From f28041096babae2f5132fdb9a0939c840191e187 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Sat, 17 Oct 2020 10:43:11 +0200 Subject: [PATCH 1/9] Add cronjob --- conf/cron_kanboard | 2 ++ scripts/backup | 6 ++++++ scripts/install | 10 ++++++++-- scripts/remove | 8 ++++++++ scripts/restore | 7 +++++++ scripts/upgrade | 8 ++++++++ 6 files changed, 39 insertions(+), 2 deletions(-) create mode 100644 conf/cron_kanboard diff --git a/conf/cron_kanboard b/conf/cron_kanboard new file mode 100644 index 0000000..04a9686 --- /dev/null +++ b/conf/cron_kanboard @@ -0,0 +1,2 @@ +# Execute the daily cronjob at 8am +0 8 * * * cd "__FINALPATH__" && ./cli cronjob >/dev/null 2>&1 \ No newline at end of file diff --git a/scripts/backup b/scripts/backup index b346135..4ddf7a7 100644 --- a/scripts/backup +++ b/scripts/backup @@ -57,6 +57,12 @@ ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf" ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf" +#================================================= +# BACKUP A CRON FILE +#================================================= + +ynh_backup --src_path="/etc/cron.d/$app" + #================================================= # BACKUP THE MYSQL DATABASE #================================================= diff --git a/scripts/install b/scripts/install index 183b30f..1f90531 100644 --- a/scripts/install +++ b/scripts/install @@ -49,8 +49,6 @@ ynh_app_setting_set --app=$app --key=is_public --value=$is_public #================================================= # STANDARD MODIFICATIONS -#================================================= - #================================================= # CREATE A MYSQL DATABASE #================================================ @@ -146,6 +144,14 @@ ynh_script_progression --message="Configuring Fail2Ban..." --weight=10 ynh_add_fail2ban_config --logpath="/var/log/nginx/$domain-error.log" --failregex="^.*authentication failure\" while reading response header from upstream, client: ,.*$" --max_retry=5 +#================================================= +# SETUP CRON +#================================================= +ynh_script_progression --message="Setuping a cron..." + +cp ../conf/cron_kandboard /etc/cron.d/$app +ynh_replace_string --match_string="__FINALPATH__" --replace_string="$final_path/" --target_file="/etc/cron.d/$app" + #================================================= # SETUP SSOWAT #================================================= diff --git a/scripts/remove b/scripts/remove index c631c86..80922e1 100644 --- a/scripts/remove +++ b/scripts/remove @@ -71,6 +71,14 @@ ynh_script_progression --message="Removing Fail2Ban configuration..." --weight=7 ynh_remove_fail2ban_config +#================================================= +# REMOVE THE CRON FILE +#================================================= +ynh_script_progression --message="Removing the cron file..." --weight=2 + +# Remove a cron file +ynh_secure_remove --file="/etc/cron.d/$app" + #================================================= # REMOVE DEDICATED USER #================================================= diff --git a/scripts/restore b/scripts/restore index d9bbc3c..56c4399 100644 --- a/scripts/restore +++ b/scripts/restore @@ -99,6 +99,13 @@ ynh_restore_file "/etc/fail2ban/jail.d/$app.conf" ynh_restore_file "/etc/fail2ban/filter.d/$app.conf" ynh_systemd_action --action=restart --service_name=fail2ban +#================================================= +# RESTORE THE CRON FILE +#================================================= +ynh_script_progression --message="Restoring the cron file..." --weight=2 + +ynh_restore_file --origin_path="/etc/cron.d/$app" + #================================================= # GENERIC FINALIZATION #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 5bc3e79..9618866 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -171,6 +171,14 @@ ynh_script_progression --message="Reconfiguring Fail2Ban..." --weight=7 ynh_add_fail2ban_config --logpath="/var/log/nginx/$domain-error.log" --failregex="^.*authentication failure\" while reading response header from upstream, client: ,.*$" --max_retry=5 +#================================================= +# SETUP CRON +#================================================= +ynh_script_progression --message="Setuping a cron..." + +cp ../conf/cron_kandboard /etc/cron.d/$app +ynh_replace_string --match_string="__FINALPATH__" --replace_string="$final_path/" --target_file="/etc/cron.d/$app" + #================================================= # SETUP SSOWAT #================================================= From e2c3a23bfa699025275171b3d84d26c1aa0834c1 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Sat, 17 Oct 2020 11:05:53 +0200 Subject: [PATCH 2/9] Update cron_kanboard --- conf/cron_kanboard | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/conf/cron_kanboard b/conf/cron_kanboard index 04a9686..e649b91 100644 --- a/conf/cron_kanboard +++ b/conf/cron_kanboard @@ -1,2 +1,2 @@ # Execute the daily cronjob at 8am -0 8 * * * cd "__FINALPATH__" && ./cli cronjob >/dev/null 2>&1 \ No newline at end of file +0 8 * * * cd "__FINALPATH__" && PHP__YNH_PHP_VERSION__ ./cli cronjob >/dev/null 2>&1 \ No newline at end of file From fc085ed9de6b62c3df2ae7a4da8f4b6b110fdd4d Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Sat, 17 Oct 2020 11:51:45 +0200 Subject: [PATCH 3/9] Update install --- scripts/install | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/install b/scripts/install index 1f90531..632a4f3 100644 --- a/scripts/install +++ b/scripts/install @@ -149,7 +149,7 @@ ynh_add_fail2ban_config --logpath="/var/log/nginx/$domain-error.log" --failregex #================================================= ynh_script_progression --message="Setuping a cron..." -cp ../conf/cron_kandboard /etc/cron.d/$app +cp ../conf/cron_kanboard /etc/cron.d/$app ynh_replace_string --match_string="__FINALPATH__" --replace_string="$final_path/" --target_file="/etc/cron.d/$app" #================================================= From 6958428897ad8eb7e76556cf8e95e843f38e75e8 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Sat, 17 Oct 2020 11:54:00 +0200 Subject: [PATCH 4/9] Update cron_kanboard --- conf/cron_kanboard | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/conf/cron_kanboard b/conf/cron_kanboard index e649b91..f17a594 100644 --- a/conf/cron_kanboard +++ b/conf/cron_kanboard @@ -1,2 +1,2 @@ # Execute the daily cronjob at 8am -0 8 * * * cd "__FINALPATH__" && PHP__YNH_PHP_VERSION__ ./cli cronjob >/dev/null 2>&1 \ No newline at end of file +0 8 * * * __APP__ cd "__FINALPATH__" && PHP__YNH_PHP_VERSION__ ./cli cronjob >/dev/null 2>&1 \ No newline at end of file From 67537f529068827e2778b9821ee6b703dc70148b Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Sat, 17 Oct 2020 11:54:29 +0200 Subject: [PATCH 5/9] Update upgrade --- scripts/upgrade | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/upgrade b/scripts/upgrade index 9618866..4229c1f 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -176,7 +176,7 @@ ynh_add_fail2ban_config --logpath="/var/log/nginx/$domain-error.log" --failregex #================================================= ynh_script_progression --message="Setuping a cron..." -cp ../conf/cron_kandboard /etc/cron.d/$app +cp ../conf/cron_kanboard /etc/cron.d/$app ynh_replace_string --match_string="__FINALPATH__" --replace_string="$final_path/" --target_file="/etc/cron.d/$app" #================================================= From 1c9efb6d10de7a7de8da409535561f0acc92f091 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Sat, 17 Oct 2020 12:02:04 +0200 Subject: [PATCH 6/9] Replace __APP__ variable --- conf/cron_kanboard | 2 +- scripts/install | 1 + scripts/upgrade | 1 + 3 files changed, 3 insertions(+), 1 deletion(-) diff --git a/conf/cron_kanboard b/conf/cron_kanboard index f17a594..eb9679c 100644 --- a/conf/cron_kanboard +++ b/conf/cron_kanboard @@ -1,2 +1,2 @@ # Execute the daily cronjob at 8am -0 8 * * * __APP__ cd "__FINALPATH__" && PHP__YNH_PHP_VERSION__ ./cli cronjob >/dev/null 2>&1 \ No newline at end of file +0 8 * * * __APP__ cd "__FINALPATH__" && PHP__PHPVERSION__ ./cli cronjob >/dev/null 2>&1 \ No newline at end of file diff --git a/scripts/install b/scripts/install index 632a4f3..cbb9e02 100644 --- a/scripts/install +++ b/scripts/install @@ -151,6 +151,7 @@ ynh_script_progression --message="Setuping a cron..." cp ../conf/cron_kanboard /etc/cron.d/$app ynh_replace_string --match_string="__FINALPATH__" --replace_string="$final_path/" --target_file="/etc/cron.d/$app" +ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="/etc/cron.d/$app" #================================================= # SETUP SSOWAT diff --git a/scripts/upgrade b/scripts/upgrade index 4229c1f..3c23c7e 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -178,6 +178,7 @@ ynh_script_progression --message="Setuping a cron..." cp ../conf/cron_kanboard /etc/cron.d/$app ynh_replace_string --match_string="__FINALPATH__" --replace_string="$final_path/" --target_file="/etc/cron.d/$app" +ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="/etc/cron.d/$app" #================================================= # SETUP SSOWAT From a54da702af07b3a9b91f1ecf1ad7a5cc74707a45 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Sat, 17 Oct 2020 12:31:47 +0200 Subject: [PATCH 7/9] Protect data directory --- conf/nginx.conf | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/conf/nginx.conf b/conf/nginx.conf index 3af1432..9caee66 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -16,6 +16,11 @@ location __PATH__/ { # Override CSP header to make SSOWAT user panel compatible with kanboard more_set_headers Content-Security-Policy "default-src 'self' 'unsafe-eval' data:;"; + # Deny access to the directory data + location __PATH__/data { + deny all; + } + location ~ [^/]\.php(/|$) { fastcgi_split_path_info ^(.+?\.php)(/.*)$; fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock; From 24aba6bce9c63eae330e0bdb72239c900c6682e7 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Sat, 17 Oct 2020 12:36:12 +0200 Subject: [PATCH 8/9] Set license to MIT as in upstream repo --- manifest.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifest.json b/manifest.json index c24b521..cd8d2c6 100644 --- a/manifest.json +++ b/manifest.json @@ -8,7 +8,7 @@ }, "version": "1.2.16~ynh1", "url": "https://kanboard.net/", - "license": "AGPL-3.0", + "license": "MIT", "maintainer": { "name": "YunoHost Contributors", "email": "apps@yunohost.org" From 3145128960246cd046887faea3ea58d315342ab4 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Sat, 17 Oct 2020 13:40:55 +0200 Subject: [PATCH 9/9] Add ynh_replace_string for PHP version --- conf/config.php | 2 +- scripts/install | 1 + scripts/upgrade | 1 + 3 files changed, 3 insertions(+), 1 deletion(-) diff --git a/conf/config.php b/conf/config.php index 8884745..7ae3929 100644 --- a/conf/config.php +++ b/conf/config.php @@ -244,4 +244,4 @@ define('SHOW_GROUP_MEMBERSHIPS_IN_USERLIST', true); // Limit number of groups to display in userlist (The full list of group-memberships is always shown, ... // ... when hovering the mouse over the group-icon of a given user!) // If set to 0 ALL group-memberships will be listed (7 by default) -define('SHOW_GROUP_MEMBERSHIPS_IN_USERLIST_WITH_LIMIT', 7); \ No newline at end of file +define('SHOW_GROUP_MEMBERSHIPS_IN_USERLIST_WITH_LIMIT', 7); diff --git a/scripts/install b/scripts/install index cbb9e02..682dd0c 100644 --- a/scripts/install +++ b/scripts/install @@ -152,6 +152,7 @@ ynh_script_progression --message="Setuping a cron..." cp ../conf/cron_kanboard /etc/cron.d/$app ynh_replace_string --match_string="__FINALPATH__" --replace_string="$final_path/" --target_file="/etc/cron.d/$app" ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="/etc/cron.d/$app" +ynh_replace_string --match_string="__PHPVERSION__" --replace_string="$phpversion" --target_file="/etc/cron.d/$app" #================================================= # SETUP SSOWAT diff --git a/scripts/upgrade b/scripts/upgrade index 3c23c7e..7fbf9e1 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -179,6 +179,7 @@ ynh_script_progression --message="Setuping a cron..." cp ../conf/cron_kanboard /etc/cron.d/$app ynh_replace_string --match_string="__FINALPATH__" --replace_string="$final_path/" --target_file="/etc/cron.d/$app" ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="/etc/cron.d/$app" +ynh_replace_string --match_string="__PHPVERSION__" --replace_string="$phpversion" --target_file="/etc/cron.d/$app" #================================================= # SETUP SSOWAT