diff --git a/README.md b/README.md index 061a5e7..b421951 100644 --- a/README.md +++ b/README.md @@ -1,71 +1,55 @@ + + # LimeSurvey for YunoHost [![Integration level](https://dash.yunohost.org/integration/limesurvey.svg)](https://dash.yunohost.org/appci/app/limesurvey) ![](https://ci-apps.yunohost.org/ci/badges/limesurvey.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/limesurvey.maintain.svg) -[![Install LimeSurvey with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=limesurvey) +[![Install LimeSurvey with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=limesurvey) -> *This package allow you to install LimeSurvey quickly and simply on a YunoHost server. -If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to know how to install and enjoy it.* +*[Lire ce readme en français.](./README_fr.md)* + +> *This package allows you to install LimeSurvey quickly and simply on a YunoHost server. +If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/install) to learn how to install it.* ## Overview -LimeSurvey is used to create advanced poll. -**Shipped version:** 3.17.1 +Creation and distribution survey tool + +**Shipped version:** 5.0.7~ynh1 + -**Categories:** Productivity, Poll ## Screenshots -![](https://www.limesurvey.org/images/news/LimeSurvey3Beta/generalsettings.PNG) +![](./doc/screenshots/create_html_statistic_screen.png) -## Configuration - -Before to run the install YunoHost ask you an admin user, you can use it to connecte you on https://your_limesurvey_url/admin/ - -## Documentation - -* YunoHost documentation: There no other documentations, feel free to contribute. +## Disclaimers / important information ## YunoHost specific features - * In private mode, only authorized YunoHost members can create poll, with the public mode, it's possible to create account to people with no YunoHost account. * SSO and LDAP are configured. * Login secured by fail2ban +## Documentation and resources -#### Multi-users support +* Official app website: https://www.limesurvey.org +* Official user documentation: https://yunohost.org/apps +* Official admin documentation: https://manual.limesurvey.org/LimeSurvey_Manual/fr +* Upstream app code repository: https://github.com/LimeSurvey/LimeSurvey +* YunoHost documentation for this app: https://yunohost.org/app_limesurvey +* Report a bug: https://github.com/YunoHost-Apps/limesurvey_ynh/issues -Not supported. +## Developer info -#### Supported architectures - -* x86-64b - [![Build Status](https://ci-apps.yunohost.org/jenkins/job/leed%20(Community)/badge/icon)](https://ci-apps.yunohost.org/jenkins/job/limesurvey%20(Community)/) -* ARMv8-A - [![Build Status](https://ci-apps.yunohost.org/jenkins/job/leed%20(Community)%20(%7EARM%7E)/badge/icon)](https://ci-apps.yunohost.org/jenkins/job/limesurvey%20(Community)%20(%7EARM%7E)/) - -## Limitations - -## Additionnal informations - -## Links - - * Report a bug: https://github.com/YunoHost-Apps/limesurvey_ynh/issues - * Website: https://www.limesurvey.org - * YunoHost website: https://yunohost.org/ - ---- - -Developers infos ----------------- - -**Package by:** ljf - -**Patches author:** Shnoulle - -Please do your pull request to the [testing branch](https://github.com/YunoHost-Apps/limesurvey_ynh/tree/testing). +Please send your pull request to the [testing branch](https://github.com/YunoHost-Apps/limesurvey_ynh/tree/testing). To try the testing branch, please proceed like that. ``` -sudo yunohost app install https://github.com/YunoHost-Apps/limesurvey_ynh/tree/testing --verbose +sudo yunohost app install https://github.com/YunoHost-Apps/limesurvey_ynh/tree/testing --debug or -sudo yunohost app upgrade leed -u https://github.com/YunoHost-Apps/limesurvey_ynh/tree/testing --verbose +sudo yunohost app upgrade limesurvey -u https://github.com/YunoHost-Apps/limesurvey_ynh/tree/testing --debug ``` +**More info regarding app packaging:** https://yunohost.org/packaging_apps \ No newline at end of file diff --git a/README_fr.md b/README_fr.md new file mode 100644 index 0000000..f2ef1f7 --- /dev/null +++ b/README_fr.md @@ -0,0 +1,51 @@ +# LimeSurvey pour YunoHost + +[![Niveau d'intégration](https://dash.yunohost.org/integration/limesurvey.svg)](https://dash.yunohost.org/appci/app/limesurvey) ![](https://ci-apps.yunohost.org/ci/badges/limesurvey.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/limesurvey.maintain.svg) +[![Installer LimeSurvey avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=limesurvey) + +*[Read this readme in english.](./README.md)* +*[Lire ce readme en français.](./README_fr.md)* + +> *Ce package vous permet d'installer LimeSurvey rapidement et simplement sur un serveur YunoHost. +Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.* + +## Vue d'ensemble + +Outil de création et diffusion de sondage + +**Version incluse :** 5.0.7~ynh1 + + + +## Captures d'écran + +![](./doc/screenshots/create_html_statistic_screen.png) + +## Avertissements / informations importantes + +## YunoHost specific features + +* In private mode, only authorized YunoHost members can create poll, with the public mode, it's possible to create account to people with no YunoHost account. +* SSO and LDAP are configured. +* Login secured by fail2ban +## Documentations et ressources + +* Site officiel de l'app : https://www.limesurvey.org +* Documentation officielle utilisateur : https://yunohost.org/apps +* Documentation officielle de l'admin : https://manual.limesurvey.org/LimeSurvey_Manual/fr +* Dépôt de code officiel de l'app : https://github.com/LimeSurvey/LimeSurvey +* Documentation YunoHost pour cette app : https://yunohost.org/app_limesurvey +* Signaler un bug : https://github.com/YunoHost-Apps/limesurvey_ynh/issues + +## Informations pour les développeurs + +Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/limesurvey_ynh/tree/testing). + +Pour essayer la branche testing, procédez comme suit. +``` +sudo yunohost app install https://github.com/YunoHost-Apps/limesurvey_ynh/tree/testing --debug +ou +sudo yunohost app upgrade limesurvey -u https://github.com/YunoHost-Apps/limesurvey_ynh/tree/testing --debug +``` + +**Plus d'infos sur le packaging d'applications :** https://yunohost.org/packaging_apps \ No newline at end of file diff --git a/YEP.md b/YEP.md deleted file mode 100644 index df930fe..0000000 --- a/YEP.md +++ /dev/null @@ -1,117 +0,0 @@ -#### [Level 0](https://github.com/YunoHost/doc/blob/master/packaging_apps_levels_fr.md#niveau-0) -[YEP 1.1 - Nommer son app et son dépot](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-11) -`Validated` -[YEP 1.2 - Inscrire l'app sur un "répertoire" connu](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-12) -`Validated` - -#### [Level 1](https://github.com/YunoHost/doc/blob/master/packaging_apps_levels_fr.md#niveau-1) -[YEP 2.2 - Utiliser bash pour les scripts principaux](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-22) -`Validated` -[YEP 2.5 - Copier correctement des fichiers](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-25) -`Don't know` -[YEP 2.7 - Donner des permissions suffisantes aux instructions bash](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-27) -`Validated` -[YEP 2.15 - Suivre les instructions d'installation de l'application](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-215) -`Validated` - -#### [Level 2](https://github.com/YunoHost/doc/blob/master/packaging_apps_levels_fr.md#niveau-2) -[YEP 1.5 - Mettre à jour régulièrement le statut de l'app](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-11) -`Validated` -[YEP 2.18.2 - Gérer l'installation à la racine d’un nom de domaine](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-2182) -`Validated` - *Automatically verified.* -[YEP 2.18.3 - Gérer l'installation sur un sous-domaine](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-2183) -`Validated` - *Automatically verified.* -[YEP 2.18.4 - Gérer l'installation sur un chemin /path](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-2184) -`Validated` - *Automatically verified.* -[YEP 4.6 - Gère le multi-instance](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-11) -`Validated` - *Automatically verified.* - -#### [Level 3](https://github.com/YunoHost/doc/blob/master/packaging_apps_levels_fr.md#niveau-3) -[YEP 2.3 - Sauvegarder les réponses lors de l'installation](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-23) -`Validated` - -#### [Level 4](https://github.com/YunoHost/doc/blob/master/packaging_apps_levels_fr.md#niveau-4) -[YEP 4.1 - Lier au ldap](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-41) -`Validated` -[YEP 4.2 - Lier l'authentification au sso](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-42) -`Validated` - -#### [Level 5](https://github.com/YunoHost/doc/blob/master/packaging_apps_levels_fr.md#niveau-5) -[YEP 1.3 - Indiquer la licence associée au paquet](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-13) -`Validated` -[YEP 2.1 - Respecter le format du manifeste](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-21) -`Validated` - *Automatically verified.* -[YEP 2.12 - Utiliser les commandes pratiques (helpers)](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-212) -`Validated` -[YEP 2.18.1 - Lancer le script d'installation d'une webapp correctement](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-2181) -`Validated` - -#### [Level 6](https://github.com/YunoHost/doc/blob/master/packaging_apps_levels_fr.md#niveau-6) -[YEP 1.4 - Informer sur l'intention de maintenir un paquet](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-14) -`Validated` -[YEP 1.6 - Se tenir informé sur l'évolution du packaging d'apps](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-16) -`Validated` -[YEP 1.7 - Ajouter l'app à l'organisation YunoHost-Apps](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-17) -`Validated` - *Automatically verified.* -[YEP 1.8 - Publier des demandes de test](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-18) -`Not yet validated` -[YEP 1.9 - Documenter l'app](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-19) -`Validated` -[YEP 1.10 - Garder un historique de version propre](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-110) -`Not yet validated` -[YEP 2.9 - Enlever toutes traces de l'app lors de la suppression](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-29) -`Validated` -[YEP 3.3 - Faciliter le contrôle de l'intégrité des sources](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-33) -`Validated` -[YEP 3.5 - Suivre les recommendations de la documentation de l'app](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-35) -`Validated` -[YEP 3.6 - Mettre à jour les versions contenant des CVE](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-36) -`Validated` -[YEP 4.3 - Fournir un script de sauvegarde YunoHost fonctionnel](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-43) -`Validated` - *Automatically verified.* -[YEP 4.4 - Fournir un script de restauration YunoHost fonctionnel](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-44) -`Validated` - *Automatically verified.* - -#### [Level 7](https://github.com/YunoHost/doc/blob/master/packaging_apps_levels_fr.md#niveau-7) -[YEP 2.6 - Annuler l'action si les valeurs d'entrées sont incorrectes](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-26) -`Validated` -[YEP 3.2 - Ouvrir un port correctement](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-32) -`Not applicable` - -#### [Level 8](https://github.com/YunoHost/doc/blob/master/packaging_apps_levels_fr.md#niveau-8) -[YEP 2.4 - Détecter et gérer les erreurs](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-24) -`Validated` -[YEP 2.8 - Modifier correctement une configuration système](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-28) -`Validated` -[YEP 2.16 - Vérifier la disponibilité des dépendances sur ARM, x86 et x64](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-216) -`Not yet validated` - *Automatically verified.* -[YEP 2.18.5 - Gérer la tuile YunoHost pour faciliter la navigation entre les applications](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-2185) -`Validated` -[YEP 3.4 - Isoler l'app](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-34) -`Partially validated` -[YEP 4.5 - Utiliser les hooks](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-45) -`Validated` - -#### [Level 9](https://github.com/YunoHost/doc/blob/master/packaging_apps_levels_fr.md#niveau-9) -[YEP 2.10 - Configurer les logs de l'application](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-210) -`Not applicable` -[YEP 2.11 - Utiliser une variable plutôt que l'app id directement](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-211) -`Validated` -[YEP 2.13 - Traduire le paquet en anglais](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-213) -`Validated` -[YEP 2.14 - Remplir correctement un fichier de conf](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-214) -`Validated` -[YEP 2.17 - Prendre en compte la version d'origine lors des mises à jour](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-217) -`Validated` -[YEP 4.2.1 - Déconnexion](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-421) -`Not yet validated` - -#### Other YEP -[YEP 3.1 - Ne pas demander ou stocker de mot de passe LDAP](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-31) -`Validated` -[YEP 4.7 - Ajouter un module à la CLI](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-47) -`Not applicable` -[YEP 4.8 - Ajouter un module à l'admin web](https://github.com/YunoHost/doc/blob/master/packaging_apps_guidelines_fr.md#yep-48) -`Not applicable` - -State of each YEP can be one of these: `Validated`, `Partially validated`, `Not yet validated`, `Not applicable`, `Don't know`. diff --git a/check_process b/check_process index 6e03028..ddd954c 100644 --- a/check_process +++ b/check_process @@ -1,45 +1,27 @@ -;; Test complet sans multisite - auto_remove=1 +;; Test complet ; Manifest - domain="domain.tld" (DOMAIN) - path="/path" (PATH) - admin="john" (USER) + domain="domain.tld" + path="/path" + admin="john" language="en" - is_public=1 (PUBLIC|public=1|private=0) + is_public=1 ; Checks pkg_linter=1 setup_sub_dir=1 setup_root=1 setup_nourl=0 - setup_private=0 + setup_private=1 setup_public=1 upgrade=1 - upgrade=1 from_commit=a451e536d79ff0d2b73f3c0d888243a567e7c77e + #3.17.1 + upgrade=1 from_commit=da4959616e67f89ef907a223f7c84607dc4771e5 backup_restore=1 multi_instance=1 - wrong_user=1 - wrong_path=1 - incorrect_path=1 - corrupt_source=1 - fail_download_source=1 - port_already_use=0 - final_path_already_use=1 change_url=0 -;;; Levels - Level 1=auto - Level 2=auto - Level 3=auto - Level 4=1 - Level 5=auto - Level 6=auto - Level 7=auto - Level 8=0 - Level 9=0 - Level 10=0 ;;; Options Email=ljf+libresurvey_ynh@reflexlibre.net Notification=down ;;; Upgrade options - ; commit=a451e536d79ff0d2b73f3c0d888243a567e7c77e - name=2.62.5-2 a451e536d79ff0d2b73f3c0d888243a567e7c77e -manifest_arg=domain=DOMAIN&path=PATH&admin=USER&language=en&is_public=1& + ; commit=da4959616e67f89ef907a223f7c84607dc4771e5 + name=3.17.1 + manifest_arg=domain=DOMAIN&path=PATH&admin=USER&language=en&is_public=1& diff --git a/conf/app.src b/conf/app.src index e3f7a14..3b61c20 100644 --- a/conf/app.src +++ b/conf/app.src @@ -1,3 +1,4 @@ -SOURCE_URL=https://github.com/LimeSurvey/LimeSurvey/archive/3.17.1+190408.tar.gz -SOURCE_SUM=a2c63a5a28f7f724f5bd7017959caf76e845c7fce9d8b1177075d030641fdbac -SOURCE_FILENAME=limesurvey-3.17.1+190408.tar.gz +SOURCE_URL=https://github.com/LimeSurvey/LimeSurvey/archive/refs/tags/5.0.7+210628.tar.gz +SOURCE_SUM=efde82aabe036263e2ab938315ede8b697f1aafeffedd1d48dc492af9bbddf42 +SOURCE_SUM_PRG=sha256sum +SOURCE_FILENAME=limesurvey-5.0.7+210628.tar.gz \ No newline at end of file diff --git a/conf/config.php b/conf/config.php new file mode 100644 index 0000000..f5a7a40 --- /dev/null +++ b/conf/config.php @@ -0,0 +1,70 @@ + array( + 'db' => array( + 'connectionString' => 'mysql:host=localhost;port=3306;dbname=__DB_NAME__;', + 'emulatePrepare' => true, + 'username' => '__DB_NAME__', + 'password' => '__DB_PWD__', + 'charset' => 'utf8mb4', + 'tablePrefix' => 'lime_', + ), + + 'emcache' => array('class' => 'CFileCache'), + + // Uncomment the following lines if you need table-based sessions. + // Note: Table-based sessions are currently not supported on MSSQL server. + // 'session' => array ( + // 'class' => 'application.core.web.DbHttpSession', + // 'connectionID' => 'db', + // 'sessionTableName' => '{{sessions}}', + // ), + + 'urlManager' => array( + 'urlFormat' => 'get', + 'rules' => array( + // You can add your own rules here + ), + 'showScriptName' => true, + ), + + ), + // Use the following config variable to set modified optional settings copied from config-defaults.php + 'config'=>array( + // debug: Set this to 1 if you are looking for errors. If you still get no errors after enabling this + // then please check your error-logs - either in your hosting provider admin panel or in some /logs directory + // on your webspace. + // LimeSurvey developers: Set this to 2 to additionally display STRICT PHP error messages and put MySQL in STRICT mode and get full access to standard themes + 'debug'=>0, + 'debugsql'=>0, // Set this to 1 to enanble sql logging, only active when debug = 2 + // 'force_xmlsettings_for_survey_rendering' => true, // Uncomment if you want to force the use of the XML file rather than DB (for easy theme development) + // 'use_asset_manager'=>true, // Uncomment if you want to use debug mode and asset manager at the same time + 'enableLdap'=>true + ) +); +/* End of file config.php */ +/* Location: ./application/config/config.php */ diff --git a/conf/config.php.j2 b/conf/config.php.j2 deleted file mode 100644 index 5a99217..0000000 --- a/conf/config.php.j2 +++ /dev/null @@ -1,63 +0,0 @@ - array( - 'db' => array( - 'connectionString' => 'mysql:host=localhost;port=3306;dbname={{ db_name }};', - 'emulatePrepare' => true, - 'username' => '{{ db_user }}', - 'password' => '{{ db_pwd }}', - 'charset' => 'utf8mb4', - 'tablePrefix' => 'lime_', - ), - - // Uncomment the following line if you need table-based sessions - // 'session' => array ( - // 'class' => 'application.core.web.DbHttpSession', - // 'connectionID' => 'db', - // 'sessionTableName' => '{% raw %}{{sessions}}{% endraw %}', - // ), - - 'urlManager' => array( - 'urlFormat' => 'get', - 'rules' => array( - // You can add your own rules here - ), - 'showScriptName' => true, - ), - - ), - // Use the following config variable to set modified optional settings copied from config-defaults.php - 'config'=>array( - // debug: Set this to 1 if you are looking for errors. If you still get no errors after enabling this - // then please check your error-logs - either in your hosting provider admin panel or in some /logs directory - // on your webspace. - // LimeSurvey developers: Set this to 2 to additionally display STRICT PHP error messages and get full access to standard templates - 'debug'=>0, - 'debugsql'=>0, // Set this to 1 to enanble sql logging, only active when debug = 2 - 'enableLdap'=>true - ) -); -/* End of file config.php */ -/* Location: ./application/config/config.php */ diff --git a/conf/data.sql.j2 b/conf/data.sql similarity index 92% rename from conf/data.sql.j2 rename to conf/data.sql index 119b65b..d765968 100644 --- a/conf/data.sql.j2 +++ b/conf/data.sql @@ -38,8 +38,8 @@ INSERT INTO `lime_plugin_settings` (`id`, `plugin_id`, `model`, `model_id`, `key (20, 5, NULL, NULL, 'serverkey', '"REMOTE_USER"'), (21, 5,NULL,NULL,'is_default','\"1\"'); -INSERT INTO `lime_settings_global` VALUES ('defaultlang','{{ language }}'),('AssetsVersion','2620'); +INSERT INTO `lime_settings_global` VALUES ('defaultlang','__LANGUAGE__'),('AssetsVersion','2620'); -{% if is_public == "1" %} +{% if __IS_PUBLIC__ == "1" %} UPDATE `lime_plugin_settings` SET value='\"0\"' WHERE `id`=21; {% endif %} diff --git a/conf/nginx.conf b/conf/nginx.conf new file mode 100644 index 0000000..d388467 --- /dev/null +++ b/conf/nginx.conf @@ -0,0 +1,41 @@ +#sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; +location __PATH__/ { + + # Path to source + alias __FINALPATH__/ ; + + index index.php; + + # if (!-e $request_filename) + #{ + # rewrite ^(.+)$ __PATH__/index.php?q=$1 last; + #} + + if ($scheme = http) { + rewrite ^ https://$server_name$request_uri? permanent; + } + + client_max_body_size 50m; + + try_files $uri $uri/ index.php; + + location ~ [^/]\.php(/|$) { + fastcgi_split_path_info ^(.+?\.php)(/.*)$; + fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock; + + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param REMOTE_USER $remote_user; + fastcgi_param PATH_INFO $fastcgi_path_info; + fastcgi_param SCRIPT_FILENAME $request_filename; + } + + # Include SSOWAT user panel. + include conf.d/yunohost_panel.conf.inc; +} + +location ~ ^__PATH__/(data|config|\.ht|db_structure\.xml|README) { + deny all; +} + +more_set_headers "X-Frame-Options : ALLOWALL"; diff --git a/conf/nginx.conf.j2 b/conf/nginx.conf.j2 deleted file mode 100644 index ad5de13..0000000 --- a/conf/nginx.conf.j2 +++ /dev/null @@ -1,36 +0,0 @@ -{% if path_url != "/" %} -rewrite ^{{ path_url }}$ {{ path_url }}/ permanent; -{% else %} -{% set path_url = "" %} -{% endif %} -location {{ path_url }}/ { - alias {{ final_path }}/; - index index.php; - # if (!-e $request_filename) - #{ - # rewrite ^(.+)$ {{ path_url }}/index.php?q=$1 last; - #} - if ($scheme = http) { - rewrite ^ https://$server_name$request_uri? permanent; - } - client_max_body_size 30m; - location ~ [^/]\.php(/|$) { - fastcgi_split_path_info ^(.+?\.php)(/.*)$; - fastcgi_pass unix:/var/run/php5-fpm-{{ app }}.sock; - fastcgi_index index.php; - include fastcgi_params; - fastcgi_param REMOTE_USER $remote_user; - fastcgi_param PATH_INFO $fastcgi_path_info; - fastcgi_param HTTPS on; - fastcgi_param SCRIPT_FILENAME $request_filename; - } - - # Include SSOWAT user panel. - include conf.d/yunohost_panel.conf.inc; -} - -location ~ ^{{ path_url }}(data|config|\.ht|db_structure\.xml|README) { - deny all; -} - -more_set_headers "X-Frame-Options : ALLOWALL"; diff --git a/conf/php-fpm.conf.j2 b/conf/php-fpm.conf similarity index 86% rename from conf/php-fpm.conf.j2 rename to conf/php-fpm.conf index 6464423..ab1a471 100644 --- a/conf/php-fpm.conf.j2 +++ b/conf/php-fpm.conf @@ -1,10 +1,11 @@ ; Start a new pool named 'www'. -; the variable $pool can we used in any directive and will be replaced by the +; the variable $pool can be used in any directive and will be replaced by the ; pool name ('www' here) -[{{ app }}] +[__NAMETOCHANGE__] ; Per pool prefix ; It only applies on the following directives: +; - 'access.log' ; - 'slowlog' ; - 'listen' (unixsocket) ; - 'chroot' @@ -19,33 +20,40 @@ ; Unix user/group of processes ; Note: The user is mandatory. If the group is not set, the default user's group ; will be used. -user = {{ app }} -group = {{ app }} +user = __USER__ +group = __USER__ ; The address on which to accept FastCGI requests. ; Valid syntaxes are: -; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific address on +; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on ; a specific port; -; 'port' - to listen on a TCP socket to all addresses on a -; specific port; +; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on +; a specific port; +; 'port' - to listen on a TCP socket to all addresses +; (IPv6 and IPv4-mapped) on a specific port; ; '/path/to/unix/socket' - to listen on a unix socket. ; Note: This value is mandatory. -listen = /var/run/php5-fpm-{{ app }}.sock +listen = /var/run/php/php__PHPVERSION__-fpm-__NAMETOCHANGE__.sock ; Set listen(2) backlog. -; Default Value: 128 (-1 on FreeBSD and OpenBSD) -;listen.backlog = 128 +; Default Value: 511 (-1 on FreeBSD and OpenBSD) +;listen.backlog = 511 ; Set permissions for unix socket, if one is used. In Linux, read/write ; permissions must be set in order to allow connections from a web server. Many -; BSD-derived systems allow connections regardless of permissions. +; BSD-derived systems allow connections regardless of permissions. ; Default Values: user and group are set as the running user ; mode is set to 0660 listen.owner = www-data listen.group = www-data ;listen.mode = 0660 - -; List of ipv4 addresses of FastCGI clients which are allowed to connect. +; When POSIX Access Control Lists are supported you can set them using +; these options, value is a comma separated list of user/group names. +; When set, listen.owner and listen.group are ignored +;listen.acl_users = +;listen.acl_groups = + +; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect. ; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original ; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address ; must be separated by a comma. If this value is left blank, connections will be @@ -59,7 +67,13 @@ listen.group = www-data ; - The pool processes will inherit the master process priority ; unless it specified otherwise ; Default Value: no set -; priority = -19 +; process.priority = -19 + +; Set the process dumpable flag (PR_SET_DUMPABLE prctl) even if the process user +; or group is differrent than the master process user. It allows to create process +; core dump and ptrace the process for the pool user. +; Default Value: no +; process.dumpable = yes ; Choose how the process manager will control the number of child processes. ; Possible Values: @@ -96,7 +110,7 @@ pm = dynamic ; forget to tweak pm.* to fit your needs. ; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' ; Note: This value is mandatory. -pm.max_children = 10 +pm.max_children = 5 ; The number of child processes created on startup. ; Note: Used only when pm is set to 'dynamic' @@ -117,12 +131,12 @@ pm.max_spare_servers = 3 ; Note: Used only when pm is set to 'ondemand' ; Default Value: 10s ;pm.process_idle_timeout = 10s; - + ; The number of requests each child process should execute before respawning. ; This can be useful to work around memory leaks in 3rd party libraries. For ; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. ; Default Value: 0 -pm.max_requests = 500 +;pm.max_requests = 500 ; The URI to view the FPM status page. If this value is not set, no URI will be ; recognized as a status page. It shows the following informations: @@ -170,7 +184,7 @@ pm.max_requests = 500 ; ; By default the status page only outputs short status. Passing 'full' in the ; query string will also return status for each pool process. -; Example: +; Example: ; http://www.foo.bar/status?full ; http://www.foo.bar/status?json&full ; http://www.foo.bar/status?html&full @@ -215,14 +229,14 @@ pm.max_requests = 500 ; last request memory: 0 ; ; Note: There is a real-time FPM status monitoring sample web page available -; It's available in: ${prefix}/share/fpm/status.html +; It's available in: /usr/share/php/7.0/fpm/status.html ; ; Note: The value must start with a leading slash (/). The value can be ; anything, but it may not be a good idea to use the .php extension or it ; may conflict with a real PHP file. -; Default Value: not set +; Default Value: not set ;pm.status_path = /status - + ; The ping URI to call the monitoring page of FPM. If this value is not set, no ; URI will be recognized as a ping page. This could be used to test from outside ; that FPM is alive and responding, or to @@ -275,7 +289,7 @@ pm.max_requests = 500 ; - %{megabytes}M ; - %{mega}M ; %n: pool name -; %o: ouput header +; %o: output header ; it must be associated with embraces to specify the name of the header: ; - %{Content-Type}o ; - %{X-Powered-By}o @@ -283,7 +297,7 @@ pm.max_requests = 500 ; - .... ; %p: PID of the child that serviced the request ; %P: PID of the parent of the child that serviced the request -; %q: the query string +; %q: the query string ; %Q: the '?' character if query string exists ; %r: the request URI (without the query string, see %q and %Q) ; %R: remote IP address @@ -291,72 +305,85 @@ pm.max_requests = 500 ; %t: server time the request was received ; it can accept a strftime(3) format: ; %d/%b/%Y:%H:%M:%S %z (default) +; The strftime(3) format must be encapsuled in a %{}t tag +; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t ; %T: time the log has been written (the request has finished) ; it can accept a strftime(3) format: ; %d/%b/%Y:%H:%M:%S %z (default) +; The strftime(3) format must be encapsuled in a %{}t tag +; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t ; %u: remote user ; ; Default: "%R - %u %t \"%m %r\" %s" ;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%" - + ; The log file for slow requests ; Default Value: not set ; Note: slowlog is mandatory if request_slowlog_timeout is set -slowlog = /var/log/nginx/{{ app }}.slow.log - +;slowlog = log/$pool.log.slow + ; The timeout for serving a single request after which a PHP backtrace will be ; dumped to the 'slowlog' file. A value of '0s' means 'off'. ; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) ; Default Value: 0 -request_slowlog_timeout = 5s - +;request_slowlog_timeout = 0 + ; The timeout for serving a single request after which the worker process will ; be killed. This option should be used when the 'max_execution_time' ini option ; does not stop script execution for some reason. A value of '0' means 'off'. ; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) ; Default Value: 0 request_terminate_timeout = 1d - + ; Set open file descriptor rlimit. ; Default Value: system defined value ;rlimit_files = 1024 - + ; Set max core size rlimit. ; Possible Values: 'unlimited' or an integer greater or equal to 0 ; Default Value: system defined value ;rlimit_core = 0 - + ; Chroot to this directory at the start. This value must be defined as an ; absolute path. When this value is not set, chroot is not used. ; Note: you can prefix with '$prefix' to chroot to the pool prefix or one ; of its subdirectories. If the pool prefix is not set, the global prefix ; will be used instead. -; Note: chrooting is a great security feature and should be used whenever +; Note: chrooting is a great security feature and should be used whenever ; possible. However, all PHP paths will be relative to the chroot ; (error_log, sessions.save_path, ...). ; Default Value: not set -;chroot = - +;chroot = + ; Chdir to this directory at the start. ; Note: relative path can be used. ; Default Value: current directory or / when chroot -chdir = {{ final_path }} - +chdir = __FINALPATH__ + ; Redirect worker stdout and stderr into main error log. If not set, stdout and ; stderr will be redirected to /dev/null according to FastCGI specs. ; Note: on highloaded environement, this can cause some delay in the page ; process time (several ms). ; Default Value: no -catch_workers_output = yes +;catch_workers_output = yes + +; Clear environment in FPM workers +; Prevents arbitrary environment variables from reaching FPM worker processes +; by clearing the environment in workers before env vars specified in this +; pool configuration are added. +; Setting to "no" will make all environment variables available to PHP code +; via getenv(), $_ENV and $_SERVER. +; Default Value: yes +;clear_env = no ; Limits the extensions of the main script FPM will allow to parse. This can ; prevent configuration mistakes on the web server side. You should only limit ; FPM to .php extensions to prevent malicious users to use other extensions to -; exectute php code. +; execute php code. ; Note: set an empty value to allow all extensions. ; Default Value: .php -;security.limit_extensions = .php .php3 .php4 .php5 - +;security.limit_extensions = .php .php3 .php4 .php5 .php7 + ; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from ; the current environment. ; Default Value: clean env @@ -370,7 +397,7 @@ catch_workers_output = yes ; overwrite the values previously defined in the php.ini. The directives are the ; same as the PHP SAPI: ; php_value/php_flag - you can set classic ini defines which can -; be overwritten from PHP call 'ini_set'. +; be overwritten from PHP call 'ini_set'. ; php_admin_value/php_admin_flag - these directives won't be overwritten by ; PHP call 'ini_set' ; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no. @@ -391,3 +418,13 @@ catch_workers_output = yes ;php_admin_flag[log_errors] = on ;php_admin_value[memory_limit] = 32M +; Common values to change to increase file upload limit +; php_admin_value[upload_max_filesize] = 50M +; php_admin_value[post_max_size] = 50M +; php_admin_flag[mail.add_x_header] = Off + +; Other common parameters +; php_admin_value[max_execution_time] = 600 +; php_admin_value[max_input_time] = 300 +; php_admin_value[memory_limit] = 256M +; php_admin_flag[short_open_tag] = On diff --git a/conf/php-fpm.ini.j2 b/conf/php-fpm.ini.j2 deleted file mode 100644 index a4538e8..0000000 --- a/conf/php-fpm.ini.j2 +++ /dev/null @@ -1,3 +0,0 @@ -upload_max_filesize=30M -post_max_size=30M -; max_execution_time=60 diff --git a/doc/DISCLAIMER.md b/doc/DISCLAIMER.md new file mode 100644 index 0000000..0dd6bf7 --- /dev/null +++ b/doc/DISCLAIMER.md @@ -0,0 +1,5 @@ +## YunoHost specific features + +* In private mode, only authorized YunoHost members can create poll, with the public mode, it's possible to create account to people with no YunoHost account. +* SSO and LDAP are configured. +* Login secured by fail2ban \ No newline at end of file diff --git a/doc/screenshots/create_html_statistic_screen.png b/doc/screenshots/create_html_statistic_screen.png new file mode 100644 index 0000000..7752986 Binary files /dev/null and b/doc/screenshots/create_html_statistic_screen.png differ diff --git a/manifest.json b/manifest.json index 4c5374b..a206a9c 100644 --- a/manifest.json +++ b/manifest.json @@ -2,10 +2,18 @@ "name": "LimeSurvey", "id": "limesurvey", "packaging_format": 1, - "version": "3.17.1~ynh1", "description": { - "en": "Creation and distribution survey tool.", - "fr": "Outil de création et diffusion de sondage." + "en": "Creation and distribution survey tool", + "fr": "Outil de création et diffusion de sondage" + }, + "version": "5.0.7~ynh1", + "url": "https://www.limesurvey.org/", + "upstream": { + "license": "GPL-2.0+", + "website": "https://www.limesurvey.org", + "admindoc": "https://manual.limesurvey.org/LimeSurvey_Manual/fr", + "userdoc": "https://yunohost.org/apps", + "code": "https://github.com/LimeSurvey/LimeSurvey" }, "license": "GPL-2.0+", "maintainer": { @@ -13,14 +21,13 @@ "email": "ljf+limesurvey_ynh@reflexlibre.net", "url": "https://reflexlibre.net" }, - "url": "https://www.limesurvey.org/", "requirements": { - "yunohost": ">= 3.5.2" + "yunohost": ">= 4.2.4" }, "multi_instance": true, "services": [ "nginx", - "php7.0-fpm", + "php7.3-fpm", "mysql" ], "arguments": { @@ -28,29 +35,17 @@ { "name": "domain", "type": "domain", - "ask": { - "en": "Choose a domain for LimeSurvey", - "fr": "Choisissez un nom de domaine pour LimeSurvey" - }, "example": "domain.org" }, { "name": "path", "type": "path", - "ask": { - "en": "Choose a path for LimeSurvey", - "fr": "Choisissez l'adresse pour LimeSurvey" - }, "example": "/poll", "default": "/poll" }, { "name": "admin", "type": "user", - "ask": { - "en": "Choose the LimeSurvey administrator (must be an existing YunoHost user)", - "fr": "Choisissez l'administrateur de LimeSurvey (doit être un utilisateur YunoHost)" - }, "example": "john" }, { @@ -60,17 +55,22 @@ "en": "Choose the default language of this LimeSurvey", "fr": "Choisissez la langue par défault de LimeSurvey" }, - "choices": ["en", "fr","es", "de"], + "choices": ["de", "en", "es", "fr", "it"], "default": "en" }, { "name": "is_public", "type": "boolean", - "ask": { - "en": "Will people without YunoHost account have LimeSurvey account to be able to create polls?", - "fr": "Est-ce que des personnes sans compte YunoHost aurront un compte LimeSurvey pour créer des questionnaires ?" + "help": { + "en": "If enabled, LimeSurvey will be accessible by people who do not have an account. This can be changed later via the webadmin.", + "fr": "Si cette case est cochée, LimeSurvey sera accessible aux personnes n’ayant pas de compte. Vous pourrez changer ceci plus tard via la webadmin." }, - "default": 1 + "default": true + }, + { + "name": "password", + "type": "password", + "example": "Choose a password" } ] } diff --git a/scripts/_common.sh b/scripts/_common.sh index e497e47..c1e3807 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -6,247 +6,17 @@ # App package root directory should be the parent folder PKG_DIR=$(cd ../; pwd) -pkg_dependencies="php7.0-cli php7.0-imap python-pip php7.0-gd php7.0-ldap php7.0-zip" +YNH_PHP_VERSION="7.3" + +pkg_dependencies="php${YNH_PHP_VERSION}-cli php${YNH_PHP_VERSION}-mysql php${YNH_PHP_VERSION}-imap python-pip php${YNH_PHP_VERSION}-gd php${YNH_PHP_VERSION}-ldap php${YNH_PHP_VERSION}-zip php${YNH_PHP_VERSION}-mbstring" #================================================= # SPECIFIC HELPERS #================================================= -set_permissions () { - - ynh_set_default_perm $final_path - find $final_path -type f -name "*.php" -print0 | xargs -0 chmod 400 \ - || echo "No file to modify" - #chown root: $final_path/application/config/config.php - chmod -R u+w $final_path/tmp - chmod -R u+w $final_path/upload - chmod -R u+w $final_path/application/config/ -} #================================================= # COMMON HELPERS #================================================= -ynh_set_default_perm () { - local DIRECTORY=$1 - # Set permissions - chown -R $app:www-data $DIRECTORY - chmod -R 440 $DIRECTORY - find $DIRECTORY -type d -print0 | xargs -0 chmod 550 \ - || echo "No file to modify" - -} -ynh_check_var () { - test -n "$1" || ynh_die "$2" -} - -ynh_export () { - local ynh_arg="" - for var in $@; - do - ynh_arg=$(echo $var | awk '{print toupper($0)}') - if [ "$var" == "path_url" ]; then - ynh_arg="PATH" - fi - ynh_arg="YNH_APP_ARG_$ynh_arg" - export $var=${!ynh_arg} - done -} - -# Check the path doesn't exist -# usage: ynh_final_path_available PATH -ynh_final_path_available () { - if [ -e "$1" ] - then - ynh_die "This path '$1' already contains a folder" - fi -} - -# Save listed var in YunoHost app settings -# usage: ynh_save_args VARNAME1 [VARNAME2 [...]] -ynh_save_args () { - for var in $@; - do - local setting_var="$var" - if [ "$var" == "path_url" ]; then - setting_var="path" - fi - ynh_app_setting_set $app $setting_var ${!var} - done -} - -# Execute a command as another user -# usage: ynh_exec_as USER COMMAND [ARG ...] -ynh_exec_as() { - local USER=$1 - shift 1 - - if [[ $USER = $(whoami) ]]; then - eval "$@" - else - # use sudo twice to be root and be allowed to use another user - sudo sudo -u "$USER" "$@" - fi -} - - -# usage: ynh_save_persistent MODE RELATIVE_PATH -ynh_save_persistent () { - local TYPE=$1 - local DIR=/tmp/ynh-persistent/$app - set +u - i=${#YNH_PERSISTENT_DIR[@]} - i=${i:-0} - set -u - [ "$i" -eq "0" ] && ynh_secure_remove $DIR && mkdir -p $DIR - if [ -e $final_path/$2 ]; then - mv $final_path/$2 $DIR/$i - YNH_PERSISTENT_MODE[$i]=$1 - YNH_PERSISTENT_DIR[$i]=$2 - fi -} - -ynh_keep_if_no_upgrade () { - for elt in $@; - do - ynh_save_persistent KEEP_IF_NO_UPGRADE $elt - done -} -ynh_keep () { - for elt in $@; - do - ynh_save_persistent KEEP $elt - done -} -# usage: ynh_restore_persistent -ynh_restore_persistent () { - local DIR=/tmp/ynh-persistent/$app - if [ -d $DIR ]; then - i=0 - for PERSISTENT_DIR in "${YNH_PERSISTENT_DIR[@]}"; - do - if [ "${YNH_PERSISTENT_MODE[$i]}" = "KEEP_IF_NO_UPGRADE" ]; then - if [ ! -e $final_path/$PERSISTENT_DIR ]; then - mv $DIR/$i $final_path/$PERSISTENT_DIR - fi - else - if [ -e $final_path/$PERSISTENT_DIR ]; then - ynh_secure_remove $final_path/$PERSISTENT_DIR - fi - mv $DIR/$i $final_path/$PERSISTENT_DIR - fi - ((i+=1)) - done - ynh_secure_remove $DIR - fi - -} -ynh_mv_to_home () { - local APP_PATH="/home/yunohost.app/$app/" - local DATA_PATH="$1" - mkdir -p "$APP_PATH" - chown $app: "$APP_PATH" - ynh_exec_as "$app" mv "$DATA_PATH" "$APP_PATH" - ynh_exec_as "$app" ln -s "$APP_PATH$DATA_PATH" "$DATA_PATH" - -} - -ynh_sso_access () { - ynh_app_setting_set $app unprotected_uris "/" - - if [[ $is_public -eq 0 ]]; then - ynh_app_setting_set $app protected_uris "$1" - fi - yunohost app ssowatconf -} - -ynh_exit_if_up_to_date () { - if [ "${version}" = "${last_version}" ]; then - info "Up-to-date, nothing to do" - ynh_die "Up-to-date, nothing to do" 0 - fi -} - -log() { - echo "${1}" -} - -info() { - log "[INFO] ${1}" -} - -warn() { - log "[WARN] ${1}" -} - -err() { - log "[ERR] ${1}" -} - -to_logs() { - - # When yunohost --verbose or bash -x - if $_ISVERBOSE; then - cat - else - cat > /dev/null - fi -} - -ynh_read_json () { - sudo python3 -c "import sys, json;print(json.load(open('$1'))['$2'])" -} - -ynh_read_manifest () { - if [ -f '../manifest.json' ] ; then - ynh_read_json '../manifest.json' "$1" - else - ynh_read_json '../settings/manifest.json' "$1" - fi -} - - -ynh_configure () { - local TEMPLATE=$1 - local DEST=$2 - type j2 2>/dev/null || sudo pip install j2cli - j2 "${PKG_DIR}/conf/$TEMPLATE.j2" > "${PKG_DIR}/conf/$TEMPLATE" - sudo cp "${PKG_DIR}/conf/$TEMPLATE" "$DEST" -} - -ynh_add_nginx_config () { - finalnginxconf="/etc/nginx/conf.d/$domain.d/$app.conf" - ynh_backup_if_checksum_is_different "$finalnginxconf" - ynh_configure nginx.conf "$finalnginxconf" - ynh_store_file_checksum "$finalnginxconf" - service nginx reload -} - -ynh_add_fpm_config () { - # Configure PHP-FPM 7.0 by default - local fpm_config_dir="/etc/php/7.0/fpm" - local fpm_service="php7.0-fpm" - # Configure PHP-FPM 5 on Debian Jessie - if is_jessie; then - fpm_config_dir="/etc/php5/fpm" - fpm_service="php5-fpm" - fi - ynh_app_setting_set $app fpm_config_dir "$fpm_config_dir" - ynh_app_setting_set $app fpm_service "$fpm_service" - finalphpconf="$fpm_config_dir/pool.d/$app.conf" - ynh_backup_if_checksum_is_different "$finalphpconf" - ynh_configure php-fpm.conf "$finalphpconf" - sudo chown root: "$finalphpconf" - ynh_store_file_checksum "$finalphpconf" - - if [ -e "../conf/php-fpm.ini.j2" ] - then - finalphpini="$fpm_config_dir/conf.d/20-$app.ini" - ynh_backup_if_checksum_is_different "$finalphpini" - ynh_configure php-fpm.ini "$finalphpini" - chown root: "$finalphpini" - ynh_store_file_checksum "$finalphpini" - fi - systemctl reload $fpm_service -} # Send an email to inform the administrator # @@ -284,19 +54,15 @@ ynh_send_readme_to_admin() { } recipients=$(find_mails "$recipients") - local mail_subject="☁️🆈🅽🅷☁️: \`$app\` was just installed!" + local mail_subject="☁️🆈🅽🅷☁️: \`$app\` has important message for you" local mail_message="This is an automated message from your beloved YunoHost server. - Specific information for the application $app. - $app_message - --- Automatic diagnosis data from YunoHost - $(yunohost tools diagnosis | grep -B 100 "services:" | sed '/services:/d')" - + # Define binary to use for mail command if [ -e /usr/bin/bsd-mailx ] then @@ -308,95 +74,3 @@ $(yunohost tools diagnosis | grep -B 100 "services:" | sed '/services:/d')" # Send the email to the recipients echo "$mail_message" | $mail_bin -a "Content-Type: text/plain; charset=UTF-8" -s "$mail_subject" "$recipients" } - -# Exit without error if the package is up to date -# -# This helper should be used to avoid an upgrade of a package -# when it's not needed. -# -# To force an upgrade, even if the package is up to date, -# you have to set the variable YNH_FORCE_UPGRADE before. -# example: sudo YNH_FORCE_UPGRADE=1 yunohost app upgrade MyApp -# -# usage: ynh_abort_if_up_to_date -ynh_abort_if_up_to_date () { - local force_upgrade=${YNH_FORCE_UPGRADE:-0} - local package_check=${PACKAGE_CHECK_EXEC:-0} - - local version=$(ynh_read_json "/etc/yunohost/apps/$YNH_APP_INSTANCE_NAME/manifest.json" "version" || echo 1.0) - local last_version=$(ynh_read_manifest "version" || echo 1.0) - if [ "$version" = "$last_version" ] - then - if [ "$force_upgrade" != "0" ] - then - echo "Upgrade forced by YNH_FORCE_UPGRADE." >&2 - unset YNH_FORCE_UPGRADE - elif [ "$package_check" != "0" ] - then - echo "Upgrade forced for package check." >&2 - else - ynh_die "Up-to-date, nothing to do" 0 - fi - fi -} - -# Remove any logs for all the following commands. -# -# usage: ynh_print_OFF -# WARNING: You should be careful with this helper, and never forgot to use ynh_print_ON as soon as possible to restore the logging. -ynh_print_OFF () { - set +x -} - -# Restore the logging after ynh_print_OFF -# -# usage: ynh_print_ON -ynh_print_ON () { - set -x - # Print an echo only for the log, to be able to know that ynh_print_ON has been called. - echo ynh_print_ON > /dev/null -} -ynh_version_gt() { test "$(printf '%s\n' "$@" | sort -V | head -n 1)" != "$1"; } - -# In upgrade script allow to test if the app is less than or equal a specific version -# -# usage: ynh_version_le "0.5" -ynh_version_le() { - local version=$(ynh_read_json "/etc/yunohost/apps/$YNH_APP_INSTANCE_NAME/manifest.json" "version" || echo 1.0) - ynh_version_gt "$1" "${version}" -} - -ynh_debian_release () { - lsb_release --codename --short -} - -is_stretch () { - if [ "$(ynh_debian_release)" == "stretch" ] - then - return 0 - else - return 1 - fi -} - -is_jessie () { - if [ "$(ynh_debian_release)" == "jessie" ] - then - return 0 - else - return 1 - fi -} - -# Reload (or other actions) a service and print a log in case of failure. -# -# usage: ynh_system_reload service_name [action] -# | arg: service_name - Name of the service to reload -# | arg: action - Action to perform with systemctl. Default: reload -ynh_system_reload () { - local service_name=$1 - local action=${2:-reload} - - # Reload, restart or start and print the log if the service fail to start or reload - systemctl $action $service_name || ( journalctl --lines=20 -u $service_name >&2 && false) -} diff --git a/scripts/backup b/scripts/backup index bb742d4..4547eef 100644 --- a/scripts/backup +++ b/scripts/backup @@ -1,53 +1,70 @@ #!/bin/bash #================================================= -# GENERIC STARTING +# GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= + +# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts +source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers #================================================= # MANAGE SCRIPT FAILURE #================================================= +ynh_clean_setup () { + ### Remove this function if there's nothing to clean before calling the remove script. + true +} # Exit if an error occurs during the execution of the script ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= +ynh_print_info --message="Loading installation settings..." app=$YNH_APP_INSTANCE_NAME -domain=$(ynh_app_setting_get $app domain) -final_path=$(ynh_app_setting_get $app final_path) -db_name=$(ynh_app_setting_get $app db_name) -db_pwd=$(ynh_app_setting_get $app mysqlpwd) +final_path=$(ynh_app_setting_get --app=$app --key=final_path) +domain=$(ynh_app_setting_get --app=$app --key=domain) +db_name=$(ynh_app_setting_get --app=$app --key=db_name) +phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= -# STANDARD BACKUP STEPS +# DECLARE DATA AND CONF FILES TO BACKUP #================================================= -# BACKUP OF THE MAIN DIR OF THE APP -#================================================= - -ynh_backup "$final_path" +ynh_print_info --message="Declaring files to be backed up..." #================================================= -# BACKUP OF THE NGINX CONFIGURATION +# BACKUP THE APP MAIN DIR #================================================= -ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf" +ynh_backup --src_path="$final_path" #================================================= -# BACKUP OF THE PHP-FPM CONFIGURATION +# BACKUP THE NGINX CONFIGURATION #================================================= -ynh_backup "/etc/php5/fpm/pool.d/$app.conf" -ynh_backup "/etc/php5/fpm/conf.d/20-$app.ini" +ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= -# BACKUP OF THE SQL BDD +# BACKUP THE PHP-FPM CONFIGURATION #================================================= -ynh_mysql_dump_db "$db_name" > db.sql +ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" + +#================================================= +# BACKUP THE MYSQL DATABASE +#================================================= +ynh_print_info --message="Backing up the MySQL database..." + +ynh_mysql_dump_db --database="$db_name" > db.sql + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." diff --git a/scripts/change_url b/scripts/change_url new file mode 100644 index 0000000..d51bc52 --- /dev/null +++ b/scripts/change_url @@ -0,0 +1,110 @@ +#!/bin/bash + +#================================================= +# GENERIC STARTING +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +source _common.sh +source /usr/share/yunohost/helpers + +#================================================= +# RETRIEVE ARGUMENTS +#================================================= + +old_domain=$YNH_APP_OLD_DOMAIN +old_path=$YNH_APP_OLD_PATH + +new_domain=$YNH_APP_NEW_DOMAIN +new_path=$YNH_APP_NEW_PATH + +app=$YNH_APP_INSTANCE_NAME + +#================================================= +# LOAD SETTINGS +#================================================= +ynh_script_progression --message="Loading installation settings..." --weight=1 + +# Needed for helper "ynh_add_nginx_config" +final_path=$(ynh_app_setting_get --app=$app --key=final_path) + +# Add settings here as needed by your application +#db_name=$(ynh_app_setting_get --app=$app --key=db_name) +#db_user=$db_name +#db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd) + +#================================================= +# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP +#================================================= +ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=1 + +# Backup the current version of the app +ynh_backup_before_upgrade +ynh_clean_setup () { + # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location. + ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" + + # Restore it if the upgrade fails + ynh_restore_upgradebackup +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + +#================================================= +# CHECK WHICH PARTS SHOULD BE CHANGED +#================================================= + +change_domain=0 +if [ "$old_domain" != "$new_domain" ] +then + change_domain=1 +fi + +change_path=0 +if [ "$old_path" != "$new_path" ] +then + change_path=1 +fi + +#================================================= +# MODIFY URL IN NGINX CONF +#================================================= +ynh_script_progression --message="Updating NGINX web server configuration..." --weight=1 + +nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf + +# Change the path in the NGINX config file +if [ $change_path -eq 1 ] +then + # Make a backup of the original NGINX config file if modified + ynh_backup_if_checksum_is_different --file="$nginx_conf_path" + # Set global variables for NGINX helper + domain="$old_domain" + path_url="$new_path" + # Create a dedicated NGINX config + ynh_add_nginx_config +fi + +# Change the domain for NGINX +if [ $change_domain -eq 1 ] +then + # Delete file checksum for the old conf file location + ynh_delete_file_checksum --file="$nginx_conf_path" + mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf + # Store file checksum for the new config file location + ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" +fi + +#================================================= +# RELOAD NGINX +#================================================= +ynh_script_progression --message="Reloading NGINX web server..." --weight=1 + +ynh_systemd_action --service_name=nginx --action=reload + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Change of URL completed for $app" --last diff --git a/scripts/install b/scripts/install index c0cf57d..62b5f9f 100755 --- a/scripts/install +++ b/scripts/install @@ -6,8 +6,8 @@ # IMPORT GENERIC HELPERS #================================================= -source /usr/share/yunohost/helpers source _common.sh +source /usr/share/yunohost/helpers #================================================= # MANAGE FAILURE OF THE SCRIPT @@ -20,166 +20,189 @@ ynh_abort_if_errors # RETRIEVE ARGUMENTS FROM THE MANIFEST #================================================= -export app=$YNH_APP_INSTANCE_NAME +domain=$YNH_APP_ARG_DOMAIN +path_url=$YNH_APP_ARG_PATH +admin=$YNH_APP_ARG_ADMIN +is_public=$YNH_APP_ARG_IS_PUBLIC +language=$YNH_APP_ARG_LANGUAGE +password=$YNH_APP_ARG_PASSWORD -# Retrieve arguments -ynh_export domain path_url admin is_public language -export prefix=lime_ -export db_name=$(ynh_sanitize_dbid $app) -export db_user=$db_name +app=$YNH_APP_INSTANCE_NAME #================================================= # CHECK IF THE APP CAN BE INSTALLED WITH THIS ARGS #================================================= -ynh_script_progression --message="Validating installation parameters..." --time --weight=1 +ynh_script_progression --message="Validating installation parameters..." --weight=1 -export final_path=/var/www/$app -test ! -e "$final_path" || ynh_die "This path already contains a folder" +final_path=/var/www/$app +test ! -e "$final_path" || ynh_die --message="This path already contains a folder" # Register (book) web path -ynh_webpath_register $app $domain $path_url +ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url #================================================= # STORE SETTINGS FROM MANIFEST #================================================= -ynh_script_progression --message="Storing installation settings..." --time --weight=1 +ynh_script_progression --message="Storing installation settings..." --weight=1 -ynh_save_args domain admin is_public language final_path prefix path_url db_name db_user +ynh_app_setting_set --app=$app --key=domain --value=$domain +ynh_app_setting_set --app=$app --key=path --value=$path_url +ynh_app_setting_set --app=$app --key=admin --value=$admin +ynh_app_setting_set --app=$app --key=language --value=$language #================================================= # STANDARD MODIFICATIONS #================================================= # INSTALL DEPENDENCIES #================================================= -ynh_script_progression --message="Installing dependencies..." --time --weight=1 +ynh_script_progression --message="Installing dependencies..." --weight=1 ynh_install_app_dependencies $pkg_dependencies #================================================= -# CREATE A SQL BDD +# CREATE A MYSQL DATABASE #================================================= -ynh_script_progression --message="Creating a MySQL database..." --time --weight=1 +ynh_script_progression --message="Creating a MySQL database..." --weight=1 -ynh_mysql_setup_db $db_user $db_name -export db_pwd=$(ynh_app_setting_get $app mysqlpwd) +db_name=$(ynh_sanitize_dbid --db_name=$app) +db_user=$db_name +ynh_app_setting_set --app=$app --key=db_name --value=$db_name +ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name + +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Configuring system user..." --weight=1 + +# Create a system user +ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= -ynh_script_progression --message="Setting up source files..." --time --weight=1 +ynh_script_progression --message="Setting up source files..." --weight=1 +ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src -ynh_setup_source "$final_path" +ynh_setup_source --dest_dir="$final_path" + +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" +chmod 755 "$final_path/tmp" +chmod 755 "$final_path/upload" +chmod 755 "$final_path/application/config/" #================================================= # NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Configuring nginx web server..." --time --weight=1 +ynh_script_progression --message="Configuring NGINX web server..." --weight=1 # Create a dedicated nginx config ynh_add_nginx_config -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." --time --weight=1 - -# Create a system user -ynh_system_user_create $app - #================================================= # PHP-FPM CONFIGURATION #================================================= -ynh_script_progression --message="Configuring php-fpm..." --time --weight=1 +ynh_script_progression --message="Configuring PHP-FPM..." --weight=1 # Create a dedicated php-fpm config ynh_add_fpm_config -#================================================= -# SECURING FILES AND DIRECTORIES -#================================================= - -# Set permissions -set_permissions - - #================================================= # SPECIFIC SETUP #================================================= # CONFIGURE #================================================= -ynh_configure config.php "$final_path/application/config/config.php" + +ynh_add_config --template="../conf/config.php" --destination="$final_path/application/config/config.php" #================================================= # INSTALL #================================================= + ls_cli=$final_path/application/commands/console.php + fullname=$(ynh_user_get_info "$admin" "fullname") mail=$(ynh_user_get_info "$admin" "mail") # Permission should be correctly set before to do this -ynh_exec_as "$app" php $ls_cli install "$admin" "$(ynh_string_random 24)" "$fullname" "$mail" +ynh_exec_as "$app" php $ls_cli install "$admin" "$password" "$fullname" "$mail" -#================================================= -# STORE THE CHECKSUM OF THE CONFIG FILE -#================================================= - -# Calculate and store the config file checksum into the app settings -ynh_store_file_checksum "$final_path/application/config/config.php" +# Permission should be correctly set before to do this +#ynh_exec_as "$app" php $ls_cli install "$admin" "$(ynh_string_random 24)" "$fullname" "$mail" #================================================= # LOAD SQL SPECIFIC CONFIG #================================================= -ynh_configure data.sql ./data.sql -mysql -u $db_user -p$db_pwd $db_user < ./data.sql + +#ynh_add_config --template="../conf/data.sql" --destination="$final_path/data.sql" + +#ynh_mysql_connect_as --user="$db_user" --password="$db_pwd" --database="$db_name" < $final_path/data.sql + +#ynh_secure_remove --file=$final_path/data.sql + +#if [ $is_public -eq 1 ] +#then +# ynh_mysql_connect_as --user="$db_user" --password="$db_pwd" --database="$db_name" <<< "UPDATE `lime_plugin_settings` SET value='\"0\"' WHERE `id`=21;" +#fi #================================================= # Add nice themes #================================================= + #ynh_setup_source "$final_path/upload/templates/libreform" libreform #ynh_setup_source "$final_path/upload/templates/librepoll" librepoll - -#================================================= -# GENERIC FINALISATION -#================================================= -# SECURING FILES AND DIRECTORIES -#================================================= -ynh_script_progression --message="Apply permissions..." --time --weight=1 -# Set permissions -set_permissions - #================================================= # SETUP FAIL2BAN #================================================= # ynh_script_progression --message="Configuring fail2ban..." --time --weight=1 + #ynh_add_fail2ban_config "/var/log/nginx/${domain}-error.log" "PHP message: Leed: wrong login for .* client: " 5 #================================================= # SETUP SSOWAT #================================================= -ynh_script_progression --message="Configuring SSOwat..." --time --weight=1 +ynh_script_progression --message="Configuring permissions..." --weight=1 -yunohost app addaccess $app -u $admin -ynh_sso_access "/index.php?r=admin,/index.php?r=plugins,/scripts" +# Make app public if necessary +if [ $is_public -eq 1 ] +then + ynh_permission_update --permission="main" --add="visitors" +fi + +# Only the admin can access the admin panel of the app (if the app has an admin panel) +ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin + + +#ynh_script_progression --message="Configuring SSOwat..." --weight=1 + +#yunohost app addaccess $app -u $admin +#ynh_sso_access "/index.php?r=admin,/index.php?r=plugins,/scripts" #================================================= # RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading nginx web server..." --time --weight=1 +ynh_script_progression --message="Reloading NGINX web server..." --weight=1 -systemctl reload nginx +ynh_systemd_action --service_name=nginx --action=reload #================================================= # SEND A README FOR THE ADMIN #================================================= -ynh_script_progression --message="Sending some explanation to use $app..." --time --weight=1 +ynh_script_progression --message="Sending a readme for the admin..." --weight=1 -ynh_print_OFF -message="You can now create a poll on this address: https://${domain}${path_url}/admin/ -If you facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/limesurvey_ynh" +message="LimeSurvey was successfully installed :) -ynh_send_readme_to_admin "$message" "$admin" -ynh_print_ON +You can now create a poll on this address: https://$domain$path_url/admin/ -ynh_script_progression --message="Installation of $app completed" --time --last +If you are facing any problem or want to improve this app, please open a new issue here: https://github.com/YunoHost-Apps/limesurvey_ynh/issues" + +ynh_send_readme_to_admin "$message" + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Installation of $app completed" --last diff --git a/scripts/remove b/scripts/remove index 6e457e5..e857ca7 100755 --- a/scripts/remove +++ b/scripts/remove @@ -6,63 +6,75 @@ # IMPORT GENERIC HELPERS #================================================= -source /usr/share/yunohost/helpers source _common.sh +source /usr/share/yunohost/helpers #================================================= # LOAD SETTINGS #================================================= +ynh_script_progression --message="Loading installation settings..." --weight=1 app=$YNH_APP_INSTANCE_NAME -final_path=$(ynh_app_setting_get $app final_path) -final_path=${final_path:-/var/www/$app} -domain=$(ynh_app_setting_get $app domain) -db_name=$(ynh_app_setting_get $app db_name) +domain=$(ynh_app_setting_get --app=$app --key=domain) +db_name=$(ynh_app_setting_get --app=$app --key=db_name) +db_user=$db_name +final_path=$(ynh_app_setting_get --app=$app --key=final_path) #================================================= # STANDARD REMOVE #================================================= # REMOVE DEPENDENCIES #================================================= +ynh_script_progression --message="Removing dependencies..." --weight=1 # Remove metapackage and its dependencies ynh_remove_app_dependencies #================================================= -# REMOVE THE SQL BDD +# REMOVE THE MYSQL DATABASE #================================================= +ynh_script_progression --message="Removing the MySQL database..." --weight=1 # Remove a database if it exists, along with the associated user -ynh_mysql_remove_db $db_name $db_name +ynh_mysql_remove_db --db_user=$db_user --db_name=$db_name #================================================= # REMOVE THE MAIN DIR OF THE APP #================================================= +ynh_script_progression --message="Removing app main directory..." --weight=1 # Remove the app directory securely -ynh_secure_remove "$final_path" -ynh_secure_remove "/home/yunohost.app/$app" +ynh_secure_remove --file="$final_path" + +#ynh_secure_remove --file="/home/yunohost.app/$app" #================================================= # REMOVE THE NGINX CONFIGURATION #================================================= +ynh_script_progression --message="Removing NGINX web server configuration..." --weight=1 -# Remove the dedicated nginx config +# Remove the dedicated NGINX config ynh_remove_nginx_config #================================================= -# REMOVE THE PHP-FPM CONFIGURATION +# REMOVE PHP-FPM CONFIGURATION #================================================= +ynh_script_progression --message="Removing PHP-FPM configuration..." --weight=1 -# Remove the dedicated php-fpm config +# Remove the dedicated PHP-FPM config ynh_remove_fpm_config -#================================================= -# GENERIC FINALISATION #================================================= # REMOVE DEDICATED USER #================================================= +ynh_script_progression --message="Removing the dedicated system user..." --weight=1 # Delete a system user -ynh_system_user_delete $app +ynh_system_user_delete --username=$app + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Removal of $app completed" --last diff --git a/scripts/restore b/scripts/restore index 25ae50a..2304d9f 100644 --- a/scripts/restore +++ b/scripts/restore @@ -6,89 +6,115 @@ # IMPORT GENERIC HELPERS #================================================= -source /usr/share/yunohost/helpers +# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh +source /usr/share/yunohost/helpers #================================================= # MANAGE SCRIPT FAILURE #================================================= +ynh_clean_setup () { + #### Remove this function if there's nothing to clean before calling the remove script. + true +} # Exit if an error occurs during the execution of the script ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= +ynh_script_progression --message="Loading installation settings..." --weight=1 -export app=$YNH_APP_INSTANCE_NAME +app=$YNH_APP_INSTANCE_NAME -export domain=$(ynh_app_setting_get $app domain) -export path_url=$(ynh_app_setting_get $app path) -export admin=$(ynh_app_setting_get $app admin) -export final_path=$(ynh_app_setting_get $app final_path) -export is_public=$(ynh_app_setting_get $app is_public) -export prefix=$(ynh_app_setting_get $app prefix) -export db_name=$(ynh_app_setting_get $app db_name) -export db_user=$(ynh_app_setting_get $app db_user) -export db_pwd=$(ynh_app_setting_get $app mysqlpwd) +domain=$(ynh_app_setting_get --app=$app --key=domain) +path_url=$(ynh_app_setting_get --app=$app --key=path) +final_path=$(ynh_app_setting_get --app=$app --key=final_path) +admin=$(ynh_app_setting_get --app=$app --key=admin) +db_name=$(ynh_app_setting_get --app=$app --key=db_name) +db_user=$db_name +phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= # CHECK IF THE APP CAN BE RESTORED #================================================= +ynh_script_progression --message="Validating restoration parameters..." --weight=1 -ynh_webpath_available $domain $path_url \ - || ynh_die "Path not available: ${domain}${path_url}" +ynh_webpath_available --domain=$domain --path_url=$path_url \ + || ynh_die --message="Path not available: ${domain}${path_url}" test ! -d $final_path \ - || ynh_die "There is already a directory: $final_path " + || ynh_die --message="There is already a directory: $final_path " #================================================= -# STANDARD RESTORE STEPS +# STANDARD RESTORATION STEPS #================================================= -# INSTALL DEPENDENCIES +# RESTORE THE NGINX CONFIGURATION #================================================= -ynh_install_app_dependencies $pkg_dependencies +ynh_script_progression --message="Restoring the NGINX configuration..." --weight=1 -#================================================= -# RESTORE OF THE SQL BDD -#================================================= - -ynh_mysql_setup_db $db_name $db_name $db_pwd -ynh_mysql_connect_as $db_name $db_pwd $db_name < ./db.sql - -#================================================= -# RESTORE FILES -#================================================= -# Restore files -ynh_restore +ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= # RECREATE THE DEDICATED USER #================================================= -ynh_system_user_create "$app" "$final_path" +ynh_script_progression --message="Recreating the dedicated system user..." --weight=1 + +# Create the dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= -# RESTORE USER RIGHTS +# RESTORE THE APP MAIN DIR #================================================= -set_permissions +ynh_script_progression --message="Restoring the app main directory..." --weight=1 + +ynh_restore_file --origin_path="$final_path" + +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" +chmod 755 "$final_path/tmp" +chmod 755 "$final_path/upload" +chmod 755 "$final_path/application/config/" #================================================= -# SETUP SSOWAT +# RESTORE THE PHP-FPM CONFIGURATION #================================================= -ynh_sso_access "/index.php?r=admin,/index.php?r=plugins,/scripts" +ynh_script_progression --message="Restoring the PHP-FPM configuration..." --weight=1 + +ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" #================================================= -# GENERIC FINALISATION +# SPECIFIC RESTORATION +#================================================= +# REINSTALL DEPENDENCIES +#================================================= +ynh_script_progression --message="Reinstalling dependencies..." --weight=1 + +# Define and install dependencies +ynh_install_app_dependencies $pkg_dependencies + +#================================================= +# RESTORE THE MYSQL DATABASE +#================================================= +ynh_script_progression --message="Restoring the MySQL database..." --weight=1 + +db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) +ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd +ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql + +#================================================= +# GENERIC FINALIZATION #================================================= # RELOAD NGINX AND PHP-FPM #================================================= +ynh_script_progression --message="Reloading NGINX web server and PHP-FPM..." --weight=1 -ynh_system_reload php5-fpm -ynh_system_reload nginx +ynh_systemd_action --service_name=php$phpversion-fpm --action=reload +ynh_systemd_action --service_name=nginx --action=reload #================================================= -# SEND A README FOR THE ADMIN +# END OF SCRIPT #================================================= -message="If you facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/leed_ynh" - -ynh_send_readme_to_admin "$message" "$admin" +ynh_script_progression --message="Restoration completed for $app" --last diff --git a/scripts/upgrade b/scripts/upgrade index 8d7a7e1..1c6bb08 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -1,91 +1,92 @@ #!/bin/bash #================================================= -# GENERIC STARTING +# GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= -source /usr/share/yunohost/helpers source _common.sh +source /usr/share/yunohost/helpers #================================================= # LOAD SETTINGS #================================================= -export app=$YNH_APP_INSTANCE_NAME +ynh_script_progression --message="Loading installation settings..." --weight=1 -export domain=$(ynh_app_setting_get $app domain) -export path_url=$(ynh_app_setting_get $app path) -export admin=$(ynh_app_setting_get $app admin) -export final_path=$(ynh_app_setting_get $app final_path) -export is_public=$(ynh_app_setting_get $app is_public) -export prefix=$(ynh_app_setting_get $app prefix) -export db_pwd=$(ynh_app_setting_get $app mysqlpwd) -export db_name=$(ynh_app_setting_get $app db_name) -export db_user=$(ynh_app_setting_get $app db_user) +app=$YNH_APP_INSTANCE_NAME + +domain=$(ynh_app_setting_get --app=$app --key=domain) +path_url=$(ynh_app_setting_get --app=$app --key=path) +admin=$(ynh_app_setting_get --app=$app --key=admin) +final_path=$(ynh_app_setting_get --app=$app --key=final_path) +db_name=$(ynh_app_setting_get --app=$app --key=db_name) +db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) +phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) + +prefix=$(ynh_app_setting_get $app prefix) #================================================= # CHECK VERSION #================================================= -ynh_abort_if_up_to_date +upgrade_type=$(ynh_check_app_version_changed) #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= +ynh_script_progression --message="Backing up $app before upgrading (may take a while)..." --weight=7 # Backup the current version of the app ynh_backup_before_upgrade ynh_clean_setup () { - # restore it if the upgrade fails - ynh_restore_upgradebackup + # restore it if the upgrade fails + ynh_restore_upgradebackup } # Exit if an error occurs during the execution of the script ynh_abort_if_errors #================================================= -# CHECK THE PATH +# ENSURE DOWNWARD COMPATIBILITY #================================================= +ynh_script_progression --message="Ensuring downward compatibility..." --weight=1 -path_url=$(ynh_normalize_url_path $path_url) # Vérifie et corrige la syntaxe du path. +# If db_name doesn't exist, create it +if [ -z "$db_name" ]; then + db_name=$(ynh_sanitize_dbid --db_name=$app) + ynh_app_setting_set --app=$app --key=db_name --value=$db_name +fi + +# If final_path doesn't exist, create it +if [ -z "$final_path" ]; then + final_path=/var/www/$app + ynh_app_setting_set --app=$app --key=final_path --value=$final_path +fi + +# Cleaning legacy permissions +if ynh_legacy_permissions_exists; then + ynh_legacy_permissions_delete_all + + ynh_app_setting_delete --app=$app --key=is_public +fi + +if ! ynh_permission_exists --permission="admin"; then + # Create the required permissions + ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin +fi + +# Create a permission if needed +if ! ynh_permission_exists --permission="api"; then + ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --show_tile="false" --protected="true" +fi #================================================= -# STEP Migrations +# CREATE DEDICATED USER #================================================= -if ynh_version_le "2.0.5" ; then - is_public=${is_public:-0} - prefix=${prefix:-prefix_} - db_name=${db_name:-$app} - final_path=$(ynh_app_setting_get $app local_path) +ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 - ynh_install_app_dependencies $pkg_dependencies - # Move the upload dir to final_path if needed - # The upload dir can't be symlinked in home (not supported by LS) - upload_path=/home/yunohost.app/$app/upload - if [ -h $final_path/upload ]; then - rm $final_path/upload - mv $upload_path $final_path/ - fi - - ynh_app_setting_delete $app skipped_uris - ynh_sso_access "/index.php?r=admin,/index.php?r=plugins,/scripts" - - ynh_configure migrations/2.0.5.sql ./2.0.5.sql - mysql -u $app -p$db_pwd $db_name < ./2.0.5.sql -fi -if ynh_version_le "2.62.2-1" ; then - is_public=${is_public:-0} - prefix=${prefix:-prefix_} - db_name=${db_name:-$app} - final_path=$(ynh_app_setting_get $app local_path) - ynh_save_args path_url is_public prefix db_name final_path db_user -fi -if ynh_version_le "2.62.2-2" ; then - # Move old templates and themes in backup dir - mv $final_path/upload/templates /home/yunohost.backup/$app.bkp/old-templates - mkdir -p /home/yunohost.backup/$app.bkp/old-themes - mv $final_path/themes/* /home/yunohost.backup/$app.bkp/old-themes/ -fi +# Create a dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= # STANDARD UPGRADE STEPS @@ -93,61 +94,60 @@ fi # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= -# Backup config, plugins and themes and delete previous files -ynh_keep_if_no_upgrade plugins/* -ynh_keep application/config/config.php -ynh_keep upload +if [ "$upgrade_type" == "UPGRADE_APP" ] +then + ynh_script_progression --message="Upgrading source files..." --weight=1 -# Copie new files and restore config, plugins, upload and themes -ynh_secure_remove $final_path -ynh_setup_source "$final_path" # Télécharge la source, décompresse et copie dans $final_path + # Download, check integrity, uncompress and patch the source from app.src + ynh_setup_source --dest_dir="$final_path" --keep="$final_path/plugins/* $final_path/application/config/config.php $final_path/upload" +fi -# Restore config, plugins and themes -ynh_restore_persistent +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" +chmod 755 "$final_path/tmp" +chmod 755 "$final_path/upload" +chmod 755 "$final_path/application/config/" #================================================= # NGINX CONFIGURATION #================================================= +ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=1 +# Create a dedicated NGINX config ynh_add_nginx_config #================================================= -# CREATE DEDICATED USER +# UPGRADE DEPENDENCIES #================================================= +ynh_script_progression --message="Upgrading dependencies..." --weight=1 -ynh_system_user_create $app # Create the dedicated user, if not exist +ynh_install_app_dependencies $pkg_dependencies #================================================= # PHP-FPM CONFIGURATION #================================================= +ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=1 -ynh_add_fpm_config # Créer le fichier de configuration du pool php-fpm et le configure. - -#================================================= -# SECURING FILES AND DIRECTORIES -#================================================= -set_permissions +# Create a dedicated PHP-FPM config +ynh_add_fpm_config #================================================= # UPGRADE DB #================================================= # Migrate DB -cd $final_path -ynh_exec_as "$app" php application/commands/console.php updatedb +ynh_exec_as "$app" php $final_path/application/commands/console.php updatedb #================================================= # RELOAD NGINX #================================================= +ynh_script_progression --message="Reloading NGINX web server..." --weight=1 -ynh_system_reload nginx +ynh_systemd_action --service_name=nginx --action=reload #================================================= -# Send message to the admin +# END OF SCRIPT #================================================= -if ynh_version_le "2.62.2-2" ; then - message="LimeSurvey has been upgraded from version to version 3, note this new version change completely the survey themes system. If you have added or created manually some templates they won't be available in your LimeSurvey, a copy of their source code has been done in /home/yunohost.backup/$app-old-templates/. See https://manual.limesurvey.org/New_Template_System_in_LS3.x" - ynh_warn "$message" - ynh_send_readme_to_admin "$message" "$admin" -fi +ynh_script_progression --message="Upgrade of $app completed" --last