mirror of
https://github.com/YunoHost-Apps/dotclear2_ynh.git
synced 2024-09-03 18:26:29 +02:00
commit
777e721800
12 changed files with 198 additions and 223 deletions
|
@ -9,7 +9,7 @@ If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to
|
||||||
## Overview
|
## Overview
|
||||||
Dotclear is an open-source web publishing software.
|
Dotclear is an open-source web publishing software.
|
||||||
|
|
||||||
**Shipped version:** 2.18
|
**Shipped version:** 2.18.1
|
||||||
|
|
||||||
## Screenshots
|
## Screenshots
|
||||||
|
|
||||||
|
|
|
@ -1,11 +1,9 @@
|
||||||
# See here for more informations
|
|
||||||
# https://github.com/YunoHost/package_check#syntax-check_process-file
|
|
||||||
;; Test complet
|
;; Test complet
|
||||||
; Manifest
|
; Manifest
|
||||||
domain="domain.tld" (DOMAIN)
|
domain="domain.tld"
|
||||||
path="/path" (PATH)
|
path="/path"
|
||||||
admin="john" (USER)
|
admin="john"
|
||||||
is_public=1 (PUBLIC|public=1|private=0)
|
is_public=1
|
||||||
; Checks
|
; Checks
|
||||||
pkg_linter=1
|
pkg_linter=1
|
||||||
setup_sub_dir=1
|
setup_sub_dir=1
|
||||||
|
@ -19,8 +17,6 @@
|
||||||
multi_instance=1
|
multi_instance=1
|
||||||
port_already_use=0
|
port_already_use=0
|
||||||
change_url=1
|
change_url=1
|
||||||
;;; Levels
|
|
||||||
Level 5=auto
|
|
||||||
;;; Options
|
;;; Options
|
||||||
Email=
|
Email=
|
||||||
Notification=none
|
Notification=none
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
SOURCE_URL=http://download.dotclear.org/latest/dotclear-2.18.tar.gz
|
SOURCE_URL=http://download.dotclear.org/latest/dotclear-2.18.1.zip
|
||||||
SOURCE_SUM=6a99672db2c20e392d776c680dc87d5bc66962e8307ecf81a63feb6c5d2f398a
|
SOURCE_SUM=ea9874c0a796c798efa31c9a8b747707dc678b7244a4d385975466dc4ff5b88e
|
||||||
SOURCE_SUM_PRG=sha256sum
|
SOURCE_SUM_PRG=sha256sum
|
||||||
SOURCE_FORMAT=tar.gz
|
SOURCE_FORMAT=zip
|
||||||
SOURCE_IN_SUBDIR=2
|
SOURCE_IN_SUBDIR=true
|
||||||
SOURCE_FILENAME=
|
SOURCE_FILENAME=
|
||||||
|
SOURCE_EXTRACT=true
|
||||||
|
|
|
@ -11,10 +11,13 @@ location __PATH__/ {
|
||||||
|
|
||||||
index index.php;
|
index index.php;
|
||||||
|
|
||||||
|
# Common parameter to increase upload size limit in conjunction with dedicated php-fpm file
|
||||||
|
client_max_body_size 50M;
|
||||||
|
|
||||||
try_files $uri $uri/ index.php;
|
try_files $uri $uri/ index.php;
|
||||||
location ~ [^/]\.php(/|$) {
|
location ~ [^/]\.php(/|$) {
|
||||||
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
|
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
|
||||||
fastcgi_pass unix:/var/run/php/php7.0-fpm-__NAME__.sock;
|
fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock;
|
||||||
|
|
||||||
fastcgi_index index.php;
|
fastcgi_index index.php;
|
||||||
include fastcgi_params;
|
include fastcgi_params;
|
||||||
|
|
|
@ -33,7 +33,7 @@ group = __USER__
|
||||||
; (IPv6 and IPv4-mapped) on a specific port;
|
; (IPv6 and IPv4-mapped) on a specific port;
|
||||||
; '/path/to/unix/socket' - to listen on a unix socket.
|
; '/path/to/unix/socket' - to listen on a unix socket.
|
||||||
; Note: This value is mandatory.
|
; Note: This value is mandatory.
|
||||||
listen = /var/run/php/php7.0-fpm-__NAMETOCHANGE__.sock
|
listen = /var/run/php/php__PHPVERSION__-fpm-__NAMETOCHANGE__.sock
|
||||||
|
|
||||||
; Set listen(2) backlog.
|
; Set listen(2) backlog.
|
||||||
; Default Value: 511 (-1 on FreeBSD and OpenBSD)
|
; Default Value: 511 (-1 on FreeBSD and OpenBSD)
|
||||||
|
|
|
@ -6,7 +6,7 @@
|
||||||
"en": "Blog publishing application",
|
"en": "Blog publishing application",
|
||||||
"fr": "Moteur de blog"
|
"fr": "Moteur de blog"
|
||||||
},
|
},
|
||||||
"version": "2.18~ynh1",
|
"version": "2.18.1~ynh1",
|
||||||
"license": "GPL-2.0-or-later",
|
"license": "GPL-2.0-or-later",
|
||||||
"url": "https://dotclear.org/",
|
"url": "https://dotclear.org/",
|
||||||
"maintainer": {
|
"maintainer": {
|
||||||
|
@ -19,7 +19,7 @@
|
||||||
"multi_instance": true,
|
"multi_instance": true,
|
||||||
"services": [
|
"services": [
|
||||||
"nginx",
|
"nginx",
|
||||||
"php7.0-fpm",
|
"php7.3-fpm",
|
||||||
"mysql"
|
"mysql"
|
||||||
],
|
],
|
||||||
"arguments": {
|
"arguments": {
|
||||||
|
@ -27,33 +27,22 @@
|
||||||
{
|
{
|
||||||
"name": "domain",
|
"name": "domain",
|
||||||
"type": "domain",
|
"type": "domain",
|
||||||
"ask": {
|
"example": "example.com"
|
||||||
"en": "Choose a domain for DotClear 2"
|
|
||||||
},
|
|
||||||
"example": "domain.org"
|
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "path",
|
"name": "path",
|
||||||
"type": "path",
|
"type": "path",
|
||||||
"ask": {
|
|
||||||
"en": "Choose a path for DotClear 2"
|
|
||||||
},
|
|
||||||
"example": "/dotclear2",
|
"example": "/dotclear2",
|
||||||
"default": "/dotclear2"
|
"default": "/dotclear2"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "admin",
|
"name": "admin",
|
||||||
"type": "user",
|
"type": "user",
|
||||||
"ask": {
|
"example": "johndoe"
|
||||||
"en": "Choose a yunohost user as dotclear admin"
|
|
||||||
}
|
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "is_public",
|
"name": "is_public",
|
||||||
"type": "boolean",
|
"type": "boolean",
|
||||||
"ask": {
|
|
||||||
"en": "Is it a public application ?"
|
|
||||||
},
|
|
||||||
"default": true
|
"default": true
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
|
|
|
@ -20,54 +20,54 @@ ynh_abort_if_errors
|
||||||
#=================================================
|
#=================================================
|
||||||
# LOAD SETTINGS
|
# LOAD SETTINGS
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Loading installation settings..."
|
ynh_print_info --message="Loading installation settings..."
|
||||||
|
|
||||||
app=$YNH_APP_INSTANCE_NAME
|
app=$YNH_APP_INSTANCE_NAME
|
||||||
|
|
||||||
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||||
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
||||||
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
|
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
|
||||||
|
phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# STANDARD BACKUP STEPS
|
# DECLARE DATA AND CONF FILES TO BACKUP
|
||||||
|
#=================================================
|
||||||
|
ynh_print_info --message="Declaring files to be backed up..."
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# BACKUP THE APP MAIN DIR
|
# BACKUP THE APP MAIN DIR
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Backing up the main app directory..."
|
|
||||||
|
|
||||||
ynh_backup --src_path="$final_path"
|
ynh_backup --src_path="$final_path"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# BACKUP THE NGINX CONFIGURATION
|
# BACKUP THE NGINX CONFIGURATION
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Backing up nginx web server configuration..."
|
|
||||||
|
|
||||||
ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
|
ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# BACKUP THE PHP-FPM CONFIGURATION
|
# BACKUP THE PHP-FPM CONFIGURATION
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Backing up php-fpm configuration..."
|
|
||||||
|
|
||||||
ynh_backup --src_path="/etc/php/7.0/fpm/pool.d/$app.conf"
|
ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# BACKUP THE MYSQL DATABASE
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Backing up the MySQL database..."
|
|
||||||
|
|
||||||
ynh_mysql_dump_db --database="$db_name" > db.sql
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# BACKUP FAIL2BAN CONFIGURATION
|
# BACKUP FAIL2BAN CONFIGURATION
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Backing up fail2ban configuration..."
|
|
||||||
|
|
||||||
ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf"
|
ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf"
|
||||||
ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf"
|
ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# BACKUP THE MYSQL DATABASE
|
||||||
|
#=================================================
|
||||||
|
ynh_print_info --message="Backing up the MySQL database..."
|
||||||
|
|
||||||
|
ynh_mysql_dump_db --database="$db_name" > db.sql
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# END OF SCRIPT
|
# END OF SCRIPT
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
ynh_script_progression --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." --last
|
ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)."
|
||||||
|
|
|
@ -33,9 +33,9 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||||
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
|
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
|
# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Backing up the app before changing its url (may take a while)..." --weight=4
|
ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..."
|
||||||
|
|
||||||
# Backup the current version of the app
|
# Backup the current version of the app
|
||||||
ynh_backup_before_upgrade
|
ynh_backup_before_upgrade
|
||||||
|
@ -43,7 +43,7 @@ ynh_clean_setup () {
|
||||||
# Remove the new domain config file, the remove script won't do it as it doesn't know yet its location.
|
# Remove the new domain config file, the remove script won't do it as it doesn't know yet its location.
|
||||||
ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
|
ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
|
||||||
|
|
||||||
# restore it if the upgrade fails
|
# Restore it if the upgrade fails
|
||||||
ynh_restore_upgradebackup
|
ynh_restore_upgradebackup
|
||||||
}
|
}
|
||||||
# Exit if an error occurs during the execution of the script
|
# Exit if an error occurs during the execution of the script
|
||||||
|
@ -70,23 +70,23 @@ fi
|
||||||
#=================================================
|
#=================================================
|
||||||
# MODIFY URL IN NGINX CONF
|
# MODIFY URL IN NGINX CONF
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Updating nginx web server configuration..." --weight=2
|
ynh_script_progression --message="Updating NGINX web server configuration..." --weight=2
|
||||||
|
|
||||||
nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
|
nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
|
||||||
|
|
||||||
# Change the path in the nginx config file
|
# Change the path in the NGINX config file
|
||||||
if [ $change_path -eq 1 ]
|
if [ $change_path -eq 1 ]
|
||||||
then
|
then
|
||||||
# Make a backup of the original nginx config file if modified
|
# Make a backup of the original NGINX config file if modified
|
||||||
ynh_backup_if_checksum_is_different --file="$nginx_conf_path"
|
ynh_backup_if_checksum_is_different --file="$nginx_conf_path"
|
||||||
# Set global variables for nginx helper
|
# Set global variables for NGINX helper
|
||||||
domain="$old_domain"
|
domain="$old_domain"
|
||||||
path_url="$new_path"
|
path_url="$new_path"
|
||||||
# Create a dedicated nginx config
|
# Create a dedicated NGINX config
|
||||||
ynh_add_nginx_config
|
ynh_add_nginx_config
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Change the domain for nginx
|
# Change the domain for NGINX
|
||||||
if [ $change_domain -eq 1 ]
|
if [ $change_domain -eq 1 ]
|
||||||
then
|
then
|
||||||
# Delete file checksum for the old conf file location
|
# Delete file checksum for the old conf file location
|
||||||
|
@ -126,12 +126,15 @@ ynh_replace_string --match_string="'DC_ADMIN_URL', 'https://$old_domain$old_admi
|
||||||
|
|
||||||
ynh_store_file_checksum --file="$php_config"
|
ynh_store_file_checksum --file="$php_config"
|
||||||
|
|
||||||
|
chmod 400 "$php_config"
|
||||||
|
chown $app:$app "$php_config"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# GENERIC FINALISATION
|
# GENERIC FINALISATION
|
||||||
#=================================================
|
#=================================================
|
||||||
# RELOAD NGINX
|
# RELOAD NGINX
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Reloading nginx web server..."
|
ynh_script_progression --message="Reloading NGINX web server..."
|
||||||
|
|
||||||
ynh_systemd_action --service_name=nginx --action=reload
|
ynh_systemd_action --service_name=nginx --action=reload
|
||||||
|
|
||||||
|
|
|
@ -20,12 +20,13 @@ ynh_abort_if_errors
|
||||||
# RETRIEVE ARGUMENTS FROM THE MANIFEST
|
# RETRIEVE ARGUMENTS FROM THE MANIFEST
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
app=$YNH_APP_INSTANCE_NAME
|
|
||||||
domain=$YNH_APP_ARG_DOMAIN
|
domain=$YNH_APP_ARG_DOMAIN
|
||||||
path_url=$YNH_APP_ARG_PATH
|
path_url=$YNH_APP_ARG_PATH
|
||||||
is_public=$YNH_APP_ARG_IS_PUBLIC
|
is_public=$YNH_APP_ARG_IS_PUBLIC
|
||||||
admin=$YNH_APP_ARG_ADMIN
|
admin=$YNH_APP_ARG_ADMIN
|
||||||
|
|
||||||
|
app=$YNH_APP_INSTANCE_NAME
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
|
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
|
||||||
#=================================================
|
#=================================================
|
||||||
|
@ -46,6 +47,14 @@ ynh_app_setting_set --app=$app --key=domain --value=$domain
|
||||||
ynh_app_setting_set --app=$app --key=path --value=$path_url
|
ynh_app_setting_set --app=$app --key=path --value=$path_url
|
||||||
ynh_app_setting_set --app=$app --key=admin --value=$admin
|
ynh_app_setting_set --app=$app --key=admin --value=$admin
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# CREATE DEDICATED USER
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Configuring system user..." --weight=2
|
||||||
|
|
||||||
|
# Create a system user
|
||||||
|
ynh_system_user_create --username=$app --home_dir=$final_path
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# CREATE A MYSQL DATABASE
|
# CREATE A MYSQL DATABASE
|
||||||
#=================================================
|
#=================================================
|
||||||
|
@ -64,42 +73,33 @@ db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd)
|
||||||
ynh_script_progression --message="Setting up source files..." --weight=4
|
ynh_script_progression --message="Setting up source files..." --weight=4
|
||||||
|
|
||||||
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
|
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
|
||||||
|
# Download, check integrity, uncompress and patch the source from app.src
|
||||||
# In case of a new version, the url change from http://download.dotclear.org/latest/dotclear-X.X.X.tar.gz to http://download.dotclear.org/attic/dotclear-X.X.X.tar.gz
|
|
||||||
src_url=$(grep 'SOURCE_URL=' "../conf/app.src" | cut -d= -f2-)
|
|
||||||
if ! curl --output /dev/null --silent --head --fail "$src_url"; then
|
|
||||||
ynh_replace_string --match_string="latest" --replace_string="attic" --target_file="../conf/app.src"
|
|
||||||
fi
|
|
||||||
|
|
||||||
ynh_setup_source --dest_dir="$final_path"
|
ynh_setup_source --dest_dir="$final_path"
|
||||||
|
|
||||||
|
chmod 750 "$final_path"
|
||||||
|
chmod -R o-rwx "$final_path"
|
||||||
|
chown -R $app:www-data "$final_path"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# NGINX CONFIGURATION
|
# NGINX CONFIGURATION
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Configuring nginx web server..."
|
ynh_script_progression --message="Configuring NGINX web server..."
|
||||||
|
|
||||||
# Create a dedicated nginx config
|
# Create a dedicated NGINX config
|
||||||
ynh_add_nginx_config
|
ynh_add_nginx_config
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# CREATE DEDICATED USER
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Configuring system user..." --weight=2
|
|
||||||
|
|
||||||
# Create a system user
|
|
||||||
ynh_system_user_create --username=$app
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# PHP-FPM CONFIGURATION
|
# PHP-FPM CONFIGURATION
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Configuring php-fpm..." --weight=2
|
ynh_script_progression --message="Configuring PHP-FPM..." --weight=2
|
||||||
|
|
||||||
# Create a dedicated php-fpm config
|
# Create a dedicated PHP-FPM config
|
||||||
ynh_add_fpm_config
|
ynh_add_fpm_config
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# MODIFY A CONFIG FILE
|
# ADD A CONFIGURATION
|
||||||
#=================================================
|
#=================================================
|
||||||
|
ynh_script_progression --message="Adding a configuration file..."
|
||||||
|
|
||||||
php_config=$final_path/inc/config.php
|
php_config=$final_path/inc/config.php
|
||||||
|
|
||||||
|
@ -134,15 +134,17 @@ EOF
|
||||||
|
|
||||||
ynh_store_file_checksum --file=$php_config
|
ynh_store_file_checksum --file=$php_config
|
||||||
|
|
||||||
|
chmod 400 "$php_config"
|
||||||
|
chown $app:$app "$php_config"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# SETUP APPLICATION WITH CURL
|
# SETUP APPLICATION WITH CURL
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
# Set right permissions for curl install
|
|
||||||
chown -R $app: $final_path
|
|
||||||
|
|
||||||
# Set the app as temporarily public for curl call
|
# Set the app as temporarily public for curl call
|
||||||
ynh_permission_update --permission "main" --add "visitors"
|
ynh_script_progression --message="Configuring SSOwat..."
|
||||||
|
# Making the app public for curl
|
||||||
|
ynh_permission_update --permission="main" --add="visitors"
|
||||||
|
|
||||||
# Reload Nginx
|
# Reload Nginx
|
||||||
ynh_systemd_action --service_name=nginx --action=reload
|
ynh_systemd_action --service_name=nginx --action=reload
|
||||||
|
@ -160,22 +162,17 @@ installUrl="/admin/install/index.php"
|
||||||
|
|
||||||
ynh_local_curl $installUrl "u_email=$email" "u_firstname=$firstname" "u_name=$lastname" "u_login=$admin" "u_pwd=$password" "u_pwd2=$password"
|
ynh_local_curl $installUrl "u_email=$email" "u_firstname=$firstname" "u_name=$lastname" "u_login=$admin" "u_pwd=$password" "u_pwd2=$password"
|
||||||
|
|
||||||
|
# Remove the public access
|
||||||
|
ynh_permission_update --permission="main" --remove="visitors"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# GENERIC FINALIZATION
|
# GENERIC FINALIZATION
|
||||||
#=================================================
|
|
||||||
# SECURE FILES AND DIRECTORIES
|
|
||||||
#=================================================
|
|
||||||
|
|
||||||
# Set permissions to app files
|
|
||||||
chown -R root: $final_path
|
|
||||||
chown -R $app $final_path/{public,cache,themes,plugins}
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# SETUP FAIL2BAN
|
# SETUP FAIL2BAN
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Configuring fail2ban..."
|
ynh_script_progression --message="Configuring Fail2Ban..."
|
||||||
|
|
||||||
# Create a dedicated fail2ban config
|
# Create a dedicated Fail2Ban config
|
||||||
ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Invalid credentials in $final_path/inc/class.auth.ldap.php .* client: <HOST>, .*https://$domain${path_url%/}/admin/auth.php"
|
ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Invalid credentials in $final_path/inc/class.auth.ldap.php .* client: <HOST>, .*https://$domain${path_url%/}/admin/auth.php"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
|
@ -183,17 +180,21 @@ ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failreg
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Configuring permissions..."
|
ynh_script_progression --message="Configuring permissions..."
|
||||||
|
|
||||||
if [ $is_public -eq 0 ]; then
|
# Make app public if necessary
|
||||||
ynh_permission_update --permission "main" --remove "visitors"
|
if [ $is_public -eq 1 ]
|
||||||
|
then
|
||||||
|
# Everyone can access the app.
|
||||||
|
# The "main" permission is automatically created before the install script.
|
||||||
|
ynh_permission_update --permission="main" --add="visitors"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Only the admin can access the admin panel of the app (if the app has an admin panel)
|
# Only the admin can access the admin panel of the app (if the app has an admin panel)
|
||||||
ynh_permission_create --permission "admin" --url "/admin" --allowed $admin
|
ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# RELOAD NGINX
|
# RELOAD NGINX
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Reloading nginx web server..."
|
ynh_script_progression --message="Reloading NGINX web server..."
|
||||||
|
|
||||||
ynh_systemd_action --service_name=nginx --action=reload
|
ynh_systemd_action --service_name=nginx --action=reload
|
||||||
|
|
||||||
|
|
|
@ -42,19 +42,27 @@ ynh_secure_remove --file="$final_path"
|
||||||
#=================================================
|
#=================================================
|
||||||
# REMOVE NGINX CONFIGURATION
|
# REMOVE NGINX CONFIGURATION
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Removing nginx web server configuration..."
|
ynh_script_progression --message="Removing NGINX web server configuration..."
|
||||||
|
|
||||||
# Remove the dedicated nginx config
|
# Remove the dedicated NGINX config
|
||||||
ynh_remove_nginx_config
|
ynh_remove_nginx_config
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# REMOVE PHP-FPM CONFIGURATION
|
# REMOVE PHP-FPM CONFIGURATION
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Removing php-fpm configuration..."
|
ynh_script_progression --message="Removing PHP-FPM configuration..."
|
||||||
|
|
||||||
# Remove the dedicated php-fpm config
|
# Remove the dedicated PHP-FPM config
|
||||||
ynh_remove_fpm_config
|
ynh_remove_fpm_config
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# REMOVE FAIL2BAN CONFIGURATION
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Removing Fail2ban configuration..."
|
||||||
|
|
||||||
|
# Remove the dedicated Fail2Ban config
|
||||||
|
ynh_remove_fail2ban_config
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# GENERIC FINALIZATION
|
# GENERIC FINALIZATION
|
||||||
#=================================================
|
#=================================================
|
||||||
|
@ -65,14 +73,6 @@ ynh_script_progression --message="Removing the dedicated system user..."
|
||||||
# Delete a system user
|
# Delete a system user
|
||||||
ynh_system_user_delete --username=$app
|
ynh_system_user_delete --username=$app
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# REMOVE FAIL2BAN CONFIGURATION
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Removing fail2ban configuration..."
|
|
||||||
|
|
||||||
# Remove the dedicated fail2ban config
|
|
||||||
ynh_remove_fail2ban_config
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# END OF SCRIPT
|
# END OF SCRIPT
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
|
@ -20,7 +20,7 @@ ynh_abort_if_errors
|
||||||
#=================================================
|
#=================================================
|
||||||
# LOAD SETTINGS
|
# LOAD SETTINGS
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Loading settings..."
|
ynh_script_progression --message="Loading installation settings..."
|
||||||
|
|
||||||
app=$YNH_APP_INSTANCE_NAME
|
app=$YNH_APP_INSTANCE_NAME
|
||||||
|
|
||||||
|
@ -29,6 +29,7 @@ path_url=$(ynh_app_setting_get --app=$app --key=path)
|
||||||
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||||
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
|
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
|
||||||
db_user=$db_name
|
db_user=$db_name
|
||||||
|
phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# CHECK IF THE APP CAN BE RESTORED
|
# CHECK IF THE APP CAN BE RESTORED
|
||||||
|
@ -45,9 +46,18 @@ test ! -d $final_path \
|
||||||
#=================================================
|
#=================================================
|
||||||
# RESTORE THE NGINX CONFIGURATION
|
# RESTORE THE NGINX CONFIGURATION
|
||||||
#=================================================
|
#=================================================
|
||||||
|
ynh_script_progression --message="Restoring the NGINX configuration..."
|
||||||
|
|
||||||
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
|
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# RECREATE THE DEDICATED USER
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Recreating the dedicated system user..." --weight=2
|
||||||
|
|
||||||
|
# Create the dedicated user (if not existing)
|
||||||
|
ynh_system_user_create --username=$app --home_dir=$final_path
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# RESTORE THE APP MAIN DIR
|
# RESTORE THE APP MAIN DIR
|
||||||
#=================================================
|
#=================================================
|
||||||
|
@ -55,32 +65,21 @@ ynh_script_progression --message="Restoring the app main directory..."
|
||||||
|
|
||||||
ynh_restore_file --origin_path="$final_path"
|
ynh_restore_file --origin_path="$final_path"
|
||||||
|
|
||||||
#=================================================
|
chmod 750 "$final_path"
|
||||||
# RECREATE THE DEDICATED USER
|
chmod -R o-rwx "$final_path"
|
||||||
#=================================================
|
chown -R $app:www-data "$final_path"
|
||||||
ynh_script_progression --message="Recreating the dedicated system user..." --weight=2
|
|
||||||
|
|
||||||
# Create the dedicated user (if not existing)
|
|
||||||
ynh_system_user_create --username=$app
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# RESTORE USER RIGHTS
|
|
||||||
#=================================================
|
|
||||||
|
|
||||||
# Restore permissions on app files
|
|
||||||
chown -R root: $final_path
|
|
||||||
chown -R $app $final_path/{public,cache,themes,plugins}
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# RESTORE THE PHP-FPM CONFIGURATION
|
# RESTORE THE PHP-FPM CONFIGURATION
|
||||||
#=================================================
|
#=================================================
|
||||||
|
ynh_script_progression --message="Restoring the PHP-FPM configuration..."
|
||||||
|
|
||||||
ynh_restore_file --origin_path="/etc/php/7.0/fpm/pool.d/$app.conf"
|
ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# RESTORE THE FAIL2BAN CONFIGURATION
|
# RESTORE FAIL2BAN CONFIGURATION
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Restoring the fail2ban configuration..."
|
ynh_script_progression --message="Restoring the Fail2Ban configuration..."
|
||||||
|
|
||||||
ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf"
|
ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf"
|
||||||
ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf"
|
ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf"
|
||||||
|
@ -102,9 +101,9 @@ ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./
|
||||||
#=================================================
|
#=================================================
|
||||||
# RELOAD NGINX AND PHP-FPM
|
# RELOAD NGINX AND PHP-FPM
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Reloading nginx web server and php-fpm..."
|
ynh_script_progression --message="Reloading NGINX web server and PHP-FPM..."
|
||||||
|
|
||||||
ynh_systemd_action --service_name=php7.0-fpm --action=reload
|
ynh_systemd_action --service_name=php$phpversion-fpm --action=reload
|
||||||
ynh_systemd_action --service_name=nginx --action=reload
|
ynh_systemd_action --service_name=nginx --action=reload
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
141
scripts/upgrade
141
scripts/upgrade
|
@ -29,9 +29,26 @@ master_key=$(ynh_app_setting_get --app=$app --key=master_key)
|
||||||
#=================================================
|
#=================================================
|
||||||
# CHECK VERSION
|
# CHECK VERSION
|
||||||
#=================================================
|
#=================================================
|
||||||
|
ynh_script_progression --message="Checking version..."
|
||||||
|
|
||||||
upgrade_type=$(ynh_check_app_version_changed)
|
upgrade_type=$(ynh_check_app_version_changed)
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=4
|
||||||
|
|
||||||
|
# Backup the current version of the app
|
||||||
|
ynh_backup_before_upgrade
|
||||||
|
ynh_clean_setup () {
|
||||||
|
# Restore it if the upgrade fails
|
||||||
|
ynh_restore_upgradebackup
|
||||||
|
}
|
||||||
|
# Exit if an error occurs during the execution of the script
|
||||||
|
ynh_abort_if_errors
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# STANDARD UPGRADE STEPS
|
||||||
#=================================================
|
#=================================================
|
||||||
# ENSURE DOWNWARD COMPATIBILITY
|
# ENSURE DOWNWARD COMPATIBILITY
|
||||||
#=================================================
|
#=================================================
|
||||||
|
@ -66,76 +83,57 @@ if [ -n "$is_public" ]; then
|
||||||
ynh_app_setting_delete --app=$app --key=is_public
|
ynh_app_setting_delete --app=$app --key=is_public
|
||||||
fi
|
fi
|
||||||
|
|
||||||
#=================================================
|
if ! ynh_permission_exists --permission="admin"; then
|
||||||
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
|
# Create the required permissions
|
||||||
#=================================================
|
ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin
|
||||||
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=4
|
|
||||||
|
|
||||||
# Backup the current version of the app
|
|
||||||
ynh_backup_before_upgrade
|
|
||||||
ynh_clean_setup () {
|
|
||||||
# restore it if the upgrade fails
|
|
||||||
ynh_restore_upgradebackup
|
|
||||||
}
|
|
||||||
# Exit if an error occurs during the execution of the script
|
|
||||||
ynh_abort_if_errors
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# CHECK THE PATH
|
|
||||||
#=================================================
|
|
||||||
|
|
||||||
# Normalize the URL path syntax
|
|
||||||
path_url=$(ynh_normalize_url_path --path_url=$path_url)
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# STANDARD UPGRADE STEPS
|
|
||||||
#=================================================
|
|
||||||
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Upgrading source files..." --weight=4
|
|
||||||
|
|
||||||
if [ "$upgrade_type" == "UPGRADE_APP" ]
|
|
||||||
then
|
|
||||||
# Download, check integrity, uncompress and patch the source from app.src
|
|
||||||
# In case of a new version, the url change from http://download.dotclear.org/latest/dotclear-X.X.X.tar.gz to http://download.dotclear.org/attic/dotclear-X.X.X.tar.gz
|
|
||||||
src_url=$(grep 'SOURCE_URL=' "../conf/app.src" | cut -d= -f2-)
|
|
||||||
if ! curl --output /dev/null --silent --head --fail "$src_url"; then
|
|
||||||
ynh_replace_string "latest" "attic" ../conf/app.src
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Download, check integrity, uncompress and patch the source from app.src
|
|
||||||
ynh_setup_source --dest_dir="$final_path"
|
|
||||||
fi
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# NGINX CONFIGURATION
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Upgrading nginx web server configuration..."
|
|
||||||
|
|
||||||
# Create a dedicated nginx config
|
|
||||||
ynh_add_nginx_config
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# CREATE DEDICATED USER
|
# CREATE DEDICATED USER
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Making sure dedicated system user exists..."
|
ynh_script_progression --message="Making sure dedicated system user exists..."
|
||||||
|
|
||||||
# Create a dedicated user (if not existing)
|
# Create a dedicated user (if not existing)
|
||||||
ynh_system_user_create --username=$app
|
ynh_system_user_create --username=$app --home_dir=$final_path
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
if [ "$upgrade_type" == "UPGRADE_APP" ]
|
||||||
|
then
|
||||||
|
ynh_script_progression --message="Upgrading source files..."
|
||||||
|
|
||||||
|
# Download, check integrity, uncompress and patch the source from app.src
|
||||||
|
ynh_setup_source --dest_dir="$final_path"
|
||||||
|
fi
|
||||||
|
|
||||||
|
chmod 750 "$final_path"
|
||||||
|
chmod -R o-rwx "$final_path"
|
||||||
|
chown -R $app:www-data "$final_path"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# NGINX CONFIGURATION
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Upgrading NGINX web server configuration..."
|
||||||
|
|
||||||
|
# Create a dedicated NGINX config
|
||||||
|
ynh_add_nginx_config
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# PHP-FPM CONFIGURATION
|
# PHP-FPM CONFIGURATION
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Upgrading php-fpm configuration..." --weight=2
|
ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=2
|
||||||
|
|
||||||
# Create a dedicated php-fpm config
|
# Create a dedicated PHP-FPM config
|
||||||
ynh_add_fpm_config
|
ynh_add_fpm_config
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# SPECIFIC UPGRADE
|
# SPECIFIC UPGRADE
|
||||||
#=================================================
|
#=================================================
|
||||||
# MODIFY A CONFIG FILE
|
# UPDATE A CONFIG FILE
|
||||||
#=================================================
|
#=================================================
|
||||||
|
ynh_script_progression --message="Updating a configuration file..."
|
||||||
|
|
||||||
php_config=$final_path/inc/config.php
|
php_config=$final_path/inc/config.php
|
||||||
|
|
||||||
|
@ -170,33 +168,8 @@ EOF
|
||||||
# Recalculate and store the checksum of the file for the next upgrade.
|
# Recalculate and store the checksum of the file for the next upgrade.
|
||||||
ynh_store_file_checksum --file=$php_config
|
ynh_store_file_checksum --file=$php_config
|
||||||
|
|
||||||
#=================================================
|
chmod 400 "$php_config"
|
||||||
# GENERIC FINALIZATION
|
chown $app:$app "$php_config"
|
||||||
#=================================================
|
|
||||||
# SECURE FILES AND DIRECTORIES
|
|
||||||
#=================================================
|
|
||||||
|
|
||||||
# Set permissions on app files
|
|
||||||
chown -R root: $final_path
|
|
||||||
chown -R $app $final_path/{public,cache,themes,plugins}
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# UPGRADE FAIL2BAN
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Reconfiguring fail2ban..."
|
|
||||||
|
|
||||||
# Create a dedicated fail2ban config
|
|
||||||
ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Invalid credentials in $final_path/inc/class.auth.ldap.php .* client: <HOST>, .*https://$domain${path_url%/}/admin/auth.php"
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# SETUP SSOWAT
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Upgrading permissions configuration..." --weight=2
|
|
||||||
|
|
||||||
# Create the admin permission if needed
|
|
||||||
if ! ynh_permission_exists --permission "admin"; then
|
|
||||||
ynh_permission_create --permission "admin" --url "/admin" --allowed $admin
|
|
||||||
fi
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# UPDATING DATABASE
|
# UPDATING DATABASE
|
||||||
|
@ -210,10 +183,20 @@ ynh_local_curl $adminUrl
|
||||||
|
|
||||||
ynh_permission_update --permission "admin" --remove "visitors"
|
ynh_permission_update --permission "admin" --remove "visitors"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# GENERIC FINALIZATION
|
||||||
|
#=================================================
|
||||||
|
# UPGRADE FAIL2BAN
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Reconfiguring Fail2Ban..."
|
||||||
|
|
||||||
|
# Create a dedicated Fail2Ban config
|
||||||
|
ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Invalid credentials in $final_path/inc/class.auth.ldap.php .* client: <HOST>, .*https://$domain${path_url%/}/admin/auth.php"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# RELOAD NGINX
|
# RELOAD NGINX
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Reloading nginx web server..."
|
ynh_script_progression --message="Reloading NGINX web server..."
|
||||||
|
|
||||||
ynh_systemd_action --service_name=nginx --action=reload
|
ynh_systemd_action --service_name=nginx --action=reload
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue