YunoHost-Apps/mediawiki_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/mediawiki_ynh.git synced 2024-09-03 19:46:05 +02:00
Code Issues Activity Actions 1

LDAP support and packaging full upgrade

Browse source
This commit is contained in:
Luke Murphy 2019-07-27 22:09:37 +02:00
parent dd90374f24
commit 30df8db459
23 changed files with 535 additions and 1132 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

49
README.md
View file

@ -1,21 +1,32 @@
# MediaWiki
[![Integration level](https://dash.yunohost.org/integration/mediawiki.svg)](https://dash.yunohost.org/appci/app/mediawiki)
[![Integration level](https://dash.yunohost.org/integration/mediawiki.svg)](https://dash.yunohost.org/appci/app/mediawiki)
[![Install mediawiki with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=mediawiki)
*[Lire ce readme en français.](./README_fr.md)*
> *This package allow you to install mediawiki quickly and simply on a YunoHost server.
> *This package allow you to install mediawiki quickly and simply on a YunoHost server.
If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to know how to install and enjoy it.*
## Overview
![mediawiki_logo](sources/images/mediawiki_logo.png)
MediaWiki is a free and open source software wiki package written in PHP, originally for use on Wikipedia.
MediaWiki is a free and open source software wiki package written in PHP, originally for use on Wikipedia.
**Shipped version:** 1.32.0
**Shipped extension versions:**
* [LDAPProvider](https://www.mediawiki.org/wiki/Extension:LDAPProvider): 1.33 Stable
* [PluggableAuth](https://www.mediawiki.org/wiki/Extension:PluggableAuth): 1.33 Stable
* [LDAPAuthentication2](https://www.mediawiki.org/wiki/Extension:LDAPAuthentication2): 1.33 Stable
* [LDAPGroups](https://www.mediawiki.org/wiki/Extension:LDAPGroups): 1.31 Stable (**disabled and unused for now**)
* [LDAPUserInfo](https://www.mediawiki.org/wiki/Extension:LDAPUserInfo): 1.33 Stable (**disabled and unused for now**)
* [LDAPAuthorization](https://www.mediawiki.org/wiki/Extension:LDAPAuthorization): 1.33 Stable (**disabled and unused for now**)
Please note, there is no available 1.32.0 version of the LDAP* extensions but the installation portal assures that they work across various different version of MediaWiki. This is currently the case. We will be working towards a MediaWiki [1.33.0 upgrade shortly](https://github.com/YunoHost-Apps/mediawiki_ynh/issues/4). Some of the extensions are marked as "disabled and unused" because they are not immediately required but are part of the MediaWiki "LDAP Stack" which may be needed in future versions.
## Screenshots
![screenshot](sources/images/screenshot.png)
@ -26,22 +37,22 @@ MediaWiki is a free and open source software wiki package written in PHP, origin
## Configuration
How to configure this app:
How to configure this app:
* by the admin panel : Log in then click on `Preferences`
* you can edit the file Localsettings.php located in `/var/www/mediawiki`.
* Through the admin panel : Log in then click on `Preferences`
## Documentation
* Official documentation: https://www.mediawiki.org/
* YunoHost documentation: https://yunohost.org/#/app_mediawiki
* Official documentation: https://www.mediawiki.org/
* YunoHost documentation: https://yunohost.org/#/app_mediawiki
## YunoHost specific features
#### Multi-users support
Are LDAP and HTTP auth supported? : not yet
Can the app be used by multiple users? : yes
* Is LDAP supported: yes
* Is HTTP auth supported? : no
* Can the app be used by multiple users? : yes
#### Supported architectures
@ -55,10 +66,7 @@ Can the app be used by multiple users? : yes
## Additional information
* Other information you would add about this application
**More information on the documentation page:**
https://yunohost.org/packaging_apps
* The [Discourse forum topic](https://forum.yunohost.org/t/community-app-mediawiki-free-software-wiki-package-wikipedia/8588) tracking release schedule and feedback.
## Links
@ -71,12 +79,13 @@ https://yunohost.org/packaging_apps
Developers info
----------------
**Only if you want to use a testing branch for coding, instead of merging directly into master.**
Please do your pull request to the [testing branch](https://github.com/YunoHost-Apps/mediawiki_ynh/tree/testing).
Please make your change requests against the testing branch.
To try the testing branch, please try:
To try the testing branch, please proceed like that.
```
sudo yunohost app install https://github.com/YunoHost-Apps/mediawiki_ynh/tree/testing --debug
or
sudo yunohost app upgrade mediawiki -u https://github.com/YunoHost-Apps/mediawiki_ynh/tree/testing --debug
$ yunohost app install https://github.com/YunoHost-Apps/mediawiki_ynh/tree/testing --debug
$ yunohost app upgrade mediawiki -u https://github.com/YunoHost-Apps/mediawiki_ynh/tree/testing --debug
```
This should not be done on a production server!

81
README_fr.md
View file

@ -1,82 +1,5 @@
# MediaWiki
[![Integration level](https://dash.yunohost.org/integration/mediawiki.svg)](https://dash.yunohost.org/appci/app/mediawiki)
[![Install mediawiki with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=mediawiki)
Please help me maintain this README_fr.md with translation support!
*[Read this readme in english.](./README.md)*
> *Ce package vous permet d'installer mediawiki rapidement et simplement sur un serveur Yunohost.
Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.*
## Vue d'ensemble
![mediawiki_logo](sources/images/mediawiki_logo.png)
MediaWiki est un ensemble wiki à base de logiciels libres Open source, développé à lorigine pour Wikipédia.
**Version incluse:** 1.32.0
## Captures d'écran
![screenshot](sources/images/screenshot.png)
## Démo
* [Démo officielle](https://www.mediawiki.org/wiki/Project:Sandbox)
## Configuration
Comment configurer cette application:
* par le panneau d'administration : Connectez vous puis cliquer on `Préférences`
* vous pouvez modifier le fichier Localsettings.php situé dans `/var/www/mediawiki`.
## Documentation
* Documentation officielle: https://www.mediawiki.org/
* Documentation YunoHost: https://yunohost.org/#/app_mediawiki
## Caractéristiques spécifiques YunoHost
#### Support multi-utilisateurs
L'authentification LDAP et HTTP est-elle prise en charge? : pas pour l'instant
L'application peut-elle être utilisée par plusieurs utilisateurs? : oui
#### Supported architectures
* x86-64b - [![Build Status](https://ci-apps.yunohost.org/ci/logs/mediawiki%20%28Community%29.svg)](https://ci-apps.yunohost.org/ci/apps/mediawiki/)
* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/mediawiki%20%28Community%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/mediawiki/)
* Jessie x86-64b - [![Build Status](https://ci-stretch.nohost.me/ci/logs/mediawiki%20%28Community%29.svg)](https://ci-stretch.nohost.me/ci/apps/mediawiki/)
## Limitations
* Limitations connues.
## Informations additionnelles
* Autres informations à ajouter sur cette application
**Plus d'informations sur la page de documentation:**
https://yunohost.org/packaging_apps
## Links
* Signaler un bug: https://github.com/YunoHost-Apps/mediawiki_ynh/issues
* Site de l'application: https://www.mediawiki.org/
* Site web YunoHost: https://yunohost.org/
---
Informations pour les développeurs
----------------
**Seulement si vous voulez utiliser une branche de test pour le codage, au lieu de fusionner directement dans la banche principale.**
Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/mediawiki_ynh/tree/testing).
Pour essayer la branche testing, procédez comme suit.
```
sudo yunohost app install https://github.com/YunoHost-Apps/mediawiki_ynh/tree/testing --debug
ou
sudo yunohost app upgrade mediawiki -u https://github.com/YunoHost-Apps/mediawiki_ynh/tree/testing --debug
```
Sorry!

13
check_process
View file

@ -1,8 +1,3 @@
# See here for more information
# https://github.com/YunoHost/package_check#syntax-check_process-file
# Move this file from check_process.default to check_process when you have filled it.
;; Test complet
; Manifest
domain="domain.tld" (DOMAIN)
@ -11,6 +6,7 @@
language="fr"
is_public=1 (PUBLIC|public=1|private=0)
password="pass"
wiki_name="MyYunoWiki" (WIKI_NAME)
port="666" (PORT)
; Checks
pkg_linter=1
@ -30,9 +26,7 @@
Level 1=auto
Level 2=auto
Level 3=auto
# Level 4: If the app supports LDAP and SSOwat, turn level 4 to '1' and add a link to an issue or a part of your code to show it.
# If the app does not use LDAP nor SSOwat, and can't use them, turn level 4 to 'na' and explain as well.
Level 4=0
Level 4=1
Level 5=auto
Level 6=auto
Level 7=auto
@ -45,5 +39,4 @@ Notification=none
;;; Upgrade options
; commit=CommitHash
name=Name and date of the commit.
manifest_arg=domain=DOMAIN&path=PATH&admin=USER&language=fr&is_public=1&password=pass&port=666&
manifest_arg=domain=DOMAIN&path=PATH&admin=USER&language=fr&is_public=1&password=pass&port=666&wiki_name=YnhCiMediaWiki

180
conf/LocalSettings.php Normal file
View file

@ -0,0 +1,180 @@
<?php
# This file was automatically generated by the MediaWiki 1.32.0
# installer. If you make manual changes, please keep track in case you
# need to recreate them later.
#
# See includes/DefaultSettings.php for all configurable settings
# and their default values, but don't forget to make changes in _this_
# file, not there.
#
# Further documentation for configuration settings may be found at:
# https://www.mediawiki.org/wiki/Manual:Configuration_settings
# Protect against web entry
if ( !defined( 'MEDIAWIKI' ) ) {
exit;
}
## Uncomment this to disable output compression
# $wgDisableOutputCompression = true;
$wgSitename = "__WIKI_NAME__";
## The URL base path to the directory containing the wiki;
## defaults for all runtime URL paths are based off of this.
## For more information on customizing the URLs
## (like /w/index.php/Page_title to /wiki/Page_title) please see:
## https://www.mediawiki.org/wiki/Manual:Short_URL
$wgScriptPath = "__PATH__";
## The protocol and server name to use in fully-qualified URLs
$wgServer = "https://__DOMAIN__";
## The URL path to static resources (images, scripts, etc.)
$wgResourceBasePath = $wgScriptPath;
## The URL path to the logo. Make sure you change this from the default,
## or else you'll overwrite your logo when you upgrade!
$wgLogo = "$wgResourceBasePath/resources/assets/wiki.png";
## UPO means: this is also a user preference option
$wgEnableEmail = true;
$wgEnableUserEmail = true; # UPO
$wgEmergencyContact = "__ADMIN__@__DOMAIN__";
$wgPasswordSender = "__ADMIN__@__DOMAIN__";
$wgEnotifUserTalk = false; # UPO
$wgEnotifWatchlist = false; # UPO
$wgEmailAuthentication = true;
## Database settings
$wgDBtype = "mysql";
$wgDBserver = "";
$wgDBname = "__DB_NAME__";
$wgDBuser = "__DB_USER__";
$wgDBpassword = "__DB_PWD__";
# MySQL specific settings
$wgDBprefix = "mdk_";
# MySQL table options to use during installation or update
$wgDBTableOptions = "ENGINE=InnoDB, DEFAULT CHARSET=binary";
## Shared memory settings
$wgMainCacheType = CACHE_NONE;
$wgMemCachedServers = [];
## To enable image uploads, make sure the 'images' directory
## is writable, then set this to true:
$wgEnableUploads = false;
$wgUseImageMagick = true;
$wgImageMagickConvertCommand = "/usr/bin/convert";
# InstantCommons allows wiki to use images from https://commons.wikimedia.org
$wgUseInstantCommons = false;
# Periodically send a pingback to https://www.mediawiki.org/ with basic data
# about this MediaWiki instance. The Wikimedia Foundation shares this data
# with MediaWiki developers to help guide future development efforts.
$wgPingback = false;
## If you use ImageMagick (or any other shell command) on a
## Linux server, this will need to be set to the name of an
## available UTF-8 locale
$wgShellLocale = "C.UTF-8";
## Set $wgCacheDirectory to a writable directory on the web server
## to make your wiki go slightly faster. The directory should not
## be publically accessible from the web.
#$wgCacheDirectory = "$IP/cache";
# Site language code, should be one of the list in ./languages/data/Names.php
$wgLanguageCode = "__LANGUAGE__";
$wgSecretKey = "__SECRET__";
# Changing this will log out all existing sessions.
$wgAuthenticationTokenVersion = "1";
# Site upgrade key. Must be set to a string (default provided) to turn on the
# web installer while LocalSettings.php is in place
$wgUpgradeKey = "5f274549882531d1";
## For attaching licensing metadata to pages, and displaying an
## appropriate copyright notice / icon. GNU Free Documentation
## License and Creative Commons licenses are supported so far.
$wgRightsPage = ""; # Set to the title of a wiki page that describes your license/copyright
$wgRightsUrl = "";
$wgRightsText = "";
$wgRightsIcon = "";
# Path to the GNU diff3 utility. Used for conflict resolution.
$wgDiff3 = "/usr/bin/diff3";
## Default skin: you can change the default skin. Use the internal symbolic
## names, ie 'vector', 'monobook':
$wgDefaultSkin = "vector";
# Enabled skins.
# The following skins were automatically enabled:
wfLoadSkin( 'MonoBook' );
wfLoadSkin( 'Timeless' );
wfLoadSkin( 'Vector' );
# End of automatically generated settings.
# Add more configuration options below.
# Plugins
# LDAPProvider
# https://www.mediawiki.org/wiki/Extension:LDAPProvider
wfLoadExtension( 'LDAPProvider' );
# PluggableAuth
# https://www.mediawiki.org/wiki/Extension:PluggableAuth
wfLoadExtension( 'PluggableAuth' );
# LDAPAuthentication2
# https://www.mediawiki.org/wiki/Extension:LDAPAuthentication2
wfLoadExtension( 'LDAPAuthentication2' );
# Note(decentral1se): leaving here in case we need them one day
# LDAPGroups
# https://www.mediawiki.org/wiki/Extension:LDAPGroups
# wfLoadExtension( 'LDAPGroups' );
# Note(decentral1se): leaving here in case we need them one day
# LDAPUserInfo
# https://www.mediawiki.org/wiki/Extension:LDAPUserInfo
# wfLoadExtension( 'LDAPUserInfo' );
# Note(decentral1se): leaving here in case we need them one day
# LDAPAuthorization
# https://www.mediawiki.org/wiki/Extension:LDAPAuthorization
# wfLoadExtension( 'LDAPAuthorization' );
# LDAP configuration
$LDAPProviderDomainConfigProvider = function() {
$config = [
"LDAP" => [
"connection" => [
"server" => "localhost",
"port" => "389",
"user" => "uid=__LDAP_USER__,ou=users,dc=yunohost,dc=org",
"pass" => "__LDAP_PASSWORD__",
"basedn" => "dc=yunohost,dc=org",
"groupbasedn" => "dc=yunohost,dc=org",
"userbasedn" => "dc=yunohost,dc=org",
"searchattribute" => "uid",
"usernameattribute" => "uid",
"realnameattribute" => "cn",
"emailattribute" => "mail"
]
]
];
return new \MediaWiki\Extension\LDAPProvider\DomainConfigProvider\InlinePHPArray( $config );
};

5
conf/ldap_authentication2.src Normal file
View file

@ -0,0 +1,5 @@
SOURCE_URL=https://extdist.wmflabs.org/dist/extensions/LDAPAuthentication2-REL1_33-421f6ef.tar.gz
SOURCE_SUM=e29b9fe4c96ee64c1b3d56e0cae21bdf6e9257da70e3a1d29a867bb605b08ef6
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=false

5
conf/ldap_authorization.src Normal file
View file

@ -0,0 +1,5 @@
SOURCE_URL=https://extdist.wmflabs.org/dist/extensions/LDAPAuthorization-REL1_33-0eb9ef4.tar.gz
SOURCE_SUM=784e95ca493505b564f9dc10b9e83c8cd6e587b95e1272408bb51acf1bf59c09
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=false

5
conf/ldap_groups.src Normal file
View file

@ -0,0 +1,5 @@
SOURCE_URL=https://extdist.wmflabs.org/dist/extensions/LDAPProvider-REL1_31-3d9d3a3.tar.gz
SOURCE_SUM=70f428666d6849e58bcb0a116ccff02e3ad60f2f9ff26bdf0e98340473e935e1
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=false

5
conf/ldap_provider.src Normal file
View file

@ -0,0 +1,5 @@
SOURCE_URL=https://extdist.wmflabs.org/dist/extensions/LDAPProvider-REL1_33-344c6c8.tar.gz
SOURCE_SUM=9f6a17721bb4a11d98c6f427684e6751f45ba12cdabd4dd6919476769b8f92fa
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=false

5
conf/ldap_userinfo.src Normal file
View file

@ -0,0 +1,5 @@
SOURCE_URL=https://extdist.wmflabs.org/dist/extensions/LDAPUserInfo-REL1_33-70783b6.tar.gz
SOURCE_SUM=c0a9869de599dbfb96175e396573ff2138ecfae24b0e17c5afadf2e86890c4ce
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=false

14
conf/nginx.conf
View file

@ -1,33 +1,21 @@
#sub_path_only rewrite ^__PATH__$ __PATH__/ permanent;
location __PATH__/ {
# Path to source
alias __FINALPATH__/ ;
# Force usage of https
if ($scheme = http) {
rewrite ^ https://$server_name$request_uri? permanent;
}
### Example PHP configuration (remove it if not used)
index index.php;
# Common parameter to increase upload size limit in conjunction with dedicated php-fpm file
#client_max_body_size 50M;
try_files $uri $uri/ index.php;
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
fastcgi_pass unix:/var/run/php/php7.0-fpm-__NAME__.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param REMOTE_USER $remote_user;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $request_filename;
}
### End of PHP configuration part
# Include SSOWAT user panel.
include conf.d/yunohost_panel.conf.inc;
}

412
conf/php-fpm.conf
View file

@ -1,430 +1,18 @@
; Start a new pool named 'www'.
; the variable $pool can be used in any directive and will be replaced by the
; pool name ('www' here)
[__NAMETOCHANGE__]
; Per pool prefix
; It only applies on the following directives:
; - 'access.log'
; - 'slowlog'
; - 'listen' (unixsocket)
; - 'chroot'
; - 'chdir'
; - 'php_values'
; - 'php_admin_values'
; When not set, the global prefix (or /usr) applies instead.
; Note: This directive can also be relative to the global prefix.
; Default Value: none
;prefix = /path/to/pools/$pool
; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
; will be used.
user = __USER__
group = __USER__
; The address on which to accept FastCGI requests.
; Valid syntaxes are:
; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on
; a specific port;
; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
; a specific port;
; 'port' - to listen on a TCP socket to all addresses
; (IPv6 and IPv4-mapped) on a specific port;
; '/path/to/unix/socket' - to listen on a unix socket.
; Note: This value is mandatory.
listen = /var/run/php/php7.0-fpm-__NAMETOCHANGE__.sock
; Set listen(2) backlog.
; Default Value: 511 (-1 on FreeBSD and OpenBSD)
;listen.backlog = 511
; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many
; BSD-derived systems allow connections regardless of permissions.
; Default Values: user and group are set as the running user
; mode is set to 0660
listen.owner = www-data
listen.group = www-data
;listen.mode = 0660
; When POSIX Access Control Lists are supported you can set them using
; these options, value is a comma separated list of user/group names.
; When set, listen.owner and listen.group are ignored
;listen.acl_users =
;listen.acl_groups =
; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect.
; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
; must be separated by a comma. If this value is left blank, connections will be
; accepted from any ip address.
; Default Value: any
;listen.allowed_clients = 127.0.0.1
; Specify the nice(2) priority to apply to the pool processes (only if set)
; The value can vary from -19 (highest priority) to 20 (lower priority)
; Note: - It will only work if the FPM master process is launched as root
; - The pool processes will inherit the master process priority
; unless it specified otherwise
; Default Value: no set
; process.priority = -19
; Set the process dumpable flag (PR_SET_DUMPABLE prctl) even if the process user
; or group is differrent than the master process user. It allows to create process
; core dump and ptrace the process for the pool user.
; Default Value: no
; process.dumpable = yes
; Choose how the process manager will control the number of child processes.
; Possible Values:
; static - a fixed number (pm.max_children) of child processes;
; dynamic - the number of child processes are set dynamically based on the
; following directives. With this process management, there will be
; always at least 1 children.
; pm.max_children - the maximum number of children that can
; be alive at the same time.
; pm.start_servers - the number of children created on startup.
; pm.min_spare_servers - the minimum number of children in 'idle'
; state (waiting to process). If the number
; of 'idle' processes is less than this
; number then some children will be created.
; pm.max_spare_servers - the maximum number of children in 'idle'
; state (waiting to process). If the number
; of 'idle' processes is greater than this
; number then some children will be killed.
; ondemand - no children are created at startup. Children will be forked when
; new requests will connect. The following parameter are used:
; pm.max_children - the maximum number of children that
; can be alive at the same time.
; pm.process_idle_timeout - The number of seconds after which
; an idle process will be killed.
; Note: This value is mandatory.
pm = dynamic
; The number of child processes to be created when pm is set to 'static' and the
; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'.
; This value sets the limit on the number of simultaneous requests that will be
; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
; CGI. The below defaults are based on a server without much resources. Don't
; forget to tweak pm.* to fit your needs.
; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand'
; Note: This value is mandatory.
pm.max_children = 5
; The number of child processes created on startup.
; Note: Used only when pm is set to 'dynamic'
; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2
pm.start_servers = 2
; The desired minimum number of idle server processes.
; Note: Used only when pm is set to 'dynamic'
; Note: Mandatory when pm is set to 'dynamic'
pm.min_spare_servers = 1
; The desired maximum number of idle server processes.
; Note: Used only when pm is set to 'dynamic'
; Note: Mandatory when pm is set to 'dynamic'
pm.max_spare_servers = 3
; The number of seconds after which an idle process will be killed.
; Note: Used only when pm is set to 'ondemand'
; Default Value: 10s
;pm.process_idle_timeout = 10s;
; The number of requests each child process should execute before respawning.
; This can be useful to work around memory leaks in 3rd party libraries. For
; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
; Default Value: 0
;pm.max_requests = 500
; The URI to view the FPM status page. If this value is not set, no URI will be
; recognized as a status page. It shows the following informations:
; pool - the name of the pool;
; process manager - static, dynamic or ondemand;
; start time - the date and time FPM has started;
; start since - number of seconds since FPM has started;
; accepted conn - the number of request accepted by the pool;
; listen queue - the number of request in the queue of pending
; connections (see backlog in listen(2));
; max listen queue - the maximum number of requests in the queue
; of pending connections since FPM has started;
; listen queue len - the size of the socket queue of pending connections;
; idle processes - the number of idle processes;
; active processes - the number of active processes;
; total processes - the number of idle + active processes;
; max active processes - the maximum number of active processes since FPM
; has started;
; max children reached - number of times, the process limit has been reached,
; when pm tries to start more children (works only for
; pm 'dynamic' and 'ondemand');
; Value are updated in real time.
; Example output:
; pool: www
; process manager: static
; start time: 01/Jul/2011:17:53:49 +0200
; start since: 62636
; accepted conn: 190460
; listen queue: 0
; max listen queue: 1
; listen queue len: 42
; idle processes: 4
; active processes: 11
; total processes: 15
; max active processes: 12
; max children reached: 0
;
; By default the status page output is formatted as text/plain. Passing either
; 'html', 'xml' or 'json' in the query string will return the corresponding
; output syntax. Example:
; http://www.foo.bar/status
; http://www.foo.bar/status?json
; http://www.foo.bar/status?html
; http://www.foo.bar/status?xml
;
; By default the status page only outputs short status. Passing 'full' in the
; query string will also return status for each pool process.
; Example:
; http://www.foo.bar/status?full
; http://www.foo.bar/status?json&full
; http://www.foo.bar/status?html&full
; http://www.foo.bar/status?xml&full
; The Full status returns for each process:
; pid - the PID of the process;
; state - the state of the process (Idle, Running, ...);
; start time - the date and time the process has started;
; start since - the number of seconds since the process has started;
; requests - the number of requests the process has served;
; request duration - the duration in µs of the requests;
; request method - the request method (GET, POST, ...);
; request URI - the request URI with the query string;
; content length - the content length of the request (only with POST);
; user - the user (PHP_AUTH_USER) (or '-' if not set);
; script - the main script called (or '-' if not set);
; last request cpu - the %cpu the last request consumed
; it's always 0 if the process is not in Idle state
; because CPU calculation is done when the request
; processing has terminated;
; last request memory - the max amount of memory the last request consumed
; it's always 0 if the process is not in Idle state
; because memory calculation is done when the request
; processing has terminated;
; If the process is in Idle state, then informations are related to the
; last request the process has served. Otherwise informations are related to
; the current request being served.
; Example output:
; ************************
; pid: 31330
; state: Running
; start time: 01/Jul/2011:17:53:49 +0200
; start since: 63087
; requests: 12808
; request duration: 1250261
; request method: GET
; request URI: /test_mem.php?N=10000
; content length: 0
; user: -
; script: /home/fat/web/docs/php/test_mem.php
; last request cpu: 0.00
; last request memory: 0
;
; Note: There is a real-time FPM status monitoring sample web page available
; It's available in: /usr/share/php/7.0/fpm/status.html
;
; Note: The value must start with a leading slash (/). The value can be
; anything, but it may not be a good idea to use the .php extension or it
; may conflict with a real PHP file.
; Default Value: not set
;pm.status_path = /status
; The ping URI to call the monitoring page of FPM. If this value is not set, no
; URI will be recognized as a ping page. This could be used to test from outside
; that FPM is alive and responding, or to
; - create a graph of FPM availability (rrd or such);
; - remove a server from a group if it is not responding (load balancing);
; - trigger alerts for the operating team (24/7).
; Note: The value must start with a leading slash (/). The value can be
; anything, but it may not be a good idea to use the .php extension or it
; may conflict with a real PHP file.
; Default Value: not set
;ping.path = /ping
; This directive may be used to customize the response of a ping request. The
; response is formatted as text/plain with a 200 response code.
; Default Value: pong
;ping.response = pong
; The access log file
; Default: not set
;access.log = log/$pool.access.log
; The access log format.
; The following syntax is allowed
; %%: the '%' character
; %C: %CPU used by the request
; it can accept the following format:
; - %{user}C for user CPU only
; - %{system}C for system CPU only
; - %{total}C for user + system CPU (default)
; %d: time taken to serve the request
; it can accept the following format:
; - %{seconds}d (default)
; - %{miliseconds}d
; - %{mili}d
; - %{microseconds}d
; - %{micro}d
; %e: an environment variable (same as $_ENV or $_SERVER)
; it must be associated with embraces to specify the name of the env
; variable. Some exemples:
; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e
; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e
; %f: script filename
; %l: content-length of the request (for POST request only)
; %m: request method
; %M: peak of memory allocated by PHP
; it can accept the following format:
; - %{bytes}M (default)
; - %{kilobytes}M
; - %{kilo}M
; - %{megabytes}M
; - %{mega}M
; %n: pool name
; %o: output header
; it must be associated with embraces to specify the name of the header:
; - %{Content-Type}o
; - %{X-Powered-By}o
; - %{Transfert-Encoding}o
; - ....
; %p: PID of the child that serviced the request
; %P: PID of the parent of the child that serviced the request
; %q: the query string
; %Q: the '?' character if query string exists
; %r: the request URI (without the query string, see %q and %Q)
; %R: remote IP address
; %s: status (response code)
; %t: server time the request was received
; it can accept a strftime(3) format:
; %d/%b/%Y:%H:%M:%S %z (default)
; The strftime(3) format must be encapsuled in a %{<strftime_format>}t tag
; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
; %T: time the log has been written (the request has finished)
; it can accept a strftime(3) format:
; %d/%b/%Y:%H:%M:%S %z (default)
; The strftime(3) format must be encapsuled in a %{<strftime_format>}t tag
; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
; %u: remote user
;
; Default: "%R - %u %t \"%m %r\" %s"
;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"
; The log file for slow requests
; Default Value: not set
; Note: slowlog is mandatory if request_slowlog_timeout is set
;slowlog = log/$pool.log.slow
; The timeout for serving a single request after which a PHP backtrace will be
; dumped to the 'slowlog' file. A value of '0s' means 'off'.
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
; Default Value: 0
;request_slowlog_timeout = 0
; The timeout for serving a single request after which the worker process will
; be killed. This option should be used when the 'max_execution_time' ini option
; does not stop script execution for some reason. A value of '0' means 'off'.
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
; Default Value: 0
request_terminate_timeout = 1d
; Set open file descriptor rlimit.
; Default Value: system defined value
;rlimit_files = 1024
; Set max core size rlimit.
; Possible Values: 'unlimited' or an integer greater or equal to 0
; Default Value: system defined value
;rlimit_core = 0
; Chroot to this directory at the start. This value must be defined as an
; absolute path. When this value is not set, chroot is not used.
; Note: you can prefix with '$prefix' to chroot to the pool prefix or one
; of its subdirectories. If the pool prefix is not set, the global prefix
; will be used instead.
; Note: chrooting is a great security feature and should be used whenever
; possible. However, all PHP paths will be relative to the chroot
; (error_log, sessions.save_path, ...).
; Default Value: not set
;chroot =
; Chdir to this directory at the start.
; Note: relative path can be used.
; Default Value: current directory or / when chroot
chdir = __FINALPATH__
; Redirect worker stdout and stderr into main error log. If not set, stdout and
; stderr will be redirected to /dev/null according to FastCGI specs.
; Note: on highloaded environement, this can cause some delay in the page
; process time (several ms).
; Default Value: no
;catch_workers_output = yes
; Clear environment in FPM workers
; Prevents arbitrary environment variables from reaching FPM worker processes
; by clearing the environment in workers before env vars specified in this
; pool configuration are added.
; Setting to "no" will make all environment variables available to PHP code
; via getenv(), $_ENV and $_SERVER.
; Default Value: yes
;clear_env = no
; Limits the extensions of the main script FPM will allow to parse. This can
; prevent configuration mistakes on the web server side. You should only limit
; FPM to .php extensions to prevent malicious users to use other extensions to
; execute php code.
; Note: set an empty value to allow all extensions.
; Default Value: .php
;security.limit_extensions = .php .php3 .php4 .php5 .php7
; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
; the current environment.
; Default Value: clean env
;env[HOSTNAME] = $HOSTNAME
;env[PATH] = /usr/local/bin:/usr/bin:/bin
;env[TMP] = /tmp
;env[TMPDIR] = /tmp
;env[TEMP] = /tmp
; Additional php.ini defines, specific to this pool of workers. These settings
; overwrite the values previously defined in the php.ini. The directives are the
; same as the PHP SAPI:
; php_value/php_flag - you can set classic ini defines which can
; be overwritten from PHP call 'ini_set'.
; php_admin_value/php_admin_flag - these directives won't be overwritten by
; PHP call 'ini_set'
; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no.
; Defining 'extension' will load the corresponding shared extension from
; extension_dir. Defining 'disable_functions' or 'disable_classes' will not
; overwrite previously defined php.ini values, but will append the new value
; instead.
; Note: path INI options can be relative and will be expanded with the prefix
; (pool, global or /usr)
; Default Value: nothing is defined by default except the values in php.ini and
; specified at startup with the -d argument
;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com
;php_flag[display_errors] = off
;php_admin_value[error_log] = /var/log/fpm-php.www.log
;php_admin_flag[log_errors] = on
;php_admin_value[memory_limit] = 32M
; Common values to change to increase file upload limit
; php_admin_value[upload_max_filesize] = 50M
; php_admin_value[post_max_size] = 50M
; php_admin_flag[mail.add_x_header] = Off
; Other common parameters
; php_admin_value[max_execution_time] = 600
; php_admin_value[max_input_time] = 300
; php_admin_value[memory_limit] = 256M
; php_admin_flag[short_open_tag] = On

5
conf/pluggable_auth.src Normal file
View file

@ -0,0 +1,5 @@
SOURCE_URL=https://extdist.wmflabs.org/dist/extensions/PluggableAuth-REL1_33-a69f626.tar.gz
SOURCE_SUM=b6e678bb4b870dd16ac679836ef9b456e94662b5b18d8cfa030d0648383685a0
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=false

13
conf/systemd.service
View file

@ -1,13 +0,0 @@
[Unit]
Description=Small description of the service
After=network.target
[Service]
Type=simple
User=__APP__
Group=__APP__
WorkingDirectory=__FINALPATH__/
ExecStart=__FINALPATH__/script >> /var/log/__APP__/__APP__.log 2>&1
[Install]
WantedBy=multi-user.target

26
manifest.json
View file

@ -10,12 +10,12 @@
"url": "https://www.mediawiki.org/",
"license": "GPL-2.0-or-later",
"maintainer": {
"name": "Antoine",
"email": "antoine@miaou.org",
"url": "https://miaou.org"
"name": "decentral1se",
"email": "lukewm@riseup.net",
"url": "https://decentral1se"
},
"requirements": {
"yunohost": ">= 3.4"
"yunohost": ">= 3.6.4"
},
"multi_instance": true,
"services": [
@ -38,8 +38,8 @@
"name": "path",
"type": "path",
"ask": {
"en": "Choose a path for ynhexample",
"fr": "Choisissez un chemin pour ynhexample"
"en": "Choose a path for MediaWiki",
"fr": "Choisissez un chemin pour MediaWiki"
},
"example": "/wiki",
"default": "/wiki"
@ -78,7 +78,19 @@
"en": "Is it a public application?",
"fr": "Est-ce une application publique ?"
},
"default": true
"default": true,
"help": {
"en": "It will be accessible to the public"
}
},
{
"name": "wiki_name",
"type": "string",
"ask": {
"en": "Choose the application name",
"fr": "Choisissez le nom de l'application"
},
"default": "YunoWiki"
}
]
}

11
scripts/_common.sh
View file

@ -1,13 +1,6 @@
#!/bin/bash
#=================================================
# PERSONAL HELPERS
#=================================================
#=================================================
# EXPERIMENTAL HELPERS
#=================================================
#=================================================
# FUTURE OFFICIAL HELPERS
# CONSTANTS
#=================================================
pkg_dependencies="diffutils imagemagick acl"

55
scripts/backup
View file

@ -1,90 +1,55 @@
#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
ynh_clean_setup () {
### Remove this function if there's nothing to clean before calling the remove script.
true
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
ynh_print_info "Loading installation settings..."
ynh_script_progression --message="Loading installation settings..." --weight=1
app=$YNH_APP_INSTANCE_NAME
final_path=$(ynh_app_setting_get $app final_path)
domain=$(ynh_app_setting_get $app domain)
db_name=$(ynh_app_setting_get $app db_name)
#=================================================
# STANDARD BACKUP STEPS
#=================================================
# BACKUP THE APP MAIN DIR
#=================================================
ynh_print_info "Backing up the main app directory..."
ynh_script_progression --message="Backing up the main app directory..." --weight=30
ynh_backup "$final_path"
ynh_backup --src_path="$final_path"
#=================================================
# BACKUP THE NGINX CONFIGURATION
#=================================================
ynh_print_info "Backing up nginx web server configuration..."
ynh_script_progression --message="Backing up nginx web server configuration..." --weight=10
ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# BACKUP THE PHP-FPM CONFIGURATION
#=================================================
ynh_print_info "Backing up php-fpm configuration..."
ynh_script_progression --message="Backing up php-fpm configuration..." --weight=3
ynh_backup "/etc/php/7.0/fpm/pool.d/$app.conf"
ynh_backup --src_path="/etc/php/7.0/fpm/pool.d/$app.conf"
#=================================================
# BACKUP THE MYSQL DATABASE
#=================================================
ynh_print_info "Backing up the MySQL database..."
ynh_script_progression --message="Backing up the MySQL database..." --weight=15
ynh_mysql_dump_db "$db_name" > db.sql
#=================================================
# SPECIFIC BACKUP
#=================================================
# BACKUP LOGROTATE
#=================================================
ynh_print_info "Backing up logrotate configuration..."
#ynh_backup "/etc/logrotate.d/$app"
#=================================================
# BACKUP SYSTEMD
#=================================================
ynh_print_info "Backing up systemd configuration..."
#ynh_backup "/etc/systemd/system/$app.service"
#=================================================
# BACKUP A CRON FILE
#=================================================
#ynh_backup "/etc/cron.d/$app"
ynh_mysql_dump_db --database="$db_name" > db.sql
#=================================================
# END OF SCRIPT
#=================================================
ynh_print_info "Backup script completed for $app. (YunoHost will then actually copy those files to the archive)."
ynh_script_progression --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." --last

88
scripts/change_url
View file

@ -1,136 +1,106 @@
#!/bin/bash
#=================================================
# GENERIC STARTING
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# RETRIEVE ARGUMENTS
#=================================================
old_domain=$YNH_APP_OLD_DOMAIN
old_path=$YNH_APP_OLD_PATH
new_domain=$YNH_APP_NEW_DOMAIN
new_path=$YNH_APP_NEW_PATH
app=$YNH_APP_INSTANCE_NAME
#=================================================
# LOAD SETTINGS
#=================================================
ynh_print_info "Loading installation settings..."
ynh_script_progression --message="Loading installation settings..." --weight=1
# Needed for helper "ynh_add_nginx_config"
final_path=$(ynh_app_setting_get $app final_path)
# Add settings here as needed by your application
#db_name=$(ynh_app_setting_get "$app" db_name)
#db_pwd=$(ynh_app_setting_get $app db_pwd)
#=================================================
# CHECK THE SYNTAX OF THE PATHS
#=================================================
test -n "$old_path" || old_path="/"
test -n "$new_path" || new_path="/"
new_path=$(ynh_normalize_url_path $new_path)
old_path=$(ynh_normalize_url_path $old_path)
#=================================================
# CHECK WHICH PARTS SHOULD BE CHANGED
#=================================================
change_domain=0
if [ "$old_domain" != "$new_domain" ]
then
change_domain=1
change_domain=1
fi
change_path=0
if [ "$old_path" != "$new_path" ]
then
change_path=1
change_path=1
fi
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# MODIFY URL IN NGINX CONF
#=================================================
ynh_print_info "Updating nginx web server configuration..."
ynh_script_progression --message="Updating nginx web server configuration..." --weight=1
nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
# Change the path in the nginx config file
if [ $change_path -eq 1 ]
then
# Make a backup of the original nginx config file if modified
ynh_backup_if_checksum_is_different "$nginx_conf_path"
# Set global variables for nginx helper
domain="$old_domain"
path_url="$new_path"
# Create a dedicated nginx config
ynh_add_nginx_config
ynh_backup_if_checksum_is_different --file="$nginx_conf_path"
domain="$old_domain"
path_url="$new_path"
ynh_add_nginx_config
fi
# Change the domain for nginx
if [ $change_domain -eq 1 ]
then
# Delete file checksum for the old conf file location
ynh_delete_file_checksum "$nginx_conf_path"
mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf
# Store file checksum for the new config file location
ynh_store_file_checksum "/etc/nginx/conf.d/$new_domain.d/$app.conf"
ynh_delete_file_checksum --file="$nginx_conf_path"
mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf
ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
fi
#=================================================
# SPECIFIC MODIFICATIONS
# SET NEW URL
#=================================================
# ...
#=================================================
# ======= modif perso =======
# change domain
if [ $change_domain -eq 1 ]
then
ynh_replace_string "\$wgServer = \"https://$old_domain\";" "\$wgServer = \"https://$new_domain\";" "$final_path/LocalSettings.php"
ynh_replace_string --match_string="\$wgServer = \"https://$old_domain\";" --replace_string="\$wgServer = \"https://$new_domain\";" --target_file="$final_path/LocalSettings.php"
fi
# change path
if [ $change_path -eq 1 ]
then
if [ "$old_path" = "/" ]; then
old_scriptpath=""
else
old_scriptpath=$old_path
fi
if [ "$old_path" = "/" ]; then
old_scriptpath=""
else
old_scriptpath=$old_path
fi
if [ "$new_path" = "/" ]; then
new_scriptpath=""
else
new_scriptpath=$new_path
fi
if [ "$new_path" = "/" ]; then
new_scriptpath=""
else
new_scriptpath=$new_path
fi
ynh_replace_string "\$wgScriptPath = \"$old_scriptpath\";" "\$wgScriptPath = \"$new_scriptpath\";" "$final_path/LocalSettings.php"
ynh_replace_string --match_string="\$wgScriptPath = \"$old_scriptpath\";" --replace_string="\$wgScriptPath = \"$new_scriptpath\";" --target_file="$final_path/LocalSettings.php"
fi
# ======= modif perso =======
#=================================================
# GENERIC FINALISATION
#=================================================
# RELOAD NGINX
#=================================================
ynh_print_info "Reloading nginx web server..."
ynh_script_progression --message="Reloading nginx web server..." --weight=1
systemctl reload nginx
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================
ynh_print_info "Change of URL completed for $app"
ynh_script_progression --message="Change of URL completed for $app" --last

338
scripts/install
View file

@ -1,352 +1,210 @@
#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
ynh_clean_setup () {
### Remove this function if there's nothing to clean before calling the remove script.
true
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================
app=$YNH_APP_INSTANCE_NAME
domain=$YNH_APP_ARG_DOMAIN
path_url=$YNH_APP_ARG_PATH
admin=$YNH_APP_ARG_ADMIN
is_public=$YNH_APP_ARG_IS_PUBLIC
language=$YNH_APP_ARG_LANGUAGE
password=$YNH_APP_ARG_PASSWORD
### If it's a multi-instance app, meaning it can be installed several times independently
### The id of the app as stated in the manifest is available as $YNH_APP_ID
### The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2", ...)
### The app instance name is available as $YNH_APP_INSTANCE_NAME
### - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample
### - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2
### - ynhexample__{N} for the subsequent installations, with N=3,4, ...
### The app instance name is probably what interests you most, since this is
### guaranteed to be unique. This is a good unique identifier to define installation path,
### db names, ...
app=$YNH_APP_INSTANCE_NAME
wiki_name=$YNH_APP_ARG_WIKI_NAME
#=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#=================================================
ynh_print_info "Validating installation parameters..."
ynh_script_progression --message="Validating installation parameters..." --weight=1
### If the app uses nginx as web server (written in HTML/PHP in most cases), the final path should be "/var/www/$app".
### If the app provides an internal web server (or uses another application server such as uwsgi), the final path should be "/opt/yunohost/$app"
final_path=/var/www/$app
test ! -e "$final_path" || ynh_die "This path already contains a folder"
# Normalize the url path syntax
path_url=$(ynh_normalize_url_path $path_url)
ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
# Register (book) web path
ynh_webpath_register $app $domain $path_url
#=================================================
# GENERATE LDAP USER SETTINGS
#=================================================
ynh_script_progression --message="Generating dedicated LDAP user credentials..." --weight=2
ldap_user="${app}_ldap"
ldap_password=$(ynh_string_random --length=8)
#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
ynh_print_info "Storing installation settings..."
ynh_script_progression --message="Storing installation settings..." --weight=1
ynh_app_setting_set $app domain $domain
ynh_app_setting_set $app path $path_url
ynh_app_setting_set $app admin $admin
ynh_app_setting_set $app is_public $is_public
ynh_app_setting_set $app language $language
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# FIND AND OPEN A PORT
#=================================================
ynh_print_info "Configuring firewall..."
### Use these lines if you have to open a port for the application
### `ynh_find_port` will find the first available port starting from the given port.
### If you're not using these lines:
### - Remove the section "CLOSE A PORT" in the remove script
# Find a free port
#port=$(ynh_find_port 8095)
# Open this port
#ynh_exec_warn_less yunohost firewall allow --no-upnp TCP $port
#ynh_app_setting_set $app port $port
ynh_app_setting_set --app=$app --key=domain --value=$domain
ynh_app_setting_set --app=$app --key=path --value=$path_url
ynh_app_setting_set --app=$app --key=admin --value=$admin
ynh_app_setting_set --app=$app --key=is_public --value=$is_public
ynh_app_setting_set --app=$app --key=language --value=$language
ynh_app_setting_set --app=$app --key=wiki_name --value=$wiki_name
ynh_app_setting_set --app=$app --key=ldap_user --value=$ldap_user
ynh_app_setting_set --app=$app --key=ldap_password --value=$ldap_password
#=================================================
# INSTALL DEPENDENCIES
#=================================================
ynh_print_info "Installing dependencies..."
ynh_script_progression --message="Installing dependencies..." --weight=10
### `ynh_install_app_dependencies` allows you to add any "apt" dependencies to the package.
### Those deb packages will be installed as dependencies of this package.
### If you're not using this helper:
### - Remove the section "REMOVE DEPENDENCIES" in the remove script
### - As well as the section "REINSTALL DEPENDENCIES" in the restore script
### - And the section "UPGRADE DEPENDENCIES" in the upgrade script
#ynh_install_app_dependencies deb1 deb2
ynh_install_app_dependencies $pkg_dependencies
#=================================================
# CREATE A MYSQL DATABASE
#=================================================
ynh_print_info "Creating a MySQL database..."
### Use these lines if you need a database for the application.
### `ynh_mysql_setup_db` will create a database, an associated user and a ramdom password.
### The password will be stored as 'mysqlpwd' into the app settings,
### and will be available as $db_pwd
### If you're not using these lines:
### - Remove the section "BACKUP THE MYSQL DATABASE" in the backup script
### - Remove also the section "REMOVE THE MYSQL DATABASE" in the remove script
### - As well as the section "RESTORE THE MYSQL DATABASE" in the restore script
ynh_script_progression --message="Creating a MySQL database..." --weight=3
db_name=$(ynh_sanitize_dbid $app)
ynh_app_setting_set $app db_name $db_name
ynh_mysql_setup_db $db_name $db_name
db_user=$db_name
ynh_app_setting_set --app=$app --key=db_name --value=$db_name
ynh_app_setting_set --app=$app --key=db_user --value=$db_user
ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_print_info "Setting up source files..."
ynh_script_progression --message="Setting up source files..." --weight=4
### `ynh_setup_source` is used to install an app from a zip or tar.gz file,
### downloaded from an upstream source, like a git repository.
### `ynh_setup_source` use the file conf/app.src
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
ynh_app_setting_set $app final_path $final_path
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source "$final_path"
ynh_setup_source --dest_dir="$final_path"
ynh_setup_source --dest_dir="$final_path/extensions/" --source_id="ldap_provider"
ynh_setup_source --dest_dir="$final_path/extensions/" --source_id="pluggable_auth"
ynh_setup_source --dest_dir="$final_path/extensions/" --source_id="ldap_authentication2"
# Note(decentral1se): Disabled and unused for now ...
# ynh_setup_source --dest_dir="$final_path/extensions/" --source_id="ldap_groups"
# ynh_setup_source --dest_dir="$final_path/extensions/" --source_id="ldap_userinfo"
# ynh_setup_source --dest_dir="$final_path/extensions/" --source_id="ldap_authorization"
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_print_info "Configuring nginx web server..."
ynh_script_progression --message="Configuring nginx web server..." --weight=2
### `ynh_add_nginx_config` will use the file conf/nginx.conf
# Create a dedicated nginx config
ynh_add_nginx_config
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_print_info "Configuring system user..."
ynh_script_progression --message="Configuring system user..." --weight=1
# Create a system user
ynh_system_user_create $app
#=================================================
# PHP-FPM CONFIGURATION
#=================================================
ynh_print_info "Configuring php-fpm..."
ynh_script_progression --message="Configuring PHP-FPM..." --weight=1
### `ynh_add_fpm_config` is used to set up a PHP config.
### You can remove it if your app doesn't use PHP.
### `ynh_add_fpm_config` will use the files conf/php-fpm.conf and conf/php-fpm.ini
### If you're not using these lines:
### - You can remove these files in conf/.
### - Remove the section "BACKUP THE PHP-FPM CONFIGURATION" in the backup script
### - Remove also the section "REMOVE PHP-FPM CONFIGURATION" in the remove script
### - As well as the section "RESTORE THE PHP-FPM CONFIGURATION" in the restore script
### With the reload at the end of the script.
### - And the section "PHP-FPM CONFIGURATION" in the upgrade script
# Create a dedicated php-fpm config
ynh_add_fpm_config
#=================================================
# SPECIFIC SETUP
#=================================================
# ...
# CREATING DEDICATED LDAP USER
#=================================================
ynh_script_progression --message="Creating dedicated LDAP user..." --weight=20
yunohost user create $ldap_user --firstname "MediaWikiLdap" --lastname "MediaWikiLdap" --mail ${ldap_user}@$domain --password $ldap_password -q 0
#=================================================
# SETUP SYSTEMD
# PUBLIC ACCESS HANDLING
#=================================================
ynh_print_info "Configuring a systemd service..."
ynh_app_setting_set --app=$app --key=skipped_uris --value="/"
### `ynh_systemd_config` is used to configure a systemd script for an app.
### It can be used for apps that use sysvinit (with adaptation) or systemd.
### Have a look at the app to be sure this app needs a systemd script.
### `ynh_systemd_config` will use the file conf/systemd.service
### If you're not using these lines:
### - You can remove those files in conf/.
### - Remove the section "BACKUP SYSTEMD" in the backup script
### - Remove also the section "STOP AND REMOVE SERVICE" in the remove script
### - As well as the section "RESTORE SYSTEMD" in the restore script
### - And the section "SETUP SYSTEMD" in the upgrade script
# Create a dedicated systemd config
#ynh_add_systemd_config
#=================================================
# SETUP APPLICATION WITH CURL
#=================================================
### Use these lines only if the app installation needs to be finalized through
### web forms. We generally don't want to ask the final user,
### so we're going to use curl to automatically fill the fields and submit the
### forms.
# Set right permissions for curl install
chown -R $app: $final_path
# Set the app as temporarily public for curl call
ynh_print_info "Configuring SSOwat..."
ynh_app_setting_set $app skipped_uris "/"
# Reload SSOwat config
yunohost app ssowatconf
# Reload Nginx
systemctl reload nginx
# Installation with curl
ynh_print_info "Finalizing installation..."
#ynh_local_curl "/INSTALL_PATH" "key1=value1" "key2=value2" "key3=value3"
# ======= modif perso =======
#ynh_local_curl "/api.php" "format=json" "action=createaccount" "name=$admin" "password=$password" "reason=InstallMediawiki"
# ======= modif perso =======
# Remove the public access
if [ $is_public -eq 0 ]
then
ynh_app_setting_delete $app skipped_uris
ynh_app_setting_delete --app=$app --key=skipped_uris
fi
#=================================================
# MODIFY A CONFIG FILE
# RUN INSTALLATION OF MEDIAWIKI
#=================================================
#cp ../conf/LocalSettings.php $final_path/ # modif perso
### `ynh_replace_string` is used to replace a string in a file.
### (It's compatible with sed regular expressions syntax)
#ynh_replace_string "match_string" "replace_string" "$final_path/CONFIG_FILE"
# ======= modif perso =======
#ynh_replace_string "ynh_wiki_path" "$path_url" "$final_path/LocalSettings.php"
#ynh_replace_string "ynh_wiki_domain" "$domain" "$final_path/LocalSettings.php"
#ynh_replace_string "ynh_wiki_db_name" "$db_name" "$final_path/LocalSettings.php"
#ynh_replace_string "ynh_wiki_db_user" "$db_name" "$final_path/LocalSettings.php"
#ynh_replace_string "ynh_wiki_db_password" "$db_pwd" "$final_path/LocalSettings.php"
#ynh_replace_string "ynh_wiki_language" "$language" "$final_path/LocalSettings.php"
#php $final_path/maintenance/update.php
if [ "$path_url" = "/" ]; then
scriptpath=""
scriptpath=""
else
scriptpath=$path_url
scriptpath=$path_url
fi
php $final_path/maintenance/install.php --conf $final_path \
--server "https://$domain" \
--scriptpath "$scriptpath" \
--dbuser $db_name \
--dbpass $db_pwd \
--dbname $db_name \
--dbprefix "mdk_" \
--lang $language \
--pass $password \
"YunoWiki" $admin
# ======= modif perso =======
--server "https://$domain" \
--scriptpath "$scriptpath" \
--dbuser $db_name \
--dbpass $db_pwd \
--dbname $db_name \
--dbprefix "mdk_" \
--lang $language \
--pass $password \
$wiki_name $admin
#=================================================
# STORE THE CONFIG FILE CHECKSUM
# REPLACE CONFIGURATION SETTINGS
#=================================================
cp ../conf/LocalSettings.php $final_path/LocalSettings.php
### `ynh_store_file_checksum` is used to store the checksum of a file.
### That way, during the upgrade script, by using `ynh_backup_if_checksum_is_different`,
### you can make a backup of this file before modifying it again if the admin had modified it.
ynh_replace_string --match_string="__WIKI_NAME__" --replace_string="$wiki_name" --target_file="$final_path/LocalSettings.php"
ynh_replace_string --match_string="__ADMIN__" --replace_string="$admin" --target_file="$final_path/LocalSettings.php"
ynh_replace_string --match_string="__PASSWORD__" --replace_string="$password" --target_file="$final_path/LocalSettings.php"
# Calculate and store the config file checksum into the app settings
#ynh_store_file_checksum "$final_path/CONFIG_FILE"
if [ $path_url = "/" ]; then
# MediaWiki expects a "" for the root URL which is typically assumed to be
# "/" by other application packages. Therefore, we assume end-users will do
# this as well and make sure to ensure an "" in all cases where "/" is
# specified
ynh_replace_string --match_string="__PATH__" --replace_string="" --target_file="$final_path/LocalSettings.php"
else
ynh_replace_string --match_string="__PATH__" --replace_string="$path_url" --target_file="$final_path/LocalSettings.php"
fi
ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$final_path/LocalSettings.php"
ynh_replace_string --match_string="__DB_NAME__" --replace_string="$db_name" --target_file="$final_path/LocalSettings.php"
ynh_replace_string --match_string="__DB_USER__" --replace_string="$db_name" --target_file="$final_path/LocalSettings.php"
ynh_replace_string --match_string="__DB_PWD__" --replace_string="$db_pwd" --target_file="$final_path/LocalSettings.php"
ynh_replace_string --match_string="__LANGUAGE__" --replace_string="$language" --target_file="$final_path/LocalSettings.php"
secret=$(ynh_string_random 64)
ynh_app_setting_set $app secret $secret
ynh_replace_string --match_string="__SECRET__" --replace_string="$secret" --target_file="$final_path/LocalSettings.php"
ynh_replace_string --match_string="__LDAP_USER__" --replace_string="$ldap_user" --target_file="$final_path/LocalSettings.php"
ynh_replace_string --match_string="__LDAP_PASSWORD__" --replace_string="$ldap_password" --target_file="$final_path/LocalSettings.php"
php $final_path/maintenance/update.php
#=================================================
# GENERIC FINALIZATION
#=================================================
# SECURE FILES AND DIRECTORIES
# SECURE FILES AND DIRECTORIES AND SSOwat
#=================================================
ynh_script_progression --message="Configuring SSOwat..." --weight=1
### For security reason, any app should set the permissions to root: before anything else.
### Then, if write authorization is needed, any access should be given only to directories
### that really need such authorization.
chown -R $app:$app $final_path
# Set permissions to app files
chown -R root: $final_path
chown -R $app:$app $final_path # modif perso
#=================================================
# SETUP LOGROTATE
#=================================================
ynh_print_info "Configuring log rotation..."
### `ynh_use_logrotate` is used to configure a logrotate configuration for the logs of this app.
### Use this helper only if there is effectively a log file for this app.
### If you're not using this helper:
### - Remove the section "BACKUP LOGROTATE" in the backup script
### - Remove also the section "REMOVE LOGROTATE CONFIGURATION" in the remove script
### - As well as the section "RESTORE THE LOGROTATE CONFIGURATION" in the restore script
### - And the section "SETUP LOGROTATE" in the upgrade script
# Use logrotate to manage application logfile(s)
#ynh_use_logrotate
#=================================================
# ADVERTISE SERVICE IN ADMIN PANEL
#=================================================
### `yunohost service add` is a CLI yunohost command to add a service in the admin panel.
### You'll find the service in the 'services' section of YunoHost admin panel.
### This CLI command would be useless if the app does not have any services (systemd or sysvinit)
### If you're not using these lines:
### - You can remove these files in conf/.
### - Remove the section "REMOVE SERVICE FROM ADMIN PANEL" in the remove script
### - As well as the section "ADVERTISE SERVICE IN ADMIN PANEL" in the restore script
#yunohost service add $app --log "/var/log/$app/$app.log"
# if using yunohost version 3.2 or more in the 'manifest.json', a description can be added
#yunohost service add $app --description "$app daemon for XXX" --log "/var/log/$app/$app.log"
#=================================================
# SETUP SSOWAT
#=================================================
ynh_print_info "Configuring SSOwat..."
# Make app public if necessary
if [ $is_public -eq 1 ]
then
# unprotected_uris allows SSO credentials to be passed anyway.
ynh_app_setting_set $app unprotected_uris "/"
ynh_app_setting_set --app=$app --key=unprotected_uris --value="/"
fi
#=================================================
# RELOAD NGINX
#=================================================
ynh_print_info "Reloading nginx web server..."
ynh_script_progression --message="Reloading nginx web server..." --weight=1
systemctl reload nginx
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================
ynh_print_info "Installation of $app completed"
ynh_script_progression --message="Installation of $app completed" --last

97
scripts/remove
View file

@ -1,133 +1,74 @@
#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
#=================================================
ynh_print_info "Loading installation settings..."
ynh_script_progression --message="Loading installation settings..." --weight=1
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get $app domain)
port=$(ynh_app_setting_get $app port)
db_name=$(ynh_app_setting_get $app db_name)
db_user=$db_name
final_path=$(ynh_app_setting_get $app final_path)
#=================================================
# STANDARD REMOVE
#=================================================
# REMOVE SERVICE FROM ADMIN PANEL
#=================================================
# Remove a service from the admin panel, added by `yunohost service add`
if yunohost service status | grep -q $app
then
ynh_print_info "Removing $app service"
yunohost service remove $app
fi
#=================================================
# STOP AND REMOVE SERVICE
#=================================================
ynh_print_info "Stopping and removing the systemd service"
# Remove the dedicated systemd config
#ynh_remove_systemd_config
ldap_user=$(ynh_app_setting_get --app=$app --key=ldap_user)
#=================================================
# REMOVE THE MYSQL DATABASE
#=================================================
ynh_print_info "Removing the MySQL database"
ynh_script_progression --message="Removing the MySQL database..." --weight=4
# Remove a database if it exists, along with the associated user
ynh_mysql_remove_db $db_user $db_name
ynh_mysql_remove_db --db_user=$db_user --db_name=$db_name
#=================================================
# REMOVE DEPENDENCIES
#=================================================
ynh_print_info "Removing dependencies"
ynh_script_progression --message="Removing dependencies..." --weight=10
# Remove metapackage and its dependencies
#ynh_remove_app_dependencies
ynh_remove_app_dependencies
#=================================================
# REMOVE APP MAIN DIR
#=================================================
ynh_print_info "Removing app main directory"
ynh_script_progression --message="Removing app main directory..." --weight=1
# Remove the app directory securely
ynh_secure_remove "$final_path"
ynh_secure_remove --file="$final_path"
#=================================================
# REMOVE NGINX CONFIGURATION
#=================================================
ynh_print_info "Removing nginx web server configuration"
ynh_script_progression --message="Removing nginx web server configuration..." --weight=1
# Remove the dedicated nginx config
ynh_remove_nginx_config
#=================================================
# REMOVE PHP-FPM CONFIGURATION
#=================================================
ynh_print_info "Removing php-fpm configuration"
ynh_script_progression --message="Removing php-fpm configuration..." --weight=1
# Remove the dedicated php-fpm config
ynh_remove_fpm_config
#=================================================
# REMOVE LOGROTATE CONFIGURATION
#=================================================
ynh_print_info "Removing logrotate configuration"
# Remove the app-specific logrotate config
#ynh_remove_logrotate
#=================================================
# CLOSE A PORT
#=================================================
if yunohost firewall list | grep -q "\- $port$"
then
ynh_print_info "Closing port $port"
ynh_exec_warn_less yunohost firewall disallow TCP $port
fi
#=================================================
# SPECIFIC REMOVE
#=================================================
# REMOVE THE CRON FILE
#=================================================
# Remove a cron file
#ynh_secure_remove "/etc/cron.d/$app"
# Remove a directory securely
#ynh_secure_remove "/etc/$app/"
# Remove the log files
#ynh_secure_remove "/var/log/$app/"
#=================================================
# GENERIC FINALIZATION
#=================================================
# REMOVE DEDICATED USER
#=================================================
ynh_print_info "Removing the dedicated system user"
ynh_script_progression --message="Removing system user..." --weight=2
# Delete a system user
ynh_system_user_delete $app
#=================================================
# REMOVE LDAP USER
#=================================================
ynh_script_progression --message="Removing LDAP user..." --weight=2
yunohost user delete $ldap_user --purge
#=================================================
# END OF SCRIPT
#=================================================
ynh_print_info "Removal of $app completed"
ynh_script_progression --message="Removal of $app completed" --last

92
scripts/restore
View file

@ -1,141 +1,99 @@
#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
ynh_clean_setup () {
#### Remove this function if there's nothing to clean before calling the remove script.
true
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
ynh_print_info "Loading settings..."
ynh_script_progression --message="Loading settings..." --weight=1
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get $app domain)
path_url=$(ynh_app_setting_get $app path)
final_path=$(ynh_app_setting_get $app final_path)
db_name=$(ynh_app_setting_get $app db_name)
ldap_user=$(ynh_app_setting_get --app=$app --key=ldap_user)
ldap_password=$(ynh_app_setting_get --app=$app --key=ldap_password)
#=================================================
# CHECK IF THE APP CAN BE RESTORED
#=================================================
ynh_print_info "Validating restoration parameters..."
ynh_script_progression --message="Validating restoration parameters..." --weight=1
ynh_webpath_available $domain $path_url \
|| ynh_die "Path not available: ${domain}${path_url}"
test ! -d $final_path \
|| ynh_die "There is already a directory: $final_path "
ynh_webpath_available $domain $path_url || ynh_die "Path not available: ${domain}${path_url}"
test ! -d $final_path || ynh_die "There is already a directory: $final_path "
#=================================================
# STANDARD RESTORATION STEPS
#=================================================
# RESTORE THE NGINX CONFIGURATION
#=================================================
ynh_restore_file "/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# RESTORE THE APP MAIN DIR
#=================================================
ynh_print_info "Restoring the app main directory..."
ynh_script_progression --message="Restoring the app main directory..." --weight=3
ynh_restore_file "$final_path"
#=================================================
# RECREATE THE DEDICATED USER
#=================================================
ynh_print_info "Recreating the dedicated system user..."
ynh_script_progression --message="Restoring system user..." --weight=15
# Create the dedicated user (if not existing)
ynh_system_user_create $app
#=================================================
# RESTORE THE LDAP USER
#=================================================
ynh_script_progression --message="Restoring LDAP dedicated user..." --weight=15
yunohost user create $ldap_user --firstname "MediaWikiLdap" --lastname "MediaWikiLdap" --mail ${ldap_user}@$domain --password $ldap_password -q 0
#=================================================
# RESTORE USER RIGHTS
#=================================================
# Restore permissions on app files
chown -R root: $final_path
chown -R $app:$app $final_path # modif perso
chown -R $app:$app $final_path
#=================================================
# RESTORE THE PHP-FPM CONFIGURATION
#=================================================
ynh_restore_file "/etc/php/7.0/fpm/pool.d/$app.conf"
#=================================================
# SPECIFIC RESTORATION
#=================================================
# REINSTALL DEPENDENCIES
#=================================================
ynh_print_info "Reinstalling dependencies..."
ynh_script_progression --message="Reinstalling dependencies..." --weight=20
# Define and install dependencies
#ynh_install_app_dependencies deb1 deb2
ynh_install_app_dependencies $pkg_dependencies
#=================================================
# RESTORE THE MYSQL DATABASE
#=================================================
ynh_print_info "Restoring the MySQL database..."
ynh_script_progression --message="Restoring the MySQL database..." --weight=30
db_pwd=$(ynh_app_setting_get $app mysqlpwd)
ynh_mysql_setup_db $db_name $db_name $db_pwd
ynh_mysql_connect_as $db_name $db_pwd $db_name < ./db.sql
#=================================================
# RESTORE SYSTEMD
#=================================================
ynh_print_info "Restoring the systemd configuration..."
ynh_mysql_setup_db --db_user=$db_name --db_name=$db_name --db_pwd=$db_pwd
ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name < ./db.sql
#ynh_restore_file "/etc/systemd/system/$app.service"
#systemctl enable $app.service
#=================================================
# ADVERTISE SERVICE IN ADMIN PANEL
#=================================================
#yunohost service add $app --log "/var/log/$app/$app.log"
#=================================================
# RESTORE THE CRON FILE
#=================================================
#ynh_restore_file "/etc/cron.d/$app"
#=================================================
# RESTORE THE LOGROTATE CONFIGURATION
#=================================================
#ynh_restore_file "/etc/logrotate.d/$app"
#=================================================
# GENERIC FINALIZATION
#=================================================
# RELOAD NGINX AND PHP-FPM
#=================================================
ynh_print_info "Reloading nginx web server and php-fpm..."
ynh_script_progression --message="Reloading nginx web server and php-fpm..." --weight=2
systemctl reload php7.0-fpm
systemctl reload nginx
ynh_systemd_action --service_name=php7.0-fpm --action=reload
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================
ynh_print_info "Restoration completed for $app"
ynh_script_progression --message="Restoration completed for $app" --last

164
scripts/upgrade
View file

@ -1,180 +1,192 @@
#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
#=================================================
ynh_print_info "Loading installation settings..."
ynh_script_progression --message="Loading installation settings..." --weight=1
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get $app domain)
path_url=$(ynh_app_setting_get $app path)
admin=$(ynh_app_setting_get $app admin)
password=$(ynh_app_setting_get $app password)
is_public=$(ynh_app_setting_get $app is_public)
final_path=$(ynh_app_setting_get $app final_path)
language=$(ynh_app_setting_get $app language)
db_name=$(ynh_app_setting_get $app db_name)
db_pwd=$(ynh_app_setting_get $app mysqlpwd)
ldap_user=$(ynh_app_setting_get --app=$app --key=ldap_user)
ldap_password=$(ynh_app_setting_get --app=$app --key=ldap_password)
# Note(decentral1se): avoid using this on upgrade for the versions
# of the application that upgrade and have not stored this in their
# settings (when it was not available to them). Later on, when we have
# moved a few versions on, we can re-enable this
# wiki_name=$(ynh_app_setting_get --app=$app --key=wiki_name)
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
# ENSURE BACKWARD COMPATIBILITY
#=================================================
ynh_print_info "Ensuring downward compatibility..."
ynh_script_progression --message="Ensuring backward compatibility..." --weight=1
# Fix is_public as a boolean value
if [ "$is_public" = "Yes" ]; then
ynh_app_setting_set $app is_public 1
is_public=1
ynh_app_setting_set $app is_public 1
is_public=1
elif [ "$is_public" = "No" ]; then
ynh_app_setting_set $app is_public 0
is_public=0
ynh_app_setting_set $app is_public 0
is_public=0
fi
# If db_name doesn't exist, create it
if [ -z $db_name ]; then
db_name=$(ynh_sanitize_dbid $app)
ynh_app_setting_set $app db_name $db_name
db_name=$(ynh_sanitize_dbid $app)
ynh_app_setting_set $app db_name $db_name
fi
# If final_path doesn't exist, create it
if [ -z $final_path ]; then
final_path=/var/www/$app
ynh_app_setting_set $app final_path $final_path
final_path=/var/www/$app
ynh_app_setting_set $app final_path $final_path
fi
if [[ -z "$ldap_user" ]]; then
ldap_user="${app}_ldap"
ldap_password=$(ynh_string_random --length=8)
ynh_app_setting_set --app="$app" --key=ldap_user --value="$ldap_user"
ynh_app_setting_set --app="$app" --key=ldap_password --value="$ldap_password"
yunohost user create $ldap_user --firstname "MediaWikiLdap" --lastname "MediaWikiLdap" --mail ${ldap_user}@$domain --password $ldap_password -q 0
fi
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
ynh_print_info "Backing up the app before upgrading (may take a while)..."
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=100
# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
# restore it if the upgrade fails
ynh_restore_upgradebackup
ynh_restore_upgradebackup
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# CHECK THE PATH
#=================================================
# Normalize the URL path syntax
path_url=$(ynh_normalize_url_path $path_url)
#=================================================
# STANDARD UPGRADE STEPS
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_print_info "Upgrading source files..."
ynh_script_progression --message="Upgrading source files..." --weight=5
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source "$final_path"
ynh_setup_source --dest_dir="$final_path"
ynh_setup_source --dest_dir="$final_path/extensions/" --source_id="ldap_provider"
ynh_setup_source --dest_dir="$final_path/extensions/" --source_id="pluggable_auth"
ynh_setup_source --dest_dir="$final_path/extensions/" --source_id="ldap_authentication2"
# Note(decentral1se): Disabled and unused for now ...
# ynh_setup_source --dest_dir="$final_path/extensions/" --source_id="ldap_groups"
# ynh_setup_source --dest_dir="$final_path/extensions/" --source_id="ldap_userinfo"
# ynh_setup_source --dest_dir="$final_path/extensions/" --source_id="ldap_authorization"
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_print_info "Upgrading nginx web server configuration..."
ynh_script_progression --message="Upgrading nginx web server configuration..." --weight=1
# Create a dedicated nginx config
ynh_add_nginx_config
#=================================================
# UPGRADE DEPENDENCIES
#=================================================
ynh_print_info "Upgrading dependencies..."
ynh_script_progression --message="Upgrading dependencies..." --weight=3
#ynh_install_app_dependencies deb1 deb2
ynh_install_app_dependencies $pkg_dependencies
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_print_info "Making sure dedicated system user exists..."
ynh_script_progression --message="Configuring system user..." --weight=1
# Create a dedicated user (if not existing)
ynh_system_user_create $app
#=================================================
# PHP-FPM CONFIGURATION
# STORE THE CONFIG FILE CHECKSUM
#=================================================
ynh_print_info "Upgrading php-fpm configuration..."
# Create a dedicated php-fpm config
ynh_add_fpm_config
ynh_backup_if_checksum_is_different --file="$final_path/CONFIG_FILE"
#=================================================
# SPECIFIC UPGRADE
#=================================================
# ...
# REPLACE CONFIGURATION SETTINGS
#=================================================
rm $final_path/LocalSettings.php
cp ../conf/LocalSettings.php $final_path/LocalSettings.php
### Verify the checksum of a file, stored by `ynh_store_file_checksum` in the install script.
### And create a backup of this file if the checksum is different. So the file will be backed up if the admin had modified it.
ynh_backup_if_checksum_is_different "$final_path/CONFIG_FILE"
# Recalculate and store the checksum of the file for the next upgrade.
#ynh_store_file_checksum "$final_path/CONFIG_FILE"
# Note(decentral1se): See note around line 24 about the usage of $wiki_name
ynh_replace_string "__WIKI_NAME__" "YunoWiki" "$final_path/LocalSettings.php"
#=================================================
# SETUP LOGROTATE
#=================================================
ynh_print_info "Upgrading logrotate configuration..."
ynh_replace_string "__ADMIN__" "$admin" "$final_path/LocalSettings.php"
ynh_replace_string "__PASSWORD__" "$password" "$final_path/LocalSettings.php"
# Use logrotate to manage app-specific logfile(s)
#ynh_use_logrotate --non-append
if [ $path_url = "/" ]; then
# MediaWiki expects a "" for the root URL which is typically assumed to be
# "/" by other application packages. Therefore, we assume end-users will do
# this as well and make sure to ensure an "" in all cases where "/" is
# specified
ynh_replace_string "__PATH__" "" "$final_path/LocalSettings.php"
else
ynh_replace_string "__PATH__" "$path_url" "$final_path/LocalSettings.php"
fi
#=================================================
# SETUP SYSTEMD
#=================================================
ynh_print_info "Upgrading systemd configuration..."
ynh_replace_string "__DOMAIN__" "$domain" "$final_path/LocalSettings.php"
ynh_replace_string "__DB_NAME__" "$db_name" "$final_path/LocalSettings.php"
ynh_replace_string "__DB_USER__" "$db_name" "$final_path/LocalSettings.php"
ynh_replace_string "__DB_PWD__" "$db_pwd" "$final_path/LocalSettings.php"
ynh_replace_string "__LANGUAGE__" "$language" "$final_path/LocalSettings.php"
# Create a dedicated systemd config
#ynh_add_systemd_config
secret=$(ynh_string_random 64)
ynh_app_setting_set $app secret $secret
ynh_replace_string "__SECRET__" "$secret" "$final_path/LocalSettings.php"
#=================================================
# GENERIC FINALIZATION
#=================================================
ynh_replace_string "__LDAP_USER__" "$ldap_user" "$final_path/LocalSettings.php"
ynh_replace_string "__LDAP_PASSWORD__" "$ldap_password" "$final_path/LocalSettings.php"
php $final_path/maintenance/update.php #modif perso
php $final_path/maintenance/update.php
#=================================================
# SECURE FILES AND DIRECTORIES
#=================================================
chown -R $app:$app $final_path
# Set permissions on app files
chown -R root: $final_path
chown -R $app:$app $final_path # modif perso
#=================================================
# PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Upgrading php-fpm configuration..." --weight=2
ynh_add_fpm_config
#=================================================
# SETUP SSOWAT
#=================================================
ynh_print_info "Upgrading SSOwat configuration..."
ynh_script_progression --message="Configuring SSOwat..." --weight=1
# Make app public if necessary
if [ $is_public -eq 1 ]
then
# unprotected_uris allows SSO credentials to be passed anyway
ynh_app_setting_set $app unprotected_uris "/"
ynh_app_setting_set --app=$app --key=unprotected_uris --value="/"
fi
#=================================================
# RELOAD NGINX
#=================================================
ynh_print_info "Reloading nginx web server..."
ynh_script_progression --message="Reloading nginx web server..." --weight=1
systemctl reload nginx
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================
ynh_print_info "Upgrade of $app completed"
ynh_script_progression --message="Installation of $app completed" --last

2
sources/extra_files/app/.gitignore vendored
View file

@ -1,2 +0,0 @@
*~
*.sw[op]

2
sources/patches/.gitignore vendored
View file

@ -1,2 +0,0 @@
*~
*.sw[op]