: ynh_remove_file_checksum file
# | arg: file - The file for which the checksum will be deleted
ynh_delete_file_checksum () {
local checksum_setting_name=checksum_${1//[\/ ]/_} # Replace all '/' and ' ' by '_'
ynh_app_setting_delete $app $checksum_setting_name
}

61
scripts/backup
View file

@ -1,23 +1,52 @@
#!/bin/bash
# Exit on command errors and treat unset variables as an error
set -eu
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
# Get multi-instances specific variables
app=$YNH_APP_INSTANCE_NAME
# Source app helpers
source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
# Retrieve app settings
domain=$(ynh_app_setting_get "$app" domain)
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
# Copy the app files
final_path="/var/www/${app}"
ynh_backup "$final_path" "sources" 1
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
app=$YNH_APP_INSTANCE_NAME
final_path=$(ynh_app_setting_get $app final_path)
domain=$(ynh_app_setting_get $app domain)
#=================================================
# STANDARD BACKUP STEPS
#=================================================
# BACKUP THE APP MAIN DIR
#=================================================
ynh_backup "$final_path"
#=================================================
# BACKUP THE NGINX CONFIGURATION
#=================================================
ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# BACKUP THE PHP-FPM CONFIGURATION
#=================================================
ynh_backup "/etc/php5/fpm/pool.d/$app.conf"
ynh_backup "/etc/php5/fpm/conf.d/20-$app.ini"
#=================================================
# SPECIFIC BACKUP
#=================================================
# Copy the nginx conf files
ynh_backup "/etc/nginx/conf.d/${domain}.d/${app}.conf" "nginx.conf"
# Copy the php-fpm conf files
ynh_backup "/etc/php5/fpm/pool.d/${app}.conf" "php-fpm.conf"
ynh_backup "/etc/php5/fpm/conf.d/20-${app}.ini" "php-fpm.ini"

100
scripts/change_url Normal file
View file

@ -0,0 +1,100 @@
#!/bin/bash
#=================================================
# GENERIC STARTING
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# RETRIEVE ARGUMENTS
#=================================================
old_domain=$YNH_APP_OLD_DOMAIN
old_path=$YNH_APP_OLD_PATH
new_domain=$YNH_APP_NEW_DOMAIN
new_path=$YNH_APP_NEW_PATH
app=$YNH_APP_INSTANCE_NAME
#=================================================
# LOAD SETTINGS
#=================================================
# Needed for helper "ynh_add_nginx_config"
final_path=$(ynh_app_setting_get $app final_path)
#=================================================
# CHECK THE SYNTAX OF THE PATHS
#=================================================
test -n "$old_path" || old_path="/"
test -n "$new_path" || new_path="/"
new_path=$(ynh_normalize_url_path $new_path)
old_path=$(ynh_normalize_url_path $old_path)
#=================================================
# CHECK WHICH PARTS SHOULD BE CHANGED
#=================================================
change_domain=0
if [ "$old_domain" != "$new_domain" ]
then
change_domain=1
fi
change_path=0
if [ "$old_path" != "$new_path" ]
then
change_path=1
fi
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# MODIFY URL IN NGINX CONF
#=================================================
nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
# Change the path in the nginx config file
if [ $change_path -eq 1 ]
then
# Make a backup of the original nginx config file if modified
ynh_backup_if_checksum_is_different "$nginx_conf_path"
# Set global variables for nginx helper
domain="$old_domain"
path_url="$new_path"
# Store path_url setting
ynh_app_setting_set $app path "$path_url"
# Create a dedicated nginx config
ynh_add_nginx_config
fi
# Change the domain for nginx
if [ $change_domain -eq 1 ]
then
# Delete file checksum for the old conf file location
ynh_delete_file_checksum "$nginx_conf_path"
mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf
# Store file checksum for the new config file location
ynh_store_file_checksum "/etc/nginx/conf.d/$new_domain.d/$app.conf"
fi
#=================================================
# SPECIFIC MODIFICATIONS
#=================================================
# ...
#=================================================
#=================================================
# GENERIC FINALISATION
#=================================================
# RELOAD NGINX
#=================================================
systemctl reload nginx

264
scripts/install
View file

@ -1,7 +1,30 @@
#!/bin/bash
# Exit on command errors and treat unset variables as an error
set -eu
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================
domain=$YNH_APP_ARG_DOMAIN
path_url=$YNH_APP_ARG_PATH
admin=$YNH_APP_ARG_ADMIN
is_public=$YNH_APP_ARG_IS_PUBLIC
language=$YNH_APP_ARG_LANGUAGE
# This is a multi-instance app, meaning it can be installed several times independently
# The id of the app as stated in the manifest is available as $YNH_APP_ID
@ -13,82 +36,209 @@ set -eu
# The app instance name is probably what you are interested the most, since this is
# guaranteed to be unique. This is a good unique identifier to define installation path,
# db names, ...
# Retrieve arguments
source .fonctions # Loads the generic functions usually used in the script
# Source app helpers
source /usr/share/yunohost/helpers
TRAP_ON # Active trap for strop script if detect error.
domain=$YNH_APP_ARG_DOMAIN
path=$YNH_APP_ARG_PATH
admin=$YNH_APP_ARG_ADMIN
is_public=$YNH_APP_ARG_IS_PUBLIC
app=$YNH_APP_INSTANCE_NAME
CHECK_VAR "$app" "app name not set"
#=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#=================================================
CHECK_USER "$admin"
final_path=/var/www/$app
test ! -e "$final_path" || ynh_die "This path already contains a folder"
CHECK_PATH
# Normalize the url path syntax
path_url=$(ynh_normalize_url_path $path_url)
CHECK_DOMAINPATH
# Check web path availability
ynh_webpath_available $domain $path_url
# Register (book) web path
ynh_webpath_register $app $domain $path_url
CHECK_FINALPATH
#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
# Save app settings
ynh_app_setting_set $app domain $domain
ynh_app_setting_set $app path $path
ynh_app_setting_set $app path $path_url
ynh_app_setting_set $app admin $admin
ynh_app_setting_set $app is_public $is_public
ynh_app_setting_set $app language $language
# Create system user dedicace for this app
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_app_setting_set $app final_path $final_path
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source "$final_path"
#=================================================
# NGINX CONFIGURATION
#=================================================
# Create a dedicated nginx config
ynh_add_nginx_config
#=================================================
# CREATE DEDICATED USER
#=================================================
# Create a system user
ynh_system_user_create $app
# Modify dokuwiki conf
sed -i "s@YNH_ADMIN_USER@$admin@g" ../conf/dokuwiki.php
#=================================================
# PHP-FPM CONFIGURATION
#=================================================
# Copy files to the right place
sudo mkdir "$final_path"
ynh_app_setting_set $app final_path $final_path
# Create a dedicated php-fpm config
ynh_add_fpm_config
# Get source
SETUP_SOURCE
#=================================================
# SPECIFIC SETUP
#=================================================
# CUSTOMIZE DOKUWIKI
#=================================================
sudo cp ../conf/dokuwiki.php $final_path/conf
sudo cp ../conf/acl.auth.php $final_path/conf
# Set the "admin" user
ynh_replace_string "__YNH_ADMIN_USER__" "$admin" "../conf/local.protected.php"
# Files owned by dokuwiki can just read
sudo chown -R root: $final_path
# Set the "language"
ynh_replace_string "__YNH_LANGUAGE__" "$language" "../conf/local.php"
# except for conf, data, some data subfolders, and lib/plugin, where www-data must have write permissions
sudo chown -R $app:root $final_path/{conf,data,data/attic,data/cache,data/index,data/locks,data/media*,data/meta,data/pages,data/tmp,lib/plugins,lib/tpl}
sudo chmod -R 700 $final_path/conf
sudo chmod -R 700 $final_path/data
sudo chmod -R 755 $final_path/lib/plugins
sudo chmod 755 $final_path/lib/tpl/{dokuwiki,dokuwiki/images}
# Modify Nginx configuration file and copy it to Nginx conf directory
sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf
sudo sed -i "s@__PATHTOCHANGE__@$path@g" /etc/nginx/conf.d/$domain.d/$app.conf
sudo sed -i "s@__FINALPATH__@$final_path@g" /etc/nginx/conf.d/$domain.d/$app.conf
sudo sed -i "s@__NAMETOCHANGE__@$app@g" /etc/nginx/conf.d/$domain.d/$app.conf
# Copy Yunohost specific configuration
if [ "$is_public" = "Yes" ];
# Loading order of configuration files
#
# By default DokuWiki loads its configuration files in the following order:
#
# 1. conf/dokuwiki.php
# 2. conf/local.php
# 3. conf/local.protected.php
#
# See https://www.dokuwiki.org/plugin:config#protecting_settings
cp ../conf/local.protected.php $final_path/conf
# This File cannot be modified directly by Dokuwiki, only by hand or by Yunohost
# It will only be updated by Yunohost package or directly by adventurous users
cp ../conf/local.php $final_path/conf
# This file might be modified by dokuwiki admin panel or by plugins
# It will not be modified by Yunohost in order to keep user settings
# Restrict user rights by enforcing "read-only" mode for all users
# See https://www.dokuwiki.org/acl#background_info
# Default is "8"
cp ../conf/acl.auth.php $final_path/conf
#=================================================
# CREATE DEFAULT FILES
#=================================================
# For securing DokuWiki installation, create default files that will be writable in the "conf" folder.
# Other files will be read ony and owned by root.
# See https://www.dokuwiki.org/install:permissions
cp $final_path/conf/local.php.dist $final_path/conf/local.php.bak
cp $final_path/conf/users.auth.php.dist $final_path/conf/users.auth.php
cp $final_path/inc/preload.php.dist $final_path/inc/preload.php
# This file might be used by plugins like https://www.dokuwiki.org/plugin:siteexport
# Create it to be more "user friendly" as over the top security is not the main goal here
# This file could be use for bad behaviour.
# See https://www.dokuwiki.org/devel:preload?s[]=preload
# There is no template .dist provided inside DokuWiki installation folder
# Create "empty" files to be able to manage linux permissions
# Files content is taken from an existing DokuWiki installation
cp ../conf/plugins.local.php $final_path/conf
cp ../conf/plugins.local.php $final_path/conf/plugins.local.php.bak
# Create file if it does not exist
if [ ! -f "$final_path/conf/local.protected.php" ]; then
# Set the default "admin"
# Replace string in order to have a functionnal configuration file
ynh_replace_string "__YNH_ADMIN_USER__" "$admin" "../conf/local.protected.php"
cp ../conf/local.protected.php $final_path/conf
fi
#=================================================
# STORE THE CHECKSUM OF THE CONFIG FILE
#=================================================
# Calculate and store the config file checksum into the app settings
ynh_store_file_checksum "$final_path/conf/local.protected.php"
ynh_store_file_checksum "$final_path/conf/local.php"
ynh_store_file_checksum "$final_path/conf/acl.auth.php"
#=================================================
#=================================================
# GENERIC FINALIZATION
#=================================================
# SECURE FILES AND DIRECTORIES
#=================================================
# Try to use "least privilege" to grant minimal access
# For details, see https://www.dokuwiki.org/install:permissions
# Files owned by DokuWiki can just read
chown -R root: $final_path
# DokuWiki needs to write inside these folders. Do "DokuWiki" owner
chown $app:root $final_path/conf
chown $app:root $final_path/inc
# Do "DokuWiki" owner of configuration files that must be writable
chown $app:root $final_path/conf/{local.php,local.php.bak,users.auth.php,acl.auth.php,plugins.local.php,plugins.local.php.bak}
# Usefull for some plugins like https://www.dokuwiki.org/plugin:siteexport
# See https://www.dokuwiki.org/devel:preload
chown $app:root $final_path/inc/preload.php
# Grant read-only to all files as files copied above are owned by root by defaut and nginx cannot read them
# There are only files in the folder and there is sublevels. No need to use "find"
chmod -R a+r $final_path/conf
chmod -R a+r $final_path/inc
# Give write access to "data" and subfolders
chown -R $app:root $final_path/data
# Remove access to "other"
chmod -R o-rwx $final_path/data
# Allow the web admin panel to run, aka "Extension Manager"
chown -R $app:root $final_path/lib/plugins
# Allow to install templates
chown -R $app:root $final_path/lib/tpl
# Allow access to public assets like style sheets
find $final_path/lib -type f -print0 | xargs -0 chmod 0644
find $final_path/lib -type d -print0 | xargs -0 chmod 0755
# Using "find" instead of "chmod -R 755" so files does not become executable too
# chmod : -rwxr-xr-x 1 root root 241 May 3 08:36 index.html => BAD
# find : -rw-r--r-- 1 1001 1002 241 May 3 08:36 index.html => GOOD
#=================================================
# SETUP SSOWAT
#=================================================
# Not needed as no skipped_uris have been added before.
# Example : "ynh_app_setting_set $app skipped_uris ..."
# See https://github.com/YunoHost-Apps/dokuwiki_ynh/pull/37 for explanation
#if [ $is_public -eq 0 ]
#then # Remove the public access
# ynh_app_setting_delete $app skipped_uris
#fi
# Make app public if necessary
if [ $is_public -eq 1 ]
then
sudo sed -i "s@#--PRIVATE--@@g" /etc/nginx/conf.d/$domain.d/$app.conf
# unprotected_uris allows SSO credentials to be passed anyway.
ynh_app_setting_set $app unprotected_uris "/"
fi
# Create the php-fpm pool config
POOL_FPM
#=================================================
# RELOAD NGINX
#=================================================
# If app is public, add url to SSOWat conf as skipped_uris
if [[ $is_public -eq 1 ]]; then
# unprotected_uris allows SSO credentials to be passed anyway.
ynh_app_setting_set "$app" unprotected_uris "/"
fi
# Reload Nginx
sudo systemctl reload nginx
systemctl reload nginx

68
scripts/remove
View file

@ -1,30 +1,58 @@
#!/bin/bash
# Exit on command errors and treat unset variables as an error
set -u
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
#=================================================
# Get multi-instances specific variables
app=$YNH_APP_INSTANCE_NAME
# Loads the generic functions usually used in the script
source .fonctions
# Source app helpers
. /usr/share/yunohost/helpers
domain=$(ynh_app_setting_get $app domain)
final_path=$(ynh_app_setting_get $app final_path)
# Retrieve app settings
domain=$(ynh_app_setting_get "$app" domain)
#=================================================
# STANDARD REMOVE
#=================================================
# Delete app directory and configurations
sudo rm -rf "/var/www/${app}"
sudo rm -f "/etc/php5/fpm/pool.d/${app}.conf"
sudo rm -f "/etc/php5/fpm/conf.d/20-${app}.ini"
[[ -n $domain ]] && sudo rm -f "/etc/nginx/conf.d/${domain}.d/${app}.conf"
#=================================================
# REMOVE APP MAIN DIR
#=================================================
# Reload services
sudo systemctl reload php5-fpm
sudo systemctl reload nginx
# Remove the app directory securely
ynh_secure_remove "$final_path"
# Delete system user dedicace for this app
#=================================================
# REMOVE NGINX CONFIGURATION
#=================================================
# Remove the dedicated nginx config
ynh_remove_nginx_config
#=================================================
# REMOVE PHP-FPM CONFIGURATION
#=================================================
# Remove the dedicated php-fpm config
ynh_remove_fpm_config
#=================================================
# SPECIFIC REMOVE
#=================================================
#=================================================
# GENERIC FINALIZATION
#=================================================
# REMOVE DEDICATED USER
#=================================================
# Delete a system user
ynh_system_user_delete $app
echo -e "\e[0m" # Restore normal color

131
scripts/restore
View file

@ -1,69 +1,94 @@
#!/bin/bash
# This restore script is adapted to Yunohost >=2.4
# Exit on command errors and treat unset variables as an error
set -eu
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
# The parameter $2 is the id of the app instance ex: ynhexample__2
app=$YNH_APP_INSTANCE_NAME
if [ ! -e .fonctions ]; then
# Get file fonction if not been to the current directory
sudo cp ../settings/scripts/.fonctions ./.fonctions
sudo chmod a+rx .fonctions
fi
# Loads the generic functions usually used in the script
source .fonctions
# Source app helpers
source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
# Get old parameter of the app
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get $app domain)
path=$(ynh_app_setting_get $app path)
is_public=$(ynh_app_setting_get $app is_public)
path_url=$(ynh_app_setting_get $app path)
final_path=$(ynh_app_setting_get $app final_path)
# Check domain/path availability
sudo yunohost app checkurl "${domain}${path}" -a "$app" \
|| ynh_die "Path not available: ${domain}${path}"
#=================================================
# CHECK IF THE APP CAN BE RESTORED
#=================================================
# Check $final_path
final_path="/var/www/${app}"
if [ -d $final_path ]; then
ynh_die "There is already a directory: $final_path"
fi
ynh_webpath_available $domain $path_url \
|| ynh_die "Path not available: ${domain}${path_url}"
test ! -d $final_path \
|| ynh_die "There is already a directory: $final_path "
# Check configuration files nginx
nginx_conf="/etc/nginx/conf.d/${domain}.d/${app}.conf"
if [ -f $nginx_conf ]; then
ynh_die "The NGINX configuration already exists at '${nginx_conf}'. You should safely delete it before restoring this app."
fi
# Check configuration files php-fpm
phpfpm_conf="/etc/php5/fpm/pool.d/${app}.conf"
if [ -f $phpfpm_conf ]; then
ynh_die "The PHP FPM configuration already exists at '${phpfpm_conf}'. You should safely delete it before restoring this app."
fi
#=================================================
# STANDARD RESTORATION STEPS
#=================================================
# RESTORE THE NGINX CONFIGURATION
#=================================================
phpfpm_ini="/etc/php5/fpm/conf.d/20-${app}.ini"
if [ -f $phpfpm_ini ]; then
ynh_die "The PHP FPM INI configuration already exists at '${phpfpm_ini}'. You should safely delete it before restoring this app."
fi
ynh_restore_file "/etc/nginx/conf.d/$domain.d/$app.conf"
# Create system user dedicace for this app
#=================================================
# RESTORE THE APP MAIN DIR
#=================================================
ynh_restore_file "$final_path"
#=================================================
# RECREATE THE DEDICATED USER
#=================================================
# Create the dedicated user (if not existing)
ynh_system_user_create $app
# Restore sources & data
sudo cp -a ./sources "${final_path}"
#=================================================
# RESTORE USER RIGHTS
#=================================================
# Set permissions
sudo chown -R $app: "${final_path}"
# Restore permissions on app files
chown -R root: $final_path
# Restore nginx configuration files
sudo cp -a ./nginx.conf "${nginx_conf}"
# Restore php-fpm configuration files
sudo cp -a ./php-fpm.conf "${phpfpm_conf}"
sudo cp -a ./php-fpm.ini "${phpfpm_ini}"
# Restore permissions same as from the 'install' script
# except for conf, data, some data subfolders, and lib/plugin, where www-data must have write permissions
chown -R $app:root $final_path/{conf,data,data/attic,data/cache,data/index,data/locks,data/media*,data/meta,data/pages,data/tmp,lib/plugins,lib/tpl}
chmod -R 700 $final_path/conf
chmod -R 700 $final_path/data
chmod -R 755 $final_path/lib/plugins
chmod 755 $final_path/lib/tpl/{dokuwiki,dokuwiki/images}
# Reload services
sudo systemctl reload php5-fpm
sudo systemctl reload nginx
sudo yunohost app ssowatconf
#=================================================
# RESTORE THE PHP-FPM CONFIGURATION
#=================================================
ynh_restore_file "/etc/php5/fpm/pool.d/$app.conf"
ynh_restore_file "/etc/php5/fpm/conf.d/20-$app.ini"
#=================================================
# SPECIFIC RESTORATION
#=================================================
#=================================================
# GENERIC FINALIZATION
#=================================================
# RELOAD NGINX AND PHP-FPM
#=================================================
systemctl reload php5-fpm
systemctl reload nginx

374
scripts/upgrade
View file

@ -1,128 +1,320 @@
#!/bin/bash
# Exit on command errors and treat unset variables as an error
set -eu
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
if [ ! -e .fonctions ]; then
# Get file fonction if not been to the current directory
sudo cp ../settings/scripts/.fonctions ./.fonctions
sudo chmod a+rx .fonctions
fi
# Loads the generic functions usually used in the script
source .fonctions
# Source app helpers
source _common.sh
source /usr/share/yunohost/helpers
# This is a multi-instance app, meaning it can be installed several times independently
# The id of the app as stated in the manifest is available as $YNH_APP_ID
# The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2", ...)
# The app instance name is available as $YNH_APP_INSTANCE_NAME
# - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample
# - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2
# - ynhexample__{N} for the subsequent installations, with N=3,4, ...
# The app instance name is probably what you are interested the most, since this is
# guaranteed to be unique. This is a good unique identifier to define installation path,
# db names, ...
#=================================================
# LOAD SETTINGS
#=================================================
app=$YNH_APP_INSTANCE_NAME
# Retrieve app settings
domain=$(ynh_app_setting_get $app domain)
path=$(ynh_app_setting_get $app path)
path_url=$(ynh_app_setting_get $app path)
admin=$(ynh_app_setting_get $app admin)
is_public=$(ynh_app_setting_get $app is_public)
multisite=$(ynh_app_setting_get $app multisite)
# Not needed during upgrade as user might have change it since installation from Dokuwiki admin panel
#language=$(ynh_app_setting_get $app language)
final_path=$(ynh_app_setting_get $app final_path)
# Remove trailing slash to path
path=${path%/}
#force location to be / or /foo
location=${path:-/}
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
# admin default value, if not set
if [ -z "$admin" ];
then
# Fix is_public as a boolean value
if [ "$is_public" = "Yes" ]; then
ynh_app_setting_set $app is_public 1
is_public=1
elif [ "$is_public" = "No" ]; then
ynh_app_setting_set $app is_public 0
is_public=0
fi
# If final_path doesn't exist, create it
if [ -z $final_path ]; then
final_path=/var/www/$app
ynh_app_setting_set $app final_path $final_path
fi
# TODO Not sure if still needed ??
# admin default value, if not set
if [ -z "$admin" ]; then
admin=$(sudo yunohost user list | grep 'username' -m1 | awk '{print $2}')
sudo ynh_app_setting_set $app is_public -v "$is_public"
fi
# Create system user dedicace for this app
# language default value, if not set
if [ -z "$language" ]; then
language='en'
ynh_app_setting_set $app language $language
fi
# Yunohost specific configuration, if not exists
# Previously, these settings were store a unique "dokuwiki.php"
# Now, they are split in multiples files to ease upgrading process (separate Yunohost config from user config)
# Loading order of configuration files
#
# By default DokuWiki loads its configuration files in the following order:
#
# 1. conf/dokuwiki.php
# 2. conf/local.php
# 3. conf/local.protected.php
#
# See https://www.dokuwiki.org/plugin:config#protecting_settings
# Configuration dedicated to Yunohost (LDAP and admin mainly)
# Create file if it does not exist
if [ ! -f "$final_path/conf/local.protected.php" ]; then
# Set the default "admin"
# Replace string in order to have a functionnal configuration file
ynh_replace_string "__YNH_ADMIN_USER__" "$admin" "../conf/local.protected.php"
cp ../conf/local.protected.php $final_path/conf
fi
# Do not overwrite existing dokuwiki configuration as it could have user customization's and settings.
# Cannot use helper "ynh_backup_if_checksum_is_different"
# Create file if it does not exist
if [ ! -f "$final_path/conf/local.php" ]; then
# Set the default "language" only when file does not exist beforehand
# Replace string in order to have a functionnal configuration file
ynh_replace_string "__YNH_LANGUAGE__" "$language" "../conf/local.php"
cp ../conf/local.php $final_path/conf
fi
# Do not overwrite existing ACL configuration file as it could have user customization's and settings.
# Cannot use helper "ynh_backup_if_checksum_is_different"
# Create file if it does not exist
# See https://www.dokuwiki.org/acl#background_info
if [ ! -f "$final_path/conf/acl.auth.php" ]; then
cp ../conf/acl.auth.php $final_path/conf
fi
# For securing DokuWiki installation, create default files that will be writable in the "conf" folder.
# Other files will be read ony and owned by root.
# See https://www.dokuwiki.org/install:permissions
# Create file if it does not exist
if [ ! -f "$final_path/conf/local.protected.php" ]; then
# Set the default "admin"
# Replace string in order to have a functionnal configuration file
ynh_replace_string "__YNH_ADMIN_USER__" "$admin" "../conf/local.protected.php"
cp ../conf/local.protected.php $final_path/conf
fi
# If file does not exists
if [ ! -f "$final_path/conf/local.php.bak" ]; then
# if template exists
if [ -f "$final_path/conf/local.php.dist" ]; then
# Copy template to create default file
cp "$final_path/conf/local.php.dist" "$final_path/conf/local.php.bak"
fi
fi
if [ ! -f "$final_path/conf/users.auth.php" ]; then
if [ -f "$final_path/conf/users.auth.php.dist" ]; then
cp $final_path/conf/users.auth.php.dist $final_path/conf/users.auth.php
fi
fi
if [ ! -f "$final_path/conf/plugins.local.php" ]; then
cp ../conf/plugins.local.php $final_path/conf
fi
if [ ! -f "$final_path/conf/plugins.local.php.bak" ]; then
cp ../conf/plugins.local.php $final_path/conf/plugins.local.php.bak
fi
if [ ! -f "$final_path/inc/preload.php" ]; then
# if template exists
if [ -f "$final_path/inc/preload.php.dist" ]; then
# Copy template to create default file
cp "$final_path/inc/preload.php.dist" "$final_path/inc/preload.php"
fi
fi
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
# restore it if the upgrade fails
ynh_restore_upgradebackup
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# CHECK THE PATH
#=================================================
# Normalize the URL path syntax
path_url=$(ynh_normalize_url_path $path_url)
#=================================================
# STANDARD UPGRADE STEPS
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source "$final_path"
#=================================================
# NGINX CONFIGURATION
#=================================================
# Create a dedicated nginx config
ynh_add_nginx_config
#=================================================
# CREATE DEDICATED USER
#=================================================
# Create a system user
ynh_system_user_create $app
# Modify dokuwiki conf
sed -i "s@YNH_ADMIN_USER@$admin@g" ../conf/dokuwiki.php
#=================================================
# PHP-FPM CONFIGURATION
#=================================================
# Copy files to the right place
final_path=/var/www/$app
sudo mkdir -p $final_path
# Create a dedicated php-fpm config
ynh_add_fpm_config
# Get source
SETUP_SOURCE
#=================================================
# SPECIFIC UPGRADE
#=================================================
sudo cp ../conf/dokuwiki.php $final_path/conf
# Do not override ACL configuration file
if [ ! -f "$final_path/conf/acl.auth.php" ]; then
sudo cp ../conf/acl.auth.php $final_path/conf
fi
# Remove upgrade notification
# Remove upgrade notification inside Dokuwiki's admin panel
# See https://www.dokuwiki.org/update_check
sudo touch $final_path/doku.php
touch $final_path/doku.php
# Remove deleted files
# Remove files not used anymore after upgrade
# See https://www.dokuwiki.org/install:unused_files
if [ -f "../sources/data/deleted.files" ]; then
grep -Ev '^($|#)' ../sources/data/deleted.files | xargs -I {} sudo rm -vrf $final_path/{}
if [ -f "$final_path/data/deleted.files" ]; then
# Use a "sub process" to start a new shell to run these commands
# Allow to use only one "cd" and to be more efficent
(
# Move to the dokuwiki installation folder so the "official" commands can be used without adaptation
cd $final_path
# This command could not remove directory
#grep -Ev '^($|#)' data/deleted.files | xargs -n 1 rm -vf
# => "rm: cannot remove 'vendor/easybook/geshi': Is a directory"
# That one works as expected
grep -Ev '^($|#)' data/deleted.files | xargs -n 1 rm -fr
)
fi
# Change owner for all plugins
sudo chmod -R 755 $final_path/lib/plugins
# TODO Taken from old "upgrade" script. Should check if it is needed and what it does
# Update all plugins
for name_plugin in $(sudo -s cat $final_path/lib/plugins/*/plugin.info.txt | grep url | awk -F':' '{print $3}');
do
# Get a official plugin for dokuwiki, not update a no-official
sudo wget -nv --quiet "https://github.com/splitbrain/dokuwiki-plugin-${name_plugin}/zipball/master" -O "${name_plugin}.zip" -o /dev/null || true
if [ -s "${name_plugin}.zip" ]; then
sudo unzip ${name_plugin}.zip
sudo cp -a splitbrain-dokuwiki-plugin-${name_plugin}*/. "${final_path}/lib/plugins/${name_plugin}/"
fi
# Get a official plugin for dokuwiki, not update a no-official
sudo wget -nv --quiet "https://github.com/splitbrain/dokuwiki-plugin-${name_plugin}/zipball/master" -O "${name_plugin}.zip" -o /dev/null || true
if [ -s "${name_plugin}.zip" ]; then
sudo unzip ${name_plugin}.zip
sudo cp -a splitbrain-dokuwiki-plugin-${name_plugin}*/. "${final_path}/lib/plugins/${name_plugin}/"
fi
done
# Files owned by www-data can just read
sudo chown -R root: $final_path
#=================================================
# except for conf, data, some data subfolders, and lib/plugin, where dokuwiki must have write permissions
if [ -d "${final_path}/data/media" ]; then
sudo chown -R $app:root $final_path/{data/attic,data/cache,data/index,data/locks,data/media*,data/meta,data/pages,data/tmp}
#=================================================
# LDAP Configuration
#=================================================
# Verify if existing file needs to be upgraded by comparing it's size to new file from package
# If different, do a backup of existing file and overwrite with new file
#
# Safe here as this file is only used by Yunohost. Dokuwiki cannot modified it.
ynh_backup_if_checksum_is_different "$final_path/conf/local.protected.php"
# Set the "admin" user
ynh_replace_string "__YNH_ADMIN_USER__" "$admin" "../conf/local.protected.php"
cp ../conf/local.protected.php $final_path/conf
# This File cannot be modified directly by Dokuwiki, only by hand or by Yunohost
# It will only be updated by Yunohost package or directly by adventurous users
# Recalculate and store the config file checksum into the app settings
ynh_store_file_checksum "$final_path/conf/local.protected.php"
#=================================================
# GENERIC FINALIZATION
#=================================================
# SECURE FILES AND DIRECTORIES
#=================================================
# Try to use "least privilege" to grant minimal access
# For details, see https://www.dokuwiki.org/install:permissions
# Files owned by DokuWiki can just read
chown -R root: $final_path
# DokuWiki needs to write inside these folders. Do "DokuWiki" owner
chown $app:root $final_path/conf
chown $app:root $final_path/inc
# Do "DokuWiki" owner of configuration files that must be writable
chown $app:root $final_path/conf/{local.php,local.php.bak,users.auth.php,acl.auth.php,plugins.local.php,plugins.local.php.bak}
chown $app:root $final_path/inc/preload.php
# Grant read-only to all files as files copied above are owned by root by defaut and nginx cannot read them
# There are only files in the folder and there is sublevels. No need to use "find"
chmod -R a+r $final_path/conf
chmod -R a+r $final_path/inc
# Give write access to "data" and subfolders
chown -R $app:root $final_path/data
# Remove access to "other"
chmod -R o-rwx $final_path/data
# Allow the web admin panel to run, aka "Extension Manager"
chown -R $app:root $final_path/lib/plugins
# Allow to install templates
chown -R $app:root $final_path/lib/tpl
# Allow access to public assets like style sheets
find $final_path/lib -type f -print0 | xargs -0 chmod 0644
find $final_path/lib -type d -print0 | xargs -0 chmod 0755
# Using "find" instead of "chmod -R 755" so files does not become executable too
# chmod : -rwxr-xr-x 1 root root 241 May 3 08:36 index.html => BAD
# find : -rw-r--r-- 1 1001 1002 241 May 3 08:36 index.html => GOOD
#=================================================
# SETUP SSOWAT
#=================================================
if [ $is_public -eq 0 ]
then # Remove the public access
ynh_app_setting_delete $app skipped_uris
fi
sudo chown -R $app:root $final_path/{conf,data,lib/plugins,lib/tpl}
sudo chmod -R 700 $final_path/conf
sudo chmod -R 700 $final_path/data
sudo chmod -R 755 $final_path/lib/plugins
sudo chmod 755 $final_path/lib/tpl/{dokuwiki,dokuwiki/images}
# Modify Nginx configuration file and copy it to Nginx conf directory
sudo sed -i "s@__PATHTOCHANGE__@$path@g" /etc/nginx/conf.d/$domain.d/$app.conf
sudo sed -i "s@__FINALPATH__@$final_path@g" /etc/nginx/conf.d/$domain.d/$app.conf
# sudo sed -i "s@__NAMETOCHANGE__@$app@g" /etc/nginx/conf.d/$domain.d/$app.conf
sudo sed -i "s@fastcgi_pass unix:/var/run/php5-fpm.sock;@fastcgi_pass unix:/var/run/php5-fpm-${app}.sock;@g" /etc/nginx/conf.d/$domain.d/$app.conf
if [ "$is_public" = "Yes" ];
# Make app public if necessary
if [ $is_public -eq 1 ]
then
sudo sed -i "s@#--PRIVATE--@@g" /etc/nginx/conf.d/$domain.d/$app.conf
# unprotected_uris allows SSO credentials to be passed anyway
ynh_app_setting_set $app unprotected_uris "/"
fi
# Create the php-fpm pool config
POOL_FPM
#=================================================
# RELOAD NGINX
#=================================================
# Set ssowat config
if [ "$is_public" = "Yes" ]; then
ynh_app_setting_set $app is_public 1 # Fixe is_public en booléen
is_public=1
else
ynh_app_setting_set $app is_public 0
is_public=0
fi
sudo systemctl reload nginx
sudo yunohost app ssowatconf
systemctl reload nginx

1
sources/source_dir
View file

@ -1 +0,0 @@
dokuwiki-2017-02-19b

1
sources/source_md5
View file

@ -1 +0,0 @@
ea11e4046319710a2bc6fdf58b5cda86 dokuwiki-2017-02-19b.tgz

1
sources/source_url
View file

@ -1 +0,0 @@
https://download.dokuwiki.org/src/dokuwiki/dokuwiki-2017-02-19b.tgz