YunoHost-Apps/dotclear2_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/dotclear2_ynh.git synced 2024-09-03 18:26:29 +02:00
Code Issues Activity Actions 1
dotclear2_ynh/scripts/install
Kay0u f4527eb266
Add blog permission management
2022-01-07 18:06:55 +01:00

236 lines
9 KiB
Bash
Executable file
Raw Blame History

#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================
domain=$YNH_APP_ARG_DOMAIN
path_url=$YNH_APP_ARG_PATH
is_public=$YNH_APP_ARG_IS_PUBLIC
admin=$YNH_APP_ARG_ADMIN
app=$YNH_APP_INSTANCE_NAME
#=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#=================================================
ynh_script_progression --message="Validating installation parameters..."
final_path=/var/www/$app
test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
# Register (book) web path
ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
ynh_script_progression --message="Storing installation settings..."
ynh_app_setting_set --app=$app --key=domain --value=$domain
ynh_app_setting_set --app=$app --key=path --value=$path_url
ynh_app_setting_set --app=$app --key=admin --value=$admin
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Configuring system user..." --weight=2
# Create a system user
ynh_system_user_create --username=$app --home_dir=$final_path
#=================================================
# CREATE A MYSQL DATABASE
#=================================================
ynh_script_progression --message="Creating a MySQL database..." --weight=2
db_name=$(ynh_sanitize_dbid --db_name=$app)
db_user=$db_name
ynh_app_setting_set --app=$app --key=db_name --value=$db_name
ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name
db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd)
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression --message="Setting up source files..." --weight=4
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
# In case of a new version, the url change from http://download.dotclear.org/latest/dotclear-X.X.X.tar.gz to http://download.dotclear.org/attic/dotclear-X.X.X.tar.gz
src_url=$(grep 'SOURCE_URL=' "../conf/app.src" | cut -d= -f2-)
if ! curl --output /dev/null --silent --head --fail "$src_url"; then
ynh_replace_string --match_string="latest" --replace_string="attic" --target_file="../conf/app.src"
fi
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$final_path"
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path"
# https://dotclear.org/documentation/2.0/admin/install
mkdir -p "$final_path/"{cache,public}
setfacl -m d:u:www-data:rwx "$final_path/"{cache,public}
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring NGINX web server..."
# Create a dedicated NGINX config
ynh_add_nginx_config
#=================================================
# PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring PHP-FPM..." --weight=2
# Create a dedicated PHP-FPM config
ynh_add_fpm_config
#=================================================
# ADD A CONFIGURATION
#=================================================
ynh_script_progression --message="Adding a configuration file..."
php_config=$final_path/inc/config.php
master_key=$(ynh_string_random --length=30)
ynh_app_setting_set --app=$app --key=master_key --value=$master_key
cp $php_config.in $php_config
admin_url="${path_url%/}/admin/"
email=$(ynh_user_get_info --username=$admin --key=mail)
# Config as if we called in admin/install/wizard.php
ynh_replace_string --match_string="'DC_DBDRIVER', ''" --replace_string="'DC_DBDRIVER', 'mysqli'" --target_file=$php_config
ynh_replace_string --match_string="'DC_DBHOST', ''" --replace_string="'DC_DBHOST', 'localhost'" --target_file=$php_config
ynh_replace_string --match_string="'DC_DBUSER', ''" --replace_string="'DC_DBUSER', '$db_user'" --target_file=$php_config
ynh_replace_string --match_string="'DC_DBPASSWORD', ''" --replace_string="'DC_DBPASSWORD', '$db_pwd'" --target_file=$php_config
ynh_replace_string --match_string="'DC_DBNAME', ''" --replace_string="'DC_DBNAME', '$db_name'" --target_file=$php_config
ynh_replace_string --match_string="'DC_MASTER_KEY', ''" --replace_string="'DC_MASTER_KEY', '$master_key'" --target_file=$php_config
ynh_replace_string --match_string="'DC_ADMIN_URL', ''" --replace_string="'DC_ADMIN_URL', 'https://$domain$admin_url'" --target_file=$php_config
ynh_replace_string --match_string="'DC_ADMIN_MAILFROM', ''" --replace_string="'DC_ADMIN_MAILFROM', '$email'" --target_file=$php_config
# Adding LDAP login
blog_admin="false"
blog_contentadmin="false"
blog_usage="true"
blog_publish="false"
blog_delete="false"
blog_categories="false"
blog_media_admin="false"
blog_media="false"
blog_pages="false"
blog_blogroll="false"
ynh_app_setting_set --app=$app --key=blog_admin --value=$blog_admin
ynh_app_setting_set --app=$app --key=blog_contentadmin --value=$blog_contentadmin
ynh_app_setting_set --app=$app --key=blog_usage --value=$blog_usage
ynh_app_setting_set --app=$app --key=blog_publish --value=$blog_publish
ynh_app_setting_set --app=$app --key=blog_delete --value=$blog_delete
ynh_app_setting_set --app=$app --key=blog_categories --value=$blog_categories
ynh_app_setting_set --app=$app --key=blog_media_admin --value=$blog_media_admin
ynh_app_setting_set --app=$app --key=blog_media --value=$blog_media
ynh_app_setting_set --app=$app --key=blog_pages --value=$blog_pages
ynh_app_setting_set --app=$app --key=blog_blogroll --value=$blog_blogroll
ynh_add_config --template="../conf/class.auth.ldap.php" --destination="$final_path/inc/class.auth.ldap.php"
cat << EOF >> $php_config
\$__autoload['ldapDcAuth'] = dirname(__FILE__).'/class.auth.ldap.php';
define('DC_AUTH_CLASS','ldapDcAuth');
EOF
ynh_store_file_checksum --file=$php_config
chmod 400 "$php_config"
chown $app:$app "$php_config"
#=================================================
# SETUP APPLICATION WITH CURL
#=================================================
# Set the app as temporarily public for curl call
ynh_script_progression --message="Configuring SSOwat..."
# Making the app public for curl
ynh_permission_update --permission="main" --add="visitors"
# Reload Nginx
ynh_systemd_action --service_name=nginx --action=reload
ynh_script_progression --message="Finalizing installation..." --weight=14
firstname=$(ynh_user_get_info --username=$admin --key=firstname)
lastname=$(ynh_user_get_info --username=$admin --key=lastname)
email=$(ynh_user_get_info --username=$admin --key=mail)
password=$(ynh_string_random --length=30)
# Installation with curl
installUrl="/admin/install/index.php"
ynh_local_curl $installUrl "u_email=$email" "u_firstname=$firstname" "u_name=$lastname" "u_login=$admin" "u_pwd=$password" "u_pwd2=$password"
# Remove the public access
ynh_permission_update --permission="main" --remove="visitors"
#=================================================
# GENERIC FINALIZATION
#=================================================
# SETUP FAIL2BAN
#=================================================
ynh_script_progression --message="Configuring Fail2Ban..."
# Create a dedicated Fail2Ban config
ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Invalid credentials in $final_path/inc/class.auth.ldap.php .* client: <HOST>, .*https://$domain${path_url%/}/admin/auth.php"
#=================================================
# SETUP SSOWAT
#=================================================
ynh_script_progression --message="Configuring permissions..."
# Make app public if necessary
if [ $is_public -eq 1 ]
then
# Everyone can access the app.
# The "main" permission is automatically created before the install script.
ynh_permission_update --permission="main" --add="visitors"
fi
# Only the admin can access the admin panel of the app (if the app has an admin panel)
ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..."
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Installation of $app completed" --last
Reference in a new issue View git blame Copy permalink