diff --git a/scripts/install b/scripts/install index 3e26683..dfcabfd 100644 --- a/scripts/install +++ b/scripts/install @@ -115,6 +115,8 @@ ynh_script_progression --message="Configuring system user..." # Create a system user ynh_system_user_create --username=$app --home_dir="$final_path" +gpasswd --add prosody $app +gpasswd --add www-data $app #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE @@ -141,7 +143,9 @@ do ynh_secure_remove --file="$final_path/${package}_temp" done -chown -R $app: "$final_path" +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:$app "$final_path" #================================================= # NGINX CONFIGURATION diff --git a/scripts/remove b/scripts/remove index e8575b9..5d6b44e 100644 --- a/scripts/remove +++ b/scripts/remove @@ -113,6 +113,7 @@ ynh_remove_app_dependencies # Remove Prosody ynh_app_setting_delete --app=$app --key=require_prosody +gpasswd --delete prosody $app # List apps requiring Prosody installed_apps=$(yunohost app list | grep -oP 'id: \K.*$') @@ -172,6 +173,7 @@ ynh_secure_remove --file="/var/log/$app" #================================================= ynh_script_progression --message="Removing the dedicated system user..." +gpasswd --delete www-data $app # Delete a system user ynh_system_user_delete --username=$app diff --git a/scripts/restore b/scripts/restore index e97d81e..e3b8b01 100644 --- a/scripts/restore +++ b/scripts/restore @@ -66,6 +66,8 @@ ynh_script_progression --message="Recreating the dedicated system user..." # Create the dedicated user (if not existing) ynh_system_user_create --username=$app --home_dir="$final_path" +gpasswd --add prosody $app +gpasswd --add www-data $app #================================================= # RESTORE THE APP MAIN DIR @@ -74,7 +76,9 @@ ynh_script_progression --message="Restoring the app main directory..." ynh_restore_file --origin_path="$final_path" -chown -R root: $final_path +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:$app "$final_path" #================================================= # SPECIFIC RESTORATION @@ -112,6 +116,7 @@ ynh_exec_warn_less yunohost firewall allow --no-upnp UDP $port_videobridge ynh_script_progression --message="Configuring prosody..." ynh_restore_file --origin_path="/etc/prosody/conf.avail/$domain.cfg.lua" +chmod 644 "/etc/prosody/conf.avail/$domain.cfg.lua" ln -s "/etc/prosody/conf.avail/$domain.cfg.lua" "/etc/prosody/conf.d/$domain.cfg.lua" ln -sf /var/lib/prosody/$domain.key /etc/prosody/certs/$domain.key @@ -138,6 +143,8 @@ ynh_script_progression --message="Restoring the app config..." ynh_restore_file --origin_path="/etc/$app" +chmod 644 "/etc/$app/meet/$domain-config.js" + #================================================= # CREATE LOG DIR #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index a13259e..92a74af 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -85,6 +85,8 @@ ynh_script_progression --message="Making sure dedicated system user exists..." # Create a dedicated user (if not existing) ynh_system_user_create --username=$app --home_dir="$final_path" +gpasswd --add prosody $app +gpasswd --add www-data $app #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE @@ -115,6 +117,10 @@ then done fi +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:$app "$final_path" + #================================================= # NGINX CONFIGURATION #=================================================