1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/flarum_ynh.git synced 2024-09-03 18:36:24 +02:00
flarum_ynh/scripts/install

216 lines
7.6 KiB
Text
Raw Normal View History

2016-10-05 19:44:08 +02:00
#!/bin/bash
# Load extra functions
2017-02-22 18:24:42 +01:00
source .functions
# Activate TRAP to stop the script if an error is detected
TRAP_ON
2016-10-05 19:44:08 +02:00
# This is a multi-instance app, meaning it can be installed several times independently
# The id of the app as stated in the manifest is available as $YNH_APP_ID
# The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2", ...)
# The app instance name is available as $YNH_APP_INSTANCE_NAME
# - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample
# - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2
# - ynhexample__{N} for the subsequent installations, with N=3,4, ...
# The app instance name is probably what you are interested the most, since this is
# guaranteed to be unique. This is a good unique identifier to define installation path,
# db names, ...
app=$YNH_APP_INSTANCE_NAME
# Retrieve arguments
domain=$YNH_APP_ARG_DOMAIN
path=$YNH_APP_ARG_PATH
2016-10-05 19:44:08 +02:00
admin=$YNH_APP_ARG_ADMIN
2016-10-08 20:12:31 +02:00
title=$YNH_APP_ARG_TITLE
2016-10-05 19:44:08 +02:00
is_public=$YNH_APP_ARG_IS_PUBLIC
www_path=/var/www
final_path=$www_path/$app
2016-10-05 19:44:08 +02:00
# Source YunoHost helpers$
2016-10-05 19:44:08 +02:00
source /usr/share/yunohost/helpers
# Check variables are not empty
CHECK_VAR "$app" "app name not set"
# Check validity of admin user
CHECK_USER "$admin"
# Check and correct path syntax
CHECK_PATH
# Check availibility of path and domain
CHECK_DOMAINPATH
2016-10-05 19:44:08 +02:00
# Save app settings
ynh_app_setting_set "$app" admin "$admin"
ynh_app_setting_set "$app" is_public "$is_public"
ynh_app_setting_set "$app" path "$path"
2016-10-05 19:44:08 +02:00
# Check final_path availibility. Installation stops if it already exists
CHECK_FINALPATH
sudo mkdir "$final_path"
2016-10-05 19:44:08 +02:00
2016-10-08 19:08:37 +02:00
tmp=/tmp/flaruminstall
sudo rm -rf $tmp
sudo mkdir -p $tmp
sudo chown -R www-data:www-data $tmp
sudo chmod -R 755 $tmp
2016-10-05 19:44:08 +02:00
# Prepare composer and cache directories
sudo mkdir -p /opt/flarum_composer/cache
sudo chown -R www-data:www-data /opt/flarum_composer
sudo chmod -R 755 /opt/flarum_composer
2016-10-05 19:44:08 +02:00
### composer ###
2016-10-08 19:08:37 +02:00
if ! type "composer" > /dev/null; then
# Install composer (https://getcomposer.org)
EXPECTED_SIGNATURE=$(wget https://composer.github.io/installer.sig -O - -q)
sudo su - www-data -s /bin/bash -c "php -r \"copy('https://getcomposer.org/installer', '$tmp/composer-setup.php');\""
ACTUAL_SIGNATURE=$(php -r "echo hash_file('SHA384', '$tmp/composer-setup.php');")
if [ "$EXPECTED_SIGNATURE" = "$ACTUAL_SIGNATURE" ]
then
sudo su - root -c "grep -q -F 'env[COMPOSER_HOME]= /opt/flarum_composer' /etc/php5/fpm/php-fpm.conf || sudo echo 'env[COMPOSER_HOME]= /opt/flarum_composer' >> /etc/php5/fpm/php-fpm.conf"
sudo service php5-fpm reload
2016-10-08 19:08:37 +02:00
sudo su - www-data -s /bin/bash -c "php $tmp/composer-setup.php --install-dir=$tmp --filename=composer"
sudo mv $tmp/composer /usr/local/bin
sudo chown root:root /usr/local/bin/composer
RESULT=$?
else
>&2 echo 'ERROR: Invalid installer signature'
RESULT=1
fi
if [ $RESULT != 0 ]
then
sudo rm -rf $final_path
exit $RESULT
fi
2016-10-05 19:44:08 +02:00
fi
### composer end ###
### Install flarum
2016-10-08 19:08:37 +02:00
cwd=$(pwd)
sudo su - www-data -s /bin/bash -c "mkdir -p $tmp/$app && cd $tmp/$app && php -d memory_limit=-1 /usr/local/bin/composer create-project flarum/flarum . --stability=beta"
sudo cp -Rf $tmp/$app $www_path/
2016-10-08 19:08:37 +02:00
sudo chown -R www-data:www-data $final_path
cd $cwd
sudo rm -rf $tmp
2016-10-05 19:44:08 +02:00
2016-10-08 19:08:37 +02:00
### MySQL ###
2016-10-05 19:44:08 +02:00
dbuser=$app
dbname=$app
dbpass=$(ynh_string_random 15)
ynh_app_setting_set "$app" mysqlpwd "$dbpass"
ynh_mysql_create_db "$dbname" "$dbuser" "$dbpass"
2016-10-08 19:08:37 +02:00
### Nginx ###
2017-02-22 18:08:55 +01:00
nginxconf="../conf/nginx.conf"
if [ $path = "/" ]; then
sed -i "s@YNH_WWW_ROOTPATH@@g" ../conf/nginx.conf
sed -i "s@/YNH_WWW_ROOTAPP@@g" ../conf/nginx.conf
2016-10-08 19:08:37 +02:00
else
2017-02-22 18:08:55 +01:00
sed -i "s@YNH_WWW_ROOTPATH@$path@g" ../conf/nginx.conf
sed -i "s@YNH_WWW_ROOTAPP@$app@g" ../conf/nginx.conf
2016-10-08 19:08:37 +02:00
fi
2017-02-22 18:33:07 +01:00
sed -i "s@YNH_WWW_PATH@$path@g" $nginxconf
sed -i "s@YNH_WWW_FINALPATH@$final_path@g" $nginxconf
sudo cp $nginxconf /etc/nginx/conf.d/$domain.d/$app.conf
2016-10-05 19:44:08 +02:00
### PHP ###
sed -i "s@YNH_WWW_APP@$app@g" ../conf/php-fpm.conf
sed -i "s@YNH_WWW_ALIAS@$app/@g" ../conf/php-fpm.conf
finalphpconf=/etc/php5/fpm/pool.d/$app.conf
sudo cp ../conf/php-fpm.conf $finalphpconf
sudo chown root: $finalphpconf
sudo chmod 644 $finalphpconf
sudo service php5-fpm reload
# If app is public, add url to SSOWat conf as skipped_uris
if [[ $is_public -eq 1 ]]; then
# unprotected_uris allows SSO credentials to be passed anyway.
ynh_app_setting_set "$app" unprotected_uris "/"
fi
ynh_app_setting_set "$app" skipped_uris "/api"
sudo yunohost app ssowatconf
2016-10-05 19:44:08 +02:00
# Reload services
sudo service nginx reload
2016-10-08 19:08:37 +02:00
# Install the SSOwat auth extension
sudo su - www-data -s /bin/bash -c "cd $final_path && composer require 'tituspijean/flarum-ext-auth-ssowat:*@dev'"
2016-10-08 20:12:31 +02:00
### POST-INSTALL ###
if [[ -n $admin && -n $title ]]; then
adminpass=$(ynh_string_random 8)
sed -i "s@YNH_APP_DOMAIN@$domain@g" ../sources/configuration.yml
sed -i "s@/YNH_WWW_PATH@$path@g" ../sources/configuration.yml
sed -i "s@YNH_WWW_APP@$app@g" ../sources/configuration.yml
2016-10-08 20:12:31 +02:00
sed -i "s@YNH_DB_PASS@$dbpass@g" ../sources/configuration.yml
sed -i "s@YNH_ADMIN_USER@$admin@g" ../sources/configuration.yml
sed -i "s@YNH_ADMIN_PASS@$adminpass@g" ../sources/configuration.yml
2016-10-09 10:26:50 +02:00
adminemail=$(ynh_user_get_info $admin mail)
sed -i "s%YNH_ADMIN_EMAIL%$adminemail%g" ../sources/configuration.yml
2016-10-08 20:12:31 +02:00
sed -i "s@YNH_FORUM_TITLE@$title@g" ../sources/configuration.yml
sudo cp ../sources/configuration.yml $final_path
sudo su - www-data -s /bin/bash -c "cd $final_path && php -d memory_limit=-1 flarum install -f configuration.yml"
sudo rm $final_path/configuration.yml
# Generate and add root token for user creation and deletion
roottoken=$(ynh_string_random 40)
apitablesql="CREATE TABLE IF NOT EXISTS api_keys (api_key TEXT(40) NOT NULL UNIQUE)"
rootsql="INSERT INTO api_keys VALUES ('"$roottoken"')"
ynh_mysql_execute_as_root "$apitablesql" $dbname
ynh_mysql_execute_as_root "$rootsql" $dbname
ynh_app_setting_set "$app" root_token "$roottoken"
fi
# Configure SSOwat auth extension
ssowatdomain=$(</etc/yunohost/current_host)
data='{"flarum-ext-auth-ssowat.address": "'$ssowatdomain'"}'
rep=$(curl -s -o /dev/null -w "%{http_code}" -k -i \
-H "Content-Type: application/json" \
-H "Authorization: Token $roottoken; userId=1" \
-X POST -d "$data" \
-L https://${domain}${path}/api/settings )
echo $path
exit 0
if [[ $rep != 204 ]]; then
echo "SSOwat domain setting failed"
exit 1
fi
data='{"flarum-ext-auth-ssowat.onlyUse": true}'
rep=$(curl -s -o /dev/null -w "%{http_code}" -k -i \
-H "Content-Type: application/json" \
-H "Authorization: Token $roottoken; userId=1" \
-X POST -d "$data" \
-L https://${domain}${path}/api/settings )
if [[ $rep != 204 ]]; then
echo "SSOwat auth exclusivity failed"
exit 1
fi
# Enable the selected admin to login with SSOwat
adminsql="UPDATE users SET ssowat_id = '$admin' WHERE username = '$admin'"
ynh_mysql_execute_as_root "$adminsql" $dbname
# Create missing users
for username in $(ynh_user_list); do
if [ "$username" == "$admin" ]; then continue; else
userpass=$(ynh_string_random 16)
usermail=$(ynh_user_get_info $username 'mail')
data='{"data":{"attributes":{"username":"'$username'","email":"'$usermail'","password":"'$userpass'"}}}'
rep=$(curl -s -o /dev/null -w "%{http_code}" -k -i \
-H "Content-Type: application/json" \
-H "Authentication: Token $roottoken" \
-X POST -d "$data" \
-L https://${domain}${path}/api/users )
if [[ $rep != 201 ]]; then
echo "Flarum account creation failed for $username"
exit 1
fi
usersql="UPDATE users SET ssowat_id = '$username' WHERE username = '$username'"
ynh_mysql_execute_as_root "$usersql" $dbname
fi
done