leed_ynh/scripts/install

#!/bin/bash

#=================================================
# GENERIC STARTING
#=================================================
# IMPORT GENERIC HELPERS
#=================================================

source _common.sh
source /usr/share/yunohost/helpers

#=================================================
# MANAGE FAILURE OF THE SCRIPT
#=================================================

# Exit if an error occurs during the execution of the script
ynh_abort_if_errors

#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================

domain=$YNH_APP_ARG_DOMAIN
path_url=$YNH_APP_ARG_PATH
admin=$YNH_APP_ARG_ADMIN
ynh_print_OFF; user_pwd=$YNH_APP_ARG_PASSWORD; ynh_print_ON
language=$YNH_APP_ARG_LANGUAGE
is_public=$YNH_APP_ARG_IS_PUBLIC

app=$YNH_APP_INSTANCE_NAME

#=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THIS ARGS
#=================================================

final_path=/var/www/$app
test ! -e "$final_path" || ynh_die "This path already contains a folder"

# Normalize the url path syntax
path_url=$(ynh_normalize_url_path $path_url)

# Register (book) web path
ynh_webpath_register $app $domain $path_url

#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================

ynh_app_setting_set $app admin $admin
ynh_app_setting_set $app language $language
ynh_app_setting_set $app domain $domain
ynh_app_setting_set $app overwrite_nginx "1"
ynh_app_setting_set $app overwrite_phpfpm "1"

#=================================================
# STANDARD MODIFICATIONS
#=================================================
# CREATE A MYSQL DATABASE
#=================================================

db_name=$(ynh_sanitize_dbid $app)
ynh_app_setting_set $app db_name $db_name
ynh_mysql_setup_db $db_name $db_name

#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================

ynh_app_setting_set $app final_path $final_path
# Download, check integrity and uncompress the source from app.src
ynh_setup_source "$final_path"

#=================================================
# NGINX CONFIGURATION
#=================================================

# Create a dedicated nginx config
ynh_add_nginx_config

#=================================================
# CREATE DEDICATED USER
#=================================================

# Create a dedicated system user
ynh_system_user_create $app

#=================================================
# PHP-FPM CONFIGURATION
#=================================================

# Create a dedicated php-fpm config
ynh_add_fpm_config

#=================================================
# SPECIFIC SETUP
#=================================================
# SETTING UP WITH CURL
#=================================================

# Set right permissions for curl install
chown -R $app: $final_path

# Set the app as temporarily public for curl call
ynh_app_setting_set $app unprotected_uris "/"
# Regen SSOwat configuration
yunohost app ssowatconf

# Reload Nginx
ynh_systemd_action --action=reload --service_name=nginx

# Leed installation via curl
ynh_print_OFF
ynh_local_curl "/install.php?installButton" "install_changeLngLeed=$language" "root=$domain$path_url" "mysqlHost=localhost" "mysqlLogin=$db_name" "mysqlMdp=$db_pwd" "mysqlBase=$db_name" "mysqlPrefix=leed_" "login=$admin" "password=$user_pwd"
ynh_print_ON

#=================================================
# RETRIEVE SYNCHRONISATION CODE
#=================================================

code_sync=$(mysql -h localhost -u $db_name -p$db_pwd -s $db_name -e 'SELECT value FROM leed_configuration WHERE `key`="synchronisationCode"' | sed -n 1p)

#=================================================
# SETUP CRON FILE FOR SYNCHRONISATION
#=================================================

ynh_replace_string "__ADMIN__" "$admin" ../conf/cron_leed
ynh_replace_string "__DOMAIN__" "$domain" ../conf/cron_leed
ynh_replace_string "__PATH__" "$path_url" ../conf/cron_leed
ynh_replace_string "__CODESYNC__" "$code_sync" ../conf/cron_leed
cp ../conf/cron_leed /etc/cron.d/$app

#=================================================
# GENERIC FINALISATION
#=================================================
# SECURING FILES AND DIRECTORIES
#=================================================

# Set permissions to app files
chown -R root: $final_path
# $app need write permissions in plugins, cache and updates
mkdir $final_path/cache
chown -R $app $final_path/cache $final_path/plugins $final_path/updates

#=================================================
# SETUP FAIL2BAN
#=================================================

# Create a dedicated fail2ban config
ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="PHP message: Leed: wrong login for .* client: <HOST>" --max_retry=5

#=================================================
# SETUP SSOWAT
#=================================================

# Make app private if necessary
ynh_app_setting_set $app is_public "$is_public"
if [ $is_public -eq 0 ];
then
	# Remove the public access
	ynh_app_setting_delete $app unprotected_uris
	# Set the action.php script public for the cron task
	ynh_app_setting_set $app skipped_uris "/action.php"
fi

#=================================================
# RELOAD NGINX
#=================================================

ynh_systemd_action --action=reload --service_name=nginx

#=================================================
# SEND A README FOR THE ADMIN
#=================================================

ynh_print_OFF
message="Please take note of your password for this application: '$user_pwd'.

If you're facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/leed_ynh"

ynh_send_readme_to_admin --app_message="$message" --recipients="$admin"
ynh_print_ON