From 73c245dca227cb6ededcb5da1da9c25a3adaeb4d Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Sun, 6 Jun 2021 23:42:54 +0200 Subject: [PATCH] Fix --- README.md | 2 +- check_process | 12 +++------ conf/poller-cron | 2 +- manifest.json | 15 +++--------- scripts/install | 42 ++++++++++++------------------- scripts/restore | 20 +++++++++------ scripts/upgrade | 64 ++++++++++++++++++------------------------------ 7 files changed, 61 insertions(+), 96 deletions(-) diff --git a/README.md b/README.md index 5b4d1680..1c13ec5c 100644 --- a/README.md +++ b/README.md @@ -12,7 +12,7 @@ If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to ## Overview [Hubzilla](https://hub.libranet.de/directory?f=&global=1&pubforums=1) is a social networking platform built with control of your privacy at center stage. Your online communications can be as public as you wish or as private as you require. Private conversations, private photos, private videos. Your media isn't hidden behind an obscure URL which can be guessed, it is protected by state-of-the-art cross-domain authentication. What this all means for you: **less drama**. -**Shipped version:** 5.6 +**Shipped version:** 5.6 ## Screenshots diff --git a/check_process b/check_process index 3c1c18c1..e347cb62 100644 --- a/check_process +++ b/check_process @@ -1,13 +1,8 @@ -# See here for more information -# https://github.com/YunoHost/package_check#syntax-check_process-file - -# Move this file from check_process.default to check_process when you have filled it. - ;; Test complet ; Manifest - domain="domain.tld" (DOMAIN) - admin="john" (USER) - database="1" (STRING) + domain="domain.tld" + admin="john" + database="1" ; Checks pkg_linter=1 setup_sub_dir=0 @@ -19,7 +14,6 @@ upgrade=1 from_commit=3642c110f0e927ba36ee32e738a81e6afce958f7 backup_restore=1 multi_instance=1 - port_already_use=0 change_url=0 ;;; Options Email=anmol@datamol.org diff --git a/conf/poller-cron b/conf/poller-cron index 36e28fc7..6840f90b 100644 --- a/conf/poller-cron +++ b/conf/poller-cron @@ -1,2 +1,2 @@ # Run poller periodically to update Hubzilla -*/10 * * * * __USER__ cd YNH_WWW_PATH; /usr/bin/php__PHP_VERSION__ Zotlabs/Daemon/Master.php Cron > /dev/null 2>&1 +*/10 * * * * __USER__ cd __FINALPATH__; /usr/bin/php__PHPVERSION__ Zotlabs/Daemon/Master.php Cron > /dev/null 2>&1 diff --git a/manifest.json b/manifest.json index 30addd07..a26532ba 100644 --- a/manifest.json +++ b/manifest.json @@ -14,12 +14,12 @@ }, "services": [ "nginx", - "php7.0-fpm", + "php7.3-fpm", "mysql", "postgresql" ], "requirements": { - "yunohost": ">= 4.0.0" + "yunohost": ">= 4.2.0" }, "previous_maintainers": { "name": "Andrew Manning", @@ -31,18 +31,10 @@ { "name": "domain", "type": "domain", - "ask": { - "en": "Choose a domain for your Hubzilla. Hubzilla must run in the root of this domain. It means no other app can be accessed/run from this domain. We advise to use a dedicated subdomain such as hubzilla.domain.tld", - "fr": "Indiquez un domain pour Hubzilla. Hubzilla doit être installé à la racine du domaine. Cela implique qu'aucune autre app ne pourra être installée ou accessible sur ce domain. Nous conseillons un sous-domaine dédié par exemple hubzilla.domain.tld." - } }, { "name": "admin", "type": "user", - "ask": { - "en": "Choose the Hubzilla administrator (must be an existing YunoHost user)", - "fr": "Choisissez l'administrateur de Hubzilla (doit être un utilisateur YunoHost existant)" - } }, { "name": "database", @@ -53,6 +45,7 @@ }, "choices": ["1", "2"], "default": "1" - } ] + } + ] } } diff --git a/scripts/install b/scripts/install index 19e4b356..1ffd804f 100755 --- a/scripts/install +++ b/scripts/install @@ -58,6 +58,14 @@ ynh_app_setting_set --app=$app --key=upload --value=$upload ynh_app_setting_set --app=$app --key=database --value=$database ynh_app_setting_set --app=$app --key=random_string --value=$random_string +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Configuring system user..." + +# Create a system user +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # STANDARD MODIFICATIONS #================================================= @@ -123,7 +131,7 @@ popd ynh_script_progression --message="Creating smarty3 folder for personal data..." mkdir -p "${final_path}/store/[data]/smarty3" -chmod -R 777 $final_path/store +chmod -R 775 $final_path/store # Copy the template install/htconfig.sample.php to .htconfig.php ynh_script_progression --message="Moving .htconfig.php to root of Hubzilla ..." @@ -134,6 +142,10 @@ cp $final_path/install/htconfig.sample.php $config ynh_script_progression --message="Create php.log for the Hubzilla debuging..." touch "$final_path/php.log" +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + #================================================= # CREATE A DATABASE #================================================= @@ -193,14 +205,6 @@ ynh_script_progression --message="Configuring NGINX web server..." # Create a dedicated NGINX config ynh_add_nginx_config -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." - -# Create a system user -ynh_system_user_create --username=$app - #================================================= # PHP-FPM CONFIGURATION #================================================= @@ -209,23 +213,8 @@ ynh_script_progression --message="Configuring PHP-FPM..." # Create a dedicated PHP-FPM config ynh_add_fpm_config --package="$extra_php_dependencies" -# Set right permissions for Hubzilla -ynh_script_progression --message="Set right for Hubzilla..." -chown -R $app: $final_path - # Set up cron job -ynh_script_progression --message="Setting up cron job..." -ynh_replace_string --match_string="YNH_WWW_PATH" --replace_string="$final_path" --target_file="../conf/poller-cron" -ynh_replace_string --match_string="__USER__" --replace_string="$app" --target_file="../conf/poller-cron" -ynh_replace_string --match_string="__PHP_VERSION__" --replace_string="$phpversion" --target_file="../conf/poller-cron" -cp ../conf/poller-cron /etc/cron.d/$app - -#================================================= -# STORE THE CONFIG FILE CHECKSUM -#================================================= - -# Calculate and store the config file checksum into the app settings -ynh_store_file_checksum --file="$config" +ynh_add_config --template="../conf/poller-cron" --destination="/etc/cron.d/$app" #================================================= # SETUP LOGROTATE @@ -239,6 +228,7 @@ ynh_use_logrotate "$final_path/php.log" # SETUP FAIL2BAN #================================================= ynh_script_progression --message="Add Fail2Ban..." + ynh_add_fail2ban_config --logpath="$final_path/php.log" --failregex="^.*auth\.php.*failed login attempt.*from IP .*$" --max_retry="5" #================================================= @@ -246,8 +236,8 @@ ynh_add_fail2ban_config --logpath="$final_path/php.log" --failregex="^.*auth\.ph #================================================= # As Hubzilla is social network and have its own permission there is no need to keep Hubzilla behind SSO ynh_script_progression --message="Configuring SSOwat..." -ynh_permission_update --permission="main" --add="visitors" +ynh_permission_update --permission="main" --add="visitors" #================================================= # RELOAD NGINX diff --git a/scripts/restore b/scripts/restore index 49c03768..cbe789cf 100644 --- a/scripts/restore +++ b/scripts/restore @@ -55,6 +55,14 @@ test ! -d $final_path \ ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" +#================================================= +# RECREATE THE DEDICATED USER +#================================================= +ynh_print_info "Recreating the dedicated system user..." + +# Create the dedicated user (if not existing) +ynh_system_user_create $app --home_dir="$final_path" + #================================================= # RESTORE THE APP MAIN DIR #================================================= @@ -62,6 +70,10 @@ ynh_script_progression --message="Restoring the app main directory..." ynh_restore_file --origin_path="$final_path" +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + #================================================= # RESTORE THE MYSQL DATABASE #================================================= @@ -84,14 +96,6 @@ elif [ $database -eq 2 ]; then ynh_psql_execute_file_as_root --file="./db.sql" --database="$db_name" fi -#================================================= -# RECREATE THE DEDICATED USER -#================================================= -ynh_print_info "Recreating the dedicated system user..." - -# Create the dedicated user (if not existing) -ynh_system_user_create $app - #================================================= # RESTORE THE PHP-FPM CONFIGURATION #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 16649bc9..2f74364f 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -35,6 +35,19 @@ if [ -z "$db_name" ]; then ynh_app_setting_set --app=$app --key=db_name --value=$db_name fi +# If final_path doesn't exist, create it +if [ -z "$final_path" ]; then + final_path=/var/www/$app + ynh_app_setting_set --app=$app --key=final_path --value=$final_path +fi + +# Cleaning legacy permissions +if ynh_legacy_permissions_exists; then + ynh_legacy_permissions_delete_all + + ynh_app_setting_delete --app=$app --key=is_public +fi + #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= @@ -50,27 +63,12 @@ ynh_clean_setup () { ynh_abort_if_errors #================================================= -# Migrate legacy permissions to new system +# CREATE DEDICATED USER #================================================= -if ynh_legacy_permissions_exists -then - ynh_legacy_permissions_delete_all +ynh_script_progression --message="Making sure dedicated system user exists..." - ynh_app_setting_delete --app=$app --key=is_public -fi - -#================================================= -# STANDARD UPGRADE STEPS -#================================================= -# REMOVE APP MAIN DIR -#================================================= -ynh_print_info "Upgrading source files..." - -# If final_path doesn't exist, create it -if [ -z "$final_path" ]; then - final_path=/var/www/$app - ynh_app_setting_set --app=$app --key=final_path --value=$final_path -fi +# Create a dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= # STANDARD UPGRADE STEPS @@ -113,7 +111,7 @@ if [ `cd $final_path && git rev-parse --is-inside-work-tree` ]; then fi; done popd - chmod -R 777 $final_path/store + chmod -R 775 $final_path/store else # Create a temporary directory @@ -133,13 +131,14 @@ else cp -a "$tmpdir/.htconfig.php" "${final_path}" cp -a "$tmpdir/php.log" "${final_path}" ynh_secure_remove "$tmpdir" - chmod -R 777 $final_path/store + chmod -R 775 $final_path/store mkdir $final_path/addon ynh_setup_source --dest_dir="$final_path/addon" --source_id="app_addons" - fi - +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" #================================================= # NGINX CONFIGURATION @@ -149,17 +148,6 @@ ynh_script_progression --message="Upgrading NGINX web server configuration..." # Create a dedicated NGINX config ynh_add_nginx_config -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Making sure dedicated system user exists..." - -# Create a dedicated user (if not existing) -ynh_system_user_create --username=$app - -# Set right permissions for curl install -chown -R $app: $final_path - #================================================= # PHP-FPM CONFIGURATION #================================================= @@ -188,12 +176,8 @@ ynh_script_progression --message="Re-configure Fail2Ban..." ynh_add_fail2ban_config --logpath="$final_path/php.log" --failregex="^.*auth\.php.*failed login attempt.*from IP .*$" --max_retry="5" -# Set cron job -ynh_print_info "Setting up cron job..." -ynh_replace_string --match_string="YNH_WWW_PATH" --replace_string="$final_path" --target_file="../conf/poller-cron" -ynh_replace_string --match_string="__USER__" --replace_string="$app" --target_file="../conf/poller-cron" -ynh_replace_string --match_string="__PHP_VERSION__" --replace_string="$phpversion" --target_file="../conf/poller-cron" -cp -f ../conf/poller-cron /etc/cron.d/$app +# Set up cron job +ynh_add_config --template="../conf/poller-cron" --destination="/etc/cron.d/$app" #================================================= # UPGRADE DEPENDENCIES