YunoHost-Apps/dokuwiki_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/dokuwiki_ynh.git synced 2024-09-03 18:26:20 +02:00
Code Issues Activity Actions
dokuwiki_ynh/scripts/install

157 lines
6.3 KiB
Bash
Executable file
Raw Blame History

#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================
fpm_footprint="low"
fpm_free_footprint=0
fpm_usage="low"
#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
ynh_app_setting_set --app=$app --key=fpm_footprint --value=$fpm_footprint
ynh_app_setting_set --app=$app --key=fpm_free_footprint --value=$fpm_free_footprint
ynh_app_setting_set --app=$app --key=fpm_usage --value=$fpm_usage
#=================================================
# STORE DEFAULT VALUES FOR "ACTION SCRIPTS"
#=================================================
# Needed for "upgrade" to know which backend to set back after overwriting "local.protected.php"
# Can be changed by action script "internal_users"
auth_backend='authldap' # Default backend is LDAP with Yunohost, 'authldap' for DokuWiki
ynh_app_setting_set $app auth_backend $auth_backend
# Force disable the 'is_internal_users' feature
ynh_app_setting_set $app is_internal_users 0
#=================================================
# STORE DEFAULT VALUES FOR "ACTION SCRIPTS"
#=================================================
# Needed for "upgrade" to know which backend to set back after overwriting "local.protected.php"
# Can be changed by action script "internal_users"
auth_backend='authldap' # Default backend is LDAP with Yunohost, 'authldap' for DokuWiki
ynh_app_setting_set $app auth_backend $auth_backend
# Force disable the 'is_internal_users' feature
ynh_app_setting_set $app is_internal_users 0
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression --message="Setting up source files..." --weight=2
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$install_dir"
chmod -R o-rwx "$install_dir"
chown -R $app:www-data "$install_dir"
#=================================================
# SYSTEM CONFIGURATION
#=================================================
ynh_script_progression --message="Adding system configurations related to $app..." --weight=1
# Create a dedicated PHP-FPM config
ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint
# Create a dedicated NGINX config
ynh_add_nginx_config
#=================================================
# SPECIFIC SETUP
#=================================================
# ADD A CONFIGURATION
#=================================================
ynh_script_progression --message="Adding a configuration file..." --weight=2
# Loading order of configuration files
#
# By default DokuWiki loads its configuration files in the following order:
#
# 1. conf/dokuwiki.php
# 2. conf/local.php
# 3. conf/local.protected.php
#
# See https://www.dokuwiki.org/plugin:config#protecting_settings
### Copy YunoHost specific configuration
# This File cannot be modified directly by DokuWiki, only by hand or by YunoHost
# It will only be updated by YunoHost package or directly by adventurous users
# Set the authentification backend
ynh_replace_string "__YNH_AUTH_BACKEND__" "$auth_backend" "$final_path/conf/local.protected.php"
# Set the "admin" user
ynh_replace_string --match_string="__YNH_ADMIN_USER__" --replace_string="$admin" --target_file="$final_path/conf/local.protected.php"
# Customize admin group in case of multiple wiki install managed by different admins
# dokuwiki.admin; dokuwiki__1.admin; etc
ynh_add_config --template="../conf/local.protected.php" --destination="$install_dir/conf/local.protected.php"
# This file might be modified by DokuWiki admin panel or by plugins
# It will not be modified by Yunohost in order to keep user settings
cp ../conf/local.php $final_path/conf
# Set the "language"
ynh_add_config --template="../conf/local.php" --destination="$install_dir/conf/local.php"
# Restrict user rights by enforcing "read-only" mode for all users
# See https://www.dokuwiki.org/acl#background_info
# Default is "8"
cp ../conf/acl.auth.php $final_path/conf
#=================================================
# CREATE DEFAULT FILES
#=================================================
ynh_script_progression --message="Creating default files..." --weight=1
# For securing DokuWiki installation, create default files that will be writable in the "conf" folder.
# Other files will be read ony and owned by root.
# See https://www.dokuwiki.org/install:permissions
cp --archive $install_dir/conf/local.php.dist $install_dir/conf/local.php.bak
cp --archive $install_dir/conf/users.auth.php.dist $install_dir/conf/users.auth.php
# This file might be used by plugins like https://www.dokuwiki.org/plugin:siteexport
# Create it to be more "user friendly" as over the top security is not the main goal here
# This file could be use for bad behaviour.
# See https://www.dokuwiki.org/devel:preload?s[]=preload
cp --archive $install_dir/inc/preload.php.dist $install_dir/inc/preload.php
# There is no template .dist provided inside DokuWiki installation folder
# Create "empty" files to be able to manage linux permissions
# Files content is taken from an existing DokuWiki installation
cp --archive ../conf/plugins.local.php $install_dir/conf
cp --archive ../conf/plugins.local.php $install_dir/conf/plugins.local.php.bak
#=================================================
# GENERIC FINALIZATION
#=================================================
# SETUP FAIL2BAN
#=================================================
ynh_script_progression --message="Configuring Fail2Ban..." --weight=7
# Create a dedicated Fail2Ban config
ynh_add_fail2ban_config --logpath="/var/log/nginx/$domain-error.log" --failregex="^.*authentication failure. while reading response header from upstream, client: <HOST>,.*POST $path.*$" --max_retry=5
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Installation of $app completed" --last
Reference in a new issue View git blame Copy permalink