From cd68af00b77497f8882b8e6336513f163b94f275 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Mennetrier?= Date: Thu, 5 May 2022 14:36:11 +0200 Subject: [PATCH 1/5] Add write access to user $app on uploads folder --- scripts/install | 2 +- scripts/upgrade | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/install b/scripts/install index a57b1fc..9f2bc78 100644 --- a/scripts/install +++ b/scripts/install @@ -210,7 +210,7 @@ chown -R $app $final_path/assets chown -R $app $final_path/protected/config chown -R $app $final_path/protected/modules chown -R $app $final_path/protected/runtime -chown -R $app $final_path/uploads/* +chown -R $app $final_path/uploads #================================================= # SETUP CRON CONFIGURATION diff --git a/scripts/upgrade b/scripts/upgrade index f29f28d..bcd484c 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -163,7 +163,7 @@ chown -R $app $final_path/assets chown -R $app $final_path/protected/config chown -R $app $final_path/protected/modules chown -R $app $final_path/protected/runtime -chown -R $app $final_path/uploads/* +chown -R $app $final_path/uploads #================================================= # RELOAD NGINX From 80b2564c44f08b2b588b26d71715485df338e7e9 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Wed, 18 May 2022 09:32:43 +0200 Subject: [PATCH 2/5] Update restore --- scripts/restore | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/restore b/scripts/restore index ca8c817..9403391 100644 --- a/scripts/restore +++ b/scripts/restore @@ -83,7 +83,7 @@ chown -R $app $final_path/assets chown -R $app $final_path/protected/config chown -R $app $final_path/protected/modules chown -R $app $final_path/protected/runtime -chown -R $app $final_path/uploads/* +chown -R $app $final_path/uploads #================================================= # RESTORE THE PHP-FPM CONFIGURATION From 7f1ff51686a1a87b27c6e6f17a2c13621d187b9d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Mennetrier?= Date: Wed, 18 May 2022 14:52:14 +0200 Subject: [PATCH 3/5] Enable sso --- scripts/_common.sh | 16 ++++++++++++++++ scripts/install | 2 ++ scripts/upgrade | 10 ++++++++++ 3 files changed, 28 insertions(+) diff --git a/scripts/_common.sh b/scripts/_common.sh index 7123bfb..47bdf5a 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -8,6 +8,9 @@ YNH_PHP_VERSION="7.3" extra_php_dependencies="php${YNH_PHP_VERSION}-imagick php${YNH_PHP_VERSION}-curl php${YNH_PHP_VERSION}-bz2 php${YNH_PHP_VERSION}-gd php${YNH_PHP_VERSION}-intl php${YNH_PHP_VERSION}-mysql php${YNH_PHP_VERSION}-zip php${YNH_PHP_VERSION}-apcu-bc php${YNH_PHP_VERSION}-apcu php${YNH_PHP_VERSION}-xml php${YNH_PHP_VERSION}-ldap" +HUMHUB_AUTH_BASIC_VERSION=0.1.0 +HUMHUB_AUTH_BASIC_PATH="/protected/modules/auth-basic" + #================================================= # PERSONAL HELPERS #================================================= @@ -70,6 +73,19 @@ myynh_urlencode() { return 0 } +enable_sso() { + tmp_auth_basic_module="$(mktemp /tmp/humhub_ynh.XXXXXX)" + wget -q -O $tmp_auth_basic_module "https://github.com/smart4life/humhub-auth-basic/archive/refs/tags/$HUMHUB_AUTH_BASIC_VERSION.tar.gz" + + tar xf $tmp_auth_basic_module -C $final_path/protected/modules + mv $final_path/protected/modules/humhub-auth-basic* $final_path/$HUMHUB_AUTH_BASIC_PATH + + pushd $final_path/protected/ + php${YNH_PHP_VERSION} yii module/enable auth-basic + popd + rm -rf $tmp_auth_basic_module +} + #================================================= # EXPERIMENTAL HELPERS #================================================= diff --git a/scripts/install b/scripts/install index 9f2bc78..2446443 100644 --- a/scripts/install +++ b/scripts/install @@ -175,6 +175,8 @@ pushd $final_path/protected popd +enable_sso + # Remove the public access ynh_permission_update --permission="main" --remove="visitors" diff --git a/scripts/upgrade b/scripts/upgrade index bcd484c..60d5694 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -84,6 +84,16 @@ then # Delete old source ynh_secure_remove --file="$final_path.old" + + if [[ ! -d $final_path/$HUMHUB_AUTH_BASIC_PATH ]]; then + enable_sso + else + current_version=$(cat $final_path/$HUMHUB_AUTH_BASIC_PATH/module.json | jq -j '.version') + if [ "$current_version" != "$HUMHUB_AUTH_BASIC_VERSION" ]; then + rm -rf $final_path/$HUMHUB_AUTH_BASIC_PATH + enable_sso + fi + fi fi #================================================= From a9a005adf7d3eb140386ad1919e29e0f7e32b946 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Mennetrier?= Date: Wed, 18 May 2022 15:03:56 +0200 Subject: [PATCH 4/5] Replace rm-rf by ynh_secure_remove --- scripts/_common.sh | 2 +- scripts/upgrade | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/_common.sh b/scripts/_common.sh index 47bdf5a..287c851 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -83,7 +83,7 @@ enable_sso() { pushd $final_path/protected/ php${YNH_PHP_VERSION} yii module/enable auth-basic popd - rm -rf $tmp_auth_basic_module + ynh_secure_remove $tmp_auth_basic_module } #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 60d5694..e1c02c7 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -90,7 +90,7 @@ then else current_version=$(cat $final_path/$HUMHUB_AUTH_BASIC_PATH/module.json | jq -j '.version') if [ "$current_version" != "$HUMHUB_AUTH_BASIC_VERSION" ]; then - rm -rf $final_path/$HUMHUB_AUTH_BASIC_PATH + ynh_secure_remove $final_path/$HUMHUB_AUTH_BASIC_PATH enable_sso fi fi From bc929c23a60587afe4c0e5d2038eabc5f0812835 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Mennetrier?= Date: Wed, 18 May 2022 15:24:23 +0200 Subject: [PATCH 5/5] Improve upgrade of sso module --- scripts/_common.sh | 5 +---- scripts/install | 6 ++++-- scripts/upgrade | 8 ++++++-- 3 files changed, 11 insertions(+), 8 deletions(-) diff --git a/scripts/_common.sh b/scripts/_common.sh index 287c851..b02cd8c 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -73,16 +73,13 @@ myynh_urlencode() { return 0 } -enable_sso() { +install_sso() { tmp_auth_basic_module="$(mktemp /tmp/humhub_ynh.XXXXXX)" wget -q -O $tmp_auth_basic_module "https://github.com/smart4life/humhub-auth-basic/archive/refs/tags/$HUMHUB_AUTH_BASIC_VERSION.tar.gz" tar xf $tmp_auth_basic_module -C $final_path/protected/modules mv $final_path/protected/modules/humhub-auth-basic* $final_path/$HUMHUB_AUTH_BASIC_PATH - pushd $final_path/protected/ - php${YNH_PHP_VERSION} yii module/enable auth-basic - popd ynh_secure_remove $tmp_auth_basic_module } diff --git a/scripts/install b/scripts/install index 2446443..e88538f 100644 --- a/scripts/install +++ b/scripts/install @@ -136,6 +136,8 @@ ynh_systemd_action --service_name=nginx --action=reload # Installation with curl ynh_script_progression --message="Finalizing installation..." --weight=2 +install_sso + pushd $final_path/protected php${YNH_PHP_VERSION} yii migrate/up --includeModuleMigrations=1 --interactive=0 @@ -173,9 +175,9 @@ pushd $final_path/protected php${YNH_PHP_VERSION} yii settings/set user auth.allowGuestAccess '0' php${YNH_PHP_VERSION} yii settings/set user auth.internalUsersCanInvite '0' -popd + php${YNH_PHP_VERSION} yii module/enable auth-basic -enable_sso +popd # Remove the public access ynh_permission_update --permission="main" --remove="visitors" diff --git a/scripts/upgrade b/scripts/upgrade index e1c02c7..767532f 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -86,12 +86,16 @@ then ynh_secure_remove --file="$final_path.old" if [[ ! -d $final_path/$HUMHUB_AUTH_BASIC_PATH ]]; then - enable_sso + install_sso + + pushd $final_path/protected + php${YNH_PHP_VERSION} yii module/enable auth-basic + popd else current_version=$(cat $final_path/$HUMHUB_AUTH_BASIC_PATH/module.json | jq -j '.version') if [ "$current_version" != "$HUMHUB_AUTH_BASIC_VERSION" ]; then ynh_secure_remove $final_path/$HUMHUB_AUTH_BASIC_PATH - enable_sso + install_sso fi fi fi