diff --git a/account.png b/account.png deleted file mode 100644 index 7dadbff..0000000 Binary files a/account.png and /dev/null differ diff --git a/budget.png b/budget.png deleted file mode 100644 index 2e93ee2..0000000 Binary files a/budget.png and /dev/null differ diff --git a/cata.png b/cata.png deleted file mode 100644 index 81399e6..0000000 Binary files a/cata.png and /dev/null differ diff --git a/conf/.env b/conf/.env index f7e5d5b..56e541f 100644 --- a/conf/.env +++ b/conf/.env @@ -12,7 +12,7 @@ SITE_OWNER=mail@example.com # The encryption key for your sessions. Keep this very secure. # Change it to a string of exactly 32 chars or use something like `php artisan key:generate` to generate it. # If you use Docker or similar, you can set this variable from a file by using APP_KEY_FILE -APP_KEY=SomeRandomStringOf32CharsExactly +APP_KEY=__RANDOM_KEY__ # Firefly III will launch using this language (for new users and unauthenticated visitors) # For a list of available languages: https://github.com/firefly-iii/firefly-iii/tree/main/resources/lang @@ -59,11 +59,11 @@ APP_LOG_LEVEL=notice # Use "mysql" for MySQL and MariaDB. # Use "sqlite" for SQLite. DB_CONNECTION=mysql -DB_HOST=fireflyiiidb +DB_HOST=127.0.0.1 DB_PORT=3306 -DB_DATABASE=firefly -DB_USERNAME=firefly -DB_PASSWORD=secret_firefly_password +DB_DATABASE=__DB_NAME__ +DB_USERNAME=__DB_NAME__ +DB_PASSWORD=__DB_PWD__ # MySQL supports SSL. You can configure it here. # If you use Docker or similar, you can set these variables from a file by appending them with _FILE @@ -117,10 +117,10 @@ COOKIE_SECURE=false # If you want Firefly III to mail you, update these settings # For instructions, see: https://docs.firefly-iii.org/advanced-installation/email # If you use Docker or similar, you can set these variables from a file by appending them with _FILE -MAIL_MAILER=log -MAIL_HOST=null -MAIL_PORT=2525 -MAIL_FROM=changeme@example.com +MAIL_MAILER=smtp +MAIL_HOST=127.0.0.1 +MAIL_PORT=25 +MAIL_FROM=__EMAIL__ MAIL_USERNAME=null MAIL_PASSWORD=null MAIL_ENCRYPTION=null @@ -326,4 +326,4 @@ FIREFLY_III_LAYOUT=v1 # # If you're stuck I understand you get desperate but look SOMEWHERE ELSE. # -APP_URL=http://localhost \ No newline at end of file +APP_URL=http://__DOMAIN____PATH__ \ No newline at end of file diff --git a/firefly-iii.png b/firefly-iii.png deleted file mode 100644 index 2659880..0000000 Binary files a/firefly-iii.png and /dev/null differ diff --git a/index.png b/index.png deleted file mode 100644 index 0af0d2f..0000000 Binary files a/index.png and /dev/null differ diff --git a/scripts/_common.sh b/scripts/_common.sh index 3ad3af3..663a68b 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -9,6 +9,9 @@ pkg_dependencies="redis-server" YNH_PHP_VERSION="7.4" +# Composer version +YNH_COMPOSER_VERSION="2.0.13" + extra_php_dependencies="php${YNH_PHP_VERSION}-zip php${YNH_PHP_VERSION}-mysql php${YNH_PHP_VERSION}-xml php${YNH_PHP_VERSION}-intl php${YNH_PHP_VERSION}-mbstring php${YNH_PHP_VERSION}-gd php${YNH_PHP_VERSION}-curl php${YNH_PHP_VERSION}-bcmath php${YNH_PHP_VERSION}-opcache php${YNH_PHP_VERSION}-ldap" #================================================= diff --git a/scripts/install b/scripts/install index 441c1a1..8ee20c4 100755 --- a/scripts/install +++ b/scripts/install @@ -7,7 +7,6 @@ #================================================= source _common.sh -source ynh_composer__2 source /usr/share/yunohost/helpers #================================================= @@ -58,6 +57,14 @@ ynh_script_progression --message="Installing dependencies..." ynh_install_app_dependencies $pkg_dependencies +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Configuring system user..." + +# Create a system user +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # CREATE A MYSQL DATABASE #================================================= @@ -77,6 +84,11 @@ ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" +chmod -R 775 $final_path/storage + #================================================= # NGINX CONFIGURATION #================================================= @@ -85,14 +97,6 @@ ynh_script_progression --message="Configuring NGINX web server..." # Create a dedicated NGINX config ynh_add_nginx_config -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." - -# Create a system user -ynh_system_user_create --username=$app - #================================================= # PHP-FPM CONFIGURATION #================================================= @@ -116,36 +120,9 @@ ynh_exec_warn_less ynh_install_composer --phpversion="$phpversion" --workdir="$f #================================================= ynh_script_progression --message="Modifying a config file..." -config="$final_path/.env" -cp -f ../conf/.env "$config" - -ynh_replace_string --match_string="SomeRandomStringOf32CharsExactly" --replace_string="$random_key" --target_file="$config" -ynh_replace_string --match_string="fireflyiiidb" --replace_string="127.0.0.1" --target_file="$config" -ynh_replace_string --match_string="DB_DATABASE=firefly" --replace_string="DB_DATABASE=$db_name" --target_file="$config" -ynh_replace_string --match_string="DB_USERNAME=firefly" --replace_string="DB_USERNAME=$db_name" --target_file="$config" -ynh_replace_string --match_string="secret_firefly_password" --replace_string="$db_pwd" --target_file="$config" -ynh_replace_string --match_string="MAIL_MAILER=log" --replace_string="MAIL_MAILER=smtp" --target_file="$config" -ynh_replace_string --match_string="MAIL_HOST=null" --replace_string="MAIL_HOST=127.0.0.1" --target_file="$config" -ynh_replace_string --match_string="MAIL_PORT=2525" --replace_string="MAIL_PORT=25" --target_file="$config" -ynh_replace_string --match_string="mail@example.com" --replace_string="$email" --target_file="$config" -ynh_replace_string --match_string="changeme@example.com" --replace_string="$app@$domain" --target_file="$config" -# These helpers are for reference to impliment remove them once app gets support for LDAP. Put them directly in .env - -# ynh_replace_string --match_string="ADLDAP_CONTROLLERS=" --replace_string="ADLDAP_CONTROLLERS=127.0.0.1" --target_file="$config" -# ynh_replace_string --match_string='ADLDAP_BASEDN=""' --replace_string='ADLDAP_BASEDN="dc=yunohost,dc=org"' --target_file="$config" -# ynh_replace_string --match_string="ADLDAP_ACCOUNT_PREFIX=" --replace_string='ADLDAP_ACCOUNT_PREFIX="uid="' --target_file="$config" -# ynh_replace_string --match_string="ADLDAP_ACCOUNT_SUFFIX=" --replace_string='ADLDAP_ACCOUNT_SUFFIX=",dc=yunohost,dc=org"' --target_file="$config" -# ynh_replace_string --match_string="distinguishedname" --replace_string="uid" --target_file="$config" -# ynh_replace_string --match_string="userprincipalname" --replace_string="uid" --target_file="$config" -ynh_replace_string --match_string="localhost" --replace_string="$domain$path_url" --target_file="$config" - -#================================================= -# STORE THE CONFIG FILE CHECKSUM -#================================================= -ynh_script_progression --message="Storing the config file checksum..." - -# Calculate and store the config file checksum into the app settings -ynh_store_file_checksum --file="$config" +ynh_add_config --template="../conf/.env" --destination="$final_path/.env" +chmod 400 "$final_path/.env" +chown $app "$final_path/.env" #================================================= # DEPLOY @@ -158,27 +135,14 @@ pushd "$final_path" php$phpversion artisan passport:install popd -#================================================= -# GENERIC FINALIZATION -#================================================= -# SECURE FILES AND DIRECTORIES -#================================================= -ynh_script_progression --message="Securing files and directories..." - -# Set right permissions -chown -R $app: $final_path -chmod -R 775 $final_path/storage - #================================================= # SETUP A CRON #================================================= ynh_script_progression --message="Setuping a cron..." -cp ../conf/cron /etc/cron.d/$app - -ynh_replace_string --match_string="__FINALPATH__" --replace_string="$final_path" --target_file="/etc/cron.d/$app" -ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="/etc/cron.d/$app" -ynh_replace_string --match_string="__PHPVERSION__" --replace_string="$phpversion" --target_file="/etc/cron.d/$app" +ynh_add_config --template="../conf/cron" --destination="/etc/cron.d/$app" +chown root: "/etc/cron.d/$app" +chmod 644 "/etc/cron.d/$app" #================================================= # SETUP LOGROTATE diff --git a/scripts/restore b/scripts/restore index 91d0b4b..b95f289 100755 --- a/scripts/restore +++ b/scripts/restore @@ -50,6 +50,14 @@ ynh_script_progression --message="Restoring the NGINX configuration..." ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" +#================================================= +# RECREATE THE DEDICATED USER +#================================================= +ynh_script_progression --message="Recreating the dedicated system user..." + +# Create the dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # RESTORE THE APP MAIN DIR #================================================= @@ -57,21 +65,9 @@ ynh_script_progression --message="Restoring the app main directory..." ynh_restore_file --origin_path="$final_path" -#================================================= -# RECREATE THE DEDICATED USER -#================================================= -ynh_script_progression --message="Recreating the dedicated system user..." - -# Create the dedicated user (if not existing) -ynh_system_user_create --username=$app - -#================================================= -# RESTORE USER RIGHTS -#================================================= -ynh_script_progression --message="Restoring user rights..." - -# Restore permissions on app files -chown -R $app: $final_path +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" #================================================= # RESTORE THE PHP-FPM CONFIGURATION diff --git a/scripts/upgrade b/scripts/upgrade index ccac2ed..23e7243 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -7,7 +7,6 @@ #================================================= source _common.sh -source ynh_composer__2 source /usr/share/yunohost/helpers #================================================= @@ -34,20 +33,25 @@ ynh_script_progression --message="Checking version..." upgrade_type=$(ynh_check_app_version_changed) +#================================================= +# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +#================================================= +ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=1 + +# Backup the current version of the app +ynh_backup_before_upgrade +ynh_clean_setup () { + # Restore it if the upgrade fails + ynh_restore_upgradebackup +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= ynh_script_progression --message="Ensuring downward compatibility..." -# Fix is_public as a boolean value -if [ "$is_public" = "Yes" ]; then - ynh_app_setting_set --app=$app --key=is_public --value=1 - is_public=1 -elif [ "$is_public" = "No" ]; then - ynh_app_setting_set --app=$app --key=is_public --value=0 - is_public=0 -fi - # If db_name doesn't exist, create it if [ -z "$db_name" ]; then db_name=$(ynh_sanitize_dbid --db_name=$app) @@ -68,18 +72,12 @@ if ynh_legacy_permissions_exists; then fi #================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +# CREATE DEDICATED USER #================================================= -ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." +ynh_script_progression --message="Making sure dedicated system user exists..." -# Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { - # restore it if the upgrade fails - ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors +# Create a dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= # STANDARD UPGRADE STEPS @@ -115,6 +113,11 @@ then ynh_secure_remove --file="$tmpdir" fi +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" +chmod -R 775 $final_path/storage + #================================================= # NGINX CONFIGURATION #================================================= @@ -130,14 +133,6 @@ ynh_script_progression --message="Upgrading dependencies..." ynh_install_app_dependencies "$pkg_dependencies" -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Making sure dedicated system user exists..." - -# Create a dedicated user (if not existing) -ynh_system_user_create --username=$app - #================================================= # PHP-FPM CONFIGURATION #================================================= @@ -154,7 +149,7 @@ phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= ynh_script_progression --message="Updating PHP dependencies..." -chown -R $app: $final_path +chown -R $app $final_path ynh_exec_warn_less ynh_install_composer --phpversion="$phpversion" --workdir="$final_path" @@ -163,32 +158,9 @@ ynh_exec_warn_less ynh_install_composer --phpversion="$phpversion" --workdir="$f #================================================= ynh_script_progression --message="Modifying a config file..." -config="$final_path/.env" -ynh_backup_if_checksum_is_different --file="$config" -cp ../conf/.env "$config" - -ynh_replace_string --match_string="SomeRandomStringOf32CharsExactly" --replace_string="$random_key" --target_file="$config" -ynh_replace_string --match_string="fireflyiiidb" --replace_string="127.0.0.1" --target_file="$config" -ynh_replace_string --match_string="DB_DATABASE=firefly" --replace_string="DB_DATABASE=$db_name" --target_file="$config" -ynh_replace_string --match_string="DB_USERNAME=firefly" --replace_string="DB_USERNAME=$db_name" --target_file="$config" -ynh_replace_string --match_string="secret_firefly_password" --replace_string="$db_pwd" --target_file="$config" -ynh_replace_string --match_string="MAIL_MAILER=log" --replace_string="MAIL_MAILER=smtp" --target_file="$config" -ynh_replace_string --match_string="MAIL_HOST=null" --replace_string="MAIL_HOST=127.0.0.1" --target_file="$config" -ynh_replace_string --match_string="MAIL_PORT=2525" --replace_string="MAIL_PORT=25" --target_file="$config" -ynh_replace_string --match_string="mail@example.com" --replace_string="$email" --target_file="$config" -ynh_replace_string --match_string="changeme@example.com" --replace_string="$app@$domain" --target_file="$config" -# These helpers are for reference.Remove them once app gets support for LDAP. Put them directly in .env - -# ynh_replace_string --match_string="ADLDAP_CONTROLLERS=" --replace_string="ADLDAP_CONTROLLERS=127.0.0.1" --target_file="$config" -# ynh_replace_string --match_string='ADLDAP_BASEDN=""' --replace_string='ADLDAP_BASEDN="dc=yunohost,dc=org"' --target_file="$config" -# ynh_replace_string --match_string="ADLDAP_ACCOUNT_PREFIX=" --replace_string='ADLDAP_ACCOUNT_PREFIX="uid="' --target_file="$config" -# ynh_replace_string --match_string="ADLDAP_ACCOUNT_SUFFIX=" --replace_string='ADLDAP_ACCOUNT_SUFFIX=",dc=yunohost,dc=org"' --target_file="$config" -# ynh_replace_string --match_string="distinguishedname" --replace_string="uid" --target_file="$config" -# ynh_replace_string --match_string="userprincipalname" --replace_string="uid" --target_file="$config" -ynh_replace_string --match_string="localhost" --replace_string="$domain$path_url" --target_file="$config" - -# Recalculate and store the checksum of the file for the next upgrade. -ynh_store_file_checksum --file="$config" +ynh_add_config --template="../conf/.env" --destination="$final_path/.env" +chmod 400 "$final_path/.env" +chown $app "$final_path/.env" #================================================= # DEPLOYMENT @@ -212,27 +184,14 @@ ynh_script_progression --message="Upgrading logrotate configuration..." # Use logrotate to manage app-specific logfile(s) ynh_use_logrotate --non-append -#================================================= -# GENERIC FINALIZATION -#================================================= -# SECURE FILES AND DIRECTORIES -#================================================= -ynh_script_progression --message="Securing files and directories..." - -# Set permissions on app files -chown -R $app: $final_path -chmod -R 775 $final_path/storage - #================================================= # SETUP A CRON #================================================= ynh_script_progression --message="Setuping a cron..." -cp ../conf/cron /etc/cron.d/$app - -ynh_replace_string --match_string="__FINALPATH__" --replace_string="$final_path" --target_file="/etc/cron.d/$app" -ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="/etc/cron.d/$app" -ynh_replace_string --match_string="__PHPVERSION__" --replace_string="$phpversion" --target_file="/etc/cron.d/$app" +ynh_add_config --template="../conf/cron" --destination="/etc/cron.d/$app" +chown root: "/etc/cron.d/$app" +chmod 644 "/etc/cron.d/$app" #================================================= # RELOAD NGINX diff --git a/scripts/ynh_composer__2 b/scripts/ynh_composer__2 deleted file mode 100644 index 6f9676b..0000000 --- a/scripts/ynh_composer__2 +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash - -# Execute a command with Composer -# -# usage: ynh_composer_exec [--phpversion=phpversion] [--workdir=$final_path] --commands="commands" -# | arg: -v, --phpversion - PHP version to use with composer -# | arg: -w, --workdir - The directory from where the command will be executed. Default $final_path. -# | arg: -c, --commands - Commands to execute. -ynh_composer_exec () { - # Declare an array to define the options of this helper. - local legacy_args=vwc - declare -Ar args_array=( [v]=phpversion= [w]=workdir= [c]=commands= ) - local phpversion - local workdir - local commands - # Manage arguments with getopts - ynh_handle_getopts_args "$@" - workdir="${workdir:-$final_path}" - phpversion="${phpversion:-$YNH_PHP_VERSION}" - - COMPOSER_HOME="$workdir/.composer" \ - php${phpversion} "$workdir/composer.phar" $commands \ - -d "$workdir" --no-interaction -} - -# Install and initialize Composer in the given directory -# -# usage: ynh_install_composer [--phpversion=phpversion] [--workdir=$final_path] [--install_args="--optimize-autoloader"] -# | arg: -v, --phpversion - PHP version to use with composer -# | arg: -w, --workdir - The directory from where the command will be executed. Default $final_path. -# | arg: -a, --install_args - Additional arguments provided to the composer install. Argument --no-dev already include -ynh_install_composer () { - # Declare an array to define the options of this helper. - local legacy_args=vwa - declare -Ar args_array=( [v]=phpversion= [w]=workdir= [a]=install_args=) - local phpversion - local workdir - local install_args - # Manage arguments with getopts - ynh_handle_getopts_args "$@" - workdir="${workdir:-$final_path}" - phpversion="${phpversion:-$YNH_PHP_VERSION}" - install_args="${install_args:-}" - - curl -sS https://getcomposer.org/installer \ - | COMPOSER_HOME="$workdir/.composer" \ - php${phpversion} -- --install-dir="$workdir" \ - || ynh_die "Unable to install Composer." - - # update dependencies to create composer.lock - ynh_composer_exec --phpversion="${phpversion}" --workdir="$workdir" --commands="install --no-dev $install_args" \ - || ynh_die "Unable to update core dependencies with Composer." -}