YunoHost-Apps/friendica_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/friendica_ynh.git synced 2024-09-03 18:36:14 +02:00
Code Issues Activity Actions

Merge branch 'testing' into fix-buster

Browse source
This commit is contained in:
yalh76 2020-04-25 22:12:50 +02:00
commit 62c19065e9
8 changed files with 55 additions and 30 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
README.md
View file

@ -21,20 +21,19 @@ Before installing, read the [Friendica installation instructions](https://github
- SSL certificate validation requirement (now with support for [Let's Encrypt!](https://letsencrypt.org)). See Installation section below.
- Dedicated domain (must install under web root like **https://hub.example.com/** not **https://example.com/hub/** )
<b>Note:</b>You can use accounts from YunoHost's LDAP. There are not yet active SSO.<br><br>
#### Multi-users support
LDAP auth supported. There are not yet active SSO.
<br><br>
# To-do
- [ ] Fail2Ban support
## Installation
### Register a new domain and add it to YunoHost
Friendica requires a dedicated domain, so obtain one and add it using the YunoHost admin panel. **Domains -> Add domain**. As Friendica uses the full domain and is installed on the root, you can create a subdomain such as friendica.domain.tld. Don't forget to update your DNS if you manage them manually.
Friendica requires browser-approved SSL certificates. If you have certificates not issued by [Let's Encrypt](https://letsencrypt.org/), install them manually as usual.
### Install the Friendica application
Use the YunoHost admin panel to install Friendica by entering the GitHub repo address in the custom app URL
@ -58,7 +57,6 @@ Public users can register and use the instance as normal users. SSO users can lo
* YunoHost website: https://yunohost.org/
---
Developers info
----------------

1
check_process
View file

@ -10,6 +10,7 @@
setup_private=0
setup_public=1
upgrade=1
upgrade=1 from_commit=3396188976f75170f2217fcc0e6c9b5f61f7b9e9
backup_restore=1
multi_instance=1
# This test is no longer necessary since the version 2.7 (PR: https://github.com/YunoHost/yunohost/pull/304), you can still do it if your app could be installed with this version.

4
conf/addons.src
View file

@ -1,5 +1,5 @@
SOURCE_URL=https://github.com/friendica/friendica-addons/archive/2019.12.tar.gz
SOURCE_SUM=c206a8b0845a4a5102b5a9d1881d039472d734c70d5f1dd52e44684955b6a7f2
SOURCE_URL=https://github.com/friendica/friendica-addons/archive/2020.03.tar.gz
SOURCE_SUM=937aa87bbe8a40ef78348387969e77ac0422d2ce8bd00579aaf4ce45ea1362da
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true

2
conf/nginx.conf
View file

@ -63,7 +63,6 @@ location __PATH__ {
deny all;
}
#Execute and serve PHP files
location ~* \.php$ {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
@ -74,7 +73,6 @@ location __PATH__ {
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
# deny access to all dot files
location ~ /\. {

47
conf/php-fpm.conf
View file

@ -41,7 +41,7 @@ listen = /var/run/php/php7.0-fpm-__NAMETOCHANGE__.sock
; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many
; BSD-derived systems allow connections regardless of permissions.
; BSD-derived systems allow connections regardless of permissions.
; Default Values: user and group are set as the running user
; mode is set to 0660
listen.owner = www-data
@ -52,7 +52,7 @@ listen.group = www-data
; When set, listen.owner and listen.group are ignored
;listen.acl_users =
;listen.acl_groups =
; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect.
; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
@ -110,7 +110,7 @@ pm = dynamic
; forget to tweak pm.* to fit your needs.
; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand'
; Note: This value is mandatory.
pm.max_children = 10
pm.max_children = 5
; The number of child processes created on startup.
; Note: Used only when pm is set to 'dynamic'
@ -131,12 +131,12 @@ pm.max_spare_servers = 3
; Note: Used only when pm is set to 'ondemand'
; Default Value: 10s
;pm.process_idle_timeout = 10s;
; The number of requests each child process should execute before respawning.
; This can be useful to work around memory leaks in 3rd party libraries. For
; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
; Default Value: 0
pm.max_requests = 500
;pm.max_requests = 500
; The URI to view the FPM status page. If this value is not set, no URI will be
; recognized as a status page. It shows the following informations:
@ -184,7 +184,7 @@ pm.max_requests = 500
;
; By default the status page only outputs short status. Passing 'full' in the
; query string will also return status for each pool process.
; Example:
; Example:
; http://www.foo.bar/status?full
; http://www.foo.bar/status?json&full
; http://www.foo.bar/status?html&full
@ -297,7 +297,7 @@ pm.max_requests = 500
; - ....
; %p: PID of the child that serviced the request
; %P: PID of the parent of the child that serviced the request
; %q: the query string
; %q: the query string
; %Q: the '?' character if query string exists
; %r: the request URI (without the query string, see %q and %Q)
; %R: remote IP address
@ -316,40 +316,40 @@ pm.max_requests = 500
;
; Default: "%R - %u %t \"%m %r\" %s"
;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"
; The log file for slow requests
; Default Value: not set
; Note: slowlog is mandatory if request_slowlog_timeout is set
slowlog = /var/log/nginx/__NAMETOCHANGE__.slow.log
;slowlog = log/$pool.log.slow
; The timeout for serving a single request after which a PHP backtrace will be
; dumped to the 'slowlog' file. A value of '0s' means 'off'.
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
; Default Value: 0
request_slowlog_timeout = 5s
;request_slowlog_timeout = 0
; The timeout for serving a single request after which the worker process will
; be killed. This option should be used when the 'max_execution_time' ini option
; does not stop script execution for some reason. A value of '0' means 'off'.
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
; Default Value: 0
request_terminate_timeout = 1d
; Set open file descriptor rlimit.
; Default Value: system defined value
;rlimit_files = 1024
; Set max core size rlimit.
; Possible Values: 'unlimited' or an integer greater or equal to 0
; Default Value: system defined value
;rlimit_core = 0
; Chroot to this directory at the start. This value must be defined as an
; absolute path. When this value is not set, chroot is not used.
; Note: you can prefix with '$prefix' to chroot to the pool prefix or one
; of its subdirectories. If the pool prefix is not set, the global prefix
; will be used instead.
; Note: chrooting is a great security feature and should be used whenever
; Note: chrooting is a great security feature and should be used whenever
; possible. However, all PHP paths will be relative to the chroot
; (error_log, sessions.save_path, ...).
; Default Value: not set
@ -365,7 +365,16 @@ chdir = __FINALPATH__
; Note: on highloaded environement, this can cause some delay in the page
; process time (several ms).
; Default Value: no
catch_workers_output = yes
;catch_workers_output = yes
; Clear environment in FPM workers
; Prevents arbitrary environment variables from reaching FPM worker processes
; by clearing the environment in workers before env vars specified in this
; pool configuration are added.
; Setting to "no" will make all environment variables available to PHP code
; via getenv(), $_ENV and $_SERVER.
; Default Value: yes
;clear_env = no
; Clear environment in FPM workers
; Prevents arbitrary environment variables from reaching FPM worker processes
@ -383,7 +392,7 @@ catch_workers_output = yes
; Note: set an empty value to allow all extensions.
; Default Value: .php
;security.limit_extensions = .php .php3 .php4 .php5 .php7
; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
; the current environment.
; Default Value: clean env
@ -397,7 +406,7 @@ catch_workers_output = yes
; overwrite the values previously defined in the php.ini. The directives are the
; same as the PHP SAPI:
; php_value/php_flag - you can set classic ini defines which can
; be overwritten from PHP call 'ini_set'.
; be overwritten from PHP call 'ini_set'.
; php_admin_value/php_admin_flag - these directives won't be overwritten by
; PHP call 'ini_set'
; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no.

2
manifest.json
View file

@ -6,7 +6,7 @@
"en": "Social Communication Server",
"fr": "Serveur de Communication Social"
},
"version": "2020.03~ynh1",
"version": "2020.03-ynh2",
"url": "http://friendi.ca",
"license": "free",
"maintainer": {

18
pull_request_template.md Normal file
View file

@ -0,0 +1,18 @@
## Problem
- *Description of why you made this PR*
## Solution
- *And how do you fix that problem*
## PR Status
- [ ] Code finished.
- [ ] Tested with Package_check.
- [ ] Fix or enhancement tested.
- [ ] Upgrade from last version tested.
- [ ] Can be reviewed and tested.
## Package_check results
---
*If you have access to [App Continuous Integration for packagers](https://yunohost.org/#/packaging_apps_ci) you can provide a link to the package_check results like below, replacing '-NUM-' in this link by the PR number and USERNAME by your username on the ci-apps-dev. Or you provide a screenshot or a pastebin of the results*
[![Build Status](https://ci-apps-dev.yunohost.org/jenkins/job/REPLACEBYYOURAPP_ynh%20PR-NUM-%20(USERNAME)/badge/icon)](https://ci-apps-dev.yunohost.org/jenkins/job/REPLACEBYYOURAPP_ynh%20PR-NUM-%20(USERNAME)/)

1
scripts/restore
View file

@ -103,6 +103,7 @@ ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./
#=================================================
# RESTORE THE CRON FILE
#=================================================
ynh_restore_file "/etc/cron.d/$app"
#=================================================