From 0f34565f80ef60773275e82f78565a2215a7a5d2 Mon Sep 17 00:00:00 2001 From: TitusPiJean Date: Wed, 5 Oct 2016 19:44:08 +0200 Subject: [PATCH] Initial commit --- .gitignore | 2 + LICENSE | 21 ++++ README.md | 18 ++++ conf/nginx.conf | 59 +++++++++++ conf/php-fpm.conf | 251 ++++++++++++++++++++++++++++++++++++++++++++++ manifest.json | 66 ++++++++++++ scripts/backup | 33 ++++++ scripts/install | 113 +++++++++++++++++++++ scripts/remove | 34 +++++++ scripts/restore | 52 ++++++++++ scripts/upgrade | 59 +++++++++++ 11 files changed, 708 insertions(+) create mode 100644 .gitignore create mode 100644 LICENSE create mode 100644 README.md create mode 100644 conf/nginx.conf create mode 100644 conf/php-fpm.conf create mode 100644 manifest.json create mode 100644 scripts/backup create mode 100644 scripts/install create mode 100644 scripts/remove create mode 100644 scripts/restore create mode 100644 scripts/upgrade diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..783a4ae --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +*~ +*.sw[op] diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..cde031c --- /dev/null +++ b/LICENSE @@ -0,0 +1,21 @@ +The MIT License (MIT) + +Copyright (c) 2016 Titus PiJean + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. \ No newline at end of file diff --git a/README.md b/README.md new file mode 100644 index 0000000..ae18695 --- /dev/null +++ b/README.md @@ -0,0 +1,18 @@ +# Flarum package for YunoHost +[Flarum](http://flarum.org/), an open-source forum software, packaged for [YunoHost](https://yunohost.org/), a self-hosting server operating server. + +## Install +Flarum requires `composer`, which should be automatically retrieved and installed. + +## Post-installation +Post-installation is not automated. + +1. Retrieve database password: + * It should be displayed in the log messages on top of installation page. + * Otherwise, display in command prompt with `sudo cat /etc/yunohost/apps/flarum/settings.yml | grep mysql` (Replace `flarum` by its actual app id if you are using multiple flarum instances in YNH) + +2. Go to your Flarum homepage to initiate post-installation. + +3. Fill in the blanks about `MySQL` as follow, put the retrieved database password. The remaining blanks are up to you. + +

diff --git a/conf/nginx.conf b/conf/nginx.conf new file mode 100644 index 0000000..bf97a0d --- /dev/null +++ b/conf/nginx.conf @@ -0,0 +1,59 @@ +location ^~ YNH_WWW_PATH { + root /var/www; + try_files $uri $uri/ /YNH_WWW_APP/index.php?$query_string; + index /YNH_WWW_APP/index.php; + + location YNH_WWW_PATH/ { try_files $uri $uri/ /YNH_WWW_APP/index.php?$query_string; } + location YNH_WWW_PATH/api { try_files $uri $uri/ /YNH_WWW_APP/api.php?$query_string; } + location YNH_WWW_PATH/admin { try_files $uri $uri/ /YNH_WWW_APP/admin.php?$query_string; } + + location YNH_WWW_PATH/flarum { + deny all; + return 404; + } + + location ~* \.php$ { + fastcgi_split_path_info ^(.+.php)(/.+)$; + fastcgi_pass unix:/var/run/php5-fpm-YNH_WWW_APP.sock; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param HTTP_PROXY ""; # Fix for https://httpoxy.org/ vulnerability + fastcgi_index index.php; + } + + location ~* \.html$ { + expires -1; + } + + location ~* \.(css|js|gif|jpe?g|png)$ { + expires 1M; + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + gzip on; + gzip_http_version 1.1; + gzip_vary on; + gzip_comp_level 6; + gzip_proxied any; + gzip_types application/atom+xml + application/javascript + application/json + application/vnd.ms-fontobject + application/x-font-ttf + application/x-web-app-manifest+json + application/xhtml+xml + application/xml + font/opentype + image/svg+xml + image/x-icon + text/css + text/plain + text/xml; + gzip_buffers 16 8k; + gzip_disable "MSIE [1-6]\.(?!.*SV1)"; + + + # Include SSOWAT user panel. + include conf.d/yunohost_panel.conf.inc; +} diff --git a/conf/php-fpm.conf b/conf/php-fpm.conf new file mode 100644 index 0000000..2061166 --- /dev/null +++ b/conf/php-fpm.conf @@ -0,0 +1,251 @@ +; Start a new pool named 'www'. +; the variable $pool can we used in any directive and will be replaced by the +; pool name ('www' here) +[YNH_WWW_APP] + +; Per pool prefix +; It only applies on the following directives: +; - 'slowlog' +; - 'listen' (unixsocket) +; - 'chroot' +; - 'chdir' +; - 'php_values' +; - 'php_admin_values' +; When not set, the global prefix (or /usr) applies instead. +; Note: This directive can also be relative to the global prefix. +; Default Value: none +;prefix = /path/to/pools/$pool + +; The address on which to accept FastCGI requests. +; Valid syntaxes are: +; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific address on +; a specific port; +; 'port' - to listen on a TCP socket to all addresses on a +; specific port; +; '/path/to/unix/socket' - to listen on a unix socket. +; Note: This value is mandatory. +listen = /var/run/php5-fpm-YNH_WWW_APP.sock + +; Set listen(2) backlog. A value of '-1' means unlimited. +; Default Value: 128 (-1 on FreeBSD and OpenBSD) +;listen.backlog = -1 + +; List of ipv4 addresses of FastCGI clients which are allowed to connect. +; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original +; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address +; must be separated by a comma. If this value is left blank, connections will be +; accepted from any ip address. +; Default Value: any +;listen.allowed_clients = 127.0.0.1 + +; Set permissions for unix socket, if one is used. In Linux, read/write +; permissions must be set in order to allow connections from a web server. Many +; BSD-derived systems allow connections regardless of permissions. +; Default Values: user and group are set as the running user +; mode is set to 0666 +listen.owner = www-data +listen.group = www-data +listen.mode = 0600 + +; Unix user/group of processes +; Note: The user is mandatory. If the group is not set, the default user's group +; will be used. +user = www-data +group = www-data + +; Choose how the process manager will control the number of child processes. +; Possible Values: +; static - a fixed number (pm.max_children) of child processes; +; dynamic - the number of child processes are set dynamically based on the +; following directives: +; pm.max_children - the maximum number of children that can +; be alive at the same time. +; pm.start_servers - the number of children created on startup. +; pm.min_spare_servers - the minimum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is less than this +; number then some children will be created. +; pm.max_spare_servers - the maximum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is greater than this +; number then some children will be killed. +; Note: This value is mandatory. +pm = dynamic + +; The number of child processes to be created when pm is set to 'static' and the +; maximum number of child processes to be created when pm is set to 'dynamic'. +; This value sets the limit on the number of simultaneous requests that will be +; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. +; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP +; CGI. +; Note: Used when pm is set to either 'static' or 'dynamic' +; Note: This value is mandatory. +pm.max_children = 6 + +; The number of child processes created on startup. +; Note: Used only when pm is set to 'dynamic' +; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2 +pm.start_servers = 3 + +; The desired minimum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.min_spare_servers = 3 + +; The desired maximum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.max_spare_servers = 5 + +; The number of requests each child process should execute before respawning. +; This can be useful to work around memory leaks in 3rd party libraries. For +; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. +; Default Value: 0 +pm.max_requests = 500 + +; The URI to view the FPM status page. If this value is not set, no URI will be +; recognized as a status page. By default, the status page shows the following +; information: +; accepted conn - the number of request accepted by the pool; +; pool - the name of the pool; +; process manager - static or dynamic; +; idle processes - the number of idle processes; +; active processes - the number of active processes; +; total processes - the number of idle + active processes. +; max children reached - number of times, the process limit has been reached, +; when pm tries to start more children (works only for +; pm 'dynamic') +; The values of 'idle processes', 'active processes' and 'total processes' are +; updated each second. The value of 'accepted conn' is updated in real time. +; Example output: +; accepted conn: 12073 +; pool: www +; process manager: static +; idle processes: 35 +; active processes: 65 +; total processes: 100 +; max children reached: 1 +; By default the status page output is formatted as text/plain. Passing either +; 'html' or 'json' as a query string will return the corresponding output +; syntax. Example: +; http://www.foo.bar/status +; http://www.foo.bar/status?json +; http://www.foo.bar/status?html +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +pm.status_path = /fpm-status + +; The ping URI to call the monitoring page of FPM. If this value is not set, no +; URI will be recognized as a ping page. This could be used to test from outside +; that FPM is alive and responding, or to +; - create a graph of FPM availability (rrd or such); +; - remove a server from a group if it is not responding (load balancing); +; - trigger alerts for the operating team (24/7). +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +ping.path = /ping + +; This directive may be used to customize the response of a ping request. The +; response is formatted as text/plain with a 200 response code. +; Default Value: pong +;ping.response = pong + +; The timeout for serving a single request after which the worker process will +; be killed. This option should be used when the 'max_execution_time' ini option +; does not stop script execution for some reason. A value of '0' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +request_terminate_timeout = 120s + +; The timeout for serving a single request after which a PHP backtrace will be +; dumped to the 'slowlog' file. A value of '0s' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +request_slowlog_timeout = 5s + +; The log file for slow requests +; Default Value: not set +; Note: slowlog is mandatory if request_slowlog_timeout is set +slowlog = /var/log/nginx/YNH_WWW_APP.slow.log + +; Set open file descriptor rlimit. +; Default Value: system defined value +rlimit_files = 4096 + +; Set max core size rlimit. +; Possible Values: 'unlimited' or an integer greater or equal to 0 +; Default Value: system defined value +rlimit_core = 0 + +; Chroot to this directory at the start. This value must be defined as an +; absolute path. When this value is not set, chroot is not used. +; Note: you can prefix with '$prefix' to chroot to the pool prefix or one +; of its subdirectories. If the pool prefix is not set, the global prefix +; will be used instead. +; Note: chrooting is a great security feature and should be used whenever +; possible. However, all PHP paths will be relative to the chroot +; (error_log, sessions.save_path, ...). +; Default Value: not set +;chroot = + +; Chdir to this directory at the start. +; Note: relative path can be used. +; Default Value: current directory or / when chroot +chdir = /var/www/YNH_WWW_ALIAS + +; Redirect worker stdout and stderr into main error log. If not set, stdout and +; stderr will be redirected to /dev/null according to FastCGI specs. +; Note: on highloaded environement, this can cause some delay in the page +; process time (several ms). +; Default Value: no +catch_workers_output = yes + +; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from +; the current environment. +; Default Value: clean env +;env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +;env[TMP] = /tmp +;env[TMPDIR] = /tmp +;env[TEMP] = /tmp + +; Additional php.ini defines, specific to this pool of workers. These settings +; overwrite the values previously defined in the php.ini. The directives are the +; same as the PHP SAPI: +; php_value/php_flag - you can set classic ini defines which can +; be overwritten from PHP call 'ini_set'. +; php_admin_value/php_admin_flag - these directives won't be overwritten by +; PHP call 'ini_set' +; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no. + +; Defining 'extension' will load the corresponding shared extension from +; extension_dir. Defining 'disable_functions' or 'disable_classes' will not +; overwrite previously defined php.ini values, but will append the new value +; instead. + +; Note: path INI options can be relative and will be expanded with the prefix +; (pool, global or /usr) + +; Default Value: nothing is defined by default except the values in php.ini and +; specified at startup with the -d argument +;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com +;php_flag[display_errors] = off +;php_admin_value[error_log] = /var/log/fpm-php.www.log +;php_admin_flag[log_errors] = on +;php_admin_value[memory_limit] = 32M + +# Common values to change to increase file upload limit +;php_value[upload_max_filesize] = 50M +;php_value[post_max_size] = 50M +;php_value[mail.add_x_header] = Off + +# Other common parameters +;php_value[max_execution_time] = 600 +;php_value[max_input_time] = 300 +;php_value[memory_limit] = 256M +;php_value[short_open_tag] = On + diff --git a/manifest.json b/manifest.json new file mode 100644 index 0000000..6d66d28 --- /dev/null +++ b/manifest.json @@ -0,0 +1,66 @@ +{ + "name": "Flarum", + "id": "flarum", + "packaging_format": 1, + "description": { + "en": "Flarum (open-source forum software) package for YunoHost.", + "fr": "Package Flarum (système de forum libre) pour YunoHost." + }, + "url": "http://flarum.org/", + "license": "MIT", + "version": "0.1.0-beta.5", + "maintainer": { + "name": "Titus PiJean", + "email": "tituspijean@outlook.com" + }, + "requirements": { + "yunohost": ">= 2.4.0" + }, + "multi_instance": true, + "services": [ + "nginx", + "php5-fpm", + "mysql" + ], + "arguments": { + "install" : [ + { + "name": "domain", + "type": "domain", + "ask": { + "en": "Choose a domain name for Flarum", + "fr": "Choisissez un nom de domaine pour Flarum" + }, + "example": "example.com" + }, + { + "name": "path", + "type": "path", + "ask": { + "en": "Choose a path for Flarum", + "fr": "Choisissez un chemin pour Flarum" + }, + "example": "/flarum", + "default": "/flarum" + }, + { + "name": "admin", + "type": "user", + "ask": { + "en": "Choose an admin user", + "fr": "Choisissez l’administrateur" + }, + "example": "johndoe" + }, + { + "name": "is_public", + "type": "boolean", + "ask": { + "en": "Is it a public application?", + "fr": "Est-ce une application publique ?" + }, + "default": true + } + ] + } +} diff --git a/scripts/backup b/scripts/backup new file mode 100644 index 0000000..575a599 --- /dev/null +++ b/scripts/backup @@ -0,0 +1,33 @@ +#!/bin/bash + +# Exit on command errors and treat unset variables as an error +set -eu + +# See comments in install script +app=$YNH_APP_INSTANCE_NAME + +# Source YunoHost helpers +source /usr/share/yunohost/helpers + +# Backup sources & data +# Note: the last argument is where to save this path, see the restore script. +ynh_backup "/var/www/${app}" "sources" + +### MySQL ### +# If a MySQL database is used: +# # Dump the database +dbname=$app +dbuser=$app +dbpass=$(ynh_app_setting_get "$app" mysqlpwd) +mysqldump -u "$dbuser" -p"$dbpass" --no-create-db "$dbname" > ./dump.sql +### MySQL end ### + +# Copy NGINX configuration +domain=$(ynh_app_setting_get "$app" domain) +ynh_backup "/etc/nginx/conf.d/${domain}.d/${app}.conf" "nginx.conf" + +### PHP (remove if not used) ### +# If a dedicated php-fpm process is used: +# # Copy PHP-FPM pool configuration +ynh_backup "/etc/php5/fpm/pool.d/${app}.conf" "php-fpm.conf" +### PHP end ### diff --git a/scripts/install b/scripts/install new file mode 100644 index 0000000..5cf6872 --- /dev/null +++ b/scripts/install @@ -0,0 +1,113 @@ +#!/bin/bash + +# Exit on command errors and treat unset variables as an error +set -eu + +# This is a multi-instance app, meaning it can be installed several times independently +# The id of the app as stated in the manifest is available as $YNH_APP_ID +# The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2", ...) +# The app instance name is available as $YNH_APP_INSTANCE_NAME +# - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample +# - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2 +# - ynhexample__{N} for the subsequent installations, with N=3,4, ... +# The app instance name is probably what you are interested the most, since this is +# guaranteed to be unique. This is a good unique identifier to define installation path, +# db names, ... +app=$YNH_APP_INSTANCE_NAME + +# Retrieve arguments +domain=$YNH_APP_ARG_DOMAIN +path=$YNH_APP_ARG_PATH +admin=$YNH_APP_ARG_ADMIN +is_public=$YNH_APP_ARG_IS_PUBLIC +final_path=/var/www/$app + +# Source YunoHost helpers +source /usr/share/yunohost/helpers + +# Save app settings +ynh_app_setting_set "$app" admin "$admin" +ynh_app_setting_set "$app" is_public "$is_public" + +# Check domain/path availability +sudo yunohost app checkurl "${domain}${path}" -a "$app" \ + || ynh_die "Path not available: ${domain}${path}" + + +### composer ### +# Install or update composer (https://getcomposer.org) +composerinstall=/tmp/composer-install +if [ -d "$composerinstall" ]; then + sudo rm -rf $composerinstall +fi +sudo mkdir $composerinstall +EXPECTED_SIGNATURE=$(wget https://composer.github.io/installer.sig -O - -q) +sudo php -r "copy('https://getcomposer.org/installer', '$composerinstall/composer-setup.php');" +ACTUAL_SIGNATURE=$(php -r "echo hash_file('SHA384', '$composerinstall/composer-setup.php');") +if [ "$EXPECTED_SIGNATURE" = "$ACTUAL_SIGNATURE" ] +then + sudo php "$composerinstall/composer-setup.php" --install-dir=/usr/local/bin + RESULT=$? + sudo rm "$composerinstall/composer-setup.php" +else + >&2 echo 'ERROR: Invalid installer signature' + sudo rm "$composerinstall/composer-setup.php" + exit 1 +fi +if [ $RESULT != 0 ] +then + exit $RESULT +fi +sudo rm -rf $composerinstall + +### composer end ### + +sudo mkdir -p $final_path +sudo chown -R www-data:www-data $final_path + +### Install flarum +sudo su - www-data -s /bin/bash -c "composer.phar create-project flarum/flarum "$final_path" --stability=beta" + +### MySQL (can be removed if not used) ### +# If your app use a MySQL database you can use these lines to bootstrap +# a database, an associated user and save the password in app settings. +# +# # Generate MySQL password and create database +dbuser=$app +dbname=$app +dbpass=$(ynh_string_random 15) +ynh_app_setting_set "$app" mysqlpwd "$dbpass" +ynh_mysql_create_db "$dbname" "$dbuser" "$dbpass" + +# Install + +# Modify Nginx configuration file and copy it to Nginx conf directory +nginx_conf=../conf/nginx.conf +sed -i "s@YNH_WWW_PATH@$path@g" $nginx_conf +sed -i "s@YNH_WWW_ALIAS@$app/@g" $nginx_conf +# If a dedicated php-fpm process is used: +# Don't forget to modify ../conf/nginx.conf accordingly or your app will not work! +sed -i "s@YNH_WWW_APP@$app@g" $nginx_conf +sudo cp $nginx_conf /etc/nginx/conf.d/$domain.d/$app.conf + +### PHP ### +# Modify PHP-FPM pool configuration and copy it to the pool directory +sed -i "s@YNH_WWW_APP@$app@g" ../conf/php-fpm.conf +sed -i "s@YNH_WWW_ALIAS@$app/@g" ../conf/php-fpm.conf +finalphpconf=/etc/php5/fpm/pool.d/$app.conf +sudo cp ../conf/php-fpm.conf $finalphpconf +sudo chown root: $finalphpconf +sudo chmod 644 $finalphpconf +sudo service php5-fpm reload +### PHP end ### + +# If app is public, add url to SSOWat conf as skipped_uris +if [[ $is_public -eq 1 ]]; then + # unprotected_uris allows SSO credentials to be passed anyway. + ynh_app_setting_set "$app" unprotected_uris "/" +fi + +# Reload services +sudo service nginx reload +echo "MySQL database user is " $dbuser +echo "MySQL database password is " $dbpass diff --git a/scripts/remove b/scripts/remove new file mode 100644 index 0000000..b085f87 --- /dev/null +++ b/scripts/remove @@ -0,0 +1,34 @@ +#!/bin/bash + +# See comments in install script +app=$YNH_APP_INSTANCE_NAME + +# Source YunoHost helpers +source /usr/share/yunohost/helpers + +# Retrieve app settings +domain=$(ynh_app_setting_get "$app" domain) + +# Remove sources +sudo rm -rf /var/www/$app + +# Remove nginx configuration file +sudo rm -f /etc/nginx/conf.d/$domain.d/$app.conf + +### PHP ### +# If a dedicated php-fpm process is used: +sudo rm -f /etc/php5/fpm/pool.d/$app.conf +sudo service php5-fpm reload +### PHP end ### + +### MySQL ### +# If a MySQL database is used: +# # Drop MySQL database and user +dbname=$app +dbuser=$app +ynh_mysql_drop_db "$dbname" || true +ynh_mysql_drop_user "$dbuser" || true +### MySQL end ### + +# Reload nginx service +sudo service nginx reload diff --git a/scripts/restore b/scripts/restore new file mode 100644 index 0000000..2f532ee --- /dev/null +++ b/scripts/restore @@ -0,0 +1,52 @@ +#!/bin/bash + +# Note: each files and directories you've saved using the ynh_backup helper +# will be located in the current directory, regarding the last argument. + +# Exit on command errors and treat unset variables as an error +set -eu + +# See comments in install script +app=$YNH_APP_INSTANCE_NAME + +# Source YunoHost helpers +source /usr/share/yunohost/helpers + +# Retrieve old app settings +domain=$(ynh_app_setting_get "$app" domain) +path=$(ynh_app_setting_get "$app" path) + +# Check domain/path availability +sudo yunohost app checkurl "${domain}${path}" -a "$app" \ + || ynh_die "Path not available: ${domain}${path}" + +# Restore sources & data +src_path="/var/www/${app}" +sudo cp -a ./sources "$src_path" + +# Restore permissions to app files +# you may need to make some file and/or directory writeable by www-data (nginx user) +sudo chown -R root: "$src_path" + +### MySQL ### +# If a MySQL database is used: +# # Create and restore the database +dbname=$app +dbuser=$app +dbpass=$(ynh_app_setting_get "$app" mysqlpwd) +ynh_mysql_create_db "$dbname" "$dbuser" "$dbpass" +ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ./dump.sql +### MySQL end ### + +# Restore NGINX configuration +sudo cp -a ./nginx.conf "/etc/nginx/conf.d/${domain}.d/${app}.conf" + +### PHP ### +# If a dedicated php-fpm process is used: +# # Copy PHP-FPM pool configuration and reload the service +sudo cp -a ./php-fpm.conf "/etc/php5/fpm/pool.d/${app}.conf" +sudo service php5-fpm reload +### PHP end ### + +# Restart webserver +sudo service nginx reload diff --git a/scripts/upgrade b/scripts/upgrade new file mode 100644 index 0000000..4547608 --- /dev/null +++ b/scripts/upgrade @@ -0,0 +1,59 @@ +#!/bin/bash + +# Exit on command errors and treat unset variables as an error +set -eu + +# See comments in install script +app=$YNH_APP_INSTANCE_NAME + +# Source YunoHost helpers +source /usr/share/yunohost/helpers + +# Retrieve app settings +domain=$(ynh_app_setting_get "$app" domain) +path=$(ynh_app_setting_get "$app" path) +admin=$(ynh_app_setting_get "$app" admin) +is_public=$(ynh_app_setting_get "$app" is_public) +language=$(ynh_app_setting_get "$app" language) + +# Remove trailing "/" for next commands +path=${path%/} + +# Copy source files +src_path=/var/www/$app +sudo mkdir -p $src_path +sudo cp -a ../sources/. $src_path + +# Set permissions to app files +# you may need to make some file and/or directory writeable by www-data (nginx user) +sudo chown -R root: $src_path + +# Modify Nginx configuration file and copy it to Nginx conf directory +nginx_conf=../conf/nginx.conf +sed -i "s@YNH_WWW_PATH@$path@g" $nginx_conf +sed -i "s@YNH_WWW_ALIAS@$src_path/@g" $nginx_conf +# If a dedicated php-fpm process is used: +# +sed -i "s@YNH_WWW_APP@$app@g" $nginx_conf +sudo cp $nginx_conf /etc/nginx/conf.d/$domain.d/$app.conf + +### PHP ### +# If a dedicated php-fpm process is used: +# # Modify PHP-FPM pool configuration and copy it to the pool directory +sed -i "s@YNH_WWW_APP@$app@g" ../conf/php-fpm.conf +sed -i "s@YNH_WWW_ALIAS@$src_path/@g" ../conf/php-fpm.conf +finalphpconf=/etc/php5/fpm/pool.d/$app.conf +sudo cp ../conf/php-fpm.conf $finalphpconf +sudo chown root: $finalphpconf +sudo chmod 644 $finalphpconf +sudo service php5-fpm restart +### PHP end ### + +# If app is public, add url to SSOWat conf as skipped_uris +if [[ $is_public -eq 1 ]]; then + # See install script + ynh_app_setting_set "$app" unprotected_uris "/" +fi + +# Reload nginx service +sudo service nginx reload