#!/bin/bash #================================================= # GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= source _common.sh source /usr/share/yunohost/helpers #================================================= # MANAGE SCRIPT FAILURE #================================================= ynh_clean_setup () { ### Remove this function if there's nothing to clean before calling the remove script. true } # Exit if an error occurs during the execution of the script ynh_abort_if_errors #================================================= # RETRIEVE ARGUMENTS FROM THE MANIFEST #================================================= domain=$YNH_APP_ARG_DOMAIN path_url=$YNH_APP_ARG_PATH admin=$YNH_APP_ARG_ADMIN is_public=$YNH_APP_ARG_IS_PUBLIC app=$YNH_APP_INSTANCE_NAME #================================================= # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS #================================================= ynh_script_progression --message="Validating installation parameters..." --time --weight=1 final_path=/var/www/$app test ! -e "$final_path" || ynh_die --message="This path already contains a folder" # Register (book) web path ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url #================================================= # STORE SETTINGS FROM MANIFEST #================================================= ynh_script_progression --message="Storing installation settings..." --time --weight=1 ynh_app_setting_set --app=$app --key=domain --value=$domain ynh_app_setting_set --app=$app --key=path --value=$path_url ynh_app_setting_set --app=$app --key=admin --value=$admin #================================================= # STANDARD MODIFICATIONS #================================================= # FIND AND OPEN A PORT #================================================= ynh_script_progression --message="Finding an available port..." --time --weight=1 # Find an available port port=$(ynh_find_port --port=8095) ynh_app_setting_set --app=$app --key=port --value=$port #================================================= # INSTALL DEPENDENCIES #================================================= ynh_script_progression --message="Installing dependencies..." --time --weight=1 ynh_install_app_dependencies $pkg_dependencies #================================================= # CREATE A MYSQL DATABASE #================================================= ynh_script_progression --message="Creating a MySQL database..." --time --weight=1 db_name=$(ynh_sanitize_dbid --db_name=$app) db_user=$db_name ynh_app_setting_set --app=$app --key=db_name --value=$db_name ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= ynh_script_progression --message="Setting up source files..." --time --weight=1 ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" #================================================= # NGINX CONFIGURATION #================================================= ynh_script_progression --message="Configuring NGINX web server..." --time --weight=1 # Create a dedicated NGINX config ynh_add_nginx_config #================================================= # CREATE DEDICATED USER #================================================= ynh_script_progression --message="Configuring system user..." --time --weight=1 # Create a system user ynh_system_user_create --username=$app #================================================= # PHP-FPM CONFIGURATION #================================================= ynh_script_progression --message="Configuring PHP-FPM..." --time --weight=1 # Create a dedicated PHP-FPM config ynh_add_fpm_config --package="$extra_php_dependencies" phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= # SPECIFIC SETUP #================================================= # ... #================================================= #================================================= # SETUP APPLICATION WITH CURL #================================================= ### Use these lines only if the app installation needs to be finalized through ### web forms. We generally don't want to ask the final user, ### so we're going to use curl to automatically fill the fields and submit the ### forms. # Set right permissions for curl install chown -R $app: $final_path # Set the app as temporarily public for curl call ynh_script_progression --message="Configuring SSOwat..." --time --weight=1 # Making the app public for curl ynh_permission_update --permission="main" --add="visitors" # Reload SSOwat config yunohost app ssowatconf # Reload NGINX ynh_systemd_action --service_name=nginx --action=reload # Installation with curl ynh_script_progression --message="Finalizing installation..." --time --weight=1 ynh_local_curl "/INSTALL_PATH" "key1=value1" "key2=value2" "key3=value3" # Remove the public access ynh_permission_update --permission="main" --remove="visitors" #================================================= # MODIFY A CONFIG FILE #================================================= ynh_add_config --template="../conf/common.php" --destination="$final_path/protected/config/common.php" ynh_replace_string --match_string="match_string" --replace_string="replace_string" --target_file="$final_path/CONFIG_FILE" #================================================= # STORE THE CONFIG FILE CHECKSUM #================================================= ### `ynh_store_file_checksum` is used to store the checksum of a file. ### That way, during the upgrade script, by using `ynh_backup_if_checksum_is_different`, ### you can make a backup of this file before modifying it again if the admin had modified it. # Calculate and store the config file checksum into the app settings ynh_store_file_checksum --file="$final_path/CONFIG_FILE" #================================================= # GENERIC FINALIZATION #================================================= # SECURE FILES AND DIRECTORIES #================================================= # Set permissions to app files chown -R www-data: $final_path #================================================= # SETUP LOGROTATE #================================================= ynh_script_progression --message="Configuring log rotation..." --time --weight=1 ### `ynh_use_logrotate` is used to configure a logrotate configuration for the logs of this app. ### Use this helper only if there is effectively a log file for this app. ### If you're not using this helper: ### - Remove the section "BACKUP LOGROTATE" in the backup script ### - Remove also the section "REMOVE LOGROTATE CONFIGURATION" in the remove script ### - As well as the section "RESTORE THE LOGROTATE CONFIGURATION" in the restore script ### - And the section "SETUP LOGROTATE" in the upgrade script # Use logrotate to manage application logfile(s) ynh_use_logrotate #================================================= # INTEGRATE SERVICE IN YUNOHOST #================================================= ynh_script_progression --message="Integrating service in YunoHost..." --time --weight=1 yunohost service add $app --description="A short description of the app" --log="/var/log/$app/$app.log" ### Additional options starting with 3.8: ### ### --needs_exposed_ports "$port" a list of ports that needs to be publicly exposed ### which will then be checked by YunoHost's diagnosis system ### (N.B. DO NOT USE THIS is the port is only internal!!!) ### ### --test_status "some command" a custom command to check the status of the service ### (only relevant if 'systemctl status' doesn't do a good job) ### ### --test_conf "some command" some command similar to "nginx -t" that validates the conf of the service ### ### Re-calling 'yunohost service add' during the upgrade script is the right way ### to proceed if you later realize that you need to enable some flags that ### weren't enabled on old installs (be careful it'll override the existing ### service though so you should re-provide all relevant flags when doing so) #================================================= # START SYSTEMD SERVICE #================================================= ynh_script_progression --message="Starting a systemd service..." --time --weight=1 ### `ynh_systemd_action` is used to start a systemd service for an app. ### Only needed if you have configure a systemd service ### If you're not using these lines: ### - Remove the section "STOP SYSTEMD SERVICE" and "START SYSTEMD SERVICE" in the backup script ### - As well as the section "START SYSTEMD SERVICE" in the restore script ### - As well as the section"STOP SYSTEMD SERVICE" and "START SYSTEMD SERVICE" in the upgrade script ### - And the section "STOP SYSTEMD SERVICE" and "START SYSTEMD SERVICE" in the change_url script # Start a systemd service ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" #================================================= # SETUP FAIL2BAN #================================================= ynh_script_progression --message="Configuring Fail2Ban..." --time --weight=1 # Create a dedicated Fail2Ban config ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login" #================================================= # SETUP SSOWAT #================================================= ynh_script_progression --message="Configuring permissions..." --time --weight=1 # Make app public if necessary if [ $is_public -eq 1 ] then ynh_permission_update --permission="main" --add="visitors" fi #================================================= # RELOAD NGINX #================================================= ynh_script_progression --message="Reloading NGINX web server..." --time --weight=1 ynh_systemd_action --service_name=nginx --action=reload #================================================= # END OF SCRIPT #================================================= ynh_script_progression --message="Installation of $app completed" --last # Hotfixes # Fix LDAP email. See https://github.com/humhub/humhub/issues/1949 sudo cp -a ../sources/fix/AuthClientHelpers.php $src_path/protected/humhub/modules/user/authclient/AuthClientHelpers.php # Fix to allow passwordless LDAP login sudo cp -a ../sources/fix/ZendLdapClient.php $src_path/protected/humhub/modules/user/authclient/ZendLdapClient.php sudo sed -i "s@defined('YII_DEBUG') or define('YII_DEBUG', true);@//defined('YII_DEBUG') or define('YII_DEBUG', true);@g" $src_path/index.php sudo sed -i "s@defined('YII_ENV') or define('YII_ENV', 'dev');@//defined('YII_ENV') or define('YII_ENV', 'dev');@g" $src_path/index.php # Set permissions to app files sudo chown -R www-data: $src_path # Cron echo "30 * * * * $src_path/protected/yii cron hourly >/dev/null 2>&1" > cron echo "00 18 * * * $src_path/protected/yii cron daily >/dev/null 2>&1" > cron sudo mv cron /etc/cron.d/${app} sudo chown root /etc/cron.d/${app} # Install # Disable SSO ynh_app_setting_set "$app" unprotected_uris "/" sudo yunohost app ssowatconf # Install with CURL admin_temp_pass=$(ynh_string_random 6) admin_email=$(sudo yunohost user info "$admin" --output-as plain | ynh_get_plain_key mail) admin_firstname=$(sudo yunohost user info "$admin" --output-as plain | ynh_get_plain_key firstname) admin_lastname=$(sudo yunohost user info "$admin" --output-as plain | ynh_get_plain_key lastname) ynh_local_curl "/index.php?r=installer/index/go" "go" ynh_local_curl "/index.php?r=installer/config/basic" \ "ConfigBasicForm[name]=YunoHost" ynh_local_curl "/index.php?r=installer/config/use-case" \ "UseCaseForm[useCase]=" \ "UseCaseForm[useCase]=other" ynh_local_curl "/index.php?r=installer/config/admin" \ "User[username]=$admin" \ "User[email]=$admin_email" \ "Password[newPassword]=$admin_temp_pass" \ "Password[newPasswordConfirm]=$admin_temp_pass" \ "Profile[firstname]=$admin_firstname" \ "Profile[lastname]=$admin_lastname" \ "save" ynh_local_curl "/index.php?r=installer/config/sample-data" \ "SampleDataForm[sampleData]=0" # Populate the LDAP parameters sed -i "s@YNH_ADMIN_USER@$admin@g" ../conf/ldap.sql mysql -u $db_user -p${db_pwd} $db_name < ../conf/ldap.sql