From 2171aaba23a42dedb4f67737a9e02ce5948ff97a Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Fri, 9 Jul 2021 07:31:16 +0200 Subject: [PATCH] Fix --- check_process | 13 ++++------- manifest.json | 14 +---------- scripts/install | 62 ++++++++++++++++++++++++------------------------- scripts/restore | 26 +++++++++------------ scripts/upgrade | 46 +++++++++++++++++++++++------------- 5 files changed, 78 insertions(+), 83 deletions(-) diff --git a/check_process b/check_process index 8e8ec62..5c44f15 100644 --- a/check_process +++ b/check_process @@ -1,9 +1,9 @@ ;; Test complet ; Manifest - domain="domain.tld" (DOMAIN) - path="/path" (PATH) - admin="john" (USER) - is_public=1 (PUBLIC|public=1|private=0) + domain="domain.tld" + path="/path" + admin="john" + is_public=1 ; Checks pkg_linter=1 setup_sub_dir=1 @@ -14,12 +14,9 @@ upgrade=1 backup_restore=1 multi_instance=0 - port_already_use=0 change_url=1 -;;; Levels - Level 5=auto ;;; Options Email= Notification=none ;;; Upgrade options - manifest_arg=domain=DOMAIN&path=PATH&admin=USER&is_public=1& \ No newline at end of file + manifest_arg=domain=DOMAIN&path=PATH&admin=USER&is_public=1& diff --git a/manifest.json b/manifest.json index ca3d4da..c3b790a 100644 --- a/manifest.json +++ b/manifest.json @@ -13,7 +13,7 @@ "name": "" }, "requirements": { - "yunohost": ">= 3.8.1" + "yunohost": ">= 4.2.4" }, "multi_instance": false, "services": [ @@ -24,29 +24,17 @@ { "name": "domain", "type": "domain", - "ask": { - "en": "Choose a domain name for KiwiIRC", - "fr": "Choisissez un nom de domaine pour KiwiIRC" - }, "example": "domain.org" }, { "name": "path", "type": "path", - "ask": { - "en": "Choose a path for KiwiIRC", - "fr": "Choisissez un chemin pour KiwiIRC" - }, "example": "/kiwiirc", "default": "/kiwiirc" }, { "name": "is_public", "type": "boolean", - "ask": { - "en": "Is it a public site?", - "fr": "Est-ce un site public ?" - }, "help": { "en": "If enabled, KiwiIRC will be accessible by people who do not have an account. This can be changed later via the webadmin.", "fr": "Si cette case est cochée, KiwiIRC sera accessible aux personnes n’ayant pas de compte. Vous pourrez changer ceci plus tard via la webadmin." diff --git a/scripts/install b/scripts/install index dc1a1de..45565c9 100644 --- a/scripts/install +++ b/scripts/install @@ -40,16 +40,13 @@ test ! -e "$final_path" || ynh_die --message="This path already contains a folde # Register (book) web path ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url -mkdir -p /var/www/webircgateway -webircgateway_path=/var/www/webircgateway - #================================================= # STORE SETTINGS FROM MANIFEST #================================================= ynh_script_progression --message="Storing installation settings..." --weight=2 -ynh_app_setting_set --app=$app --key=domain --value=$domain -ynh_app_setting_set --app=$app --key=path --value=$path_url +ynh_app_setting_set --app=$app --key=domain --value=$domain +ynh_app_setting_set --app=$app --key=path --value=$path_url ynh_app_setting_set --app=$app --key=is_public --value=$is_public #================================================= @@ -61,6 +58,14 @@ ynh_script_progression --message="Configuring firewall..." --weight=1 port=$(ynh_find_port --port=7778) ynh_app_setting_set --app=$app --key=port --value=$port +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Configuring system user..." --weight=3 + +# Create a system user +ynh_system_user_create --username=$app --home_dir=$final_path + #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -70,8 +75,26 @@ ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + +#================================================= +#CREAT GATEWAYPATH +#================================================= +ynh_script_progression --message="Setting up gatheway path..." --weight=2 + +webircgateway_path=/var/www/webircgateway +mkdir -p $webircgateway_path + +ynh_app_setting_set --app=$app --key=webircgateway_path --value=$webircgateway_path + mv ../sources/webircgateway/* $webircgateway_path +chmod 750 "$webircgateway_path" +chmod -R o-rwx "$webircgateway_path" +chown -R $app:www-data "$webircgateway_path" + #================================================= # NGINX CONFIGURATION #================================================= @@ -80,14 +103,6 @@ ynh_script_progression --message="Configuring NGINX web server..." --weight=2 # Create a dedicated NGINX config ynh_add_nginx_config -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." --weight=3 - -# Create a system user -ynh_system_user_create --username=$app --home_dir=$final_path - #================================================= # SETUP SYSTEMD #================================================= @@ -101,24 +116,9 @@ ynh_add_systemd_config #================================================= ynh_script_progression --message="Modifying a config file..." -cp ../conf/config.json.example "$final_path/static/config.json" +ynh_add_config --template="../conf/config.json.example" --destination="$final_path/static/config.json" -# Main config File -ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$final_path/static/config.json" - -cp ../conf/config.conf.example "$webircgateway_path/config.conf" - -ynh_store_file_checksum --file="$final_path/static/config.json" -ynh_store_file_checksum --file="$webircgateway_path/config.conf" - -#================================================= -# SECURE FILES AND DIRECTORIES -#================================================= -ynh_script_progression --message="Securing files and directories..." - -# Set permissions to app files -chown -R $app:$app $final_path -chown -R www-data:www-data $webircgateway_path +ynh_add_config --template="../conf/config.conf.example" --destination="$webircgateway_path/config.conf" #================================================= # INTEGRATE SERVICE IN YUNOHOST @@ -143,7 +143,7 @@ ynh_script_progression --message="Configuring SSOwat..." --weight=1 # Make app public if necessary or protect it if [ $is_public -eq 1 ] then - ynh_permission_update --permission "main" --add "visitors" + ynh_permission_update --permission="main" --add="visitors" fi #================================================= diff --git a/scripts/restore b/scripts/restore index f5481c0..f7e67a2 100644 --- a/scripts/restore +++ b/scripts/restore @@ -47,6 +47,14 @@ ynh_script_progression --message="Restoring the NGINX configuration..." ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" +#================================================= +# RECREATE THE DEDICATED USER +#================================================= +ynh_script_progression --message="Recreating the dedicated system user..." --weight=1 + +# Create the dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # RESTORE THE APP MAIN DIR #================================================= @@ -54,21 +62,9 @@ ynh_script_progression --message="Restoring KiwiIRC main directory..." --weight= ynh_restore_file --origin_path="$final_path" -#================================================= -# RECREATE THE DEDICATED USER -#================================================= -ynh_script_progression --message="Recreating the dedicated system user..." --weight=1 - -# Create the dedicated user (if not existing) -ynh_system_user_create --username=$app - -#================================================= -# RESTORE USER RIGHTS -#================================================= -ynh_script_progression --message="Restoring user rights..." --weight=1 - -# Restore permissions on app files -chown -R $app:$app $final_path +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" #================================================= # RESTORE SYSTEMD diff --git a/scripts/upgrade b/scripts/upgrade index 5ed31b6..f64216c 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -43,6 +43,32 @@ ynh_clean_setup () { # Exit if an error occurs during the execution of the script ynh_abort_if_errors +#================================================= +# ENSURE DOWNWARD COMPATIBILITY +#================================================= +ynh_script_progression --message="Ensuring downward compatibility..." --weight=1 + +# If final_path doesn't exist, create it +#if [ -z "$final_path" ]; then +# final_path=/var/www/$app +# ynh_app_setting_set --app=$app --key=final_path --value=$final_path +#fi + +# Cleaning legacy permissions +if ynh_legacy_permissions_exists; then + ynh_legacy_permissions_delete_all + + ynh_app_setting_delete --app=$app --key=is_public +fi + +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 + +# Create a dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -70,6 +96,10 @@ then ynh_secure_remove --file="$tmpdir" fi +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + #================================================= # NGINX CONFIGURATION #================================================= @@ -78,22 +108,6 @@ ynh_script_progression --message="Upgrading NGINX web server configuration..." - # Create a dedicated NGINX config ynh_add_nginx_config -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 - -# Create a dedicated user (if not existing) -ynh_system_user_create --username=$app - -#================================================= -# SECURE FILES AND DIRECTORIES -#================================================= -ynh_script_progression --message="Securing files and directories..." --weight=1 - -# Set permissions on app files -chown -R $app:$app $final_path - #================================================= # RELOAD NGINX #=================================================