1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/dotclear2_ynh.git synced 2024-09-03 18:26:29 +02:00

Merge pull request #30 from YunoHost-Apps/example

Apply example_ynh
This commit is contained in:
Kayou 2021-06-18 10:21:22 +02:00 committed by GitHub
commit 777e721800
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
12 changed files with 198 additions and 223 deletions

View file

@ -9,7 +9,7 @@ If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to
## Overview ## Overview
Dotclear is an open-source web publishing software. Dotclear is an open-source web publishing software.
**Shipped version:** 2.18 **Shipped version:** 2.18.1
## Screenshots ## Screenshots

View file

@ -1,11 +1,9 @@
# See here for more informations
# https://github.com/YunoHost/package_check#syntax-check_process-file
;; Test complet ;; Test complet
; Manifest ; Manifest
domain="domain.tld" (DOMAIN) domain="domain.tld"
path="/path" (PATH) path="/path"
admin="john" (USER) admin="john"
is_public=1 (PUBLIC|public=1|private=0) is_public=1
; Checks ; Checks
pkg_linter=1 pkg_linter=1
setup_sub_dir=1 setup_sub_dir=1
@ -19,8 +17,6 @@
multi_instance=1 multi_instance=1
port_already_use=0 port_already_use=0
change_url=1 change_url=1
;;; Levels
Level 5=auto
;;; Options ;;; Options
Email= Email=
Notification=none Notification=none

View file

@ -1,6 +1,7 @@
SOURCE_URL=http://download.dotclear.org/latest/dotclear-2.18.tar.gz SOURCE_URL=http://download.dotclear.org/latest/dotclear-2.18.1.zip
SOURCE_SUM=6a99672db2c20e392d776c680dc87d5bc66962e8307ecf81a63feb6c5d2f398a SOURCE_SUM=ea9874c0a796c798efa31c9a8b747707dc678b7244a4d385975466dc4ff5b88e
SOURCE_SUM_PRG=sha256sum SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz SOURCE_FORMAT=zip
SOURCE_IN_SUBDIR=2 SOURCE_IN_SUBDIR=true
SOURCE_FILENAME= SOURCE_FILENAME=
SOURCE_EXTRACT=true

View file

@ -11,10 +11,13 @@ location __PATH__/ {
index index.php; index index.php;
# Common parameter to increase upload size limit in conjunction with dedicated php-fpm file
client_max_body_size 50M;
try_files $uri $uri/ index.php; try_files $uri $uri/ index.php;
location ~ [^/]\.php(/|$) { location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$; fastcgi_split_path_info ^(.+?\.php)(/.*)$;
fastcgi_pass unix:/var/run/php/php7.0-fpm-__NAME__.sock; fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock;
fastcgi_index index.php; fastcgi_index index.php;
include fastcgi_params; include fastcgi_params;

View file

@ -33,7 +33,7 @@ group = __USER__
; (IPv6 and IPv4-mapped) on a specific port; ; (IPv6 and IPv4-mapped) on a specific port;
; '/path/to/unix/socket' - to listen on a unix socket. ; '/path/to/unix/socket' - to listen on a unix socket.
; Note: This value is mandatory. ; Note: This value is mandatory.
listen = /var/run/php/php7.0-fpm-__NAMETOCHANGE__.sock listen = /var/run/php/php__PHPVERSION__-fpm-__NAMETOCHANGE__.sock
; Set listen(2) backlog. ; Set listen(2) backlog.
; Default Value: 511 (-1 on FreeBSD and OpenBSD) ; Default Value: 511 (-1 on FreeBSD and OpenBSD)

View file

@ -6,7 +6,7 @@
"en": "Blog publishing application", "en": "Blog publishing application",
"fr": "Moteur de blog" "fr": "Moteur de blog"
}, },
"version": "2.18~ynh1", "version": "2.18.1~ynh1",
"license": "GPL-2.0-or-later", "license": "GPL-2.0-or-later",
"url": "https://dotclear.org/", "url": "https://dotclear.org/",
"maintainer": { "maintainer": {
@ -19,41 +19,30 @@
"multi_instance": true, "multi_instance": true,
"services": [ "services": [
"nginx", "nginx",
"php7.0-fpm", "php7.3-fpm",
"mysql" "mysql"
], ],
"arguments": { "arguments": {
"install": [ "install" : [
{ {
"name": "domain", "name": "domain",
"type": "domain", "type": "domain",
"ask": { "example": "example.com"
"en": "Choose a domain for DotClear 2"
},
"example": "domain.org"
}, },
{ {
"name": "path", "name": "path",
"type": "path", "type": "path",
"ask": {
"en": "Choose a path for DotClear 2"
},
"example": "/dotclear2", "example": "/dotclear2",
"default": "/dotclear2" "default": "/dotclear2"
}, },
{ {
"name": "admin", "name": "admin",
"type": "user", "type": "user",
"ask": { "example": "johndoe"
"en": "Choose a yunohost user as dotclear admin"
}
}, },
{ {
"name": "is_public", "name": "is_public",
"type": "boolean", "type": "boolean",
"ask": {
"en": "Is it a public application ?"
},
"default": true "default": true
} }
] ]

View file

@ -6,7 +6,7 @@
# IMPORT GENERIC HELPERS # IMPORT GENERIC HELPERS
#================================================= #=================================================
#Keep this path for calling _common.sh inside the execution's context of backup and restore scripts # Keep this path for calling _common.sh inside the execution's context of backup and restore scripts
source ../settings/scripts/_common.sh source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
@ -20,54 +20,54 @@ ynh_abort_if_errors
#================================================= #=================================================
# LOAD SETTINGS # LOAD SETTINGS
#================================================= #=================================================
ynh_script_progression --message="Loading installation settings..." ynh_print_info --message="Loading installation settings..."
app=$YNH_APP_INSTANCE_NAME app=$YNH_APP_INSTANCE_NAME
final_path=$(ynh_app_setting_get --app=$app --key=final_path) final_path=$(ynh_app_setting_get --app=$app --key=final_path)
domain=$(ynh_app_setting_get --app=$app --key=domain) domain=$(ynh_app_setting_get --app=$app --key=domain)
db_name=$(ynh_app_setting_get --app=$app --key=db_name) db_name=$(ynh_app_setting_get --app=$app --key=db_name)
phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
#================================================= #=================================================
# STANDARD BACKUP STEPS # DECLARE DATA AND CONF FILES TO BACKUP
#=================================================
ynh_print_info --message="Declaring files to be backed up..."
#================================================= #=================================================
# BACKUP THE APP MAIN DIR # BACKUP THE APP MAIN DIR
#================================================= #=================================================
ynh_script_progression --message="Backing up the main app directory..."
ynh_backup --src_path="$final_path" ynh_backup --src_path="$final_path"
#================================================= #=================================================
# BACKUP THE NGINX CONFIGURATION # BACKUP THE NGINX CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Backing up nginx web server configuration..."
ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#================================================= #=================================================
# BACKUP THE PHP-FPM CONFIGURATION # BACKUP THE PHP-FPM CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Backing up php-fpm configuration..."
ynh_backup --src_path="/etc/php/7.0/fpm/pool.d/$app.conf" ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
#=================================================
# BACKUP THE MYSQL DATABASE
#=================================================
ynh_script_progression --message="Backing up the MySQL database..."
ynh_mysql_dump_db --database="$db_name" > db.sql
#================================================= #=================================================
# BACKUP FAIL2BAN CONFIGURATION # BACKUP FAIL2BAN CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Backing up fail2ban configuration..."
ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf" ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf"
ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf" ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf"
#=================================================
# BACKUP THE MYSQL DATABASE
#=================================================
ynh_print_info --message="Backing up the MySQL database..."
ynh_mysql_dump_db --database="$db_name" > db.sql
#================================================= #=================================================
# END OF SCRIPT # END OF SCRIPT
#================================================= #=================================================
ynh_script_progression --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." --last ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)."

View file

@ -33,18 +33,18 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path)
db_name=$(ynh_app_setting_get --app=$app --key=db_name) db_name=$(ynh_app_setting_get --app=$app --key=db_name)
#================================================= #=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP # BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP
#================================================= #=================================================
ynh_script_progression --message="Backing up the app before changing its url (may take a while)..." --weight=4 ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..."
# Backup the current version of the app # Backup the current version of the app
ynh_backup_before_upgrade ynh_backup_before_upgrade
ynh_clean_setup () { ynh_clean_setup () {
# Remove the new domain config file, the remove script won't do it as it doesn't know yet its location. # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location.
ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
# restore it if the upgrade fails # Restore it if the upgrade fails
ynh_restore_upgradebackup ynh_restore_upgradebackup
} }
# Exit if an error occurs during the execution of the script # Exit if an error occurs during the execution of the script
ynh_abort_if_errors ynh_abort_if_errors
@ -56,13 +56,13 @@ ynh_abort_if_errors
change_domain=0 change_domain=0
if [ "$old_domain" != "$new_domain" ] if [ "$old_domain" != "$new_domain" ]
then then
change_domain=1 change_domain=1
fi fi
change_path=0 change_path=0
if [ "$old_path" != "$new_path" ] if [ "$old_path" != "$new_path" ]
then then
change_path=1 change_path=1
fi fi
#================================================= #=================================================
@ -70,30 +70,30 @@ fi
#================================================= #=================================================
# MODIFY URL IN NGINX CONF # MODIFY URL IN NGINX CONF
#================================================= #=================================================
ynh_script_progression --message="Updating nginx web server configuration..." --weight=2 ynh_script_progression --message="Updating NGINX web server configuration..." --weight=2
nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
# Change the path in the nginx config file # Change the path in the NGINX config file
if [ $change_path -eq 1 ] if [ $change_path -eq 1 ]
then then
# Make a backup of the original nginx config file if modified # Make a backup of the original NGINX config file if modified
ynh_backup_if_checksum_is_different --file="$nginx_conf_path" ynh_backup_if_checksum_is_different --file="$nginx_conf_path"
# Set global variables for nginx helper # Set global variables for NGINX helper
domain="$old_domain" domain="$old_domain"
path_url="$new_path" path_url="$new_path"
# Create a dedicated nginx config # Create a dedicated NGINX config
ynh_add_nginx_config ynh_add_nginx_config
fi fi
# Change the domain for nginx # Change the domain for NGINX
if [ $change_domain -eq 1 ] if [ $change_domain -eq 1 ]
then then
# Delete file checksum for the old conf file location # Delete file checksum for the old conf file location
ynh_delete_file_checksum --file="$nginx_conf_path" ynh_delete_file_checksum --file="$nginx_conf_path"
mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf
# Store file checksum for the new config file location # Store file checksum for the new config file location
ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
fi fi
#================================================= #=================================================
@ -126,12 +126,15 @@ ynh_replace_string --match_string="'DC_ADMIN_URL', 'https://$old_domain$old_admi
ynh_store_file_checksum --file="$php_config" ynh_store_file_checksum --file="$php_config"
chmod 400 "$php_config"
chown $app:$app "$php_config"
#================================================= #=================================================
# GENERIC FINALISATION # GENERIC FINALISATION
#================================================= #=================================================
# RELOAD NGINX # RELOAD NGINX
#================================================= #=================================================
ynh_script_progression --message="Reloading nginx web server..." ynh_script_progression --message="Reloading NGINX web server..."
ynh_systemd_action --service_name=nginx --action=reload ynh_systemd_action --service_name=nginx --action=reload

View file

@ -20,12 +20,13 @@ ynh_abort_if_errors
# RETRIEVE ARGUMENTS FROM THE MANIFEST # RETRIEVE ARGUMENTS FROM THE MANIFEST
#================================================= #=================================================
app=$YNH_APP_INSTANCE_NAME
domain=$YNH_APP_ARG_DOMAIN domain=$YNH_APP_ARG_DOMAIN
path_url=$YNH_APP_ARG_PATH path_url=$YNH_APP_ARG_PATH
is_public=$YNH_APP_ARG_IS_PUBLIC is_public=$YNH_APP_ARG_IS_PUBLIC
admin=$YNH_APP_ARG_ADMIN admin=$YNH_APP_ARG_ADMIN
app=$YNH_APP_INSTANCE_NAME
#================================================= #=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#================================================= #=================================================
@ -46,6 +47,14 @@ ynh_app_setting_set --app=$app --key=domain --value=$domain
ynh_app_setting_set --app=$app --key=path --value=$path_url ynh_app_setting_set --app=$app --key=path --value=$path_url
ynh_app_setting_set --app=$app --key=admin --value=$admin ynh_app_setting_set --app=$app --key=admin --value=$admin
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Configuring system user..." --weight=2
# Create a system user
ynh_system_user_create --username=$app --home_dir=$final_path
#================================================= #=================================================
# CREATE A MYSQL DATABASE # CREATE A MYSQL DATABASE
#================================================= #=================================================
@ -64,42 +73,33 @@ db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd)
ynh_script_progression --message="Setting up source files..." --weight=4 ynh_script_progression --message="Setting up source files..." --weight=4
ynh_app_setting_set --app=$app --key=final_path --value=$final_path ynh_app_setting_set --app=$app --key=final_path --value=$final_path
# Download, check integrity, uncompress and patch the source from app.src
# In case of a new version, the url change from http://download.dotclear.org/latest/dotclear-X.X.X.tar.gz to http://download.dotclear.org/attic/dotclear-X.X.X.tar.gz
src_url=$(grep 'SOURCE_URL=' "../conf/app.src" | cut -d= -f2-)
if ! curl --output /dev/null --silent --head --fail "$src_url"; then
ynh_replace_string --match_string="latest" --replace_string="attic" --target_file="../conf/app.src"
fi
ynh_setup_source --dest_dir="$final_path" ynh_setup_source --dest_dir="$final_path"
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path"
#================================================= #=================================================
# NGINX CONFIGURATION # NGINX CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Configuring nginx web server..." ynh_script_progression --message="Configuring NGINX web server..."
# Create a dedicated nginx config # Create a dedicated NGINX config
ynh_add_nginx_config ynh_add_nginx_config
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Configuring system user..." --weight=2
# Create a system user
ynh_system_user_create --username=$app
#================================================= #=================================================
# PHP-FPM CONFIGURATION # PHP-FPM CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Configuring php-fpm..." --weight=2 ynh_script_progression --message="Configuring PHP-FPM..." --weight=2
# Create a dedicated php-fpm config # Create a dedicated PHP-FPM config
ynh_add_fpm_config ynh_add_fpm_config
#================================================= #=================================================
# MODIFY A CONFIG FILE # ADD A CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Adding a configuration file..."
php_config=$final_path/inc/config.php php_config=$final_path/inc/config.php
@ -134,15 +134,17 @@ EOF
ynh_store_file_checksum --file=$php_config ynh_store_file_checksum --file=$php_config
chmod 400 "$php_config"
chown $app:$app "$php_config"
#================================================= #=================================================
# SETUP APPLICATION WITH CURL # SETUP APPLICATION WITH CURL
#================================================= #=================================================
# Set right permissions for curl install
chown -R $app: $final_path
# Set the app as temporarily public for curl call # Set the app as temporarily public for curl call
ynh_permission_update --permission "main" --add "visitors" ynh_script_progression --message="Configuring SSOwat..."
# Making the app public for curl
ynh_permission_update --permission="main" --add="visitors"
# Reload Nginx # Reload Nginx
ynh_systemd_action --service_name=nginx --action=reload ynh_systemd_action --service_name=nginx --action=reload
@ -160,22 +162,17 @@ installUrl="/admin/install/index.php"
ynh_local_curl $installUrl "u_email=$email" "u_firstname=$firstname" "u_name=$lastname" "u_login=$admin" "u_pwd=$password" "u_pwd2=$password" ynh_local_curl $installUrl "u_email=$email" "u_firstname=$firstname" "u_name=$lastname" "u_login=$admin" "u_pwd=$password" "u_pwd2=$password"
# Remove the public access
ynh_permission_update --permission="main" --remove="visitors"
#================================================= #=================================================
# GENERIC FINALIZATION # GENERIC FINALIZATION
#=================================================
# SECURE FILES AND DIRECTORIES
#=================================================
# Set permissions to app files
chown -R root: $final_path
chown -R $app $final_path/{public,cache,themes,plugins}
#================================================= #=================================================
# SETUP FAIL2BAN # SETUP FAIL2BAN
#================================================= #=================================================
ynh_script_progression --message="Configuring fail2ban..." ynh_script_progression --message="Configuring Fail2Ban..."
# Create a dedicated fail2ban config # Create a dedicated Fail2Ban config
ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Invalid credentials in $final_path/inc/class.auth.ldap.php .* client: <HOST>, .*https://$domain${path_url%/}/admin/auth.php" ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Invalid credentials in $final_path/inc/class.auth.ldap.php .* client: <HOST>, .*https://$domain${path_url%/}/admin/auth.php"
#================================================= #=================================================
@ -183,17 +180,21 @@ ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failreg
#================================================= #=================================================
ynh_script_progression --message="Configuring permissions..." ynh_script_progression --message="Configuring permissions..."
if [ $is_public -eq 0 ]; then # Make app public if necessary
ynh_permission_update --permission "main" --remove "visitors" if [ $is_public -eq 1 ]
then
# Everyone can access the app.
# The "main" permission is automatically created before the install script.
ynh_permission_update --permission="main" --add="visitors"
fi fi
# Only the admin can access the admin panel of the app (if the app has an admin panel) # Only the admin can access the admin panel of the app (if the app has an admin panel)
ynh_permission_create --permission "admin" --url "/admin" --allowed $admin ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin
#================================================= #=================================================
# RELOAD NGINX # RELOAD NGINX
#================================================= #=================================================
ynh_script_progression --message="Reloading nginx web server..." ynh_script_progression --message="Reloading NGINX web server..."
ynh_systemd_action --service_name=nginx --action=reload ynh_systemd_action --service_name=nginx --action=reload

View file

@ -42,19 +42,27 @@ ynh_secure_remove --file="$final_path"
#================================================= #=================================================
# REMOVE NGINX CONFIGURATION # REMOVE NGINX CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Removing nginx web server configuration..." ynh_script_progression --message="Removing NGINX web server configuration..."
# Remove the dedicated nginx config # Remove the dedicated NGINX config
ynh_remove_nginx_config ynh_remove_nginx_config
#================================================= #=================================================
# REMOVE PHP-FPM CONFIGURATION # REMOVE PHP-FPM CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Removing php-fpm configuration..." ynh_script_progression --message="Removing PHP-FPM configuration..."
# Remove the dedicated php-fpm config # Remove the dedicated PHP-FPM config
ynh_remove_fpm_config ynh_remove_fpm_config
#=================================================
# REMOVE FAIL2BAN CONFIGURATION
#=================================================
ynh_script_progression --message="Removing Fail2ban configuration..."
# Remove the dedicated Fail2Ban config
ynh_remove_fail2ban_config
#================================================= #=================================================
# GENERIC FINALIZATION # GENERIC FINALIZATION
#================================================= #=================================================
@ -65,14 +73,6 @@ ynh_script_progression --message="Removing the dedicated system user..."
# Delete a system user # Delete a system user
ynh_system_user_delete --username=$app ynh_system_user_delete --username=$app
#=================================================
# REMOVE FAIL2BAN CONFIGURATION
#=================================================
ynh_script_progression --message="Removing fail2ban configuration..."
# Remove the dedicated fail2ban config
ynh_remove_fail2ban_config
#================================================= #=================================================
# END OF SCRIPT # END OF SCRIPT
#================================================= #=================================================

View file

@ -6,7 +6,7 @@
# IMPORT GENERIC HELPERS # IMPORT GENERIC HELPERS
#================================================= #=================================================
#Keep this path for calling _common.sh inside the execution's context of backup and restore scripts # Keep this path for calling _common.sh inside the execution's context of backup and restore scripts
source ../settings/scripts/_common.sh source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
@ -20,7 +20,7 @@ ynh_abort_if_errors
#================================================= #=================================================
# LOAD SETTINGS # LOAD SETTINGS
#================================================= #=================================================
ynh_script_progression --message="Loading settings..." ynh_script_progression --message="Loading installation settings..."
app=$YNH_APP_INSTANCE_NAME app=$YNH_APP_INSTANCE_NAME
@ -29,6 +29,7 @@ path_url=$(ynh_app_setting_get --app=$app --key=path)
final_path=$(ynh_app_setting_get --app=$app --key=final_path) final_path=$(ynh_app_setting_get --app=$app --key=final_path)
db_name=$(ynh_app_setting_get --app=$app --key=db_name) db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user=$db_name db_user=$db_name
phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
#================================================= #=================================================
# CHECK IF THE APP CAN BE RESTORED # CHECK IF THE APP CAN BE RESTORED
@ -45,9 +46,18 @@ test ! -d $final_path \
#================================================= #=================================================
# RESTORE THE NGINX CONFIGURATION # RESTORE THE NGINX CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Restoring the NGINX configuration..."
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# RECREATE THE DEDICATED USER
#=================================================
ynh_script_progression --message="Recreating the dedicated system user..." --weight=2
# Create the dedicated user (if not existing)
ynh_system_user_create --username=$app --home_dir=$final_path
#================================================= #=================================================
# RESTORE THE APP MAIN DIR # RESTORE THE APP MAIN DIR
#================================================= #=================================================
@ -55,32 +65,21 @@ ynh_script_progression --message="Restoring the app main directory..."
ynh_restore_file --origin_path="$final_path" ynh_restore_file --origin_path="$final_path"
#================================================= chmod 750 "$final_path"
# RECREATE THE DEDICATED USER chmod -R o-rwx "$final_path"
#================================================= chown -R $app:www-data "$final_path"
ynh_script_progression --message="Recreating the dedicated system user..." --weight=2
# Create the dedicated user (if not existing)
ynh_system_user_create --username=$app
#=================================================
# RESTORE USER RIGHTS
#=================================================
# Restore permissions on app files
chown -R root: $final_path
chown -R $app $final_path/{public,cache,themes,plugins}
#================================================= #=================================================
# RESTORE THE PHP-FPM CONFIGURATION # RESTORE THE PHP-FPM CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Restoring the PHP-FPM configuration..."
ynh_restore_file --origin_path="/etc/php/7.0/fpm/pool.d/$app.conf" ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
#================================================= #=================================================
# RESTORE THE FAIL2BAN CONFIGURATION # RESTORE FAIL2BAN CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Restoring the fail2ban configuration..." ynh_script_progression --message="Restoring the Fail2Ban configuration..."
ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf" ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf"
ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf" ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf"
@ -102,9 +101,9 @@ ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./
#================================================= #=================================================
# RELOAD NGINX AND PHP-FPM # RELOAD NGINX AND PHP-FPM
#================================================= #=================================================
ynh_script_progression --message="Reloading nginx web server and php-fpm..." ynh_script_progression --message="Reloading NGINX web server and PHP-FPM..."
ynh_systemd_action --service_name=php7.0-fpm --action=reload ynh_systemd_action --service_name=php$phpversion-fpm --action=reload
ynh_systemd_action --service_name=nginx --action=reload ynh_systemd_action --service_name=nginx --action=reload
#================================================= #=================================================

View file

@ -29,9 +29,26 @@ master_key=$(ynh_app_setting_get --app=$app --key=master_key)
#================================================= #=================================================
# CHECK VERSION # CHECK VERSION
#================================================= #=================================================
ynh_script_progression --message="Checking version..."
upgrade_type=$(ynh_check_app_version_changed) upgrade_type=$(ynh_check_app_version_changed)
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=4
# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
# Restore it if the upgrade fails
ynh_restore_upgradebackup
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# STANDARD UPGRADE STEPS
#================================================= #=================================================
# ENSURE DOWNWARD COMPATIBILITY # ENSURE DOWNWARD COMPATIBILITY
#================================================= #=================================================
@ -66,76 +83,57 @@ if [ -n "$is_public" ]; then
ynh_app_setting_delete --app=$app --key=is_public ynh_app_setting_delete --app=$app --key=is_public
fi fi
#================================================= if ! ynh_permission_exists --permission="admin"; then
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP # Create the required permissions
#================================================= ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=4
# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
# restore it if the upgrade fails
ynh_restore_upgradebackup
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# CHECK THE PATH
#=================================================
# Normalize the URL path syntax
path_url=$(ynh_normalize_url_path --path_url=$path_url)
#=================================================
# STANDARD UPGRADE STEPS
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression --message="Upgrading source files..." --weight=4
if [ "$upgrade_type" == "UPGRADE_APP" ]
then
# Download, check integrity, uncompress and patch the source from app.src
# In case of a new version, the url change from http://download.dotclear.org/latest/dotclear-X.X.X.tar.gz to http://download.dotclear.org/attic/dotclear-X.X.X.tar.gz
src_url=$(grep 'SOURCE_URL=' "../conf/app.src" | cut -d= -f2-)
if ! curl --output /dev/null --silent --head --fail "$src_url"; then
ynh_replace_string "latest" "attic" ../conf/app.src
fi
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$final_path"
fi fi
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Upgrading nginx web server configuration..."
# Create a dedicated nginx config
ynh_add_nginx_config
#================================================= #=================================================
# CREATE DEDICATED USER # CREATE DEDICATED USER
#================================================= #=================================================
ynh_script_progression --message="Making sure dedicated system user exists..." ynh_script_progression --message="Making sure dedicated system user exists..."
# Create a dedicated user (if not existing) # Create a dedicated user (if not existing)
ynh_system_user_create --username=$app ynh_system_user_create --username=$app --home_dir=$final_path
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
if [ "$upgrade_type" == "UPGRADE_APP" ]
then
ynh_script_progression --message="Upgrading source files..."
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$final_path"
fi
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path"
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Upgrading NGINX web server configuration..."
# Create a dedicated NGINX config
ynh_add_nginx_config
#================================================= #=================================================
# PHP-FPM CONFIGURATION # PHP-FPM CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Upgrading php-fpm configuration..." --weight=2 ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=2
# Create a dedicated php-fpm config # Create a dedicated PHP-FPM config
ynh_add_fpm_config ynh_add_fpm_config
#================================================= #=================================================
# SPECIFIC UPGRADE # SPECIFIC UPGRADE
#================================================= #=================================================
# MODIFY A CONFIG FILE # UPDATE A CONFIG FILE
#================================================= #=================================================
ynh_script_progression --message="Updating a configuration file..."
php_config=$final_path/inc/config.php php_config=$final_path/inc/config.php
@ -170,33 +168,8 @@ EOF
# Recalculate and store the checksum of the file for the next upgrade. # Recalculate and store the checksum of the file for the next upgrade.
ynh_store_file_checksum --file=$php_config ynh_store_file_checksum --file=$php_config
#================================================= chmod 400 "$php_config"
# GENERIC FINALIZATION chown $app:$app "$php_config"
#=================================================
# SECURE FILES AND DIRECTORIES
#=================================================
# Set permissions on app files
chown -R root: $final_path
chown -R $app $final_path/{public,cache,themes,plugins}
#=================================================
# UPGRADE FAIL2BAN
#=================================================
ynh_script_progression --message="Reconfiguring fail2ban..."
# Create a dedicated fail2ban config
ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Invalid credentials in $final_path/inc/class.auth.ldap.php .* client: <HOST>, .*https://$domain${path_url%/}/admin/auth.php"
#=================================================
# SETUP SSOWAT
#=================================================
ynh_script_progression --message="Upgrading permissions configuration..." --weight=2
# Create the admin permission if needed
if ! ynh_permission_exists --permission "admin"; then
ynh_permission_create --permission "admin" --url "/admin" --allowed $admin
fi
#================================================= #=================================================
# UPDATING DATABASE # UPDATING DATABASE
@ -210,10 +183,20 @@ ynh_local_curl $adminUrl
ynh_permission_update --permission "admin" --remove "visitors" ynh_permission_update --permission "admin" --remove "visitors"
#=================================================
# GENERIC FINALIZATION
#=================================================
# UPGRADE FAIL2BAN
#=================================================
ynh_script_progression --message="Reconfiguring Fail2Ban..."
# Create a dedicated Fail2Ban config
ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Invalid credentials in $final_path/inc/class.auth.ldap.php .* client: <HOST>, .*https://$domain${path_url%/}/admin/auth.php"
#================================================= #=================================================
# RELOAD NGINX # RELOAD NGINX
#================================================= #=================================================
ynh_script_progression --message="Reloading nginx web server..." ynh_script_progression --message="Reloading NGINX web server..."
ynh_systemd_action --service_name=nginx --action=reload ynh_systemd_action --service_name=nginx --action=reload