dokuwiki_ynh/scripts/restore

#!/bin/bash

#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================

source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers

#=================================================
# MANAGE SCRIPT FAILURE
#=================================================

# Exit if an error occurs during the execution of the script
ynh_abort_if_errors

#=================================================
# LOAD SETTINGS
#=================================================

app=$YNH_APP_INSTANCE_NAME

domain=$(ynh_app_setting_get $app domain)
path_url=$(ynh_app_setting_get $app path)
final_path=$(ynh_app_setting_get $app final_path)

#=================================================
# CHECK IF THE APP CAN BE RESTORED
#=================================================

ynh_webpath_available $domain $path_url \
	|| ynh_die "Path not available: ${domain}${path_url}"
test ! -d $final_path \
	|| ynh_die "There is already a directory: $final_path "

#=================================================
# STANDARD RESTORATION STEPS
#=================================================
# RESTORE THE NGINX CONFIGURATION
#=================================================

ynh_restore_file "/etc/nginx/conf.d/$domain.d/$app.conf"

#=================================================
# RESTORE THE APP MAIN DIR
#=================================================

ynh_restore_file "$final_path"

#=================================================
# RECREATE THE DEDICATED USER
#=================================================

# Create the dedicated user (if not existing)
ynh_system_user_create $app

#=================================================
# RESTORE USER RIGHTS
#=================================================

# Try to use "least privilege" to grant minimal access
# For details, see https://www.dokuwiki.org/install:permissions

# Files owned by DokuWiki can just read
chown -R root: $final_path

# DokuWiki needs to write inside these folders. Do "DokuWiki" owner
chown $app:root $final_path/conf
chown $app:root $final_path/inc

# Do "DokuWiki" owner of configuration files that must be writable
chown $app:root $final_path/conf/{local.php,local.php.bak,users.auth.php,acl.auth.php,plugins.local.php,plugins.local.php.bak}
# Useful for some plugins like https://www.dokuwiki.org/plugin:siteexport
# See https://www.dokuwiki.org/devel:preload
chown $app:root $final_path/inc/preload.php
# Grant read-only to all files as files copied above are owned by root by defaut and nginx cannot read them
# There are only files in the folder and there are no sublevels. No need to use "find"
chmod -R a+r $final_path/conf
chmod -R a+r $final_path/inc

# Give write access to "data" and subfolders
chown -R $app:root $final_path/data
# Remove access to "other"
chmod -R o-rwx $final_path/data

# Allow the web admin panel to run, aka "Extension Manager"
chown -R $app:root $final_path/lib/plugins
# Allow to install templates
chown -R $app:root $final_path/lib/tpl

# Allow access to public assets like style sheets
find $final_path/lib -type f -print0 | xargs -0 chmod 0644
find $final_path/lib -type d -print0 | xargs -0 chmod 0755
# Using "find" instead of "chmod -R 755" so files does not become executable too
# chmod :   -rwxr-xr-x  1 root root  241 May  3 08:36 index.html   => BAD
# find  :   -rw-r--r--  1 1001 1002  241 May  3 08:36 index.html   => GOOD

#=================================================
# RESTORE THE PHP-FPM CONFIGURATION
#=================================================

ynh_restore_file "/etc/php5/fpm/pool.d/$app.conf"

#=================================================
# SPECIFIC RESTORATION
#=================================================



#=================================================
# GENERIC FINALIZATION
#=================================================
# RELOAD NGINX AND PHP-FPM
#=================================================

systemctl reload php5-fpm
systemctl reload nginx