From 7a640eebe4cd697cbf7ef4fa963c442d205719e7 Mon Sep 17 00:00:00 2001 From: Jean-Baptiste Holcroft Date: Mon, 3 Sep 2018 21:35:41 +0200 Subject: [PATCH 1/8] Fix installation (php-zip was missing) --- manifest.json | 6 +++--- scripts/install | 6 ++++++ scripts/remove | 7 +++++++ scripts/restore | 6 ++++++ scripts/upgrade | 6 ++++++ 5 files changed, 28 insertions(+), 3 deletions(-) diff --git a/manifest.json b/manifest.json index 9e33393..01f2df8 100644 --- a/manifest.json +++ b/manifest.json @@ -6,15 +6,15 @@ "en": "Grav - Grav is a modern open source flat-file CMS", "fr": "Grav - Grav is a modern open source flat-file CMS" }, - "version": "1.3.1", + "version": "1.3.1~ynh1", "url": "https://www.getgrav.org/", - "license": "free", + "license": "MIT-0", "maintainer": { "name": "cyp, lithrel", "email": "cyp@rouquin.me, lithrel@randomdomainname.net" }, "requirements": { - "yunohost": ">> 2.4.0" + "yunohost": ">= 3.1.0" }, "multi_instance": true, "services": [ diff --git a/scripts/install b/scripts/install index 620b11b..7635424 100644 --- a/scripts/install +++ b/scripts/install @@ -41,6 +41,12 @@ ynh_app_setting_set $app language $language sudo mkdir "$final_path" ynh_app_setting_set $app final_path $final_path +#================================================= +# INSTALL DEPENDENCIES +#================================================= + +ynh_install_app_dependencies php-zip + # Get source SETUP_SOURCE diff --git a/scripts/remove b/scripts/remove index a62ac0c..4e03881 100644 --- a/scripts/remove +++ b/scripts/remove @@ -14,6 +14,13 @@ app=$YNH_APP_INSTANCE_NAME # Retrieve app settings domain=$(ynh_app_setting_get "$app" domain) +#================================================= +# REMOVE DEPENDENCIES +#================================================= + +# Remove metapackage and its dependencies +ynh_remove_app_dependencies + # Delete app directory and configurations SECURE_REMOVE '/var/www/$app' # Delete directory application sudo rm -f "/etc/php5/fpm/pool.d/${app}.conf" diff --git a/scripts/restore b/scripts/restore index 3070e9b..3c8cd12 100644 --- a/scripts/restore +++ b/scripts/restore @@ -42,6 +42,12 @@ if [ -f "${phpfpm_ini}" ]; then ynh_die "The PHP FPM INI configuration already exists at '${phpfpm_ini}'. You should safely delete it before restoring this app." fi +#================================================= +# INSTALL DEPENDENCIES +#================================================= + +ynh_install_app_dependencies php-zip + # Restore sources & data sudo cp -a ./sources "${final_path}" diff --git a/scripts/upgrade b/scripts/upgrade index 6aadad5..495dd00 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -18,6 +18,12 @@ language=$(ynh_app_setting_get "$app" language) CHECK_PATH # Checks and corrects the syntax of the path. +#================================================= +# INSTALL DEPENDENCIES +#================================================= + +ynh_install_app_dependencies php-zip + final_path=/var/www/$app # Get source From ddd6415dacd9a77a5868d46783b8b3463cf22768 Mon Sep 17 00:00:00 2001 From: Jean-Baptiste Holcroft Date: Mon, 3 Sep 2018 23:31:52 +0200 Subject: [PATCH 2/8] Full rewrite --- README.md | 106 ++--------------------- check_process | 79 ++++++++++-------- conf/app.src | 6 ++ conf/nginx.conf | 6 +- conf/php-fpm.conf | 2 +- manifest.json | 6 +- scripts/.fonctions | 204 --------------------------------------------- scripts/_common.sh | 1 + scripts/backup | 51 +++++++++--- scripts/change_url | 98 ++++++++++++++++++++++ scripts/install | 139 +++++++++++++++++------------- scripts/remove | 45 +++++++--- scripts/restore | 124 +++++++++++++++------------ scripts/upgrade | 144 ++++++++++++++++++++++++-------- sources/source_dir | 1 - sources/source_md5 | 1 - sources/source_url | 1 - 17 files changed, 490 insertions(+), 524 deletions(-) create mode 100644 conf/app.src delete mode 100644 scripts/.fonctions create mode 100644 scripts/_common.sh create mode 100644 scripts/change_url delete mode 100644 sources/source_dir delete mode 100644 sources/source_md5 delete mode 100644 sources/source_url diff --git a/README.md b/README.md index c26c39f..331ff22 100644 --- a/README.md +++ b/README.md @@ -5,110 +5,18 @@ * http://getgrav.org/ * https://github.com/getgrav/grav -## Installation - -From YunoHost admin panel: - -1. Enter repository url https://github.com/YunoHost-Apps/grav_ynh -2. Configure the app -3. Click install -4. Go to the url you configured - -From command line: - -```sh -sudo yunohost app install -l grav https://github.com/YunoHost-Apps/grav_ynh -``` - -Options: - -1. __Choose a domain for Grav__ -Domain for your installation (example.org). - -2. __Choose a path for Grav__ -Path for your installation (/grav). - -3. __Is it a public application ?__ -If public, everybody will be able to access your Grav instance (example.org/grav). - -4. __Do you wish to install the Admin plugin ?__ -Grav has an optional admin panel, answer `Yes` if you want to use it. - -5. __Make admin panel private ?__ -_Only valid if admin panel is installed._ -Protect the admin panel behind Yunohost authentication. - -6. __Create administrator automatically ?__ -_Only works if admin panel is installed and private._ -If `Yes`, an admin account will be automatically created when you first visit your Grav instance, and you will be redirected to the admin panel. Your authentication will be handled by your YunoHost connection. -If `No`, on your first visit to your Grav instance Grav will propose you to create a new user. - -
- -# [FR] Grav pour YunoHost - -* http://getgrav.org/ -* https://github.com/getgrav/grav +Provided version: **1.3.1** ## Installation -Depuis le panneau d'administration YunoHost: - -1. Entrez l'url du dépot https://github.com/YunoHost-Apps/grav_ynh -2. Configurez l'application -3. Cliquez sur installer -4. Rendez-vous à l'url que vous avez configuré - -Depuis la ligne de commande: +Use either YunoHost's admin panel or command line: ```sh -sudo yunohost app install -l grav https://github.com/YunoHost-Apps/grav_ynh +sudo yunohost app install --url grav https://github.com/YunoHost-Apps/grav_ynh ``` -Options: - -1. __Choisissez un domaine pour Grav__ -Domaine pour votre installation (example.org, grav.example.org). - -2. __Choisissez un chemin pour Grav__ -Chemin pour votre installation (/grav, /). - -3. __Est-ce une page publique ?__ -Si cette application est publique, n'importe quelle personne pourra y accéder (example.org/grav). - -4. __Souhaitez-vous installer le plugin d'administration ?__ -Grav possède un plugin d'administration optionnel, répondez `Yes` si vous souhaitez l'utiliser. - -5. __Souhaitez-vous rendre l'administration privée ?__ -_Valide uniquement si le plugin d'administration est installé._ -Protège l'administration derrière l'authentification Yunohost. - -6. __Souhaitez-vous créer un administrateur automatiquement ?__ -_Valide uniquement si le plugin d'administration est installé et privé._ -Si `Yes`, un compte administrateur sera automatiquement créé à votre première visite de votre instance Grav, et vous serez redirigé vers l'administration. -Votre connexion à l'administration sera associée à votre connexion YunoHost. -Si `No`, à votre première visite de votre instance Grav, il vous sera proposé la création d'un nouvel utilisateur. - - -## Versionning - -### Version 1.3.1 (22/07/17) - -- Update version - -### Version 1.1.1 (13/03/17) - -- Fix package_check [source](https://github.com/YunoHost/package_check) - -### Version 1.1.0 (02/03/17) - -- Fix Packaging [Source](https://forum.yunohost.org/t/news-about-app-management-and-packaging-in-yunohost-2-4/1379/1) - -### Version 1.0.0 (11/11/15) - -- First version - -### Configuration - -1. Start url https://domaine.tld/grav +## TODO +[ ] create a dedicated user +[ ] fix alias_traversal +[ ] send email to admin \ No newline at end of file diff --git a/check_process b/check_process index 4e51f1b..069c632 100644 --- a/check_process +++ b/check_process @@ -1,37 +1,44 @@ -;; Test complet sans multisite - auto_remove=1 - ; Manifest - domain="domain.tld" (DOMAIN) - path="/path" (PATH) - admin="john" (USER) - language="fr_FR" - multisite="No" - is_public="Yes" (PUBLIC|public=Yes|private=No) - ; Checks - pkg_linter=1 - setup_sub_dir=1 - setup_root=1 - setup_nourl=0 - setup_private=1 - setup_public=1 - upgrade=1 - backup_restore=1 - multi_instance=1 - wrong_user=1 - wrong_path=1 - incorrect_path=1 - corrupt_source=0 - fail_download_source=0 - port_already_use=0 - final_path_already_use=0 +# See here for more information +# https://github.com/YunoHost/package_check#syntax-check_process-file + +;; Test complet + ; Manifest + domain="domain.tld" (DOMAIN) + path="/path" (PATH) + admin="john" (USER) + language="fr_FR" + is_public="Yes" (PUBLIC|public=1|private=0) + ; Checks + pkg_linter=1 + setup_sub_dir=1 + setup_root=1 + setup_nourl=0 + setup_private=1 + setup_public=1 + upgrade=1 + upgrade=1 from_commit=8b79023a4fb3633b1a01e4ad4dafb41a5344c3fd + backup_restore=1 + multi_instance=1 + incorrect_path=1 + port_already_use=0 + change_url=1 ;;; Levels - Level 1=auto - Level 2=auto - Level 3=auto - Level 4=0 - Level 5=auto - Level 6=auto - Level 7=auto - Level 8=0 - Level 9=0 - Level 10=0 \ No newline at end of file + Level 1=auto + Level 2=auto + Level 3=auto + # doable, but there is no group in YunoHost's LDAP + # https://github.com/trilbymedia/grav-plugin-login-ldap + Level 4=1 + Level 5=auto + Level 6=auto + Level 7=auto + Level 8=0 + Level 9=0 + Level 10=0 +;;; Options +Email=jean-baptiste@holcroft.fr +Notification=all +;;; Upgrade options + ; commit=8b79023a4fb3633b1a01e4ad4dafb41a5344c3fd + name=pre rebuild + manifest_arg=domain=DOMAIN&path=PATH&admin=USER&language=fr_FR&is_public=Yes& \ No newline at end of file diff --git a/conf/app.src b/conf/app.src new file mode 100644 index 0000000..77c1ced --- /dev/null +++ b/conf/app.src @@ -0,0 +1,6 @@ +SOURCE_URL=https://github.com/getgrav/grav/releases/download/1.3.1/grav-admin-v1.3.1.zip +SOURCE_SUM=de39862725fea8d868c4a149c99b6fa245962482aad8ba063473d2d5b3f64edb +SOURCE_SUM_PRG=sha256sum +SOURCE_FORMAT=zip +SOURCE_IN_SUBDIR=true +SOURCE_FILENAME= \ No newline at end of file diff --git a/conf/nginx.conf b/conf/nginx.conf index 9ac47a7..4e3560e 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,10 +1,10 @@ -location __PATHTOCHANGE__ { +location __PATH__ { alias __FINALPATH__/; index index.php; if (!-e $request_filename) { - rewrite ^(.+)$ __PATHTOCHANGE__/index.php?q=$1 last; + rewrite ^(.+)$ __PATH__/index.php?q=$1 last; } if ($scheme = http) { rewrite ^ https://$server_name$request_uri? permanent; @@ -30,7 +30,7 @@ location __PATHTOCHANGE__ { } location ~ [^/]\.php(/|$) { fastcgi_split_path_info ^(.+?\.php)(/.*)$; - fastcgi_pass unix:/var/run/php5-fpm-__NAMETOCHANGE__.sock; + fastcgi_pass unix:/var/run/php/php7.0-fpm-__NAME__.sock; fastcgi_index index.php; include fastcgi_params; fastcgi_param REMOTE_USER $remote_user; diff --git a/conf/php-fpm.conf b/conf/php-fpm.conf index 5672f10..446cae6 100644 --- a/conf/php-fpm.conf +++ b/conf/php-fpm.conf @@ -30,7 +30,7 @@ group = www-data ; specific port; ; '/path/to/unix/socket' - to listen on a unix socket. ; Note: This value is mandatory. -listen = /var/run/php5-fpm-__NAMETOCHANGE__.sock +listen = /var/run/php/php7.0-fpm-__NAMETOCHANGE__.sock ; Set listen(2) backlog. ; Default Value: 128 (-1 on FreeBSD and OpenBSD) diff --git a/manifest.json b/manifest.json index 01f2df8..33812c3 100644 --- a/manifest.json +++ b/manifest.json @@ -19,7 +19,7 @@ "multi_instance": true, "services": [ "nginx", - "php5-fpm" + "php7.0-fpm" ], "arguments": { "install" : [ @@ -53,12 +53,12 @@ }, { "name": "is_public", + "type": "boolean", "ask": { "en": "Is it a public Grav site ?", "fr": "Est-ce un site public ?" }, - "choices": ["Yes", "No"], - "default": "Yes" + "default": true }, { "name": "language", diff --git a/scripts/.fonctions b/scripts/.fonctions deleted file mode 100644 index d9bc244..0000000 --- a/scripts/.fonctions +++ /dev/null @@ -1,204 +0,0 @@ -#!/bin/bash - -ynh_version="2.4" - -YNH_VERSION () { # Returns the version number of the Yunohost moulinette - ynh_version=$(sudo yunohost -v | grep "moulinette:" | cut -d' ' -f2 | cut -d'.' -f1,2) -} - -CHECK_VAR () { # Verifies that the variable is not empty. - # $1 = Variable to be checked - # $2 = Display text on error - test -n "$1" || (echo "$2" >&2 && false) -} - -EXIT_PROPERLY () { # Causes the script to stop in the event of an error. And clean the residue. - trap '' ERR - echo -e "\e[91m \e[1m" # Shell in light red bold - echo -e "!!\n $app install's script has encountered an error. Installation was cancelled.\n!!" >&2 - - if type -t CLEAN_SETUP > /dev/null; then # Checks the existence of the function before executing it. - CLEAN_SETUP # Call the specific cleanup function of the install script. - fi - - # Compensates the ssowat bug that does not remove the app's input in case of installation error. - sudo sed -i "\@\"$domain$path/\":@d" /etc/ssowat/conf.json - - if [ "$ynh_version" = "2.2" ]; then - /bin/bash $script_dir/remove - fi - - ynh_die -} - -TRAP_ON () { # Activate signal capture - trap EXIT_PROPERLY ERR # Capturing exit signals on error -} - -TRAP_OFF () { # Ignoring signal capture until TRAP_ON - trap '' ERR # Ignoring exit signals -} - -CHECK_USER () { # Check the validity of the user admin - # $1 = User admin variable - ynh_user_exists "$1" || (echo "Wrong admin" >&2 && false) -} - -CHECK_PATH () { # Checks / at the beginning of the path. And his absence at the end. - if [ "${path:0:1}" != "/" ]; then # If the first character is not / - path="/$path" # Add / at the beginning of path - fi - if [ "${path:${#path}-1}" == "/" ] && [ ${#path} -gt 1 ]; then # If the last character is a / and it is not the only character. - path="${path:0:${#path}-1}" # Delete last character - fi -} - -CHECK_DOMAINPATH () { # Checks the availability of the path and domain. - sudo yunohost app checkurl $domain$path -a $app -} - -CHECK_FINALPATH () { # Checks that the destination folder is not already in use. - final_path=/var/www/$app - if [ -e "$final_path" ] - then - echo "This path already contains a folder" >&2 - false - fi -} - -GENERATE_DB () { # Create a database and a dedicated user in the name of the app - # $1 = Database name - # Generates a random password. - db_user=$1 - db_pwd=$(head -n20 /dev/urandom | tr -c -d 'A-Za-z0-9' | head -c20) - CHECK_VAR "$db_pwd" "db_pwd empty" - # Uses '$ app' as user name and database - # Initializes the database and stores the mysql password. - ynh_mysql_create_db "$db_user" "$db_user" $db_pwd - ynh_app_setting_set $app mysqlpwd $db_pwd -} - -SETUP_SOURCE () { # Download source, decompress and copu into $final_path - src=$(cat ../sources/source_md5 | awk -F' ' {'print $2'}) - sudo wget -nv -i ../sources/source_url -O $src - # Checks the checksum of the downloaded source. - # md5sum -c ../sources/source_md5 --status || ynh_die "Corrupt source" - # Decompress source - if [ "$(echo ${src##*.})" == "tgz" ]; then - tar -x -f $src - elif [ "$(echo ${src##*.})" == "zip" ]; then - unzip -q $src - else - false # Unsupported archive format. - fi - # Copy file source - sudo cp -a $(cat ../sources/source_dir)/. "$final_path" - # Copy additional file and modified - if test -e "../sources/ajouts"; then - sudo cp -a ../sources/ajouts/. "$final_path" - fi -} - -POOL_FPM () { # Create the php-fpm pool configuration file and configure it. - sed -i "s@__NAMETOCHANGE__@$app@g" ../conf/php-fpm.conf - sed -i "s@__FINALPATH__@$final_path@g" ../conf/php-fpm.conf - finalphpconf=/etc/php5/fpm/pool.d/$app.conf - sudo cp ../conf/php-fpm.conf $finalphpconf - sudo chown root: $finalphpconf - finalphpini=/etc/php5/fpm/conf.d/20-$app.ini - sudo cp ../conf/php-fpm.ini $finalphpini - sudo chown root: $finalphpini - sudo systemctl reload php5-fpm -} - -STORE_MD5_CONFIG () { # Saves the checksum of the config file - # $1 = Name of the conf file for storage in settings.yml - # $2 = Full name and path of the conf file. - ynh_app_setting_set $app $1_file_md5 $(sudo md5sum "$2" | cut -d' ' -f1) -} - -CHECK_MD5_CONFIG () { # Created a backup of the config file if it was changed. - # $1 = Name of the conf file for storage in settings.yml - # $2 = Full name and path of the conf file.onf. - if [ "$(ynh_app_setting_get $app $1_file_md5)" != $(sudo md5sum "$2" | cut -d' ' -f1) ]; then - sudo cp -a "$2" "$2.backup.$(date '+%d.%m.%y_%Hh%M,%Ss')" # Si le fichier de config a été modifié, créer un backup. - fi -} - -FIND_PORT () { # Search free port - # $1 = Port number to start the search. - port=$1 - while ! sudo yunohost app checkport $port ; do - port=$((port+1)) - done - CHECK_VAR "$port" "port empty" -} - - -### REMOVE SCRIPT - -REMOVE_NGINX_CONF () { # Delete nginx configuration - if [ -e "/etc/nginx/conf.d/$domain.d/$app.conf" ]; then # Delete nginx config - echo "Delete nginx config" - sudo rm "/etc/nginx/conf.d/$domain.d/$app.conf" - sudo systemctl reload nginx - fi -} - -REMOVE_FPM_CONF () { # Delete pool php-fpm configuration - if [ -e "/etc/php5/fpm/pool.d/$app.conf" ]; then # Delete fpm config - echo "Delete fpm config" - sudo rm "/etc/php5/fpm/pool.d/$app.conf" - fi - if [ -e "/etc/php5/fpm/conf.d/20-$app.ini" ]; then # Delete php config - echo "Delete php config" - sudo rm "/etc/php5/fpm/conf.d/20-$app.ini" - fi - sudo systemctl reload php5-fpm -} - -REMOVE_LOGROTATE_CONF () { # Delete logrotate configuration - if [ -e "/etc/logrotate.d/$app" ]; then - echo "Delete logrotate config" - sudo rm "/etc/logrotate.d/$app" - fi -} - -SECURE_REMOVE () { # Deleting a folder with variable verification - chaine="$1" # The argument must be given between simple quotes '', to avoid interpreting the variables. - no_var=0 - while (echo "$chaine" | grep -q '\$') # Loop as long as there are $ in the string - do - no_var=1 - global_var=$(echo "$chaine" | cut -d '$' -f 2) # Isole the first variable found. - only_var=\$$(expr "$global_var" : '\([A-Za-z0-9_]*\)') # Isole completely the variable by adding the $ at the beginning and keeping only the name of the variable. Mostly gets rid of / and a possible path behind. - real_var=$(eval "echo ${only_var}") # `eval "echo ${var}` Allows to interpret a variable contained in a variable. - if test -z "$real_var" || [ "$real_var" = "/" ]; then - echo "Variable $only_var is empty, suppression of $chaine cancelled." >&2 - return 1 - fi - chaine=$(echo "$chaine" | sed "s@$only_var@$real_var@") # Replaces variable with its value in the string. - done - if [ "$no_var" -eq 1 ] - then - if [ -e "$chaine" ]; then - echo "Delete directory $chaine" - sudo rm -r "$chaine" - fi - return 0 - else - echo "No detected variable." >&2 - return 1 - fi -} - -REMOVE_BDD () { # Delete database and users - # $1 = Database name - # Uses '$app' as user name and database - db_user=$1 - if mysqlshow -u root -p$(sudo cat $MYSQL_ROOT_PWD_FILE) | grep -q "^| $db_user"; then - echo "Delete db" - ynh_mysql_drop_db $db_user - ynh_mysql_drop_user $db_user - fi -} diff --git a/scripts/_common.sh b/scripts/_common.sh new file mode 100644 index 0000000..a9bf588 --- /dev/null +++ b/scripts/_common.sh @@ -0,0 +1 @@ +#!/bin/bash diff --git a/scripts/backup b/scripts/backup index 2859743..40cd8e3 100644 --- a/scripts/backup +++ b/scripts/backup @@ -1,23 +1,48 @@ #!/bin/bash -# Exit on command errors and treat unset variables as an error -set -eu +#================================================= +# GENERIC START +#================================================= +# IMPORT GENERIC HELPERS +#================================================= -# Source app helpers +source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers -# Get multi-instances specific variables +#================================================= +# MANAGE SCRIPT FAILURE +#================================================= + +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + +#================================================= +# LOAD SETTINGS +#================================================= + app=$YNH_APP_INSTANCE_NAME -# Retrieve app settings +final_path=$(ynh_app_setting_get "$app" final_path) domain=$(ynh_app_setting_get "$app" domain) +db_name=$(ynh_app_setting_get "$app" db_name) -# Copy the app files -final_path="/var/www/${app}" -ynh_backup "$final_path" "sources" 1 +#================================================= +# STANDARD BACKUP STEPS +#================================================= +# BACKUP THE APP MAIN DIR +#================================================= -# Copy the nginx conf files -ynh_backup "/etc/nginx/conf.d/${domain}.d/${app}.conf" "nginx.conf" -# Copy the php-fpm conf files -ynh_backup "/etc/php5/fpm/pool.d/${app}.conf" "php-fpm.conf" -ynh_backup "/etc/php5/fpm/conf.d/20-${app}.ini" "php-fpm.ini" \ No newline at end of file +ynh_backup "$final_path" + +#================================================= +# BACKUP THE NGINX CONFIGURATION +#================================================= + +ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf" + +#================================================= +# BACKUP THE PHP-FPM CONFIGURATION +#================================================= + +ynh_backup "/etc/php/7.0/fpm/pool.d/$app.conf" +ynh_backup "/etc/php/7.0/fpm/conf.d/20-$app.ini" diff --git a/scripts/change_url b/scripts/change_url new file mode 100644 index 0000000..36a6259 --- /dev/null +++ b/scripts/change_url @@ -0,0 +1,98 @@ +#!/bin/bash + +#================================================= +# GENERIC STARTING +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +source _common.sh +source /usr/share/yunohost/helpers + +#================================================= +# RETRIEVE ARGUMENTS +#================================================= + +old_domain=$YNH_APP_OLD_DOMAIN +old_path=$YNH_APP_OLD_PATH + +new_domain=$YNH_APP_NEW_DOMAIN +new_path=$YNH_APP_NEW_PATH + +app=$YNH_APP_INSTANCE_NAME + +#================================================= +# LOAD SETTINGS +#================================================= + +# Needed for helper "ynh_add_nginx_config" +final_path=$(ynh_app_setting_get "$app" final_path) + +#================================================= +# CHECK THE SYNTAX OF THE PATHS +#================================================= + +test -n "$old_path" || old_path="/" +test -n "$new_path" || new_path="/" +new_path=$(ynh_normalize_url_path "$new_path") +old_path=$(ynh_normalize_url_path "$old_path") + +#================================================= +# CHECK WHICH PARTS SHOULD BE CHANGED +#================================================= + +change_domain=0 +if [ "$old_domain" != "$new_domain" ] +then + change_domain=1 +fi + +change_path=0 +if [ "$old_path" != "$new_path" ] +then + change_path=1 +fi + +#================================================= +# STANDARD MODIFICATIONS +#================================================= +# MODIFY URL IN NGINX CONF +#================================================= + +nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf + +# Change the path in the nginx config file +if [ "$change_path" -eq 1 ] +then + # Make a backup of the original nginx config file if modified + ynh_backup_if_checksum_is_different "$nginx_conf_path" + # Set global variables for nginx helper + domain="$old_domain" + path_url="$new_path" + # Create a dedicated nginx config + ynh_add_nginx_config +fi + +# Change the domain for nginx +if [ $change_domain -eq 1 ] +then + # Delete file checksum for the old conf file location + ynh_delete_file_checksum "$nginx_conf_path" + mv "$nginx_conf_path" "/etc/nginx/conf.d/$new_domain.d/$app.conf" + # Store file checksum for the new config file location + ynh_store_file_checksum "/etc/nginx/conf.d/$new_domain.d/$app.conf" +fi + +#================================================= +# SPECIFIC MODIFICATIONS +#================================================= +# ... +#================================================= + +#================================================= +# GENERIC FINALISATION +#================================================= +# RELOAD NGINX +#================================================= + +systemctl reload nginx \ No newline at end of file diff --git a/scripts/install b/scripts/install index 7635424..2eb3f43 100644 --- a/scripts/install +++ b/scripts/install @@ -1,92 +1,113 @@ #!/bin/bash -# Exit on command errors and treat unset variables as an error -set -eu +#================================================= +# GENERIC START +#================================================= +# IMPORT GENERIC HELPERS +#================================================= -source .fonctions # Loads the generic functions usually used in the script -source /usr/share/yunohost/helpers # Source app helpers +source _common.sh +source /usr/share/yunohost/helpers -CLEAN_SETUP () { - # Clean installation residues that are not supported by the remove script. - # Clean hosts - sudo sed -i '/#GRAV/d' /etc/hosts -} -TRAP_ON # Active trap to stop the script if an error is detected. +#================================================= +# MANAGE SCRIPT FAILURE +#================================================= + +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + +#================================================= +# RETRIEVE ARGUMENTS FROM THE MANIFEST +#================================================= domain=$YNH_APP_ARG_DOMAIN -path=$YNH_APP_ARG_PATH +path_url=$YNH_APP_ARG_PATH admin_grav=$YNH_APP_ARG_ADMIN language=$YNH_APP_ARG_LANGUAGE is_public=$YNH_APP_ARG_IS_PUBLIC app=$YNH_APP_INSTANCE_NAME -CHECK_VAR "$app" "app name not set" +#================================================= +# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS +#================================================= -CHECK_USER "$admin_grav" +### If the app uses nginx as web server (written in HTML/PHP in most cases), the final path should be "/var/www/$app". +### If the app provides an internal web server (or uses another application server such as uwsgi), the final path should be "/opt/yunohost/$app" +final_path=/var/www/$app +test ! -e "$final_path" || ynh_die "This path already contains a folder" -CHECK_PATH +# Normalize the url path syntax +path_url=$(ynh_normalize_url_path "$path_url") -CHECK_DOMAINPATH +# Check web path availability +ynh_webpath_available "$domain" "$path_url" +# Register (book) web path +ynh_webpath_register "$app" "$domain" "$path_url" -CHECK_FINALPATH +#================================================= +# STORE SETTINGS FROM MANIFEST +#================================================= -ynh_app_setting_set $app domain $domain -ynh_app_setting_set $app path $path -ynh_app_setting_set $app admin $admin_grav -ynh_app_setting_set $app is_public $is_public -ynh_app_setting_set $app language $language - -# Creates the destination directory and stores its location. -sudo mkdir "$final_path" -ynh_app_setting_set $app final_path $final_path +ynh_app_setting_set "$app" domain "$domain" +ynh_app_setting_set "$app" path "$path_url" +ynh_app_setting_set "$app" admin "$admin_grav" +ynh_app_setting_set "$app" is_public "$is_public" +ynh_app_setting_set "$app" language "$language" +#================================================= +# STANDARD MODIFICATIONS #================================================= # INSTALL DEPENDENCIES #================================================= -ynh_install_app_dependencies php-zip +ynh_install_app_dependencies php7.0-zip -# Get source -SETUP_SOURCE +#================================================= +# DOWNLOAD, CHECK AND UNPACK SOURCE +#================================================= -# Grav install -sudo $final_path/bin/grav +ynh_app_setting_set "$app" final_path "$final_path" +# Download, check integrity, uncompress and patch the source from app.src +ynh_setup_source "$final_path" -# Set permissions -sudo chown -R www-data: $final_path +#================================================= +# NGINX CONFIGURATION +#================================================= -echo -e "127.0.0.1 $domain #GRAV" | sudo tee -a /etc/hosts +# Create a dedicated nginx config +ynh_add_nginx_config -# Copy nginx config -sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf +#================================================= +# PHP-FPM CONFIGURATION +#================================================= -# Modif the variables in the nginx configuration file -sudo sed -i "s@__PATHTOCHANGE__@$path@g" /etc/nginx/conf.d/$domain.d/$app.conf -sudo sed -i "s@__FINALPATH__@$final_path@g" /etc/nginx/conf.d/$domain.d/$app.conf -sudo sed -i "s@__NAMETOCHANGE__@$app@g" /etc/nginx/conf.d/$domain.d/$app.conf +# Create a dedicated php-fpm config +ynh_add_fpm_config -if [ "$is_public" = "Yes" ]; +#================================================= +# GENERIC FINALIZATION +#================================================= +# SECURE FILES AND DIRECTORIES +#================================================= + +chown -R www-data: "$final_path" + +#================================================= +# SETUP SSOWAT +#================================================= + +# Make app public if necessary +if [ $is_public -eq "1" ] then - sudo sed -i "s@#--PRIVATE--@@g" /etc/nginx/conf.d/$domain.d/$app.conf + # unprotected_uris allows SSO credentials to be passed anyway. + ynh_app_setting_set "$app" unprotected_uris "/" +else + ynh_replace_string "#--PRIVATE--" "" "/etc/nginx/conf.d/$domain.d/$app.conf" fi -# Create the php-fpm pool config -POOL_FPM +#================================================= +# RELOAD NGINX +#================================================= -# Setup SSOwat -ynh_app_setting_set "$app" is_public "$is_public" -if [ "$is_public" = "Yes" ]; -then - ynh_app_setting_set "$app" unprotected_uris "/" -fi - -# Reload SSOwat configuration -sudo yunohost app ssowatconf - -# Reload Nginx and regenerate SSOwat conf -sudo systemctl reload php5-fpm -sudo systemctl reload nginx - -# Nettoyer hosts -sudo sed -i '/#GRAV/d' /etc/hosts \ No newline at end of file +systemctl reload nginx \ No newline at end of file diff --git a/scripts/remove b/scripts/remove index 4e03881..887f05f 100644 --- a/scripts/remove +++ b/scripts/remove @@ -1,19 +1,27 @@ #!/bin/bash -# Exit on command errors and treat unset variables as an error -set -u +#================================================= +# GENERIC START +#================================================= +# IMPORT GENERIC HELPERS +#================================================= -# Loads the generic functions usually used in the script -source .fonctions -# Source app helpers +source _common.sh source /usr/share/yunohost/helpers +#================================================= +# LOAD SETTINGS +#================================================= + # Get multi-instances specific variables app=$YNH_APP_INSTANCE_NAME # Retrieve app settings domain=$(ynh_app_setting_get "$app" domain) +final_path=$(ynh_app_setting_get "$app" final_path) +#================================================= +# STANDARD REMOVE #================================================= # REMOVE DEPENDENCIES #================================================= @@ -21,12 +29,23 @@ domain=$(ynh_app_setting_get "$app" domain) # Remove metapackage and its dependencies ynh_remove_app_dependencies -# Delete app directory and configurations -SECURE_REMOVE '/var/www/$app' # Delete directory application -sudo rm -f "/etc/php5/fpm/pool.d/${app}.conf" -sudo rm -f "/etc/php5/fpm/conf.d/20-${app}.ini" -[[ -n $domain ]] && sudo rm -f "/etc/nginx/conf.d/${domain}.d/${app}.conf" +#================================================= +# REMOVE APP MAIN DIR +#================================================= -# Reload services -sudo systemctl reload php5-fpm -sudo systemctl reload nginx \ No newline at end of file +# Remove the app directory securely +ynh_secure_remove "$final_path" + +#================================================= +# REMOVE NGINX CONFIGURATION +#================================================= + +# Remove the dedicated nginx config +ynh_remove_nginx_config + +#================================================= +# REMOVE PHP-FPM CONFIGURATION +#================================================= + +# Remove the dedicated php-fpm config +ynh_remove_fpm_config diff --git a/scripts/restore b/scripts/restore index 3c8cd12..fc5d92b 100644 --- a/scripts/restore +++ b/scripts/restore @@ -1,72 +1,90 @@ #!/bin/bash -# This restore script is adapted to Yunohost >=2.4 -# Exit on command errors and treat unset variables as an error -set -eu +#================================================= +# GENERIC START +#================================================= +# IMPORT GENERIC HELPERS +#================================================= -# Source app helpers +source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers -# The parameter $app is the id of the app instance ex: ynhexample__2 +#================================================= +# MANAGE SCRIPT FAILURE +#================================================= + +ynh_clean_setup () { + #### Remove this function if there's nothing to clean before calling the remove script. + true +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + + +#================================================= +# LOAD SETTINGS +#================================================= + app=$YNH_APP_INSTANCE_NAME -# Get old parameter of the app domain=$(ynh_app_setting_get $app domain) -path=$(ynh_app_setting_get $app path) -is_public=$(ynh_app_setting_get $app is_public) +path_url=$(ynh_app_setting_get $app path) +final_path=$(ynh_app_setting_get $app final_path) -# Check domain/path availability -sudo yunohost app checkurl "${domain}${path}" -a "${app}" \ - || ynh_die "Path not available: ${domain}${path}" - -# Check $final_path -final_path="/var/www/${app}" -if [ -d "${final_path}" ]; then - ynh_die "There is already a directory: ${final_path}" -fi - -# Check configuration files nginx -nginx_conf="/etc/nginx/conf.d/${domain}.d/${app}.conf" -if [ -f "${nginx_conf}" ]; then - ynh_die "The NGINX configuration already exists at '${nginx_conf}'. You should safely delete it before restoring this app." -fi - -# Check configuration files php-fpm -phpfpm_conf="/etc/php5/fpm/pool.d/${app}.conf" -if [ -f "${phpfpm_conf}" ]; then - ynh_die "The PHP FPM configuration already exists at '${phpfpm_conf}'. You should safely delete it before restoring this app." -fi - -phpfpm_ini="/etc/php5/fpm/conf.d/20-${app}.ini" -if [ -f "${phpfpm_ini}" ]; then - ynh_die "The PHP FPM INI configuration already exists at '${phpfpm_ini}'. You should safely delete it before restoring this app." -fi #================================================= -# INSTALL DEPENDENCIES +# CHECK IF THE APP CAN BE RESTORED #================================================= -ynh_install_app_dependencies php-zip +ynh_webpath_available $domain $path_url \ + || ynh_die "Path not available: ${domain}${path_url}" +test ! -d $final_path \ +|| ynh_die "There is already a directory: $final_path " - # Restore sources & data -sudo cp -a ./sources "${final_path}" -# Set permissions -sudo chown -R www-data: "${final_path}" +#================================================= +# STANDARD RESTORATION STEPS +#================================================= +# RESTORE THE NGINX CONFIGURATION +#================================================= -# Restore nginx configuration files -sudo cp -a ./nginx.conf "${nginx_conf}" -# Restore php-fpm configuration files -sudo cp -a ./php-fpm.conf "${phpfpm_conf}" -sudo cp -a ./php-fpm.ini "${phpfpm_ini}" +ynh_restore_file "/etc/nginx/conf.d/$domain.d/$app.conf" -# Set ssowat config -if [ "$is_public" = "No" ]; -then - ynh_app_setting_delete $app skipped_uris -fi +#================================================= +# RESTORE THE APP MAIN DIR +#================================================= + +ynh_restore_file "$final_path" + + +#================================================= +# RESTORE USER RIGHTS +#================================================= + +chown -R www-data: "$final_path" + +#================================================= +# RESTORE THE PHP-FPM CONFIGURATION +#================================================= + +ynh_restore_file "/etc/php/7.0/fpm/pool.d/$app.conf" +ynh_restore_file "/etc/php/7.0/fpm/conf.d/20-$app.ini" + + +#================================================= +# SPECIFIC RESTORATION +#================================================= +# REINSTALL DEPENDENCIES +#================================================= + +ynh_install_app_dependencies php7.0-zip + +#================================================= +# GENERIC FINALIZATION +#================================================= +# RELOAD NGINX AND PHP-FPM +#================================================= # Reload services -sudo systemctl reload php5-fpm -sudo systemctl reload nginx -sudo yunohost app ssowatconf +systemctl reload php7.0-fpm +systemctl reload nginx \ No newline at end of file diff --git a/scripts/upgrade b/scripts/upgrade index 495dd00..058f040 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -1,57 +1,127 @@ #!/bin/bash -# Exit on command errors and treat unset variables as an error -set -eu +#================================================= +# GENERIC START +#================================================= +# IMPORT GENERIC HELPERS +#================================================= -source .fonctions # Loads the generic functions usually used in the script -source /usr/share/yunohost/helpers # Source YunoHost helpers +source _common.sh +source /usr/share/yunohost/helpers + +#================================================= +# LOAD SETTINGS +#================================================= -# See comments in install script app=$YNH_APP_INSTANCE_NAME -# Retrieve app settings -domain=$(ynh_app_setting_get "$app" domain) -path=$(ynh_app_setting_get "$app" path) -admin=$(ynh_app_setting_get "$app" admin) -is_public=$(ynh_app_setting_get "$app" is_public) -language=$(ynh_app_setting_get "$app" language) +domain=$(ynh_app_setting_get $app domain) +path_url=$(ynh_app_setting_get $app path) +admin=$(ynh_app_setting_get $app admin) +is_public=$(ynh_app_setting_get $app is_public) +final_path=$(ynh_app_setting_get $app final_path) +language=$(ynh_app_setting_get $app language) -CHECK_PATH # Checks and corrects the syntax of the path. +#================================================= +# ENSURE DOWNWARD COMPATIBILITY +#================================================= + +# Fix is_public as a boolean value +if [ "$is_public" = "Yes" ]; then + ynh_app_setting_set $app is_public 1 + is_public=1 +elif [ "$is_public" = "No" ]; then + ynh_app_setting_set $app is_public 0 + is_public=0 +fi + +# If db_name doesn't exist, create it +if [ -z $db_name ]; then + db_name=$(ynh_sanitize_dbid $app) + ynh_app_setting_set $app db_name $db_name +fi + +# If final_path doesn't exist, create it +if [ -z $final_path ]; then + final_path=/var/www/$app + ynh_app_setting_set $app final_path $final_path +fi + +#================================================= +# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +#================================================= + +# Backup the current version of the app +ynh_backup_before_upgrade +ynh_clean_setup () { + # restore it if the upgrade fails + ynh_restore_upgradebackup +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + +#================================================= +# CHECK THE PATH +#================================================= + +# Normalize the URL path syntax +path_url=$(ynh_normalize_url_path $path_url) + + + +#================================================= +# STANDARD UPGRADE STEPS +#================================================= +# DOWNLOAD, CHECK AND UNPACK SOURCE +#================================================= + +# Download, check integrity, uncompress and patch the source from app.src +ynh_setup_source "$final_path" + +#================================================= +# NGINX CONFIGURATION +#================================================= + +# Create a dedicated nginx config +ynh_add_nginx_config #================================================= # INSTALL DEPENDENCIES #================================================= -ynh_install_app_dependencies php-zip +ynh_install_app_dependencies php7.0-zip -final_path=/var/www/$app +#================================================= +# PHP-FPM CONFIGURATION +#================================================= -# Get source -SETUP_SOURCE +# Create a dedicated php-fpm config +ynh_add_fpm_config -# Modify Nginx configuration file and copy it to Nginx conf directory -sudo sed -i "s@__PATHTOCHANGE__@$path@g" /etc/nginx/conf.d/$domain.d/$app.conf -sudo sed -i "s@__FINALPATH__@$final_path@g" /etc/nginx/conf.d/$domain.d/$app.conf -sudo sed -i "s@__NAMETOCHANGE__@$app@g" /etc/nginx/conf.d/$domain.d/$app.conf +chown -R www-data: "$final_path" -if [ "$is_public" = "Yes" ]; +#================================================= +# GENERIC FINALIZATION +#================================================= +# SECURE FILES AND DIRECTORIES +#================================================= + + +#================================================= +# SETUP SSOWAT +#================================================= + +# Make app public if necessary +if [ $is_public -eq "1" ] then - sudo sed -i "s@#--PRIVATE--@@g" /etc/nginx/conf.d/$domain.d/$app.conf + # unprotected_uris allows SSO credentials to be passed anyway. + ynh_app_setting_set "$app" unprotected_uris "/" +else + ynh_replace_string "#--PRIVATE--" "" "/etc/nginx/conf.d/$domain.d/$app.conf" fi -# Create the php-fpm pool config -POOL_FPM +#================================================= +# RELOAD NGINX +#================================================= -sudo chown -R www-data: "${final_path}" - -# Setup SSOwat -ynh_app_setting_set "$app" is_public "$is_public" -if [ "$is_public" = "Yes" ]; -then - ynh_app_setting_set "$app" unprotected_uris "/" -fi - -# Reload Nginx -sudo systemctl reload php5-fpm -sudo systemctl reload nginx -sudo yunohost app ssowatconf \ No newline at end of file +systemctl reload nginx \ No newline at end of file diff --git a/sources/source_dir b/sources/source_dir deleted file mode 100644 index f07b028..0000000 --- a/sources/source_dir +++ /dev/null @@ -1 +0,0 @@ -grav-admin \ No newline at end of file diff --git a/sources/source_md5 b/sources/source_md5 deleted file mode 100644 index b5b2663..0000000 --- a/sources/source_md5 +++ /dev/null @@ -1 +0,0 @@ -1c325d225c33641262386b4688344344 grav-admin-v1.3.1.zip \ No newline at end of file diff --git a/sources/source_url b/sources/source_url deleted file mode 100644 index cf8f85f..0000000 --- a/sources/source_url +++ /dev/null @@ -1 +0,0 @@ -https://github.com/getgrav/grav/releases/download/1.3.1/grav-admin-v1.3.1.zip \ No newline at end of file From fa6064fcd40e3a982bde36814c32f135f66e5b6c Mon Sep 17 00:00:00 2001 From: Jean-Baptiste Holcroft Date: Mon, 3 Sep 2018 23:39:42 +0200 Subject: [PATCH 3/8] Dedicated user --- README.md | 1 - check_process | 2 +- conf/php-fpm.conf | 4 ++-- scripts/install | 9 ++++++++- scripts/remove | 9 +++++++++ scripts/restore | 9 +++++++-- scripts/upgrade | 9 ++++++++- 7 files changed, 35 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index 331ff22..492978e 100644 --- a/README.md +++ b/README.md @@ -17,6 +17,5 @@ sudo yunohost app install --url grav https://github.com/YunoHost-Apps/grav_ynh ## TODO -[ ] create a dedicated user [ ] fix alias_traversal [ ] send email to admin \ No newline at end of file diff --git a/check_process b/check_process index 069c632..db410f8 100644 --- a/check_process +++ b/check_process @@ -41,4 +41,4 @@ Notification=all ;;; Upgrade options ; commit=8b79023a4fb3633b1a01e4ad4dafb41a5344c3fd name=pre rebuild - manifest_arg=domain=DOMAIN&path=PATH&admin=USER&language=fr_FR&is_public=Yes& \ No newline at end of file + manifest_arg=domain=DOMAIN&path=PATH&admin=USER&language=fr_FR&is_public="Yes"& \ No newline at end of file diff --git a/conf/php-fpm.conf b/conf/php-fpm.conf index 446cae6..6134990 100644 --- a/conf/php-fpm.conf +++ b/conf/php-fpm.conf @@ -19,8 +19,8 @@ ; Unix user/group of processes ; Note: The user is mandatory. If the group is not set, the default user's group ; will be used. -user = www-data -group = www-data +user = __USER__ +group = __USER__ ; The address on which to accept FastCGI requests. ; Valid syntaxes are: diff --git a/scripts/install b/scripts/install index 2eb3f43..ba5309c 100644 --- a/scripts/install +++ b/scripts/install @@ -78,6 +78,13 @@ ynh_setup_source "$final_path" # Create a dedicated nginx config ynh_add_nginx_config +#================================================= +# CREATE DEDICATED USER +#================================================= + +# Create a system user +ynh_system_user_create "$app" + #================================================= # PHP-FPM CONFIGURATION #================================================= @@ -91,7 +98,7 @@ ynh_add_fpm_config # SECURE FILES AND DIRECTORIES #================================================= -chown -R www-data: "$final_path" +chown -R "$app": "$final_path" #================================================= # SETUP SSOWAT diff --git a/scripts/remove b/scripts/remove index 887f05f..1600700 100644 --- a/scripts/remove +++ b/scripts/remove @@ -49,3 +49,12 @@ ynh_remove_nginx_config # Remove the dedicated php-fpm config ynh_remove_fpm_config + +#================================================= +# GENERIC FINALIZATION +#================================================= +# REMOVE DEDICATED USER +#================================================= + +# Delete a system user +ynh_system_user_delete "$app" \ No newline at end of file diff --git a/scripts/restore b/scripts/restore index fc5d92b..a414c9e 100644 --- a/scripts/restore +++ b/scripts/restore @@ -31,7 +31,6 @@ domain=$(ynh_app_setting_get $app domain) path_url=$(ynh_app_setting_get $app path) final_path=$(ynh_app_setting_get $app final_path) - #================================================= # CHECK IF THE APP CAN BE RESTORED #================================================= @@ -56,12 +55,18 @@ ynh_restore_file "/etc/nginx/conf.d/$domain.d/$app.conf" ynh_restore_file "$final_path" +#================================================= +# RECREATE THE DEDICATED USER +#================================================= + +# Create the dedicated user (if not existing) +ynh_system_user_create "$app" #================================================= # RESTORE USER RIGHTS #================================================= -chown -R www-data: "$final_path" +chown -R "$app": "$final_path" #================================================= # RESTORE THE PHP-FPM CONFIGURATION diff --git a/scripts/upgrade b/scripts/upgrade index 058f040..8081797 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -91,6 +91,13 @@ ynh_add_nginx_config ynh_install_app_dependencies php7.0-zip +#================================================= +# CREATE DEDICATED USER +#================================================= + +# Create a dedicated user (if not existing) +ynh_system_user_create "$app" + #================================================= # PHP-FPM CONFIGURATION #================================================= @@ -98,7 +105,7 @@ ynh_install_app_dependencies php7.0-zip # Create a dedicated php-fpm config ynh_add_fpm_config -chown -R www-data: "$final_path" +chown -R "$app": "$final_path" #================================================= # GENERIC FINALIZATION From 94198dbdb577a0df8e3dbebaf5327520a1bd0854 Mon Sep 17 00:00:00 2001 From: Jean-Baptiste Holcroft Date: Mon, 3 Sep 2018 23:44:41 +0200 Subject: [PATCH 4/8] Protect against alias_traversal & httpoxy --- README.md | 1 - check_process | 2 +- conf/nginx.conf | 5 ++++- 3 files changed, 5 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 492978e..6c59614 100644 --- a/README.md +++ b/README.md @@ -17,5 +17,4 @@ sudo yunohost app install --url grav https://github.com/YunoHost-Apps/grav_ynh ## TODO -[ ] fix alias_traversal [ ] send email to admin \ No newline at end of file diff --git a/check_process b/check_process index db410f8..870758e 100644 --- a/check_process +++ b/check_process @@ -41,4 +41,4 @@ Notification=all ;;; Upgrade options ; commit=8b79023a4fb3633b1a01e4ad4dafb41a5344c3fd name=pre rebuild - manifest_arg=domain=DOMAIN&path=PATH&admin=USER&language=fr_FR&is_public="Yes"& \ No newline at end of file + manifest_arg=domain=DOMAIN&path=PATH&admin=USER&language=fr_FR&is_public=PUBLIC& \ No newline at end of file diff --git a/conf/nginx.conf b/conf/nginx.conf index 4e3560e..78ad0cb 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,4 +1,5 @@ -location __PATH__ { +#sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; +location __PATH__/ { alias __FINALPATH__/; index index.php; @@ -33,6 +34,8 @@ location __PATH__ { fastcgi_pass unix:/var/run/php/php7.0-fpm-__NAME__.sock; fastcgi_index index.php; include fastcgi_params; + # https://learn.getgrav.org/webservers-hosting/servers/nginx#fix-against-httpoxy-vulnerability + fastcgi_param HTTP_PROXY ""; fastcgi_param REMOTE_USER $remote_user; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param SCRIPT_FILENAME $request_filename; From ec151614e4c41f2012bb983d08faf6eda233d5be Mon Sep 17 00:00:00 2001 From: Jean-Baptiste Holcroft Date: Mon, 3 Sep 2018 23:45:28 +0200 Subject: [PATCH 5/8] Add jibec as maintainer --- manifest.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifest.json b/manifest.json index 33812c3..9ac21c3 100644 --- a/manifest.json +++ b/manifest.json @@ -10,8 +10,8 @@ "url": "https://www.getgrav.org/", "license": "MIT-0", "maintainer": { - "name": "cyp, lithrel", - "email": "cyp@rouquin.me, lithrel@randomdomainname.net" + "name": "cyp, lithrel, jibec", + "email": "cyp@rouquin.me, lithrel@randomdomainname.net, jean-baptiste@holcroft.fr" }, "requirements": { "yunohost": ">= 3.1.0" From c67050c08ec7fc184dfaad78bcd8b275f519c673 Mon Sep 17 00:00:00 2001 From: Jean-Baptiste Holcroft Date: Tue, 4 Sep 2018 00:05:51 +0200 Subject: [PATCH 6/8] Upgrade to 1.5.1 --- README.md | 10 +++++++++- check_process | 6 +++--- conf/app.src | 4 ++-- manifest.json | 2 +- 4 files changed, 15 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 6c59614..5783d05 100644 --- a/README.md +++ b/README.md @@ -17,4 +17,12 @@ sudo yunohost app install --url grav https://github.com/YunoHost-Apps/grav_ynh ## TODO -[ ] send email to admin \ No newline at end of file +### Features + +[ ] send email to admin + +### Tests + +[ ] upgrade from old package to new package +[ ] impact of upgrade on content +[ ] ARM \ No newline at end of file diff --git a/check_process b/check_process index 870758e..cb05f53 100644 --- a/check_process +++ b/check_process @@ -16,7 +16,7 @@ setup_private=1 setup_public=1 upgrade=1 - upgrade=1 from_commit=8b79023a4fb3633b1a01e4ad4dafb41a5344c3fd + upgrade=1 from_commit=ec151614e4c41f2012bb983d08faf6eda233d5be backup_restore=1 multi_instance=1 incorrect_path=1 @@ -39,6 +39,6 @@ Email=jean-baptiste@holcroft.fr Notification=all ;;; Upgrade options - ; commit=8b79023a4fb3633b1a01e4ad4dafb41a5344c3fd - name=pre rebuild + ; commit=ec151614e4c41f2012bb983d08faf6eda233d5be + name=Version 1.3.1 manifest_arg=domain=DOMAIN&path=PATH&admin=USER&language=fr_FR&is_public=PUBLIC& \ No newline at end of file diff --git a/conf/app.src b/conf/app.src index 77c1ced..a40951f 100644 --- a/conf/app.src +++ b/conf/app.src @@ -1,5 +1,5 @@ -SOURCE_URL=https://github.com/getgrav/grav/releases/download/1.3.1/grav-admin-v1.3.1.zip -SOURCE_SUM=de39862725fea8d868c4a149c99b6fa245962482aad8ba063473d2d5b3f64edb +SOURCE_URL=https://github.com/getgrav/grav/releases/download/1.5.1/grav-admin-v1.5.1.zip +SOURCE_SUM=34f48f984ef734e66ccc1c9fc30f5d5f512ee0febc4576c63b657bf4c5461160 SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=zip SOURCE_IN_SUBDIR=true diff --git a/manifest.json b/manifest.json index 9ac21c3..83f2004 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "Grav - Grav is a modern open source flat-file CMS", "fr": "Grav - Grav is a modern open source flat-file CMS" }, - "version": "1.3.1~ynh1", + "version": "1.5.1~ynh1", "url": "https://www.getgrav.org/", "license": "MIT-0", "maintainer": { From 0614bb19c85741a376ede67e2eb7bb5d02e03362 Mon Sep 17 00:00:00 2001 From: Jean-Baptiste Holcroft Date: Wed, 12 Sep 2018 21:39:34 +0200 Subject: [PATCH 7/8] Improve Readme and Manifest --- README.md | 35 ++++++++++++++++++++++++++--------- manifest.json | 23 ++++++++++++++++++----- 2 files changed, 44 insertions(+), 14 deletions(-) diff --git a/README.md b/README.md index 5783d05..321a8f8 100644 --- a/README.md +++ b/README.md @@ -1,11 +1,15 @@ -# [EN] Grav for YunoHost - +[![Integration level](https://dash.yunohost.org/integration/grav.svg)](https://ci-apps.yunohost.org/jenkins/job/grav%20%28Community%29/lastBuild/consoleFull) [![Install Grav with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=grav) +Grav is a modern open source flat-file CMS. + +> *This package allow you to install Grav quickly and simply on a YunoHost server. +If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to know how to install and enjoy it.* + * http://getgrav.org/ * https://github.com/getgrav/grav -Provided version: **1.3.1** +Provided version: **1.5.1** ## Installation @@ -15,14 +19,27 @@ Use either YunoHost's admin panel or command line: sudo yunohost app install --url grav https://github.com/YunoHost-Apps/grav_ynh ``` -## TODO +```sh +sudo yunohost app upgrade --url https://github.com/YunoHost-Apps/grav_ynh kanboard +``` -### Features +# State of this package -[ ] send email to admin - -### Tests +* works fine: +[x] install/remove/backup/remove/upgrade with x86_64 +* to be confirmed: [ ] upgrade from old package to new package [ ] impact of upgrade on content -[ ] ARM \ No newline at end of file +[ ] ARM + +* to be added: +[ ] send email to admin + +## Links + + * Report a bug about this package: https://github.com/YunoHost-Apps/grav_ynh + * Report a bug about Grav itself: https://github.com/getgrav/grav/issues + * Documentation: https://learn.getgrav.org/ + * Grav website: https://www.getgrav.org/ + * YunoHost website: https://yunohost.org/ diff --git a/manifest.json b/manifest.json index 83f2004..8156a23 100644 --- a/manifest.json +++ b/manifest.json @@ -6,13 +6,26 @@ "en": "Grav - Grav is a modern open source flat-file CMS", "fr": "Grav - Grav is a modern open source flat-file CMS" }, - "version": "1.5.1~ynh1", + "version": "1.5.1~ynh2", "url": "https://www.getgrav.org/", "license": "MIT-0", - "maintainer": { - "name": "cyp, lithrel, jibec", - "email": "cyp@rouquin.me, lithrel@randomdomainname.net, jean-baptiste@holcroft.fr" - }, + "maintainer": [ + { + "name": "jibec", + "email": "jean-baptiste@holcroft.fr" + }, + { + "name": "tituspijean", + "email": "tituspijean@outlook.com" + }], + "previous_maintainers": [ + { + "name": "cyp", + "email": "cyp@rouquin.me" + },{ + "name": "lithrel", + "email": "lithrel@randomdomainname.net" + }], "requirements": { "yunohost": ">= 3.1.0" }, From 31fbec2eb7904d0a242b60a68dfa278696319e0c Mon Sep 17 00:00:00 2001 From: tituspijean Date: Wed, 12 Sep 2018 22:33:00 +0200 Subject: [PATCH 8/8] Improve README --- README.md | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 321a8f8..35572cb 100644 --- a/README.md +++ b/README.md @@ -16,25 +16,26 @@ Provided version: **1.5.1** Use either YunoHost's admin panel or command line: ```sh -sudo yunohost app install --url grav https://github.com/YunoHost-Apps/grav_ynh +sudo yunohost app install https://github.com/YunoHost-Apps/grav_ynh ``` +For upgrading (replace `grav` by the actual instance ID if more instances are installed): ```sh -sudo yunohost app upgrade --url https://github.com/YunoHost-Apps/grav_ynh kanboard +sudo yunohost app upgrade grav -u https://github.com/YunoHost-Apps/grav_ynh ``` # State of this package * works fine: -[x] install/remove/backup/remove/upgrade with x86_64 + * [x] install/remove/backup/remove/upgrade with x86_64 * to be confirmed: -[ ] upgrade from old package to new package -[ ] impact of upgrade on content -[ ] ARM + * [x] upgrade from old package to new package + * [ ] impact of upgrade on content + * [ ] ARM * to be added: -[ ] send email to admin + * [ ] send email to admin ## Links