diff --git a/.github/workflows/updater.sh b/.github/workflows/updater.sh new file mode 100644 index 0000000..5793772 --- /dev/null +++ b/.github/workflows/updater.sh @@ -0,0 +1,110 @@ +#!/bin/bash + +#================================================= +# PACKAGE UPDATING HELPER +#================================================= + +# This script is meant to be run by GitHub Actions +# The YunoHost-Apps organisation offers a template Action to run this script periodically +# Since each app is different, maintainers can adapt its contents so as to perform +# automatic actions when a new upstream release is detected. + +#================================================= +# FETCHING LATEST RELEASE AND ITS ASSETS +#================================================= + +# Fetching information +current_version=$(cat manifest.json | jq -j '.version|split("~")[0]') +repo=$(cat manifest.json | jq -j '.upstream.code|split("https://github.com/")[1]') +# Some jq magic is needed, because the latest upstream release is not always the latest version (e.g. security patches for older versions) +version=$(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '.[] | select( .prerelease != true ) | .name' | sort -V | tail -1) +assets="https://www.humhub.com/download/package/humhub-$version.tar.gz" + +# Later down the script, we assume the version has only digits and dots +# Sometimes the release name starts with a "v", so let's filter it out. +# You may need more tweaks here if the upstream repository has different naming conventions. +if [[ ${version:0:1} == "v" || ${version:0:1} == "V" ]]; then + version=${version:1} +fi + +# Setting up the environment variables +echo "Current version: $current_version" +echo "Latest release from upstream: $version" +echo "VERSION=$version" >> $GITHUB_ENV +echo "REPO=$repo" >> $GITHUB_ENV +# For the time being, let's assume the script will fail +echo "PROCEED=false" >> $GITHUB_ENV + +# Proceed only if the retrieved version is greater than the current one +if ! dpkg --compare-versions "$current_version" "lt" "$version" ; then + echo "::warning ::No new version available" + exit 0 +# Proceed only if a PR for this new version does not already exist +elif git ls-remote -q --exit-code --heads https://github.com/$GITHUB_REPOSITORY.git ci-auto-update-v$version ; then + echo "::warning ::A branch already exists for this update" + exit 0 +fi + +# Each release can hold multiple assets (e.g. binaries for different architectures, source code, etc.) +echo "${#assets[@]} available asset(s)" + +#================================================= +# UPDATE SOURCE FILES +#================================================= + +# Let's download source tarball +asset_url=$assets + +echo "Handling asset at $asset_url" + +src="app" + +# Create the temporary directory +tempdir="$(mktemp -d)" + +# Download sources and calculate checksum +filename=${asset_url##*/} +curl --silent -4 -L $asset_url -o "$tempdir/$filename" +checksum=$(sha256sum "$tempdir/$filename" | head -c 64) + +# Delete temporary directory +rm -rf $tempdir + +# Get extension +if [[ $filename == *.tar.gz ]]; then + extension=tar.gz +else + extension=${filename##*.} +fi + +# Rewrite source file +cat < conf/$src.src +SOURCE_URL=$asset_url +SOURCE_SUM=$checksum +SOURCE_SUM_PRG=sha256sum +SOURCE_FORMAT=$extension +SOURCE_IN_SUBDIR=true +SOURCE_FILENAME= +SOURCE_EXTRACT=true +EOT +echo "... conf/$src.src updated" + +#================================================= +# SPECIFIC UPDATE STEPS +#================================================= + +# Any action on the app's source code can be done. +# The GitHub Action workflow takes care of committing all changes after this script ends. + +#================================================= +# GENERIC FINALIZATION +#================================================= + +# Replace new version in manifest +echo "$(jq -s --indent 4 ".[] | .version = \"$version~ynh1\"" manifest.json)" > manifest.json + +# No need to update the README, yunohost-bot takes care of it + +# The Action will proceed only if the PROCEED environment variable is set to true +echo "PROCEED=true" >> $GITHUB_ENV +exit 0 diff --git a/.github/workflows/updater.yml b/.github/workflows/updater.yml new file mode 100644 index 0000000..fb72ba0 --- /dev/null +++ b/.github/workflows/updater.yml @@ -0,0 +1,49 @@ +# This workflow allows GitHub Actions to automagically update your app whenever a new upstream release is detected. +# You need to enable Actions in your repository settings, and fetch this Action from the YunoHost-Apps organization. +# This file should be enough by itself, but feel free to tune it to your needs. +# It calls updater.sh, which is where you should put the app-specific update steps. +name: Check for new upstream releases +on: + # Allow to manually trigger the workflow + workflow_dispatch: + # Run it every day at 6:00 UTC + schedule: + - cron: '0 6 * * *' +jobs: + updater: + runs-on: ubuntu-latest + steps: + - name: Fetch the source code + uses: actions/checkout@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + - name: Run the updater script + id: run_updater + run: | + # Setting up Git user + git config --global user.name 'yunohost-bot' + git config --global user.email 'yunohost-bot@users.noreply.github.com' + # Run the updater script + /bin/bash .github/workflows/updater.sh + - name: Commit changes + id: commit + if: ${{ env.PROCEED == 'true' }} + run: | + git commit -am "Upgrade to v$VERSION" + - name: Create Pull Request + id: cpr + if: ${{ env.PROCEED == 'true' }} + uses: peter-evans/create-pull-request@v3 + with: + token: ${{ secrets.GITHUB_TOKEN }} + commit-message: Update to version ${{ env.VERSION }} + committer: 'yunohost-bot ' + author: 'yunohost-bot ' + signoff: false + base: testing + branch: ci-auto-update-v${{ env.VERSION }} + delete-branch: true + title: 'Upgrade to version ${{ env.VERSION }}' + body: | + Upgrade to v${{ env.VERSION }} + draft: false diff --git a/README.md b/README.md index f21c5ff..58db862 100644 --- a/README.md +++ b/README.md @@ -1,71 +1,50 @@ + + # HumHub for YunoHost -[![Integration level](https://dash.yunohost.org/integration/humhub.svg)](https://dash.yunohost.org/appci/app/humhub) ![](https://ci-apps.yunohost.org/ci/badges/humhub.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/humhub.maintain.svg) -[![Install humhub with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=humhub) +[![Integration level](https://dash.yunohost.org/integration/humhub.svg)](https://dash.yunohost.org/appci/app/humhub) ![Working status](https://ci-apps.yunohost.org/ci/badges/humhub.status.svg) ![Maintenance status](https://ci-apps.yunohost.org/ci/badges/humhub.maintain.svg) +[![Install HumHub with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=humhub) *[Lire ce readme en français.](./README_fr.md)* -> *This package allows you to install HumHub quickly and simply on a YunoHost server. +> *This package allows you to install HumHub quickly and simply on a YunoHost server. If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/install) to learn how to install it.* ## Overview + HumHub is an open source social network platform with a wide variety of use cases as social intranet, community or collaboration platform. HumHub consists of a core application, which can be extended through additional modules and adjusted to your needs by many configuration options. -**Shipped version:** 1.8.2 + +**Shipped version:** 1.8.2~ynh3 + + +**Demo:** https://www.humhub.com/en ## Screenshots -![](https://www.humhub.com/static/img/enterprise/app_small.png) +![Screenshot of HumHub](./doc/screenshots/app_small.png) -## Demo +## Documentation and resources -* [Official demo](https://www.humhub.com/en) - -## Configuration - -How to configure this app: From an admin panel. - -## Documentation - - * Official documentation: https://docs.humhub.org - * YunoHost documentation: If specific documentation is needed, feel free to contribute. - -## YunoHost specific features - -#### Multi-user support - - * Are LDAP and HTTP auth supported? **Yes** - * Can the app be used by multiple users? **Yes** - -#### Supported architectures - -* x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/humhub%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/humhub/) -* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/humhub%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/humhub/) - -## Limitations - -* Any known limitations. - -## Additional information - -* Other info you would like to add about this app. - -## Links - - * Report a bug: https://github.com/YunoHost-Apps/humhub_ynh/issues - * App website: https://www.humhub.org/ - * Upstream app repository: https://github.com/humhub/humhub - * YunoHost website: https://yunohost.org/ - ---- +* Official app website: +* Official admin documentation: +* Upstream app code repository: +* YunoHost documentation for this app: +* Report a bug: ## Developer info Please send your pull request to the [testing branch](https://github.com/YunoHost-Apps/humhub_ynh/tree/testing). To try the testing branch, please proceed like that. -``` + +``` bash sudo yunohost app install https://github.com/YunoHost-Apps/humhub_ynh/tree/testing --debug or sudo yunohost app upgrade humhub -u https://github.com/YunoHost-Apps/humhub_ynh/tree/testing --debug ``` + +**More info regarding app packaging:** diff --git a/README_fr.md b/README_fr.md index 770ad43..5169ee9 100644 --- a/README_fr.md +++ b/README_fr.md @@ -1,71 +1,50 @@ + + # HumHub pour YunoHost -[![Niveau d'intégration](https://dash.yunohost.org/integration/humhub.svg)](https://dash.yunohost.org/appci/app/humhub) ![](https://ci-apps.yunohost.org/ci/badges/humhub.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/humhub.maintain.svg) -[![Installer Humhub avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=humhub) +[![Niveau d'intégration](https://dash.yunohost.org/integration/humhub.svg)](https://dash.yunohost.org/appci/app/humhub) ![Statut du fonctionnement](https://ci-apps.yunohost.org/ci/badges/humhub.status.svg) ![Statut de maintenance](https://ci-apps.yunohost.org/ci/badges/humhub.maintain.svg) +[![Installer HumHub avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=humhub) -*[Read this readme in english.](./README.md)* +*[Read this readme in english.](./README.md)* -> *Ce package vous permet d'installer HumHub rapidement et simplement sur un serveur YunoHost. -Si vous n'avez pas YunoHost, consultez [le guide](https://yunohost.org/#/install) pour apprendre comment l'installer.* +> *Ce package vous permet d'installer HumHub rapidement et simplement sur un serveur YunoHost. +Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.* ## Vue d'ensemble + HumHub est une plate-forme de réseau social open source avec une grande variété de cas d'utilisation en tant qu'intranet social, plate-forme de communauté ou de collaboration. HumHub se compose d'une application principale, qui peut être étendue grâce à des modules supplémentaires et ajustée à vos besoins par de nombreuses options de configuration. -**Version incluse :** 1.8.2 + +**Version incluse :** 1.8.2~ynh3 + + +**Démo :** https://www.humhub.com/en ## Captures d'écran -![](https://www.humhub.com/static/img/enterprise/app_small.png) +![Capture d'écran de HumHub](./doc/screenshots/app_small.png) -## Démo +## Documentations et ressources -* [Démo officielle](https://www.humhub.com/en) - -## Configuration - -Comment configurer cette application : via le panneau d'administration. - -## Documentation - - * Documentation officielle : https://docs.humhub.org - * Documentation YunoHost : Si une documentation spécifique est nécessaire, n'hésitez pas à contribuer. - -## Caractéristiques spécifiques YunoHost - -#### Support multi-utilisateur - -* L'authentification LDAP et HTTP est-elle prise en charge ? **Oui** -* L'application peut-elle être utilisée par plusieurs utilisateurs ? **Oui** - -#### Architectures supportées - -* x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/humhub%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/humhub/) -* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/humhub%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/humhub/) - -## Limitations - -* Limitations connues. - -## Informations additionnelles - -* Autres informations que vous souhaitez ajouter sur cette application. - -## Liens - - * Signaler un bug : https://github.com/YunoHost-Apps/humhub_ynh/issues - * Site de l'application : https://www.humhub.org/ - * Dépôt de l'application principale : https://github.com/humhub/humhub - * Site web YunoHost : https://yunohost.org/ - ---- +* Site officiel de l'app : +* Documentation officielle de l'admin : +* Dépôt de code officiel de l'app : +* Documentation YunoHost pour cette app : +* Signaler un bug : ## Informations pour les développeurs Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/humhub_ynh/tree/testing). Pour essayer la branche testing, procédez comme suit. -``` + +``` bash sudo yunohost app install https://github.com/YunoHost-Apps/humhub_ynh/tree/testing --debug ou sudo yunohost app upgrade humhub -u https://github.com/YunoHost-Apps/humhub_ynh/tree/testing --debug ``` + +**Plus d'infos sur le packaging d'applications :** diff --git a/check_process b/check_process index 1a2afd0..eeee805 100644 --- a/check_process +++ b/check_process @@ -12,7 +12,10 @@ setup_private=1 setup_public=1 upgrade=1 + # 1.8.2~ynh1 upgrade=1 from_commit=83500d6e866539d56a0aed6f288a8a8ce02a674b + # 1.8.2~ynh3 + upgrade=1 from_commit=50c74393ad4376bc18676b4be86fce74629ad60a backup_restore=1 multi_instance=1 port_already_use=0 diff --git a/conf/app.src b/conf/app.src index b0020f8..206bfaa 100644 --- a/conf/app.src +++ b/conf/app.src @@ -5,5 +5,3 @@ SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true SOURCE_FILENAME=humhub-1.8.2.tar.gz SOURCE_EXTRACT=true - - diff --git a/conf/nginx.conf b/conf/nginx.conf index 119f226..62ade5a 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,39 +1,41 @@ #sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; location __PATH__/ { - # Path to source - alias __FINALPATH__/ ; + # Path to source + alias __FINALPATH__/; - index index.php; - - try_files $uri $uri/ index.php?$args; + index index.php; - location ~ [^/]\.php(/|$) { - fastcgi_split_path_info ^(.+?\.php)(/.*)$; + # Common parameter to increase upload size limit in conjunction with dedicated php-fpm file + #client_max_body_size 50M; - set $fsn /index.php; - if (-f $document_root$fastcgi_script_name){ - set $fsn $fastcgi_script_name; - } + try_files $uri $uri/ index.php?$args; + location ~ [^/]\.php(/|$) { + fastcgi_split_path_info ^(.+?\.php)(/.*)$; - fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock; - fastcgi_index index.php; - include fastcgi_params; - fastcgi_param REMOTE_USER $remote_user; - fastcgi_param PATH_INFO $fastcgi_path_info; - fastcgi_param SCRIPT_FILENAME $document_root$fsn; - } - - location ~ ^__PATH__/(assets|static|themes|uploads) { - access_log off; - expires 10d; - more_set_headers "Cache-Control: public, no-transform"; - } - - location ~ ^__PATH__/(protected|framework|themes/\w+/views|\.|uploads/file) { - deny all; - } + set $fsn /index.php; + if (-f $document_root$fastcgi_script_name){ + set $fsn $fastcgi_script_name; + } - # Include SSOWAT user panel. - include conf.d/yunohost_panel.conf.inc; + fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param REMOTE_USER $remote_user; + fastcgi_param PATH_INFO $fastcgi_path_info; + fastcgi_param SCRIPT_FILENAME $document_root$fsn; + } + + location ~ ^__PATH__/(assets|static|themes|uploads) { + access_log off; + expires 10d; + more_set_headers "Cache-Control: public, no-transform"; + } + + location ~ ^__PATH__/(protected|framework|themes/\w+/views|\.|uploads/file) { + deny all; + } + + # Include SSOWAT user panel. + include conf.d/yunohost_panel.conf.inc; } diff --git a/doc/.gitkeep b/doc/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/doc/DESCRIPTION.md b/doc/DESCRIPTION.md new file mode 100644 index 0000000..bab486f --- /dev/null +++ b/doc/DESCRIPTION.md @@ -0,0 +1 @@ +HumHub is an open source social network platform with a wide variety of use cases as social intranet, community or collaboration platform. HumHub consists of a core application, which can be extended through additional modules and adjusted to your needs by many configuration options. diff --git a/doc/DESCRIPTION_fr.md b/doc/DESCRIPTION_fr.md new file mode 100644 index 0000000..1b07c53 --- /dev/null +++ b/doc/DESCRIPTION_fr.md @@ -0,0 +1 @@ +HumHub est une plate-forme de réseau social open source avec une grande variété de cas d'utilisation en tant qu'intranet social, plate-forme de communauté ou de collaboration. HumHub se compose d'une application principale, qui peut être étendue grâce à des modules supplémentaires et ajustée à vos besoins par de nombreuses options de configuration. diff --git a/doc/DISCLAIMER.md b/doc/DISCLAIMER.md new file mode 100644 index 0000000..e69de29 diff --git a/doc/DISCLAIMER_fr.md b/doc/DISCLAIMER_fr.md new file mode 100644 index 0000000..e69de29 diff --git a/doc/screenshots/.gitkeep b/doc/screenshots/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/doc/screenshots/app_small.png b/doc/screenshots/app_small.png new file mode 100644 index 0000000..77e0678 Binary files /dev/null and b/doc/screenshots/app_small.png differ diff --git a/manifest.json b/manifest.json index 3c21688..9f3eed3 100644 --- a/manifest.json +++ b/manifest.json @@ -6,15 +6,22 @@ "en": "Enterprise Social Network.", "fr": "Réseau Social d'Entreprise." }, + "version": "1.8.2~ynh3", "url": "https://www.humhub.org", + "upstream": { + "license": "AGPL-3.0-only", + "website": "https://www.humhub.org", + "demo": "https://www.humhub.com/en", + "admindoc": "https://docs.humhub.org", + "code": "https://github.com/humhub/humhub" + }, "license": "AGPL-3.0-only", "maintainer": { "name": "Nils Van Zuijlen", "url": "https://github.com/nils-van-zuijlen" }, - "version": "1.8.2~ynh3", "requirements": { - "yunohost": ">= 4.1.7" + "yunohost": ">= 4.3.0" }, "multi_instance": true, "services": [ @@ -23,28 +30,26 @@ "mysql" ], "arguments": { - "install" : [ + "install": [ { "name": "domain", - "type": "domain", - "example": "example.com" + "type": "domain" }, { "name": "path", - "type": "path", + "type": "path", "example": "/humhub", "default": "/humhub" }, - { - "name": "admin", - "type": "user", - "example": "johndoe" - }, - { + { "name": "is_public", "type": "boolean", "default": false - } + }, + { + "name": "admin", + "type": "user" + } ] } } diff --git a/scripts/_common.sh b/scripts/_common.sh index 7123bfb..c2d0c5c 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -6,7 +6,10 @@ YNH_PHP_VERSION="7.3" -extra_php_dependencies="php${YNH_PHP_VERSION}-imagick php${YNH_PHP_VERSION}-curl php${YNH_PHP_VERSION}-bz2 php${YNH_PHP_VERSION}-gd php${YNH_PHP_VERSION}-intl php${YNH_PHP_VERSION}-mysql php${YNH_PHP_VERSION}-zip php${YNH_PHP_VERSION}-apcu-bc php${YNH_PHP_VERSION}-apcu php${YNH_PHP_VERSION}-xml php${YNH_PHP_VERSION}-ldap" +pkg_dependencies="php${YNH_PHP_VERSION}-imagick php${YNH_PHP_VERSION}-curl php${YNH_PHP_VERSION}-bz2 php${YNH_PHP_VERSION}-gd php${YNH_PHP_VERSION}-intl php${YNH_PHP_VERSION}-mysql php${YNH_PHP_VERSION}-zip php${YNH_PHP_VERSION}-apcu-bc php${YNH_PHP_VERSION}-apcu php${YNH_PHP_VERSION}-xml php${YNH_PHP_VERSION}-ldap" + +HUMHUB_AUTH_BASIC_VERSION=0.1.0 +HUMHUB_AUTH_BASIC_PATH="/protected/modules/auth-basic" #================================================= # PERSONAL HELPERS @@ -70,6 +73,16 @@ myynh_urlencode() { return 0 } +install_sso() { + tmp_auth_basic_module="$(mktemp /tmp/humhub_ynh.XXXXXX)" + wget -q -O $tmp_auth_basic_module "https://github.com/smart4life/humhub-auth-basic/archive/refs/tags/$HUMHUB_AUTH_BASIC_VERSION.tar.gz" + + tar xf $tmp_auth_basic_module -C $final_path/protected/modules + mv $final_path/protected/modules/humhub-auth-basic* $final_path/$HUMHUB_AUTH_BASIC_PATH + + ynh_secure_remove $tmp_auth_basic_module +} + #================================================= # EXPERIMENTAL HELPERS #================================================= diff --git a/scripts/backup b/scripts/backup index d01a608..89da2d0 100644 --- a/scripts/backup +++ b/scripts/backup @@ -15,7 +15,6 @@ source /usr/share/yunohost/helpers #================================================= ynh_clean_setup () { - ### Remove this function if there's nothing to clean before calling the remove script. true } # Exit if an error occurs during the execution of the script diff --git a/scripts/install b/scripts/install index a57b1fc..3af00f4 100644 --- a/scripts/install +++ b/scripts/install @@ -14,7 +14,6 @@ source /usr/share/yunohost/helpers #================================================= ynh_clean_setup () { - ### Remove this function if there's nothing to clean before calling the remove script. true } # Exit if an error occurs during the execution of the script @@ -26,8 +25,8 @@ ynh_abort_if_errors domain=$YNH_APP_ARG_DOMAIN path_url=$YNH_APP_ARG_PATH -admin=$YNH_APP_ARG_ADMIN is_public=$YNH_APP_ARG_IS_PUBLIC +admin=$YNH_APP_ARG_ADMIN app=$YNH_APP_INSTANCE_NAME @@ -53,6 +52,21 @@ ynh_app_setting_set --app=$app --key=admin --value=$admin #================================================= # STANDARD MODIFICATIONS +#================================================= +# INSTALL DEPENDENCIES +#================================================= +ynh_script_progression --message="Installing dependencies..." + +ynh_install_app_dependencies $pkg_dependencies + +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Configuring system user..." --weight=2 + +# Create a system user +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # CREATE A MYSQL DATABASE #================================================= @@ -72,21 +86,9 @@ ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" -#================================================= -# NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Configuring NGINX web server..." --weight=4 - -# Create a dedicated NGINX config -ynh_add_nginx_config - -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." --weight=2 - -# Create a system user -ynh_system_user_create --username=$app +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" #================================================= # PHP-FPM CONFIGURATION @@ -94,9 +96,17 @@ ynh_system_user_create --username=$app ynh_script_progression --message="Configuring PHP-FPM..." --weight=1 # Create a dedicated PHP-FPM config -ynh_add_fpm_config --package="$extra_php_dependencies" +ynh_add_fpm_config phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) +#================================================= +# NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Configuring NGINX web server..." --weight=4 + +# Create a dedicated NGINX config +ynh_add_nginx_config + #================================================= # SPECIFIC SETUP #================================================= @@ -136,6 +146,8 @@ ynh_systemd_action --service_name=nginx --action=reload # Installation with curl ynh_script_progression --message="Finalizing installation..." --weight=2 +install_sso + pushd $final_path/protected php${YNH_PHP_VERSION} yii migrate/up --includeModuleMigrations=1 --interactive=0 @@ -173,51 +185,31 @@ pushd $final_path/protected php${YNH_PHP_VERSION} yii settings/set user auth.allowGuestAccess '0' php${YNH_PHP_VERSION} yii settings/set user auth.internalUsersCanInvite '0' + php${YNH_PHP_VERSION} yii module/enable auth-basic + popd # Remove the public access ynh_permission_update --permission="main" --remove="visitors" -#================================================= -# MODIFY A CONFIG FILE -#================================================= - -#================================================= -# STORE THE CONFIG FILE CHECKSUM -#================================================= - -### `ynh_store_file_checksum` is used to store the checksum of a file. -### That way, during the upgrade script, by using `ynh_backup_if_checksum_is_different`, -### you can make a backup of this file before modifying it again if the admin had modified it. - -# Calculate and store the config file checksum into the app settings ynh_store_file_checksum --file="$final_path/protected/config/common.php" -#================================================= -# GENERIC FINALIZATION -#================================================= -# SECURE FILES AND DIRECTORIES -#================================================= - -# Set permissions on app files -chown -R root: $final_path - -# Remove permission to others than $app and www-data (nginx user) -chmod o-rwx $final_path -chown $app:www-data $final_path - -chown -R $app $final_path/assets -chown -R $app $final_path/protected/config -chown -R $app $final_path/protected/modules -chown -R $app $final_path/protected/runtime -chown -R $app $final_path/uploads/* - #================================================= # SETUP CRON CONFIGURATION #================================================= ynh_add_config --template="../conf/cron" --destination="/etc/cron.d/${app}" +#================================================= +# SECURE FILES AND DIRECTORIES +#================================================= + +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + +#================================================= +# GENERIC FINALIZATION #================================================= # SETUP SSOWAT #================================================= @@ -226,6 +218,8 @@ ynh_script_progression --message="Configuring permissions..." --weight=35 # Make app public if necessary if [ $is_public -eq 1 ] then + # Everyone can access the app. + # The "main" permission is automatically created before the install script. ynh_permission_update --permission="main" --add="visitors" fi diff --git a/scripts/remove b/scripts/remove index 124d7ca..60e363d 100644 --- a/scripts/remove +++ b/scripts/remove @@ -32,14 +32,6 @@ ynh_script_progression --message="Removing the MySQL database..." --weight=1 # Remove a database if it exists, along with the associated user ynh_mysql_remove_db --db_user=$db_user --db_name=$db_name -#================================================= -# REMOVE DEPENDENCIES -#================================================= -ynh_script_progression --message="Removing dependencies..." --weight=1 - -# Remove metapackage and its dependencies -ynh_remove_app_dependencies - #================================================= # REMOVE APP MAIN DIR #================================================= @@ -64,12 +56,20 @@ ynh_script_progression --message="Removing PHP-FPM configuration..." --weight=1 # Remove the dedicated PHP-FPM config ynh_remove_fpm_config +#================================================= +# REMOVE DEPENDENCIES +#================================================= +ynh_script_progression --message="Removing dependencies..." --weight=1 + +# Remove metapackage and its dependencies +ynh_remove_app_dependencies + #================================================= # SPECIFIC REMOVE #================================================= # REMOVE VARIOUS FILES #================================================= -ynh_script_progression --message="Removing CRON configuration..." --weight=2 +ynh_script_progression --message="Removing various files..." --weight=2 # Remove a cron file ynh_secure_remove --file="/etc/cron.d/$app" diff --git a/scripts/restore b/scripts/restore index ca8c817..60f6fd4 100644 --- a/scripts/restore +++ b/scripts/restore @@ -15,7 +15,6 @@ source /usr/share/yunohost/helpers #================================================= ynh_clean_setup () { - #### Remove this function if there's nothing to clean before calling the remove script. true } # Exit if an error occurs during the execution of the script @@ -40,18 +39,18 @@ phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= ynh_script_progression --message="Validating restoration parameters..." --weight=1 -ynh_webpath_available --domain=$domain --path_url=$path_url \ - || ynh_die --message="Path not available: ${domain}${path_url}" test ! -d $final_path \ || ynh_die --message="There is already a directory: $final_path " #================================================= # STANDARD RESTORATION STEPS #================================================= -# RESTORE THE NGINX CONFIGURATION +# RECREATE THE DEDICATED USER #================================================= +ynh_script_progression --message="Recreating the dedicated system user..." --weight=3 -ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" +# Create the dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= # RESTORE THE APP MAIN DIR @@ -60,39 +59,33 @@ ynh_script_progression --message="Restoring the app main directory..." --weight= ynh_restore_file --origin_path="$final_path" -#================================================= -# RECREATE THE DEDICATED USER -#================================================= -ynh_script_progression --message="Recreating the dedicated system user..." --weight=3 - -# Create the dedicated user (if not existing) -ynh_system_user_create --username=$app +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" #================================================= -# RESTORE USER RIGHTS +# SPECIFIC RESTORATION #================================================= +# REINSTALL DEPENDENCIES +#================================================= +ynh_script_progression --message="Reinstalling dependencies..." -# Set permissions on app files -chown -R root: $final_path - -# Remove permission to others than $app and www-data (nginx user) -chmod o-rwx $final_path -chown $app:www-data $final_path - -chown -R $app $final_path/assets -chown -R $app $final_path/protected/config -chown -R $app $final_path/protected/modules -chown -R $app $final_path/protected/runtime -chown -R $app $final_path/uploads/* +# Define and install dependencies +ynh_install_app_dependencies $pkg_dependencies #================================================= # RESTORE THE PHP-FPM CONFIGURATION #================================================= -ynh_script_progression --message="Reconfiguring PHP-FPM..." --weight=5 +ynh_script_progression --message="Restoring the PHP-FPM configuration..." --weight=5 ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" -ynh_add_fpm_config --package="$extra_php_dependencies" +#================================================= +# RESTORE THE NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Restoring the NGINX web server configuration..." + +ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= # RESTORE THE MYSQL DATABASE @@ -106,6 +99,7 @@ ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./ #================================================= # RESTORE VARIOUS FILES #================================================= +ynh_script_progression --message="Restoring various files..." ynh_restore_file --origin_path="/etc/cron.d/$app" diff --git a/scripts/upgrade b/scripts/upgrade index f29f28d..be9537b 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -18,30 +18,20 @@ app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app=$app --key=domain) path_url=$(ynh_app_setting_get --app=$app --key=path) +language=$(ynh_app_setting_get --app=$app --key=language) admin=$(ynh_app_setting_get --app=$app --key=admin) final_path=$(ynh_app_setting_get --app=$app --key=final_path) -language=$(ynh_app_setting_get --app=$app --key=language) db_name=$(ynh_app_setting_get --app=$app --key=db_name) +db_user=$db_name db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) #================================================= # CHECK VERSION #================================================= +ynh_script_progression --message="Checking version..." upgrade_type=$(ynh_check_app_version_changed) -#================================================= -# ENSURE DOWNWARD COMPATIBILITY -#================================================= -ynh_script_progression --message="Ensuring downward compatibility..." --weight=1 - -# Cleaning legacy permissions -if ynh_legacy_permissions_exists; then - ynh_legacy_permissions_delete_all - - ynh_app_setting_delete --app=$app --key=is_public -fi - #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= @@ -58,6 +48,26 @@ ynh_abort_if_errors #================================================= # STANDARD UPGRADE STEPS +#================================================= +# ENSURE DOWNWARD COMPATIBILITY +#================================================= +ynh_script_progression --message="Ensuring downward compatibility..." --weight=1 + +# Cleaning legacy permissions +if ynh_legacy_permissions_exists; then + ynh_legacy_permissions_delete_all + + ynh_app_setting_delete --app=$app --key=is_public +fi + +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 + +# Create a dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -84,23 +94,28 @@ then # Delete old source ynh_secure_remove --file="$final_path.old" + + if [[ ! -d $final_path/$HUMHUB_AUTH_BASIC_PATH ]]; then + install_sso + + pushd $final_path/protected + php${YNH_PHP_VERSION} yii module/enable auth-basic + popd + else + current_version=$(cat $final_path/$HUMHUB_AUTH_BASIC_PATH/module.json | jq -j '.version') + if [ "$current_version" != "$HUMHUB_AUTH_BASIC_VERSION" ]; then + ynh_secure_remove $final_path/$HUMHUB_AUTH_BASIC_PATH + install_sso + fi + fi fi #================================================= -# NGINX CONFIGURATION +# UPGRADE DEPENDENCIES #================================================= -ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=1 +ynh_script_progression --message="Upgrading dependencies..." -# Create a dedicated NGINX config -ynh_add_nginx_config - -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 - -# Create a dedicated user (if not existing) -ynh_system_user_create --username=$app +ynh_install_app_dependencies $pkg_dependencies #================================================= # PHP-FPM CONFIGURATION @@ -110,6 +125,14 @@ ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=1 # Create a dedicated PHP-FPM config ynh_add_fpm_config +#================================================= +# NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=1 + +# Create a dedicated NGINX config +ynh_add_nginx_config + #================================================= # SPECIFIC UPGRADE #================================================= @@ -146,25 +169,16 @@ ynh_script_progression --message="Upgrading crontab..." --weight=1 ynh_add_config --template="../conf/cron" --destination="/etc/cron.d/${app}" -#================================================= -# GENERIC FINALIZATION #================================================= # SECURE FILES AND DIRECTORIES #================================================= -# Set permissions on app files -chown -R root: $final_path - -# Remove permission to others than $app and www-data (nginx user) -chmod o-rwx $final_path -chown $app:www-data $final_path - -chown -R $app $final_path/assets -chown -R $app $final_path/protected/config -chown -R $app $final_path/protected/modules -chown -R $app $final_path/protected/runtime -chown -R $app $final_path/uploads/* +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" +#================================================= +# GENERIC FINALIZATION #================================================= # RELOAD NGINX #=================================================