YunoHost-Apps/grav_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/grav_ynh.git synced 2024-09-03 19:16:01 +02:00
Code Issues Activity Actions 1

Refactoring and version upgrade

Browse source
This commit is contained in:
tituspijean 2018-08-10 00:06:26 +02:00
parent b2a1500bb8
commit f1b8557b1e
16 changed files with 623 additions and 561 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

74
check_process
View file

@ -1,37 +1,39 @@
;; Test complet sans multisite
auto_remove=1
; Manifest
domain="domain.tld" (DOMAIN)
path="/path" (PATH)
admin="john" (USER)
language="fr_FR"
multisite="No"
is_public="Yes" (PUBLIC|public=Yes|private=No)
; Checks
pkg_linter=1
setup_sub_dir=1
setup_root=1
setup_nourl=0
setup_private=1
setup_public=1
upgrade=1
backup_restore=1
multi_instance=1
wrong_user=1
wrong_path=1
incorrect_path=1
corrupt_source=0
fail_download_source=0
port_already_use=0
final_path_already_use=0
# See here for more informations
# https://github.com/YunoHost/package_check#syntax-check_process-file
;; Test complet
; Manifest
domain="domain.tld" (DOMAIN)
path="/path" (PATH)
admin="john" (USER)
language="fr"
is_public=1 (PUBLIC|public=1|private=0)
; Checks
pkg_linter=1
setup_sub_dir=1
setup_root=1
setup_nourl=0
setup_private=1
setup_public=1
upgrade=1
backup_restore=1
multi_instance=1
incorrect_path=1
port_already_use=0
change_url=0
;;; Levels
Level 1=auto
Level 2=auto
Level 3=auto
Level 4=0
Level 5=auto
Level 6=auto
Level 7=auto
Level 8=0
Level 9=0
Level 10=0
Level 1=auto
Level 2=auto
Level 3=auto
# Level 4: If the app supports LDAP and SSOwat, turn level 4 to '1' and add a link to an issue or a part of your code to show it.
# If the app does not use LDAP nor SSOwat, and can't use them, turn level 4 to 'na' and explain as well.
Level 4=0
Level 5=auto
Level 6=auto
Level 7=auto
Level 8=0
Level 9=0
Level 10=0
;;; Options
Email=
Notification=none

6
conf/app.src Normal file
View file

@ -0,0 +1,6 @@
SOURCE_URL=https://github.com/getgrav/grav/releases/download/1.4.8/grav-admin-v1.4.8.zip
SOURCE_SUM=0948596A139D6B4E71AA70CDDF2EA4CF4E0F70466F9B8D1650D3A94AA9942887
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=zip
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=

112
conf/nginx.conf
View file

@ -1,54 +1,70 @@
location __PATHTOCHANGE__ {
alias __FINALPATH__/;
index index.php;
location __PATH__
{
alias __FINALPATH__/;
index index.php;
if (!-e $request_filename)
{
rewrite ^(.+)$ __PATHTOCHANGE__/index.php?q=$1 last;
}
if ($scheme = http) {
rewrite ^ https://$server_name$request_uri? permanent;
}
client_max_body_size 30m;
if (!-e $request_filename)
{
rewrite ^(.+)$ __PATH__/index.php?q=$1 last;
}
if ($scheme = http)
{
rewrite ^ https://$server_name$request_uri? permanent;
}
client_max_body_size 30m;
# Add headers to serve security related headers
add_header Strict-Transport-Security "max-age=15768000;";
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
# Add headers to serve security related headers
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
location ~* \.(jpg|jpeg|gif|css|png|js|ico|swf|mp3|pdf)$ {
# Le contenu statique, est signalé au navigateur comme étant
# à garder en cache une semaine. Si il y a un proxy sur la
# route, celui-ci est autorisé à faire une copie et à la
# cacher.
expires 1w;
add_header Cache-Control public;
}
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
fastcgi_pass unix:/var/run/php5-fpm-__NAMETOCHANGE__.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param REMOTE_USER $remote_user;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $request_filename;
}
location ~* \.(jpg|jpeg|gif|css|png|js|ico|swf|mp3|pdf)$
{
# Le contenu statique, est signalé au navigateur comme étant
# à garder en cache une semaine. Si il y a un proxy sur la
# route, celui-ci est autorisé à faire une copie et à la
# cacher.
expires 1w;
add_header Cache-Control public;
}
location ~ [^/]\.php(/|$)
{
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
fastcgi_pass unix:/var/run/php5-fpm-__NAME__.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param REMOTE_USER $remote_user;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param HTTP_PROXY "";
}
## Begin - Security
# deny all direct access for these folders
location ~* /(.git|cache|bin|logs|backups)/.*$ { return 403; }
# deny running scripts inside core system folders
location ~* /(system|vendor)/.*\.(txt|xml|md|html|yaml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
# deny running scripts inside user folder
location ~* /user/.*\.(txt|md|yaml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
# deny access to specific files in the root folder
location ~ /(LICENSE|composer.lock|composer.json|nginx.conf|web.config|htaccess.txt|\.htaccess) { return 403; }
## End - Security
## Begin - Security
# deny all direct access for these folders
location ~* /(.git|cache|bin|logs|backups)/.*$
{
return 403;
}
# deny running scripts inside core system folders
location ~* /(system|vendor)/.*\.(txt|xml|md|html|yaml|php|pl|py|cgi|twig|sh|bat)$
{
return 403;
}
# deny running scripts inside user folder
location ~* /user/.*\.(txt|md|yaml|php|pl|py|cgi|twig|sh|bat)$
{
return 403;
}
# deny access to specific files in the root folder
location ~ /(LICENSE|composer.lock|composer.json|nginx.conf|web.config|htaccess.txt|\.htaccess)
{
return 403;
}
## End - Security
#--PRIVATE--# Include SSOWAT user panel.
#--PRIVATE--include conf.d/yunohost_panel.conf.inc;
#--PRIVATE--# Include SSOWAT user panel.
#--PRIVATE--include conf.d/yunohost_panel.conf.inc;
}

46
conf/php-fpm.conf
View file

@ -19,8 +19,8 @@
; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
; will be used.
user = www-data
group = www-data
user = __USER__
group = __USER__
; The address on which to accept FastCGI requests.
; Valid syntaxes are:
@ -32,19 +32,19 @@ group = www-data
; Note: This value is mandatory.
listen = /var/run/php5-fpm-__NAMETOCHANGE__.sock
; Set listen(2) backlog.
; Set listen(2) backlog. A value of '-1' means unlimited.
; Default Value: 128 (-1 on FreeBSD and OpenBSD)
;listen.backlog = 128
; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many
; BSD-derived systems allow connections regardless of permissions.
; BSD-derived systems allow connections regardless of permissions.
; Default Values: user and group are set as the running user
; mode is set to 0660
listen.owner = www-data
listen.group = www-data
;listen.mode = 0660
; List of ipv4 addresses of FastCGI clients which are allowed to connect.
; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
@ -117,7 +117,7 @@ pm.max_spare_servers = 3
; Note: Used only when pm is set to 'ondemand'
; Default Value: 10s
;pm.process_idle_timeout = 10s;
; The number of requests each child process should execute before respawning.
; This can be useful to work around memory leaks in 3rd party libraries. For
; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
@ -170,7 +170,7 @@ pm.max_requests = 500
;
; By default the status page only outputs short status. Passing 'full' in the
; query string will also return status for each pool process.
; Example:
; Example:
; http://www.foo.bar/status?full
; http://www.foo.bar/status?json&full
; http://www.foo.bar/status?html&full
@ -220,9 +220,9 @@ pm.max_requests = 500
; Note: The value must start with a leading slash (/). The value can be
; anything, but it may not be a good idea to use the .php extension or it
; may conflict with a real PHP file.
; Default Value: not set
; Default Value: not set
;pm.status_path = /status
; The ping URI to call the monitoring page of FPM. If this value is not set, no
; URI will be recognized as a ping page. This could be used to test from outside
; that FPM is alive and responding, or to
@ -283,7 +283,7 @@ pm.max_requests = 500
; - ....
; %p: PID of the child that serviced the request
; %P: PID of the parent of the child that serviced the request
; %q: the query string
; %q: the query string
; %Q: the '?' character if query string exists
; %r: the request URI (without the query string, see %q and %Q)
; %R: remote IP address
@ -298,50 +298,50 @@ pm.max_requests = 500
;
; Default: "%R - %u %t \"%m %r\" %s"
;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"
; The log file for slow requests
; Default Value: not set
; Note: slowlog is mandatory if request_slowlog_timeout is set
slowlog = /var/log/nginx/__NAMETOCHANGE__.slow.log
; The timeout for serving a single request after which a PHP backtrace will be
; dumped to the 'slowlog' file. A value of '0s' means 'off'.
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
; Default Value: 0
request_slowlog_timeout = 5s
; The timeout for serving a single request after which the worker process will
; be killed. This option should be used when the 'max_execution_time' ini option
; does not stop script execution for some reason. A value of '0' means 'off'.
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
; Default Value: 0
request_terminate_timeout = 1d
; Set open file descriptor rlimit.
; Default Value: system defined value
;rlimit_files = 1024
; Set max core size rlimit.
; Possible Values: 'unlimited' or an integer greater or equal to 0
; Default Value: system defined value
;rlimit_core = 0
; Chroot to this directory at the start. This value must be defined as an
; absolute path. When this value is not set, chroot is not used.
; Note: you can prefix with '$prefix' to chroot to the pool prefix or one
; of its subdirectories. If the pool prefix is not set, the global prefix
; will be used instead.
; Note: chrooting is a great security feature and should be used whenever
; Note: chrooting is a great security feature and should be used whenever
; possible. However, all PHP paths will be relative to the chroot
; (error_log, sessions.save_path, ...).
; Default Value: not set
;chroot =
;chroot =
; Chdir to this directory at the start.
; Note: relative path can be used.
; Default Value: current directory or / when chroot
chdir = __FINALPATH__
; Redirect worker stdout and stderr into main error log. If not set, stdout and
; stderr will be redirected to /dev/null according to FastCGI specs.
; Note: on highloaded environement, this can cause some delay in the page
@ -356,7 +356,7 @@ catch_workers_output = yes
; Note: set an empty value to allow all extensions.
; Default Value: .php
;security.limit_extensions = .php .php3 .php4 .php5
; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
; the current environment.
; Default Value: clean env
@ -370,7 +370,7 @@ catch_workers_output = yes
; overwrite the values previously defined in the php.ini. The directives are the
; same as the PHP SAPI:
; php_value/php_flag - you can set classic ini defines which can
; be overwritten from PHP call 'ini_set'.
; be overwritten from PHP call 'ini_set'.
; php_admin_value/php_admin_flag - these directives won't be overwritten by
; PHP call 'ini_set'
; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no.
@ -389,4 +389,4 @@ catch_workers_output = yes
;php_flag[display_errors] = off
;php_admin_value[error_log] = /var/log/fpm-php.www.log
;php_admin_flag[log_errors] = on
;php_admin_value[memory_limit] = 32M
;php_admin_value[memory_limit] = 32M

13
conf/php-fpm.ini
View file

@ -1,3 +1,10 @@
upload_max_filesize=30M
post_max_size=30M
; max_execution_time=60
; Common values to change to increase file upload limit
upload_max_filesize = 50M
post_max_size = 50M
; mail.add_x_header = Off
; Other common parameters
; max_execution_time = 600
; max_input_time = 300
; memory_limit = 256M
; short_open_tag = On

145
manifest.json
View file

@ -1,74 +1,73 @@
{
"name": "Grav",
"id": "grav",
"packaging_format": 1,
"description": {
"en": "Grav - Grav is a modern open source flat-file CMS",
"fr": "Grav - Grav is a modern open source flat-file CMS"
},
"version": "1.4.5",
"url": "https://www.getgrav.org/",
"license": "free",
"maintainer": {
"name": "cyp, lithrel",
"email": "cyp@rouquin.me, lithrel@randomdomainname.net"
},
"requirements": {
"yunohost": ">> 2.7.0"
},
"multi_instance": true,
"services": [
"nginx",
"php5-fpm"
],
"arguments": {
"install" : [
{
"name": "domain",
"type": "domain",
"ask": {
"en": "Choose a domain name for Grav",
"fr": "Choisissez un nom de domaine pour Grav"
},
"example": "example.org"
},
{
"name": "path",
"type": "path",
"ask": {
"en": "Choose a path for Grav",
"fr": "Choisissez un chemin pour Grav"
},
"example": "/grav",
"default": "/grav"
},
{
"name": "admin",
"type": "user",
"ask": {
"en": "Choose the Grav administrator (must be an existing YunoHost user)",
"fr": "Administrateur du site (doit être un utilisateur YunoHost existant)"
},
"example": "johndoe"
},
{
"name": "is_public",
"ask": {
"en": "Is it a public Grav site ?",
"fr": "Est-ce un site public ?"
},
"choices": ["Yes", "No"],
"default": "Yes"
},
{
"name": "language",
"ask": {
"en": "Choose the application language",
"fr": "Choisissez la langue de l'application"
},
"choices": ["en_EN", "fr_FR"],
"default": "fr_FR"
}
]
}
}
"name": "Grav",
"id": "grav",
"packaging_format": 1,
"description": {
"en": "Grav - a modern open source flat-file CMS",
"fr": "Grav - un CMS moderne, libre, et sans base de données"
},
"version": "1.4.8",
"url": "https://www.getgrav.org/",
"license": "free",
"maintainer": {
"name": "cyp, lithrel, tituspijean",
"email": "cyp@rouquin.me, lithrel@randomdomainname.net, tituspijean@outlook.com"
},
"requirements": {
"yunohost": ">= 2.7.14"
},
"multi_instance": true,
"services": [
"nginx",
"php5-fpm"
],
"arguments": {
"install": [{
"name": "domain",
"type": "domain",
"ask": {
"en": "Choose a domain name for Grav",
"fr": "Choisissez un nom de domaine pour Grav"
},
"example": "example.org"
},
{
"name": "path",
"type": "path",
"ask": {
"en": "Choose a path for Grav",
"fr": "Choisissez un chemin pour Grav"
},
"example": "/grav",
"default": "/grav"
},
{
"name": "admin",
"type": "user",
"ask": {
"en": "Choose the Grav administrator (must be an existing YunoHost user)",
"fr": "Administrateur du site (doit être un utilisateur YunoHost existant)"
},
"example": "johndoe"
},
{
"name": "is_public",
"type": "boolean",
"ask": {
"en": "Is it a public application?",
"fr": "Est-ce une application publique ?"
},
"default": true
},
{
"name": "language",
"ask": {
"en": "Choose the application language",
"fr": "Choisissez la langue de l'application"
},
"choices": ["en_EN", "fr_FR"],
"default": "fr_FR"
}
]
}
}

204
scripts/.fonctions
View file

@ -1,204 +0,0 @@
#!/bin/bash
ynh_version="2.4"
YNH_VERSION () { # Returns the version number of the Yunohost moulinette
ynh_version=$(sudo yunohost -v | grep "moulinette:" | cut -d' ' -f2 | cut -d'.' -f1,2)
}
CHECK_VAR () { # Verifies that the variable is not empty.
# $1 = Variable to be checked
# $2 = Display text on error
test -n "$1" || (echo "$2" >&2 && false)
}
EXIT_PROPERLY () { # Causes the script to stop in the event of an error. And clean the residue.
trap '' ERR
echo -e "\e[91m \e[1m" # Shell in light red bold
echo -e "!!\n $app install's script has encountered an error. Installation was cancelled.\n!!" >&2
if type -t CLEAN_SETUP > /dev/null; then # Checks the existence of the function before executing it.
CLEAN_SETUP # Call the specific cleanup function of the install script.
fi
# Compensates the ssowat bug that does not remove the app's input in case of installation error.
sudo sed -i "\@\"$domain$path/\":@d" /etc/ssowat/conf.json
if [ "$ynh_version" = "2.2" ]; then
/bin/bash $script_dir/remove
fi
ynh_die
}
TRAP_ON () { # Activate signal capture
trap EXIT_PROPERLY ERR # Capturing exit signals on error
}
TRAP_OFF () { # Ignoring signal capture until TRAP_ON
trap '' ERR # Ignoring exit signals
}
CHECK_USER () { # Check the validity of the user admin
# $1 = User admin variable
ynh_user_exists "$1" || (echo "Wrong admin" >&2 && false)
}
CHECK_PATH () { # Checks / at the beginning of the path. And his absence at the end.
if [ "${path:0:1}" != "/" ]; then # If the first character is not /
path="/$path" # Add / at the beginning of path
fi
if [ "${path:${#path}-1}" == "/" ] && [ ${#path} -gt 1 ]; then # If the last character is a / and it is not the only character.
path="${path:0:${#path}-1}" # Delete last character
fi
}
CHECK_DOMAINPATH () { # Checks the availability of the path and domain.
sudo yunohost app checkurl $domain$path -a $app
}
CHECK_FINALPATH () { # Checks that the destination folder is not already in use.
final_path=/var/www/$app
if [ -e "$final_path" ]
then
echo "This path already contains a folder" >&2
false
fi
}
GENERATE_DB () { # Create a database and a dedicated user in the name of the app
# $1 = Database name
# Generates a random password.
db_user=$1
db_pwd=$(head -n20 /dev/urandom | tr -c -d 'A-Za-z0-9' | head -c20)
CHECK_VAR "$db_pwd" "db_pwd empty"
# Uses '$ app' as user name and database
# Initializes the database and stores the mysql password.
ynh_mysql_create_db "$db_user" "$db_user" $db_pwd
ynh_app_setting_set $app mysqlpwd $db_pwd
}
SETUP_SOURCE () { # Download source, decompress and copu into $final_path
src=$(cat ../sources/source_md5 | awk -F' ' {'print $2'})
sudo wget -nv -i ../sources/source_url -O $src
# Checks the checksum of the downloaded source.
# md5sum -c ../sources/source_md5 --status || ynh_die "Corrupt source"
# Decompress source
if [ "$(echo ${src##*.})" == "tgz" ]; then
tar -x -f $src
elif [ "$(echo ${src##*.})" == "zip" ]; then
unzip -q $src
else
false # Unsupported archive format.
fi
# Copy file source
sudo cp -a $(cat ../sources/source_dir)/. "$final_path"
# Copy additional file and modified
if test -e "../sources/ajouts"; then
sudo cp -a ../sources/ajouts/. "$final_path"
fi
}
POOL_FPM () { # Create the php-fpm pool configuration file and configure it.
sed -i "s@__NAMETOCHANGE__@$app@g" ../conf/php-fpm.conf
sed -i "s@__FINALPATH__@$final_path@g" ../conf/php-fpm.conf
finalphpconf=/etc/php5/fpm/pool.d/$app.conf
sudo cp ../conf/php-fpm.conf $finalphpconf
sudo chown root: $finalphpconf
finalphpini=/etc/php5/fpm/conf.d/20-$app.ini
sudo cp ../conf/php-fpm.ini $finalphpini
sudo chown root: $finalphpini
sudo systemctl reload php5-fpm
}
STORE_MD5_CONFIG () { # Saves the checksum of the config file
# $1 = Name of the conf file for storage in settings.yml
# $2 = Full name and path of the conf file.
ynh_app_setting_set $app $1_file_md5 $(sudo md5sum "$2" | cut -d' ' -f1)
}
CHECK_MD5_CONFIG () { # Created a backup of the config file if it was changed.
# $1 = Name of the conf file for storage in settings.yml
# $2 = Full name and path of the conf file.onf.
if [ "$(ynh_app_setting_get $app $1_file_md5)" != $(sudo md5sum "$2" | cut -d' ' -f1) ]; then
sudo cp -a "$2" "$2.backup.$(date '+%d.%m.%y_%Hh%M,%Ss')" # Si le fichier de config a été modifié, créer un backup.
fi
}
FIND_PORT () { # Search free port
# $1 = Port number to start the search.
port=$1
while ! sudo yunohost app checkport $port ; do
port=$((port+1))
done
CHECK_VAR "$port" "port empty"
}
### REMOVE SCRIPT
REMOVE_NGINX_CONF () { # Delete nginx configuration
if [ -e "/etc/nginx/conf.d/$domain.d/$app.conf" ]; then # Delete nginx config
echo "Delete nginx config"
sudo rm "/etc/nginx/conf.d/$domain.d/$app.conf"
sudo systemctl reload nginx
fi
}
REMOVE_FPM_CONF () { # Delete pool php-fpm configuration
if [ -e "/etc/php5/fpm/pool.d/$app.conf" ]; then # Delete fpm config
echo "Delete fpm config"
sudo rm "/etc/php5/fpm/pool.d/$app.conf"
fi
if [ -e "/etc/php5/fpm/conf.d/20-$app.ini" ]; then # Delete php config
echo "Delete php config"
sudo rm "/etc/php5/fpm/conf.d/20-$app.ini"
fi
sudo systemctl reload php5-fpm
}
REMOVE_LOGROTATE_CONF () { # Delete logrotate configuration
if [ -e "/etc/logrotate.d/$app" ]; then
echo "Delete logrotate config"
sudo rm "/etc/logrotate.d/$app"
fi
}
SECURE_REMOVE () { # Deleting a folder with variable verification
chaine="$1" # The argument must be given between simple quotes '', to avoid interpreting the variables.
no_var=0
while (echo "$chaine" | grep -q '\$') # Loop as long as there are $ in the string
do
no_var=1
global_var=$(echo "$chaine" | cut -d '$' -f 2) # Isole the first variable found.
only_var=\$$(expr "$global_var" : '\([A-Za-z0-9_]*\)') # Isole completely the variable by adding the $ at the beginning and keeping only the name of the variable. Mostly gets rid of / and a possible path behind.
real_var=$(eval "echo ${only_var}") # `eval "echo ${var}` Allows to interpret a variable contained in a variable.
if test -z "$real_var" || [ "$real_var" = "/" ]; then
echo "Variable $only_var is empty, suppression of $chaine cancelled." >&2
return 1
fi
chaine=$(echo "$chaine" | sed "s@$only_var@$real_var@") # Replaces variable with its value in the string.
done
if [ "$no_var" -eq 1 ]
then
if [ -e "$chaine" ]; then
echo "Delete directory $chaine"
sudo rm -r "$chaine"
fi
return 0
else
echo "No detected variable." >&2
return 1
fi
}
REMOVE_BDD () { # Delete database and users
# $1 = Database name
# Uses '$app' as user name and database
db_user=$1
if mysqlshow -u root -p$(sudo cat $MYSQL_ROOT_PWD_FILE) | grep -q "^| $db_user"; then
echo "Delete db"
ynh_mysql_drop_db $db_user
ynh_mysql_drop_user $db_user
fi
}

13
scripts/_common.sh Normal file
View file

@ -0,0 +1,13 @@
#!/bin/bash
# ============= FUTURE YUNOHOST HELPER =============
# Delete a file checksum from the app settings
#
# $app should be defined when calling this helper
#
# usage: ynh_remove_file_checksum file
# | arg: file - The file for which the checksum will be deleted
ynh_delete_file_checksum () {
local checksum_setting_name=checksum_${1//[\/ ]/_} # Replace all '/' and ' ' by '_'
ynh_app_setting_delete $app $checksum_setting_name
}

56
scripts/backup
View file

@ -1,23 +1,51 @@
#!/bin/bash
# Exit on command errors and treat unset variables as an error
set -eu
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
# Source app helpers
source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
# Get multi-instances specific variables
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
ynh_clean_setup () {
### Remove this function if there's nothing to clean before calling the remove script.
true
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
app=$YNH_APP_INSTANCE_NAME
# Retrieve app settings
domain=$(ynh_app_setting_get "$app" domain)
final_path=$(ynh_app_setting_get $app final_path)
domain=$(ynh_app_setting_get $app domain)
# Copy the app files
final_path="/var/www/${app}"
ynh_backup "$final_path" "sources" 1
#=================================================
# STANDARD BACKUP STEPS
#=================================================
# BACKUP THE APP MAIN DIR
#=================================================
# Copy the nginx conf files
ynh_backup "/etc/nginx/conf.d/${domain}.d/${app}.conf" "nginx.conf"
# Copy the php-fpm conf files
ynh_backup "/etc/php5/fpm/pool.d/${app}.conf" "php-fpm.conf"
ynh_backup "/etc/php5/fpm/conf.d/20-${app}.ini" "php-fpm.ini"
ynh_backup "$final_path"
#=================================================
# BACKUP THE NGINX CONFIGURATION
#=================================================
ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# BACKUP THE PHP-FPM CONFIGURATION
#=================================================
ynh_backup "/etc/php5/fpm/pool.d/$app.conf"
ynh_backup "/etc/php5/fpm/conf.d/20-$app.ini"

159
scripts/install
View file

@ -1,86 +1,137 @@
#!/bin/bash
# Exit on command errors and treat unset variables as an error
set -eu
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source .fonctions # Loads the generic functions usually used in the script
source /usr/share/yunohost/helpers # Source app helpers
source _common.sh
source /usr/share/yunohost/helpers
CLEAN_SETUP () {
# Clean installation residues that are not supported by the remove script.
# Clean hosts
sudo sed -i '/#GRAV/d' /etc/hosts
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
ynh_clean_setup () {
### Remove this function if there's nothing to clean before calling the remove script.
true
}
TRAP_ON # Active trap to stop the script if an error is detected.
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================
domain=$YNH_APP_ARG_DOMAIN
path=$YNH_APP_ARG_PATH
admin_grav=$YNH_APP_ARG_ADMIN
language=$YNH_APP_ARG_LANGUAGE
path_url=$YNH_APP_ARG_PATH
admin=$YNH_APP_ARG_ADMIN
is_public=$YNH_APP_ARG_IS_PUBLIC
language=$YNH_APP_ARG_LANGUAGE
app=$YNH_APP_INSTANCE_NAME
CHECK_VAR "$app" "app name not set"
#=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#=================================================
CHECK_USER "$admin_grav"
# Set and test the installation path
final_path=/var/www/$app
test ! -e "$final_path" || ynh_die "This path already contains a folder"
CHECK_PATH
# Normalize the url path syntax
path_url=$(ynh_normalize_url_path $path_url)
CHECK_DOMAINPATH
# Check web path availability
ynh_webpath_available $domain $path_url
# Register (book) web path
ynh_webpath_register $app $domain $path_url
CHECK_FINALPATH
#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
ynh_app_setting_set $app domain $domain
ynh_app_setting_set $app path $path
ynh_app_setting_set $app admin $admin_grav
ynh_app_setting_set $app path $path_url
ynh_app_setting_set $app admin $admin
ynh_app_setting_set $app is_public $is_public
ynh_app_setting_set $app language $language
# Creates the destination directory and stores its location.
sudo mkdir "$final_path"
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# INSTALL DEPENDENCIES
#=================================================
ynh_install_app_dependencies php7.0-zip
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
### `ynh_setup_source` is used to install an app from a zip or tar.gz file,
### downloaded from an upstream source, like a git repository.
### `ynh_setup_source` use the file conf/app.src
ynh_app_setting_set $app final_path $final_path
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source "$final_path"
# Get source
SETUP_SOURCE
#=================================================
# NGINX CONFIGURATION
#=================================================
# Grav install
sudo $final_path/bin/grav
### `ynh_add_nginx_config` will use the file conf/nginx.conf
# Set permissions
sudo chown -R www-data: $final_path
# Create a dedicated nginx config
ynh_add_nginx_config
echo -e "127.0.0.1 $domain #GRAV" | sudo tee -a /etc/hosts
#=================================================
# CREATE DEDICATED USER
#=================================================
# Copy nginx config
sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf
# Create a system user
ynh_system_user_create $app
# Modif the variables in the nginx configuration file
sudo sed -i "s@__PATHTOCHANGE__@$path@g" /etc/nginx/conf.d/$domain.d/$app.conf
sudo sed -i "s@__FINALPATH__@$final_path@g" /etc/nginx/conf.d/$domain.d/$app.conf
sudo sed -i "s@__NAMETOCHANGE__@$app@g" /etc/nginx/conf.d/$domain.d/$app.conf
#=================================================
# PHP-FPM CONFIGURATION
#=================================================
if [ "$is_public" = "Yes" ];
# Create a dedicated php-fpm config
ynh_add_fpm_config
#=================================================
# SPECIFIC SETUP
#=================================================
# ...
#=================================================
#=================================================
# GENERIC FINALIZATION
#=================================================
# SECURE FILES AND DIRECTORIES
#=================================================
# Grav is a file-based CMS, its user should have write access
# Set permissions to app files
chown -R $app:www-data $final_path
#=================================================
# SETUP SSOWAT
#=================================================
# Make app public if necessary
if [ $is_public -eq 1 ]
then
sudo sed -i "s@#--PRIVATE--@@g" /etc/nginx/conf.d/$domain.d/$app.conf
# unprotected_uris allows SSO credentials to be passed anyway.
ynh_app_setting_set $app unprotected_uris "/"
fi
# Create the php-fpm pool config
POOL_FPM
#=================================================
# RELOAD NGINX
#=================================================
# Setup SSOwat
ynh_app_setting_set "$app" is_public "$is_public"
if [ "$is_public" = "Yes" ];
then
ynh_app_setting_set "$app" unprotected_uris "/"
fi
# Reload SSOwat configuration
sudo yunohost app ssowatconf
# Reload Nginx and regenerate SSOwat conf
sudo systemctl reload php5-fpm
sudo systemctl reload nginx
# Nettoyer hosts
sudo sed -i '/#GRAV/d' /etc/hosts
systemctl reload nginx

65
scripts/remove
View file

@ -1,25 +1,58 @@
#!/bin/bash
# Exit on command errors and treat unset variables as an error
set -u
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
# Loads the generic functions usually used in the script
source .fonctions
# Source app helpers
source _common.sh
source /usr/share/yunohost/helpers
# Get multi-instances specific variables
#=================================================
# LOAD SETTINGS
#=================================================
app=$YNH_APP_INSTANCE_NAME
# Retrieve app settings
domain=$(ynh_app_setting_get "$app" domain)
domain=$(ynh_app_setting_get $app domain)
final_path=$(ynh_app_setting_get $app final_path)
# Delete app directory and configurations
SECURE_REMOVE '/var/www/$app' # Delete directory application
sudo rm -f "/etc/php5/fpm/pool.d/${app}.conf"
sudo rm -f "/etc/php5/fpm/conf.d/20-${app}.ini"
[[ -n $domain ]] && sudo rm -f "/etc/nginx/conf.d/${domain}.d/${app}.conf"
#=================================================
# STANDARD REMOVE
#=================================================
# REMOVE DEPENDENCIES
#=================================================
# Reload services
sudo systemctl reload php5-fpm
sudo systemctl reload nginx
# Remove metapackage and its dependencies
ynh_remove_app_dependencies
#=================================================
# REMOVE APP MAIN DIR
#=================================================
# Remove the app directory securely
ynh_secure_remove "$final_path"
#=================================================
# REMOVE NGINX CONFIGURATION
#=================================================
# Remove the dedicated nginx config
ynh_remove_nginx_config
#=================================================
# REMOVE PHP-FPM CONFIGURATION
#=================================================
# Remove the dedicated php-fpm config
ynh_remove_fpm_config
#=================================================
# GENERIC FINALIZATION
#=================================================
# REMOVE DEDICATED USER
#=================================================
# Delete a system user
ynh_system_user_delete $app

122
scripts/restore
View file

@ -1,66 +1,92 @@
#!/bin/bash
# This restore script is adapted to Yunohost >=2.4
# Exit on command errors and treat unset variables as an error
set -eu
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
# Source app helpers
source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
# The parameter $app is the id of the app instance ex: ynhexample__2
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
ynh_clean_setup () {
#### Remove this function if there's nothing to clean before calling the remove script.
true
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
app=$YNH_APP_INSTANCE_NAME
# Get old parameter of the app
domain=$(ynh_app_setting_get $app domain)
path=$(ynh_app_setting_get $app path)
is_public=$(ynh_app_setting_get $app is_public)
path_url=$(ynh_app_setting_get $app path)
final_path=$(ynh_app_setting_get $app final_path)
# Check domain/path availability
sudo yunohost app checkurl "${domain}${path}" -a "${app}" \
|| ynh_die "Path not available: ${domain}${path}"
#=================================================
# CHECK IF THE APP CAN BE RESTORED
#=================================================
# Check $final_path
final_path="/var/www/${app}"
if [ -d "${final_path}" ]; then
ynh_die "There is already a directory: ${final_path}"
fi
ynh_webpath_available $domain $path_url \
|| ynh_die "Path not available: ${domain}${path_url}"
test ! -d $final_path \
|| ynh_die "There is already a directory: $final_path "
# Check configuration files nginx
nginx_conf="/etc/nginx/conf.d/${domain}.d/${app}.conf"
if [ -f "${nginx_conf}" ]; then
ynh_die "The NGINX configuration already exists at '${nginx_conf}'. You should safely delete it before restoring this app."
fi
#=================================================
# STANDARD RESTORATION STEPS
#=================================================
# REINSTALL DEPENDENCIES
#=================================================
# Check configuration files php-fpm
phpfpm_conf="/etc/php5/fpm/pool.d/${app}.conf"
if [ -f "${phpfpm_conf}" ]; then
ynh_die "The PHP FPM configuration already exists at '${phpfpm_conf}'. You should safely delete it before restoring this app."
fi
# Define and install dependencies
ynh_install_app_dependencies php7.0-zip
phpfpm_ini="/etc/php5/fpm/conf.d/20-${app}.ini"
if [ -f "${phpfpm_ini}" ]; then
ynh_die "The PHP FPM INI configuration already exists at '${phpfpm_ini}'. You should safely delete it before restoring this app."
fi
#=================================================
# RESTORE THE NGINX CONFIGURATION
#=================================================
# Restore sources & data
sudo cp -a ./sources "${final_path}"
ynh_restore_file "/etc/nginx/conf.d/$domain.d/$app.conf"
# Set permissions
sudo chown -R www-data: "${final_path}"
#=================================================
# RESTORE THE APP MAIN DIR
#=================================================
# Restore nginx configuration files
sudo cp -a ./nginx.conf "${nginx_conf}"
# Restore php-fpm configuration files
sudo cp -a ./php-fpm.conf "${phpfpm_conf}"
sudo cp -a ./php-fpm.ini "${phpfpm_ini}"
ynh_restore_file "$final_path"
# Set ssowat config
if [ "$is_public" = "No" ];
then
ynh_app_setting_delete $app skipped_uris
fi
#=================================================
# RECREATE THE DEDICATED USER
#=================================================
# Reload services
sudo systemctl reload php5-fpm
sudo systemctl reload nginx
sudo yunohost app ssowatconf
# Create the dedicated user (if not existing)
ynh_system_user_create $app
#=================================================
# RESTORE USER RIGHTS
#=================================================
# Grav is a file-based CMS, its user should have write access
# Restore permissions on app files
chown -R $app: $final_path
#=================================================
# RESTORE THE PHP-FPM CONFIGURATION
#=================================================
ynh_restore_file "/etc/php5/fpm/pool.d/$app.conf"
ynh_restore_file "/etc/php5/fpm/conf.d/20-$app.ini"
#=================================================
# GENERIC FINALIZATION
#=================================================
# RELOAD NGINX AND PHP-FPM
#=================================================
systemctl reload php5-fpm
systemctl reload nginx

166
scripts/upgrade
View file

@ -1,51 +1,139 @@
#!/bin/bash
# Exit on command errors and treat unset variables as an error
set -eu
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source .fonctions # Loads the generic functions usually used in the script
source /usr/share/yunohost/helpers # Source YunoHost helpers
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
#=================================================
# See comments in install script
app=$YNH_APP_INSTANCE_NAME
# Retrieve app settings
domain=$(ynh_app_setting_get "$app" domain)
path=$(ynh_app_setting_get "$app" path)
admin=$(ynh_app_setting_get "$app" admin)
is_public=$(ynh_app_setting_get "$app" is_public)
language=$(ynh_app_setting_get "$app" language)
domain=$(ynh_app_setting_get $app domain)
path_url=$(ynh_app_setting_get $app path)
admin=$(ynh_app_setting_get $app admin)
is_public=$(ynh_app_setting_get $app is_public)
final_path=$(ynh_app_setting_get $app final_path)
language=$(ynh_app_setting_get $app language)
CHECK_PATH # Checks and corrects the syntax of the path.
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
final_path=/var/www/$app
# Get source
SETUP_SOURCE
# Modify Nginx configuration file and copy it to Nginx conf directory
sudo sed -i "s@__PATHTOCHANGE__@$path@g" /etc/nginx/conf.d/$domain.d/$app.conf
sudo sed -i "s@__FINALPATH__@$final_path@g" /etc/nginx/conf.d/$domain.d/$app.conf
sudo sed -i "s@__NAMETOCHANGE__@$app@g" /etc/nginx/conf.d/$domain.d/$app.conf
if [ "$is_public" = "Yes" ];
then
sudo sed -i "s@#--PRIVATE--@@g" /etc/nginx/conf.d/$domain.d/$app.conf
# Fix is_public as a boolean value
if [ "$is_public" = "Yes" ]; then
ynh_app_setting_set $app is_public 1
is_public=1
elif [ "$is_public" = "No" ]; then
ynh_app_setting_set $app is_public 0
is_public=0
fi
# Create the php-fpm pool config
POOL_FPM
sudo chown -R www-data: "${final_path}"
# Setup SSOwat
ynh_app_setting_set "$app" is_public "$is_public"
if [ "$is_public" = "Yes" ];
then
ynh_app_setting_set "$app" unprotected_uris "/"
# If db_name doesn't exist, create it
if [ -z $db_name ]; then
db_name=$(ynh_sanitize_dbid $app)
ynh_app_setting_set $app db_name $db_name
fi
# Reload Nginx
sudo systemctl reload php5-fpm
sudo systemctl reload nginx
sudo yunohost app ssowatconf
# If final_path doesn't exist, create it
if [ -z $final_path ]; then
final_path=/var/www/$app
ynh_app_setting_set $app final_path $final_path
fi
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
# restore it if the upgrade fails
ynh_restore_upgradebackup
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# CHECK THE PATH
#=================================================
# Normalize the URL path syntax
path_url=$(ynh_normalize_url_path $path_url)
#=================================================
# STANDARD UPGRADE STEPS
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source "$final_path"
#=================================================
# UPGRADE DEPENDENCIES
#=================================================
ynh_install_app_dependencies php7.0-zip
#=================================================
# NGINX CONFIGURATION
#=================================================
# Create a dedicated nginx config
ynh_add_nginx_config
#=================================================
# CREATE DEDICATED USER
#=================================================
# Create a dedicated user (if not existing)
ynh_system_user_create $app
#=================================================
# PHP-FPM CONFIGURATION
#=================================================
# Create a dedicated php-fpm config
ynh_add_fpm_config
#=================================================
# SPECIFIC UPGRADE
#=================================================
# ...
#=================================================
#=================================================
# GENERIC FINALIZATION
#=================================================
# SECURE FILES AND DIRECTORIES
#=================================================
# Grav is a file-based CMS, its user should have write access
# Set permissions on app files
chown -R $app: $final_path
#=================================================
# SETUP SSOWAT
#=================================================
# Make app public if necessary
if [ $is_public -eq 1 ]
then
# unprotected_uris allows SSO credentials to be passed anyway
ynh_app_setting_set $app unprotected_uris "/"
fi
#=================================================
# RELOAD NGINX
#=================================================
systemctl reload nginx

1
sources/source_dir
View file

@ -1 +0,0 @@
grav-admin

1
sources/source_md5
View file

@ -1 +0,0 @@
3ffcbca0cbf596db839aaf499f821497 grav-admin-v1.4.5.zip

1
sources/source_url
View file

@ -1 +0,0 @@
https://github.com/getgrav/grav/releases/download/1.4.5/grav-admin-v1.4.5.zip