diff --git a/conf/nginx.conf b/conf/nginx.conf index c8761ec..e3ea572 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,4 +1,5 @@ -location __PATH__ { +#sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; +location __PATH__/ { # Path to source alias __FINALPATH__/ ; diff --git a/scripts/install b/scripts/install index d9ea170..6b26632 100755 --- a/scripts/install +++ b/scripts/install @@ -114,6 +114,13 @@ ynh_replace_string "__USER_DB__" "$db_name" "$configpath" # Calculate and store the config file checksum into the app settings ynh_store_file_checksum "$configpath" +#================================================= +# CREATE DATABASE +#================================================= + +script_for_db="$final_path"/install/scripts/mysql.sql +ynh_mysql_execute_file_as_root "$script_for_db" "$db_name" + #================================================= # GENERIC FINALIZATION #================================================= @@ -122,14 +129,10 @@ ynh_store_file_checksum "$configpath" # TODO: improve permissions -chown -R root:www-data "$final_path" -chmod -R o-rwx "$final_path" -chmod u+rx "$final_path/config" -chmod g+rwx "$final_path/config" for folder in attachments cache exports files imports logs photos templates_c tempimages do - chmod u+rx "$final_path/data/$folder" - chmod g+rwx "$final_path/data/$folder" + chown "$app" "$final_path/data/$folder" + chmod 750 "$final_path/data/$folder" done #================================================= @@ -143,12 +146,21 @@ ynh_use_logrotate # SETUP SSOWAT #================================================= -if [ $is_public -eq 0 ] +if [[ "$path_url" == "/" ]] +then + # ynh panel is only comptable with non-root installation + ynh_replace_string " include conf.d/" " #include conf.d/" "$finalnginxconf" +else + ynh_replace_string "^#sub_path_only" "" "$finalnginxconf" +fi +ynh_store_file_checksum "$finalnginxconf" + +if [ "$is_public" -eq 0 ] then # Remove the public access ynh_app_setting_delete "$app" skipped_uris fi # Make app public if necessary -if [ $is_public -eq 1 ] +if [ "$is_public" -eq 1 ] then # unprotected_uris allows SSO credentials to be passed anyway. ynh_app_setting_set "$app" unprotected_uris "/" diff --git a/scripts/remove b/scripts/remove index ec378f5..3804fc7 100755 --- a/scripts/remove +++ b/scripts/remove @@ -44,7 +44,7 @@ ynh_mysql_remove_db "$db_user" "$db_name" #================================================= # Remove the app directory securely -# ynh_secure_remove "$final_path" +ynh_secure_remove "$final_path" #================================================= # REMOVE NGINX CONFIGURATION diff --git a/scripts/upgrade b/scripts/upgrade index a8d0f3f..19786fb 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -59,8 +59,8 @@ if [ -z "$db_pwd" ]; then fi # If final_path doesn't exist, create it -if [ -z $final_path ]; then - final_path=/var/www/$app +if [ -z "$final_path" ]; then + final_path="/var/www/$app" ynh_app_setting_set "$app" final_path "$final_path" fi @@ -78,7 +78,7 @@ ynh_abort_if_errors #================================================= # Normalize the URL path syntax -path_url=$(ynh_normalize_url_path $path_url) +path_url=$(ynh_normalize_url_path "$path_url") #================================================= # STANDARD UPGRADE STEPS @@ -101,7 +101,7 @@ ynh_add_nginx_config #================================================= # Create a system user -ynh_system_user_create $app +ynh_system_user_create "$app" #================================================= # PHP-FPM CONFIGURATION @@ -116,16 +116,17 @@ ynh_add_fpm_config # ... #================================================= -configpath="$final_path"/config/ -cp ../config.inc.php "$configpath" +configpath="$final_path"/config/config.inc.php +cp ../conf/config.inc.php "$configpath" + ynh_replace_string "__NAME_DB__" "$db_name" "$configpath" ynh_replace_string "__PWD_DB__" "$db_pwd" "$configpath" ynh_replace_string "__USER_DB__" "$db_name" "$configpath" # Verify the checksum and backup the file if it's different -ynh_backup_if_checksum_is_different "$final_path/CONFIG_FILE" +ynh_backup_if_checksum_is_different "$configpath" # Recalculate and store the config file checksum into the app settings -ynh_store_file_checksum "$final_path/CONFIG_FILE" +ynh_store_file_checksum "$configpath" #================================================= # SETUP LOGROTATE @@ -134,13 +135,6 @@ ynh_store_file_checksum "$final_path/CONFIG_FILE" # Use logrotate to manage app-specific logfile(s) ynh_use_logrotate --non-append -#================================================= -# SETUP SYSTEMD -#================================================= - -# Create a dedicated systemd config -ynh_add_systemd_config - #================================================= # GENERIC FINALIZATION #================================================= @@ -149,29 +143,35 @@ ynh_add_systemd_config # TODO: improve permissions -chown -R root:www-data "$final_path" -chmod -R o-rwx "$final_path" -chmod u+rx "$final_path/config" -chmod g+rwx "$final_path/config" +chown -R root:root "$final_path" for folder in attachments cache exports files imports logs photos templates_c tempimages do - chmod u+rx "$final_path/data/$folder" - chmod g+rwx "$final_path/data/$folder" + chown "$app" "$final_path/data/$folder" + chmod 750 "$final_path/data/$folder" done #================================================= # SETUP SSOWAT #================================================= +if [[ "$path_url" == "/" ]] +then + # ynh panel is only comptable with non-root installation + ynh_replace_string " include conf.d/" " #include conf.d/" "$finalnginxconf" +else + ynh_replace_string "^#sub_path_only" "" "$finalnginxconf" +fi +ynh_store_file_checksum "$finalnginxconf" + if [ $is_public -eq 0 ] then # Remove the public access - ynh_app_setting_delete $app skipped_uris + ynh_app_setting_delete "$app" skipped_uris fi # Make app public if necessary if [ $is_public -eq 1 ] then # unprotected_uris allows SSO credentials to be passed anyway - ynh_app_setting_set $app unprotected_uris "/" + ynh_app_setting_set "$app" unprotected_uris "/" fi #=================================================