mirror of
https://github.com/YunoHost-Apps/lstu_ynh.git
synced 2024-09-03 19:36:12 +02:00
235 lines
8.8 KiB
Bash
235 lines
8.8 KiB
Bash
#!/bin/bash
|
|
|
|
#=================================================
|
|
# GENERIC START
|
|
#=================================================
|
|
# IMPORT GENERIC HELPERS
|
|
#=================================================
|
|
|
|
source _common.sh
|
|
source /usr/share/yunohost/helpers
|
|
|
|
#=================================================
|
|
# MANAGE SCRIPT FAILURE
|
|
#=================================================
|
|
ynh_print_info --message="Managing script failure..."
|
|
|
|
ynh_clean_setup () {
|
|
ynh_clean_check_starting
|
|
}
|
|
# Exit if an error occurs during the execution of the script
|
|
ynh_abort_if_errors
|
|
|
|
#=================================================
|
|
# RETRIEVE ARGUMENTS FROM THE MANIFEST
|
|
#=================================================
|
|
ynh_print_info --message="Retrieving arguments from the manifest..."
|
|
|
|
domain=$YNH_APP_ARG_DOMAIN
|
|
path_url=$YNH_APP_ARG_PATH
|
|
is_public=$YNH_APP_ARG_IS_PUBLIC
|
|
theme=$YNH_APP_ARG_THEME
|
|
password=$YNH_APP_ARG_PASSWORD
|
|
secret=$(ynh_string_random 24)
|
|
hashed_password=$(echo -n $password | sha256sum | cut -d' ' -f1)
|
|
|
|
app=$YNH_APP_INSTANCE_NAME
|
|
|
|
#=================================================
|
|
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
|
|
#=================================================
|
|
ynh_print_info --message="Validating installation parameters..."
|
|
|
|
final_path=/var/www/$app
|
|
test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
|
|
|
|
# Normalize the url path syntax
|
|
path_url=$(ynh_normalize_url_path --path_url=$path_url)
|
|
|
|
# Check web path availability
|
|
ynh_webpath_available --domain=$domain --path_url=$path_url
|
|
# Register (book) web path
|
|
ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
|
|
|
|
#=================================================
|
|
# STORE SETTINGS FROM MANIFEST
|
|
#=================================================
|
|
ynh_print_info --message="Storing installation settings..."
|
|
|
|
ynh_app_setting_set --app=$app --key=domain --value=$domain
|
|
ynh_app_setting_set --app=$app --key=path --value=$path_url
|
|
ynh_app_setting_set --app=$app --key=is_public --value=$is_public
|
|
ynh_app_setting_set --app=$app --key=theme --value=$theme
|
|
ynh_app_setting_set --app=$app --key=secret --value=$secret
|
|
ynh_app_setting_set --app=$app --key=hashed_password --value=$hashed_password
|
|
|
|
#=================================================
|
|
# STANDARD MODIFICATIONS
|
|
#=================================================
|
|
# FIND AND OPEN A PORT
|
|
#=================================================
|
|
ynh_print_info --message="Configuring firewall..."
|
|
|
|
# Find an available port
|
|
port=$(ynh_find_port --port=8095)
|
|
ynh_app_setting_set --app=$app --key=port --value=$port
|
|
|
|
# Optional: Expose this port publicly
|
|
# (N.B. : you only need to do this if the app actually needs to expose the port publicly.
|
|
# If you do this and the app doesn't actually need you are CREATING SECURITY HOLES IN THE SERVER !)
|
|
|
|
# Open the port
|
|
ynh_exec_warn_less yunohost firewall allow --no-upnp TCP $port
|
|
|
|
#=================================================
|
|
# INSTALL DEPENDENCIES
|
|
#=================================================
|
|
ynh_print_info --message="Installing dependencies..."
|
|
|
|
ynh_install_app_dependencies $pkg_dependencies
|
|
|
|
# Install Carton
|
|
echo yes | cpanm Carton
|
|
|
|
#=================================================
|
|
# CREATE A POSTGRESQL DATABASE
|
|
#=================================================
|
|
ynh_print_info --message="Creating a PostgreSQL database..."
|
|
|
|
# Create postgresql database
|
|
ynh_psql_test_if_first_run
|
|
db_name=$(ynh_sanitize_dbid --db_name=$app)
|
|
db_user=$db_name
|
|
ynh_app_setting_set --app=$app --key=db_name --value=$db_name
|
|
ynh_psql_setup_db --db_user=$db_user --db_name=$db_name
|
|
db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd) # Password created in ynh_psql_setup_db function
|
|
|
|
#=================================================
|
|
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
|
#=================================================
|
|
ynh_print_info --message="Setting up source files..."
|
|
|
|
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
|
|
# Download, check integrity, uncompress and patch the source from app.src
|
|
ynh_setup_source --dest_dir="$final_path"
|
|
|
|
#=================================================
|
|
# NGINX CONFIGURATION
|
|
#=================================================
|
|
ynh_print_info --message="Configuring nginx web server..."
|
|
|
|
# Create a dedicated nginx config
|
|
ynh_add_nginx_config
|
|
|
|
#=================================================
|
|
# CREATE DEDICATED USER
|
|
#=================================================
|
|
ynh_print_info --message="Configuring system user..."
|
|
|
|
# Create a system user
|
|
ynh_system_user_create --username=$app
|
|
|
|
#=================================================
|
|
# Copy and fix variable into lstu config
|
|
#=================================================
|
|
ynh_print_info --message="Configuring lstu..."
|
|
|
|
config="${final_path}/lstu.conf"
|
|
cp ../conf/lstu.conf.template "$config"
|
|
ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$config"
|
|
ynh_replace_string --match_string="__PATH__" --replace_string="$path_url" --target_file="$config"
|
|
ynh_replace_string --match_string="__PORT__" --replace_string="$port" --target_file="$config"
|
|
ynh_replace_string --match_string="__DB_NAME__" --replace_string="$db_name" --target_file="$config"
|
|
ynh_replace_string --match_string="__DB_USER__" --replace_string="$db_user" --target_file="$config"
|
|
ynh_replace_string --match_string="__DB_PWD__" --replace_string="$db_pwd" --target_file="$config"
|
|
ynh_replace_string --match_string="__SELECTED_THEME__" --replace_string="$theme" --target_file="$config"
|
|
ynh_replace_string --match_string="__PASSWORD_HASHED__" --replace_string="$hashed_password" --target_file="$config"
|
|
ynh_replace_string --match_string="__SECRET__" --replace_string="$secret" --target_file="$config"
|
|
if [ $is_public -eq 0 ];
|
|
then
|
|
ynh_replace_string --match_string="__IS_PUBLIC__" --replace_string="" --target_file="$config"
|
|
else
|
|
ynh_replace_string --match_string="__IS_PUBLIC__" --replace_string="#" --target_file="$config"
|
|
fi
|
|
ynh_store_file_checksum --file="$config"
|
|
|
|
#=================================================
|
|
# SETUP SYSTEMD
|
|
#=================================================
|
|
ynh_print_info --message="Configuring a systemd service..."
|
|
|
|
# Create a dedicated systemd config
|
|
ynh_add_systemd_config
|
|
|
|
#=================================================
|
|
# BUILD LSTU
|
|
#=================================================
|
|
ynh_print_info --message="Building lstu..."
|
|
|
|
pushd $final_path
|
|
carton install --deployment --without=sqlite --without=mysql
|
|
popd
|
|
|
|
#=================================================
|
|
# GENERIC FINALIZATION
|
|
#=================================================
|
|
# SECURE FILES AND DIRECTORIES
|
|
#=================================================
|
|
ynh_print_info --message="Securing files and directories..."
|
|
|
|
# Set permissions to app files
|
|
chown -R www-data $final_path
|
|
|
|
#=================================================
|
|
# SETUP LOGROTATE
|
|
#=================================================
|
|
ynh_print_info --message="Configuring log rotation..."
|
|
|
|
# Use logrotate to manage application logfile(s)
|
|
ynh_use_logrotate
|
|
|
|
#=================================================
|
|
# INTEGRATE SERVICE IN YUNOHOST
|
|
#=================================================
|
|
ynh_print_info --message="Integrating service in YunoHost..."
|
|
|
|
yunohost service add $app --log "/var/log/$app.log" --log "/var/www/$app/log/production.log"
|
|
|
|
#=================================================
|
|
# START SYSTEMD SERVICE
|
|
#=================================================
|
|
ynh_print_info --message="Starting a systemd service..."
|
|
|
|
# Start a systemd service
|
|
ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="Server available at"
|
|
|
|
#=================================================
|
|
# SETUP SSOWAT
|
|
#=================================================
|
|
ynh_print_info --message="Configuring SSOwat..."
|
|
|
|
ynh_app_setting_set --app=$app --key=unprotected_uris --value="/"
|
|
if [ $is_public -eq 0 ]
|
|
then
|
|
# If the app is private, only the shortened URLs are publics.
|
|
if [ "$path_url" == "/" ]; then
|
|
# If the path is /, clear it to prevent any error with the regex.
|
|
path_url=""
|
|
fi
|
|
# Modify the domain to be used in a regex
|
|
domain_regex=$(echo "$domain" | sed 's@-@.@g')
|
|
ynh_app_setting_set --app=$app --key=protected_regex --value="$domain_regex$path_url/login$","$domain_regex$path_url/logout$","$domain_regex$path_url/api$","$domain_regex$path_url/extensions$","$domain_regex$path_url/stats$","$domain_regex$path_url/d/.*$","$domain_regex$path_url/a$","$domain_regex$path_url/$"
|
|
fi
|
|
|
|
#=================================================
|
|
# RELOAD NGINX
|
|
#=================================================
|
|
ynh_print_info --message="Reloading nginx web server..."
|
|
|
|
ynh_systemd_action --service_name=nginx --action=reload
|
|
|
|
#=================================================
|
|
# END OF SCRIPT
|
|
#=================================================
|
|
|
|
ynh_print_info --message="Installation of $app completed"
|