From 06429725f229e4ed982ebc2954f3c9ab807d3684 Mon Sep 17 00:00:00 2001 From: Yunohost-Bot <> Date: Fri, 30 Aug 2024 23:29:43 +0200 Subject: [PATCH] [autopatch] Automatic patch attempt for helpers 2.1 --- conf/extra_php-fpm.conf | 10 ------- conf/nginx.conf | 2 +- manifest.toml | 4 ++- scripts/_common.sh | 15 ++-------- scripts/backup | 21 ++++---------- scripts/change_url | 14 ++------- scripts/config | 8 ++---- scripts/install | 52 +++++++++++++++------------------ scripts/remove | 20 +++++-------- scripts/restore | 36 +++++++++-------------- scripts/upgrade | 64 ++++++++++++++++------------------------- 11 files changed, 88 insertions(+), 158 deletions(-) delete mode 100644 conf/extra_php-fpm.conf diff --git a/conf/extra_php-fpm.conf b/conf/extra_php-fpm.conf deleted file mode 100644 index 7937b47..0000000 --- a/conf/extra_php-fpm.conf +++ /dev/null @@ -1,10 +0,0 @@ -; Common values to change to increase file upload limit -php_admin_value[upload_max_filesize] = 50M -php_admin_value[post_max_size] = 50M -; php_admin_flag[mail.add_x_header] = Off - -; Other common parameters -; php_admin_value[max_execution_time] = 600 -; php_admin_value[max_input_time] = 300 -; php_admin_value[memory_limit] = 256M -; php_admin_flag[short_open_tag] = On diff --git a/conf/nginx.conf b/conf/nginx.conf index caab054..7bc4142 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -19,7 +19,7 @@ location __PATH__/ { location ~ \.php$ { fastcgi_split_path_info ^(.+\.php)(/.+)$; - fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock; + fastcgi_pass unix:/var/run/php/php__PHP_VERSION__-fpm-__APP__.sock; fastcgi_index index.php; include fastcgi_params; # https://learn.getgrav.org/webservers-hosting/servers/nginx#fix-against-httpoxy-vulnerability diff --git a/manifest.toml b/manifest.toml index 37b62a9..1f879f0 100644 --- a/manifest.toml +++ b/manifest.toml @@ -19,7 +19,8 @@ cpe = "cpe:2.3:a:getgrav:grav" fund = "https://opencollective.com/grav" [integration] -yunohost = ">= 11.1.9" +yunohost = ">= 11.2.18" +helpers_version = "2.1" architectures = "all" multi_instance = true ldap = true @@ -77,6 +78,7 @@ ram.runtime = "50M" [resources.system_user] [resources.install_dir] + group = "www-data:r-x" [resources.permissions] main.url = "/" diff --git a/scripts/_common.sh b/scripts/_common.sh index 26d0914..b117201 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -1,20 +1,12 @@ #!/bin/bash #================================================= -# COMMON VARIABLES -#================================================= - -#================================================= -# PERSONAL HELPERS -#================================================= - -#================================================= -# EXPERIMENTAL HELPERS +# COMMON VARIABLES AND CUSTOM HELPERS #================================================= ynh_system_user_add_group() { # Declare an array to define the options of this helper. - local legacy_args=uhs + #REMOVEME? local legacy_args=uhs local -A args_array=([u]=username= [g]=groups=) local username local groups @@ -29,10 +21,9 @@ ynh_system_user_add_group() { done } - ynh_system_user_del_group() { # Declare an array to define the options of this helper. - local legacy_args=uhs + #REMOVEME? local legacy_args=uhs local -A args_array=([u]=username= [g]=groups=) local username local groups diff --git a/scripts/backup b/scripts/backup index 9cef39e..61d3973 100644 --- a/scripts/backup +++ b/scripts/backup @@ -1,19 +1,10 @@ #!/bin/bash -#================================================= -# GENERIC START -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - # Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers -#================================================= -# DECLARE DATA AND CONF FILES TO BACKUP -#================================================= -ynh_print_info --message="Declaring files to be backed up..." +ynh_print_info "Declaring files to be backed up..." #================================================= # BACKUP THE APP MAIN DIR @@ -21,20 +12,20 @@ ynh_print_info --message="Declaring files to be backed up..." # Backup install_dir except backup and cache directory for f in $(ls "$install_dir" -I backup -I cache); do - ynh_backup --src_path="${install_dir}/$f" + ynh_backup "${install_dir}/$f" done #================================================= # BACKUP THE NGINX CONFIGURATION #================================================= -ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" +ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= # BACKUP THE PHP-FPM CONFIGURATION #================================================= -ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" +ynh_backup "/etc/php/$php_version/fpm/pool.d/$app.conf" #================================================= # SPECIFIC BACKUP @@ -42,10 +33,10 @@ ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" # BACKUP VARIOUS FILES #================================================= -ynh_backup --src_path="/etc/cron.d/$app" +ynh_backup "/etc/cron.d/$app" #================================================= # END OF SCRIPT #================================================= -ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." +ynh_print_info "Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." diff --git a/scripts/change_url b/scripts/change_url index d50c1a8..39d37fc 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -1,25 +1,17 @@ #!/bin/bash -#================================================= -# GENERIC STARTING -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - source _common.sh source /usr/share/yunohost/helpers -#================================================= -# STANDARD MODIFICATIONS #================================================= # MODIFY URL IN NGINX CONF #================================================= -ynh_script_progression --message="Updating NGINX web server configuration..." --weight=3 +ynh_script_progression "Updating NGINX web server configuration..." -ynh_change_url_nginx_config +ynh_config_change_url_nginx #================================================= # END OF SCRIPT #================================================= -ynh_script_progression --message="Change of URL completed for $app" --last +ynh_script_progression "Change of URL completed for $app" diff --git a/scripts/config b/scripts/config index eba7e05..e103ee5 100644 --- a/scripts/config +++ b/scripts/config @@ -3,7 +3,7 @@ source _common.sh source /usr/share/yunohost/helpers -ynh_abort_if_errors +#REMOVEME? ynh_abort_if_errors #================================================= # SPECIFIC SETTERS FOR TOML SHORT KEYS @@ -12,12 +12,10 @@ ynh_abort_if_errors set__password() { if [ "$password" == "" ] then - ynh_app_setting_set --app=$app --key=password --value="$password" + ynh_app_setting_set --key=password --value="$password" fi } -#================================================= -# GENERIC FINALIZATION #================================================= ynh_app_config_validate() { @@ -25,7 +23,7 @@ ynh_app_config_validate() { if [ "${changed[with_sftp]}" == "true" ] && [ $with_sftp -eq 1 ] && [ "$password" == "" ] then - ynh_die --message="You need to set a password to enable SSH and SFTP" + ynh_die "You need to set a password to enable SSH and SFTP" fi } diff --git a/scripts/install b/scripts/install index 76408f0..a2c8eb5 100644 --- a/scripts/install +++ b/scripts/install @@ -1,29 +1,23 @@ #!/bin/bash -#================================================= -# GENERIC START -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - source _common.sh source /usr/share/yunohost/helpers # Initialize the SFTP setting for the config panel -ynh_app_setting_set --app=$app --key=with_sftp --value="false" -ynh_app_setting_set --app=$app --key=password --value=$(ynh_string_random) +ynh_app_setting_set --key=with_sftp --value="false" +ynh_app_setting_set --key=password --value=$(ynh_string_random) #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= -ynh_script_progression --message="Setting up source files..." --weight=2 +ynh_script_progression "Setting up source files..." # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$install_dir" ynh_setup_source --dest_dir="$install_dir/user/plugins/login-ldap" --source_id="ldap" # Set permissions on app files -chown -R $app:www-data "$install_dir" +#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R $app:www-data "$install_dir" find "$install_dir" -type f -exec chmod 640 {} \; find "$install_dir/bin" -type f -exec chmod 750 {} \; find "$install_dir" -type d -exec chmod 750 {} \; @@ -32,53 +26,53 @@ find "$install_dir" -type d -exec chmod +s {} \; #================================================= # PHP-FPM CONFIGURATION #================================================= -ynh_script_progression --message="Configuring PHP-FPM..." --weight=3 +ynh_script_progression "Configuring PHP-FPM..." # Create a dedicated PHP-FPM config -ynh_app_setting_set --app=$app --key=fpm_footprint --value="medium" -ynh_app_setting_set --app=$app --key=fpm_usage --value="medium" -ynh_add_fpm_config +ynh_app_setting_set --key=fpm_footprint --value="medium" +ynh_app_setting_set --key=fpm_usage --value="medium" +ynh_config_add_phpfpm #================================================= # NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Configuring NGINX web server..." --weight=1 +ynh_script_progression "Configuring NGINX web server..." # Create a dedicated NGINX config -ynh_add_nginx_config +ynh_config_add_nginx #================================================= # SPECIFIC SETUP #================================================= # ADD A CONFIGURATION #================================================= -ynh_script_progression --message="Adding a configuration file..." --weight=1 +ynh_script_progression "Adding $app's configuration..." # Preparing config -ynh_exec_as $app mkdir -p "$install_dir/user/config/plugins/login-ldap" -ynh_exec_as $app touch "$install_dir/user/accounts/admin.yaml" +ynh_exec_as_app mkdir -p "$install_dir/user/config/plugins/login-ldap" +ynh_exec_as_app touch "$install_dir/user/accounts/admin.yaml" # Setting up scheduler config -ynh_add_config --template="../conf/scheduler.yaml" --destination="$install_dir/user/config/scheduler.yaml" -chown $app:$app "$install_dir/user/config/scheduler.yaml" -chmod 640 "$install_dir/user/config/scheduler.yaml" +ynh_config_add --template="scheduler.yaml" --destination="$install_dir/user/config/scheduler.yaml" +#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown $app:$app "$install_dir/user/config/scheduler.yaml" +#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 640 "$install_dir/user/config/scheduler.yaml" # Setting up LDAP config -ynh_add_config --template="../conf/login-ldap.yaml" --destination="$install_dir/user/config/plugins/login-ldap.yaml" -chown $app:$app "$install_dir/user/config/plugins/login-ldap.yaml" -chmod 640 "$install_dir/user/config/plugins/login-ldap.yaml" +ynh_config_add --template="login-ldap.yaml" --destination="$install_dir/user/config/plugins/login-ldap.yaml" +#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown $app:$app "$install_dir/user/config/plugins/login-ldap.yaml" +#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 640 "$install_dir/user/config/plugins/login-ldap.yaml" #================================================= # CREATE A CRON TASK #================================================= -ynh_script_progression --message="Creating a cron task..." --weight=1 +ynh_script_progression "Creating a cron task..." -echo "* * * * * $app php$phpversion $install_dir/bin/grav scheduler 1>> /dev/null 2>&1" > /etc/cron.d/$app +echo "* * * * * $app php$php_version $install_dir/bin/grav scheduler 1>> /dev/null 2>&1" > /etc/cron.d/$app -chmod 644 /etc/cron.d/$app +#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 644 /etc/cron.d/$app #================================================= # END OF SCRIPT #================================================= -ynh_script_progression --message="Installation of $app completed" --last +ynh_script_progression "Installation of $app completed" diff --git a/scripts/remove b/scripts/remove index 0031436..eb396f6 100644 --- a/scripts/remove +++ b/scripts/remove @@ -1,42 +1,36 @@ #!/bin/bash -#================================================= -# GENERIC START -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - source _common.sh source /usr/share/yunohost/helpers #================================================= # REMOVE NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Removing NGINX web server configuration..." --weight=1 +ynh_script_progression "Removing NGINX web server configuration..." # Remove the dedicated NGINX config -ynh_remove_nginx_config +ynh_config_remove_nginx #================================================= # REMOVE PHP-FPM CONFIGURATION #================================================= -ynh_script_progression --message="Removing PHP-FPM configuration..." --weight=2 +ynh_script_progression "Removing PHP-FPM configuration..." # Remove the dedicated PHP-FPM config -ynh_remove_fpm_config +ynh_config_remove_phpfpm #================================================= # SPECIFIC REMOVE #================================================= # REMOVE VARIOUS FILES #================================================= -ynh_script_progression --message="Removing various files..." --weight=1 +ynh_script_progression "Removing various files..." # Remove a cron file -ynh_secure_remove --file="/etc/cron.d/$app" +ynh_safe_rm "/etc/cron.d/$app" #================================================= # END OF SCRIPT #================================================= -ynh_script_progression --message="Removal of $app completed" --last +ynh_script_progression "Removal of $app completed" diff --git a/scripts/restore b/scripts/restore index 50ef812..9469020 100644 --- a/scripts/restore +++ b/scripts/restore @@ -1,11 +1,5 @@ #!/bin/bash -#================================================= -# GENERIC START -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - # Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers @@ -13,14 +7,14 @@ source /usr/share/yunohost/helpers #================================================= # RESTORE THE APP MAIN DIR #================================================= -ynh_script_progression --message="Restoring the app main directory..." --weight=2 +ynh_script_progression "Restoring the app main directory..." -ynh_restore_file --origin_path="$install_dir" +ynh_restore "$install_dir" # Grav will complain about missing backup directory, let's create it mkdir -p "$install_dir/backup" -chown -R $app:www-data "$install_dir" +#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R $app:www-data "$install_dir" find "$install_dir" -type f -exec chmod 640 {} \; find "$install_dir/bin" -type f -exec chmod 750 {} \; find "$install_dir" -type d -exec chmod 750 {} \; @@ -29,37 +23,35 @@ find "$install_dir" -type d -exec chmod +s {} \; #================================================= # RESTORE THE PHP-FPM CONFIGURATION #================================================= -ynh_script_progression --message="Restoring the PHP-FPM configuration..." --weight=1 +ynh_script_progression "Restoring the PHP-FPM configuration..." -ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" +ynh_restore "/etc/php/$php_version/fpm/pool.d/$app.conf" #================================================= # RESTORE THE NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Restoring the NGINX web server configuration..." --weight=1 +ynh_script_progression "Restoring the NGINX web server configuration..." -ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" +ynh_restore "/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= # RESTORE VARIOUS FILES #================================================= -ynh_script_progression --message="Restoring various files..." --weight=1 +ynh_script_progression "Restoring various files..." -ynh_restore_file --origin_path="/etc/cron.d/$app" -chmod 644 /etc/cron.d/$app +ynh_restore "/etc/cron.d/$app" +#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 644 /etc/cron.d/$app -#================================================= -# GENERIC FINALIZATION #================================================= # RELOAD NGINX AND PHP-FPM #================================================= -ynh_script_progression --message="Reloading NGINX web server and PHP-FPM..." --weight=1 +ynh_script_progression "Reloading NGINX web server and PHP-FPM..." -ynh_systemd_action --service_name=php$phpversion-fpm --action=reload -ynh_systemd_action --service_name=nginx --action=reload +ynh_systemctl --service=php$php_version-fpm --action=reload +ynh_systemctl --service=nginx --action=reload #================================================= # END OF SCRIPT #================================================= -ynh_script_progression --message="Restoration completed for $app" --last +ynh_script_progression "Restoration completed for $app" diff --git a/scripts/upgrade b/scripts/upgrade index 2620c1e..a11583f 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -1,48 +1,36 @@ #!/bin/bash -#================================================= -# GENERIC START -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - source _common.sh source /usr/share/yunohost/helpers -#================================================= -# CHECK VERSION -#================================================= -ynh_script_progression --message="Checking version..." --weight=1 +ynh_script_progression "Checking version..." -upgrade_type=$(ynh_check_app_version_changed) - -#================================================= -# STANDARD UPGRADE STEPS #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= -ynh_script_progression --message="Ensuring downward compatibility..." --weight=1 +ynh_script_progression "Ensuring downward compatibility..." # If with_sftp or password don't exist, create them if [ -z "${with_sftp:-}" ] || [ -z "${password:-}" ]; then - ynh_app_setting_set --app=$app --key=with_sftp --value="false" - ynh_app_setting_set --app=$app --key=password --value=$(ynh_string_random) + ynh_app_setting_set --key=with_sftp --value="false" + ynh_app_setting_set --key=password --value=$(ynh_string_random) fi # Setup the scheduler config if it is missing from user directory if [ ! -f "$install_dir/user/config/scheduler.yaml" ]; then - ynh_add_config --template="../conf/scheduler.yaml" --destination="$install_dir/user/config/scheduler.yaml" - chown $app:$app "$install_dir/user/config/scheduler.yaml" - chmod 640 "$install_dir/user/config/scheduler.yaml" + ynh_config_add --template="scheduler.yaml" --destination="$install_dir/user/config/scheduler.yaml" + #REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown $app:$app "$install_dir/user/config/scheduler.yaml" + #REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 640 "$install_dir/user/config/scheduler.yaml" fi #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= -if [ "$upgrade_type" == "UPGRADE_APP" ] +# FIXME: this is still supported but the recommendation is now to *always* re-setup the app sources wether or not the upstream sources changed +if ynh_app_upstream_version_changed then - ynh_script_progression --message="Upgrading source files..." --weight=2 + ynh_script_progression "Upgrading source files..." # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$install_dir" --source_id="app-upgrade" @@ -50,7 +38,7 @@ then fi # Set permissions on app files -chown -R $app:www-data "$install_dir" +#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R $app:www-data "$install_dir" find "$install_dir" -type f -exec chmod 640 {} \; find "$install_dir/bin" -type f -exec chmod 750 {} \; find "$install_dir" -type d -exec chmod 750 {} \; @@ -59,52 +47,50 @@ find "$install_dir" -type d -exec chmod +s {} \; #================================================= # PHP-FPM CONFIGURATION #================================================= -ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=1 +ynh_script_progression "Upgrading PHP-FPM configuration..." # Create a dedicated PHP-FPM config -ynh_add_fpm_config +ynh_config_add_phpfpm #================================================= # NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=2 +ynh_script_progression "Upgrading NGINX web server configuration..." # Create a dedicated NGINX config -ynh_add_nginx_config +ynh_config_add_nginx -#================================================= -# SPECIFIC UPGRADE #================================================= # UPDATE A CONFIG FILE #================================================= -ynh_script_progression --message="Updating a configuration file..." --weight=3 +ynh_script_progression "Updating configuration..." mkdir -p "$install_dir/user/config/plugins/login-ldap" touch "$install_dir/user/accounts/admin.yaml" -ynh_add_config --template="../conf/login-ldap.yaml" --destination="$install_dir/user/config/plugins/login-ldap.yaml" -chown $app:$app "$install_dir/user/config/plugins/login-ldap.yaml" -chmod 640 "$install_dir/user/config/plugins/login-ldap.yaml" +ynh_config_add --template="login-ldap.yaml" --destination="$install_dir/user/config/plugins/login-ldap.yaml" +#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown $app:$app "$install_dir/user/config/plugins/login-ldap.yaml" +#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 640 "$install_dir/user/config/plugins/login-ldap.yaml" #================================================= # UPGRADE PLUGINS #================================================= -ynh_script_progression --message="Updating all plugins..." --weight=1 +ynh_script_progression "Updating all plugins..." pushd "$install_dir" - ynh_exec_warn_less yes N | ynh_exec_warn_less ynh_exec_as $app php${phpversion} bin/gpm update --all-yes --no-interaction || ynh_print_warn --message="Automatic plugin upgrade has failed, you can upgrade them from your Grav admin panel." + ynh_hide_warnings yes N | ynh_hide_warnings ynh_exec_as_app php${php_version} bin/gpm update --all-yes --no-interaction || ynh_print_warn "Automatic plugin upgrade has failed, you can upgrade them from your Grav admin panel." popd #================================================= # UPDATE A CRON TASK #================================================ -ynh_script_progression --message="Updating a cron task..." --weight=1 +ynh_script_progression "Updating a cron task..." -echo "* * * * * $app php${phpversion} $install_dir/bin/grav scheduler 1>> /dev/null 2>&1" > /etc/cron.d/$app -chmod 644 /etc/cron.d/$app +echo "* * * * * $app php${php_version} $install_dir/bin/grav scheduler 1>> /dev/null 2>&1" > /etc/cron.d/$app +#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 644 /etc/cron.d/$app #================================================= # END OF SCRIPT #================================================= -ynh_script_progression --message="Upgrade of $app completed" --last +ynh_script_progression "Upgrade of $app completed"