From 74947ca371bde1825712b222b28259e7afad622b Mon Sep 17 00:00:00 2001 From: yalh76 Date: Sun, 16 May 2021 16:15:54 +0200 Subject: [PATCH] Apply last example_ynh --- README.md | 2 +- README_fr.md | 2 +- check_process | 10 ++- conf/app.src | 3 +- conf/nginx.conf | 5 +- manifest.json | 42 ++++--------- scripts/backup | 22 ++++--- scripts/change_url | 40 +++++++----- scripts/install | 80 +++++++++++------------- scripts/remove | 19 +++--- scripts/restore | 65 ++++++++++---------- scripts/upgrade | 149 +++++++++++++++++++-------------------------- 12 files changed, 205 insertions(+), 234 deletions(-) diff --git a/README.md b/README.md index 95c765f..39cf47d 100644 --- a/README.md +++ b/README.md @@ -11,7 +11,7 @@ If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to ## Overview Leed (short for Light Feed) is a minimalist RSS/ATOM aggregator which offers fast RSS consultation and non-intrusive features. -**Shipped version:** 1.8.3 +**Shipped version:** 1.9.0 ## Screenshots diff --git a/README_fr.md b/README_fr.md index 27dda6a..d3be59b 100644 --- a/README_fr.md +++ b/README_fr.md @@ -11,7 +11,7 @@ Si vous n'avez pas YunoHost, merci de regarder [ici](https://yunohost.org/#/inst ## Résumé Leed (contraction de Light Feed) est un agrégateur RSS/ATOM minimaliste qui permet la consultation de flux RSS de manière rapide et non intrusive. -**Version embarquée :** 1.8.3 +**Version embarquée :** 1.9.0 ## Captures d'écran diff --git a/check_process b/check_process index fa02326..b4a82e3 100644 --- a/check_process +++ b/check_process @@ -1,8 +1,8 @@ ;; Test complet ; Manifest - domain="domain.tld" (DOMAIN) - path="/leed" (PATH) - admin="john" (USER) + domain="domain.tld" + path="/leed" + admin="john" password="pass" language="fr" market=1 @@ -26,6 +26,8 @@ setup_public=1 upgrade=1 upgrade=1 from_commit=8b622d430db9ab860aee156a32086507669243fd + # 1.8.3~ynh10 + upgrade=1 from_commit=ea31e4850ded0939c1b0d024db8f45325fcebac1 backup_restore=1 multi_instance=1 port_already_use=0 @@ -39,3 +41,5 @@ Notification=change ; commit=8b622d430db9ab860aee156a32086507669243fd name=MAJ 1.8.2 manifest_arg=domain=DOMAIN&path=PATH&admin=USER&password=pass&language=fr&market=1&is_public=1& + ; commit=ea31e4850ded0939c1b0d024db8f45325fcebac1 + name=1.8.3~ynh10 diff --git a/conf/app.src b/conf/app.src index b6c2d9f..dc60845 100644 --- a/conf/app.src +++ b/conf/app.src @@ -1,6 +1,7 @@ -SOURCE_URL=https://github.com/LeedRSS/Leed/archive/v1.8.3.tar.gz +SOURCE_URL=https://github.com/LeedRSS/Leed/archive/v1.9.0.tar.gz SOURCE_SUM=792215b9a4429c66ac52b4619fbda4b664c83ef03543a62a8b58e2c631874001 SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true SOURCE_FILENAME= +SOURCE_EXTRACT=true diff --git a/conf/nginx.conf b/conf/nginx.conf index b554f21..5e8cb7d 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -15,10 +15,11 @@ location __PATH__/ { location ~ [^/]\.php(/|$) { fastcgi_split_path_info ^(.+?\.php)(/.*)$; fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock; + fastcgi_index index.php; include fastcgi_params; - fastcgi_param REMOTE_USER $remote_user; - fastcgi_param PATH_INFO $fastcgi_path_info; + fastcgi_param REMOTE_USER $remote_user; + fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param SCRIPT_FILENAME $request_filename; } diff --git a/manifest.json b/manifest.json index 50a026f..9bb6fd1 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "Minimalistic RSS feed aggregator which allows quick and non-intrusive reading of feeds.", "fr": "Agrégateur RSS minimaliste qui permet la consultation de flux RSS de manière rapide et non intrusive." }, - "version": "1.8.3~ynh10", + "version": "1.9.0~ynh1", "url": "http://leed.idleman.fr/", "license": "AGPL-3.0", "maintainer": { @@ -31,39 +31,27 @@ { "name": "domain", "type": "domain", - "ask": { - "en": "Choose a domain for Leed", - "fr": "Choisissez un domaine pour Leed" - }, "example": "domain.org" }, { "name": "path", "type": "path", - "ask": { - "en": "Choose a path for Leed", - "fr": "Choisissez un chemin pour Leed" - }, "example": "/leed", "default": "/leed" }, { "name": "admin", "type": "user", - "ask": { - "en": "Choose the Leed administrator (must be an existing YunoHost user)", - "fr": "Choisissez un administrateur Leed (doit être un utilisateur YunoHost)" - }, "example": "john" }, { - "name": "password", - "type": "password", - "ask": { - "en": "Set the administrator password Leed", - "fr": "Définissez le mot de passe administrateur de Leed" - }, - "example": "Choose a password" + "name": "is_public", + "type": "boolean", + "default": false, + "help": { + "en": "A public Leed will be accessible for third party apps. By turning on 'anonymous readers' in Leed configuration, you can made your feeds public.", + "fr": "Un Leed public sera accessible pour les applications tierces. En autorisant 'la lecture anonyme' dans la configuration de Leed, vous pouvez rendre vos flux publics." + } }, { "name": "language", @@ -76,17 +64,9 @@ "default" : "en" }, { - "name": "is_public", - "type": "boolean", - "ask": { - "en": "Is it a public website?", - "fr": "Est-ce un site public ?" - }, - "default": false, - "help": { - "en": "A public Leed will be accessible for third party apps. By turning on 'anonymous readers' in Leed configuration, you can made your feeds public.", - "fr": "Un Leed public sera accessible pour les applications tierces. En autorisant 'la lecture anonyme' dans la configuration de Leed, vous pouvez rendre vos flux publics." - } + "name": "password", + "type": "password", + "example": "Choose a password" } ] } diff --git a/scripts/backup b/scripts/backup index ebed36f..a999cf3 100644 --- a/scripts/backup +++ b/scripts/backup @@ -6,6 +6,7 @@ # IMPORT GENERIC HELPERS #================================================= +# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers @@ -25,8 +26,8 @@ app=$YNH_APP_INSTANCE_NAME final_path=$(ynh_app_setting_get --app=$app --key=final_path) domain=$(ynh_app_setting_get --app=$app --key=domain) -phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) db_name=$(ynh_app_setting_get --app=$app --key=db_name) +phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= # DECLARE DATA AND CONF FILES TO BACKUP @@ -40,23 +41,17 @@ ynh_print_info --message="Declaring files to be backed up..." ynh_backup --src_path="$final_path" #================================================= -# BACKUP NGINX CONFIGURATION +# BACKUP THE NGINX CONFIGURATION #================================================= ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= -# BACKUP PHP-FPM CONFIGURATION +# BACKUP THE PHP-FPM CONFIGURATION #================================================= ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" -#================================================= -# BACKUP THE MYSQL DATABASE -#================================================= - -ynh_mysql_dump_db --database="$db_name" > db.sql - #================================================= # BACKUP FAIL2BAN CONFIGURATION #================================================= @@ -67,11 +62,18 @@ ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf" #================================================= # SPECIFIC BACKUP #================================================= -# BACKUP THE CRON FILE +# BACKUP VARIOUS FILES #================================================= ynh_backup --src_path="/etc/cron.d/$app" +#================================================= +# BACKUP THE MYSQL DATABASE +#================================================= +ynh_print_info --message="Backing up the MySQL database..." + +ynh_mysql_dump_db --database="$db_name" > db.sql + #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/change_url b/scripts/change_url index e3f6fc2..dbb52f2 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -26,6 +26,7 @@ app=$YNH_APP_INSTANCE_NAME #================================================= ynh_script_progression --message="Loading installation settings..." --weight=2 +# Needed for helper "ynh_add_nginx_config" final_path=$(ynh_app_setting_get --app=$app --key=final_path) #================================================= @@ -37,6 +38,23 @@ path_url=$old_path domain=$old_domain ynh_maintenance_mode_ON +#================================================= +# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP +#================================================= +ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." + +# Backup the current version of the app +ynh_backup_before_upgrade +ynh_clean_setup () { + # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location. + ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" + + # Restore it if the upgrade fails + ynh_restore_upgradebackup +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + #================================================= # CHECK WHICH PARTS SHOULD BE CHANGED #================================================= @@ -53,43 +71,33 @@ then change_path=1 fi -#================================================= -# MANAGE FAILURE OF THE SCRIPT -#================================================= - -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - #================================================= # STANDARD MODIFICATIONS #================================================= # MODIFY URL IN NGINX CONF #================================================= -ynh_script_progression --message="Updating NGINX web server configuration..." --weight=2 +ynh_script_progression --message="Updating NGINX web server configuration..." nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf -# Change the path in the nginx config file +# Change the path in the NGINX config file if [ $change_path -eq 1 ] then - # Make a backup of the original nginx config file if modified + # Make a backup of the original NGINX config file if modified ynh_backup_if_checksum_is_different --file="$nginx_conf_path" - - # Set global variables for nginx helper + # Set global variables for NGINX helper domain="$old_domain" path_url="$new_path" - - # Create a dedicated nginx config + # Create a dedicated NGINX config ynh_add_nginx_config fi -# Change the domain for nginx +# Change the domain for NGINX if [ $change_domain -eq 1 ] then # Delete file checksum for the old conf file location ynh_delete_file_checksum --file="$nginx_conf_path" mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf - # Store file checksum for the new config file location ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" fi diff --git a/scripts/install b/scripts/install index ca96b7f..a56a5b8 100644 --- a/scripts/install +++ b/scripts/install @@ -1,7 +1,7 @@ #!/bin/bash #================================================= -# GENERIC STARTING +# GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= @@ -10,7 +10,7 @@ source _common.sh source /usr/share/yunohost/helpers #================================================= -# MANAGE FAILURE OF THE SCRIPT +# MANAGE SCRIPT FAILURE #================================================= # Exit if an error occurs during the execution of the script @@ -23,14 +23,14 @@ ynh_abort_if_errors domain=$YNH_APP_ARG_DOMAIN path_url=$YNH_APP_ARG_PATH admin=$YNH_APP_ARG_ADMIN -ynh_print_OFF; user_pwd=$YNH_APP_ARG_PASSWORD; ynh_print_ON -language=$YNH_APP_ARG_LANGUAGE is_public=$YNH_APP_ARG_IS_PUBLIC +language=$YNH_APP_ARG_LANGUAGE +ynh_print_OFF; user_pwd=$YNH_APP_ARG_PASSWORD; ynh_print_ON app=$YNH_APP_INSTANCE_NAME #================================================= -# CHECK IF THE APP CAN BE INSTALLED WITH THIS ARGS +# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS #================================================= ynh_script_progression --message="Validating installation parameters..." --weight=2 @@ -45,9 +45,11 @@ ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url #================================================= ynh_script_progression --message="Storing installation settings..." --weight=2 + +ynh_app_setting_set --app=$app --key=domain --value=$domain +ynh_app_setting_set --app=$app --key=path --value=$path_url ynh_app_setting_set --app=$app --key=admin --value=$admin ynh_app_setting_set --app=$app --key=language --value=$language -ynh_app_setting_set --app=$app --key=domain --value=$domain ynh_app_setting_set --app=$app --key=overwrite_nginx --value=1 ynh_app_setting_set --app=$app --key=overwrite_phpfpm --value=1 @@ -55,14 +57,23 @@ ynh_app_setting_set --app=$app --key=admin_mail_html --value=1 #================================================= # STANDARD MODIFICATIONS +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Configuring system user..." --weight=2 + +# Create a system user +ynh_system_user_create --username=$app --home_dir=$final_path + #================================================= # CREATE A MYSQL DATABASE #================================================= ynh_script_progression --message="Creating a MySQL database..." db_name=$(ynh_sanitize_dbid --db_name=$app) +db_user=$db_name ynh_app_setting_set --app=$app --key=db_name --value=$db_name -ynh_mysql_setup_db --db_user=$db_name --db_name=$db_name +ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE @@ -73,6 +84,10 @@ ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + #================================================= # NGINX CONFIGURATION #================================================= @@ -81,14 +96,6 @@ ynh_script_progression --message="Configuring NGINX web server..." --weight=2 # Create a dedicated NGINX config ynh_add_nginx_config -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." --weight=2 - -# Create a dedicated system user -ynh_system_user_create --username=$app - #================================================= # PHP-FPM CONFIGURATION #================================================= @@ -101,26 +108,24 @@ phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= # SPECIFIC SETUP #================================================= -# SETTING UP WITH CURL +# SETUP APPLICATION WITH CURL #================================================= -ynh_script_progression --message="Installing Leed with cURL..." --weight=5 - -# Set right permissions for curl install -chown -R $app: $final_path +ynh_script_progression --message="Setuping application with CURL..." --weight=5 # Set the app as temporarily public for curl call +ynh_script_progression --message="Configuring SSOwat..." +# Making the app public for curl +ynh_permission_update --permission="main" --add="visitors" -# Regen SSOwat configuration -yunohost app ssowatconf - -# Reload Nginx -ynh_systemd_action --service_name=nginx --action=reload - -# Leed installation via curl +# Installation with curl +ynh_script_progression --message="Finalizing installation..." ynh_print_OFF ynh_local_curl "/install.php?installButton" "install_changeLngLeed=$language" "root=$domain$path_url" "mysqlHost=localhost" "mysqlLogin=$db_name" "mysqlMdp=$db_pwd" "mysqlBase=$db_name" "mysqlPrefix=leed_" "login=$admin" "password=$user_pwd" ynh_print_ON +# Remove the public access +ynh_permission_update --permission="main" --remove="visitors" + #================================================= # RETRIEVE SYNCHRONISATION CODE #================================================= @@ -132,29 +137,16 @@ code_sync=$(mysql -h localhost -u $db_name -p$db_pwd -s $db_name -e 'SELECT valu #================================================= ynh_script_progression --message="Setting up a cron file..." -ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file=../conf/cron_leed -ynh_replace_string --match_string="__PATH__" --replace_string="$path_url" --target_file=../conf/cron_leed -ynh_replace_string --match_string="__CODESYNC__" --replace_string="$code_sync" --target_file=../conf/cron_leed -cp ../conf/cron_leed /etc/cron.d/$app +ynh_add_config --template="../conf/cron_leed" --destination="/etc/cron.d/$app" #================================================= # GENERIC FINALISATION -#================================================= -# SECURING FILES AND DIRECTORIES -#================================================= - -# Set permissions to app files -chown -R root: $final_path -# $app need write permissions in plugins, cache and updates -mkdir $final_path/cache -chown -R $app $final_path/cache $final_path/plugins $final_path/updates - #================================================= # SETUP FAIL2BAN #================================================= ynh_script_progression --message="Configuring Fail2Ban..." --weight=9 -# Create a dedicated fail2ban config +# Create a dedicated Fail2Ban config ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="PHP message: Leed: wrong login for .* client: " --max_retry=5 #================================================= @@ -165,8 +157,10 @@ ynh_script_progression --message="Configuring SSOwat..." --weight=2 # Make app public if necessary -if [ "$is_public" -eq 1 ] +if [ $is_public -eq 1 ] then + # Everyone can access the app. + # The "main" permission is automatically created before the install script. ynh_permission_update --permission="main" --add="visitors" fi diff --git a/scripts/remove b/scripts/remove index 1d5b879..42e8c1f 100644 --- a/scripts/remove +++ b/scripts/remove @@ -1,7 +1,7 @@ #!/bin/bash #================================================= -# GENERIC STARTING +# GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= @@ -18,6 +18,7 @@ app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app=$app --key=domain) db_name=$(ynh_app_setting_get --app=$app --key=db_name) +db_user=$db_name final_path=$(ynh_app_setting_get --app=$app --key=final_path) #================================================= @@ -28,7 +29,7 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path) ynh_script_progression --message="Removing the MySQL database..." # Remove a database if it exists, along with the associated user -ynh_mysql_remove_db --db_user=$db_name --db_name=$db_name +ynh_mysql_remove_db --db_user=$db_user --db_name=$db_name #================================================= # REMOVE APP MAIN DIR @@ -41,9 +42,9 @@ ynh_secure_remove --file="$final_path" #================================================= # REMOVE NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Removing nginx web server configuration..." --weight=2 +ynh_script_progression --message="Removing NGINX web server configuration..." --weight=2 -# Remove the dedicated nginx config +# Remove the dedicated NGINX config ynh_remove_nginx_config #================================================= @@ -59,25 +60,27 @@ ynh_remove_fpm_config #================================================= ynh_script_progression --message="Removing Fail2Ban configuration..." --weight=5 -# Remove the dedicated fail2ban config +# Remove the dedicated Fail2Ban config ynh_remove_fail2ban_config #================================================= # SPECIFIC REMOVE #================================================= -# REMOVE THE CRON FILE +# REMOVE VARIOUS FILES #================================================= +ynh_script_progression --message="Removing various files..." +# Remove a cron file ynh_secure_remove --file="/etc/cron.d/$app" #================================================= -# GENERIC FINALISATION +# GENERIC FINALIZATION #================================================= # REMOVE DEDICATED USER #================================================= ynh_script_progression --message="Removing the dedicated system user..." --weight=2 -# Delete dedicated system user +# Delete a system user ynh_system_user_delete --username=$app #================================================= diff --git a/scripts/restore b/scripts/restore index ed832c7..673ae98 100644 --- a/scripts/restore +++ b/scripts/restore @@ -6,6 +6,7 @@ # IMPORT GENERIC HELPERS #================================================= +# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers @@ -19,7 +20,7 @@ ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading settings..." --weight=2 +ynh_script_progression --message="Loading installation settings..." --weight=2 app=$YNH_APP_INSTANCE_NAME @@ -27,8 +28,9 @@ domain=$(ynh_app_setting_get --app=$app --key=domain) path_url=$(ynh_app_setting_get --app=$app --key=path) final_path=$(ynh_app_setting_get --app=$app --key=final_path) db_name=$(ynh_app_setting_get --app=$app --key=db_name) -admin=$(ynh_app_setting_get --app=$app --key=admin) +db_user=$db_name phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) +admin=$(ynh_app_setting_get --app=$app --key=admin) #================================================= # CHECK IF THE APP CAN BE RESTORED @@ -48,13 +50,22 @@ ynh_script_progression --message="Activating maintenance mode..." --weight=2 ynh_maintenance_mode_ON #================================================= -# STANDARD RESTORE STEPS +# STANDARD RESTORATION STEPS #================================================= # RESTORE THE NGINX CONFIGURATION #================================================= +ynh_script_progression --message="Restoring the NGINX configuration..." ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" +#================================================= +# RECREATE THE DEDICATED USER +#================================================= +ynh_script_progression --message="Recreating the dedicated system user..." --weight=2 + +# Create the dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir=$final_path + #================================================= # RESTORE THE APP MAIN DIR #================================================= @@ -62,60 +73,52 @@ ynh_script_progression --message="Restoring the app main directory..." ynh_restore_file --origin_path="$final_path" -#================================================= -# RESTORE THE MYSQL DATABASE -#================================================= -ynh_script_progression --message="Restoring the MySQL database..." --weight=3 - -db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) -ynh_mysql_setup_db --db_user=$db_name --db_name=$db_name --db_pwd=$db_pwd -ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name < ./db.sql - -#================================================= -# RECREATE THE DEDICATED USER -#================================================= -ynh_script_progression --message="Recreating the dedicated system user..." --weight=2 - -# Create the dedicated user (if not existing) -ynh_system_user_create --username=$app +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" #================================================= # RESTORE THE PHP-FPM CONFIGURATION #================================================= +ynh_script_progression --message="Restoring the PHP-FPM configuration..." ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" #================================================= # RESTORE FAIL2BAN CONFIGURATION #================================================= -ynh_script_progression --message="Restoring the fail2ban configuration..." --weight=7 +ynh_script_progression --message="Restoring the Fail2Ban configuration..." --weight=7 ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf" ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf" ynh_systemd_action --action=restart --service_name=fail2ban #================================================= -# SPECIFIC RESTORE +# SPECIFIC RESTORATION #================================================= -# RESTORE THE CRON FILE +# RESTORE THE MYSQL DATABASE #================================================= +ynh_script_progression --message="Restoring the MySQL database..." --weight=3 + +db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) +ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd +ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql + +#================================================= +# RESTORE VARIOUS FILES +#================================================= +ynh_script_progression --message="Restoring various files..." ynh_restore_file --origin_path="/etc/cron.d/$app" #================================================= -# RESTORE USER RIGHTS -#================================================= - -chown -R $app $final_path/cache $final_path/plugins $final_path/updates - -#================================================= -# GENERIC FINALISATION +# GENERIC FINALIZATION #================================================= # RELOAD NGINX AND PHP-FPM #================================================= -ynh_script_progression --message="Reloading nginx web server and php-fpm..." +ynh_script_progression --message="Reloading NGINX web server and PHP-FPM..." -ynh_systemd_action --service_name=php${phpversion}-fpm --action=reload +ynh_systemd_action --service_name=php$phpversion-fpm --action=reload ynh_systemd_action --service_name=nginx --action=reload #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index d6edaaf..8a42559 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -1,7 +1,7 @@ #!/bin/bash #================================================= -# GENERIC STARTING +# GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= @@ -35,9 +35,33 @@ phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= # CHECK VERSION #================================================= +ynh_script_progression --message="Checking version..." upgrade_type=$(ynh_check_app_version_changed) +#================================================= +# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +#================================================= +ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=4 + +# Backup the current version of the app +ynh_backup_before_upgrade +ynh_clean_setup () { + # Restore it if the upgrade fails + ynh_restore_upgradebackup +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + +#================================================= +# ACTIVATE MAINTENANCE MODE +#================================================= +ynh_script_progression --message="Activating maintenance mode..." + +ynh_maintenance_mode_ON + +#================================================= +# STANDARD UPGRADE STEPS #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= @@ -118,69 +142,48 @@ if [ -z "$fpm_usage" ]; then ynh_app_setting_set --app=$app --key=fpm_usage --value=$fpm_usage fi -#================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP -#================================================= -ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=4 - -# Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { - # restore it if the upgrade fails - ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# Migrate legacy permissions to new system -#================================================= -if ynh_legacy_permissions_exists -then +# Cleaning legacy permissions +if ynh_legacy_permissions_exists; then ynh_legacy_permissions_delete_all ynh_app_setting_delete --app=$app --key=is_public fi -#================================================= -# ACTIVATE MAINTENANCE MODE -#================================================= -ynh_script_progression --message="Activating maintenance mode..." - -ynh_maintenance_mode_ON - -#================================================= -# STANDARD UPGRADE STEPS -#================================================= -# DOWNLOAD, CHECK AND UNPACK SOURCE -#================================================= - -if [ "$upgrade_type" == "UPGRADE_APP" ] -then - ynh_script_progression --message="Upgrading source files..." --weight=3 - # Download, check integrity, uncompress and patch the source from app.src - ynh_setup_source --dest_dir="$final_path" -fi - -#================================================= -# NGINX CONFIGURATION -#================================================= - -# Overwrite the nginx configuration only if it's allowed -if [ $overwrite_nginx -eq 1 ] -then - ynh_script_progression --message="Upgrading nginx web server configuration..." --weight=2 - # Create a dedicated nginx config - ynh_add_nginx_config -fi - #================================================= # CREATE DEDICATED USER #================================================= ynh_script_progression --message="Making sure dedicated system user exists..." # Create a dedicated user (if not existing) -ynh_system_user_create --username=$app +ynh_system_user_create --username=$app --home_dir=$final_path + +#================================================= +# DOWNLOAD, CHECK AND UNPACK SOURCE +#================================================= + +if [ "$upgrade_type" == "UPGRADE_APP" ] +then + ynh_script_progression --message="Upgrading source files..." --weight=3 + + # Download, check integrity, uncompress and patch the source from app.src + ynh_setup_source --dest_dir="$final_path" +fi + +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + +#================================================= +# NGINX CONFIGURATION +#================================================= + +# Overwrite the nginx configuration only if it's allowed +if [ $overwrite_nginx -eq 1 ] +then + ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=2 + # Create a dedicated NGINX config + ynh_add_nginx_config +fi #================================================= # PHP-FPM CONFIGURATION @@ -190,7 +193,7 @@ ynh_system_user_create --username=$app if [ $overwrite_phpfpm -eq 1 ] then ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=2 - # Create a dedicated php-fpm config + # Create a dedicated PHP-FPM config ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint fi @@ -205,23 +208,9 @@ code_sync=$(mysql -h localhost -u $db_name -p$db_pwd -s $db_name -e 'SELECT valu #================================================= # SETUP CRON FILE FOR SYNCHRONISATION #================================================= +ynh_script_progression --message="Setting up a cron file..." -ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file=../conf/cron_leed -ynh_replace_string --match_string="__PATH__" --replace_string="$path_url" --target_file=../conf/cron_leed -ynh_replace_string --match_string="__CODESYNC__" --replace_string="$code_sync" --target_file=../conf/cron_leed -cp ../conf/cron_leed /etc/cron.d/$app - -#================================================= -# SECURING FILES AND DIRECTORIES -#================================================= - -# Set permissions on app files -chown -R root: $final_path -# $app need write permissions in plugins, cache and updates -# Clear leed cache -ynh_secure_remove --file=$final_path/cache -mkdir -p $final_path/cache -chown -R $app $final_path/cache $final_path/plugins $final_path/updates +ynh_add_config --template="../conf/cron_leed" --destination="/etc/cron.d/$app" #================================================= # UPGRADE WITH CURL @@ -239,33 +228,19 @@ then fi #================================================= -# GENERIC FINALISATION +# GENERIC FINALIZATION #================================================= # UPGRADE FAIL2BAN #================================================= ynh_script_progression --message="Reconfiguring Fail2Ban..." --weight=8 -# Create a dedicated fail2ban config +# Create a dedicated Fail2Ban config ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="PHP message: Leed: wrong login for .* client: " --max_retry=5 -#================================================= -# SETUP SSOWAT -#================================================= -ynh_script_progression --message="Upgrading SSOwat configuration..." - -# Make app private if necessary -if [ $is_public -eq 0 ] -then - # Remove the public access - ynh_app_setting_delete --app=$app --key=unprotected_uris - # Set the action.php script public for the cron task - ynh_app_setting_set --app=$app --key=skipped_uris --value="/action.php" -fi - #================================================= # RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading nginx web server..." --weight=2 +ynh_script_progression --message="Reloading NGINX web server..." --weight=2 ynh_systemd_action --service_name=nginx --action=reload