Refactoring and helpers

Insprided by @frju365 refactoring proposals

conf/nginx.conf

@@ -1,14 +1,14 @@
-location ^~ YNH_WWW_PATH {
+location ^~ __PATH__ {
     
     if ($scheme = http) {
 		rewrite ^ https://$server_name$request_uri? permanent;
     }
     
-    alias YNH_WWW_FINALPATH/;
+    alias __FINALPATH__/;
     try_files $uri $uri/ /index.php?$query_string;
     index YNH_WWW_ROOTPATH/index.php;
     
-    # These weird try_files ... see http://stackoverflow.com/a/35102259
+    # Bug in Nginx with locations and aliases (see http://stackoverflow.com/a/35102259 )
     location YNH_WWW_ROOTPATH/ { try_files $uri $uri/ YNH_WWW_ROOTAPP/index.php?$query_string; }
     location YNH_WWW_ROOTPATH/api { try_files $uri $uri/ YNH_WWW_ROOTAPP/api.php?$query_string; }
     location YNH_WWW_ROOTPATH/admin { try_files $uri $uri/ YNH_WWW_ROOTAPP/admin.php?$query_string; }
@@ -20,7 +20,7 @@ location ^~ YNH_WWW_PATH {
 
     location ~* \.php$ {
         fastcgi_split_path_info ^(.+.php)(/.+)$;
-        fastcgi_pass unix:/var/run/php5-fpm-YNH_WWW_APP.sock;
+        fastcgi_pass unix:/var/run/php5-fpm-__NAME__.sock;
         include fastcgi_params;
         fastcgi_param SCRIPT_FILENAME $request_filename;
         fastcgi_param HTTP_PROXY ""; # Fix for https://httpoxy.org/ vulnerability

conf/php-fpm.conf

@@ -1,7 +1,7 @@
 ; Start a new pool named 'www'.
 ; the variable $pool can we used in any directive and will be replaced by the
 ; pool name ('www' here)
-[YNH_WWW_APP]
+[__USER__]
 
 ; Per pool prefix
 ; It only applies on the following directives:
@@ -24,7 +24,7 @@
 ;                            specific port;
 ;   '/path/to/unix/socket' - to listen on a unix socket.
 ; Note: This value is mandatory.
-listen = /var/run/php5-fpm-YNH_WWW_APP.sock
+listen = /var/run/php5-fpm-__USER__.sock
 
 ; Set listen(2) backlog. A value of '-1' means unlimited.
 ; Default Value: 128 (-1 on FreeBSD and OpenBSD)
@@ -170,7 +170,7 @@ request_slowlog_timeout = 5s
 ; The log file for slow requests
 ; Default Value: not set
 ; Note: slowlog is mandatory if request_slowlog_timeout is set
-slowlog = /var/log/nginx/YNH_WWW_APP.slow.log
+slowlog = /var/log/nginx/__USER__.slow.log
 
 ; Set open file descriptor rlimit.
 ; Default Value: system defined value
@@ -195,7 +195,7 @@ rlimit_core = 0
 ; Chdir to this directory at the start.
 ; Note: relative path can be used.
 ; Default Value: current directory or / when chroot
-chdir = YNH_WWW_ALIAS
+chdir = __FINALPATH__
 
 ; Redirect worker stdout and stderr into main error log. If not set, stdout and
 ; stderr will be redirected to /dev/null according to FastCGI specs.
@@ -249,4 +249,4 @@ php_value[max_input_time] = 600
 ;php_value[memory_limit] = 256M
 ;php_value[short_open_tag] = On
 
-env[COMPOSER_HOME]= /opt/YNH_WWW_APP_composer'
+env[COMPOSER_HOME]= /opt/__USER___composer'

scripts/install

@@ -1,12 +1,25 @@
 #!/bin/bash
 
-# Load helpers
+#=================================================
+# GENERIC START
+#=================================================
+# IMPORT GENERIC HELPERS
+#=================================================
+
 source _common.sh
 source /usr/share/yunohost/helpers
 
+#=================================================
+# MANAGE SCRIPT FAILURE
+#=================================================
+
 # Exit if an error occurs during the execution of the script
 ynh_abort_if_errors
 
+#===================================================
+# RETRIEVE ARGUMENTS FROM THE MANIFEST
+#===================================================
+
 # This is a multi-instance app, meaning it can be installed several times independently
 # The id of the app as stated in the manifest is available as $YNH_APP_ID
 # The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2", ...)
@@ -19,9 +32,7 @@ ynh_abort_if_errors
 # db names, ...
 app=$YNH_APP_INSTANCE_NAME
 
-#===================================================
-# RETRIEVE ARGUMENTS FROM THE MANIFEST
-#===================================================
+# Retrieve arguments
 
 domain=$YNH_APP_ARG_DOMAIN
 path_url=$YNH_APP_ARG_PATH
@@ -51,13 +62,14 @@ ynh_webpath_register $app $domain $path_url
 #===================================================
 
 # Save app settings
-ynh_app_setting_set $app admin $admin
-ynh_app_setting_set $app is_public $is_public
 ynh_app_setting_set $app domain $domain
 ynh_app_setting_set $app path $path_url
+ynh_app_setting_set $app admin $admin
+ynh_app_setting_set $app is_public $is_public
+ynh_app_setting_set $app final_path $final_path
 
 #===================================================
-# CREATE APP USER
+# CREATE DEDICATED USER
 #===================================================
 
 ynh_system_user_create $app "$final_path"
@@ -83,8 +95,7 @@ php -r "copy('https://getcomposer.org/installer', '$composer_path/composer-setup
 ACTUAL_SIGNATURE=$(php -r "echo hash_file('SHA384', '$composer_path/composer-setup.php');")
 if [ "$EXPECTED_SIGNATURE" = "$ACTUAL_SIGNATURE" ]
 then
-    exec_as $app \
-     php $composer_path/composer-setup.php --install-dir=$composer_path --filename=composer --quiet
+    sudo su - $app -s /bin/bash -c "php $composer_path/composer-setup.php --install-dir=$composer_path --filename=composer --quiet"
     RESULT=$?
 else
     >&2 echo 'ERROR: Invalid Composer installer signature'
@@ -110,11 +121,7 @@ sudo chown -R $app:www-data $tmp
 sudo chmod -R 0775 $tmp
 
 # Install Flarum
-CWD="$(pwd)"
-cd $tmp
-exec_as $app \
- php -d memory_limit=-1 $composer_path/composer create-project flarum/flarum . "$flarum_version" --stability=beta --ansi
-cd $CWD
+sudo su - $app -s /bin/bash -c "php -d memory_limit=-1 $composer_path/composer create-project flarum/flarum $tmp $flarum_version --stability=beta --ansi"
 
 sudo cp -Rf $tmp/* $final_path
 sudo chown -R $app:www-data $final_path
@@ -134,47 +141,51 @@ ynh_app_setting_set "$app" db_pwd "$db_pwd"
 # NGINX CONFIGURATION
 #=================================================
 
-finalnginxconf="/etc/nginx/conf.d/$domain.d/$app.conf"
-sudo cp ../conf/nginx.conf "$finalnginxconf"
+# Bug in Nginx with locations and aliases (see http://stackoverflow.com/a/35102259 )
 if [ $path_url = "/" ]; then
-    sed -i "s@YNH_WWW_ROOTPATH@@g" $finalnginxconf
-    sed -i "s@YNH_WWW_ROOTAPP@/@g" $finalnginxconf
+    sed -i "s@YNH_WWW_ROOTPATH@@g" ../conf/nginx.conf
+    sed -i "s@YNH_WWW_ROOTAPP@/@g" ../conf/nginx.conf
 else
-    sed -i "s@YNH_WWW_ROOTPATH@$path_url@g" $finalnginxconf
-    sed -i "s@YNH_WWW_ROOTAPP@$path_url$path_url@g" $finalnginxconf
+    sed -i "s@YNH_WWW_ROOTPATH@$path_url@g" ../conf/nginx.conf
+    sed -i "s@YNH_WWW_ROOTAPP@$path_url$path_url@g" ../conf/nginx.conf
 fi
-sed -i "s@YNH_WWW_PATH@$path_url@g" $finalnginxconf
-sed -i "s@YNH_WWW_FINALPATH@$final_path@g" $finalnginxconf
-sed -i "s@YNH_WWW_APP@$app@g" $finalnginxconf
+# Create a dedicated nginx config
+ynh_add_nginx_config
 
 #=================================================
 # PHP-FPM CONFIGURATION
 #=================================================
 
-finalphpconf=/etc/php5/fpm/pool.d/$app.conf
-sudo cp ../conf/php-fpm.conf $finalphpconf
-sed -i "s@YNH_WWW_APP@$app@g" $finalphpconf
-sed -i "s@YNH_WWW_ALIAS@$final_path@g" $finalphpconf
-sudo chown root: $finalphpconf
-sudo chmod 644 $finalphpconf
-sudo service php5-fpm reload
+# Create a dedicated php-fpm config
+ynh_add_fpm_config
+
+#=================================================
+# SETUP LOGROTATE
+#=================================================
+
+# Use logrotate to manage app-specific logfile(s)
+ynh_use_logrotate
 
 #=================================================
 # SETUP SSOWAT
 #=================================================
 
-# If app is public, add url to SSOWat conf as skipped_uris
-if [[ $is_public -eq 1 ]]; then
-  # unprotected_uris allows SSO credentials to be passed anyway.
-  ynh_app_setting_set "$app" unprotected_uris "/"
+if [ $is_public -eq 0 ]
+then	# Remove the public access
+	ynh_app_setting_delete $app skipped_uris
+fi
+# Make app public if necessary
+if [ $is_public -eq 1 ]
+then
+	# unprotected_uris allows SSO credentials to be passed anyway.
+	ynh_app_setting_set $app unprotected_uris "/"
 fi
-  ynh_app_setting_set "$app" skipped_uris "/api"
 
-# Reload services
-service nginx reload
+#=================================================
+# RELOAD NGINX
+#=================================================
 
-# Install the SSOwat auth extension
-#sudo su - www-data -s /bin/bash -c "cd $final_path && php -d memory_limit=-1 $composer_path/composer require 'tituspijean/flarum-ext-auth-ssowat:*@dev'"
+systemctl reload nginx
 
 #=================================================
 # FLARUM POST-INSTALL
@@ -206,6 +217,9 @@ ynh_mysql_execute_as_root "$apitablesql" $db_name
 ynh_mysql_execute_as_root "$rootsql" $db_name
 ynh_app_setting_set "$app" root_token "$roottoken"
 
+# Install the SSOwat auth extension
+#sudo su - www-data -s /bin/bash -c "cd $final_path && /opt/flarum_composer/composer require 'tituspijean/flarum-ext-auth-ssowat:*@dev'"
+
 # Configure SSOwat auth extension
 #ssowatdomain=$(</etc/yunohost/current_host)
 #data='{"flarum-ext-auth-ssowat.address": "'$ssowatdomain'","flarum-ext-auth-ssowat.onlyUse": true}'

scripts/remove

@@ -1,33 +1,68 @@
 #!/bin/bash
 
-# See comments in install script
-app=$YNH_APP_INSTANCE_NAME
+#=================================================
+# GENERIC START
+#=================================================
+# IMPORT GENERIC HELPERS
+#=================================================
 
-# Source YunoHost helpers
+source _common.sh
 source /usr/share/yunohost/helpers
 
-# Retrieve app settings
-domain=$(ynh_app_setting_get "$app" domain)
+#=================================================
+# LOAD SETTINGS
+#=================================================
 
-# Delete user
-ynh_system_user_delete $app
+app=$YNH_APP_INSTANCE_NAME
 
-# Remove sources
+domain=$(ynh_app_setting_get $app domain)
+db_name=$(ynh_app_setting_get $app db_name)
+db_user=$db_name
+final_path=$(ynh_app_setting_get $app final_path)
+
+#=================================================
+# REMOVE THE MYSQL DATABASE
+#=================================================
+
+# Remove a database if it exists, along with the associated user
+ynh_mysql_remove_db $db_user $db_name
+
+#=================================================
+# REMOVE APP MAIN DIR
+#=================================================
+
+# Remove the app directory securely
+ynh_secure_remove "$final_path"
 ynh_secure_remove "/tmp/$app"
-ynh_secure_remove "/var/www/$app"
 ynh_secure_remove "/opt/${app}_composer"
 
-# Remove nginx and PHP-FPM files and restart services
-ynh_remove_nginx_config
-ynh_remove_fpm_config
-sudo service nginx reload
-sudo service php5-fpm reload
+#=================================================
+# REMOVE NGINX CONFIGURATION
+#=================================================
+
+# Remove the dedicated nginx config
+ynh_remove_nginx_config
+
+#=================================================
+# REMOVE PHP-FPM CONFIGURATION
+#=================================================
+
+# Remove the dedicated php-fpm config
+ynh_remove_fpm_config
+
+#=================================================
+# REMOVE LOGROTATE CONFIGURATION
+#=================================================
+
+# Remove the app-specific logrotate config
+ynh_remove_logrotate
+
+#=================================================
+# GENERIC FINALIZATION
+#=================================================
+# REMOVE DEDICATED USER
+#=================================================
+
+# Delete a system user
+ynh_system_user_delete $app
 
-### MySQL ###
-# If a MySQL database is used:
-# # Drop MySQL database and user
-dbname=$app
-dbuser=$app
-ynh_mysql_drop_db "$dbname" || true
-ynh_mysql_drop_user "$dbuser" || true
-### MySQL end ###