diff --git a/actions.json b/actions.json new file mode 100644 index 0000000..2f7577b --- /dev/null +++ b/actions.json @@ -0,0 +1,75 @@ +[ + { + "id": "public_private", + "name": "Move to public or private", + "command": "/bin/bash scripts/actions/public_private", + "user": "root", + "accepted_return_codes": [ + 0 + ], + "description": { + "en": "Change the public access of the app." + }, + "arguments": [ + { + "name": "is_public", + "type": "boolean", + "ask": { + "en": "Is it a public app ?" + }, + "default": true + } + ] + }, + { + "id": "change_password", + "name": "Change the admin password", + "command": "/bin/bash scripts/actions/change_password", + "user": "root", + "accepted_return_codes": [ + 0 + ], + "description": { + "en": "Change the admin password of the app.", + "fr": "Change le mot de passe administrateur de l'app." + }, + "arguments": [ + { + "name": "password", + "type": "password", + "ask": { + "en": "New password", + "fr": "Nouveau mot de passe" + } + } + ] + }, + { + "id": "change_theme", + "name": "Change the theme", + "command": "/bin/bash scripts/actions/change_theme", + "user": "root", + "accepted_return_codes": [ + 0 + ], + "description": { + "en": "Change the theme of the app.", + "fr": "Change le thème de l'app." + }, + "arguments": [ + { + "name": "theme", + "type": "string", + "ask": { + "en": "Choose a theme", + "fr": "Choisissez un theme" + }, + "choices": [ + "default", + "milligram" + ], + "default": "milligram" + } + ] + } +] \ No newline at end of file diff --git a/check_process b/check_process index 37569a9..b7a8b6c 100644 --- a/check_process +++ b/check_process @@ -30,4 +30,4 @@ Level 7=auto Level 8=0 Level 9=0 - Level 10=0 + Level 10=0 diff --git a/conf/lstu.conf.template b/conf/lstu.conf.template index 7554ed2..2a70fbd 100644 --- a/conf/lstu.conf.template +++ b/conf/lstu.conf.template @@ -178,14 +178,14 @@ # set `ldap` if you want that only authenticated users can shorten URLs # please note that everybody can still use shortend URLs # optional, no default - ldap => { - uri => 'ldap://localhost:389', # server URI - user_tree => 'dc=yunohost,dc=org', # search base DN - bind_dn => 'ou=users,dc=yunohost,dc=org', # search bind DN - # bind_pwd => '', # search bind password - user_attr => 'uid', # user attribute (uid, mail, sAMAccountName, etc.) - # user_filter => '(!(uid=ldap_user))', # user filter (to exclude some users, etc.) - }, + __IS_PUBLIC__ldap => { + __IS_PUBLIC__ uri => 'ldap://localhost:389', # server URI + __IS_PUBLIC__ user_tree => 'dc=yunohost,dc=org', # search base DN + __IS_PUBLIC__ bind_dn => 'ou=users,dc=yunohost,dc=org', # search bind DN + __IS_PUBLIC__# bind_pwd => '', # search bind password + __IS_PUBLIC__ user_attr => 'uid', # user attribute (uid, mail, sAMAccountName, etc.) + __IS_PUBLIC__# user_filter => '(!(uid=ldap_user))', # user filter (to exclude some users, etc.) + __IS_PUBLIC__}, # set `htpasswd` if you want to use an htpasswd file instead of ldap # create the file with `htpasswd -c lstu.passwd user`, update it with `htpasswd lstu.passwd user2` diff --git a/conf/nginx.conf b/conf/nginx.conf index 3e674d7..028fa01 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -3,9 +3,6 @@ location __PATH__ { rewrite ^ https://$server_name$request_uri? permanent; } - #--PRIVATE--# Include SSOWAT user panel. - #--PRIVATE--include conf.d/yunohost_panel.conf.inc; - access_log /var/log/nginx/lstu.access.log; error_log /var/log/nginx/lstu.error.log; @@ -19,4 +16,7 @@ location __PATH__ { # We expect the downsteam servers to redirect to the right hostname, so don't do any rewrite$ proxy_redirect off; + + # Include SSOWAT user panel. + include conf.d/yunohost_panel.conf.inc; } diff --git a/scripts/actions/change_password b/scripts/actions/change_password new file mode 100755 index 0000000..8df1ce3 --- /dev/null +++ b/scripts/actions/change_password @@ -0,0 +1,56 @@ +#!/bin/bash + +#================================================= +# GENERIC STARTING +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +source scripts/_common.sh +source /usr/share/yunohost/helpers + +#================================================= +# RETRIEVE ARGUMENTS +#================================================= + +# Get is_public +password=${YNH_ACTION_PASSWORD} +hashed_password=$(echo -n $password | sha256sum | cut -d' ' -f1) + +app=${YNH_APP_INSTANCE_NAME:-$YNH_APP_ID} + +final_path=$(ynh_app_setting_get $app final_path) + +#================================================= +# CHECK IF AN ACTION HAS TO BE DONE +#================================================= + +hashed_password_old=$(ynh_app_setting_get $app hashed_password) + +if [ "$hashed_password" == "$hashed_password_old" ] +then + ynh_die "Same password." 0 +fi + +#================================================= +# SPECIFIC ACTION +#================================================= +# MOVE TO PUBLIC OR PRIVATE +#================================================= + +ynh_backup_if_checksum_is_different "$final_path/lstu.conf" +ynh_replace_string "$hashed_password_old" "$hashed_password" "${final_path}/lstu.conf" +ynh_store_file_checksum "${final_path}/lstu.conf" + +# Update the config of the app +ynh_app_setting_set $app hashed_password $hashed_password + +#================================================= +# RELOAD NGINX +#================================================= + +ynh_systemd_action -n $app -a reload -l "Reloaded Shortened URLs service." -p "systemd" + +#================================================= +# END OF SCRIPT +#================================================= diff --git a/scripts/actions/change_theme b/scripts/actions/change_theme new file mode 100755 index 0000000..d4774a6 --- /dev/null +++ b/scripts/actions/change_theme @@ -0,0 +1,55 @@ +#!/bin/bash + +#================================================= +# GENERIC STARTING +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +source scripts/_common.sh +source /usr/share/yunohost/helpers + +#================================================= +# RETRIEVE ARGUMENTS +#================================================= + +# Get is_public +theme=${YNH_ACTION_THEME} + +app=${YNH_APP_INSTANCE_NAME:-$YNH_APP_ID} + +final_path=$(ynh_app_setting_get $app final_path) + +#================================================= +# CHECK IF AN ACTION HAS TO BE DONE +#================================================= + +theme_old=$(ynh_app_setting_get $app theme) + +if [ "$theme" == "$theme_old" ] +then + ynh_die "Same theme." 0 +fi + +#================================================= +# SPECIFIC ACTION +#================================================= +# MOVE TO PUBLIC OR PRIVATE +#================================================= + +ynh_backup_if_checksum_is_different "$final_path/lstu.conf" +ynh_replace_string "$theme_old" "$theme" "${final_path}/lstu.conf" +ynh_store_file_checksum "${final_path}/lstu.conf" + +# Update the config of the app +ynh_app_setting_set $app theme $theme + +#================================================= +# RELOAD NGINX +#================================================= + +ynh_systemd_action -n $app -a reload -l "Reloaded Shortened URLs service." -p "systemd" + +#================================================= +# END OF SCRIPT +#================================================= diff --git a/scripts/actions/public_private b/scripts/actions/public_private new file mode 100755 index 0000000..34ea183 --- /dev/null +++ b/scripts/actions/public_private @@ -0,0 +1,101 @@ +#!/bin/bash + +#================================================= +# GENERIC STARTING +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +source scripts/_common.sh +source /usr/share/yunohost/helpers + +#================================================= +# RETRIEVE ARGUMENTS +#================================================= + +# Get is_public +is_public=${YNH_ACTION_IS_PUBLIC} + +app=${YNH_APP_INSTANCE_NAME:-$YNH_APP_ID} + +domain=$(ynh_app_setting_get $app domain) +path_url=$(ynh_app_setting_get $app path) +port=$(ynh_app_setting_get $app port) +final_path=$(ynh_app_setting_get $app final_path) +secret=$(ynh_app_setting_get $app secret) +db_name=$(ynh_app_setting_get $app db_name) +db_user=$db_name +db_pwd=$(ynh_app_setting_get $app psqlpwd) +theme=$(ynh_app_setting_get $app theme) +hashed_password=$(ynh_app_setting_get $app hashed_password) + +#================================================= +# CHECK IF ARGUMENTS ARE CORRECT +#================================================= + +#================================================= +# CHECK IF AN ACTION HAS TO BE DONE +#================================================= + +is_public_old=$(ynh_app_setting_get $app is_public) + +if [ $is_public -eq $is_public_old ] +then + ynh_die "is_public is already set as $is_public." 0 +fi + +#================================================= +# SPECIFIC ACTION +#================================================= +# MOVE TO PUBLIC OR PRIVATE +#================================================= + +ynh_backup_if_checksum_is_different "$final_path/lstu.conf" +cp conf/lstu.conf.template "${final_path}/lstu.conf" +ynh_replace_string "__DOMAIN__" "$domain" "${final_path}/lstu.conf" +ynh_replace_string "__PATH__" "$path_url" "${final_path}/lstu.conf" +ynh_replace_string "__PORT__" "$port" "${final_path}/lstu.conf" +ynh_replace_string "__DB_NAME__" "$db_name" "${final_path}/lstu.conf" +ynh_replace_string "__DB_USER__" "$db_user" "${final_path}/lstu.conf" +ynh_replace_string "__DB_PWD__" "$db_pwd" "${final_path}/lstu.conf" +ynh_replace_string "__SELECTED_THEME__" "$theme" "${final_path}/lstu.conf" +ynh_replace_string "__PASSWORD_HASHED__" "$hashed_password" "${final_path}/lstu.conf" + +ynh_replace_string "__SECRET__" "$secret" "${final_path}/lstu.conf" +if [ $is_public -eq 0 ]; +then + ynh_replace_string "__IS_PUBLIC__" "" "${final_path}/lstu.conf" +else + ynh_replace_string "__IS_PUBLIC__" "#" "${final_path}/lstu.conf" +fi +ynh_store_file_checksum "${final_path}/lstu.conf" + +if [ $is_public -eq 0 ]; then + public_private="private" +else + public_private="public" +fi + +ynh_app_setting_set $app unprotected_uris "/" +if [ $is_public -eq 0 ]; +then # If the app is private, only the shortened URLs are publics + ynh_app_setting_set $app protected_regex "/login$","/logout$","/api$","/extensions$","/stats$","/d/.*$","/a$","/$" +else + ynh_app_setting_delete $app protected_regex +fi + +# Regen ssowat configuration +yunohost app ssowatconf + +# Update the config of the app +ynh_app_setting_set $app is_public $is_public + +#================================================= +# RELOAD NGINX +#================================================= + +ynh_systemd_action -n $app -a reload -l "Reloaded Shortened URLs service." -p "systemd" + +#================================================= +# END OF SCRIPT +#================================================= diff --git a/scripts/install b/scripts/install index 1f4d075..2b3f820 100644 --- a/scripts/install +++ b/scripts/install @@ -130,6 +130,12 @@ ynh_replace_string "__PASSWORD_HASHED__" "$hashed_password" "${final_path}/lstu. secret=$(ynh_string_random 24) ynh_app_setting_set $app secret $secret ynh_replace_string "__SECRET__" "$secret" "${final_path}/lstu.conf" +if [ $is_public -eq 0 ]; +then + ynh_replace_string "__IS_PUBLIC__" "" "${final_path}/lstu.conf" +else + ynh_replace_string "__IS_PUBLIC__" "#" "${final_path}/lstu.conf" +fi ynh_store_file_checksum "${final_path}/lstu.conf" #================================================= @@ -165,15 +171,12 @@ yunohost service add $app --log "/var/log/$app.log" --log "/var/www/$app/log/pro #================================================= # Make app public or private -ynh_app_setting_set $app skipped_uris "/" +ynh_app_setting_set $app unprotected_uris "/" if [ $is_public -eq 0 ]; then # If the app is private, only the shortened URLs are publics - if [ "$path_url" == "/" ]; then - path_url="" - fi - ynh_app_setting_set $app protected_regex "$domain$path_url/login$","$domain$path_url/logout$","$domain$path_url/api$","$domain$path_url/extensions$","$domain$path_url/stats$","$domain$path_url/d/.*$","$domain$path_url/a$","$domain$path_url/$" + ynh_app_setting_set $app protected_regex "/login$","/logout$","/api$","/extensions$","/stats$","/d/.*$","/a$","/$" else - ynh_replace_string "#--PRIVATE--" "" "/etc/nginx/conf.d/$domain.d/$app.conf" + ynh_app_setting_delete $app protected_regex fi #================================================= @@ -195,3 +198,4 @@ ynh_systemd_action -n $app -a start -l "Server available at" -p "systemd" # Reload Nginx systemctl reload nginx +yunohost app ssowatconf diff --git a/scripts/upgrade b/scripts/upgrade index fed6f4f..7cde37c 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -77,7 +77,7 @@ fi if [ -z "$hashed_password" ]; then # Generate random password - password=$(openssl rand -hex 8) + password=$(ynh_string_random --length=8) hashed_password=$(echo -n $password | sha256sum | cut -d' ' -f1) echo "The new version of LSTU provide an admin and a stats area which required a password. @@ -122,6 +122,12 @@ ynh_replace_string "__SELECTED_THEME__" "$theme" "${final_path}/lstu.conf" ynh_replace_string "__PASSWORD_HASHED__" "$hashed_password" "${final_path}/lstu.conf" ynh_replace_string "__SECRET__" "$secret" "${final_path}/lstu.conf" +if [ $is_public -eq 0 ]; +then + ynh_replace_string "__IS_PUBLIC__" "" "${final_path}/lstu.conf" +else + ynh_replace_string "__IS_PUBLIC__" "#" "${final_path}/lstu.conf" +fi ynh_store_file_checksum "${final_path}/lstu.conf" #================================================= @@ -169,15 +175,12 @@ ynh_systemd_action -n $app -a reload -l "Reloaded Shortened URLs service." -p "s #================================================= # Make app public or private -ynh_app_setting_set $app skipped_uris "/" +ynh_app_setting_set $app unprotected_uris "/" if [ $is_public -eq 0 ]; then # If the app is private, only the shortened URLs are publics - if [ "$path_url" == "/" ]; then - path_url="" - fi - ynh_app_setting_set $app protected_regex "$domain$path_url/login$","$domain$path_url/logout$","$domain$path_url/api$","$domain$path_url/extensions$","$domain$path_url/stats$","$domain$path_url/d/.*$","$domain$path_url/a$","$domain$path_url/$" + ynh_app_setting_set $app protected_regex "/login$","/logout$","/api$","/extensions$","/stats$","/d/.*$","/a$","/$" else - ynh_replace_string "#--PRIVATE--" "" "/etc/nginx/conf.d/$domain.d/$app.conf" + ynh_app_setting_delete $app protected_regex fi #================================================= diff --git a/sources/ajouts/script/lstu b/sources/ajouts/script/lstu deleted file mode 100644 index 900de99..0000000 --- a/sources/ajouts/script/lstu +++ /dev/null @@ -1,12 +0,0 @@ -#!/usr/bin/env perl - -use strict; -use warnings; - -use FindBin; -BEGIN { unshift @INC, "$FindBin::Bin/../lib" } -BEGIN { unshift @INC, "$FindBin::Bin/../local/lib/perl5" } - -# Start command line interface for application -require Mojolicious::Commands; -Mojolicious::Commands->start_app('Mounter');