2016-10-05 19:44:08 +02:00
|
|
|
|
#!/bin/bash
|
|
|
|
|
|
2017-02-22 15:47:46 +01:00
|
|
|
|
# Load extra functions
|
2017-02-22 18:24:42 +01:00
|
|
|
|
source .functions
|
2017-02-22 15:47:46 +01:00
|
|
|
|
|
|
|
|
|
# Activate TRAP to stop the script if an error is detected
|
|
|
|
|
TRAP_ON
|
2016-10-05 19:44:08 +02:00
|
|
|
|
|
|
|
|
|
# This is a multi-instance app, meaning it can be installed several times independently
|
|
|
|
|
# The id of the app as stated in the manifest is available as $YNH_APP_ID
|
|
|
|
|
# The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2", ...)
|
|
|
|
|
# The app instance name is available as $YNH_APP_INSTANCE_NAME
|
|
|
|
|
# - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample
|
|
|
|
|
# - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2
|
|
|
|
|
# - ynhexample__{N} for the subsequent installations, with N=3,4, ...
|
|
|
|
|
# The app instance name is probably what you are interested the most, since this is
|
|
|
|
|
# guaranteed to be unique. This is a good unique identifier to define installation path,
|
|
|
|
|
# db names, ...
|
|
|
|
|
app=$YNH_APP_INSTANCE_NAME
|
|
|
|
|
|
|
|
|
|
# Retrieve arguments
|
|
|
|
|
domain=$YNH_APP_ARG_DOMAIN
|
2017-02-22 15:47:46 +01:00
|
|
|
|
path=$YNH_APP_ARG_PATH
|
2016-10-05 19:44:08 +02:00
|
|
|
|
admin=$YNH_APP_ARG_ADMIN
|
2016-10-08 20:12:31 +02:00
|
|
|
|
title=$YNH_APP_ARG_TITLE
|
2016-10-05 19:44:08 +02:00
|
|
|
|
is_public=$YNH_APP_ARG_IS_PUBLIC
|
2017-01-18 20:45:45 +01:00
|
|
|
|
www_path=/var/www
|
|
|
|
|
final_path=$www_path/$app
|
2016-10-05 19:44:08 +02:00
|
|
|
|
|
2017-02-21 21:11:23 +01:00
|
|
|
|
# Source YunoHost helpers$
|
2016-10-05 19:44:08 +02:00
|
|
|
|
source /usr/share/yunohost/helpers
|
|
|
|
|
|
2017-02-22 15:47:46 +01:00
|
|
|
|
# Check variables are not empty
|
|
|
|
|
CHECK_VAR "$app" "app name not set"
|
|
|
|
|
|
|
|
|
|
# Check validity of admin user
|
|
|
|
|
CHECK_USER "$admin"
|
|
|
|
|
|
|
|
|
|
# Check and correct path syntax
|
|
|
|
|
CHECK_PATH
|
|
|
|
|
|
|
|
|
|
# Check availibility of path and domain
|
|
|
|
|
CHECK_DOMAINPATH
|
|
|
|
|
|
2016-10-05 19:44:08 +02:00
|
|
|
|
# Save app settings
|
|
|
|
|
ynh_app_setting_set "$app" admin "$admin"
|
|
|
|
|
ynh_app_setting_set "$app" is_public "$is_public"
|
2017-02-21 21:11:23 +01:00
|
|
|
|
ynh_app_setting_set "$app" path "$path"
|
2016-10-05 19:44:08 +02:00
|
|
|
|
|
2017-02-22 15:47:46 +01:00
|
|
|
|
|
|
|
|
|
# Check final_path availibility. Installation stops if it already exists
|
|
|
|
|
CHECK_FINALPATH
|
|
|
|
|
sudo mkdir "$final_path"
|
2016-10-05 19:44:08 +02:00
|
|
|
|
|
2016-10-08 19:08:37 +02:00
|
|
|
|
tmp=/tmp/flaruminstall
|
|
|
|
|
sudo rm -rf $tmp
|
|
|
|
|
sudo mkdir -p $tmp
|
|
|
|
|
sudo chown -R www-data:www-data $tmp
|
|
|
|
|
sudo chmod -R 755 $tmp
|
2016-10-05 19:44:08 +02:00
|
|
|
|
|
2016-10-12 19:57:40 +02:00
|
|
|
|
# Prepare composer and cache directories
|
2017-02-22 15:56:18 +01:00
|
|
|
|
sudo mkdir -p /opt/flarum_composer/cache
|
|
|
|
|
sudo chown -R www-data:www-data /opt/flarum_composer
|
|
|
|
|
sudo chmod -R 755 /opt/flarum_composer
|
2016-10-12 19:57:40 +02:00
|
|
|
|
|
2016-10-05 19:44:08 +02:00
|
|
|
|
### composer ###
|
2016-10-08 19:08:37 +02:00
|
|
|
|
if ! type "composer" > /dev/null; then
|
|
|
|
|
# Install composer (https://getcomposer.org)
|
|
|
|
|
EXPECTED_SIGNATURE=$(wget https://composer.github.io/installer.sig -O - -q)
|
|
|
|
|
sudo su - www-data -s /bin/bash -c "php -r \"copy('https://getcomposer.org/installer', '$tmp/composer-setup.php');\""
|
|
|
|
|
ACTUAL_SIGNATURE=$(php -r "echo hash_file('SHA384', '$tmp/composer-setup.php');")
|
|
|
|
|
if [ "$EXPECTED_SIGNATURE" = "$ACTUAL_SIGNATURE" ]
|
|
|
|
|
then
|
2017-02-22 15:56:18 +01:00
|
|
|
|
sudo su - root -c "grep -q -F 'env[COMPOSER_HOME]= /opt/flarum_composer' /etc/php5/fpm/php-fpm.conf || sudo echo 'env[COMPOSER_HOME]= /opt/flarum_composer' >> /etc/php5/fpm/php-fpm.conf"
|
2016-10-12 19:57:40 +02:00
|
|
|
|
sudo service php5-fpm reload
|
2016-10-08 19:08:37 +02:00
|
|
|
|
sudo su - www-data -s /bin/bash -c "php $tmp/composer-setup.php --install-dir=$tmp --filename=composer"
|
|
|
|
|
sudo mv $tmp/composer /usr/local/bin
|
|
|
|
|
sudo chown root:root /usr/local/bin/composer
|
|
|
|
|
RESULT=$?
|
|
|
|
|
else
|
|
|
|
|
>&2 echo 'ERROR: Invalid installer signature'
|
|
|
|
|
RESULT=1
|
|
|
|
|
fi
|
|
|
|
|
if [ $RESULT != 0 ]
|
|
|
|
|
then
|
|
|
|
|
sudo rm -rf $final_path
|
|
|
|
|
exit $RESULT
|
|
|
|
|
fi
|
2016-10-05 19:44:08 +02:00
|
|
|
|
fi
|
|
|
|
|
### composer end ###
|
|
|
|
|
|
|
|
|
|
### Install flarum
|
2016-10-08 19:08:37 +02:00
|
|
|
|
cwd=$(pwd)
|
|
|
|
|
sudo su - www-data -s /bin/bash -c "mkdir -p $tmp/$app && cd $tmp/$app && php -d memory_limit=-1 /usr/local/bin/composer create-project flarum/flarum . --stability=beta"
|
2017-01-18 20:45:45 +01:00
|
|
|
|
sudo cp -Rf $tmp/$app $www_path/
|
2016-10-08 19:08:37 +02:00
|
|
|
|
sudo chown -R www-data:www-data $final_path
|
|
|
|
|
cd $cwd
|
|
|
|
|
sudo rm -rf $tmp
|
2016-10-05 19:44:08 +02:00
|
|
|
|
|
2016-10-08 19:08:37 +02:00
|
|
|
|
### MySQL ###
|
2016-10-05 19:44:08 +02:00
|
|
|
|
dbuser=$app
|
|
|
|
|
dbname=$app
|
|
|
|
|
dbpass=$(ynh_string_random 15)
|
|
|
|
|
ynh_app_setting_set "$app" mysqlpwd "$dbpass"
|
|
|
|
|
ynh_mysql_create_db "$dbname" "$dbuser" "$dbpass"
|
|
|
|
|
|
2016-10-08 19:08:37 +02:00
|
|
|
|
### Nginx ###
|
2017-02-22 18:08:55 +01:00
|
|
|
|
nginxconf="../conf/nginx.conf"
|
|
|
|
|
if [ $path = "/" ]; then
|
|
|
|
|
sed -i "s@YNH_WWW_ROOTPATH@@g" ../conf/nginx.conf
|
|
|
|
|
sed -i "s@/YNH_WWW_ROOTAPP@@g" ../conf/nginx.conf
|
2016-10-08 19:08:37 +02:00
|
|
|
|
else
|
2017-02-22 18:08:55 +01:00
|
|
|
|
sed -i "s@YNH_WWW_ROOTPATH@$path@g" ../conf/nginx.conf
|
|
|
|
|
sed -i "s@YNH_WWW_ROOTAPP@$app@g" ../conf/nginx.conf
|
2016-10-08 19:08:37 +02:00
|
|
|
|
fi
|
2017-02-22 18:33:07 +01:00
|
|
|
|
sed -i "s@YNH_WWW_PATH@$path@g" $nginxconf
|
|
|
|
|
sed -i "s@YNH_WWW_FINALPATH@$final_path@g" $nginxconf
|
|
|
|
|
sudo cp $nginxconf /etc/nginx/conf.d/$domain.d/$app.conf
|
2016-10-05 19:44:08 +02:00
|
|
|
|
|
|
|
|
|
### PHP ###
|
|
|
|
|
sed -i "s@YNH_WWW_APP@$app@g" ../conf/php-fpm.conf
|
|
|
|
|
sed -i "s@YNH_WWW_ALIAS@$app/@g" ../conf/php-fpm.conf
|
|
|
|
|
finalphpconf=/etc/php5/fpm/pool.d/$app.conf
|
|
|
|
|
sudo cp ../conf/php-fpm.conf $finalphpconf
|
|
|
|
|
sudo chown root: $finalphpconf
|
|
|
|
|
sudo chmod 644 $finalphpconf
|
|
|
|
|
sudo service php5-fpm reload
|
|
|
|
|
|
|
|
|
|
# If app is public, add url to SSOWat conf as skipped_uris
|
|
|
|
|
if [[ $is_public -eq 1 ]]; then
|
|
|
|
|
# unprotected_uris allows SSO credentials to be passed anyway.
|
|
|
|
|
ynh_app_setting_set "$app" unprotected_uris "/"
|
|
|
|
|
fi
|
2017-02-21 21:11:23 +01:00
|
|
|
|
ynh_app_setting_set "$app" skipped_uris "/api"
|
|
|
|
|
sudo yunohost app ssowatconf
|
2016-10-05 19:44:08 +02:00
|
|
|
|
|
|
|
|
|
# Reload services
|
|
|
|
|
sudo service nginx reload
|
2016-10-08 19:08:37 +02:00
|
|
|
|
|
2017-02-21 21:11:23 +01:00
|
|
|
|
# Install the SSOwat auth extension
|
|
|
|
|
sudo su - www-data -s /bin/bash -c "cd $final_path && composer require 'tituspijean/flarum-ext-auth-ssowat:*@dev'"
|
|
|
|
|
|
2016-10-08 20:12:31 +02:00
|
|
|
|
### POST-INSTALL ###
|
2017-02-21 21:11:23 +01:00
|
|
|
|
if [[ -n $admin && -n $title ]]; then
|
|
|
|
|
adminpass=$(ynh_string_random 8)
|
2016-10-09 12:00:03 +02:00
|
|
|
|
sed -i "s@YNH_APP_DOMAIN@$domain@g" ../sources/configuration.yml
|
|
|
|
|
sed -i "s@/YNH_WWW_PATH@$path@g" ../sources/configuration.yml
|
2016-10-12 19:57:40 +02:00
|
|
|
|
sed -i "s@YNH_WWW_APP@$app@g" ../sources/configuration.yml
|
2016-10-08 20:12:31 +02:00
|
|
|
|
sed -i "s@YNH_DB_PASS@$dbpass@g" ../sources/configuration.yml
|
|
|
|
|
sed -i "s@YNH_ADMIN_USER@$admin@g" ../sources/configuration.yml
|
|
|
|
|
sed -i "s@YNH_ADMIN_PASS@$adminpass@g" ../sources/configuration.yml
|
2016-10-09 10:26:50 +02:00
|
|
|
|
adminemail=$(ynh_user_get_info $admin mail)
|
2016-10-09 10:45:26 +02:00
|
|
|
|
sed -i "s%YNH_ADMIN_EMAIL%$adminemail%g" ../sources/configuration.yml
|
2016-10-08 20:12:31 +02:00
|
|
|
|
sed -i "s@YNH_FORUM_TITLE@$title@g" ../sources/configuration.yml
|
|
|
|
|
sudo cp ../sources/configuration.yml $final_path
|
2016-10-18 21:51:39 +02:00
|
|
|
|
sudo su - www-data -s /bin/bash -c "cd $final_path && php -d memory_limit=-1 flarum install -f configuration.yml"
|
2016-10-09 12:00:03 +02:00
|
|
|
|
sudo rm $final_path/configuration.yml
|
2017-01-19 19:39:02 +01:00
|
|
|
|
|
|
|
|
|
# Generate and add root token for user creation and deletion
|
|
|
|
|
roottoken=$(ynh_string_random 40)
|
|
|
|
|
apitablesql="CREATE TABLE IF NOT EXISTS api_keys (api_key TEXT(40) NOT NULL UNIQUE)"
|
|
|
|
|
rootsql="INSERT INTO api_keys VALUES ('"$roottoken"')"
|
|
|
|
|
ynh_mysql_execute_as_root "$apitablesql" $dbname
|
|
|
|
|
ynh_mysql_execute_as_root "$rootsql" $dbname
|
|
|
|
|
ynh_app_setting_set "$app" root_token "$roottoken"
|
2016-10-18 21:51:39 +02:00
|
|
|
|
fi
|
2017-01-19 19:39:02 +01:00
|
|
|
|
|
2017-02-21 21:11:23 +01:00
|
|
|
|
# Configure SSOwat auth extension
|
|
|
|
|
ssowatdomain=$(</etc/yunohost/current_host)
|
|
|
|
|
data='{"flarum-ext-auth-ssowat.address": "'$ssowatdomain'"}'
|
|
|
|
|
rep=$(curl -s -o /dev/null -w "%{http_code}" -k -i \
|
|
|
|
|
-H "Content-Type: application/json" \
|
|
|
|
|
-H "Authorization: Token $roottoken; userId=1" \
|
|
|
|
|
-X POST -d "$data" \
|
|
|
|
|
-L https://${domain}${path}/api/settings )
|
|
|
|
|
echo $path
|
|
|
|
|
exit 0
|
|
|
|
|
if [[ $rep != 204 ]]; then
|
|
|
|
|
echo "SSOwat domain setting failed"
|
|
|
|
|
exit 1
|
|
|
|
|
fi
|
|
|
|
|
data='{"flarum-ext-auth-ssowat.onlyUse": true}'
|
|
|
|
|
rep=$(curl -s -o /dev/null -w "%{http_code}" -k -i \
|
|
|
|
|
-H "Content-Type: application/json" \
|
|
|
|
|
-H "Authorization: Token $roottoken; userId=1" \
|
|
|
|
|
-X POST -d "$data" \
|
|
|
|
|
-L https://${domain}${path}/api/settings )
|
|
|
|
|
if [[ $rep != 204 ]]; then
|
|
|
|
|
echo "SSOwat auth exclusivity failed"
|
|
|
|
|
exit 1
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
# Enable the selected admin to login with SSOwat
|
|
|
|
|
adminsql="UPDATE users SET ssowat_id = '$admin' WHERE username = '$admin'"
|
|
|
|
|
ynh_mysql_execute_as_root "$adminsql" $dbname
|
|
|
|
|
|
|
|
|
|
# Create missing users
|
|
|
|
|
for username in $(ynh_user_list); do
|
|
|
|
|
if [ "$username" == "$admin" ]; then continue; else
|
|
|
|
|
userpass=$(ynh_string_random 16)
|
|
|
|
|
usermail=$(ynh_user_get_info $username 'mail')
|
|
|
|
|
data='{"data":{"attributes":{"username":"'$username'","email":"'$usermail'","password":"'$userpass'"}}}'
|
|
|
|
|
rep=$(curl -s -o /dev/null -w "%{http_code}" -k -i \
|
|
|
|
|
-H "Content-Type: application/json" \
|
|
|
|
|
-H "Authentication: Token $roottoken" \
|
|
|
|
|
-X POST -d "$data" \
|
|
|
|
|
-L https://${domain}${path}/api/users )
|
|
|
|
|
if [[ $rep != 201 ]]; then
|
|
|
|
|
echo "Flarum account creation failed for $username"
|
|
|
|
|
exit 1
|
|
|
|
|
fi
|
|
|
|
|
usersql="UPDATE users SET ssowat_id = '$username' WHERE username = '$username'"
|
|
|
|
|
ynh_mysql_execute_as_root "$usersql" $dbname
|
|
|
|
|
fi
|
|
|
|
|
done
|