Major improvements

- Auto-install
- Auto-setup LDAP
- Install and upgrade from URL (no source in repo)
- Improvement upgrade
- PHP5-FPM
- Package_check attempt

check_process

@@ -0,0 +1,36 @@
+;; Test HumHub
+    auto_remove=1
+    ; Manifest
+        domain="domain.tld"	(DOMAIN)
+        path="/humhub"    	(PATH)
+        admin="john"   		(USER)
+		is_public=0 		(PUBLIC|public=0|private=1)
+    ; Checks
+        pkg_linter=1
+        setup_sub_dir=1
+        setup_root=1
+        setup_nourl=0
+        setup_private=1
+        setup_public=1
+        upgrade=1
+        backup_restore=1
+        multi_instance=1
+        wrong_user=1
+        wrong_path=1
+        incorrect_path=1
+        corrupt_source=0
+        fail_download_source=0
+        port_already_use=0
+        final_path_already_use=0
+;;; Levels
+    Level 1=auto
+    Level 2=auto
+    Level 3=auto
+    Level 4=na
+# LDAP is integrated but no SSO yet
+    Level 5=auto
+    Level 6=auto
+    Level 7=auto
+    Level 8=0
+    Level 9=0
+	Level 10=0

conf/common.php

@@ -8,4 +8,4 @@ return [
             'password' => 'DBPASS_TO_CHANGE',
         ],
     ]
-];
+];

conf/ldap.sql

@@ -0,0 +1,19 @@
+REPLACE INTO setting (`name`, `value`, `module_id`) VALUES
+('auth.ldap.enabled', '1', 'user'), 
+('auth.ldap.hostname', 'localhost', 'user'),
+('auth.ldap.port', '389', 'user'),
+('auth.ldap.encryption', '', 'user'), 
+('auth.ldap.username', '', 'user'), 
+('auth.ldap.password', '', 'user'), 
+('auth.ldap.baseDn', 'ou=users,dc=yunohost,dc=org', 'user'), 
+('auth.ldap.loginFilter', '(uid=%s)', 'user'),
+('auth.ldap.userFilter', 'objectClass=mailAccount', 'user'),
+('auth.ldap.emailAttribute', 'mail', 'user'), 
+('auth.ldap.usernameAttribute', 'uid', 'user'),
+('auth.ldap.refreshUsers', '1', 'user'),
+('auth.anonymousRegistration', '0', 'user'),
+('auth.allowGuestAccess', '0', 'user'),
+('auth.internalUsersCanInvite', '0', 'user');
+
+UPDATE `user` SET `auth_mode` = 'ldap' WHERE `user`.`username` = 'YNH_ADMIN_USER';
+

conf/nginx.conf

@@ -2,10 +2,10 @@ location YNH_WWW_PATH/ {
 	alias YNH_WWW_ALIAS;
 	index index.php;
 	try_files $uri $uri/ index.php?$args;
-  
+
 	location ~ [^/]\.php(/|$) {
 		fastcgi_split_path_info ^(.+?\.php)(/.*)$;
-		fastcgi_pass unix:/var/run/php5-fpm.sock;
+		fastcgi_pass unix:/var/run/php5-fpm-YNH_WWW_APP.sock;
 		fastcgi_index index.php;
 		include fastcgi_params;
 		fastcgi_param REMOTE_USER $remote_user;

conf/php-fpm.conf

@@ -0,0 +1,251 @@
+; Start a new pool named 'www'.
+; the variable $pool can we used in any directive and will be replaced by the
+; pool name ('www' here)
+[YNH_WWW_APP]
+
+; Per pool prefix
+; It only applies on the following directives:
+; - 'slowlog'
+; - 'listen' (unixsocket)
+; - 'chroot'
+; - 'chdir'
+; - 'php_values'
+; - 'php_admin_values'
+; When not set, the global prefix (or /usr) applies instead.
+; Note: This directive can also be relative to the global prefix.
+; Default Value: none
+;prefix = /path/to/pools/$pool
+
+; The address on which to accept FastCGI requests.
+; Valid syntaxes are:
+;   'ip.add.re.ss:port'    - to listen on a TCP socket to a specific address on
+;                            a specific port;
+;   'port'                 - to listen on a TCP socket to all addresses on a
+;                            specific port;
+;   '/path/to/unix/socket' - to listen on a unix socket.
+; Note: This value is mandatory.
+listen = /var/run/php5-fpm-YNH_WWW_APP.sock
+
+; Set listen(2) backlog. A value of '-1' means unlimited.
+; Default Value: 128 (-1 on FreeBSD and OpenBSD)
+;listen.backlog = -1
+
+; List of ipv4 addresses of FastCGI clients which are allowed to connect.
+; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
+; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
+; must be separated by a comma. If this value is left blank, connections will be
+; accepted from any ip address.
+; Default Value: any
+;listen.allowed_clients = 127.0.0.1
+
+; Set permissions for unix socket, if one is used. In Linux, read/write
+; permissions must be set in order to allow connections from a web server. Many
+; BSD-derived systems allow connections regardless of permissions.
+; Default Values: user and group are set as the running user
+;                 mode is set to 0666
+listen.owner = www-data
+listen.group = www-data
+listen.mode = 0600
+
+; Unix user/group of processes
+; Note: The user is mandatory. If the group is not set, the default user's group
+;       will be used.
+user = www-data
+group = www-data
+
+; Choose how the process manager will control the number of child processes.
+; Possible Values:
+;   static  - a fixed number (pm.max_children) of child processes;
+;   dynamic - the number of child processes are set dynamically based on the
+;             following directives:
+;             pm.max_children      - the maximum number of children that can
+;                                    be alive at the same time.
+;             pm.start_servers     - the number of children created on startup.
+;             pm.min_spare_servers - the minimum number of children in 'idle'
+;                                    state (waiting to process). If the number
+;                                    of 'idle' processes is less than this
+;                                    number then some children will be created.
+;             pm.max_spare_servers - the maximum number of children in 'idle'
+;                                    state (waiting to process). If the number
+;                                    of 'idle' processes is greater than this
+;                                    number then some children will be killed.
+; Note: This value is mandatory.
+pm = dynamic
+
+; The number of child processes to be created when pm is set to 'static' and the
+; maximum number of child processes to be created when pm is set to 'dynamic'.
+; This value sets the limit on the number of simultaneous requests that will be
+; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
+; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
+; CGI.
+; Note: Used when pm is set to either 'static' or 'dynamic'
+; Note: This value is mandatory.
+pm.max_children = 6
+
+; The number of child processes created on startup.
+; Note: Used only when pm is set to 'dynamic'
+; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2
+pm.start_servers = 3
+
+; The desired minimum number of idle server processes.
+; Note: Used only when pm is set to 'dynamic'
+; Note: Mandatory when pm is set to 'dynamic'
+pm.min_spare_servers = 3
+
+; The desired maximum number of idle server processes.
+; Note: Used only when pm is set to 'dynamic'
+; Note: Mandatory when pm is set to 'dynamic'
+pm.max_spare_servers = 5
+
+; The number of requests each child process should execute before respawning.
+; This can be useful to work around memory leaks in 3rd party libraries. For
+; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
+; Default Value: 0
+pm.max_requests = 500
+
+; The URI to view the FPM status page. If this value is not set, no URI will be
+; recognized as a status page. By default, the status page shows the following
+; information:
+;   accepted conn        - the number of request accepted by the pool;
+;   pool                 - the name of the pool;
+;   process manager      - static or dynamic;
+;   idle processes       - the number of idle processes;
+;   active processes     - the number of active processes;
+;   total processes      - the number of idle + active processes.
+;   max children reached - number of times, the process limit has been reached,
+;                          when pm tries to start more children (works only for
+;                          pm 'dynamic')
+; The values of 'idle processes', 'active processes' and 'total processes' are
+; updated each second. The value of 'accepted conn' is updated in real time.
+; Example output:
+;   accepted conn:        12073
+;   pool:                 www
+;   process manager:      static
+;   idle processes:       35
+;   active processes:     65
+;   total processes:      100
+;   max children reached: 1
+; By default the status page output is formatted as text/plain. Passing either
+; 'html' or 'json' as a query string will return the corresponding output
+; syntax. Example:
+;   http://www.foo.bar/status
+;   http://www.foo.bar/status?json
+;   http://www.foo.bar/status?html
+; Note: The value must start with a leading slash (/). The value can be
+;       anything, but it may not be a good idea to use the .php extension or it
+;       may conflict with a real PHP file.
+; Default Value: not set
+pm.status_path = /fpm-status
+
+; The ping URI to call the monitoring page of FPM. If this value is not set, no
+; URI will be recognized as a ping page. This could be used to test from outside
+; that FPM is alive and responding, or to
+; - create a graph of FPM availability (rrd or such);
+; - remove a server from a group if it is not responding (load balancing);
+; - trigger alerts for the operating team (24/7).
+; Note: The value must start with a leading slash (/). The value can be
+;       anything, but it may not be a good idea to use the .php extension or it
+;       may conflict with a real PHP file.
+; Default Value: not set
+ping.path = /ping
+
+; This directive may be used to customize the response of a ping request. The
+; response is formatted as text/plain with a 200 response code.
+; Default Value: pong
+;ping.response = pong
+
+; The timeout for serving a single request after which the worker process will
+; be killed. This option should be used when the 'max_execution_time' ini option
+; does not stop script execution for some reason. A value of '0' means 'off'.
+; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
+; Default Value: 0
+request_terminate_timeout = 120s
+
+; The timeout for serving a single request after which a PHP backtrace will be
+; dumped to the 'slowlog' file. A value of '0s' means 'off'.
+; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
+; Default Value: 0
+request_slowlog_timeout = 5s
+
+; The log file for slow requests
+; Default Value: not set
+; Note: slowlog is mandatory if request_slowlog_timeout is set
+slowlog = /var/log/nginx/YNH_WWW_APP.slow.log
+
+; Set open file descriptor rlimit.
+; Default Value: system defined value
+rlimit_files = 4096
+
+; Set max core size rlimit.
+; Possible Values: 'unlimited' or an integer greater or equal to 0
+; Default Value: system defined value
+rlimit_core = 0
+
+; Chroot to this directory at the start. This value must be defined as an
+; absolute path. When this value is not set, chroot is not used.
+; Note: you can prefix with '$prefix' to chroot to the pool prefix or one
+; of its subdirectories. If the pool prefix is not set, the global prefix
+; will be used instead.
+; Note: chrooting is a great security feature and should be used whenever
+;       possible. However, all PHP paths will be relative to the chroot
+;       (error_log, sessions.save_path, ...).
+; Default Value: not set
+;chroot =
+
+; Chdir to this directory at the start.
+; Note: relative path can be used.
+; Default Value: current directory or / when chroot
+chdir = YNH_WWW_ALIAS
+
+; Redirect worker stdout and stderr into main error log. If not set, stdout and
+; stderr will be redirected to /dev/null according to FastCGI specs.
+; Note: on highloaded environement, this can cause some delay in the page
+; process time (several ms).
+; Default Value: no
+catch_workers_output = yes
+
+; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
+; the current environment.
+; Default Value: clean env
+;env[HOSTNAME] = $HOSTNAME
+;env[PATH] = /usr/local/bin:/usr/bin:/bin
+;env[TMP] = /tmp
+;env[TMPDIR] = /tmp
+;env[TEMP] = /tmp
+
+; Additional php.ini defines, specific to this pool of workers. These settings
+; overwrite the values previously defined in the php.ini. The directives are the
+; same as the PHP SAPI:
+;   php_value/php_flag             - you can set classic ini defines which can
+;                                    be overwritten from PHP call 'ini_set'.
+;   php_admin_value/php_admin_flag - these directives won't be overwritten by
+;                                     PHP call 'ini_set'
+; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no.
+
+; Defining 'extension' will load the corresponding shared extension from
+; extension_dir. Defining 'disable_functions' or 'disable_classes' will not
+; overwrite previously defined php.ini values, but will append the new value
+; instead.
+
+; Note: path INI options can be relative and will be expanded with the prefix
+; (pool, global or /usr)
+
+; Default Value: nothing is defined by default except the values in php.ini and
+;                specified at startup with the -d argument
+;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com
+;php_flag[display_errors] = off
+;php_admin_value[error_log] = /var/log/fpm-php.www.log
+;php_admin_flag[log_errors] = on
+;php_admin_value[memory_limit] = 32M
+
+# Common values to change to increase file upload limit
+php_value[upload_max_filesize] = 1G
+php_value[post_max_size] = 1G
+;php_value[mail.add_x_header] = Off
+
+# Other common parameters
+;php_value[max_execution_time] = 600
+;php_value[max_input_time] = 300
+;php_value[memory_limit] = 256M
+;php_value[short_open_tag] = On
+

manifest.json

@@ -41,7 +41,25 @@
                 },
                 "example": "/humhub",
                 "default": "/humhub"
-            }
+            },
+			{
+                "name": "admin",
+                "type": "user",
+                "ask": {
+                    "en": "Choose an admin user",
+                    "fr": "Choisissez l’administrateur"
+                },
+                "example": "johndoe"
+            },
+			{
+                "name": "is_public",
+                "type": "boolean",
+                "ask": {
+                    "en": "Is it a public site?",
+                    "fr": "Est-ce un site public ?"
+                },
+                "default": false
+			}
         ]
     }
 }

scripts/_extrahelpers

@@ -0,0 +1,31 @@
+#
+# Extra helpers not implemeted yet in core
+#
+
+# Curl abstraction to help with POST requests to local pages (such as installation forms)
+# See https://github.com/YunoHost/yunohost/pull/288
+# $domain and $path_url should be defined externally (and correspond to the domain.tld and the /path (of the app?))
+#
+# example: ynh_local_curl "/install.php?installButton" "foo=$var1" "bar=$var2"
+# 
+# usage: ynh_local_curl "page_uri" "key1=value1" "key2=value2" ...
+# | arg: page_uri    - Path (relative to $path_url) of the page where POST data will be sent
+# | arg: key1=value1 - (Optionnal) POST key and corresponding value
+# | arg: key2=value2 - (Optionnal) Another POST key and corresponding value
+# | arg: ...         - (Optionnal) More POST keys and values
+ynh_local_curl () {
+	# Define url of page to curl
+	full_page_url=https://localhost$path$1
+
+	# Concatenate all other arguments with '&' to prepare POST data
+	POST_data=""
+	for arg in "${@:2}"
+	do
+		POST_data="${POST_data}${arg}&"
+	done
+	# (Remove the last character, which is an unecessary '&')
+	POST_data=${POST_data::-1}
+
+	# Curl the URL
+	curl -kL -H "Host: $domain" --resolve $domain:443:127.0.0.1 --data "$POST_data" "$full_page_url" 2>&1
+}

scripts/backup

@@ -21,3 +21,6 @@ app=$YNH_APP_INSTANCE_NAME
 # Copy NGINX configuration
 	domain=$(ynh_app_setting_get "$app" domain)
 	ynh_backup "/etc/nginx/conf.d/${domain}.d/${app}.conf" "nginx.conf"
+
+# Copy PHP-FPM configuration
+	ynh_backup "/etc/php5/fpm/pool.d/${app}.conf" "php-fpm.conf"

scripts/install

@@ -4,15 +4,18 @@
 set -eu
 
 app=$YNH_APP_INSTANCE_NAME
-version='1.2.0'
+version=$(cat ../sources/version)
-source='https://github.com/humhub/humhub'
+source='https://sourceforge.net/projects/humhub/files/'
 
 # Retrieve arguments
 	domain=$YNH_APP_ARG_DOMAIN
 	path=$YNH_APP_ARG_PATH
+	admin=$YNH_APP_ARG_ADMIN
+	is_public=$YNH_APP_ARG_IS_PUBLIC
 
 # Source YunoHost helpers
 	source /usr/share/yunohost/helpers
+	source ./_extrahelpers
 
 # Correct path: puts a / at the start and nothing at the end
 	if [ "${path:0:1}" != "/" ]; then
@@ -26,10 +29,16 @@ source='https://github.com/humhub/humhub'
 	sudo yunohost app checkurl "${domain}${path}" -a "$app" \
 		|| ynh_die "Path not available: ${domain}${path}"
 
+# Check admin user parameter
+	ynh_user_exists "$admin" \
+	  || ynh_die "The chosen admin user does not exist"
+	ynh_app_setting_set "$app" admin "$admin"
+
 # Copy source files
 	src_path=/var/www/$app
 	sudo mkdir -p $src_path
-	sudo unzip -qq ../sources/humhub-${version}.zip
+	sudo wget -q "${source}humhub-${version}.zip/download" -O humhub-${version}.zip
+	sudo unzip -qq humhub-${version}.zip
 	sudo cp -a humhub-${version}/. $src_path
 
 # Hotfixes
@@ -37,6 +46,8 @@ source='https://github.com/humhub/humhub'
 	sudo cp -a ../sources/fix/AuthClientHelpers.php $src_path/protected/humhub/modules/user/authclient/AuthClientHelpers.php
 	# Fix to allow passwordless LDAP login
 	sudo cp -a ../sources/fix/ZendLdapClient.php $src_path/protected/humhub/modules/user/authclient/ZendLdapClient.php
+	sudo sed -i "s@defined('YII_DEBUG') or define('YII_DEBUG', true);@//defined('YII_DEBUG') or define('YII_DEBUG', true);@g" $src_path/index.php
+	sudo sed -i "s@defined('YII_ENV') or define('YII_ENV', 'dev');@//defined('YII_ENV') or define('YII_ENV', 'dev');@g" $src_path/index.php
 
 # MySQL
 	dbuser=$app
@@ -65,8 +76,60 @@ source='https://github.com/humhub/humhub'
 	nginx_conf=../conf/nginx.conf
 	sed -i "s@YNH_WWW_PATH@${path:-/}@g" $nginx_conf
 	sed -i "s@YNH_WWW_ALIAS@$src_path/@g" $nginx_conf
+	sed -i "s@YNH_WWW_APP@$app@g" $nginx_conf
 	sudo cp $nginx_conf /etc/nginx/conf.d/$domain.d/$app.conf
 
+# PHP
+	sed -i "s@YNH_WWW_APP@$app@g" ../conf/php-fpm.conf
+	sed -i "s@YNH_WWW_ALIAS@$src_path/@g" ../conf/php-fpm.conf
+	finalphpconf=/etc/php5/fpm/pool.d/$app.conf
+	sudo cp ../conf/php-fpm.conf $finalphpconf
+	sudo chown root: $finalphpconf
+	sudo chmod 644 $finalphpconf
+
 # Reload services
 	sudo service php5-fpm reload
 	sudo service nginx reload
+
+# Install
+	# Disable SSO
+	ynh_app_setting_set "$app" unprotected_uris "/"
+	sudo yunohost app ssowatconf
+
+	# Install with CURL
+	admin_temp_pass=$(ynh_string_random 6)
+	admin_email=$(sudo yunohost user info "$admin" --output-as plain | ynh_get_plain_key mail)
+	admin_firstname=$(sudo yunohost user info "$admin" --output-as plain | ynh_get_plain_key firstname)
+	admin_lastname=$(sudo yunohost user info "$admin" --output-as plain | ynh_get_plain_key lastname)
+
+	ynh_local_curl "/index.php?r=installer/index/go" "go"
+
+	ynh_local_curl "/index.php?r=installer/config/basic" \
+		"ConfigBasicForm[name]=YunoHost"
+
+	ynh_local_curl "/index.php?r=installer/config/use-case" \
+		"UseCaseForm[useCase]=" \
+		"UseCaseForm[useCase]=other"
+
+	ynh_local_curl "/index.php?r=installer/config/admin" \
+		"User[username]=$admin" \
+		"User[email]=$admin_email" \
+		"Password[newPassword]=$admin_temp_pass" \
+		"Password[newPasswordConfirm]=$admin_temp_pass" \
+		"Profile[firstname]=$admin_firstname" \
+		"Profile[lastname]=$admin_lastname" \
+		"save"
+
+	ynh_local_curl "/index.php?r=installer/config/sample-data" \
+		"SampleDataForm[sampleData]=0"
+
+	# Populate the LDAP parameters
+	sed -i "s@YNH_ADMIN_USER@$admin@g" ../conf/ldap.sql
+	mysql -u ${dbuser} -p${dbpass} ${dbname} < ../conf/ldap.sql
+
+	# Enable SSO if chosen by the user
+	if [ $is_public = 0 ];
+	then
+	  	ynh_app_setting_delete $app unprotected_uris
+		sudo yunohost app ssowatconf
+	fi

scripts/remove

@@ -1,4 +1,5 @@
 #!/bin/bash
+set -u
 
 app=$YNH_APP_INSTANCE_NAME
 
@@ -10,16 +11,20 @@ app=$YNH_APP_INSTANCE_NAME
 
 # Remove sources
 	sudo rm -rf /var/www/$app
-	sudo rm -f /etc/cron.d/${app}
+	sudo rm -f /etc/cron.d/$app
 
 # Remove nginx configuration file
 	sudo rm -f /etc/nginx/conf.d/$domain.d/$app.conf
 
+# Remove PHP-FPM configuration file
+	sudo rm -f /etc/php5/fpm/pool.d/$app.conf
+
 # MySQL
 	dbname=$app
 	dbuser=$app
 	ynh_mysql_drop_db "$dbname" || true
 	ynh_mysql_drop_user "$dbuser" || true
 
-# Reload nginx service
+# Reload services
+	sudo service php5-fpm reload
 	sudo service nginx reload

scripts/restore

@@ -1,8 +1,5 @@
 #!/bin/bash
 
-# Note: each files and directories you've saved using the ynh_backup helper
-# will be located in the current directory, regarding the last argument.
-
 # Exit on command errors and treat unset variables as an error
 set -eu
 
@@ -37,5 +34,9 @@ app=$YNH_APP_INSTANCE_NAME
 # Restore NGINX configuration
 	sudo cp -a ./nginx.conf "/etc/nginx/conf.d/${domain}.d/${app}.conf"
 
-# Restart webserver
+# Restore PHP-FPM configuration
+	sudo cp -a ./php-fpm.conf "/etc/php5/fpm/pool.d/${app}.conf"
+
+# Restart services
+	sudo service php5-fpm reload
 	sudo service nginx reload

scripts/upgrade

@@ -4,7 +4,8 @@
 set -eu
 
 app=$YNH_APP_INSTANCE_NAME
-version='1.2.0'
+version=$(cat ../sources/version)
+source='https://sourceforge.net/projects/humhub/files/'
 
 # Source YunoHost helpers
 	source /usr/share/yunohost/helpers
@@ -15,6 +16,7 @@ version='1.2.0'
 	dbuser=$app
 	dbname=$app
 	dbpass=$(ynh_app_setting_get "$app" mysqlpwd)
+	src_path=/var/www/$app
 
 # Correct path: puts a / at the start and nothing at the end
 	if [ "${path:0:1}" != "/" ]; then
@@ -25,27 +27,34 @@ version='1.2.0'
 	fi
 
 # Copy source files
+	sudo mv "$src_path" "$src_path.old"
 	sudo mkdir -p $src_path
-	sudo unzip -qq ../sources/humhub-$version.zip
+	sudo wget -q "${source}humhub-${version}.zip/download" -O humhub-${version}.zip
+	sudo unzip -qq humhub-${version}.zip
 	sudo cp -a humhub-$version/. $src_path
 
-# Conf
+# Restore files
-	app_conf=../conf/common.php
+	sudo cp -a "$src_path.old/uploads/." "$src_path/uploads/."
-	sed -i "s@DBNAME_TO_CHANGE@$dbname@g" $app_conf
+	sudo cp -a "$src_path.old/protected/runtime" "$src_path/protected/runtime"
-	sed -i "s@DBUSER_TO_CHANGE@$dbuser@g" $app_conf
+	sudo cp -a "$src_path.old/protected/config/." "$src_path/protected/config/"
-	sed -i "s@DBPASS_TO_CHANGE@$dbpass@g" $app_conf
+	sudo cp -a "$src_path.old/protected/modules/." "$src_path/protected/modules/"
-	sudo cp $app_conf $src_path/protected/config/common.php
+	sudo cp -a "$src_path.old/themes/." "$src_path/themes/"
 
 # Hotfixes
 	# Fix LDAP email. See https://github.com/humhub/humhub/issues/1949
 	sudo cp -a ../sources/fix/AuthClientHelpers.php $src_path/protected/humhub/modules/user/authclient/AuthClientHelpers.php
 	# Fix to allow passwordless LDAP login
 	sudo cp -a ../sources/fix/ZendLdapClient.php $src_path/protected/humhub/modules/user/authclient/ZendLdapClient.php
+	sudo sed -i "s@defined('YII_DEBUG') or define('YII_DEBUG', true);@//defined('YII_DEBUG') or define('YII_DEBUG', true);@g" $src_path/index.php
+		sudo sed -i "s@defined('YII_ENV') or define('YII_ENV', 'dev');@//defined('YII_ENV') or define('YII_ENV', 'dev');@g" $src_path/index.php
 
 # Set permissions to app files
 	sudo chown -R www-data: $src_path
 
-# Cron
+# Upgrade
+	sudo sudo -u www-data php $src_path/protected/yii migrate/up --includeModuleMigrations=1 --interactive=0 > /dev/null 2>&1
+
+# Upgrade cron
 	echo "30 * * * * $src_path/protected/yii cron hourly >/dev/null 2>&1" > cron
 	echo "00 18 * * * $src_path/protected/yii cron daily >/dev/null 2>&1" > cron
 	sudo mv cron /etc/cron.d/${app}
@@ -55,8 +64,20 @@ version='1.2.0'
 	nginx_conf=../conf/nginx.conf
 	sed -i "s@YNH_WWW_PATH@${path:-/}@g" $nginx_conf
 	sed -i "s@YNH_WWW_ALIAS@$src_path/@g" $nginx_conf
+	sed -i "s@YNH_WWW_APP@$app@g" $nginx_conf
 	sudo cp $nginx_conf /etc/nginx/conf.d/$domain.d/$app.conf
 
+# PHP
+	sed -i "s@YNH_WWW_APP@$app@g" ../conf/php-fpm.conf
+	sed -i "s@YNH_WWW_ALIAS@$src_path/@g" ../conf/php-fpm.conf
+	finalphpconf=/etc/php5/fpm/pool.d/$app.conf
+	sudo cp ../conf/php-fpm.conf $finalphpconf
+	sudo chown root: $finalphpconf
+	sudo chmod 644 $finalphpconf
+
 # Reload nginx service
 	sudo service php5-fpm reload
 	sudo service nginx reload
+
+# Delete old source
+	sudo rm -rf "$src_path.old"

sources/version

@@ -0,0 +1 @@
+1.2.0