mirror of
https://github.com/YunoHost-Apps/gotify_ynh.git
synced 2024-09-03 20:36:26 +02:00
d41c46910a
The files, config file included, were world readable. The admin password is in plain text in the config file. It is used by gotify at the first session. It should be changed after the first login
170 lines
5.5 KiB
Bash
Executable file
170 lines
5.5 KiB
Bash
Executable file
#!/bin/bash
|
|
|
|
#=================================================
|
|
# GENERIC START
|
|
#=================================================
|
|
# IMPORT GENERIC HELPERS
|
|
#=================================================
|
|
|
|
source _common.sh
|
|
source /usr/share/yunohost/helpers
|
|
|
|
#=================================================
|
|
# MANAGE SCRIPT FAILURE
|
|
#=================================================
|
|
|
|
# Exit if an error occurs during the execution of the script
|
|
ynh_abort_if_errors
|
|
|
|
|
|
#=================================================
|
|
# RETRIEVE ARGUMENTS FROM THE MANIFEST
|
|
#=================================================
|
|
|
|
domain=$YNH_APP_ARG_DOMAIN
|
|
path_url=/
|
|
admin=$YNH_APP_ARG_ADMIN
|
|
is_public=1
|
|
password=$YNH_APP_ARG_PASSWORD
|
|
|
|
app=$YNH_APP_INSTANCE_NAME
|
|
|
|
#=================================================
|
|
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
|
|
#=================================================
|
|
ynh_script_progression --message="Validating installation parameters..."
|
|
|
|
final_path=/opt/yunohost/$app
|
|
test ! -e "$final_path" || ynh_die "This path already contains a folder"
|
|
|
|
# Normalize the url path syntax
|
|
path_url=$(ynh_normalize_url_path $path_url)
|
|
|
|
# Check web path availability
|
|
ynh_webpath_available $domain $path_url
|
|
# Register (book) web path
|
|
ynh_webpath_register $app $domain $path_url
|
|
|
|
#=================================================
|
|
# STORE SETTINGS FROM MANIFEST
|
|
#=================================================
|
|
ynh_script_progression --message="Storing installation settings..."
|
|
|
|
ynh_app_setting_set $app domain $domain
|
|
ynh_app_setting_set $app path $path_url
|
|
ynh_app_setting_set $app admin $admin
|
|
ynh_app_setting_set $app is_public $is_public
|
|
ynh_app_setting_set $app password $password
|
|
|
|
#=================================================
|
|
# STANDARD MODIFICATIONS
|
|
#=================================================
|
|
# FIND AND OPEN A PORT
|
|
#=================================================
|
|
|
|
# Find a free port
|
|
port=$(ynh_find_port 8080)
|
|
# Open this port
|
|
ynh_app_setting_set $app port $port
|
|
|
|
#=================================================
|
|
# CREATE A MYSQL DATABASE
|
|
#=================================================
|
|
ynh_script_progression --message="Creating a MySQL database..." --weight=20
|
|
|
|
db_name=$(ynh_sanitize_dbid $app)
|
|
ynh_app_setting_set $app db_name $db_name
|
|
ynh_mysql_setup_db $db_name $db_name
|
|
|
|
#=================================================
|
|
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
|
#=================================================
|
|
ynh_script_progression --message="Setting up source files..." --weight=6
|
|
|
|
ynh_app_setting_set $app final_path $final_path
|
|
# Download, check integrity, uncompress and patch the source from app.src
|
|
ynh_setup_source "$final_path" $architecture
|
|
|
|
#=================================================
|
|
# NGINX CONFIGURATION
|
|
#=================================================
|
|
ynh_script_progression --message="Configuring nginx web server..." --weight=2
|
|
|
|
# Create a dedicated nginx config
|
|
ynh_add_nginx_config
|
|
|
|
#=================================================
|
|
# CREATE DEDICATED USER
|
|
#=================================================
|
|
ynh_script_progression --message="Configuring system user..." --weight=2
|
|
|
|
# Create a system user
|
|
ynh_system_user_create $app
|
|
|
|
|
|
#=================================================
|
|
# SETUP SYSTEMD
|
|
#=================================================
|
|
|
|
# Create a dedicated systemd config
|
|
ynh_add_systemd_config
|
|
|
|
#=================================================
|
|
# MODIFY A CONFIG FILE
|
|
#=================================================
|
|
ynh_script_progression --message="Create config file..." --weight=1
|
|
|
|
cp ../conf/config.yml "$final_path/config.yml"
|
|
ynh_replace_string "__APP__" $app "$final_path/config.yml"
|
|
ynh_replace_string "__PORT__" $port "$final_path/config.yml"
|
|
ynh_replace_string "__DBNAME__" $db_name "$final_path/config.yml"
|
|
ynh_replace_string "__DBPASS__" $db_pwd "$final_path/config.yml"
|
|
ynh_replace_string "__ADMINUSER__" $admin "$final_path/config.yml"
|
|
ynh_replace_string "__ADMINPASS__" $password "$final_path/config.yml"
|
|
ynh_replace_string "__DOMAIN__" $domain "$final_path/config.yml"
|
|
|
|
#=================================================
|
|
# STORE THE CONFIG FILE CHECKSUM
|
|
#=================================================
|
|
|
|
# Calculate and store the config file checksum into the app settings
|
|
ynh_store_file_checksum "$final_path/config.yml"
|
|
|
|
#=================================================
|
|
# GENERIC FINALIZATION
|
|
#=================================================
|
|
# SECURE FILES AND DIRECTORIES
|
|
#=================================================
|
|
|
|
# Set permissions to app files
|
|
chown -R root: $final_path
|
|
mkdir $final_path/data
|
|
chown -R root:$app $final_path/*
|
|
chmod -R 550 $final_path/*
|
|
chown $app $final_path/data
|
|
chmod 770 $final_path/data
|
|
|
|
#=================================================
|
|
# ADVERTISE SERVICE IN ADMIN PANEL
|
|
#=================================================
|
|
|
|
yunohost service add $app
|
|
|
|
#=================================================
|
|
# SETUP SSOWAT
|
|
#=================================================
|
|
ynh_script_progression --message="Configuring SSOwat..." --weight=1
|
|
|
|
# Make app public if necessary
|
|
ynh_permission_update --permission "main" --add visitors
|
|
|
|
#=================================================
|
|
# RELOAD NGINX
|
|
#=================================================
|
|
ynh_script_progression --message="Reloading nginx web server..." --weight=1
|
|
|
|
systemctl reload nginx
|
|
|
|
systemctl start $app
|
|
ynh_script_progression --message="Installation of $app completed" --last
|
|
ynh_print_warn "Change the admin password after the first login or delete it in the config file (stored in plain text)"
|