YunoHost-Apps/jitsi_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/jitsi_ynh.git synced 2024-09-03 19:35:57 +02:00
Code Issues Activity Actions

more security

Browse source
This commit is contained in:
yalh76 2022-02-08 22:42:11 +01:00
parent fe5f1461b4
commit da6e8b429c
4 changed files with 21 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
scripts/install
View file

@ -115,6 +115,8 @@ ynh_script_progression --message="Configuring system user..."
# Create a system user # Create a system user
ynh_system_user_create --username=$app --home_dir="$final_path" ynh_system_user_create --username=$app --home_dir="$final_path"
gpasswd --add prosody $app
gpasswd --add www-data $app
#================================================= #=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE # DOWNLOAD, CHECK AND UNPACK SOURCE
@ -141,7 +143,9 @@ do
ynh_secure_remove --file="$final_path/${package}_temp" ynh_secure_remove --file="$final_path/${package}_temp"
done done
chown -R $app: "$final_path" chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:$app "$final_path"
#================================================= #=================================================
# NGINX CONFIGURATION # NGINX CONFIGURATION

2
scripts/remove
View file

@ -113,6 +113,7 @@ ynh_remove_app_dependencies
# Remove Prosody # Remove Prosody
ynh_app_setting_delete --app=$app --key=require_prosody ynh_app_setting_delete --app=$app --key=require_prosody
gpasswd --delete prosody $app
# List apps requiring Prosody # List apps requiring Prosody
installed_apps=$(yunohost app list | grep -oP 'id: \K.*$') installed_apps=$(yunohost app list | grep -oP 'id: \K.*$')
@ -172,6 +173,7 @@ ynh_secure_remove --file="/var/log/$app"
#================================================= #=================================================
ynh_script_progression --message="Removing the dedicated system user..." ynh_script_progression --message="Removing the dedicated system user..."
gpasswd --delete www-data $app
# Delete a system user # Delete a system user
ynh_system_user_delete --username=$app ynh_system_user_delete --username=$app

9
scripts/restore
View file

@ -66,6 +66,8 @@ ynh_script_progression --message="Recreating the dedicated system user..."
# Create the dedicated user (if not existing) # Create the dedicated user (if not existing)
ynh_system_user_create --username=$app --home_dir="$final_path" ynh_system_user_create --username=$app --home_dir="$final_path"
gpasswd --add prosody $app
gpasswd --add www-data $app
#================================================= #=================================================
# RESTORE THE APP MAIN DIR # RESTORE THE APP MAIN DIR
@ -74,7 +76,9 @@ ynh_script_progression --message="Restoring the app main directory..."
ynh_restore_file --origin_path="$final_path" ynh_restore_file --origin_path="$final_path"
chown -R root: $final_path chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:$app "$final_path"
#================================================= #=================================================
# SPECIFIC RESTORATION # SPECIFIC RESTORATION
@ -112,6 +116,7 @@ ynh_exec_warn_less yunohost firewall allow --no-upnp UDP $port_videobridge
ynh_script_progression --message="Configuring prosody..." ynh_script_progression --message="Configuring prosody..."
ynh_restore_file --origin_path="/etc/prosody/conf.avail/$domain.cfg.lua" ynh_restore_file --origin_path="/etc/prosody/conf.avail/$domain.cfg.lua"
chmod 644 "/etc/prosody/conf.avail/$domain.cfg.lua"
ln -s "/etc/prosody/conf.avail/$domain.cfg.lua" "/etc/prosody/conf.d/$domain.cfg.lua" ln -s "/etc/prosody/conf.avail/$domain.cfg.lua" "/etc/prosody/conf.d/$domain.cfg.lua"
ln -sf /var/lib/prosody/$domain.key /etc/prosody/certs/$domain.key ln -sf /var/lib/prosody/$domain.key /etc/prosody/certs/$domain.key
@ -138,6 +143,8 @@ ynh_script_progression --message="Restoring the app config..."
ynh_restore_file --origin_path="/etc/$app" ynh_restore_file --origin_path="/etc/$app"
chmod 644 "/etc/$app/meet/$domain-config.js"
#================================================= #=================================================
# CREATE LOG DIR # CREATE LOG DIR
#================================================= #=================================================

6
scripts/upgrade
View file

@ -85,6 +85,8 @@ ynh_script_progression --message="Making sure dedicated system user exists..."
# Create a dedicated user (if not existing) # Create a dedicated user (if not existing)
ynh_system_user_create --username=$app --home_dir="$final_path" ynh_system_user_create --username=$app --home_dir="$final_path"
gpasswd --add prosody $app
gpasswd --add www-data $app
#================================================= #=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE # DOWNLOAD, CHECK AND UNPACK SOURCE
@ -115,6 +117,10 @@ then
done done
fi fi
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:$app "$final_path"
#================================================= #=================================================
# NGINX CONFIGURATION # NGINX CONFIGURATION
#================================================= #=================================================