YunoHost-Apps/dotclear2_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/dotclear2_ynh.git synced 2024-09-03 18:26:29 +02:00
Code Issues Activity Actions 1

Apply example_ynh

Browse source
This commit is contained in:
yalh76 2021-05-15 16:10:33 +02:00
parent c449f5cbbf
commit 7b8cc6d5a7
8 changed files with 159 additions and 191 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
check_process
View file

@ -1,11 +1,9 @@
# See here for more informations
# https://github.com/YunoHost/package_check#syntax-check_process-file
;; Test complet ;; Test complet
; Manifest ; Manifest
domain="domain.tld" (DOMAIN) domain="domain.tld"
path="/path" (PATH) path="/path"
admin="john" (USER) admin="john"
is_public=1 (PUBLIC|public=1|private=0) is_public=1
; Checks ; Checks
pkg_linter=1 pkg_linter=1
setup_sub_dir=1 setup_sub_dir=1
@ -19,8 +17,6 @@
multi_instance=1 multi_instance=1
port_already_use=0 port_already_use=0
change_url=1 change_url=1
;;; Levels
Level 5=auto
;;; Options ;;; Options
Email= Email=
Notification=none Notification=none

19
manifest.json
View file

@ -19,41 +19,30 @@
"multi_instance": true, "multi_instance": true,
"services": [ "services": [
"nginx", "nginx",
"php7.0-fpm", "php7.3-fpm",
"mysql" "mysql"
], ],
"arguments": { "arguments": {
"install": [ "install" : [
{ {
"name": "domain", "name": "domain",
"type": "domain", "type": "domain",
"ask": { "example": "example.com"
"en": "Choose a domain for DotClear 2"
},
"example": "domain.org"
}, },
{ {
"name": "path", "name": "path",
"type": "path", "type": "path",
"ask": {
"en": "Choose a path for DotClear 2"
},
"example": "/dotclear2", "example": "/dotclear2",
"default": "/dotclear2" "default": "/dotclear2"
}, },
{ {
"name": "admin", "name": "admin",
"type": "user", "type": "user",
"ask": { "example": "johndoe"
"en": "Choose a yunohost user as dotclear admin"
}
}, },
{ {
"name": "is_public", "name": "is_public",
"type": "boolean", "type": "boolean",
"ask": {
"en": "Is it a public application ?"
},
"default": true "default": true
} }
] ]

32
scripts/backup
View file

@ -6,7 +6,7 @@
# IMPORT GENERIC HELPERS # IMPORT GENERIC HELPERS
#================================================= #=================================================
#Keep this path for calling _common.sh inside the execution's context of backup and restore scripts # Keep this path for calling _common.sh inside the execution's context of backup and restore scripts
source ../settings/scripts/_common.sh source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
@ -20,54 +20,54 @@ ynh_abort_if_errors
#================================================= #=================================================
# LOAD SETTINGS # LOAD SETTINGS
#================================================= #=================================================
ynh_script_progression --message="Loading installation settings..." ynh_print_info --message="Loading installation settings..."
app=$YNH_APP_INSTANCE_NAME app=$YNH_APP_INSTANCE_NAME
final_path=$(ynh_app_setting_get --app=$app --key=final_path) final_path=$(ynh_app_setting_get --app=$app --key=final_path)
domain=$(ynh_app_setting_get --app=$app --key=domain) domain=$(ynh_app_setting_get --app=$app --key=domain)
db_name=$(ynh_app_setting_get --app=$app --key=db_name) db_name=$(ynh_app_setting_get --app=$app --key=db_name)
phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
#================================================= #=================================================
# STANDARD BACKUP STEPS # DECLARE DATA AND CONF FILES TO BACKUP
#=================================================
ynh_print_info --message="Declaring files to be backed up..."
#================================================= #=================================================
# BACKUP THE APP MAIN DIR # BACKUP THE APP MAIN DIR
#================================================= #=================================================
ynh_script_progression --message="Backing up the main app directory..."
ynh_backup --src_path="$final_path" ynh_backup --src_path="$final_path"
#================================================= #=================================================
# BACKUP THE NGINX CONFIGURATION # BACKUP THE NGINX CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Backing up nginx web server configuration..."
ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#================================================= #=================================================
# BACKUP THE PHP-FPM CONFIGURATION # BACKUP THE PHP-FPM CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Backing up php-fpm configuration..."
ynh_backup --src_path="/etc/php/7.0/fpm/pool.d/$app.conf" ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
#=================================================
# BACKUP THE MYSQL DATABASE
#=================================================
ynh_script_progression --message="Backing up the MySQL database..."
ynh_mysql_dump_db --database="$db_name" > db.sql
#================================================= #=================================================
# BACKUP FAIL2BAN CONFIGURATION # BACKUP FAIL2BAN CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Backing up fail2ban configuration..."
ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf" ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf"
ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf" ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf"
#=================================================
# BACKUP THE MYSQL DATABASE
#=================================================
ynh_print_info --message="Backing up the MySQL database..."
ynh_mysql_dump_db --database="$db_name" > db.sql
#================================================= #=================================================
# END OF SCRIPT # END OF SCRIPT
#================================================= #=================================================
ynh_script_progression --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." --last ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)."

48
scripts/change_url
View file

@ -33,18 +33,18 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path)
db_name=$(ynh_app_setting_get --app=$app --key=db_name) db_name=$(ynh_app_setting_get --app=$app --key=db_name)
#================================================= #=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP # BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP
#================================================= #=================================================
ynh_script_progression --message="Backing up the app before changing its url (may take a while)..." --weight=4 ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..."
# Backup the current version of the app # Backup the current version of the app
ynh_backup_before_upgrade ynh_backup_before_upgrade
ynh_clean_setup () { ynh_clean_setup () {
# Remove the new domain config file, the remove script won't do it as it doesn't know yet its location. # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location.
ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
# restore it if the upgrade fails # Restore it if the upgrade fails
ynh_restore_upgradebackup ynh_restore_upgradebackup
} }
# Exit if an error occurs during the execution of the script # Exit if an error occurs during the execution of the script
ynh_abort_if_errors ynh_abort_if_errors
@ -56,13 +56,13 @@ ynh_abort_if_errors
change_domain=0 change_domain=0
if [ "$old_domain" != "$new_domain" ] if [ "$old_domain" != "$new_domain" ]
then then
change_domain=1 change_domain=1
fi fi
change_path=0 change_path=0
if [ "$old_path" != "$new_path" ] if [ "$old_path" != "$new_path" ]
then then
change_path=1 change_path=1
fi fi
#================================================= #=================================================
@ -70,30 +70,30 @@ fi
#================================================= #=================================================
# MODIFY URL IN NGINX CONF # MODIFY URL IN NGINX CONF
#================================================= #=================================================
ynh_script_progression --message="Updating nginx web server configuration..." --weight=2 ynh_script_progression --message="Updating NGINX web server configuration..." --weight=2
nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
# Change the path in the nginx config file # Change the path in the NGINX config file
if [ $change_path -eq 1 ] if [ $change_path -eq 1 ]
then then
# Make a backup of the original nginx config file if modified # Make a backup of the original NGINX config file if modified
ynh_backup_if_checksum_is_different --file="$nginx_conf_path" ynh_backup_if_checksum_is_different --file="$nginx_conf_path"
# Set global variables for nginx helper # Set global variables for NGINX helper
domain="$old_domain" domain="$old_domain"
path_url="$new_path" path_url="$new_path"
# Create a dedicated nginx config # Create a dedicated NGINX config
ynh_add_nginx_config ynh_add_nginx_config
fi fi
# Change the domain for nginx # Change the domain for NGINX
if [ $change_domain -eq 1 ] if [ $change_domain -eq 1 ]
then then
# Delete file checksum for the old conf file location # Delete file checksum for the old conf file location
ynh_delete_file_checksum --file="$nginx_conf_path" ynh_delete_file_checksum --file="$nginx_conf_path"
mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf
# Store file checksum for the new config file location # Store file checksum for the new config file location
ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
fi fi
#================================================= #=================================================
@ -131,7 +131,7 @@ ynh_store_file_checksum --file="$php_config"
#================================================= #=================================================
# RELOAD NGINX # RELOAD NGINX
#================================================= #=================================================
ynh_script_progression --message="Reloading nginx web server..." ynh_script_progression --message="Reloading NGINX web server..."
ynh_systemd_action --service_name=nginx --action=reload ynh_systemd_action --service_name=nginx --action=reload

68
scripts/install
View file

@ -20,12 +20,13 @@ ynh_abort_if_errors
# RETRIEVE ARGUMENTS FROM THE MANIFEST # RETRIEVE ARGUMENTS FROM THE MANIFEST
#================================================= #=================================================
app=$YNH_APP_INSTANCE_NAME
domain=$YNH_APP_ARG_DOMAIN domain=$YNH_APP_ARG_DOMAIN
path_url=$YNH_APP_ARG_PATH path_url=$YNH_APP_ARG_PATH
is_public=$YNH_APP_ARG_IS_PUBLIC is_public=$YNH_APP_ARG_IS_PUBLIC
admin=$YNH_APP_ARG_ADMIN admin=$YNH_APP_ARG_ADMIN
app=$YNH_APP_INSTANCE_NAME
#================================================= #=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#================================================= #=================================================
@ -46,6 +47,14 @@ ynh_app_setting_set --app=$app --key=domain --value=$domain
ynh_app_setting_set --app=$app --key=path --value=$path_url ynh_app_setting_set --app=$app --key=path --value=$path_url
ynh_app_setting_set --app=$app --key=admin --value=$admin ynh_app_setting_set --app=$app --key=admin --value=$admin
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Configuring system user..." --weight=2
# Create a system user
ynh_system_user_create --username=$app --home_dir=$final_path
#================================================= #=================================================
# CREATE A MYSQL DATABASE # CREATE A MYSQL DATABASE
#================================================= #=================================================
@ -73,33 +82,30 @@ fi
ynh_setup_source --dest_dir="$final_path" ynh_setup_source --dest_dir="$final_path"
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path"
#================================================= #=================================================
# NGINX CONFIGURATION # NGINX CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Configuring nginx web server..." ynh_script_progression --message="Configuring NGINX web server..."
# Create a dedicated nginx config # Create a dedicated NGINX config
ynh_add_nginx_config ynh_add_nginx_config
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Configuring system user..." --weight=2
# Create a system user
ynh_system_user_create --username=$app
#================================================= #=================================================
# PHP-FPM CONFIGURATION # PHP-FPM CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Configuring php-fpm..." --weight=2 ynh_script_progression --message="Configuring PHP-FPM..." --weight=2
# Create a dedicated php-fpm config # Create a dedicated PHP-FPM config
ynh_add_fpm_config ynh_add_fpm_config
#================================================= #=================================================
# MODIFY A CONFIG FILE # ADD A CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Adding a configuration file..."
php_config=$final_path/inc/config.php php_config=$final_path/inc/config.php
@ -138,11 +144,10 @@ ynh_store_file_checksum --file=$php_config
# SETUP APPLICATION WITH CURL # SETUP APPLICATION WITH CURL
#================================================= #=================================================
# Set right permissions for curl install
chown -R $app: $final_path
# Set the app as temporarily public for curl call # Set the app as temporarily public for curl call
ynh_permission_update --permission "main" --add "visitors" ynh_script_progression --message="Configuring SSOwat..."
# Making the app public for curl
ynh_permission_update --permission="main" --add="visitors"
# Reload Nginx # Reload Nginx
ynh_systemd_action --service_name=nginx --action=reload ynh_systemd_action --service_name=nginx --action=reload
@ -160,22 +165,17 @@ installUrl="/admin/install/index.php"
ynh_local_curl $installUrl "u_email=$email" "u_firstname=$firstname" "u_name=$lastname" "u_login=$admin" "u_pwd=$password" "u_pwd2=$password" ynh_local_curl $installUrl "u_email=$email" "u_firstname=$firstname" "u_name=$lastname" "u_login=$admin" "u_pwd=$password" "u_pwd2=$password"
# Remove the public access
ynh_permission_update --permission="main" --remove="visitors"
#================================================= #=================================================
# GENERIC FINALIZATION # GENERIC FINALIZATION
#=================================================
# SECURE FILES AND DIRECTORIES
#=================================================
# Set permissions to app files
chown -R root: $final_path
chown -R $app $final_path/{public,cache,themes,plugins}
#================================================= #=================================================
# SETUP FAIL2BAN # SETUP FAIL2BAN
#================================================= #=================================================
ynh_script_progression --message="Configuring fail2ban..." ynh_script_progression --message="Configuring Fail2Ban..."
# Create a dedicated fail2ban config # Create a dedicated Fail2Ban config
ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Invalid credentials in $final_path/inc/class.auth.ldap.php .* client: <HOST>, .*https://$domain${path_url%/}/admin/auth.php" ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Invalid credentials in $final_path/inc/class.auth.ldap.php .* client: <HOST>, .*https://$domain${path_url%/}/admin/auth.php"
#================================================= #=================================================
@ -183,17 +183,21 @@ ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failreg
#================================================= #=================================================
ynh_script_progression --message="Configuring permissions..." ynh_script_progression --message="Configuring permissions..."
if [ $is_public -eq 0 ]; then # Make app public if necessary
ynh_permission_update --permission "main" --remove "visitors" if [ $is_public -eq 1 ]
then
# Everyone can access the app.
# The "main" permission is automatically created before the install script.
ynh_permission_update --permission="main" --add="visitors"
fi fi
# Only the admin can access the admin panel of the app (if the app has an admin panel) # Only the admin can access the admin panel of the app (if the app has an admin panel)
ynh_permission_create --permission "admin" --url "/admin" --allowed $admin ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin
#================================================= #=================================================
# RELOAD NGINX # RELOAD NGINX
#================================================= #=================================================
ynh_script_progression --message="Reloading nginx web server..." ynh_script_progression --message="Reloading NGINX web server..."
ynh_systemd_action --service_name=nginx --action=reload ynh_systemd_action --service_name=nginx --action=reload

24
scripts/remove
View file

@ -42,19 +42,27 @@ ynh_secure_remove --file="$final_path"
#================================================= #=================================================
# REMOVE NGINX CONFIGURATION # REMOVE NGINX CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Removing nginx web server configuration..." ynh_script_progression --message="Removing NGINX web server configuration..."
# Remove the dedicated nginx config # Remove the dedicated NGINX config
ynh_remove_nginx_config ynh_remove_nginx_config
#================================================= #=================================================
# REMOVE PHP-FPM CONFIGURATION # REMOVE PHP-FPM CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Removing php-fpm configuration..." ynh_script_progression --message="Removing PHP-FPM configuration..."
# Remove the dedicated php-fpm config # Remove the dedicated PHP-FPM config
ynh_remove_fpm_config ynh_remove_fpm_config
#=================================================
# REMOVE FAIL2BAN CONFIGURATION
#=================================================
ynh_script_progression --message="Removing Fail2ban configuration..."
# Remove the dedicated Fail2Ban config
ynh_remove_fail2ban_config
#================================================= #=================================================
# GENERIC FINALIZATION # GENERIC FINALIZATION
#================================================= #=================================================
@ -65,14 +73,6 @@ ynh_script_progression --message="Removing the dedicated system user..."
# Delete a system user # Delete a system user
ynh_system_user_delete --username=$app ynh_system_user_delete --username=$app
#=================================================
# REMOVE FAIL2BAN CONFIGURATION
#=================================================
ynh_script_progression --message="Removing fail2ban configuration..."
# Remove the dedicated fail2ban config
ynh_remove_fail2ban_config
#================================================= #=================================================
# END OF SCRIPT # END OF SCRIPT
#================================================= #=================================================

43
scripts/restore
View file

@ -6,7 +6,7 @@
# IMPORT GENERIC HELPERS # IMPORT GENERIC HELPERS
#================================================= #=================================================
#Keep this path for calling _common.sh inside the execution's context of backup and restore scripts # Keep this path for calling _common.sh inside the execution's context of backup and restore scripts
source ../settings/scripts/_common.sh source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
@ -20,7 +20,7 @@ ynh_abort_if_errors
#================================================= #=================================================
# LOAD SETTINGS # LOAD SETTINGS
#================================================= #=================================================
ynh_script_progression --message="Loading settings..." ynh_script_progression --message="Loading installation settings..."
app=$YNH_APP_INSTANCE_NAME app=$YNH_APP_INSTANCE_NAME
@ -29,6 +29,7 @@ path_url=$(ynh_app_setting_get --app=$app --key=path)
final_path=$(ynh_app_setting_get --app=$app --key=final_path) final_path=$(ynh_app_setting_get --app=$app --key=final_path)
db_name=$(ynh_app_setting_get --app=$app --key=db_name) db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user=$db_name db_user=$db_name
phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
#================================================= #=================================================
# CHECK IF THE APP CAN BE RESTORED # CHECK IF THE APP CAN BE RESTORED
@ -45,9 +46,18 @@ test ! -d $final_path \
#================================================= #=================================================
# RESTORE THE NGINX CONFIGURATION # RESTORE THE NGINX CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Restoring the NGINX configuration..."
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# RECREATE THE DEDICATED USER
#=================================================
ynh_script_progression --message="Recreating the dedicated system user..." --weight=2
# Create the dedicated user (if not existing)
ynh_system_user_create --username=$app --home_dir=$final_path
#================================================= #=================================================
# RESTORE THE APP MAIN DIR # RESTORE THE APP MAIN DIR
#================================================= #=================================================
@ -55,32 +65,21 @@ ynh_script_progression --message="Restoring the app main directory..."
ynh_restore_file --origin_path="$final_path" ynh_restore_file --origin_path="$final_path"
#================================================= chmod 750 "$final_path"
# RECREATE THE DEDICATED USER chmod -R o-rwx "$final_path"
#================================================= chown -R $app:www-data "$final_path"
ynh_script_progression --message="Recreating the dedicated system user..." --weight=2
# Create the dedicated user (if not existing)
ynh_system_user_create --username=$app
#=================================================
# RESTORE USER RIGHTS
#=================================================
# Restore permissions on app files
chown -R root: $final_path
chown -R $app $final_path/{public,cache,themes,plugins}
#================================================= #=================================================
# RESTORE THE PHP-FPM CONFIGURATION # RESTORE THE PHP-FPM CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Restoring the PHP-FPM configuration..."
ynh_restore_file --origin_path="/etc/php/7.0/fpm/pool.d/$app.conf" ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
#================================================= #=================================================
# RESTORE THE FAIL2BAN CONFIGURATION # RESTORE FAIL2BAN CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Restoring the fail2ban configuration..." ynh_script_progression --message="Restoring the Fail2Ban configuration..."
ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf" ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf"
ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf" ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf"
@ -102,9 +101,9 @@ ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./
#================================================= #=================================================
# RELOAD NGINX AND PHP-FPM # RELOAD NGINX AND PHP-FPM
#================================================= #=================================================
ynh_script_progression --message="Reloading nginx web server and php-fpm..." ynh_script_progression --message="Reloading NGINX web server and PHP-FPM..."
ynh_systemd_action --service_name=php7.0-fpm --action=reload ynh_systemd_action --service_name=php$phpversion-fpm --action=reload
ynh_systemd_action --service_name=nginx --action=reload ynh_systemd_action --service_name=nginx --action=reload
#================================================= #=================================================

104
scripts/upgrade
View file

@ -29,9 +29,26 @@ master_key=$(ynh_app_setting_get --app=$app --key=master_key)
#================================================= #=================================================
# CHECK VERSION # CHECK VERSION
#================================================= #=================================================
ynh_script_progression --message="Checking version..."
upgrade_type=$(ynh_check_app_version_changed) upgrade_type=$(ynh_check_app_version_changed)
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=4
# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
# Restore it if the upgrade fails
ynh_restore_upgradebackup
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# STANDARD UPGRADE STEPS
#================================================= #=================================================
# ENSURE DOWNWARD COMPATIBILITY # ENSURE DOWNWARD COMPATIBILITY
#================================================= #=================================================
@ -67,32 +84,16 @@ if [ -n "$is_public" ]; then
fi fi
#================================================= #=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP # CREATE DEDICATED USER
#================================================= #=================================================
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=4 ynh_script_progression --message="Making sure dedicated system user exists..."
# Backup the current version of the app # Create a dedicated user (if not existing)
ynh_backup_before_upgrade ynh_system_user_create --username=$app --home_dir=$final_path
ynh_clean_setup () {
# restore it if the upgrade fails
ynh_restore_upgradebackup
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# CHECK THE PATH
#=================================================
# Normalize the URL path syntax
path_url=$(ynh_normalize_url_path --path_url=$path_url)
#=================================================
# STANDARD UPGRADE STEPS
#================================================= #=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE # DOWNLOAD, CHECK AND UNPACK SOURCE
#================================================= #=================================================
ynh_script_progression --message="Upgrading source files..." --weight=4
if [ "$upgrade_type" == "UPGRADE_APP" ] if [ "$upgrade_type" == "UPGRADE_APP" ]
then then
@ -107,35 +108,32 @@ then
ynh_setup_source --dest_dir="$final_path" ynh_setup_source --dest_dir="$final_path"
fi fi
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path"
#================================================= #=================================================
# NGINX CONFIGURATION # NGINX CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Upgrading nginx web server configuration..." ynh_script_progression --message="Upgrading NGINX web server configuration..."
# Create a dedicated nginx config # Create a dedicated NGINX config
ynh_add_nginx_config ynh_add_nginx_config
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Making sure dedicated system user exists..."
# Create a dedicated user (if not existing)
ynh_system_user_create --username=$app
#================================================= #=================================================
# PHP-FPM CONFIGURATION # PHP-FPM CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Upgrading php-fpm configuration..." --weight=2 ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=2
# Create a dedicated php-fpm config # Create a dedicated PHP-FPM config
ynh_add_fpm_config ynh_add_fpm_config
#================================================= #=================================================
# SPECIFIC UPGRADE # SPECIFIC UPGRADE
#================================================= #=================================================
# MODIFY A CONFIG FILE # UPDATE A CONFIG FILE
#================================================= #=================================================
ynh_script_progression --message="Updating a configuration file..."
php_config=$final_path/inc/config.php php_config=$final_path/inc/config.php
@ -170,34 +168,6 @@ EOF
# Recalculate and store the checksum of the file for the next upgrade. # Recalculate and store the checksum of the file for the next upgrade.
ynh_store_file_checksum --file=$php_config ynh_store_file_checksum --file=$php_config
#=================================================
# GENERIC FINALIZATION
#=================================================
# SECURE FILES AND DIRECTORIES
#=================================================
# Set permissions on app files
chown -R root: $final_path
chown -R $app $final_path/{public,cache,themes,plugins}
#=================================================
# UPGRADE FAIL2BAN
#=================================================
ynh_script_progression --message="Reconfiguring fail2ban..."
# Create a dedicated fail2ban config
ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Invalid credentials in $final_path/inc/class.auth.ldap.php .* client: <HOST>, .*https://$domain${path_url%/}/admin/auth.php"
#=================================================
# SETUP SSOWAT
#=================================================
ynh_script_progression --message="Upgrading permissions configuration..." --weight=2
# Create the admin permission if needed
if ! ynh_permission_exists --permission "admin"; then
ynh_permission_create --permission "admin" --url "/admin" --allowed $admin
fi
#================================================= #=================================================
# UPDATING DATABASE # UPDATING DATABASE
#================================================= #=================================================
@ -210,10 +180,20 @@ ynh_local_curl $adminUrl
ynh_permission_update --permission "admin" --remove "visitors" ynh_permission_update --permission "admin" --remove "visitors"
#=================================================
# GENERIC FINALIZATION
#=================================================
# UPGRADE FAIL2BAN
#=================================================
ynh_script_progression --message="Reconfiguring Fail2Ban..."
# Create a dedicated Fail2Ban config
ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Invalid credentials in $final_path/inc/class.auth.ldap.php .* client: <HOST>, .*https://$domain${path_url%/}/admin/auth.php"
#================================================= #=================================================
# RELOAD NGINX # RELOAD NGINX
#================================================= #=================================================
ynh_script_progression --message="Reloading nginx web server..." ynh_script_progression --message="Reloading NGINX web server..."
ynh_systemd_action --service_name=nginx --action=reload ynh_systemd_action --service_name=nginx --action=reload