From 7987a544c4ee2b9177b11209a0c22a94a8938cb0 Mon Sep 17 00:00:00 2001 From: Kayou Date: Thu, 14 Feb 2019 23:41:28 +0100 Subject: [PATCH 1/3] add admin --- conf/lstu.conf.template | 2 +- manifest.json | 8 ++++++++ scripts/install | 4 ++++ scripts/upgrade | 15 +++++++++++++++ 4 files changed, 28 insertions(+), 1 deletion(-) diff --git a/conf/lstu.conf.template b/conf/lstu.conf.template index 6796cb0..76d4a50 100644 --- a/conf/lstu.conf.template +++ b/conf/lstu.conf.template @@ -29,7 +29,7 @@ # secret hashed passphrase to access some admin features # Hash your password by issuing `echo -n s3cr3T | sha256sum` on your terminal # optional, but you won't have access to admin /stats if not set and if adminpwd is not set either - #hashed_adminpwd => '94b2feede6ea5e2eec62f457ecb7d3f719b24d19c29d4e5466246a31908fc23b', + hashed_adminpwd => '__PASSWORD_HASHED__', # choose a theme. See the available themes in `themes` directory # optional, default is 'default' diff --git a/manifest.json b/manifest.json index 9e6a229..bc6aabc 100644 --- a/manifest.json +++ b/manifest.json @@ -49,6 +49,14 @@ "fr": "Est-ce une application publique ?" }, "default": false + }, + { + "name": "password", + "type": "password", + "ask": { + "en": "Choose a password", + "fr": "Choisissez un mot de passe" + } } ] } diff --git a/scripts/install b/scripts/install index 9a54996..0c6e686 100644 --- a/scripts/install +++ b/scripts/install @@ -27,6 +27,7 @@ ynh_abort_if_errors domain=$YNH_APP_ARG_DOMAIN path_url=$YNH_APP_ARG_PATH is_public=$YNH_APP_ARG_IS_PUBLIC +password=$YNH_APP_ARG_PASSWORD app=$YNH_APP_INSTANCE_NAME @@ -67,6 +68,8 @@ ynh_app_setting_set $app domain $domain ynh_app_setting_set $app is_public $is_public ynh_app_setting_set $app port $port ynh_app_setting_set $app path $path_url +hashed_password=$(echo $password | sha256sum $password) +ynh_app_setting_set $app hashed_password $hashed_password #================================================= # INSTALL DEPENDENCIES @@ -122,6 +125,7 @@ ynh_replace_string "__PORT__" "$port" "${final_path}/lstu.conf" ynh_replace_string "__DB_NAME__" "$db_name" "${final_path}/lstu.conf" ynh_replace_string "__DB_USER__" "$db_user" "${final_path}/lstu.conf" ynh_replace_string "__DB_PWD__" "$db_pwd" "${final_path}/lstu.conf" +ynh_replace_string "__PASSWORD_HASHED__" "$hashed_password" "${final_path}/lstu.conf" secret=$(ynh_string_random 24) ynh_app_setting_set $app secret $secret diff --git a/scripts/upgrade b/scripts/upgrade index 04c96c8..02aa89e 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -35,6 +35,7 @@ secret=$(ynh_app_setting_get $app secret) db_name=$(ynh_app_setting_get $app db_name) db_user=$db_name db_pwd=$(ynh_app_setting_get $app psqlpwd) +hashed_password=$(ynh_app_setting_get $app hashed_password) #================================================= # FIX OLD THINGS @@ -68,6 +69,19 @@ if [ -z "$db_pwd" ]; then fi fi +if [ -z "$hashed_password" ]; then + # Generate random password + password=$(openssl rand -hex 15) + hashed_password=$(echo $password | sha256sum $password) + ynh_app_setting_set $app hashed_password $hashed_password + + echo "The new version of LSTU provide an admin and a stats area which required a password. + + This password is: $password" > mail_to_send + + ynh_send_readme_to_admin --app_message="mail_to_send" --recipients="admin" --type="upgrade" +fi + #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -97,6 +111,7 @@ ynh_replace_string "__PORT__" "$port" "${final_path}/lstu.conf" ynh_replace_string "__DB_NAME__" "$db_name" "${final_path}/lstu.conf" ynh_replace_string "__DB_USER__" "$db_user" "${final_path}/lstu.conf" ynh_replace_string "__DB_PWD__" "$db_pwd" "${final_path}/lstu.conf" +ynh_replace_string "__PASSWORD_HASHED__" "$hashed_password" "${final_path}/lstu.conf" ynh_replace_string "__SECRET__" "$secret" "${final_path}/lstu.conf" ynh_store_file_checksum "${final_path}/lstu.conf" From c0e5bded0b42fb100beed2e301f16c9f583dd429 Mon Sep 17 00:00:00 2001 From: Kayou Date: Fri, 15 Feb 2019 00:25:31 +0100 Subject: [PATCH 2/3] Fix add admin --- scripts/_common.sh | 139 +++++++++++++++++++++++++++++++++++++++++++++ scripts/install | 2 +- scripts/upgrade | 13 +++-- 3 files changed, 147 insertions(+), 7 deletions(-) diff --git a/scripts/_common.sh b/scripts/_common.sh index 423ac1d..6fa70ec 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -94,4 +94,143 @@ ynh_clean_check_starting () { # Stop the execution of tail. kill -s 15 $pid_tail 2>&1 ynh_secure_remove "$templog" 2>&1 +} + +#================================================= +# EXPERIMENTAL HELPERS +#================================================= + +# Send an email to inform the administrator +# +# usage: ynh_send_readme_to_admin --app_message=app_message [--recipients=recipients] [--type=type] +# | arg: -m --app_message= - The file with the content to send to the administrator. +# | arg: -r, --recipients= - The recipients of this email. Use spaces to separate multiples recipients. - default: root +# example: "root admin@domain" +# If you give the name of a YunoHost user, ynh_send_readme_to_admin will find its email adress for you +# example: "root admin@domain user1 user2" +# | arg: -t, --type= - Type of mail, could be 'backup', 'change_url', 'install', 'remove', 'restore', 'upgrade' +ynh_send_readme_to_admin() { + # Declare an array to define the options of this helper. + declare -Ar args_array=( [m]=app_message= [r]=recipients= [t]=type= ) + local app_message + local recipients + local type + # Manage arguments with getopts + + ynh_handle_getopts_args "$@" + app_message="${app_message:-}" + recipients="${recipients:-root}" + type="${type:-install}" + + # Get the value of admin_mail_html + admin_mail_html=$(ynh_app_setting_get $app admin_mail_html) + admin_mail_html="${admin_mail_html:-0}" + + # Retrieve the email of users + find_mails () { + local list_mails="$1" + local mail + local recipients=" " + # Read each mail in argument + for mail in $list_mails + do + # Keep root or a real email address as it is + if [ "$mail" = "root" ] || echo "$mail" | grep --quiet "@" + then + recipients="$recipients $mail" + else + # But replace an user name without a domain after by its email + if mail=$(ynh_user_get_info "$mail" "mail" 2> /dev/null) + then + recipients="$recipients $mail" + fi + fi + done + echo "$recipients" + } + recipients=$(find_mails "$recipients") + + # Subject base + local mail_subject="☁️🆈🅽🅷☁️: \`$app\`" + + # Adapt the subject according to the type of mail required. + if [ "$type" = "backup" ]; then + mail_subject="$mail_subject has just been backup." + elif [ "$type" = "change_url" ]; then + mail_subject="$mail_subject has just been moved to a new URL!" + elif [ "$type" = "remove" ]; then + mail_subject="$mail_subject has just been removed!" + elif [ "$type" = "restore" ]; then + mail_subject="$mail_subject has just been restored!" + elif [ "$type" = "upgrade" ]; then + mail_subject="$mail_subject has just been upgraded!" + else # install + mail_subject="$mail_subject has just been installed!" + fi + + local mail_message="This is an automated message from your beloved YunoHost server. +Specific information for the application $app. +$(if [ -n "$app_message" ] +then + cat "$app_message" +else + echo "...No specific information..." +fi) +--- +Automatic diagnosis data from YunoHost +__PRE_TAG1__$(yunohost tools diagnosis | grep -B 100 "services:" | sed '/services:/d')__PRE_TAG2__" + + # Store the message into a file for further modifications. + echo "$mail_message" > mail_to_send + + # If a html email is required. Apply html tags to the message. + if [ "$admin_mail_html" -eq 1 ] + then + # Insert 'br' tags at each ending of lines. + ynh_replace_string "$" "
" mail_to_send + + # Insert starting HTML tags + sed --in-place '1s@^@\n\n\n\n@' mail_to_send + + # Keep tabulations + ynh_replace_string " " "\ \ " mail_to_send + ynh_replace_string "\t" "\ \ " mail_to_send + + # Insert url links tags + ynh_replace_string "__URL_TAG1__\(.*\)__URL_TAG2__\(.*\)__URL_TAG3__" "\1" mail_to_send + + # Insert pre tags + ynh_replace_string "__PRE_TAG1__" "
" mail_to_send
+		ynh_replace_string "__PRE_TAG2__" "<\pre>" mail_to_send
+
+		# Insert finishing HTML tags
+		echo -e "\n\n" >> mail_to_send
+
+	# Otherwise, remove tags to keep a plain text.
+	else
+		# Remove URL tags
+		ynh_replace_string "__URL_TAG[1,3]__" "" mail_to_send
+		ynh_replace_string "__URL_TAG2__" ": " mail_to_send
+
+		# Remove PRE tags
+		ynh_replace_string "__PRE_TAG[1-2]__" "" mail_to_send
+	fi
+
+	# Define binary to use for mail command
+	if [ -e /usr/bin/bsd-mailx ]
+	then
+		local mail_bin=/usr/bin/bsd-mailx
+	else
+		local mail_bin=/usr/bin/mail.mailutils
+	fi
+
+	if [ "$admin_mail_html" -eq 1 ]
+	then
+		content_type="text/html"
+	else
+		content_type="text/plain"
+	fi
+
+	# Send the email to the recipients
+	cat mail_to_send | $mail_bin -a "Content-Type: $content_type; charset=UTF-8" -s "$mail_subject" "$recipients"
 }
\ No newline at end of file
diff --git a/scripts/install b/scripts/install
index 0c6e686..4bff70c 100644
--- a/scripts/install
+++ b/scripts/install
@@ -68,7 +68,7 @@ ynh_app_setting_set $app domain $domain
 ynh_app_setting_set $app is_public $is_public
 ynh_app_setting_set $app port $port
 ynh_app_setting_set $app path $path_url
-hashed_password=$(echo $password | sha256sum $password)
+hashed_password=$(echo -n $password | sha256sum | cut -d' ' -f1)
 ynh_app_setting_set $app hashed_password $hashed_password
 
 #=================================================
diff --git a/scripts/upgrade b/scripts/upgrade
index 02aa89e..a6672d3 100644
--- a/scripts/upgrade
+++ b/scripts/upgrade
@@ -71,15 +71,16 @@ fi
 
 if [ -z "$hashed_password" ]; then
 	# Generate random password
-	password=$(openssl rand -hex 15)
-	hashed_password=$(echo $password | sha256sum $password)
-	ynh_app_setting_set $app hashed_password $hashed_password
+	password=$(openssl rand -hex 8)
+	hashed_password=$(echo -n $password | sha256sum | cut -d' ' -f1)
 
 	echo "The new version of LSTU provide an admin and a stats area which required a password.
 
-	This password is: $password" > mail_to_send
+This password is: $password" > mail_to_send
 
-	ynh_send_readme_to_admin --app_message="mail_to_send" --recipients="admin" --type="upgrade"
+	ynh_send_readme_to_admin --app_message="mail_to_send" --type="upgrade"
+	
+	ynh_app_setting_set $app hashed_password $hashed_password
 fi
 
 #=================================================
@@ -154,7 +155,7 @@ yunohost service add $app --log "/var/log/$app.log"
 # RESTART LSTU
 #=================================================
 
-ynh_systemd_action -n $app -a reload -l "Starting hot deployment for Hypnotoad server" -p "systemd"
+ynh_systemd_action -n $app -a reload -l "Reloaded Shortened URLs service." -p "systemd"
 
 #=================================================
 # SETUP SSOWAT

From 41eb8f2d278c098c926fbefb3c734e00d1ee5780 Mon Sep 17 00:00:00 2001
From: Kayou 
Date: Fri, 15 Feb 2019 00:33:06 +0100
Subject: [PATCH 3/3] add arguement in check_process

---
 check_process | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/check_process b/check_process
index 74c836a..9384a80 100644
--- a/check_process
+++ b/check_process
@@ -4,7 +4,7 @@
 		domain="domain.tld"	(DOMAIN)
 		path="/path"	(PATH)
 		is_public=1 (PUBLIC|public=1|private=0)
-		
+		password="verysecretpassword" (PASSWORD)
 	; Checks
 		pkg_linter=1
 		setup_sub_dir=1