commit 31b694c70dc11060b3961501eea065eb5969998b Author: Alexandre Aubin Date: Sat Oct 17 10:47:21 2015 +0200 Initial commit using package example diff --git a/README.md b/README.md new file mode 100644 index 0000000..27f7f34 --- /dev/null +++ b/README.md @@ -0,0 +1,11 @@ +# YunoHost example app # + +## Usage ## +- Add application source files into `sources` subfolder. +- Edit `conf/nginx.conf` file to match application prerequisites. +- Edit manifest with application specific information. +- Edit the install, upgrade, remove, backup, restore scripts. +- Add a LICENSE file for the package. + +**More information on the documentation page:** +https://yunohost.org/packaging_apps diff --git a/conf/nginx.conf b/conf/nginx.conf new file mode 100644 index 0000000..11e5ee0 --- /dev/null +++ b/conf/nginx.conf @@ -0,0 +1,31 @@ +location YNH_WWW_PATH { + + # Path to source + alias YNH_WWW_ALIAS ; + + # Example PHP configuration + index index.php; + + # Common parameter to increase upload size limit in conjuction with dedicated php-fpm file + #client_max_body_size 50M; + + try_files $uri $uri/ index.php; + location ~ [^/]\.php(/|$) { + fastcgi_split_path_info ^(.+?\.php)(/.*)$; + fastcgi_pass unix:/var/run/php5-fpm.sock; + + # Filename to be changed if dedicated php-fpm process is required + # This is to be used INSTEAD of line above + # Don't forget to adjust scripts install/upgrade/remove/backup accordingly + # + #fastcgi_pass unix:/var/run/php5-fpm-YNH_WWW_APP.sock; + + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param REMOTE_USER $remote_user; + fastcgi_param PATH_INFO $fastcgi_path_info; + } + + # Include SSOWAT user panel. + include conf.d/yunohost_panel.conf.inc; +} diff --git a/conf/php-fpm.conf b/conf/php-fpm.conf new file mode 100644 index 0000000..2061166 --- /dev/null +++ b/conf/php-fpm.conf @@ -0,0 +1,251 @@ +; Start a new pool named 'www'. +; the variable $pool can we used in any directive and will be replaced by the +; pool name ('www' here) +[YNH_WWW_APP] + +; Per pool prefix +; It only applies on the following directives: +; - 'slowlog' +; - 'listen' (unixsocket) +; - 'chroot' +; - 'chdir' +; - 'php_values' +; - 'php_admin_values' +; When not set, the global prefix (or /usr) applies instead. +; Note: This directive can also be relative to the global prefix. +; Default Value: none +;prefix = /path/to/pools/$pool + +; The address on which to accept FastCGI requests. +; Valid syntaxes are: +; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific address on +; a specific port; +; 'port' - to listen on a TCP socket to all addresses on a +; specific port; +; '/path/to/unix/socket' - to listen on a unix socket. +; Note: This value is mandatory. +listen = /var/run/php5-fpm-YNH_WWW_APP.sock + +; Set listen(2) backlog. A value of '-1' means unlimited. +; Default Value: 128 (-1 on FreeBSD and OpenBSD) +;listen.backlog = -1 + +; List of ipv4 addresses of FastCGI clients which are allowed to connect. +; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original +; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address +; must be separated by a comma. If this value is left blank, connections will be +; accepted from any ip address. +; Default Value: any +;listen.allowed_clients = 127.0.0.1 + +; Set permissions for unix socket, if one is used. In Linux, read/write +; permissions must be set in order to allow connections from a web server. Many +; BSD-derived systems allow connections regardless of permissions. +; Default Values: user and group are set as the running user +; mode is set to 0666 +listen.owner = www-data +listen.group = www-data +listen.mode = 0600 + +; Unix user/group of processes +; Note: The user is mandatory. If the group is not set, the default user's group +; will be used. +user = www-data +group = www-data + +; Choose how the process manager will control the number of child processes. +; Possible Values: +; static - a fixed number (pm.max_children) of child processes; +; dynamic - the number of child processes are set dynamically based on the +; following directives: +; pm.max_children - the maximum number of children that can +; be alive at the same time. +; pm.start_servers - the number of children created on startup. +; pm.min_spare_servers - the minimum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is less than this +; number then some children will be created. +; pm.max_spare_servers - the maximum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is greater than this +; number then some children will be killed. +; Note: This value is mandatory. +pm = dynamic + +; The number of child processes to be created when pm is set to 'static' and the +; maximum number of child processes to be created when pm is set to 'dynamic'. +; This value sets the limit on the number of simultaneous requests that will be +; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. +; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP +; CGI. +; Note: Used when pm is set to either 'static' or 'dynamic' +; Note: This value is mandatory. +pm.max_children = 6 + +; The number of child processes created on startup. +; Note: Used only when pm is set to 'dynamic' +; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2 +pm.start_servers = 3 + +; The desired minimum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.min_spare_servers = 3 + +; The desired maximum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.max_spare_servers = 5 + +; The number of requests each child process should execute before respawning. +; This can be useful to work around memory leaks in 3rd party libraries. For +; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. +; Default Value: 0 +pm.max_requests = 500 + +; The URI to view the FPM status page. If this value is not set, no URI will be +; recognized as a status page. By default, the status page shows the following +; information: +; accepted conn - the number of request accepted by the pool; +; pool - the name of the pool; +; process manager - static or dynamic; +; idle processes - the number of idle processes; +; active processes - the number of active processes; +; total processes - the number of idle + active processes. +; max children reached - number of times, the process limit has been reached, +; when pm tries to start more children (works only for +; pm 'dynamic') +; The values of 'idle processes', 'active processes' and 'total processes' are +; updated each second. The value of 'accepted conn' is updated in real time. +; Example output: +; accepted conn: 12073 +; pool: www +; process manager: static +; idle processes: 35 +; active processes: 65 +; total processes: 100 +; max children reached: 1 +; By default the status page output is formatted as text/plain. Passing either +; 'html' or 'json' as a query string will return the corresponding output +; syntax. Example: +; http://www.foo.bar/status +; http://www.foo.bar/status?json +; http://www.foo.bar/status?html +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +pm.status_path = /fpm-status + +; The ping URI to call the monitoring page of FPM. If this value is not set, no +; URI will be recognized as a ping page. This could be used to test from outside +; that FPM is alive and responding, or to +; - create a graph of FPM availability (rrd or such); +; - remove a server from a group if it is not responding (load balancing); +; - trigger alerts for the operating team (24/7). +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +ping.path = /ping + +; This directive may be used to customize the response of a ping request. The +; response is formatted as text/plain with a 200 response code. +; Default Value: pong +;ping.response = pong + +; The timeout for serving a single request after which the worker process will +; be killed. This option should be used when the 'max_execution_time' ini option +; does not stop script execution for some reason. A value of '0' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +request_terminate_timeout = 120s + +; The timeout for serving a single request after which a PHP backtrace will be +; dumped to the 'slowlog' file. A value of '0s' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +request_slowlog_timeout = 5s + +; The log file for slow requests +; Default Value: not set +; Note: slowlog is mandatory if request_slowlog_timeout is set +slowlog = /var/log/nginx/YNH_WWW_APP.slow.log + +; Set open file descriptor rlimit. +; Default Value: system defined value +rlimit_files = 4096 + +; Set max core size rlimit. +; Possible Values: 'unlimited' or an integer greater or equal to 0 +; Default Value: system defined value +rlimit_core = 0 + +; Chroot to this directory at the start. This value must be defined as an +; absolute path. When this value is not set, chroot is not used. +; Note: you can prefix with '$prefix' to chroot to the pool prefix or one +; of its subdirectories. If the pool prefix is not set, the global prefix +; will be used instead. +; Note: chrooting is a great security feature and should be used whenever +; possible. However, all PHP paths will be relative to the chroot +; (error_log, sessions.save_path, ...). +; Default Value: not set +;chroot = + +; Chdir to this directory at the start. +; Note: relative path can be used. +; Default Value: current directory or / when chroot +chdir = /var/www/YNH_WWW_ALIAS + +; Redirect worker stdout and stderr into main error log. If not set, stdout and +; stderr will be redirected to /dev/null according to FastCGI specs. +; Note: on highloaded environement, this can cause some delay in the page +; process time (several ms). +; Default Value: no +catch_workers_output = yes + +; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from +; the current environment. +; Default Value: clean env +;env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +;env[TMP] = /tmp +;env[TMPDIR] = /tmp +;env[TEMP] = /tmp + +; Additional php.ini defines, specific to this pool of workers. These settings +; overwrite the values previously defined in the php.ini. The directives are the +; same as the PHP SAPI: +; php_value/php_flag - you can set classic ini defines which can +; be overwritten from PHP call 'ini_set'. +; php_admin_value/php_admin_flag - these directives won't be overwritten by +; PHP call 'ini_set' +; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no. + +; Defining 'extension' will load the corresponding shared extension from +; extension_dir. Defining 'disable_functions' or 'disable_classes' will not +; overwrite previously defined php.ini values, but will append the new value +; instead. + +; Note: path INI options can be relative and will be expanded with the prefix +; (pool, global or /usr) + +; Default Value: nothing is defined by default except the values in php.ini and +; specified at startup with the -d argument +;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com +;php_flag[display_errors] = off +;php_admin_value[error_log] = /var/log/fpm-php.www.log +;php_admin_flag[log_errors] = on +;php_admin_value[memory_limit] = 32M + +# Common values to change to increase file upload limit +;php_value[upload_max_filesize] = 50M +;php_value[post_max_size] = 50M +;php_value[mail.add_x_header] = Off + +# Other common parameters +;php_value[max_execution_time] = 600 +;php_value[max_input_time] = 300 +;php_value[memory_limit] = 256M +;php_value[short_open_tag] = On + diff --git a/manifest.json b/manifest.json new file mode 100644 index 0000000..19f2c7c --- /dev/null +++ b/manifest.json @@ -0,0 +1,48 @@ +{ + "name": "YunoHost example app", + "id": "ynhexample", + "description": { + "en": "Example package for Yunohost applications." + }, + "licence": "free", + "maintainer": { + "name": "John doe", + "email": "john.doe@example.com", + "url": "http://example.com" + }, + "multi_instance": "false", + "arguments": { + "install" : [ + { + "name": "domain", + "ask": { + "en": "Choose a domain for ynhexample" + }, + "example": "example.com" + }, + { + "name": "path", + "ask": { + "en": "Choose a path for ynhexample" + }, + "example": "/example", + "default": "/example" + }, + { + "name": "admin", + "ask": { + "en": "Choose an admin user" + }, + "example": "johndoe" + }, + { + "name": "is_public", + "ask": { + "en": "Is it a public application ?" + }, + "choices": ["Yes", "No"], + "default": "Yes" + } + ] + } +} diff --git a/scripts/backup b/scripts/backup new file mode 100755 index 0000000..e7fe7c7 --- /dev/null +++ b/scripts/backup @@ -0,0 +1,20 @@ +#!/bin/bash +app=ynhexample + +# The parameter $1 is the backup directory location +# which will be compressed afterward +backup_dir=$1/apps/$app +sudo mkdir -p $backup_dir + +# Backup sources & data +sudo cp -a /var/www/$app/. $backup_dir/sources + +# Copy Nginx and YunoHost parameters to make the script "standalone" +sudo cp -a /etc/yunohost/apps/$app/. $backup_dir/yunohost +domain=$(sudo yunohost app setting $app domain) +sudo cp -a /etc/nginx/conf.d/$domain.d/$app.conf $backup_dir/nginx.conf + +# If a dedicated php-fpm process is used : +# Copy dedicated php-fpm process to backup folder +# +#sudo cp -a /etc/php5/fpm/pool.d/$app.conf $backup_dir/php-fpm.conf diff --git a/scripts/install b/scripts/install new file mode 100755 index 0000000..f69cf7f --- /dev/null +++ b/scripts/install @@ -0,0 +1,61 @@ +#!/bin/bash +app=ynhexample + +# Retrieve arguments +domain=$1 +path=$2 +admin=$3 +is_public=$4 + +# Save app settings +sudo yunohost app setting $app admin -v "$admin" +sudo yunohost app setting $app is_public -v "$is_public" + +# Check domain/path availability +sudo yunohost app checkurl $domain$path -a $app +if [[ ! $? -eq 0 ]]; then + exit 1 +fi + +# Copy source files +final_path=/var/www/$app +sudo mkdir -p $final_path +sudo cp -a ../sources/* $final_path + +# Modify Nginx configuration file and copy it to Nginx conf directory +sed -i "s@YNH_WWW_PATH@$path@g" ../conf/nginx.conf +sed -i "s@YNH_WWW_ALIAS@$final_path/@g" ../conf/nginx.conf +# If a dedicated php-fpm process is used : +# Don't forget to modify ../conf/nginx.conf accordingly or your app will not work ! +# +#sudo sed -i "s@YNH_WWW_APP@$app@g" ../conf/nginx.conf +sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf + +# If a dedicated php-fpm process is used : +# Adjustment and copy dedicated php-fpm conf file +# Don't forget to modify ../conf/php-fpm.conf accordingly or your app will not work ! +# +#sed -i "s@YNH_WWW_APP@$app@g" ../conf/php-fpm.conf +#sed -i "s@YNH_WWW_ALIAS@$final_path/@g" ../conf/php-fpm.conf +#finalphpconf=/etc/php5/fpm/pool.d/$app.conf +#sudo cp ../conf/php-fpm.conf $finalphpconf +#sudo chown root: $finalphpconf +#sudo chmod 644 $finalphpconf + +# If app is public, add url to SSOWat conf as skipped_uris +if [ "$is_public" = "Yes" ]; +then + # unprotected_uris allows SSO credentials to be passed anyway. + sudo yunohost app setting $app unprotected_uris -v "/" +fi + + +# If dedicated php-fpm process : +# +#sudo service php5-fpm reload + +# Restart services +sudo service nginx reload +sudo yunohost app ssowatconf + + diff --git a/scripts/remove b/scripts/remove new file mode 100755 index 0000000..e43b9f7 --- /dev/null +++ b/scripts/remove @@ -0,0 +1,23 @@ +#!/bin/bash +app=ynhexample + +# Retrieve arguments +domain=$(sudo yunohost app setting $app domain) +path=$(sudo yunohost app setting $app path) +admin=$(sudo yunohost app setting $app admin) +is_public=$(sudo yunohost app setting $app is_public) + +# Remove sources +sudo rm -rf /var/www/$app + +# Remove configuration files +sudo rm -f /etc/nginx/conf.d/$domain.d/$app.conf + +# If a dedicated php-fpm process is used : +# +#sudo rm -f /etc/php5/fpm/pool.d/$app.conf +#sudo service php5-fpm reload + +# Restart services +sudo service nginx reload +sudo yunohost app ssowatconf diff --git a/scripts/restore b/scripts/restore new file mode 100755 index 0000000..df8f9bc --- /dev/null +++ b/scripts/restore @@ -0,0 +1,23 @@ +#!/bin/bash +app=ynhexample + +# The parameter $1 is the uncompressed restore directory location +backup_dir=$1/apps/$app + +# Restore sources & data +sudo cp -a $backup_dir/sources/. /var/www/$app + +# Restore Nginx and YunoHost parameters +sudo cp -a $backup_dir/yunohost/. /etc/yunohost/apps/$app +domain=$(sudo yunohost app setting $app domain) +sudo cp -a $backup_dir/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf + +# If a dedicated php-fpm process is used : +# Copy dedicated php-fpm process from backup folder to the right location +# And restart service +# +#sudo cp -a $backup_dir/php-fpm.conf /etc/php5/fpm/pool.d/$app.conf +#sudo service php5-fpm reload + +# Restart webserver +sudo service nginx reload diff --git a/scripts/upgrade b/scripts/upgrade new file mode 100755 index 0000000..96c9e7c --- /dev/null +++ b/scripts/upgrade @@ -0,0 +1,52 @@ +#!/bin/bash +app=ynhexample + +# Retrieve arguments +domain=$(sudo yunohost app setting $app domain) +path=$(sudo yunohost app setting $app path) +admin=$(sudo yunohost app setting $app admin) +is_public=$(sudo yunohost app setting $app is_public) + +# Remove trailing "/" for next commands +path=${path%/} + +# Copy source files +final_path=/var/www/$app +sudo mkdir -p $final_path +sudo cp -a ../sources/* $final_path + +# Modify Nginx configuration file and copy it to Nginx conf directory +sed -i "s@YNH_WWW_PATH@$path@g" ../conf/nginx.conf +sed -i "s@YNH_WWW_ALIAS@$final_path/@g" ../conf/nginx.conf +# If a dedicated php-fpm process is used : +# +#sudo sed -i "s@YNH_WWW_APP@$app@g" ../conf/nginx.conf +sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf + +# If a dedicated php-fpm process is used : +# Adjustment and copy dedicated php-fpm conf file +# +#sed -i "s@YNH_WWW_APP@$app@g" ../conf/php-fpm.conf +#sed -i "s@YNH_WWW_ALIAS@$final_path/@g" ../conf/php-fpm.conf +#finalphpconf=/etc/php5/fpm/pool.d/$app.conf +#sudo cp ../conf/php-fpm.conf $finalphpconf +#sudo chown root: $finalphpconf +#sudo chmod 644 $finalphpconf + +# If app is public, add url to SSOWat conf as skipped_uris +if [ "$is_public" = "Yes" ]; +then + # See install script + sudo yunohost app setting $app unprotected_uris -v "/" + # Remove old settings + sudo yunohost app setting $app skipped_uris -d +fi + +# If a dedicated php-fpm process is used : +# +#sudo service php5-fpm restart + +# Restart services +sudo service nginx reload +sudo yunohost app ssowatconf + diff --git a/sources/README.md b/sources/README.md new file mode 100644 index 0000000..bd2bfad --- /dev/null +++ b/sources/README.md @@ -0,0 +1,3 @@ +Place the sources of the webapp in this folder. + +This file can be removed.