mirror of
https://github.com/YunoHost-Apps/dotclear2_ynh.git
synced 2024-09-03 18:26:29 +02:00
commit
bca9fa0e72
25 changed files with 412 additions and 1177 deletions
24
.github/workflows/updater.sh
vendored
24
.github/workflows/updater.sh
vendored
|
@ -14,8 +14,8 @@
|
|||
#=================================================
|
||||
|
||||
# Fetching information
|
||||
current_version=$(cat manifest.json | jq -j '.version|split("~")[0]')
|
||||
repo=$(cat manifest.json | jq -j '.upstream.code|split("https://github.com/")[1]')
|
||||
current_version=$(cat manifest.toml | grep "version =" | sed 's|version = "\(.*\)~ynh[0-9]*"|\1|')
|
||||
# repo=$(cat manifest.json | jq -j '.upstream.code|split("https://github.com/")[1]')
|
||||
asset=$(curl --silent "https://download.dotclear.org/latest/" | grep "dotclear-.*?.zip" -Po | head -1)
|
||||
version=${asset%.zip}
|
||||
version=${version#dotclear-}
|
||||
|
@ -54,7 +54,7 @@ src="app"
|
|||
tempdir="$(mktemp -d)"
|
||||
|
||||
# Download sources and calculate checksum
|
||||
curl --silent -4 -L http://download.dotclear.org/latest/dotclear-$version.zip -o "$tempdir/$asset"
|
||||
curl --silent -4 -L http://download.dotclear.org/latest/dotclear-$version.tar.gz -o "$tempdir/$asset"
|
||||
checksum=$(sha256sum "$tempdir/$asset" | head -c 64)
|
||||
|
||||
# Delete temporary directory
|
||||
|
@ -66,17 +66,10 @@ if [[ $asset == *.zip ]]; then
|
|||
fi
|
||||
|
||||
# Rewrite source file
|
||||
cat <<EOT > conf/$src.src
|
||||
SOURCE_URL=http://download.dotclear.org/latest/dotclear-$version.zip
|
||||
SOURCE_SUM=$checksum
|
||||
SOURCE_SUM_PRG=sha256sum
|
||||
SOURCE_FORMAT=$extension
|
||||
SOURCE_IN_SUBDIR=true
|
||||
SOURCE_FILENAME=
|
||||
SOURCE_EXTRACT=true
|
||||
EOT
|
||||
echo "... conf/$src.src updated"
|
||||
|
||||
set -x
|
||||
sed -i "s|/dotclear-.*.tar.gz|/dotclear-$version.tar.gz|" manifest.toml
|
||||
sed -i "s|sha256 = \".*\"|sha256 = \"$checksum\"|" manifest.toml
|
||||
sed -i "s|version = \".*\"|version = \"$version~ynh1\"|" manifest.toml
|
||||
#=================================================
|
||||
# SPECIFIC UPDATE STEPS
|
||||
#=================================================
|
||||
|
@ -88,9 +81,6 @@ echo "... conf/$src.src updated"
|
|||
# GENERIC FINALIZATION
|
||||
#=================================================
|
||||
|
||||
# Replace new version in manifest
|
||||
echo "$(jq -s --indent 4 ".[] | .version = \"$version~ynh1\"" manifest.json)" > manifest.json
|
||||
|
||||
# No need to update the README, yunohost-bot takes care of it
|
||||
|
||||
# The Action will proceed only if the PROCEED environment variable is set to true
|
||||
|
|
4
.github/workflows/updater.yml
vendored
4
.github/workflows/updater.yml
vendored
|
@ -14,7 +14,7 @@ jobs:
|
|||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Fetch the source code
|
||||
uses: actions/checkout@v2
|
||||
uses: actions/checkout@v3
|
||||
with:
|
||||
token: ${{ secrets.GITHUB_TOKEN }}
|
||||
- name: Run the updater script
|
||||
|
@ -33,7 +33,7 @@ jobs:
|
|||
- name: Create Pull Request
|
||||
id: cpr
|
||||
if: ${{ env.PROCEED == 'true' }}
|
||||
uses: peter-evans/create-pull-request@v3
|
||||
uses: peter-evans/create-pull-request@v4
|
||||
with:
|
||||
token: ${{ secrets.GITHUB_TOKEN }}
|
||||
commit-message: Update to version ${{ env.VERSION }}
|
||||
|
|
17
README.md
17
README.md
|
@ -16,9 +16,10 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in
|
|||
|
||||
## Overview
|
||||
|
||||
Blog publishing application
|
||||
Dotclear is an open-source web publishing software. Dotclear project's purpose is to provide a user-friendly tool allowing anyone to publish on the web, regardless of their technical skills.
|
||||
|
||||
**Shipped version:** 2.24.1~ynh1
|
||||
|
||||
**Shipped version:** 2.27.3~ynh1
|
||||
|
||||
**Demo:** https://www.softaculous.com/demos/Dotclear
|
||||
|
||||
|
@ -26,18 +27,6 @@ Blog publishing application
|
|||
|
||||
![Screenshot of DotClear 2](./doc/screenshots/ss2_dotclear.png)
|
||||
|
||||
## Disclaimers / important information
|
||||
|
||||
## Configuration
|
||||
|
||||
How to configure this app: by an admin panel.
|
||||
|
||||
#### Multi-users support
|
||||
|
||||
Are LDAP supported? **Yes**
|
||||
Are HTTP auth supported? **No** (PR are welcome!)
|
||||
Can the app be used by multiple users? **Yes**
|
||||
|
||||
## Documentation and resources
|
||||
|
||||
* Official app website: <https://dotclear.org>
|
||||
|
|
17
README_fr.md
17
README_fr.md
|
@ -16,9 +16,10 @@ Si vous n’avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) po
|
|||
|
||||
## Vue d’ensemble
|
||||
|
||||
Moteur de blog
|
||||
Dotclear est un logiciel de publication Web open source. L'objectif du projet Dotclear est de fournir un outil convivial permettant à chacun de publier sur le Web, quelles que soient ses compétences techniques.
|
||||
|
||||
**Version incluse :** 2.24.1~ynh1
|
||||
|
||||
**Version incluse :** 2.27.3~ynh1
|
||||
|
||||
**Démo :** https://www.softaculous.com/demos/Dotclear
|
||||
|
||||
|
@ -26,18 +27,6 @@ Moteur de blog
|
|||
|
||||
![Capture d’écran de DotClear 2](./doc/screenshots/ss2_dotclear.png)
|
||||
|
||||
## Avertissements / informations importantes
|
||||
|
||||
## Configuration
|
||||
|
||||
How to configure this app: by an admin panel.
|
||||
|
||||
#### Multi-users support
|
||||
|
||||
Are LDAP supported? **Yes**
|
||||
Are HTTP auth supported? **No** (PR are welcome!)
|
||||
Can the app be used by multiple users? **Yes**
|
||||
|
||||
## Documentations et ressources
|
||||
|
||||
* Site officiel de l’app : <https://dotclear.org>
|
||||
|
|
|
@ -1,22 +0,0 @@
|
|||
;; Test complet
|
||||
; Manifest
|
||||
domain="domain.tld"
|
||||
path="/path"
|
||||
is_public=1
|
||||
admin="john"
|
||||
; Checks
|
||||
pkg_linter=1
|
||||
setup_sub_dir=1
|
||||
setup_root=1
|
||||
setup_nourl=0
|
||||
setup_private=1
|
||||
setup_public=1
|
||||
upgrade=1
|
||||
upgrade=1 from_commit=f356f5b8f496f626aba3ec0f9d9c40c4cb54e7f6
|
||||
backup_restore=1
|
||||
multi_instance=1
|
||||
port_already_use=0
|
||||
change_url=1
|
||||
;;; Options
|
||||
Email=
|
||||
Notification=none
|
|
@ -1,7 +0,0 @@
|
|||
SOURCE_URL=http://download.dotclear.org/latest/dotclear-2.24.1.zip
|
||||
SOURCE_SUM=7d6c75d0b0d5c6f6aefaf663a32a6d0df24f9a915f96327676ba4157329a3390
|
||||
SOURCE_SUM_PRG=sha256sum
|
||||
SOURCE_FORMAT=zip
|
||||
SOURCE_IN_SUBDIR=true
|
||||
SOURCE_FILENAME=
|
||||
SOURCE_EXTRACT=true
|
|
@ -1,127 +1,127 @@
|
|||
<?php
|
||||
class ldapDcAuth extends dcAuth
|
||||
{
|
||||
# The user can't change his password
|
||||
protected $allow_pass_change = false;
|
||||
# The user can't change his password
|
||||
protected $allow_pass_change = false;
|
||||
|
||||
# LDAP parameter
|
||||
private $server = "localhost";
|
||||
private $port = "389";
|
||||
private $base = "dc=yunohost,dc=org";
|
||||
# LDAP parameter
|
||||
private $server = "localhost";
|
||||
private $port = "389";
|
||||
private $base = "dc=yunohost,dc=org";
|
||||
|
||||
public function checkUser(string $user_id, ?string $pwd = NULL, ?string $user_key = NULL, bool $check_blog = true): bool
|
||||
public function checkUser(string $user_id, ?string $pwd = NULL, ?string $user_key = NULL, bool $check_blog = true): bool
|
||||
{
|
||||
if ($pwd == '') {
|
||||
return parent::checkUser($user_id, null, $user_key, $check_blog);
|
||||
}
|
||||
|
||||
# LDAP connection
|
||||
$ds = ldap_connect("ldap://".$this->server.":".$this->port);
|
||||
if ($ds)
|
||||
{
|
||||
if ($pwd == '') {
|
||||
return parent::checkUser($user_id, null, $user_key, $check_blog);
|
||||
}
|
||||
ldap_set_option ($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
|
||||
if (ldap_bind($ds, "uid=".$user_id.",ou=users,".$this->base, $pwd))
|
||||
{
|
||||
# search the user in ldap, and get infos
|
||||
$filter = "(&(|(objectclass=posixAccount))(uid=".$user_id.")(permission=cn=__APP__.admin,ou=permission,".$this->base."))";
|
||||
$sr = ldap_search($ds, $this->base, $filter, array("dn", "cn", "sn", "mail", "givenname")); # /!\ fields have to be in lowercase
|
||||
$info = ldap_get_entries($ds, $sr);
|
||||
|
||||
# LDAP connection
|
||||
$ds = ldap_connect("ldap://".$this->server.":".$this->port);
|
||||
if ($ds)
|
||||
if ($info["count"] == 1)
|
||||
{
|
||||
ldap_set_option ($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
|
||||
if (ldap_bind($ds, "uid=".$user_id.",ou=users,".$this->base, $pwd))
|
||||
{
|
||||
# search the user in ldap, and get infos
|
||||
$filter = "(&(|(objectclass=posixAccount))(uid=".$user_id.")(permission=cn=__APP__.admin,ou=permission,".$this->base."))";
|
||||
$sr = ldap_search($ds, $this->base, $filter, array("dn", "cn", "sn", "mail", "givenname")); # /!\ fields have to be in lowercase
|
||||
$info = ldap_get_entries($ds, $sr);
|
||||
# To be case sensitive
|
||||
if ($info[0]['dn'] != "uid=".$user_id.",ou=users,".$this->base) {
|
||||
return parent::checkUser($user_id, $pwd);
|
||||
}
|
||||
|
||||
if ($info["count"] == 1)
|
||||
{
|
||||
# To be case sensitive
|
||||
if ($info[0]['dn'] != "uid=".$user_id.",ou=users,".$this->base) {
|
||||
return parent::checkUser($user_id, $pwd);
|
||||
}
|
||||
try
|
||||
{
|
||||
$this->con->begin();
|
||||
$cur = $this->con->openCursor($this->user_table);
|
||||
# Store the password
|
||||
$cur->user_pwd = $pwd;
|
||||
|
||||
try
|
||||
{
|
||||
$this->con->begin();
|
||||
$cur = $this->con->openCursor($this->user_table);
|
||||
# Store the password
|
||||
$cur->user_pwd = $pwd;
|
||||
|
||||
# Store informations about the user
|
||||
$cur->user_id = $user_id;
|
||||
$cur->user_email = $info[0]['mail'][0];
|
||||
$cur->user_name = $info[0]['sn'][0];
|
||||
$cur->user_firstname = $info[0]['givenname'][0];
|
||||
$cur->user_displayname = $info[0]['cn'][0];
|
||||
$super_user = "__ADMIN__";
|
||||
if ($super_user == $user_id) {
|
||||
$cur->user_super = 1;
|
||||
}
|
||||
else {
|
||||
$cur->user_super = 0;
|
||||
}
|
||||
|
||||
# If the user exist, then we just update his password.
|
||||
if (dcCore::app()->userExists($user_id))
|
||||
{
|
||||
$this->sudo(array(dcCore::app(), 'updUser'), $user_id, $cur);
|
||||
}
|
||||
# If not, we create him.
|
||||
# In order for him to connect,
|
||||
# it is necessary to give him at least
|
||||
# a permission "usage" on the blog "default".
|
||||
else
|
||||
{
|
||||
$cur->user_lang = 'fr'; # Can change this, PR are welcome
|
||||
$cur->user_tz = 'Europe/Paris'; # Can change this, PR are welcome
|
||||
$cur->user_default_blog = 'default'; # Can change this, PR are welcome
|
||||
$this->sudo(array(dcCore::app(),'addUser'), $cur);
|
||||
# Possible roles:
|
||||
# admin "administrator"
|
||||
# contentadmin "manage all entries and comments"
|
||||
# usage "manage their own entries and comments"
|
||||
# publish "publish entries and comments"
|
||||
# delete "delete entries and comments"
|
||||
# categories "manage categories"
|
||||
# media_admin "manage all media items"
|
||||
# media "manage their own media items"
|
||||
# pages "manage pages"
|
||||
# blogroll "manage blogroll"
|
||||
$permissions = array(
|
||||
'admin' => "__BLOG_ADMIN__",
|
||||
'contentadmin' => "__BLOG_CONTENTADMIN__",
|
||||
'usage' => "__BLOG_USAGE__",
|
||||
'publish' => "__BLOG_PUBLISH__",
|
||||
'delete' => "__BLOG_DELETE__",
|
||||
'categories' => "__BLOG_CATEGORIES__",
|
||||
'media_admin' => "__BLOG_MEDIA_ADMIN__",
|
||||
'media' => "__BLOG_MEDIA__",
|
||||
'pages' => "__BLOG_PAGES__",
|
||||
'blogroll' => "__BLOG_BLOGROLL__",
|
||||
);
|
||||
$set_perms = [];
|
||||
|
||||
foreach ($permissions as $perm_id => $v) {
|
||||
if (is_string($v) && $v == "true") {
|
||||
$set_perms[$perm_id] = true;
|
||||
}
|
||||
}
|
||||
$this->sudo(array(dcCore::app(), 'setUserBlogPermissions'), $user_id, 'default', $set_perms, true);
|
||||
}
|
||||
|
||||
$this->con->commit();
|
||||
}
|
||||
catch (Exception $e)
|
||||
{
|
||||
# In case of error we cancel and return "false"
|
||||
$this->con->rollback();
|
||||
return false;
|
||||
}
|
||||
# The previous operations proceeded without error,
|
||||
# we can now call the parent method
|
||||
return parent::checkUser($user_id, $pwd);
|
||||
}
|
||||
# Store informations about the user
|
||||
$cur->user_id = $user_id;
|
||||
$cur->user_email = $info[0]['mail'][0];
|
||||
$cur->user_name = $info[0]['sn'][0];
|
||||
$cur->user_firstname = $info[0]['givenname'][0];
|
||||
$cur->user_displayname = $info[0]['cn'][0];
|
||||
$super_user = "__ADMIN__";
|
||||
if ($super_user == $user_id) {
|
||||
$cur->user_super = 1;
|
||||
}
|
||||
else {
|
||||
$cur->user_super = 0;
|
||||
}
|
||||
|
||||
# If the user exist, then we just update his password.
|
||||
if (dcCore::app()->userExists($user_id))
|
||||
{
|
||||
$this->sudo(array(dcCore::app(), 'updUser'), $user_id, $cur);
|
||||
}
|
||||
# If not, we create him.
|
||||
# In order for him to connect,
|
||||
# it is necessary to give him at least
|
||||
# a permission "usage" on the blog "default".
|
||||
else
|
||||
{
|
||||
error_log("Failed to connect with the user ".$user_id);
|
||||
$cur->user_lang = 'fr'; # Can change this, PR are welcome
|
||||
$cur->user_tz = 'Europe/Paris'; # Can change this, PR are welcome
|
||||
$cur->user_default_blog = 'default'; # Can change this, PR are welcome
|
||||
$this->sudo(array(dcCore::app(),'addUser'), $cur);
|
||||
# Possible roles:
|
||||
# admin "administrator"
|
||||
# contentadmin "manage all entries and comments"
|
||||
# usage "manage their own entries and comments"
|
||||
# publish "publish entries and comments"
|
||||
# delete "delete entries and comments"
|
||||
# categories "manage categories"
|
||||
# media_admin "manage all media items"
|
||||
# media "manage their own media items"
|
||||
# pages "manage pages"
|
||||
# blogroll "manage blogroll"
|
||||
$permissions = array(
|
||||
'admin' => "__BLOG_ADMIN__",
|
||||
'contentadmin' => "__BLOG_CONTENTADMIN__",
|
||||
'usage' => "__BLOG_USAGE__",
|
||||
'publish' => "__BLOG_PUBLISH__",
|
||||
'delete' => "__BLOG_DELETE__",
|
||||
'categories' => "__BLOG_CATEGORIES__",
|
||||
'media_admin' => "__BLOG_MEDIA_ADMIN__",
|
||||
'media' => "__BLOG_MEDIA__",
|
||||
'pages' => "__BLOG_PAGES__",
|
||||
'blogroll' => "__BLOG_BLOGROLL__",
|
||||
);
|
||||
$set_perms = [];
|
||||
|
||||
foreach ($permissions as $perm_id => $v) {
|
||||
if (is_string($v) && $v == "true") {
|
||||
$set_perms[$perm_id] = true;
|
||||
}
|
||||
}
|
||||
$this->sudo(array(dcCore::app(), 'setUserBlogPermissions'), $user_id, 'default', $set_perms, true);
|
||||
}
|
||||
|
||||
$this->con->commit();
|
||||
}
|
||||
catch (Exception $e)
|
||||
{
|
||||
# In case of error we cancel and return "false"
|
||||
$this->con->rollback();
|
||||
return false;
|
||||
}
|
||||
# The previous operations proceeded without error,
|
||||
# we can now call the parent method
|
||||
return parent::checkUser($user_id, $pwd);
|
||||
}
|
||||
return parent::checkUser($user_id, $pwd);
|
||||
}
|
||||
else
|
||||
{
|
||||
error_log("Failed to connect with the user ".$user_id);
|
||||
}
|
||||
}
|
||||
return parent::checkUser($user_id, $pwd);
|
||||
}
|
||||
}
|
||||
?>
|
||||
|
|
4
conf/extra_php-fpm.conf
Normal file
4
conf/extra_php-fpm.conf
Normal file
|
@ -0,0 +1,4 @@
|
|||
; Additional php.ini defines, specific to this pool of workers.
|
||||
|
||||
php_admin_value[upload_max_filesize] = 50M
|
||||
php_admin_value[post_max_size] = 50M
|
|
@ -2,7 +2,7 @@
|
|||
location __PATH__/ {
|
||||
|
||||
# Path to source
|
||||
alias __FINALPATH__/ ;
|
||||
alias __INSTALL_DIR__/;
|
||||
|
||||
index index.php;
|
||||
|
||||
|
|
|
@ -1,430 +0,0 @@
|
|||
; Start a new pool named 'www'.
|
||||
; the variable $pool can be used in any directive and will be replaced by the
|
||||
; pool name ('www' here)
|
||||
[__NAMETOCHANGE__]
|
||||
|
||||
; Per pool prefix
|
||||
; It only applies on the following directives:
|
||||
; - 'access.log'
|
||||
; - 'slowlog'
|
||||
; - 'listen' (unixsocket)
|
||||
; - 'chroot'
|
||||
; - 'chdir'
|
||||
; - 'php_values'
|
||||
; - 'php_admin_values'
|
||||
; When not set, the global prefix (or /usr) applies instead.
|
||||
; Note: This directive can also be relative to the global prefix.
|
||||
; Default Value: none
|
||||
;prefix = /path/to/pools/$pool
|
||||
|
||||
; Unix user/group of processes
|
||||
; Note: The user is mandatory. If the group is not set, the default user's group
|
||||
; will be used.
|
||||
user = __USER__
|
||||
group = __USER__
|
||||
|
||||
; The address on which to accept FastCGI requests.
|
||||
; Valid syntaxes are:
|
||||
; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on
|
||||
; a specific port;
|
||||
; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
|
||||
; a specific port;
|
||||
; 'port' - to listen on a TCP socket to all addresses
|
||||
; (IPv6 and IPv4-mapped) on a specific port;
|
||||
; '/path/to/unix/socket' - to listen on a unix socket.
|
||||
; Note: This value is mandatory.
|
||||
listen = /var/run/php/php__PHPVERSION__-fpm-__NAMETOCHANGE__.sock
|
||||
|
||||
; Set listen(2) backlog.
|
||||
; Default Value: 511 (-1 on FreeBSD and OpenBSD)
|
||||
;listen.backlog = 511
|
||||
|
||||
; Set permissions for unix socket, if one is used. In Linux, read/write
|
||||
; permissions must be set in order to allow connections from a web server. Many
|
||||
; BSD-derived systems allow connections regardless of permissions.
|
||||
; Default Values: user and group are set as the running user
|
||||
; mode is set to 0660
|
||||
listen.owner = www-data
|
||||
listen.group = www-data
|
||||
;listen.mode = 0660
|
||||
; When POSIX Access Control Lists are supported you can set them using
|
||||
; these options, value is a comma separated list of user/group names.
|
||||
; When set, listen.owner and listen.group are ignored
|
||||
;listen.acl_users =
|
||||
;listen.acl_groups =
|
||||
|
||||
; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect.
|
||||
; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
|
||||
; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
|
||||
; must be separated by a comma. If this value is left blank, connections will be
|
||||
; accepted from any ip address.
|
||||
; Default Value: any
|
||||
;listen.allowed_clients = 127.0.0.1
|
||||
|
||||
; Specify the nice(2) priority to apply to the pool processes (only if set)
|
||||
; The value can vary from -19 (highest priority) to 20 (lower priority)
|
||||
; Note: - It will only work if the FPM master process is launched as root
|
||||
; - The pool processes will inherit the master process priority
|
||||
; unless it specified otherwise
|
||||
; Default Value: no set
|
||||
; process.priority = -19
|
||||
|
||||
; Set the process dumpable flag (PR_SET_DUMPABLE prctl) even if the process user
|
||||
; or group is differrent than the master process user. It allows to create process
|
||||
; core dump and ptrace the process for the pool user.
|
||||
; Default Value: no
|
||||
; process.dumpable = yes
|
||||
|
||||
; Choose how the process manager will control the number of child processes.
|
||||
; Possible Values:
|
||||
; static - a fixed number (pm.max_children) of child processes;
|
||||
; dynamic - the number of child processes are set dynamically based on the
|
||||
; following directives. With this process management, there will be
|
||||
; always at least 1 children.
|
||||
; pm.max_children - the maximum number of children that can
|
||||
; be alive at the same time.
|
||||
; pm.start_servers - the number of children created on startup.
|
||||
; pm.min_spare_servers - the minimum number of children in 'idle'
|
||||
; state (waiting to process). If the number
|
||||
; of 'idle' processes is less than this
|
||||
; number then some children will be created.
|
||||
; pm.max_spare_servers - the maximum number of children in 'idle'
|
||||
; state (waiting to process). If the number
|
||||
; of 'idle' processes is greater than this
|
||||
; number then some children will be killed.
|
||||
; ondemand - no children are created at startup. Children will be forked when
|
||||
; new requests will connect. The following parameter are used:
|
||||
; pm.max_children - the maximum number of children that
|
||||
; can be alive at the same time.
|
||||
; pm.process_idle_timeout - The number of seconds after which
|
||||
; an idle process will be killed.
|
||||
; Note: This value is mandatory.
|
||||
pm = dynamic
|
||||
|
||||
; The number of child processes to be created when pm is set to 'static' and the
|
||||
; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'.
|
||||
; This value sets the limit on the number of simultaneous requests that will be
|
||||
; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
|
||||
; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
|
||||
; CGI. The below defaults are based on a server without much resources. Don't
|
||||
; forget to tweak pm.* to fit your needs.
|
||||
; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand'
|
||||
; Note: This value is mandatory.
|
||||
pm.max_children = 5
|
||||
|
||||
; The number of child processes created on startup.
|
||||
; Note: Used only when pm is set to 'dynamic'
|
||||
; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2
|
||||
pm.start_servers = 2
|
||||
|
||||
; The desired minimum number of idle server processes.
|
||||
; Note: Used only when pm is set to 'dynamic'
|
||||
; Note: Mandatory when pm is set to 'dynamic'
|
||||
pm.min_spare_servers = 1
|
||||
|
||||
; The desired maximum number of idle server processes.
|
||||
; Note: Used only when pm is set to 'dynamic'
|
||||
; Note: Mandatory when pm is set to 'dynamic'
|
||||
pm.max_spare_servers = 3
|
||||
|
||||
; The number of seconds after which an idle process will be killed.
|
||||
; Note: Used only when pm is set to 'ondemand'
|
||||
; Default Value: 10s
|
||||
;pm.process_idle_timeout = 10s;
|
||||
|
||||
; The number of requests each child process should execute before respawning.
|
||||
; This can be useful to work around memory leaks in 3rd party libraries. For
|
||||
; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
|
||||
; Default Value: 0
|
||||
;pm.max_requests = 500
|
||||
|
||||
; The URI to view the FPM status page. If this value is not set, no URI will be
|
||||
; recognized as a status page. It shows the following informations:
|
||||
; pool - the name of the pool;
|
||||
; process manager - static, dynamic or ondemand;
|
||||
; start time - the date and time FPM has started;
|
||||
; start since - number of seconds since FPM has started;
|
||||
; accepted conn - the number of request accepted by the pool;
|
||||
; listen queue - the number of request in the queue of pending
|
||||
; connections (see backlog in listen(2));
|
||||
; max listen queue - the maximum number of requests in the queue
|
||||
; of pending connections since FPM has started;
|
||||
; listen queue len - the size of the socket queue of pending connections;
|
||||
; idle processes - the number of idle processes;
|
||||
; active processes - the number of active processes;
|
||||
; total processes - the number of idle + active processes;
|
||||
; max active processes - the maximum number of active processes since FPM
|
||||
; has started;
|
||||
; max children reached - number of times, the process limit has been reached,
|
||||
; when pm tries to start more children (works only for
|
||||
; pm 'dynamic' and 'ondemand');
|
||||
; Value are updated in real time.
|
||||
; Example output:
|
||||
; pool: www
|
||||
; process manager: static
|
||||
; start time: 01/Jul/2011:17:53:49 +0200
|
||||
; start since: 62636
|
||||
; accepted conn: 190460
|
||||
; listen queue: 0
|
||||
; max listen queue: 1
|
||||
; listen queue len: 42
|
||||
; idle processes: 4
|
||||
; active processes: 11
|
||||
; total processes: 15
|
||||
; max active processes: 12
|
||||
; max children reached: 0
|
||||
;
|
||||
; By default the status page output is formatted as text/plain. Passing either
|
||||
; 'html', 'xml' or 'json' in the query string will return the corresponding
|
||||
; output syntax. Example:
|
||||
; http://www.foo.bar/status
|
||||
; http://www.foo.bar/status?json
|
||||
; http://www.foo.bar/status?html
|
||||
; http://www.foo.bar/status?xml
|
||||
;
|
||||
; By default the status page only outputs short status. Passing 'full' in the
|
||||
; query string will also return status for each pool process.
|
||||
; Example:
|
||||
; http://www.foo.bar/status?full
|
||||
; http://www.foo.bar/status?json&full
|
||||
; http://www.foo.bar/status?html&full
|
||||
; http://www.foo.bar/status?xml&full
|
||||
; The Full status returns for each process:
|
||||
; pid - the PID of the process;
|
||||
; state - the state of the process (Idle, Running, ...);
|
||||
; start time - the date and time the process has started;
|
||||
; start since - the number of seconds since the process has started;
|
||||
; requests - the number of requests the process has served;
|
||||
; request duration - the duration in µs of the requests;
|
||||
; request method - the request method (GET, POST, ...);
|
||||
; request URI - the request URI with the query string;
|
||||
; content length - the content length of the request (only with POST);
|
||||
; user - the user (PHP_AUTH_USER) (or '-' if not set);
|
||||
; script - the main script called (or '-' if not set);
|
||||
; last request cpu - the %cpu the last request consumed
|
||||
; it's always 0 if the process is not in Idle state
|
||||
; because CPU calculation is done when the request
|
||||
; processing has terminated;
|
||||
; last request memory - the max amount of memory the last request consumed
|
||||
; it's always 0 if the process is not in Idle state
|
||||
; because memory calculation is done when the request
|
||||
; processing has terminated;
|
||||
; If the process is in Idle state, then informations are related to the
|
||||
; last request the process has served. Otherwise informations are related to
|
||||
; the current request being served.
|
||||
; Example output:
|
||||
; ************************
|
||||
; pid: 31330
|
||||
; state: Running
|
||||
; start time: 01/Jul/2011:17:53:49 +0200
|
||||
; start since: 63087
|
||||
; requests: 12808
|
||||
; request duration: 1250261
|
||||
; request method: GET
|
||||
; request URI: /test_mem.php?N=10000
|
||||
; content length: 0
|
||||
; user: -
|
||||
; script: /home/fat/web/docs/php/test_mem.php
|
||||
; last request cpu: 0.00
|
||||
; last request memory: 0
|
||||
;
|
||||
; Note: There is a real-time FPM status monitoring sample web page available
|
||||
; It's available in: /usr/share/php/7.0/fpm/status.html
|
||||
;
|
||||
; Note: The value must start with a leading slash (/). The value can be
|
||||
; anything, but it may not be a good idea to use the .php extension or it
|
||||
; may conflict with a real PHP file.
|
||||
; Default Value: not set
|
||||
;pm.status_path = /status
|
||||
|
||||
; The ping URI to call the monitoring page of FPM. If this value is not set, no
|
||||
; URI will be recognized as a ping page. This could be used to test from outside
|
||||
; that FPM is alive and responding, or to
|
||||
; - create a graph of FPM availability (rrd or such);
|
||||
; - remove a server from a group if it is not responding (load balancing);
|
||||
; - trigger alerts for the operating team (24/7).
|
||||
; Note: The value must start with a leading slash (/). The value can be
|
||||
; anything, but it may not be a good idea to use the .php extension or it
|
||||
; may conflict with a real PHP file.
|
||||
; Default Value: not set
|
||||
;ping.path = /ping
|
||||
|
||||
; This directive may be used to customize the response of a ping request. The
|
||||
; response is formatted as text/plain with a 200 response code.
|
||||
; Default Value: pong
|
||||
;ping.response = pong
|
||||
|
||||
; The access log file
|
||||
; Default: not set
|
||||
;access.log = log/$pool.access.log
|
||||
|
||||
; The access log format.
|
||||
; The following syntax is allowed
|
||||
; %%: the '%' character
|
||||
; %C: %CPU used by the request
|
||||
; it can accept the following format:
|
||||
; - %{user}C for user CPU only
|
||||
; - %{system}C for system CPU only
|
||||
; - %{total}C for user + system CPU (default)
|
||||
; %d: time taken to serve the request
|
||||
; it can accept the following format:
|
||||
; - %{seconds}d (default)
|
||||
; - %{miliseconds}d
|
||||
; - %{mili}d
|
||||
; - %{microseconds}d
|
||||
; - %{micro}d
|
||||
; %e: an environment variable (same as $_ENV or $_SERVER)
|
||||
; it must be associated with embraces to specify the name of the env
|
||||
; variable. Some exemples:
|
||||
; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e
|
||||
; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e
|
||||
; %f: script filename
|
||||
; %l: content-length of the request (for POST request only)
|
||||
; %m: request method
|
||||
; %M: peak of memory allocated by PHP
|
||||
; it can accept the following format:
|
||||
; - %{bytes}M (default)
|
||||
; - %{kilobytes}M
|
||||
; - %{kilo}M
|
||||
; - %{megabytes}M
|
||||
; - %{mega}M
|
||||
; %n: pool name
|
||||
; %o: output header
|
||||
; it must be associated with embraces to specify the name of the header:
|
||||
; - %{Content-Type}o
|
||||
; - %{X-Powered-By}o
|
||||
; - %{Transfert-Encoding}o
|
||||
; - ....
|
||||
; %p: PID of the child that serviced the request
|
||||
; %P: PID of the parent of the child that serviced the request
|
||||
; %q: the query string
|
||||
; %Q: the '?' character if query string exists
|
||||
; %r: the request URI (without the query string, see %q and %Q)
|
||||
; %R: remote IP address
|
||||
; %s: status (response code)
|
||||
; %t: server time the request was received
|
||||
; it can accept a strftime(3) format:
|
||||
; %d/%b/%Y:%H:%M:%S %z (default)
|
||||
; The strftime(3) format must be encapsuled in a %{<strftime_format>}t tag
|
||||
; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
|
||||
; %T: time the log has been written (the request has finished)
|
||||
; it can accept a strftime(3) format:
|
||||
; %d/%b/%Y:%H:%M:%S %z (default)
|
||||
; The strftime(3) format must be encapsuled in a %{<strftime_format>}t tag
|
||||
; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
|
||||
; %u: remote user
|
||||
;
|
||||
; Default: "%R - %u %t \"%m %r\" %s"
|
||||
;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"
|
||||
|
||||
; The log file for slow requests
|
||||
; Default Value: not set
|
||||
; Note: slowlog is mandatory if request_slowlog_timeout is set
|
||||
;slowlog = log/$pool.log.slow
|
||||
|
||||
; The timeout for serving a single request after which a PHP backtrace will be
|
||||
; dumped to the 'slowlog' file. A value of '0s' means 'off'.
|
||||
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
|
||||
; Default Value: 0
|
||||
;request_slowlog_timeout = 0
|
||||
|
||||
; The timeout for serving a single request after which the worker process will
|
||||
; be killed. This option should be used when the 'max_execution_time' ini option
|
||||
; does not stop script execution for some reason. A value of '0' means 'off'.
|
||||
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
|
||||
; Default Value: 0
|
||||
request_terminate_timeout = 1d
|
||||
|
||||
; Set open file descriptor rlimit.
|
||||
; Default Value: system defined value
|
||||
;rlimit_files = 1024
|
||||
|
||||
; Set max core size rlimit.
|
||||
; Possible Values: 'unlimited' or an integer greater or equal to 0
|
||||
; Default Value: system defined value
|
||||
;rlimit_core = 0
|
||||
|
||||
; Chroot to this directory at the start. This value must be defined as an
|
||||
; absolute path. When this value is not set, chroot is not used.
|
||||
; Note: you can prefix with '$prefix' to chroot to the pool prefix or one
|
||||
; of its subdirectories. If the pool prefix is not set, the global prefix
|
||||
; will be used instead.
|
||||
; Note: chrooting is a great security feature and should be used whenever
|
||||
; possible. However, all PHP paths will be relative to the chroot
|
||||
; (error_log, sessions.save_path, ...).
|
||||
; Default Value: not set
|
||||
;chroot =
|
||||
|
||||
; Chdir to this directory at the start.
|
||||
; Note: relative path can be used.
|
||||
; Default Value: current directory or / when chroot
|
||||
chdir = __FINALPATH__
|
||||
|
||||
; Redirect worker stdout and stderr into main error log. If not set, stdout and
|
||||
; stderr will be redirected to /dev/null according to FastCGI specs.
|
||||
; Note: on highloaded environement, this can cause some delay in the page
|
||||
; process time (several ms).
|
||||
; Default Value: no
|
||||
;catch_workers_output = yes
|
||||
|
||||
; Clear environment in FPM workers
|
||||
; Prevents arbitrary environment variables from reaching FPM worker processes
|
||||
; by clearing the environment in workers before env vars specified in this
|
||||
; pool configuration are added.
|
||||
; Setting to "no" will make all environment variables available to PHP code
|
||||
; via getenv(), $_ENV and $_SERVER.
|
||||
; Default Value: yes
|
||||
;clear_env = no
|
||||
|
||||
; Limits the extensions of the main script FPM will allow to parse. This can
|
||||
; prevent configuration mistakes on the web server side. You should only limit
|
||||
; FPM to .php extensions to prevent malicious users to use other extensions to
|
||||
; execute php code.
|
||||
; Note: set an empty value to allow all extensions.
|
||||
; Default Value: .php
|
||||
;security.limit_extensions = .php .php3 .php4 .php5 .php7
|
||||
|
||||
; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
|
||||
; the current environment.
|
||||
; Default Value: clean env
|
||||
;env[HOSTNAME] = $HOSTNAME
|
||||
;env[PATH] = /usr/local/bin:/usr/bin:/bin
|
||||
;env[TMP] = /tmp
|
||||
;env[TMPDIR] = /tmp
|
||||
;env[TEMP] = /tmp
|
||||
|
||||
; Additional php.ini defines, specific to this pool of workers. These settings
|
||||
; overwrite the values previously defined in the php.ini. The directives are the
|
||||
; same as the PHP SAPI:
|
||||
; php_value/php_flag - you can set classic ini defines which can
|
||||
; be overwritten from PHP call 'ini_set'.
|
||||
; php_admin_value/php_admin_flag - these directives won't be overwritten by
|
||||
; PHP call 'ini_set'
|
||||
; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no.
|
||||
|
||||
; Defining 'extension' will load the corresponding shared extension from
|
||||
; extension_dir. Defining 'disable_functions' or 'disable_classes' will not
|
||||
; overwrite previously defined php.ini values, but will append the new value
|
||||
; instead.
|
||||
|
||||
; Note: path INI options can be relative and will be expanded with the prefix
|
||||
; (pool, global or /usr)
|
||||
|
||||
; Default Value: nothing is defined by default except the values in php.ini and
|
||||
; specified at startup with the -d argument
|
||||
;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com
|
||||
;php_flag[display_errors] = off
|
||||
;php_admin_value[error_log] = /var/log/fpm-php.www.log
|
||||
;php_admin_flag[log_errors] = on
|
||||
;php_admin_value[memory_limit] = 32M
|
||||
|
||||
; Common values to change to increase file upload limit
|
||||
; php_admin_value[upload_max_filesize] = 50M
|
||||
; php_admin_value[post_max_size] = 50M
|
||||
; php_admin_flag[mail.add_x_header] = Off
|
||||
|
||||
; Other common parameters
|
||||
; php_admin_value[max_execution_time] = 600
|
||||
; php_admin_value[max_input_time] = 300
|
||||
; php_admin_value[memory_limit] = 256M
|
||||
; php_admin_flag[short_open_tag] = On
|
|
@ -9,7 +9,7 @@ name = "Dotclear2 configuration"
|
|||
[main.super_user.admin]
|
||||
ask = "Super Administrator"
|
||||
type = "user"
|
||||
bind = "super_user:__FINALPATH__/inc/class.auth.ldap.php"
|
||||
bind = "super_user:__INSTALL_DIR__/inc/class.auth.ldap.php"
|
||||
|
||||
[ynh_users]
|
||||
name = "Yunohost users"
|
||||
|
@ -23,7 +23,7 @@ help = "These permissions apply to the first connection of the user, the super u
|
|||
type = "boolean"
|
||||
yes = "true"
|
||||
no = "false"
|
||||
bind = "'admin':__FINALPATH__/inc/class.auth.ldap.php"
|
||||
bind = "'admin':__INSTALL_DIR__/inc/class.auth.ldap.php"
|
||||
|
||||
[ynh_users.content]
|
||||
name = "Content permissions"
|
||||
|
@ -34,14 +34,14 @@ help = "These permissions apply to the first connection of the user, the super u
|
|||
type = "boolean"
|
||||
yes = "true"
|
||||
no = "false"
|
||||
bind = "'contentadmin':__FINALPATH__/inc/class.auth.ldap.php"
|
||||
bind = "'contentadmin':__INSTALL_DIR__/inc/class.auth.ldap.php"
|
||||
|
||||
[ynh_users.content.blog_usage]
|
||||
ask = "Manage their own entries and comments"
|
||||
type = "boolean"
|
||||
yes = "true"
|
||||
no = "false"
|
||||
bind = "'usage':__FINALPATH__/inc/class.auth.ldap.php"
|
||||
bind = "'usage':__INSTALL_DIR__/inc/class.auth.ldap.php"
|
||||
visible = "blog_contentadmin != 'true'"
|
||||
|
||||
[ynh_users.content.blog_publish]
|
||||
|
@ -49,7 +49,7 @@ help = "These permissions apply to the first connection of the user, the super u
|
|||
type = "boolean"
|
||||
yes = "true"
|
||||
no = "false"
|
||||
bind = "'publish':__FINALPATH__/inc/class.auth.ldap.php"
|
||||
bind = "'publish':__INSTALL_DIR__/inc/class.auth.ldap.php"
|
||||
visible = "blog_contentadmin != 'true'"
|
||||
|
||||
[ynh_users.content.blog_delete]
|
||||
|
@ -57,7 +57,7 @@ help = "These permissions apply to the first connection of the user, the super u
|
|||
type = "boolean"
|
||||
yes = "true"
|
||||
no = "false"
|
||||
bind = "'delete':__FINALPATH__/inc/class.auth.ldap.php"
|
||||
bind = "'delete':__INSTALL_DIR__/inc/class.auth.ldap.php"
|
||||
visible = "blog_contentadmin != 'true'"
|
||||
|
||||
[ynh_users.media]
|
||||
|
@ -69,14 +69,14 @@ help = "These permissions apply to the first connection of the user, the super u
|
|||
type = "boolean"
|
||||
yes = "true"
|
||||
no = "false"
|
||||
bind = "'media_admin':__FINALPATH__/inc/class.auth.ldap.php"
|
||||
bind = "'media_admin':__INSTALL_DIR__/inc/class.auth.ldap.php"
|
||||
|
||||
[ynh_users.media.blog_media]
|
||||
ask = "Manage their own media items"
|
||||
type = "boolean"
|
||||
yes = "true"
|
||||
no = "false"
|
||||
bind = "'media':__FINALPATH__/inc/class.auth.ldap.php"
|
||||
bind = "'media':__INSTALL_DIR__/inc/class.auth.ldap.php"
|
||||
visible = "blog_media_admin != 'true'"
|
||||
|
||||
[ynh_users.other_permissions]
|
||||
|
@ -88,18 +88,18 @@ help = "These permissions apply to the first connection of the user, the super u
|
|||
type = "boolean"
|
||||
yes = "true"
|
||||
no = "false"
|
||||
bind = "'categories':__FINALPATH__/inc/class.auth.ldap.php"
|
||||
bind = "'categories':__INSTALL_DIR__/inc/class.auth.ldap.php"
|
||||
|
||||
[ynh_users.other_permissions.blog_pages]
|
||||
ask = "Manage pages"
|
||||
type = "boolean"
|
||||
yes = "true"
|
||||
no = "false"
|
||||
bind = "'pages':__FINALPATH__/inc/class.auth.ldap.php"
|
||||
bind = "'pages':__INSTALL_DIR__/inc/class.auth.ldap.php"
|
||||
|
||||
[ynh_users.other_permissions.blog_blogroll]
|
||||
ask = "Manage blogroll"
|
||||
type = "boolean"
|
||||
yes = "true"
|
||||
no = "false"
|
||||
bind = "'blogroll':__FINALPATH__/inc/class.auth.ldap.php"
|
||||
bind = "'blogroll':__INSTALL_DIR__/inc/class.auth.ldap.php"
|
||||
|
|
1
doc/DESCRIPTION.md
Normal file
1
doc/DESCRIPTION.md
Normal file
|
@ -0,0 +1 @@
|
|||
Dotclear is an open-source web publishing software. Dotclear project's purpose is to provide a user-friendly tool allowing anyone to publish on the web, regardless of their technical skills.
|
1
doc/DESCRIPTION_fr.md
Normal file
1
doc/DESCRIPTION_fr.md
Normal file
|
@ -0,0 +1 @@
|
|||
Dotclear est un logiciel de publication Web open source. L'objectif du projet Dotclear est de fournir un outil convivial permettant à chacun de publier sur le Web, quelles que soient ses compétences techniques.
|
|
@ -1,9 +0,0 @@
|
|||
## Configuration
|
||||
|
||||
How to configure this app: by an admin panel.
|
||||
|
||||
#### Multi-users support
|
||||
|
||||
Are LDAP supported? **Yes**
|
||||
Are HTTP auth supported? **No** (PR are welcome!)
|
||||
Can the app be used by multiple users? **Yes**
|
|
@ -1,55 +0,0 @@
|
|||
{
|
||||
"name": "DotClear 2",
|
||||
"id": "dotclear2",
|
||||
"packaging_format": 1,
|
||||
"description": {
|
||||
"en": "Blog publishing application",
|
||||
"fr": "Moteur de blog"
|
||||
},
|
||||
"version": "2.24.1~ynh1",
|
||||
"license": "GPL-2.0-or-later",
|
||||
"url": "https://dotclear.org/",
|
||||
"upstream": {
|
||||
"license": "GPL-2.0-or-later",
|
||||
"website": "https://dotclear.org",
|
||||
"demo": "https://www.softaculous.com/demos/Dotclear",
|
||||
"admindoc": "https://dotclear.org/documentation/2.0",
|
||||
"code": "https://git.dotclear.org/dev/dotclear"
|
||||
},
|
||||
"maintainer": {
|
||||
"name": "kay0u",
|
||||
"email": "pierre@kayou.io"
|
||||
},
|
||||
"requirements": {
|
||||
"yunohost": ">= 11.0.0"
|
||||
},
|
||||
"multi_instance": true,
|
||||
"services": [
|
||||
"nginx",
|
||||
"php7.3-fpm",
|
||||
"mysql"
|
||||
],
|
||||
"arguments": {
|
||||
"install": [
|
||||
{
|
||||
"name": "domain",
|
||||
"type": "domain"
|
||||
},
|
||||
{
|
||||
"name": "path",
|
||||
"type": "path",
|
||||
"example": "/dotclear2",
|
||||
"default": "/dotclear2"
|
||||
},
|
||||
{
|
||||
"name": "is_public",
|
||||
"type": "boolean",
|
||||
"default": true
|
||||
},
|
||||
{
|
||||
"name": "admin",
|
||||
"type": "user"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
80
manifest.toml
Normal file
80
manifest.toml
Normal file
|
@ -0,0 +1,80 @@
|
|||
#:schema https://raw.githubusercontent.com/YunoHost/apps/master/schemas/manifest.v2.schema.json
|
||||
|
||||
packaging_format = 2
|
||||
|
||||
id = "dotclear2"
|
||||
name = "DotClear 2"
|
||||
description.en = "Blog publishing application"
|
||||
description.fr = "Moteur de blog"
|
||||
|
||||
version = "2.27.3~ynh1"
|
||||
|
||||
maintainers = ["kay0u"]
|
||||
|
||||
[upstream]
|
||||
license = "GPL-2.0-or-later"
|
||||
website = "https://dotclear.org"
|
||||
demo = "https://www.softaculous.com/demos/Dotclear"
|
||||
admindoc = "https://dotclear.org/documentation/2.0"
|
||||
code = "https://git.dotclear.org/dev/dotclear"
|
||||
cpe = "cpe:2.3:a:dotclear:dotclear"
|
||||
fund = "https://dotclear.org/donate"
|
||||
|
||||
[integration]
|
||||
yunohost = ">= 11.2"
|
||||
architectures = "all"
|
||||
multi_instance = true
|
||||
|
||||
ldap = true
|
||||
|
||||
sso = false
|
||||
|
||||
disk = "50M"
|
||||
ram.build = "200M"
|
||||
ram.runtime = "50M"
|
||||
|
||||
[install]
|
||||
[install.domain]
|
||||
type = "domain"
|
||||
|
||||
[install.path]
|
||||
type = "path"
|
||||
default = "/dotclear2"
|
||||
|
||||
[install.init_main_permission]
|
||||
type = "group"
|
||||
default = "visitors"
|
||||
|
||||
[install.init_admin_permission]
|
||||
ask.en = "Choose the Dotclear super user."
|
||||
ask.fr = "Choisissez le super utilisateur Dotclear."
|
||||
help.en = "You can later on give admin permission to more users."
|
||||
help.fr = "Vous pourrez ultérieurement accorder l’autorisation d’administrateur à davantage d’utilisateurs."
|
||||
type = "user"
|
||||
|
||||
[resources]
|
||||
[resources.sources.latest]
|
||||
prefetch = false
|
||||
in_subdir = 2
|
||||
url = "https://download.dotclear.org/latest/dotclear-2.27.3.tar.gz"
|
||||
sha256 = "86d31cd9f1d8f3147555858c339adb6752db9e8585731eddf697bb1e3fba80c6"
|
||||
|
||||
[resources.sources.attic]
|
||||
prefetch = false
|
||||
in_subdir = 2
|
||||
url = "https://download.dotclear.org/attic/dotclear-2.27.3.tar.gz"
|
||||
sha256 = "86d31cd9f1d8f3147555858c339adb6752db9e8585731eddf697bb1e3fba80c6"
|
||||
|
||||
[resources.system_user]
|
||||
|
||||
[resources.install_dir]
|
||||
|
||||
[resources.permissions]
|
||||
main.url = "/"
|
||||
admin.show_tile = false
|
||||
|
||||
[resources.apt]
|
||||
packages = "mariadb-server, php8.2, php8.2-fpm, php8.2-mbstring, php8.2-mysql, php-iconv, php8.2-xml, php8.2-cli, php8.2-intl, php8.2-ldap, php8.2-gd"
|
||||
|
||||
[resources.database]
|
||||
type = "mysql"
|
|
@ -8,6 +8,18 @@
|
|||
# PERSONAL HELPERS
|
||||
#=================================================
|
||||
|
||||
_dotclear2_setup_source() {
|
||||
# In case of a new version, the url change from http://download.dotclear.org/latest/dotclear-X.X.X.tar.gz to http://download.dotclear.org/attic/dotclear-X.X.X.tar.gz
|
||||
|
||||
src_url=$(cat $YNH_APP_BASEDIR/manifest.toml | toml_to_json | jq '.resources.sources.latest.url' -r)
|
||||
|
||||
if curl --output /dev/null --silent --head --fail "$src_url"; then
|
||||
ynh_setup_source --dest_dir="$install_dir" --source_id="latest"
|
||||
else
|
||||
ynh_setup_source --dest_dir="$install_dir" --source_id="attic"
|
||||
fi
|
||||
}
|
||||
|
||||
#=================================================
|
||||
# EXPERIMENTAL HELPERS
|
||||
#=================================================
|
||||
|
|
|
@ -10,25 +10,6 @@
|
|||
source ../settings/scripts/_common.sh
|
||||
source /usr/share/yunohost/helpers
|
||||
|
||||
#=================================================
|
||||
# MANAGE SCRIPT FAILURE
|
||||
#=================================================
|
||||
|
||||
# Exit if an error occurs during the execution of the script
|
||||
ynh_abort_if_errors
|
||||
|
||||
#=================================================
|
||||
# LOAD SETTINGS
|
||||
#=================================================
|
||||
ynh_print_info --message="Loading installation settings..."
|
||||
|
||||
app=$YNH_APP_INSTANCE_NAME
|
||||
|
||||
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
||||
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
|
||||
phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
|
||||
|
||||
#=================================================
|
||||
# DECLARE DATA AND CONF FILES TO BACKUP
|
||||
#=================================================
|
||||
|
@ -38,7 +19,7 @@ ynh_print_info --message="Declaring files to be backed up..."
|
|||
# BACKUP THE APP MAIN DIR
|
||||
#=================================================
|
||||
|
||||
ynh_backup --src_path="$final_path"
|
||||
ynh_backup --src_path="$install_dir"
|
||||
|
||||
#=================================================
|
||||
# BACKUP THE NGINX CONFIGURATION
|
||||
|
|
|
@ -9,62 +9,6 @@
|
|||
source _common.sh
|
||||
source /usr/share/yunohost/helpers
|
||||
|
||||
#=================================================
|
||||
# RETRIEVE ARGUMENTS
|
||||
#=================================================
|
||||
|
||||
old_domain=$YNH_APP_OLD_DOMAIN
|
||||
old_path=$YNH_APP_OLD_PATH
|
||||
|
||||
new_domain=$YNH_APP_NEW_DOMAIN
|
||||
new_path=$YNH_APP_NEW_PATH
|
||||
|
||||
app=$YNH_APP_INSTANCE_NAME
|
||||
|
||||
#=================================================
|
||||
# LOAD SETTINGS
|
||||
#=================================================
|
||||
ynh_script_progression --message="Loading installation settings..."
|
||||
|
||||
# Needed for helper "ynh_add_nginx_config"
|
||||
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||
|
||||
# Add settings here as needed by your application
|
||||
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
|
||||
|
||||
#=================================================
|
||||
# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP
|
||||
#=================================================
|
||||
ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..."
|
||||
|
||||
# Backup the current version of the app
|
||||
ynh_backup_before_upgrade
|
||||
ynh_clean_setup () {
|
||||
# Remove the new domain config file, the remove script won't do it as it doesn't know yet its location.
|
||||
ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
|
||||
|
||||
# Restore it if the upgrade fails
|
||||
ynh_restore_upgradebackup
|
||||
}
|
||||
# Exit if an error occurs during the execution of the script
|
||||
ynh_abort_if_errors
|
||||
|
||||
#=================================================
|
||||
# CHECK WHICH PARTS SHOULD BE CHANGED
|
||||
#=================================================
|
||||
|
||||
change_domain=0
|
||||
if [ "$old_domain" != "$new_domain" ]
|
||||
then
|
||||
change_domain=1
|
||||
fi
|
||||
|
||||
change_path=0
|
||||
if [ "$old_path" != "$new_path" ]
|
||||
then
|
||||
change_path=1
|
||||
fi
|
||||
|
||||
#=================================================
|
||||
# STANDARD MODIFICATIONS
|
||||
#=================================================
|
||||
|
@ -72,29 +16,7 @@ fi
|
|||
#=================================================
|
||||
ynh_script_progression --message="Updating NGINX web server configuration..." --weight=2
|
||||
|
||||
nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
|
||||
|
||||
# Change the path in the NGINX config file
|
||||
if [ $change_path -eq 1 ]
|
||||
then
|
||||
# Make a backup of the original NGINX config file if modified
|
||||
ynh_backup_if_checksum_is_different --file="$nginx_conf_path"
|
||||
# Set global variables for NGINX helper
|
||||
domain="$old_domain"
|
||||
path_url="$new_path"
|
||||
# Create a dedicated NGINX config
|
||||
ynh_add_nginx_config
|
||||
fi
|
||||
|
||||
# Change the domain for NGINX
|
||||
if [ $change_domain -eq 1 ]
|
||||
then
|
||||
# Delete file checksum for the old conf file location
|
||||
ynh_delete_file_checksum --file="$nginx_conf_path"
|
||||
mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf
|
||||
# Store file checksum for the new config file location
|
||||
ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
|
||||
fi
|
||||
ynh_change_url_nginx_config
|
||||
|
||||
#=================================================
|
||||
# SPECIFIC MODIFICATIONS
|
||||
|
@ -116,7 +38,7 @@ ynh_mysql_execute_as_root --sql="UPDATE dc_setting SET setting_value='$new_theme
|
|||
#=================================================
|
||||
ynh_script_progression --message="Updating configuration file..."
|
||||
|
||||
php_config=$final_path/inc/config.php
|
||||
php_config=$install_dir/inc/config.php
|
||||
|
||||
ynh_backup_if_checksum_is_different --file="$php_config"
|
||||
|
||||
|
@ -129,15 +51,6 @@ ynh_store_file_checksum --file="$php_config"
|
|||
chmod 400 "$php_config"
|
||||
chown $app:$app "$php_config"
|
||||
|
||||
#=================================================
|
||||
# GENERIC FINALISATION
|
||||
#=================================================
|
||||
# RELOAD NGINX
|
||||
#=================================================
|
||||
ynh_script_progression --message="Reloading NGINX web server..."
|
||||
|
||||
ynh_systemd_action --service_name=nginx --action=reload
|
||||
|
||||
#=================================================
|
||||
# END OF SCRIPT
|
||||
#=================================================
|
||||
|
|
89
scripts/config
Normal file
89
scripts/config
Normal file
|
@ -0,0 +1,89 @@
|
|||
#!/bin/bash
|
||||
|
||||
#=================================================
|
||||
# GENERIC STARTING
|
||||
#=================================================
|
||||
# IMPORT GENERIC HELPERS
|
||||
#=================================================
|
||||
|
||||
source /usr/share/yunohost/helpers
|
||||
|
||||
ynh_abort_if_errors
|
||||
|
||||
#=================================================
|
||||
# RETRIEVE ARGUMENTS
|
||||
#=================================================
|
||||
|
||||
install_dir=$(ynh_app_setting_get --app=$app --key=install_dir)
|
||||
admin=$(ynh_app_setting_get --app=$app --key=admin)
|
||||
|
||||
#=================================================
|
||||
# SPECIFIC SETTERS FOR TOML SHORT KEYS
|
||||
#=================================================
|
||||
set__blogs_list() {
|
||||
|
||||
declare -A domain_array
|
||||
declare -A path_array
|
||||
|
||||
for blog in $(echo $blogs_list | sed "s/,/ /"); do
|
||||
id=$(echo $blog | cut -d@ -f1)
|
||||
domain=$(echo $blog | cut -d@ -f2 | cut -d/ -f1)
|
||||
path="/$(echo $blog | cut -d@ -f2 | cut -d/ -f2)"
|
||||
|
||||
domain_array+=([$id]=$domain)
|
||||
path_array+=([$id]=$path)
|
||||
done
|
||||
|
||||
declare -A old_domain_array
|
||||
declare -A old_path_array
|
||||
|
||||
for blog in $(echo ${old[blogs_list]} | sed "s/,/ /"); do
|
||||
id=$(echo $blog | cut -d@ -f1)
|
||||
domain=$(echo $blog | cut -d@ -f2 | cut -d/ -f1)
|
||||
path="/$(echo $blog | cut -d@ -f2 | cut -d/ -f2)"
|
||||
|
||||
old_domain_array+=([$id]=$domain)
|
||||
old_path_array+=([$id]=$path)
|
||||
done
|
||||
|
||||
# https://stackoverflow.com/questions/2312762/compare-difference-of-two-arrays-in-bash
|
||||
# Get added and removed blogs
|
||||
added_ids_array=(`echo ${!domain_array[@]} ${!old_domain_array[@]} | tr ' ' '\n' | sort | uniq -u `)
|
||||
removed_ids_array=(`echo ${!old_domain_array[@]} $!domain_array[@]} | tr ' ' '\n' | sort | uniq -D | uniq `)
|
||||
|
||||
for id in $removed_ids_array; do
|
||||
if [ ynh_permission_exists --permission="$id" ]; then
|
||||
ynh_permission_delete --permission="$id"
|
||||
fi
|
||||
ynh_secure_remove --file="/etc/nginx/conf.d/${old_domain_array[$id]}.d/$app.conf"
|
||||
done
|
||||
|
||||
for id in $domain_array; do
|
||||
|
||||
if [ $domain_array[$id] != $old_domain_array[$id] ]; then
|
||||
mv /etc/nginx/conf.d/${old_domain_array[$id]}.d/$app.conf /etc/nginx/conf.d/${domain_array[$id]}.d/$app.conf
|
||||
fi
|
||||
|
||||
if [ $path_array[$id] != $old_path_array[$id] ]; then
|
||||
domain=$domain_array[$id]
|
||||
path=$path_array[$id]
|
||||
ynh_add_config --template="nginx.conf" --destination="/etc/nginx/conf.d/${domain_array[$id]}.d/$app.conf"
|
||||
fi
|
||||
|
||||
if [ ynh_permission_exists --permission="$id" ]; then
|
||||
ynh_permission_url --permission="$id" --url="$domain_array[$id]$path_array[$id]"
|
||||
ynh_permission_url --permission="$id.admin" --url="$domain_array[$id]$path_array[$id]/admin"
|
||||
else
|
||||
ynh_permission_create --permission="$id" --url="$domain_array[$id]$path_array[$id]"
|
||||
ynh_permission_create --permission="$id.admin" --url="$domain_array[$id]$path_array[$id]/admin"
|
||||
fi
|
||||
|
||||
done
|
||||
|
||||
ynh_app_setting_set $app blogs_list $blogs_list
|
||||
}
|
||||
|
||||
#=================================================
|
||||
# GENERIC FINALIZATION
|
||||
#=================================================
|
||||
ynh_app_config_run $1
|
141
scripts/install
141
scripts/install
|
@ -9,100 +9,29 @@
|
|||
source _common.sh
|
||||
source /usr/share/yunohost/helpers
|
||||
|
||||
#=================================================
|
||||
# MANAGE SCRIPT FAILURE
|
||||
#=================================================
|
||||
|
||||
# Exit if an error occurs during the execution of the script
|
||||
ynh_abort_if_errors
|
||||
|
||||
#=================================================
|
||||
# RETRIEVE ARGUMENTS FROM THE MANIFEST
|
||||
#=================================================
|
||||
|
||||
domain=$YNH_APP_ARG_DOMAIN
|
||||
path_url=$YNH_APP_ARG_PATH
|
||||
is_public=$YNH_APP_ARG_IS_PUBLIC
|
||||
admin=$YNH_APP_ARG_ADMIN
|
||||
|
||||
app=$YNH_APP_INSTANCE_NAME
|
||||
|
||||
#=================================================
|
||||
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
|
||||
#=================================================
|
||||
ynh_script_progression --message="Validating installation parameters..."
|
||||
|
||||
final_path=/var/www/$app
|
||||
test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
|
||||
|
||||
# Register (book) web path
|
||||
ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
|
||||
|
||||
#=================================================
|
||||
# STORE SETTINGS FROM MANIFEST
|
||||
#=================================================
|
||||
ynh_script_progression --message="Storing installation settings..."
|
||||
|
||||
ynh_app_setting_set --app=$app --key=domain --value=$domain
|
||||
ynh_app_setting_set --app=$app --key=path --value=$path_url
|
||||
ynh_app_setting_set --app=$app --key=admin --value=$admin
|
||||
|
||||
#=================================================
|
||||
# CREATE DEDICATED USER
|
||||
#=================================================
|
||||
ynh_script_progression --message="Configuring system user..." --weight=2
|
||||
|
||||
# Create a system user
|
||||
ynh_system_user_create --username=$app --home_dir="$final_path"
|
||||
|
||||
#=================================================
|
||||
# CREATE A MYSQL DATABASE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Creating a MySQL database..." --weight=2
|
||||
|
||||
db_name=$(ynh_sanitize_dbid --db_name=$app)
|
||||
db_user=$db_name
|
||||
ynh_app_setting_set --app=$app --key=db_name --value=$db_name
|
||||
ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name
|
||||
db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd)
|
||||
|
||||
#=================================================
|
||||
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Setting up source files..." --weight=4
|
||||
|
||||
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
|
||||
_dotclear2_setup_source
|
||||
|
||||
# In case of a new version, the url change from http://download.dotclear.org/latest/dotclear-X.X.X.tar.gz to http://download.dotclear.org/attic/dotclear-X.X.X.tar.gz
|
||||
src_url=$(grep 'SOURCE_URL=' "../conf/app.src" | cut -d= -f2-)
|
||||
if ! curl --output /dev/null --silent --head --fail "$src_url"; then
|
||||
ynh_replace_string --match_string="latest" --replace_string="attic" --target_file="../conf/app.src"
|
||||
fi
|
||||
|
||||
# Download, check integrity, uncompress and patch the source from app.src
|
||||
ynh_setup_source --dest_dir="$final_path"
|
||||
|
||||
chmod 750 "$final_path"
|
||||
chmod -R o-rwx "$final_path"
|
||||
chown -R $app:www-data "$final_path"
|
||||
chmod 750 "$install_dir"
|
||||
chmod -R o-rwx "$install_dir"
|
||||
chown -R $app:www-data "$install_dir"
|
||||
|
||||
# https://dotclear.org/documentation/2.0/admin/install
|
||||
mkdir -p "$final_path/"{cache,public}
|
||||
setfacl -m d:u:www-data:rwx "$final_path/"{cache,public}
|
||||
mkdir -p "$install_dir/"{cache,public}
|
||||
setfacl -m d:u:www-data:rwx "$install_dir/"{cache,public}
|
||||
|
||||
#=================================================
|
||||
# NGINX CONFIGURATION
|
||||
# SYSTEM CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Configuring NGINX web server..."
|
||||
ynh_script_progression --message="Adding system configurations related to $app..." --weight=1
|
||||
|
||||
# Create a dedicated NGINX config
|
||||
ynh_add_nginx_config
|
||||
|
||||
#=================================================
|
||||
# PHP-FPM CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Configuring PHP-FPM..." --weight=2
|
||||
|
||||
# Create a dedicated PHP-FPM config
|
||||
ynh_add_fpm_config
|
||||
|
||||
|
@ -113,15 +42,19 @@ ynh_add_fpm_config
|
|||
#=================================================
|
||||
ynh_script_progression --message="Adding a configuration file..."
|
||||
|
||||
php_config=$final_path/inc/config.php
|
||||
php_config=$install_dir/inc/config.php
|
||||
|
||||
admin=$(yunohost user permission info "$app.admin" --output-as json | jq -r '.allowed | .[]')
|
||||
|
||||
master_key=$(ynh_string_random --length=30)
|
||||
ynh_app_setting_set --app=$app --key=master_key --value=$master_key
|
||||
|
||||
cp $php_config.in $php_config
|
||||
|
||||
admin_url="${path_url%/}/admin/"
|
||||
admin_url="${path%/}/admin/"
|
||||
|
||||
admin=$(yunohost user permission info "$app.admin" --output-as json | jq -r '.allowed | .[]')
|
||||
ynh_app_setting_set --app=$app --key=admin --value=$admin
|
||||
email=$(ynh_user_get_info --username=$admin --key=mail)
|
||||
|
||||
# Config as if we called in admin/install/wizard.php
|
||||
|
@ -133,6 +66,7 @@ ynh_replace_string --match_string="'DC_DBNAME', ''" --replace_string="'DC_DBNAME
|
|||
ynh_replace_string --match_string="'DC_MASTER_KEY', ''" --replace_string="'DC_MASTER_KEY', '$master_key'" --target_file=$php_config
|
||||
ynh_replace_string --match_string="'DC_ADMIN_URL', ''" --replace_string="'DC_ADMIN_URL', 'https://$domain$admin_url'" --target_file=$php_config
|
||||
ynh_replace_string --match_string="'DC_ADMIN_MAILFROM', ''" --replace_string="'DC_ADMIN_MAILFROM', '$email'" --target_file=$php_config
|
||||
ynh_replace_string --match_string="//define('DC_NOT_UPDATE', false);" --replace_string="define('DC_NOT_UPDATE', true);" --target_file=$php_config
|
||||
|
||||
# Adding LDAP login
|
||||
blog_admin="false"
|
||||
|
@ -145,6 +79,7 @@ blog_media_admin="false"
|
|||
blog_media="false"
|
||||
blog_pages="false"
|
||||
blog_blogroll="false"
|
||||
|
||||
ynh_app_setting_set --app=$app --key=blog_admin --value=$blog_admin
|
||||
ynh_app_setting_set --app=$app --key=blog_contentadmin --value=$blog_contentadmin
|
||||
ynh_app_setting_set --app=$app --key=blog_usage --value=$blog_usage
|
||||
|
@ -156,11 +91,11 @@ ynh_app_setting_set --app=$app --key=blog_media --value=$blog_media
|
|||
ynh_app_setting_set --app=$app --key=blog_pages --value=$blog_pages
|
||||
ynh_app_setting_set --app=$app --key=blog_blogroll --value=$blog_blogroll
|
||||
|
||||
ynh_add_config --template="../conf/class.auth.ldap.php" --destination="$final_path/inc/class.auth.ldap.php"
|
||||
ynh_add_config --template="../conf/class.auth.ldap.php" --destination="$install_dir/inc/class.auth.ldap.php"
|
||||
|
||||
cat << EOF >> $php_config
|
||||
|
||||
\$__autoload['ldapDcAuth'] = dirname(__FILE__).'/class.auth.ldap.php';
|
||||
require dirname(__FILE__).'/class.auth.ldap.php';
|
||||
define('DC_AUTH_CLASS','ldapDcAuth');
|
||||
EOF
|
||||
|
||||
|
@ -172,16 +107,6 @@ chown $app:$app "$php_config"
|
|||
#=================================================
|
||||
# SETUP APPLICATION WITH CURL
|
||||
#=================================================
|
||||
ynh_script_progression --message="Setuping application with CURL..."
|
||||
|
||||
# Set the app as temporarily public for curl call
|
||||
ynh_script_progression --message="Configuring SSOwat..."
|
||||
# Making the app public for curl
|
||||
ynh_permission_update --permission="main" --add="visitors"
|
||||
|
||||
# Reload Nginx
|
||||
ynh_systemd_action --service_name=nginx --action=reload
|
||||
|
||||
ynh_script_progression --message="Finalizing installation..." --weight=14
|
||||
|
||||
firstname=$(ynh_user_get_info --username=$admin --key=firstname)
|
||||
|
@ -195,9 +120,6 @@ installUrl="/admin/install/index.php"
|
|||
|
||||
ynh_local_curl $installUrl "u_email=$email" "u_firstname=$firstname" "u_name=$lastname" "u_login=$admin" "u_pwd=$password" "u_pwd2=$password"
|
||||
|
||||
# Remove the public access
|
||||
ynh_permission_update --permission="main" --remove="visitors"
|
||||
|
||||
#=================================================
|
||||
# GENERIC FINALIZATION
|
||||
#=================================================
|
||||
|
@ -206,30 +128,9 @@ ynh_permission_update --permission="main" --remove="visitors"
|
|||
ynh_script_progression --message="Configuring Fail2Ban..."
|
||||
|
||||
# Create a dedicated Fail2Ban config
|
||||
ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Invalid credentials in $final_path/inc/class.auth.ldap.php .* client: <HOST>, .*https://$domain${path_url%/}/admin/auth.php"
|
||||
|
||||
#=================================================
|
||||
# SETUP SSOWAT
|
||||
#=================================================
|
||||
ynh_script_progression --message="Configuring permissions..."
|
||||
|
||||
# Make app public if necessary
|
||||
if [ $is_public -eq 1 ]
|
||||
then
|
||||
# Everyone can access the app.
|
||||
# The "main" permission is automatically created before the install script.
|
||||
ynh_permission_update --permission="main" --add="visitors"
|
||||
fi
|
||||
|
||||
# Only the admin can access the admin panel of the app (if the app has an admin panel)
|
||||
ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin
|
||||
|
||||
#=================================================
|
||||
# RELOAD NGINX
|
||||
#=================================================
|
||||
ynh_script_progression --message="Reloading NGINX web server..."
|
||||
|
||||
ynh_systemd_action --service_name=nginx --action=reload
|
||||
ynh_add_fail2ban_config \
|
||||
--logpath="/var/log/nginx/${domain}-error.log" \
|
||||
--failregex="Invalid credentials in $install_dir/inc/class.auth.ldap.php .* client: <HOST>, .*https://$domain${path%/}/admin/auth.php"
|
||||
|
||||
#=================================================
|
||||
# END OF SCRIPT
|
||||
|
|
|
@ -10,69 +10,19 @@ source _common.sh
|
|||
source /usr/share/yunohost/helpers
|
||||
|
||||
#=================================================
|
||||
# LOAD SETTINGS
|
||||
# REMOVE SYSTEM CONFIGURATIONS
|
||||
#=================================================
|
||||
ynh_script_progression --message="Loading installation settings..."
|
||||
|
||||
app=$YNH_APP_INSTANCE_NAME
|
||||
|
||||
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
||||
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
|
||||
db_user=$db_name
|
||||
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||
|
||||
#=================================================
|
||||
# STANDARD REMOVE
|
||||
#=================================================
|
||||
# REMOVE THE MYSQL DATABASE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Removing the MySQL database..."
|
||||
|
||||
# Remove a database if it exists, along with the associated user
|
||||
ynh_mysql_remove_db --db_user=$db_user --db_name=$db_name
|
||||
|
||||
#=================================================
|
||||
# REMOVE APP MAIN DIR
|
||||
#=================================================
|
||||
ynh_script_progression --message="Removing app main directory..."
|
||||
|
||||
# Remove the app directory securely
|
||||
ynh_secure_remove --file="$final_path"
|
||||
|
||||
#=================================================
|
||||
# REMOVE NGINX CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Removing NGINX web server configuration..."
|
||||
ynh_script_progression --message="Removing system configurations related to $app..." --weight=1
|
||||
|
||||
# Remove the dedicated NGINX config
|
||||
ynh_remove_nginx_config
|
||||
|
||||
#=================================================
|
||||
# REMOVE PHP-FPM CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Removing PHP-FPM configuration..."
|
||||
|
||||
# Remove the dedicated PHP-FPM config
|
||||
ynh_remove_fpm_config
|
||||
|
||||
#=================================================
|
||||
# REMOVE FAIL2BAN CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Removing Fail2Ban configuration..."
|
||||
|
||||
# Remove the dedicated Fail2Ban config
|
||||
ynh_remove_fail2ban_config
|
||||
|
||||
#=================================================
|
||||
# GENERIC FINALIZATION
|
||||
#=================================================
|
||||
# REMOVE DEDICATED USER
|
||||
#=================================================
|
||||
ynh_script_progression --message="Removing the dedicated system user..."
|
||||
|
||||
# Delete a system user
|
||||
ynh_system_user_delete --username=$app
|
||||
|
||||
#=================================================
|
||||
# END OF SCRIPT
|
||||
#=================================================
|
||||
|
|
|
@ -10,94 +10,42 @@
|
|||
source ../settings/scripts/_common.sh
|
||||
source /usr/share/yunohost/helpers
|
||||
|
||||
#=================================================
|
||||
# MANAGE SCRIPT FAILURE
|
||||
#=================================================
|
||||
|
||||
# Exit if an error occurs during the execution of the script
|
||||
ynh_abort_if_errors
|
||||
|
||||
#=================================================
|
||||
# LOAD SETTINGS
|
||||
#=================================================
|
||||
ynh_script_progression --message="Loading installation settings..."
|
||||
|
||||
app=$YNH_APP_INSTANCE_NAME
|
||||
|
||||
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
||||
path_url=$(ynh_app_setting_get --app=$app --key=path)
|
||||
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
|
||||
db_user=$db_name
|
||||
phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
|
||||
|
||||
#=================================================
|
||||
# CHECK IF THE APP CAN BE RESTORED
|
||||
#=================================================
|
||||
ynh_script_progression --message="Validating restoration parameters..."
|
||||
|
||||
test ! -d $final_path \
|
||||
|| ynh_die --message="There is already a directory: $final_path "
|
||||
|
||||
#=================================================
|
||||
# STANDARD RESTORATION STEPS
|
||||
#=================================================
|
||||
# RESTORE THE NGINX CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Restoring the NGINX configuration..."
|
||||
|
||||
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
|
||||
|
||||
#=================================================
|
||||
# RECREATE THE DEDICATED USER
|
||||
#=================================================
|
||||
ynh_script_progression --message="Recreating the dedicated system user..." --weight=2
|
||||
|
||||
# Create the dedicated user (if not existing)
|
||||
ynh_system_user_create --username=$app --home_dir="$final_path"
|
||||
|
||||
#=================================================
|
||||
# RESTORE THE APP MAIN DIR
|
||||
#=================================================
|
||||
ynh_script_progression --message="Restoring the app main directory..."
|
||||
|
||||
ynh_restore_file --origin_path="$final_path"
|
||||
ynh_restore_file --origin_path="$install_dir"
|
||||
|
||||
chmod 750 "$final_path"
|
||||
chmod -R o-rwx "$final_path"
|
||||
chown -R $app:www-data "$final_path"
|
||||
chmod -R o-rwx "$install_dir"
|
||||
chown -R $app:www-data "$install_dir"
|
||||
|
||||
# https://dotclear.org/documentation/2.0/admin/install
|
||||
mkdir -p "$final_path/"{cache,public}
|
||||
setfacl -m d:u:www-data:rwx "$final_path/"{cache,public}
|
||||
mkdir -p "$install_dir/"{cache,public}
|
||||
setfacl -m d:u:www-data:rwx "$install_dir/"{cache,public}
|
||||
|
||||
#=================================================
|
||||
# RESTORE THE PHP-FPM CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Restoring the PHP-FPM configuration..."
|
||||
|
||||
ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
|
||||
|
||||
#=================================================
|
||||
# RESTORE FAIL2BAN CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Restoring the Fail2Ban configuration..."
|
||||
|
||||
ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf"
|
||||
ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf"
|
||||
ynh_systemd_action --action=restart --service_name=fail2ban
|
||||
|
||||
#=================================================
|
||||
# SPECIFIC RESTORATION
|
||||
#=================================================
|
||||
# RESTORE THE MYSQL DATABASE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Restoring the MySQL database..." --weight=3
|
||||
|
||||
db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd)
|
||||
ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd
|
||||
ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql
|
||||
|
||||
#=================================================
|
||||
# RESTORE SYSTEM CONFIGURATIONS
|
||||
#=================================================
|
||||
# RESTORE THE PHP-FPM CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Restoring system configurations related to $app..." --weight=1
|
||||
|
||||
ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
|
||||
|
||||
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
|
||||
|
||||
ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf"
|
||||
ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf"
|
||||
ynh_systemd_action --action=restart --service_name=fail2ban
|
||||
|
||||
#=================================================
|
||||
# GENERIC FINALIZATION
|
||||
#=================================================
|
||||
|
|
143
scripts/upgrade
143
scripts/upgrade
|
@ -9,95 +9,20 @@
|
|||
source _common.sh
|
||||
source /usr/share/yunohost/helpers
|
||||
|
||||
#=================================================
|
||||
# LOAD SETTINGS
|
||||
#=================================================
|
||||
ynh_script_progression --message="Loading installation settings..."
|
||||
|
||||
app=$YNH_APP_INSTANCE_NAME
|
||||
|
||||
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
||||
path_url=$(ynh_app_setting_get --app=$app --key=path)
|
||||
admin=$(ynh_app_setting_get --app=$app --key=admin)
|
||||
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
|
||||
db_user=$db_name
|
||||
db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd)
|
||||
password=$(ynh_app_setting_get --app=$app --key=password)
|
||||
master_key=$(ynh_app_setting_get --app=$app --key=master_key)
|
||||
|
||||
blog_admin=$(ynh_app_setting_get --app=$app --key=blog_admin)
|
||||
blog_contentadmin=$(ynh_app_setting_get --app=$app --key=blog_contentadmin)
|
||||
blog_usage=$(ynh_app_setting_get --app=$app --key=blog_usage)
|
||||
blog_publish=$(ynh_app_setting_get --app=$app --key=blog_publish)
|
||||
blog_delete=$(ynh_app_setting_get --app=$app --key=blog_delete)
|
||||
blog_categories=$(ynh_app_setting_get --app=$app --key=blog_categories)
|
||||
blog_media_admin=$(ynh_app_setting_get --app=$app --key=blog_media_admin)
|
||||
blog_media=$(ynh_app_setting_get --app=$app --key=blog_media)
|
||||
blog_pages=$(ynh_app_setting_get --app=$app --key=blog_pages)
|
||||
blog_blogroll=$(ynh_app_setting_get --app=$app --key=blog_blogroll)
|
||||
|
||||
#=================================================
|
||||
# CHECK VERSION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Checking version..."
|
||||
|
||||
upgrade_type=$(ynh_check_app_version_changed)
|
||||
|
||||
#=================================================
|
||||
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
|
||||
#=================================================
|
||||
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=4
|
||||
|
||||
# Backup the current version of the app
|
||||
ynh_backup_before_upgrade
|
||||
ynh_clean_setup () {
|
||||
# Restore it if the upgrade fails
|
||||
ynh_restore_upgradebackup
|
||||
}
|
||||
# Exit if an error occurs during the execution of the script
|
||||
ynh_abort_if_errors
|
||||
|
||||
#=================================================
|
||||
# STANDARD UPGRADE STEPS
|
||||
#=================================================
|
||||
# ENSURE DOWNWARD COMPATIBILITY
|
||||
#=================================================
|
||||
ynh_script_progression --message="Ensuring downward compatibility..."
|
||||
ynh_script_progression --message="Ensuring downward compatibility..." --weight=1
|
||||
|
||||
# If db_name doesn't exist, create it
|
||||
if [ -z "$db_name" ]; then
|
||||
db_name=$(ynh_sanitize_dbid --db_name=$app)
|
||||
ynh_app_setting_set --app=$app --key=db_name --value=$db_name
|
||||
fi
|
||||
|
||||
# If final_path doesn't exist, create it
|
||||
if [ -z "$final_path" ]; then
|
||||
final_path=/var/www/$app
|
||||
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
|
||||
fi
|
||||
|
||||
if [ -n "$(ynh_app_setting_get --app=$app --key=is_public)" ]; then
|
||||
ynh_app_setting_delete --app=$app --key=protected_uris
|
||||
|
||||
# Removing skipped/unprotected_uris under certain conditions, remove the visitors group added during the migration process of 3.7
|
||||
# Remove unprotected_uris. If the app was public, add visitors again to the main permission
|
||||
if ynh_permission_has_user --permission=main --user=visitors
|
||||
then
|
||||
ynh_app_setting_delete --app=$app --key=unprotected_uris
|
||||
ynh_permission_update --permission "main" --add "visitors"
|
||||
else
|
||||
ynh_app_setting_delete --app=$app --key=unprotected_uris
|
||||
fi
|
||||
ynh_app_setting_delete --app=$app --key=is_public
|
||||
fi
|
||||
|
||||
if ! ynh_permission_exists --permission="admin"; then
|
||||
# Create the required permissions
|
||||
ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin
|
||||
fi
|
||||
|
||||
if [ -z "$blog_admin" ] ||
|
||||
if [ -z "${blog_admin:-}" ] ||
|
||||
[ -z "$blog_contentadmin" ] ||
|
||||
[ -z "$blog_usage" ] ||
|
||||
[ -z "$blog_publish" ] ||
|
||||
|
@ -117,65 +42,44 @@ if [ -z "$blog_admin" ] ||
|
|||
blog_media="false"
|
||||
blog_pages="false"
|
||||
blog_blogroll="false"
|
||||
ynh_app_setting_set --app=$app --key=blog_admin --value=$blog_admin
|
||||
ynh_app_setting_set --app=$app --key=blog_contentadmin --value=$blog_contentadmin
|
||||
ynh_app_setting_set --app=$app --key=blog_admin --value=$blog_admin
|
||||
ynh_app_setting_set --app=$app --key=blog_contentadmin --value=$blog_contentadmin
|
||||
ynh_app_setting_set --app=$app --key=blog_usage --value=$blog_usage
|
||||
ynh_app_setting_set --app=$app --key=blog_publish --value=$blog_publish
|
||||
ynh_app_setting_set --app=$app --key=blog_delete --value=$blog_delete
|
||||
ynh_app_setting_set --app=$app --key=blog_categories --value=$blog_categories
|
||||
ynh_app_setting_set --app=$app --key=blog_media_admin --value=$blog_media_admin
|
||||
ynh_app_setting_set --app=$app --key=blog_media_admin --value=$blog_media_admin
|
||||
ynh_app_setting_set --app=$app --key=blog_media --value=$blog_media
|
||||
ynh_app_setting_set --app=$app --key=blog_pages --value=$blog_pages
|
||||
ynh_app_setting_set --app=$app --key=blog_blogroll --value=$blog_blogroll
|
||||
fi
|
||||
|
||||
#=================================================
|
||||
# CREATE DEDICATED USER
|
||||
#=================================================
|
||||
ynh_script_progression --message="Making sure dedicated system user exists..."
|
||||
|
||||
# Create a dedicated user (if not existing)
|
||||
ynh_system_user_create --username=$app --home_dir=$final_path
|
||||
|
||||
#=================================================
|
||||
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
||||
#=================================================
|
||||
|
||||
if [ "$upgrade_type" == "UPGRADE_APP" ]
|
||||
then
|
||||
# Download, check integrity, uncompress and patch the source from app.src
|
||||
# In case of a new version, the url change from http://download.dotclear.org/latest/dotclear-X.X.X.tar.gz to http://download.dotclear.org/attic/dotclear-X.X.X.tar.gz
|
||||
src_url=$(grep 'SOURCE_URL=' "../conf/app.src" | cut -d= -f2-)
|
||||
if ! curl --output /dev/null --silent --head --fail "$src_url"; then
|
||||
ynh_replace_string "latest" "attic" ../conf/app.src
|
||||
fi
|
||||
ynh_script_progression --message="Upgrading source files..."
|
||||
|
||||
# Download, check integrity, uncompress and patch the source from app.src
|
||||
ynh_setup_source --dest_dir="$final_path"
|
||||
_dotclear2_setup_source
|
||||
fi
|
||||
|
||||
chmod 750 "$final_path"
|
||||
chmod -R o-rwx "$final_path"
|
||||
chown -R $app:www-data "$final_path"
|
||||
chmod -R o-rwx "$install_dir"
|
||||
chown -R $app:www-data "$install_dir"
|
||||
|
||||
# https://dotclear.org/documentation/2.0/admin/install
|
||||
mkdir -p "$final_path/"{cache,public}
|
||||
setfacl -m d:u:www-data:rwx "$final_path/"{cache,public}
|
||||
mkdir -p "$install_dir/"{cache,public}
|
||||
setfacl -m d:u:www-data:rwx "$install_dir/"{cache,public}
|
||||
|
||||
#=================================================
|
||||
# NGINX CONFIGURATION
|
||||
# REAPPLY SYSTEM CONFIGURATIONS
|
||||
#=================================================
|
||||
ynh_script_progression --message="Upgrading NGINX web server configuration..."
|
||||
ynh_script_progression --message="Upgrading system configurations related to $app..." --weight=1
|
||||
|
||||
# Create a dedicated NGINX config
|
||||
ynh_add_nginx_config
|
||||
|
||||
#=================================================
|
||||
# PHP-FPM CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=2
|
||||
|
||||
# Create a dedicated PHP-FPM config
|
||||
ynh_add_fpm_config
|
||||
|
||||
|
@ -184,15 +88,15 @@ ynh_add_fpm_config
|
|||
#=================================================
|
||||
# UPDATE A CONFIG FILE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Updating a configuration file..."
|
||||
ynh_script_progression --message="Updating a configuration file..." --weight=1
|
||||
|
||||
php_config=$final_path/inc/config.php
|
||||
php_config=$install_dir/inc/config.php
|
||||
|
||||
ynh_backup_if_checksum_is_different --file=$php_config
|
||||
|
||||
cp $php_config.in $php_config
|
||||
|
||||
admin_url="${path_url%/}/admin/"
|
||||
admin_url="${path%/}/admin/"
|
||||
|
||||
email=$(ynh_user_get_info --username=$admin --key=mail)
|
||||
|
||||
|
@ -205,13 +109,14 @@ ynh_replace_string --match_string="'DC_DBNAME', ''" --replace_string="'DC_DBNAME
|
|||
ynh_replace_string --match_string="'DC_MASTER_KEY', ''" --replace_string="'DC_MASTER_KEY', '$master_key'" --target_file=$php_config
|
||||
ynh_replace_string --match_string="'DC_ADMIN_URL', ''" --replace_string="'DC_ADMIN_URL', 'https://$domain$admin_url'" --target_file=$php_config
|
||||
ynh_replace_string --match_string="'DC_ADMIN_MAILFROM', ''" --replace_string="'DC_ADMIN_MAILFROM', '$email'" --target_file=$php_config
|
||||
ynh_replace_string --match_string="//define('DC_NOT_UPDATE', false);" --replace_string="define('DC_NOT_UPDATE', true);" --target_file=$php_config
|
||||
|
||||
# Adding LDAP login
|
||||
ynh_add_config --template="../conf/class.auth.ldap.php" --destination="$final_path/inc/class.auth.ldap.php"
|
||||
ynh_add_config --template="../conf/class.auth.ldap.php" --destination="$install_dir/inc/class.auth.ldap.php"
|
||||
|
||||
cat << EOF >> $php_config
|
||||
|
||||
\$__autoload['ldapDcAuth'] = dirname(__FILE__).'/class.auth.ldap.php';
|
||||
require dirname(__FILE__).'/class.auth.ldap.php';
|
||||
define('DC_AUTH_CLASS','ldapDcAuth');
|
||||
EOF
|
||||
|
||||
|
@ -234,18 +139,10 @@ ynh_local_curl $adminUrl
|
|||
#=================================================
|
||||
# UPGRADE FAIL2BAN
|
||||
#=================================================
|
||||
ynh_script_progression --message="Reconfiguring Fail2Ban..."
|
||||
ynh_script_progression --message="Reconfiguring Fail2Ban..." --weight=1
|
||||
|
||||
# Create a dedicated Fail2Ban config
|
||||
ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Invalid credentials in $final_path/inc/class.auth.ldap.php .* client: <HOST>, .*https://$domain${path_url%/}/admin/auth.php"
|
||||
|
||||
#=================================================
|
||||
# RELOAD NGINX
|
||||
#=================================================
|
||||
ynh_script_progression --message="Reloading NGINX web server and PHP-FRM..."
|
||||
|
||||
ynh_systemd_action --service_name=nginx --action=reload
|
||||
ynh_systemd_action --service_name=php$YNH_PHP_VERSION-fpm --action=reload
|
||||
ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Invalid credentials in $install_dir/inc/class.auth.ldap.php .* client: <HOST>, .*https://$domain${path%/}/admin/auth.php"
|
||||
|
||||
#=================================================
|
||||
# END OF SCRIPT
|
||||
|
|
13
tests.toml
Normal file
13
tests.toml
Normal file
|
@ -0,0 +1,13 @@
|
|||
#:schema https://raw.githubusercontent.com/YunoHost/apps/master/schemas/tests.v1.schema.json
|
||||
|
||||
test_format = 1.0
|
||||
|
||||
[default]
|
||||
|
||||
args.init_admin_permission="package_checker"
|
||||
|
||||
test_upgrade_from.6d4eeccdddff2e4fa5476bcf1b4884d3d1c466eb.name = "2.24.1~ynh1"
|
||||
test_upgrade_from.6d4eeccdddff2e4fa5476bcf1b4884d3d1c466eb.args.domain="domain.tld"
|
||||
test_upgrade_from.6d4eeccdddff2e4fa5476bcf1b4884d3d1c466eb.args.path="/dotclear2"
|
||||
test_upgrade_from.6d4eeccdddff2e4fa5476bcf1b4884d3d1c466eb.args.admin="package_checker"
|
||||
test_upgrade_from.6d4eeccdddff2e4fa5476bcf1b4884d3d1c466eb.args.is_public="true"
|
Loading…
Reference in a new issue