1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/gotify_ynh.git synced 2024-09-03 20:36:26 +02:00
gotify_ynh/scripts/install
gougeon-s d41c46910a
file perms (o-rx) + warn about plaintext passwd
The files, config file included, were world readable.
The admin password is in plain text in the config file. It is used by gotify at the first session. It should be changed after the first login
2020-05-31 23:38:48 +02:00

170 lines
5.5 KiB
Bash
Executable file

#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================
domain=$YNH_APP_ARG_DOMAIN
path_url=/
admin=$YNH_APP_ARG_ADMIN
is_public=1
password=$YNH_APP_ARG_PASSWORD
app=$YNH_APP_INSTANCE_NAME
#=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#=================================================
ynh_script_progression --message="Validating installation parameters..."
final_path=/opt/yunohost/$app
test ! -e "$final_path" || ynh_die "This path already contains a folder"
# Normalize the url path syntax
path_url=$(ynh_normalize_url_path $path_url)
# Check web path availability
ynh_webpath_available $domain $path_url
# Register (book) web path
ynh_webpath_register $app $domain $path_url
#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
ynh_script_progression --message="Storing installation settings..."
ynh_app_setting_set $app domain $domain
ynh_app_setting_set $app path $path_url
ynh_app_setting_set $app admin $admin
ynh_app_setting_set $app is_public $is_public
ynh_app_setting_set $app password $password
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# FIND AND OPEN A PORT
#=================================================
# Find a free port
port=$(ynh_find_port 8080)
# Open this port
ynh_app_setting_set $app port $port
#=================================================
# CREATE A MYSQL DATABASE
#=================================================
ynh_script_progression --message="Creating a MySQL database..." --weight=20
db_name=$(ynh_sanitize_dbid $app)
ynh_app_setting_set $app db_name $db_name
ynh_mysql_setup_db $db_name $db_name
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression --message="Setting up source files..." --weight=6
ynh_app_setting_set $app final_path $final_path
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source "$final_path" $architecture
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring nginx web server..." --weight=2
# Create a dedicated nginx config
ynh_add_nginx_config
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Configuring system user..." --weight=2
# Create a system user
ynh_system_user_create $app
#=================================================
# SETUP SYSTEMD
#=================================================
# Create a dedicated systemd config
ynh_add_systemd_config
#=================================================
# MODIFY A CONFIG FILE
#=================================================
ynh_script_progression --message="Create config file..." --weight=1
cp ../conf/config.yml "$final_path/config.yml"
ynh_replace_string "__APP__" $app "$final_path/config.yml"
ynh_replace_string "__PORT__" $port "$final_path/config.yml"
ynh_replace_string "__DBNAME__" $db_name "$final_path/config.yml"
ynh_replace_string "__DBPASS__" $db_pwd "$final_path/config.yml"
ynh_replace_string "__ADMINUSER__" $admin "$final_path/config.yml"
ynh_replace_string "__ADMINPASS__" $password "$final_path/config.yml"
ynh_replace_string "__DOMAIN__" $domain "$final_path/config.yml"
#=================================================
# STORE THE CONFIG FILE CHECKSUM
#=================================================
# Calculate and store the config file checksum into the app settings
ynh_store_file_checksum "$final_path/config.yml"
#=================================================
# GENERIC FINALIZATION
#=================================================
# SECURE FILES AND DIRECTORIES
#=================================================
# Set permissions to app files
chown -R root: $final_path
mkdir $final_path/data
chown -R root:$app $final_path/*
chmod -R 550 $final_path/*
chown $app $final_path/data
chmod 770 $final_path/data
#=================================================
# ADVERTISE SERVICE IN ADMIN PANEL
#=================================================
yunohost service add $app
#=================================================
# SETUP SSOWAT
#=================================================
ynh_script_progression --message="Configuring SSOwat..." --weight=1
# Make app public if necessary
ynh_permission_update --permission "main" --add visitors
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading nginx web server..." --weight=1
systemctl reload nginx
systemctl start $app
ynh_script_progression --message="Installation of $app completed" --last
ynh_print_warn "Change the admin password after the first login or delete it in the config file (stored in plain text)"