diff --git a/check_process b/check_process index a4dae0a..6076f60 100644 --- a/check_process +++ b/check_process @@ -11,7 +11,7 @@ setup_private=1 setup_public=1 upgrade=1 - #4.4.0 + # 4.4.0~ynh1 upgrade=1 from_commit=9edf3d60ea391925f835ece1309bbcb54e6d33fe backup_restore=1 multi_instance=1 diff --git a/conf/app.src b/conf/app.src index 4889bb2..903f3cb 100644 --- a/conf/app.src +++ b/conf/app.src @@ -3,3 +3,5 @@ SOURCE_SUM=4cddb1cb760786db9ec268bb87dbed30a125448f2e58ebe76331b54652064f75 SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true +SOURCE_FILENAME= +SOURCE_EXTRACT=true diff --git a/conf/extra_php-fpm.conf b/conf/extra_php-fpm.conf deleted file mode 100644 index a5425fc..0000000 --- a/conf/extra_php-fpm.conf +++ /dev/null @@ -1,5 +0,0 @@ -; Additional php.ini defines, specific to this pool of workers. - -php_admin_value[upload_max_filesize] = 100M -php_admin_value[memory_limit] = 256M -php_admin_value[post_max_size] = 50M diff --git a/conf/nginx.conf b/conf/nginx.conf index 5714403..9221731 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,8 +1,8 @@ #sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; location ^~ __PATH__/ { - # Path to source - alias __FINALPATH__/; + # Path to source + alias __FINALPATH__/; more_set_headers "Referrer-Policy: origin always"; more_set_headers "X-Content-Type-Options: nosniff"; @@ -10,75 +10,77 @@ location ^~ __PATH__/ { index index.php; - try_files $uri $uri/ =404; + # Common parameter to increase upload size limit in conjunction with dedicated php-fpm file + #client_max_body_size 50M; + try_files $uri $uri/ =404; location ~ [^/]\.php(/|$) { fastcgi_split_path_info ^(.+?\.php)(/.*)$; fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock; fastcgi_index index.php; include fastcgi_params; - fastcgi_param REMOTE_USER $remote_user; - fastcgi_param PATH_INFO $fastcgi_path_info; + fastcgi_param REMOTE_USER $remote_user; + fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param SCRIPT_FILENAME $request_filename; - } + } - ## deny access to all other .php files - location ~* ^.+\.php$ { - deny all; - return 403; - } + ## deny access to all other .php files + location ~* ^.+\.php$ { + deny all; + return 403; + } - ## disable all access to the following directories - location ^~ __PATH__/config/ { - deny all; - return 403; - } + ## disable all access to the following directories + location ^~ __PATH__/config/ { + deny all; + return 403; + } - location ^~ __PATH__/tmp/ { - deny all; - return 403; - } + location ^~ __PATH__/tmp/ { + deny all; + return 403; + } - location ^~ __PATH__/core/ { - deny all; - return 403; - } + location ^~ __PATH__/core/ { + deny all; + return 403; + } - location ^~ __PATH__/lang/ { - deny all; - return 403; - } + location ^~ __PATH__/lang/ { + deny all; + return 403; + } - location ~ __PATH__/\.ht { - deny all; - return 403; - } + location ~ __PATH__/\.ht { + deny all; + return 403; + } - location ~ js/container_.*_preview\.js$ { - expires off; - more_set_headers "Cache-Control: private, no-cache, no-store"; - } + location ~ js/container_.*_preview\.js$ { + expires off; + more_set_headers "Cache-Control: private, no-cache, no-store"; + } - location ~ \.(gif|ico|jpg|png|svg|js|css|htm|html|mp3|mp4|wav|ogg|avi|ttf|eot|woff|woff2|json)$ { - allow all; - ## Cache images,CSS,JS and webfonts for an hour - ## Increasing the duration may improve the load-time, but may cause old files to show after an Matomo upgrade - expires 1h; - more_set_headers "Pragma: public"; - more_set_headers "Cache-Control: public"; - } + location ~ \.(gif|ico|jpg|png|svg|js|css|htm|html|mp3|mp4|wav|ogg|avi|ttf|eot|woff|woff2|json)$ { + allow all; + ## Cache images,CSS,JS and webfonts for an hour + ## Increasing the duration may improve the load-time, but may cause old files to show after an Matomo upgrade + expires 1h; + more_set_headers "Pragma: public"; + more_set_headers "Cache-Control: public"; + } - location ~ ^__PATH__/(libs|vendor|plugins|misc|node_modules) { - deny all; - return 403; - } + location ~ ^__PATH__/(libs|vendor|plugins|misc|node_modules) { + deny all; + return 403; + } - ## properly display textfiles in root directory - location ~__PATH__/(.*\.md|LEGALNOTICE|LICENSE) { - default_type text/plain; - } + ## properly display textfiles in root directory + location ~__PATH__/(.*\.md|LEGALNOTICE|LICENSE) { + default_type text/plain; + } - # show YunoHost panel access - include conf.d/yunohost_panel.conf.inc; + # Include SSOWAT user panel. + include conf.d/yunohost_panel.conf.inc; } diff --git a/manifest.json b/manifest.json index 70ca6a2..0770856 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "Open source analytics platform for measuring Web statistics", "fr": "Plateforme d'analyse open source de mesure de statistiques Web" }, - "version": "4.10.1~ynh1", + "version": "4.10.1~ynh2", "url": "https://matomo.org", "upstream": { "license": "GPL-3.0-or-later", @@ -26,11 +26,11 @@ "multi_instance": true, "services": [ "nginx", - "php8.0-fpm", + "php7.3-fpm", "mysql" ], "arguments": { - "install" : [ + "install": [ { "name": "domain", "type": "domain" @@ -41,10 +41,6 @@ "example": "/matomo", "default": "/matomo" }, - { - "name": "admin", - "type": "user" - }, { "name": "is_public", "type": "boolean", @@ -53,6 +49,10 @@ "fr": "Si cette case est cochée, Matomo sera accessible aux personnes n’ayant pas de compte. Vous pourrez changer ceci plus tard via la webadmin." }, "default": true + }, + { + "name": "admin", + "type": "user" } ] } diff --git a/scripts/_common.sh b/scripts/_common.sh index edd23b9..3dfaa50 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -4,9 +4,8 @@ # COMMON VARIABLES #================================================= -YNH_PHP_VERSION="8.0" - -pkg_dependencies="php${YNH_PHP_VERSION}-curl php${YNH_PHP_VERSION}-gd php${YNH_PHP_VERSION}-cli php${YNH_PHP_VERSION}-mysql php${YNH_PHP_VERSION}-xml php${YNH_PHP_VERSION}-mbstring" +# dependencies used by the app +pkg_dependencies="php$YNH_DEFAULT_PHP_VERSION-curl php$YNH_DEFAULT_PHP_VERSION-gd php$YNH_DEFAULT_PHP_VERSION-cli php$YNH_DEFAULT_PHP_VERSION-mysql php$YNH_DEFAULT_PHP_VERSION-xml php$YNH_DEFAULT_PHP_VERSION-mbstring" #================================================= # PERSONAL HELPERS diff --git a/scripts/backup b/scripts/backup index 81b0f6d..b5fb7bd 100755 --- a/scripts/backup +++ b/scripts/backup @@ -6,7 +6,7 @@ # IMPORT GENERIC HELPERS #================================================= -#Keep this path for calling _common.sh inside the execution's context of backup and restore scripts +# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers @@ -53,7 +53,7 @@ ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" #================================================= -# BACKUP A CRON FILE +# BACKUP VARIOUS FILES #================================================= ynh_backup --src_path="/etc/cron.d/$app" diff --git a/scripts/change_url b/scripts/change_url index 3658832..6c40b4f 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -28,11 +28,13 @@ ynh_script_progression --message="Loading installation settings..." --weight=1 # Needed for helper "ynh_add_nginx_config" final_path=$(ynh_app_setting_get --app=$app --key=final_path) -phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) + +# Add settings here as needed by your application +admin=$(ynh_app_setting_get --app=$app --key=admin) email=$(ynh_user_get_info --username=$admin --key=mail) #================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP #================================================= ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=1 @@ -100,6 +102,7 @@ ynh_script_progression --message="Setuping a cron..." --weight=1 path=$new_path domain=$new_domain + ynh_add_config --template="../conf/cron" --destination="/etc/cron.d/$app" chown root: "/etc/cron.d/$app" chmod 644 "/etc/cron.d/$app" diff --git a/scripts/install b/scripts/install index 6d58158..755f39b 100755 --- a/scripts/install +++ b/scripts/install @@ -22,13 +22,13 @@ ynh_abort_if_errors domain=$YNH_APP_ARG_DOMAIN path_url=$YNH_APP_ARG_PATH -admin=$YNH_APP_ARG_ADMIN -email=$(ynh_user_get_info --username=$admin --key=mail) is_public=$YNH_APP_ARG_IS_PUBLIC -phpversion=$YNH_PHP_VERSION +admin=$YNH_APP_ARG_ADMIN app=$YNH_APP_INSTANCE_NAME +email=$(ynh_user_get_info --username=$admin --key=mail) + #================================================= # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS #================================================= @@ -55,6 +55,14 @@ ynh_script_progression --message="Installing dependencies..." --weight=1 ynh_install_app_dependencies $pkg_dependencies +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Configuring system user..." --weight=1 + +# Create a system user +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # CREATE A MYSQL DATABASE #================================================= @@ -65,14 +73,6 @@ db_user=$db_name ynh_app_setting_set --app=$app --key=db_name --value=$db_name ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." --weight=1 - -# Create a system user -ynh_system_user_create --username=$app --home_dir="$final_path" - #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -82,11 +82,18 @@ ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" -# Set permissions to app files chmod 750 "$final_path" chmod -R o-rwx "$final_path" chown -R $app:www-data "$final_path" +#================================================= +# PHP-FPM CONFIGURATION +#================================================= +ynh_script_progression --message="Configuring PHP-FPM..." --weight=3 + +# Create a dedicated PHP-FPM config +ynh_add_fpm_config --usage=low --footprint=low + #================================================= # NGINX CONFIGURATION #================================================= @@ -96,13 +103,7 @@ ynh_script_progression --message="Configuring NGINX web server..." --weight=2 ynh_add_nginx_config #================================================= -# PHP-FPM CONFIGURATION -#================================================= -ynh_script_progression --message="Configuring PHP-FPM..." --weight=3 - -# Create a dedicated PHP-FPM config -ynh_add_fpm_config --usage=low --footprint=low - +# SPECIFIC SETUP #================================================= # SETUP A CRON #================================================= @@ -117,9 +118,11 @@ chmod 644 "/etc/cron.d/$app" #================================================= ynh_script_progression --message="Configuring permissions..." --weight=1 -# Make app public if necessary or protect it +# Make app public if necessary if [ $is_public -eq 1 ] then + # Everyone can access the app. + # The "main" permission is automatically created before the install script. ynh_permission_update --permission="main" --add="visitors" fi @@ -142,8 +145,8 @@ Please open your $app domain: https://$domain$path_url Complete the registration process from the setup page displayed. Details for MySQL database to be enterted while registration process: -Database login: $app -Database name: $app +Database login: $db_user +Database name: $db_name Database password: $db_pwd If you are facing any problem or want to improve this app, please open a new issue here: https://github.com/YunoHost-Apps/matomo_ynh/issues" diff --git a/scripts/remove b/scripts/remove index f37ed10..0269a3d 100755 --- a/scripts/remove +++ b/scripts/remove @@ -34,7 +34,7 @@ ynh_mysql_remove_db --db_user=$db_user --db_name=$db_name #================================================= # REMOVE APP MAIN DIR #================================================= -ynh_script_progression --message="Removing Matomo main directory..." --weight=2 +ynh_script_progression --message="Removing app main directory..." --weight=2 # Remove the app directory securely ynh_secure_remove --file="$final_path" @@ -66,9 +66,9 @@ ynh_remove_app_dependencies #================================================= # SPECIFIC REMOVE #================================================= -# REMOVE THE CRON FILE +# REMOVE VARIOUS FILES #================================================= -ynh_script_progression --message="Removing the cron file..." --weight=1 +ynh_script_progression --message="Removing various files..." --weight=1 # Remove a cron file ynh_secure_remove --file="/etc/cron.d/$app" diff --git a/scripts/restore b/scripts/restore index e5fb27d..0856a95 100755 --- a/scripts/restore +++ b/scripts/restore @@ -6,7 +6,7 @@ # IMPORT GENERIC HELPERS #================================================= -#Keep this path for calling _common.sh inside the execution's context of backup and restore scripts +# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers @@ -20,7 +20,7 @@ ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading settings..." --weight=1 +ynh_script_progression --message="Loading installation settings..." --weight=1 app=$YNH_APP_INSTANCE_NAME @@ -29,8 +29,7 @@ path_url=$(ynh_app_setting_get --app=$app --key=path) final_path=$(ynh_app_setting_get --app=$app --key=final_path) db_name=$(ynh_app_setting_get --app=$app --key=db_name) db_user=$db_name -phpversion=$YNH_PHP_VERSION - +phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) fpm_footprint=$(ynh_app_setting_get --app=$app --key=fpm_footprint) fpm_usage=$(ynh_app_setting_get --app=$app --key=fpm_usage) @@ -39,17 +38,11 @@ fpm_usage=$(ynh_app_setting_get --app=$app --key=fpm_usage) #================================================= ynh_script_progression --message="Validating restoration parameters..." --weight=1 -test ! -d $final_path || ynh_die --message="There is already a directory: $final_path " +test ! -d $final_path \ + || ynh_die --message="There is already a directory: $final_path " #================================================= # STANDARD RESTORATION STEPS -#================================================= -# RESTORE THE NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Restoring the NGINX configuration..." --weight=1 - -ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" - #================================================= # RECREATE THE DEDICATED USER #================================================= @@ -61,7 +54,7 @@ ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= # RESTORE THE APP MAIN DIR #================================================= -ynh_script_progression --message="Restoring Matomo main directory..." --weight=3 +ynh_script_progression --message="Restoring the app main directory..." --weight=3 ynh_restore_file --origin_path="$final_path" @@ -80,13 +73,20 @@ ynh_install_app_dependencies $pkg_dependencies #================================================= # RESTORE THE PHP-FPM CONFIGURATION #================================================= -ynh_script_progression --message="Restoring PHP-FPM configuration..." --weight=2 +ynh_script_progression --message="Restoring the PHP-FPM configuration..." --weight=2 # Restore the file first, so it can have a backup if different ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" # Recreate a dedicated PHP-FPM config -ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint --phpversion=$phpversion +ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint + +#================================================= +# RESTORE THE NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Restoring the NGINX configuration..." --weight=1 + +ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= # RESTORE THE MYSQL DATABASE @@ -98,9 +98,9 @@ ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql #================================================= -# RESTORE THE CRON FILE +# RESTORE VARIOUS FILES #================================================= -ynh_script_progression --message="Restoring the cron file..." --weight=1 +ynh_script_progression --message="Restoring various files..." --weight=1 ynh_restore_file --origin_path="/etc/cron.d/$app" chown root: "/etc/cron.d/$app" diff --git a/scripts/upgrade b/scripts/upgrade index b39aceb..89fa25c 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -18,30 +18,30 @@ app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app=$app --key=domain) path_url=$(ynh_app_setting_get --app=$app --key=path) +admin=$(ynh_app_setting_get --app=$app --key=admin) final_path=$(ynh_app_setting_get --app=$app --key=final_path) db_name=$(ynh_app_setting_get --app=$app --key=db_name) -phpversion=$YNH_PHP_VERSION -admin=$YNH_APP_ARG_ADMIN -email=$(ynh_user_get_info --username=$admin --key=mail) - fpm_footprint=$(ynh_app_setting_get --app=$app --key=fpm_footprint) fpm_usage=$(ynh_app_setting_get --app=$app --key=fpm_usage) +email=$(ynh_user_get_info --username=$admin --key=mail) + #================================================= # CHECK VERSION #================================================= +ynh_script_progression --message="Checking version..." upgrade_type=$(ynh_check_app_version_changed) #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= -ynh_script_progression --message="Backing up Matomo before upgrading (may take a while)..." --weight=3 +ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=3 # Backup the current version of the app ynh_backup_before_upgrade ynh_clean_setup () { - # restore it if the upgrade fails + # Restore it if the upgrade fails ynh_restore_upgradebackup } # Exit if an error occurs during the execution of the script @@ -52,6 +52,13 @@ ynh_abort_if_errors #================================================= ynh_script_progression --message="Ensuring downward compatibility..." --weight=1 +# Cleaning legacy permissions +if ynh_legacy_permissions_exists; then + ynh_legacy_permissions_delete_all + + ynh_app_setting_delete --app=$app --key=is_public +fi + # If db_name doesn't exist, create it if [ -z "$db_name" ]; then db_name=$(ynh_sanitize_dbid --db_name=$app) @@ -81,13 +88,6 @@ if [ -z "$fpm_usage" ]; then ynh_app_setting_set --app=$app --key=fpm_usage --value=$fpm_usage fi -# Cleaning legacy permissions -if ynh_legacy_permissions_exists; then - ynh_legacy_permissions_delete_all - - ynh_app_setting_delete --app=$app --key=is_public -fi - #================================================= # CREATE DEDICATED USER #================================================= @@ -96,16 +96,6 @@ ynh_script_progression --message="Making sure dedicated system user exists..." - # Create a dedicated user (if not existing) ynh_system_user_create --username=$app --home_dir="$final_path" -#================================================= -# STANDARD UPGRADE STEPS -#================================================= -#================================================= -# UPGRADE DEPENDENCIES -#================================================= -ynh_script_progression --message="Upgrading dependencies..." --weight=1 - -ynh_install_app_dependencies $pkg_dependencies - #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -132,6 +122,21 @@ chmod 750 "$final_path" chmod -R o-rwx "$final_path" chown -R $app:www-data "$final_path" +#================================================= +# UPGRADE DEPENDENCIES +#================================================= +ynh_script_progression --message="Upgrading dependencies..." --weight=1 + +ynh_install_app_dependencies $pkg_dependencies + +#================================================= +# PHP-FPM CONFIGURATION +#================================================= +ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=2 + +# Create a dedicated PHP-FPM config +ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint + #================================================= # NGINX CONFIGURATION #================================================= @@ -141,13 +146,7 @@ ynh_script_progression --message="Upgrading NGINX web server configuration..." - ynh_add_nginx_config #================================================= -# PHP-FPM CONFIGURATION -#================================================= -ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=2 - -# Create a dedicated PHP-FPM config -ynh_add_fpm_config --phpversion=$phpversion --usage=$fpm_usage --footprint=$fpm_footprint - +# SPECIFIC UPGRADE #================================================= # SETUP A CRON #================================================= @@ -157,6 +156,8 @@ ynh_add_config --template="../conf/cron" --destination="/etc/cron.d/$app" chown root: "/etc/cron.d/$app" chmod 644 "/etc/cron.d/$app" +#================================================= +# GENERIC FINALIZATION #================================================= # RELOAD NGINX #=================================================