From 6a042f10208ce72d7e976301bfa1baeaece702ee Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Sun, 26 Sep 2021 23:43:17 +0200 Subject: [PATCH] Fix --- scripts/install | 16 +++---- scripts/remove | 4 +- scripts/restore | 37 +++++++-------- scripts/upgrade | 116 +++++++++++++++++++++++------------------------- 4 files changed, 82 insertions(+), 91 deletions(-) diff --git a/scripts/install b/scripts/install index 2e1c0bb..fb6068e 100755 --- a/scripts/install +++ b/scripts/install @@ -96,7 +96,7 @@ ynh_add_nginx_config #================================================= # PHP-FPM CONFIGURATION #================================================= -ynh_script_progression --message="Configuring php-fpm..." +ynh_script_progression --message="Configuring PHP-FPM..." # Create a dedicated php-fpm config ynh_add_fpm_config --usage=low --footprint=low --package="$extra_php_dependencies" @@ -134,10 +134,8 @@ ynh_replace_string --match_string="__DB_PWD__" --replace_string="$db_pwd" - ynh_replace_string --match_string="__DB_USER__" --replace_string="$db_name" --target_file="$env_conf" ynh_replace_string --match_string="__DB_NAME__" --replace_string="$db_name" --target_file="$env_conf" - #ynh_add_config --template="../conf/.env.mysql" --destination="$final_path/.env" - #================================================= # BUILD KIMAI2 #================================================= @@ -164,15 +162,17 @@ ynh_store_file_checksum --file="$env_conf" #================================================= # SECURE FILES AND DIRECTORIES #================================================= -ynh_script_progression --message="Securing files and directories..." +# ynh_script_progression --message="Securing files and directories..." -# Set permissions to app files -chown -R $app: $final_path +# # Set permissions to app files +# chmod 750 "$final_path" +# chmod -R o-rwx "$final_path" +# chown -R $app:www-data "$final_path" #================================================= # SETUP SSOWAT #================================================= -ynh_script_progression --message="Configuring SSOwat..." +ynh_script_progression --message="Configuring permissions..." ynh_permission_create --permission="teamlead" ynh_permission_create --permission="admin" @@ -187,7 +187,7 @@ fi #================================================= # RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading nginx web server..." +ynh_script_progression --message="Reloading NGINX web server..." ynh_systemd_action --service_name=nginx --action=reload diff --git a/scripts/remove b/scripts/remove index 6684ed8..f0f065d 100755 --- a/scripts/remove +++ b/scripts/remove @@ -18,6 +18,8 @@ app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app=$app --key=domain) final_path=$(ynh_app_setting_get --app=$app --key=final_path) +db_name=$(ynh_app_setting_get --app=$app --key=db_name) +db_user=$db_name #================================================= # STANDARD REMOVE @@ -26,8 +28,6 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path) #================================================= ynh_script_progression --message="Removing the MySQL database..." -db_name=$(ynh_app_setting_get --app=$app --key=db_name) -db_user=$db_name # Remove a database if it exists, along with the associated user ynh_mysql_remove_db --db_user=$db_user --db_name=$db_name diff --git a/scripts/restore b/scripts/restore index bb76b18..845b9d9 100755 --- a/scripts/restore +++ b/scripts/restore @@ -27,6 +27,9 @@ app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app=$app --key=domain) path_url=$(ynh_app_setting_get --app=$app --key=path) final_path=$(ynh_app_setting_get --app=$app --key=final_path) +db_name=$(ynh_app_setting_get --app=$app --key=db_name) +db_user=$db_name +phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= # CHECK IF THE APP CAN BE RESTORED @@ -45,6 +48,14 @@ ynh_script_progression --message="Restoring the nginx configuration..." ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" +#================================================= +# RECREATE THE DEDICATED USER +#================================================= +ynh_script_progression --message="Recreating the dedicated system user..." + +# Create the dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # RESTORE THE APP MAIN DIR #================================================= @@ -52,21 +63,9 @@ ynh_script_progression --message="Restoring the app main directory..." ynh_restore_file --origin_path="$final_path" -#================================================= -# RECREATE THE DEDICATED USER -#================================================= -ynh_script_progression --message="Recreating the dedicated system user..." - -# Create the dedicated user (if not existing) -ynh_system_user_create --username=$app - -#================================================= -# RESTORE USER RIGHTS -#================================================= -ynh_script_progression --message="Restoring user rights..." - -# Restore permissions on app files -chown -R $app: $final_path +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" #================================================= # RESTORE THE PHP-FPM CONFIGURATION @@ -92,11 +91,9 @@ ynh_install_app_dependencies $pkg_dependencies #================================================= # RESTORE THE MYSQL DATABASE #================================================= - ynh_script_progression --message="Restoring the MySQL database..." + db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) -db_name=$(ynh_app_setting_get --app=$app --key=db_name) -db_user=$db_name ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql @@ -105,9 +102,9 @@ ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./ #================================================= # RELOAD NGINX AND PHP-FPM #================================================= -ynh_script_progression --message="Reloading nginx web server and php-fpm..." +ynh_script_progression --message="Reloading NGINX web server and PHP-FPM..." -ynh_systemd_action --service_name=php${YNH_PHP_VERSION}-fpm --action=reload +ynh_systemd_action --service_name=php$phpversion-fpm --action=reload ynh_systemd_action --service_name=nginx --action=reload #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 1f25382..fbca1b1 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -7,7 +7,6 @@ #================================================= source _common.sh -source ynh_composer__3 source /usr/share/yunohost/helpers #================================================= @@ -17,14 +16,14 @@ ynh_script_progression --message="Loading installation settings..." app=$YNH_APP_INSTANCE_NAME -domain=$(ynh_app_setting_get --app=$app --key=domain) -path_url=$(ynh_app_setting_get --app=$app --key=path) -admin=$(ynh_app_setting_get --app=$app --key=admin) -is_public=$(ynh_app_setting_get --app=$app --key=is_public) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) +domain=$(ynh_app_setting_get --app=$app --key=domain) +path_url=$(ynh_app_setting_get --app=$app --key=path) +admin=$(ynh_app_setting_get --app=$app --key=admin) +is_public=$(ynh_app_setting_get --app=$app --key=is_public) +final_path=$(ynh_app_setting_get --app=$app --key=final_path) registration=$(ynh_app_setting_get --app=$app --key=registration) -random_key=$(ynh_app_setting_get --app=$app --key=random_key) -update=$(ynh_app_setting_get --app=$app --key=update) +random_key=$(ynh_app_setting_get --app=$app --key=random_key) +update=$(ynh_app_setting_get --app=$app --key=update) #================================================= # CHECK VERSION @@ -32,17 +31,6 @@ update=$(ynh_app_setting_get --app=$app --key=update) upgrade_type=$(ynh_check_app_version_changed) -#================================================= -# ENSURE DOWNWARD COMPATIBILITY -#================================================= -ynh_script_progression --message="Ensuring downward compatibility..." - -# If final_path doesn't exist, create it -if [ -z "$final_path" ]; then - final_path=/var/www/$app - ynh_app_setting_set --app=$app --key=final_path --value=$final_path -fi - #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= @@ -57,11 +45,53 @@ ynh_clean_setup () { # Exit if an error occurs during the execution of the script ynh_abort_if_errors +#================================================= +# ENSURE DOWNWARD COMPATIBILITY +#================================================= +ynh_script_progression --message="Ensuring downward compatibility..." + +# If final_path doesn't exist, create it +if [ -z "$final_path" ]; then + final_path=/var/www/$app + ynh_app_setting_set --app=$app --key=final_path --value=$final_path +fi + +# Cleaning legacy permissions +if ynh_legacy_permissions_exists; then + ynh_legacy_permissions_delete_all + + ynh_app_setting_delete --app=$app --key=is_public +fi + +if ! ynh_permission_exists --permission="teamlead" +then + ynh_permission_create --permission="teamlead" +fi + +if ! ynh_permission_exists --permission="admin" +then + ynh_permission_create --permission="admin" +fi + +if ! ynh_permission_exists --permission="super_admin" +then + ynh_permission_create --permission="super_admin" --allowed "$admin" +fi + +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Making sure dedicated system user exists..." + +# Create a dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # STANDARD UPGRADE STEPS #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= + latest_tag=$(curl -s https://api.github.com/repos/kevinpapst/kimai2/releases/latest | grep 'tag_name' | cut -d\" -f4) if [ "$upgrade_type" == "UPGRADE_APP" ] then @@ -102,8 +132,6 @@ then fi - - # Restore config if [ -f $tmpdir/local.yaml ]; then cp -af "$tmpdir/local.yaml" "$final_path/config/packages/." @@ -119,11 +147,10 @@ then fi fi - #================================================= # NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Upgrading nginx web server configuration..." +ynh_script_progression --message="Upgrading NGINX web server configuration..." # Create a dedicated nginx config ynh_add_nginx_config @@ -135,18 +162,10 @@ ynh_script_progression --message="Upgrading dependencies..." ynh_install_app_dependencies $pkg_dependencies -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Making sure dedicated system user exists..." - -# Create a dedicated user (if not existing) -ynh_system_user_create --username=$app - #================================================= # PHP-FPM CONFIGURATION #================================================= -ynh_script_progression --message="Upgrading php-fpm configuration..." +ynh_script_progression --message="Upgrading PHP-FPM configuration..." # Create a dedicated php-fpm config ynh_add_fpm_config --usage=low --footprint=low --package="$extra_php_dependencies" @@ -209,39 +228,14 @@ popd ynh_script_progression --message="Securing files and directories..." # Set permissions on app files -chown -R $app: $final_path - -#================================================= -# SETUP SSOWAT -#================================================= -ynh_script_progression --message="Upgrading SSOwat configuration..." - -if ! ynh_permission_exists --permission="teamlead" -then - ynh_permission_create --permission="teamlead" -fi - -if ! ynh_permission_exists --permission="admin" -then - ynh_permission_create --permission="admin" -fi - -if ! ynh_permission_exists --permission="super_admin" -then - ynh_permission_create --permission="super_admin" --allowed "$admin" -fi - -# Make app public if necessary -if [ $is_public -eq 1 ] -then - # unprotected_uris allows SSO credentials to be passed anyway. - ynh_permission_update --permission "main" --add "visitors" -fi +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" #================================================= # RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading nginx web server..." +ynh_script_progression --message="Reloading NGINX web server..." ynh_systemd_action --service_name=nginx --action=reload