mirror of
https://github.com/YunoHost-Apps/dotclear2_ynh.git
synced 2024-09-03 18:26:29 +02:00
commit
777e721800
12 changed files with 198 additions and 223 deletions
|
@ -9,7 +9,7 @@ If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to
|
|||
## Overview
|
||||
Dotclear is an open-source web publishing software.
|
||||
|
||||
**Shipped version:** 2.18
|
||||
**Shipped version:** 2.18.1
|
||||
|
||||
## Screenshots
|
||||
|
||||
|
|
|
@ -1,11 +1,9 @@
|
|||
# See here for more informations
|
||||
# https://github.com/YunoHost/package_check#syntax-check_process-file
|
||||
;; Test complet
|
||||
; Manifest
|
||||
domain="domain.tld" (DOMAIN)
|
||||
path="/path" (PATH)
|
||||
admin="john" (USER)
|
||||
is_public=1 (PUBLIC|public=1|private=0)
|
||||
domain="domain.tld"
|
||||
path="/path"
|
||||
admin="john"
|
||||
is_public=1
|
||||
; Checks
|
||||
pkg_linter=1
|
||||
setup_sub_dir=1
|
||||
|
@ -19,8 +17,6 @@
|
|||
multi_instance=1
|
||||
port_already_use=0
|
||||
change_url=1
|
||||
;;; Levels
|
||||
Level 5=auto
|
||||
;;; Options
|
||||
Email=
|
||||
Notification=none
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
SOURCE_URL=http://download.dotclear.org/latest/dotclear-2.18.tar.gz
|
||||
SOURCE_SUM=6a99672db2c20e392d776c680dc87d5bc66962e8307ecf81a63feb6c5d2f398a
|
||||
SOURCE_URL=http://download.dotclear.org/latest/dotclear-2.18.1.zip
|
||||
SOURCE_SUM=ea9874c0a796c798efa31c9a8b747707dc678b7244a4d385975466dc4ff5b88e
|
||||
SOURCE_SUM_PRG=sha256sum
|
||||
SOURCE_FORMAT=tar.gz
|
||||
SOURCE_IN_SUBDIR=2
|
||||
SOURCE_FORMAT=zip
|
||||
SOURCE_IN_SUBDIR=true
|
||||
SOURCE_FILENAME=
|
||||
SOURCE_EXTRACT=true
|
||||
|
|
|
@ -11,10 +11,13 @@ location __PATH__/ {
|
|||
|
||||
index index.php;
|
||||
|
||||
# Common parameter to increase upload size limit in conjunction with dedicated php-fpm file
|
||||
client_max_body_size 50M;
|
||||
|
||||
try_files $uri $uri/ index.php;
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
|
||||
fastcgi_pass unix:/var/run/php/php7.0-fpm-__NAME__.sock;
|
||||
fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock;
|
||||
|
||||
fastcgi_index index.php;
|
||||
include fastcgi_params;
|
||||
|
|
|
@ -33,7 +33,7 @@ group = __USER__
|
|||
; (IPv6 and IPv4-mapped) on a specific port;
|
||||
; '/path/to/unix/socket' - to listen on a unix socket.
|
||||
; Note: This value is mandatory.
|
||||
listen = /var/run/php/php7.0-fpm-__NAMETOCHANGE__.sock
|
||||
listen = /var/run/php/php__PHPVERSION__-fpm-__NAMETOCHANGE__.sock
|
||||
|
||||
; Set listen(2) backlog.
|
||||
; Default Value: 511 (-1 on FreeBSD and OpenBSD)
|
||||
|
|
|
@ -6,7 +6,7 @@
|
|||
"en": "Blog publishing application",
|
||||
"fr": "Moteur de blog"
|
||||
},
|
||||
"version": "2.18~ynh1",
|
||||
"version": "2.18.1~ynh1",
|
||||
"license": "GPL-2.0-or-later",
|
||||
"url": "https://dotclear.org/",
|
||||
"maintainer": {
|
||||
|
@ -19,7 +19,7 @@
|
|||
"multi_instance": true,
|
||||
"services": [
|
||||
"nginx",
|
||||
"php7.0-fpm",
|
||||
"php7.3-fpm",
|
||||
"mysql"
|
||||
],
|
||||
"arguments": {
|
||||
|
@ -27,33 +27,22 @@
|
|||
{
|
||||
"name": "domain",
|
||||
"type": "domain",
|
||||
"ask": {
|
||||
"en": "Choose a domain for DotClear 2"
|
||||
},
|
||||
"example": "domain.org"
|
||||
"example": "example.com"
|
||||
},
|
||||
{
|
||||
"name": "path",
|
||||
"type": "path",
|
||||
"ask": {
|
||||
"en": "Choose a path for DotClear 2"
|
||||
},
|
||||
"example": "/dotclear2",
|
||||
"default": "/dotclear2"
|
||||
},
|
||||
{
|
||||
"name": "admin",
|
||||
"type": "user",
|
||||
"ask": {
|
||||
"en": "Choose a yunohost user as dotclear admin"
|
||||
}
|
||||
"example": "johndoe"
|
||||
},
|
||||
{
|
||||
"name": "is_public",
|
||||
"type": "boolean",
|
||||
"ask": {
|
||||
"en": "Is it a public application ?"
|
||||
},
|
||||
"default": true
|
||||
}
|
||||
]
|
||||
|
|
|
@ -20,54 +20,54 @@ ynh_abort_if_errors
|
|||
#=================================================
|
||||
# LOAD SETTINGS
|
||||
#=================================================
|
||||
ynh_script_progression --message="Loading installation settings..."
|
||||
ynh_print_info --message="Loading installation settings..."
|
||||
|
||||
app=$YNH_APP_INSTANCE_NAME
|
||||
|
||||
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
||||
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
|
||||
phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
|
||||
|
||||
#=================================================
|
||||
# STANDARD BACKUP STEPS
|
||||
# DECLARE DATA AND CONF FILES TO BACKUP
|
||||
#=================================================
|
||||
ynh_print_info --message="Declaring files to be backed up..."
|
||||
|
||||
#=================================================
|
||||
# BACKUP THE APP MAIN DIR
|
||||
#=================================================
|
||||
ynh_script_progression --message="Backing up the main app directory..."
|
||||
|
||||
ynh_backup --src_path="$final_path"
|
||||
|
||||
#=================================================
|
||||
# BACKUP THE NGINX CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Backing up nginx web server configuration..."
|
||||
|
||||
ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
|
||||
|
||||
#=================================================
|
||||
# BACKUP THE PHP-FPM CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Backing up php-fpm configuration..."
|
||||
|
||||
ynh_backup --src_path="/etc/php/7.0/fpm/pool.d/$app.conf"
|
||||
|
||||
#=================================================
|
||||
# BACKUP THE MYSQL DATABASE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Backing up the MySQL database..."
|
||||
|
||||
ynh_mysql_dump_db --database="$db_name" > db.sql
|
||||
ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
|
||||
|
||||
#=================================================
|
||||
# BACKUP FAIL2BAN CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Backing up fail2ban configuration..."
|
||||
|
||||
ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf"
|
||||
ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf"
|
||||
|
||||
#=================================================
|
||||
# BACKUP THE MYSQL DATABASE
|
||||
#=================================================
|
||||
ynh_print_info --message="Backing up the MySQL database..."
|
||||
|
||||
ynh_mysql_dump_db --database="$db_name" > db.sql
|
||||
|
||||
#=================================================
|
||||
# END OF SCRIPT
|
||||
#=================================================
|
||||
|
||||
ynh_script_progression --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." --last
|
||||
ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)."
|
||||
|
|
|
@ -33,9 +33,9 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
|||
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
|
||||
|
||||
#=================================================
|
||||
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
|
||||
# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP
|
||||
#=================================================
|
||||
ynh_script_progression --message="Backing up the app before changing its url (may take a while)..." --weight=4
|
||||
ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..."
|
||||
|
||||
# Backup the current version of the app
|
||||
ynh_backup_before_upgrade
|
||||
|
@ -43,7 +43,7 @@ ynh_clean_setup () {
|
|||
# Remove the new domain config file, the remove script won't do it as it doesn't know yet its location.
|
||||
ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
|
||||
|
||||
# restore it if the upgrade fails
|
||||
# Restore it if the upgrade fails
|
||||
ynh_restore_upgradebackup
|
||||
}
|
||||
# Exit if an error occurs during the execution of the script
|
||||
|
@ -70,23 +70,23 @@ fi
|
|||
#=================================================
|
||||
# MODIFY URL IN NGINX CONF
|
||||
#=================================================
|
||||
ynh_script_progression --message="Updating nginx web server configuration..." --weight=2
|
||||
ynh_script_progression --message="Updating NGINX web server configuration..." --weight=2
|
||||
|
||||
nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
|
||||
|
||||
# Change the path in the nginx config file
|
||||
# Change the path in the NGINX config file
|
||||
if [ $change_path -eq 1 ]
|
||||
then
|
||||
# Make a backup of the original nginx config file if modified
|
||||
# Make a backup of the original NGINX config file if modified
|
||||
ynh_backup_if_checksum_is_different --file="$nginx_conf_path"
|
||||
# Set global variables for nginx helper
|
||||
# Set global variables for NGINX helper
|
||||
domain="$old_domain"
|
||||
path_url="$new_path"
|
||||
# Create a dedicated nginx config
|
||||
# Create a dedicated NGINX config
|
||||
ynh_add_nginx_config
|
||||
fi
|
||||
|
||||
# Change the domain for nginx
|
||||
# Change the domain for NGINX
|
||||
if [ $change_domain -eq 1 ]
|
||||
then
|
||||
# Delete file checksum for the old conf file location
|
||||
|
@ -126,12 +126,15 @@ ynh_replace_string --match_string="'DC_ADMIN_URL', 'https://$old_domain$old_admi
|
|||
|
||||
ynh_store_file_checksum --file="$php_config"
|
||||
|
||||
chmod 400 "$php_config"
|
||||
chown $app:$app "$php_config"
|
||||
|
||||
#=================================================
|
||||
# GENERIC FINALISATION
|
||||
#=================================================
|
||||
# RELOAD NGINX
|
||||
#=================================================
|
||||
ynh_script_progression --message="Reloading nginx web server..."
|
||||
ynh_script_progression --message="Reloading NGINX web server..."
|
||||
|
||||
ynh_systemd_action --service_name=nginx --action=reload
|
||||
|
||||
|
|
|
@ -20,12 +20,13 @@ ynh_abort_if_errors
|
|||
# RETRIEVE ARGUMENTS FROM THE MANIFEST
|
||||
#=================================================
|
||||
|
||||
app=$YNH_APP_INSTANCE_NAME
|
||||
domain=$YNH_APP_ARG_DOMAIN
|
||||
path_url=$YNH_APP_ARG_PATH
|
||||
is_public=$YNH_APP_ARG_IS_PUBLIC
|
||||
admin=$YNH_APP_ARG_ADMIN
|
||||
|
||||
app=$YNH_APP_INSTANCE_NAME
|
||||
|
||||
#=================================================
|
||||
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
|
||||
#=================================================
|
||||
|
@ -46,6 +47,14 @@ ynh_app_setting_set --app=$app --key=domain --value=$domain
|
|||
ynh_app_setting_set --app=$app --key=path --value=$path_url
|
||||
ynh_app_setting_set --app=$app --key=admin --value=$admin
|
||||
|
||||
#=================================================
|
||||
# CREATE DEDICATED USER
|
||||
#=================================================
|
||||
ynh_script_progression --message="Configuring system user..." --weight=2
|
||||
|
||||
# Create a system user
|
||||
ynh_system_user_create --username=$app --home_dir=$final_path
|
||||
|
||||
#=================================================
|
||||
# CREATE A MYSQL DATABASE
|
||||
#=================================================
|
||||
|
@ -64,42 +73,33 @@ db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd)
|
|||
ynh_script_progression --message="Setting up source files..." --weight=4
|
||||
|
||||
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
|
||||
|
||||
# In case of a new version, the url change from http://download.dotclear.org/latest/dotclear-X.X.X.tar.gz to http://download.dotclear.org/attic/dotclear-X.X.X.tar.gz
|
||||
src_url=$(grep 'SOURCE_URL=' "../conf/app.src" | cut -d= -f2-)
|
||||
if ! curl --output /dev/null --silent --head --fail "$src_url"; then
|
||||
ynh_replace_string --match_string="latest" --replace_string="attic" --target_file="../conf/app.src"
|
||||
fi
|
||||
|
||||
# Download, check integrity, uncompress and patch the source from app.src
|
||||
ynh_setup_source --dest_dir="$final_path"
|
||||
|
||||
chmod 750 "$final_path"
|
||||
chmod -R o-rwx "$final_path"
|
||||
chown -R $app:www-data "$final_path"
|
||||
|
||||
#=================================================
|
||||
# NGINX CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Configuring nginx web server..."
|
||||
ynh_script_progression --message="Configuring NGINX web server..."
|
||||
|
||||
# Create a dedicated nginx config
|
||||
# Create a dedicated NGINX config
|
||||
ynh_add_nginx_config
|
||||
|
||||
#=================================================
|
||||
# CREATE DEDICATED USER
|
||||
#=================================================
|
||||
ynh_script_progression --message="Configuring system user..." --weight=2
|
||||
|
||||
# Create a system user
|
||||
ynh_system_user_create --username=$app
|
||||
|
||||
#=================================================
|
||||
# PHP-FPM CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Configuring php-fpm..." --weight=2
|
||||
ynh_script_progression --message="Configuring PHP-FPM..." --weight=2
|
||||
|
||||
# Create a dedicated php-fpm config
|
||||
# Create a dedicated PHP-FPM config
|
||||
ynh_add_fpm_config
|
||||
|
||||
#=================================================
|
||||
# MODIFY A CONFIG FILE
|
||||
# ADD A CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Adding a configuration file..."
|
||||
|
||||
php_config=$final_path/inc/config.php
|
||||
|
||||
|
@ -134,15 +134,17 @@ EOF
|
|||
|
||||
ynh_store_file_checksum --file=$php_config
|
||||
|
||||
chmod 400 "$php_config"
|
||||
chown $app:$app "$php_config"
|
||||
|
||||
#=================================================
|
||||
# SETUP APPLICATION WITH CURL
|
||||
#=================================================
|
||||
|
||||
# Set right permissions for curl install
|
||||
chown -R $app: $final_path
|
||||
|
||||
# Set the app as temporarily public for curl call
|
||||
ynh_permission_update --permission "main" --add "visitors"
|
||||
ynh_script_progression --message="Configuring SSOwat..."
|
||||
# Making the app public for curl
|
||||
ynh_permission_update --permission="main" --add="visitors"
|
||||
|
||||
# Reload Nginx
|
||||
ynh_systemd_action --service_name=nginx --action=reload
|
||||
|
@ -160,22 +162,17 @@ installUrl="/admin/install/index.php"
|
|||
|
||||
ynh_local_curl $installUrl "u_email=$email" "u_firstname=$firstname" "u_name=$lastname" "u_login=$admin" "u_pwd=$password" "u_pwd2=$password"
|
||||
|
||||
# Remove the public access
|
||||
ynh_permission_update --permission="main" --remove="visitors"
|
||||
|
||||
#=================================================
|
||||
# GENERIC FINALIZATION
|
||||
#=================================================
|
||||
# SECURE FILES AND DIRECTORIES
|
||||
#=================================================
|
||||
|
||||
# Set permissions to app files
|
||||
chown -R root: $final_path
|
||||
chown -R $app $final_path/{public,cache,themes,plugins}
|
||||
|
||||
#=================================================
|
||||
# SETUP FAIL2BAN
|
||||
#=================================================
|
||||
ynh_script_progression --message="Configuring fail2ban..."
|
||||
ynh_script_progression --message="Configuring Fail2Ban..."
|
||||
|
||||
# Create a dedicated fail2ban config
|
||||
# Create a dedicated Fail2Ban config
|
||||
ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Invalid credentials in $final_path/inc/class.auth.ldap.php .* client: <HOST>, .*https://$domain${path_url%/}/admin/auth.php"
|
||||
|
||||
#=================================================
|
||||
|
@ -183,17 +180,21 @@ ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failreg
|
|||
#=================================================
|
||||
ynh_script_progression --message="Configuring permissions..."
|
||||
|
||||
if [ $is_public -eq 0 ]; then
|
||||
ynh_permission_update --permission "main" --remove "visitors"
|
||||
# Make app public if necessary
|
||||
if [ $is_public -eq 1 ]
|
||||
then
|
||||
# Everyone can access the app.
|
||||
# The "main" permission is automatically created before the install script.
|
||||
ynh_permission_update --permission="main" --add="visitors"
|
||||
fi
|
||||
|
||||
# Only the admin can access the admin panel of the app (if the app has an admin panel)
|
||||
ynh_permission_create --permission "admin" --url "/admin" --allowed $admin
|
||||
ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin
|
||||
|
||||
#=================================================
|
||||
# RELOAD NGINX
|
||||
#=================================================
|
||||
ynh_script_progression --message="Reloading nginx web server..."
|
||||
ynh_script_progression --message="Reloading NGINX web server..."
|
||||
|
||||
ynh_systemd_action --service_name=nginx --action=reload
|
||||
|
||||
|
|
|
@ -42,19 +42,27 @@ ynh_secure_remove --file="$final_path"
|
|||
#=================================================
|
||||
# REMOVE NGINX CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Removing nginx web server configuration..."
|
||||
ynh_script_progression --message="Removing NGINX web server configuration..."
|
||||
|
||||
# Remove the dedicated nginx config
|
||||
# Remove the dedicated NGINX config
|
||||
ynh_remove_nginx_config
|
||||
|
||||
#=================================================
|
||||
# REMOVE PHP-FPM CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Removing php-fpm configuration..."
|
||||
ynh_script_progression --message="Removing PHP-FPM configuration..."
|
||||
|
||||
# Remove the dedicated php-fpm config
|
||||
# Remove the dedicated PHP-FPM config
|
||||
ynh_remove_fpm_config
|
||||
|
||||
#=================================================
|
||||
# REMOVE FAIL2BAN CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Removing Fail2ban configuration..."
|
||||
|
||||
# Remove the dedicated Fail2Ban config
|
||||
ynh_remove_fail2ban_config
|
||||
|
||||
#=================================================
|
||||
# GENERIC FINALIZATION
|
||||
#=================================================
|
||||
|
@ -65,14 +73,6 @@ ynh_script_progression --message="Removing the dedicated system user..."
|
|||
# Delete a system user
|
||||
ynh_system_user_delete --username=$app
|
||||
|
||||
#=================================================
|
||||
# REMOVE FAIL2BAN CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Removing fail2ban configuration..."
|
||||
|
||||
# Remove the dedicated fail2ban config
|
||||
ynh_remove_fail2ban_config
|
||||
|
||||
#=================================================
|
||||
# END OF SCRIPT
|
||||
#=================================================
|
||||
|
|
|
@ -20,7 +20,7 @@ ynh_abort_if_errors
|
|||
#=================================================
|
||||
# LOAD SETTINGS
|
||||
#=================================================
|
||||
ynh_script_progression --message="Loading settings..."
|
||||
ynh_script_progression --message="Loading installation settings..."
|
||||
|
||||
app=$YNH_APP_INSTANCE_NAME
|
||||
|
||||
|
@ -29,6 +29,7 @@ path_url=$(ynh_app_setting_get --app=$app --key=path)
|
|||
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
|
||||
db_user=$db_name
|
||||
phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
|
||||
|
||||
#=================================================
|
||||
# CHECK IF THE APP CAN BE RESTORED
|
||||
|
@ -45,9 +46,18 @@ test ! -d $final_path \
|
|||
#=================================================
|
||||
# RESTORE THE NGINX CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Restoring the NGINX configuration..."
|
||||
|
||||
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
|
||||
|
||||
#=================================================
|
||||
# RECREATE THE DEDICATED USER
|
||||
#=================================================
|
||||
ynh_script_progression --message="Recreating the dedicated system user..." --weight=2
|
||||
|
||||
# Create the dedicated user (if not existing)
|
||||
ynh_system_user_create --username=$app --home_dir=$final_path
|
||||
|
||||
#=================================================
|
||||
# RESTORE THE APP MAIN DIR
|
||||
#=================================================
|
||||
|
@ -55,32 +65,21 @@ ynh_script_progression --message="Restoring the app main directory..."
|
|||
|
||||
ynh_restore_file --origin_path="$final_path"
|
||||
|
||||
#=================================================
|
||||
# RECREATE THE DEDICATED USER
|
||||
#=================================================
|
||||
ynh_script_progression --message="Recreating the dedicated system user..." --weight=2
|
||||
|
||||
# Create the dedicated user (if not existing)
|
||||
ynh_system_user_create --username=$app
|
||||
|
||||
#=================================================
|
||||
# RESTORE USER RIGHTS
|
||||
#=================================================
|
||||
|
||||
# Restore permissions on app files
|
||||
chown -R root: $final_path
|
||||
chown -R $app $final_path/{public,cache,themes,plugins}
|
||||
chmod 750 "$final_path"
|
||||
chmod -R o-rwx "$final_path"
|
||||
chown -R $app:www-data "$final_path"
|
||||
|
||||
#=================================================
|
||||
# RESTORE THE PHP-FPM CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Restoring the PHP-FPM configuration..."
|
||||
|
||||
ynh_restore_file --origin_path="/etc/php/7.0/fpm/pool.d/$app.conf"
|
||||
ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
|
||||
|
||||
#=================================================
|
||||
# RESTORE THE FAIL2BAN CONFIGURATION
|
||||
# RESTORE FAIL2BAN CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Restoring the fail2ban configuration..."
|
||||
ynh_script_progression --message="Restoring the Fail2Ban configuration..."
|
||||
|
||||
ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf"
|
||||
ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf"
|
||||
|
@ -102,9 +101,9 @@ ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./
|
|||
#=================================================
|
||||
# RELOAD NGINX AND PHP-FPM
|
||||
#=================================================
|
||||
ynh_script_progression --message="Reloading nginx web server and php-fpm..."
|
||||
ynh_script_progression --message="Reloading NGINX web server and PHP-FPM..."
|
||||
|
||||
ynh_systemd_action --service_name=php7.0-fpm --action=reload
|
||||
ynh_systemd_action --service_name=php$phpversion-fpm --action=reload
|
||||
ynh_systemd_action --service_name=nginx --action=reload
|
||||
|
||||
#=================================================
|
||||
|
|
141
scripts/upgrade
141
scripts/upgrade
|
@ -29,9 +29,26 @@ master_key=$(ynh_app_setting_get --app=$app --key=master_key)
|
|||
#=================================================
|
||||
# CHECK VERSION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Checking version..."
|
||||
|
||||
upgrade_type=$(ynh_check_app_version_changed)
|
||||
|
||||
#=================================================
|
||||
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
|
||||
#=================================================
|
||||
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=4
|
||||
|
||||
# Backup the current version of the app
|
||||
ynh_backup_before_upgrade
|
||||
ynh_clean_setup () {
|
||||
# Restore it if the upgrade fails
|
||||
ynh_restore_upgradebackup
|
||||
}
|
||||
# Exit if an error occurs during the execution of the script
|
||||
ynh_abort_if_errors
|
||||
|
||||
#=================================================
|
||||
# STANDARD UPGRADE STEPS
|
||||
#=================================================
|
||||
# ENSURE DOWNWARD COMPATIBILITY
|
||||
#=================================================
|
||||
|
@ -66,76 +83,57 @@ if [ -n "$is_public" ]; then
|
|||
ynh_app_setting_delete --app=$app --key=is_public
|
||||
fi
|
||||
|
||||
#=================================================
|
||||
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
|
||||
#=================================================
|
||||
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=4
|
||||
|
||||
# Backup the current version of the app
|
||||
ynh_backup_before_upgrade
|
||||
ynh_clean_setup () {
|
||||
# restore it if the upgrade fails
|
||||
ynh_restore_upgradebackup
|
||||
}
|
||||
# Exit if an error occurs during the execution of the script
|
||||
ynh_abort_if_errors
|
||||
|
||||
#=================================================
|
||||
# CHECK THE PATH
|
||||
#=================================================
|
||||
|
||||
# Normalize the URL path syntax
|
||||
path_url=$(ynh_normalize_url_path --path_url=$path_url)
|
||||
|
||||
#=================================================
|
||||
# STANDARD UPGRADE STEPS
|
||||
#=================================================
|
||||
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Upgrading source files..." --weight=4
|
||||
|
||||
if [ "$upgrade_type" == "UPGRADE_APP" ]
|
||||
then
|
||||
# Download, check integrity, uncompress and patch the source from app.src
|
||||
# In case of a new version, the url change from http://download.dotclear.org/latest/dotclear-X.X.X.tar.gz to http://download.dotclear.org/attic/dotclear-X.X.X.tar.gz
|
||||
src_url=$(grep 'SOURCE_URL=' "../conf/app.src" | cut -d= -f2-)
|
||||
if ! curl --output /dev/null --silent --head --fail "$src_url"; then
|
||||
ynh_replace_string "latest" "attic" ../conf/app.src
|
||||
if ! ynh_permission_exists --permission="admin"; then
|
||||
# Create the required permissions
|
||||
ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin
|
||||
fi
|
||||
|
||||
# Download, check integrity, uncompress and patch the source from app.src
|
||||
ynh_setup_source --dest_dir="$final_path"
|
||||
fi
|
||||
|
||||
#=================================================
|
||||
# NGINX CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Upgrading nginx web server configuration..."
|
||||
|
||||
# Create a dedicated nginx config
|
||||
ynh_add_nginx_config
|
||||
|
||||
#=================================================
|
||||
# CREATE DEDICATED USER
|
||||
#=================================================
|
||||
ynh_script_progression --message="Making sure dedicated system user exists..."
|
||||
|
||||
# Create a dedicated user (if not existing)
|
||||
ynh_system_user_create --username=$app
|
||||
ynh_system_user_create --username=$app --home_dir=$final_path
|
||||
|
||||
#=================================================
|
||||
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
||||
#=================================================
|
||||
|
||||
if [ "$upgrade_type" == "UPGRADE_APP" ]
|
||||
then
|
||||
ynh_script_progression --message="Upgrading source files..."
|
||||
|
||||
# Download, check integrity, uncompress and patch the source from app.src
|
||||
ynh_setup_source --dest_dir="$final_path"
|
||||
fi
|
||||
|
||||
chmod 750 "$final_path"
|
||||
chmod -R o-rwx "$final_path"
|
||||
chown -R $app:www-data "$final_path"
|
||||
|
||||
#=================================================
|
||||
# NGINX CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Upgrading NGINX web server configuration..."
|
||||
|
||||
# Create a dedicated NGINX config
|
||||
ynh_add_nginx_config
|
||||
|
||||
#=================================================
|
||||
# PHP-FPM CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Upgrading php-fpm configuration..." --weight=2
|
||||
ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=2
|
||||
|
||||
# Create a dedicated php-fpm config
|
||||
# Create a dedicated PHP-FPM config
|
||||
ynh_add_fpm_config
|
||||
|
||||
#=================================================
|
||||
# SPECIFIC UPGRADE
|
||||
#=================================================
|
||||
# MODIFY A CONFIG FILE
|
||||
# UPDATE A CONFIG FILE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Updating a configuration file..."
|
||||
|
||||
php_config=$final_path/inc/config.php
|
||||
|
||||
|
@ -170,33 +168,8 @@ EOF
|
|||
# Recalculate and store the checksum of the file for the next upgrade.
|
||||
ynh_store_file_checksum --file=$php_config
|
||||
|
||||
#=================================================
|
||||
# GENERIC FINALIZATION
|
||||
#=================================================
|
||||
# SECURE FILES AND DIRECTORIES
|
||||
#=================================================
|
||||
|
||||
# Set permissions on app files
|
||||
chown -R root: $final_path
|
||||
chown -R $app $final_path/{public,cache,themes,plugins}
|
||||
|
||||
#=================================================
|
||||
# UPGRADE FAIL2BAN
|
||||
#=================================================
|
||||
ynh_script_progression --message="Reconfiguring fail2ban..."
|
||||
|
||||
# Create a dedicated fail2ban config
|
||||
ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Invalid credentials in $final_path/inc/class.auth.ldap.php .* client: <HOST>, .*https://$domain${path_url%/}/admin/auth.php"
|
||||
|
||||
#=================================================
|
||||
# SETUP SSOWAT
|
||||
#=================================================
|
||||
ynh_script_progression --message="Upgrading permissions configuration..." --weight=2
|
||||
|
||||
# Create the admin permission if needed
|
||||
if ! ynh_permission_exists --permission "admin"; then
|
||||
ynh_permission_create --permission "admin" --url "/admin" --allowed $admin
|
||||
fi
|
||||
chmod 400 "$php_config"
|
||||
chown $app:$app "$php_config"
|
||||
|
||||
#=================================================
|
||||
# UPDATING DATABASE
|
||||
|
@ -210,10 +183,20 @@ ynh_local_curl $adminUrl
|
|||
|
||||
ynh_permission_update --permission "admin" --remove "visitors"
|
||||
|
||||
#=================================================
|
||||
# GENERIC FINALIZATION
|
||||
#=================================================
|
||||
# UPGRADE FAIL2BAN
|
||||
#=================================================
|
||||
ynh_script_progression --message="Reconfiguring Fail2Ban..."
|
||||
|
||||
# Create a dedicated Fail2Ban config
|
||||
ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Invalid credentials in $final_path/inc/class.auth.ldap.php .* client: <HOST>, .*https://$domain${path_url%/}/admin/auth.php"
|
||||
|
||||
#=================================================
|
||||
# RELOAD NGINX
|
||||
#=================================================
|
||||
ynh_script_progression --message="Reloading nginx web server..."
|
||||
ynh_script_progression --message="Reloading NGINX web server..."
|
||||
|
||||
ynh_systemd_action --service_name=nginx --action=reload
|
||||
|
||||
|
|
Loading…
Reference in a new issue