mirror of
https://github.com/YunoHost-Apps/flarum_ynh.git
synced 2024-09-03 18:36:24 +02:00
301 lines
11 KiB
Bash
301 lines
11 KiB
Bash
#!/bin/bash
|
||
|
||
#=================================================
|
||
# GENERIC START
|
||
#=================================================
|
||
# IMPORT GENERIC HELPERS
|
||
#=================================================
|
||
|
||
source _common.sh
|
||
source experimental_helpers/_ynh_add_extra_apt_repos
|
||
source experimental_helpers/ynh_install_php
|
||
source experimental_helpers/ynh_exec_as
|
||
source experimental_helpers/ynh_composer
|
||
source experimental_helpers/ynh_send_readme_to_admin
|
||
source experimental_helpers/hardware
|
||
source experimental_helpers/ynh_add_swap
|
||
source /usr/share/yunohost/helpers
|
||
|
||
#=================================================
|
||
# MANAGE SCRIPT FAILURE
|
||
#=================================================
|
||
|
||
ynh_clean_setup () {
|
||
### Remove this function if there's nothing to clean before calling the remove script.
|
||
true
|
||
}
|
||
# Exit if an error occurs during the execution of the script
|
||
ynh_abort_if_errors
|
||
|
||
#===================================================
|
||
# RETRIEVE ARGUMENTS FROM THE MANIFEST
|
||
#===================================================
|
||
|
||
# This is a multi-instance app, meaning it can be installed several times independently
|
||
# The id of the app as stated in the manifest is available as $YNH_APP_ID
|
||
# The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2", ...)
|
||
# The app instance name is available as $YNH_APP_INSTANCE_NAME
|
||
# - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample
|
||
# - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2
|
||
# - ynhexample__{N} for the subsequent installations, with N=3,4, ...
|
||
# The app instance name is probably what you are interested the most, since this is
|
||
# guaranteed to be unique. This is a good unique identifier to define installation path,
|
||
# db names, ...
|
||
app=$YNH_APP_INSTANCE_NAME
|
||
|
||
# Retrieve arguments
|
||
|
||
domain=$YNH_APP_ARG_DOMAIN
|
||
path_url=$YNH_APP_ARG_PATH
|
||
admin=$YNH_APP_ARG_ADMIN
|
||
title=$YNH_APP_ARG_TITLE
|
||
is_public=$YNH_APP_ARG_IS_PUBLIC
|
||
language=$YNH_APP_ARG_LANGUAGE
|
||
bazaar_extension=$YNH_APP_ARG_BAZAAR_EXTENSION
|
||
|
||
#===================================================
|
||
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
|
||
#===================================================
|
||
|
||
final_path=/var/www/$app
|
||
test ! -e "$final_path" || ynh_die "This path already contains a folder"
|
||
|
||
# Normalize the url path syntax
|
||
path_url=$(ynh_normalize_url_path $path_url)
|
||
|
||
# Check web path availability
|
||
ynh_webpath_available $domain $path_url
|
||
|
||
# Register (book) web path
|
||
ynh_webpath_register $app $domain $path_url
|
||
|
||
#===================================================
|
||
# CHECK IF THE APP CAN BE INSTALLED WITH CURRENT RAM
|
||
#===================================================
|
||
ynh_script_progression --message="Ensuring sufficient memory..." --time --weight=1
|
||
|
||
# Check RAM
|
||
if [[ $(ynh_get_ram --free) < 1000 ]]; then
|
||
ynh_add_swap --size=1000
|
||
fi
|
||
|
||
#===================================================
|
||
# STORE SETTINGS FROM MANIFEST
|
||
#===================================================
|
||
|
||
# Save app settings
|
||
ynh_app_setting_set $app domain $domain
|
||
ynh_app_setting_set $app path $path_url
|
||
ynh_app_setting_set $app admin $admin
|
||
ynh_app_setting_set $app language $language
|
||
ynh_app_setting_set $app php_version $php_version
|
||
ynh_app_setting_set $app project_version $project_version
|
||
ynh_app_setting_set $app core_version $core_version
|
||
ynh_app_setting_set $app ssowat_version $ssowat_version
|
||
ynh_app_setting_set $app bazaar_extension $bazaar_extension
|
||
|
||
#=================================================
|
||
# STANDARD MODIFICATIONS
|
||
#=================================================
|
||
# INSTALL PHP
|
||
#=================================================
|
||
|
||
if [ "$(lsb_release --codename --short)" = "buster" ]; then
|
||
pkg_dependencies="$pkg_dependencies $extra_pkg_dependencies"
|
||
else
|
||
ynh_script_progression --message="Installing php${php_version}..." --time --weight=1
|
||
ynh_install_php --phpversion="${php_version}" --package="$extra_pkg_dependencies"
|
||
fi
|
||
|
||
#=================================================
|
||
# INSTALL DEPENDENCIES
|
||
#=================================================
|
||
ynh_script_progression --message="Installing dependencies..." --time --weight=1
|
||
|
||
_ynh_install_app_dependencies "$pkg_dependencies"
|
||
|
||
#=================================================
|
||
# CREATE A MYSQL DATABASE
|
||
#=================================================
|
||
|
||
db_name=$(ynh_sanitize_dbid $app)
|
||
ynh_app_setting_set $app db_name $db_name
|
||
ynh_mysql_setup_db $db_name $db_name
|
||
ynh_app_setting_set "$app" db_pwd "$db_pwd"
|
||
|
||
#=================================================
|
||
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
||
#=================================================
|
||
ynh_script_progression --message="Setting up source files..." --weight=7
|
||
|
||
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
|
||
# Download, check integrity, uncompress and patch the source from app.src
|
||
ynh_setup_source --dest_dir="$final_path"
|
||
|
||
#=================================================
|
||
# NGINX CONFIGURATION
|
||
#=================================================
|
||
|
||
# Bug in Nginx with locations and aliases (see http://stackoverflow.com/a/35102259 )
|
||
if [ $path_url = "/" ]; then
|
||
ynh_replace_string "__PATH_HACK__" "" "../conf/nginx.conf"
|
||
else
|
||
ynh_replace_string "__PATH_HACK__" "$path_url" "../conf/nginx.conf"
|
||
fi
|
||
|
||
# Create a dedicated nginx config
|
||
ynh_add_nginx_config
|
||
|
||
#===================================================
|
||
# CREATE DEDICATED USER
|
||
#===================================================
|
||
ynh_script_progression --message="Configuring system user..." --time --weight=1
|
||
|
||
# Create a system user
|
||
ynh_system_user_create $app $final_path
|
||
|
||
#=================================================
|
||
# PHP-FPM CONFIGURATION
|
||
#=================================================
|
||
|
||
# Create a dedicated php-fpm config
|
||
ynh_add_fpm_config $php_version
|
||
|
||
#=================================================
|
||
# INSTALL AND INITIALIZE COMPOSER
|
||
#=================================================
|
||
ynh_script_progression --message="Installing Flarum with Composer..." --time --weight=1
|
||
|
||
# Create composer directory and making sure it is writable
|
||
mkdir -p "$final_path/.composer"
|
||
chown -R $app: $final_path
|
||
|
||
# Installing composer
|
||
ynh_install_composer --user=$app --phpversion=$php_version --workdir=$final_path
|
||
|
||
# Set Flarum version
|
||
ynh_composer_exec --user=$app --phpversion=$php_version --workdir=$final_path \
|
||
--commands="require flarum/core:$core_version --prefer-lowest --no-update"
|
||
|
||
# Require SSOwat extension
|
||
ynh_composer_exec --user=$app --phpversion=$php_version --workdir=$final_path \
|
||
--commands="require tituspijean/flarum-ext-auth-ssowat:$ssowat_version --no-update"
|
||
|
||
# Update and download dependencies
|
||
ynh_composer_exec --user=$app --phpversion=$php_version --workdir=$final_path \
|
||
--commands="update"
|
||
|
||
#=================================================
|
||
# SETUP LOGROTATE
|
||
#=================================================
|
||
|
||
# Use logrotate to manage app-specific logfile(s)
|
||
ynh_use_logrotate
|
||
|
||
#=================================================
|
||
# SETUP PERMISSIONS
|
||
#=================================================
|
||
ynh_script_progression --message="Configuring permissions..." --time --weight=1
|
||
|
||
# Make app public if necessary
|
||
if [ $is_public -eq 1 ]
|
||
then
|
||
# Everyone can access the app.
|
||
# The "main" permission is automatically created before the install script.
|
||
ynh_permission_update --permission "main" --add "visitors"
|
||
fi
|
||
|
||
#=================================================
|
||
# RELOAD NGINX
|
||
#=================================================
|
||
|
||
systemctl reload nginx
|
||
|
||
#=================================================
|
||
# FLARUM POST-INSTALL
|
||
#=================================================
|
||
ynh_script_progression --message="Configuring Flarum..." --time --weight=2
|
||
|
||
# Copy the configuration.yml to working directory
|
||
finalflarumconf="$final_path/configuration.yml"
|
||
cp ../conf/configuration.yml $finalflarumconf
|
||
chown $app: $finalflarumconf
|
||
# Generate admin password and retrieve their email address
|
||
admin_pwd=$(ynh_string_random 8)
|
||
admin_mail=$(ynh_user_get_info $admin mail)
|
||
# Populate configuration.yml
|
||
ynh_replace_string "__DOMAIN__" "$domain" "$finalflarumconf"
|
||
ynh_replace_string "/__PATH__" "$path_url" "$finalflarumconf"
|
||
ynh_replace_string "__USER__" "$app" "$finalflarumconf"
|
||
ynh_replace_string "__DB_PWD__" "$db_pwd" "$finalflarumconf"
|
||
ynh_replace_string "__ADMIN__" "$admin" "$finalflarumconf"
|
||
ynh_replace_string "__ADMIN_PWD__" "$admin_pwd" "$finalflarumconf"
|
||
ynh_replace_string "__ADMIN_EML__" "$admin_mail" "$finalflarumconf"
|
||
ynh_replace_string "__FORUM_TITLE__" "$title" "$finalflarumconf"
|
||
# Execute post-installation
|
||
pushd $final_path
|
||
exec_as $app php$php_version -d $final_path -d memory_limit=-1 flarum install -f configuration.yml
|
||
# Delete configuration.yml as it contains sensitive data
|
||
ynh_secure_remove $finalflarumconf
|
||
popd
|
||
|
||
# Email setup
|
||
sql_command="REPLACE INTO \`settings\` (\`key\`, \`value\`) VALUES
|
||
('mail_driver', 'mail'),
|
||
('mail_encryption', 'ssl'),
|
||
('mail_from', '$app@$domain'),
|
||
('mail_host', 'localhost'),
|
||
('mail_port', '587');"
|
||
ynh_mysql_execute_as_root "$sql_command" $db_name
|
||
|
||
# Enable and set up the SSOwat auth extension
|
||
ynh_script_progression --message="Enabling and configuring SSOwat extension..." --time --weight=2
|
||
activate_flarum_extension $db_name "tituspijean-auth-ssowat"
|
||
ssowatdomain=$(</etc/yunohost/current_host)
|
||
sql_command="INSERT INTO \`settings\` (\`key\`, \`value\`) VALUES ('tituspijean-auth-ssowat.domain', '$ssowatdomain'), ('tituspijean-auth-ssowat.onlyUse', '0');"
|
||
ynh_mysql_execute_as_root "$sql_command" $db_name
|
||
|
||
# Install, activate and set language extensions
|
||
case $language in
|
||
fr)
|
||
ynh_script_progression --message="Installing French extension..." --time --weight=2
|
||
ynh_composer_exec --user=$app --phpversion=$php_version --workdir=$final_path --commands="require milescellar/lang-french"
|
||
activate_flarum_extension $db_name "milescellar-lang-french"
|
||
sql_command="UPDATE \`settings\` SET \`value\` = 'fr' WHERE \`settings\`.\`key\` = 'default_locale'"
|
||
ynh_mysql_execute_as_root "$sql_command" $db_name
|
||
;;
|
||
de)
|
||
ynh_script_progression --message="Installing German extension..." --time --weight=2
|
||
ynh_composer_exec --user=$app --phpversion=$php_version --workdir=$final_path --commands="require cbmainz/flarum-de"
|
||
activate_flarum_extension $db_name "cbmainz-de"
|
||
sql_command="UPDATE \`settings\` SET \`value\` = 'de' WHERE \`settings\`.\`key\` = 'default_locale'"
|
||
ynh_mysql_execute_as_root "$sql_command" $db_name
|
||
;;
|
||
esac
|
||
|
||
if [ $bazaar_extension -eq 1 ]; then
|
||
ynh_script_progression --message="Installing Bazaar extension..." --time --weight=2
|
||
ynh_composer_exec --user=$app --phpversion=$php_version --workdir=$final_path --commands="require extiverse/bazaar"
|
||
fi
|
||
|
||
#=================================================
|
||
# SECURE FILES AND DIRECTORIES
|
||
#=================================================
|
||
|
||
### For security reason, any app should set the permissions to root: before anything else.
|
||
### Then, if write authorization is needed, any access should be given only to directories
|
||
### that really need such authorization.
|
||
|
||
# Set right permissions
|
||
chown -R $app:www-data $final_path
|
||
|
||
#=================================================
|
||
# SEND CREDENTIALS TO ADMIN
|
||
#=================================================
|
||
|
||
ynh_script_progression --message="Sending generated admin credentials by email, but you can log in with your YunoHost credentials!" --time --weight=1
|
||
app_message="User : $admin, password : $admin_pwd
|
||
Change your password!
|
||
Your forum is accessible at https://$domain$path_url"
|
||
ynh_send_readme_to_admin "$app_message" "$admin"
|
||
ynh_print_warn "$app_message"
|