diff --git a/check_process b/check_process index d63f4c0..3930fbe 100644 --- a/check_process +++ b/check_process @@ -3,8 +3,8 @@ domain="domain.tld" (DOMAIN) path="/path" (PATH) admin="john" (USER) - language="fr" is_public=1 (PUBLIC|public=1|private=0) + language="fr" password="pass" wiki_name="MyYunoWiki" (WIKI_NAME) port="666" (PORT) @@ -16,27 +16,18 @@ setup_private=1 setup_public=1 upgrade=1 - upgrade=0 from_commit=CommitHash + upgrade=1 from_commit=49d6a9b894d17ab30fa8f972c7b08d41b9bbb2d7 backup_restore=1 multi_instance=1 incorrect_path=1 port_already_use=0 change_url=1 ;;; Levels - Level 1=auto - Level 2=auto - Level 3=auto - Level 4=1 Level 5=auto - Level 6=auto - Level 7=auto - Level 8=0 - Level 9=0 - Level 10=0 ;;; Options Email= Notification=none ;;; Upgrade options - ; commit=CommitHash - name=Name and date of the commit. - manifest_arg=domain=DOMAIN&path=PATH&admin=USER&language=fr&is_public=1&password=pass&port=666&wiki_name=YnhCiMediaWiki + ; commit=49d6a9b894d17ab30fa8f972c7b08d41b9bbb2d7 + name= Fix sha256sums, fix url + manifest_arg=domain=DOMAIN&path=PATH&admin=USER&is_public=1&language=fr&password=pass&port=666&wiki_name=YnhCiMediaWiki diff --git a/manifest.json b/manifest.json index 31990fe..ac51e83 100644 --- a/manifest.json +++ b/manifest.json @@ -3,19 +3,18 @@ "id": "mediawiki", "packaging_format": 1, "description": { - "en": "MediaWiki is a free and open source software wiki package written in PHP, originally for use on Wikipedia.", - "fr": "MediaWiki est un ensemble wiki à base de logiciels libres Open source, développé à l’origine pour Wikipédia ." + "en": "A free and open source software wiki package written in PHP, originally for use on Wikipedia.", + "fr": "Un wiki à base de logiciels libres Open source, développé à l’origine pour Wikipédia ." }, - "version": "1.32.0~ynh2", - "url": "https://www.mediawiki.org/", + "version": "1.32.0~ynh3", + "url": "https://www.mediawiki.org", "license": "GPL-2.0-or-later", "maintainer": { - "name": "decentral1se", - "email": "lukewm@riseup.net", - "url": "https://decentral1.se" + "name": "Salamandar", + "email": "felix@piedallu.me" }, "requirements": { - "yunohost": ">= 3.6.4" + "yunohost": ">= 3.7.0" }, "multi_instance": true, "services": [ @@ -49,17 +48,22 @@ "type": "user", "ask": { "en": "Choose an admin user", - "fr": "Choisissez l’administrateur" + "fr": "Choisissez l'administrateur" }, "example": "johndoe" }, { - "name": "password", - "type": "password", + "name": "is_public", + "type": "boolean", "ask": { - "en": "Set the administrator password", - "fr": "Définissez le mot de passe administrateur" - } + "en": "Is it a public wiki ?", + "fr": "Est-ce un wiki public ?" + }, + "help": { + "en": "Visibility of the wiki pages", + "fr": "La visibilité des pages du wiki" + }, + "default": true }, { "name": "language", @@ -72,16 +76,17 @@ "default": "fr" }, { - "name": "is_public", - "type": "boolean", + "name": "password", + "type": "password", "ask": { - "en": "Is it a public application?", - "fr": "Est-ce une application publique ?" + "en": "Set the administrator password", + "fr": "Définissez le mot de passe administrateur" }, - "default": true, "help": { - "en": "It will be accessible to the public" - } + "en": "The password for the wiki administrator", + "fr": "Le mot de passe de l'administrateur du wiki" + }, + "example": "Choose a password" }, { "name": "wiki_name", diff --git a/pull_request_template.md b/pull_request_template.md index 2cef46f..8a7ddee 100644 --- a/pull_request_template.md +++ b/pull_request_template.md @@ -16,7 +16,7 @@ - [ ] **Code review** : - [ ] **Approval (LGTM)** : *Code review and approval have to be from a member of @YunoHost-Apps/apps-group* -- **CI succeeded** : -[![Build Status](https://ci-apps-hq.yunohost.org/jenkins/job/APP_ynh%20PR-NUM-/badge/icon)](https://ci-apps-hq.yunohost.org/jenkins/job/APP_ynh%20PR-NUM-/) +- **CI succeeded** : +[![Build Status](https://ci-apps-hq.yunohost.org/jenkins/job/mediawiki_ynh%20PR-NUM-/badge/icon)](https://ci-apps-hq.yunohost.org/jenkins/job/mediawiki_ynh%20PR-NUM-/) *Please replace '-NUM-' in this link by the PR number.* When the PR is marked as ready to merge, you have to wait for 3 days before really merging it. diff --git a/scripts/_common.sh b/scripts/_common.sh index f5eaf6d..982e7fc 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -3,4 +3,9 @@ #================================================= # CONSTANTS #================================================= -pkg_dependencies="diffutils imagemagick acl" +# shellcheck disable=SC2034 # Variable is used by other scripts +pkg_dependencies=( + diffutils + imagemagick + acl +) diff --git a/scripts/backup b/scripts/backup index 136e697..1f73a36 100755 --- a/scripts/backup +++ b/scripts/backup @@ -1,14 +1,20 @@ #!/bin/bash +#================================================= +# GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= + +#Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers #================================================= # MANAGE SCRIPT FAILURE #================================================= + +# Exit if an error occurs during the execution of the script ynh_abort_if_errors #================================================= @@ -17,39 +23,44 @@ ynh_abort_if_errors ynh_script_progression --message="Loading installation settings..." --weight=1 app=$YNH_APP_INSTANCE_NAME -final_path=$(ynh_app_setting_get $app final_path) -domain=$(ynh_app_setting_get $app domain) -db_name=$(ynh_app_setting_get $app db_name) +final_path=$(ynh_app_setting_get --app="$app" --key=final_path) +domain=$(ynh_app_setting_get --app="$app" --key=domain) +db_name=$(ynh_app_setting_get --app="$app" --key=db_name) +phpversion=$(ynh_app_setting_get --app="$app" --key=phpversion) + +#================================================= +# STANDARD BACKUP STEPS #================================================= # BACKUP THE APP MAIN DIR #================================================= -ynh_script_progression --message="Backing up the main app directory..." --weight=30 +ynh_script_progression --message="Backing up the main app directory..." --weight=1 ynh_backup --src_path="$final_path" #================================================= # BACKUP THE NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Backing up nginx web server configuration..." --weight=10 +ynh_script_progression --message="Backing up nginx web server configuration..." --weight=1 ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= # BACKUP THE PHP-FPM CONFIGURATION #================================================= -ynh_script_progression --message="Backing up php-fpm configuration..." --weight=3 +ynh_script_progression --message="Backing up php-fpm configuration..." --weight=1 -ynh_backup --src_path="/etc/php/7.0/fpm/pool.d/$app.conf" +ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" #================================================= # BACKUP THE MYSQL DATABASE #================================================= -ynh_script_progression --message="Backing up the MySQL database..." --weight=15 +ynh_script_progression --message="Backing up the MySQL database..." --weight=3 ynh_mysql_dump_db --database="$db_name" > db.sql #================================================= # END OF SCRIPT #================================================= + ynh_script_progression --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." --last diff --git a/scripts/change_url b/scripts/change_url index d8bcec8..a51f1c7 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -1,27 +1,26 @@ #!/bin/bash +#================================================= +# GENERIC STARTING #================================================= # IMPORT GENERIC HELPERS #================================================= + source _common.sh source /usr/share/yunohost/helpers #================================================= # RETRIEVE ARGUMENTS #================================================= + old_domain=$YNH_APP_OLD_DOMAIN old_path=$YNH_APP_OLD_PATH + new_domain=$YNH_APP_NEW_DOMAIN new_path=$YNH_APP_NEW_PATH + app=$YNH_APP_INSTANCE_NAME -#================================================= -# LOAD SETTINGS -#================================================= -ynh_script_progression --message="Loading installation settings..." --weight=1 - -final_path=$(ynh_app_setting_get $app final_path) - #================================================= # CHECK THE SYNTAX OF THE PATHS #================================================= @@ -31,9 +30,35 @@ test -n "$new_path" || new_path="/" new_path=$(ynh_normalize_url_path $new_path) old_path=$(ynh_normalize_url_path $old_path) +#================================================= +# LOAD SETTINGS +#================================================= +ynh_script_progression --message="Loading installation settings..." --weight=1 + +# Needed for helper "ynh_add_nginx_config" +final_path=$(ynh_app_setting_get --app="$app" --key=final_path) + +#================================================= +# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +#================================================= +ynh_script_progression --message="Backing up the app before changing its url (may take a while)..." --weight=1 + +# Backup the current version of the app +ynh_backup_before_upgrade +ynh_clean_setup () { + # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location. + ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" + + # restore it if the upgrade fails + ynh_restore_upgradebackup +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + #================================================= # CHECK WHICH PARTS SHOULD BE CHANGED #================================================= + change_domain=0 if [ "$old_domain" != "$new_domain" ] then @@ -46,6 +71,8 @@ then change_path=1 fi +#================================================= +# STANDARD MODIFICATIONS #================================================= # MODIFY URL IN NGINX CONF #================================================= @@ -53,24 +80,35 @@ ynh_script_progression --message="Updating nginx web server configuration..." -- nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf +# Change the path in the nginx config file if [ $change_path -eq 1 ] then + # Make a backup of the original nginx config file if modified ynh_backup_if_checksum_is_different --file="$nginx_conf_path" + # Set global variables for nginx helper + # shellcheck disable=SC2034 # Variable is referenced by ynh_add_nginx_config domain="$old_domain" + # shellcheck disable=SC2034 # Variable is referenced by ynh_add_nginx_config path_url="$new_path" + # Create a dedicated nginx config ynh_add_nginx_config fi +# Change the domain for nginx if [ $change_domain -eq 1 ] then + # Delete file checksum for the old conf file location ynh_delete_file_checksum --file="$nginx_conf_path" - mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf + mv "$nginx_conf_path" "/etc/nginx/conf.d/$new_domain.d/$app.conf" + # Store file checksum for the new config file location ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" fi #================================================= # SET NEW URL #================================================= +ynh_script_progression --message="Setting the new URL..." --weight=1 + if [ $change_domain -eq 1 ] then ynh_replace_string --match_string="\$wgServer = \"https://$old_domain\";" --replace_string="\$wgServer = \"https://$new_domain\";" --target_file="$final_path/LocalSettings.php" @@ -91,8 +129,10 @@ then fi ynh_replace_string --match_string="\$wgScriptPath = \"$old_scriptpath\";" --replace_string="\$wgScriptPath = \"$new_scriptpath\";" --target_file="$final_path/LocalSettings.php" -fi +fi +#================================================= +# GENERIC FINALISATION #================================================= # RELOAD NGINX #================================================= @@ -103,4 +143,5 @@ ynh_systemd_action --service_name=nginx --action=reload #================================================= # END OF SCRIPT #================================================= + ynh_script_progression --message="Change of URL completed for $app" --last diff --git a/scripts/install b/scripts/install index 5a76f92..364de93 100755 --- a/scripts/install +++ b/scripts/install @@ -1,44 +1,50 @@ #!/bin/bash +#================================================= +# GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= + source _common.sh source /usr/share/yunohost/helpers #================================================= # MANAGE SCRIPT FAILURE #================================================= + +# Exit if an error occurs during the execution of the script ynh_abort_if_errors #================================================= # RETRIEVE ARGUMENTS FROM THE MANIFEST #================================================= -app=$YNH_APP_INSTANCE_NAME + domain=$YNH_APP_ARG_DOMAIN -path_url=$YNH_APP_ARG_PATH +path_url=$(ynh_normalize_url_path "$YNH_APP_ARG_PATH") admin=$YNH_APP_ARG_ADMIN admin_password=$YNH_APP_ARG_PASSWORD is_public=$YNH_APP_ARG_IS_PUBLIC language=$YNH_APP_ARG_LANGUAGE -password=$YNH_APP_ARG_PASSWORD wiki_name=$YNH_APP_ARG_WIKI_NAME +app=$YNH_APP_INSTANCE_NAME + #================================================= # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS #================================================= ynh_script_progression --message="Validating installation parameters..." --weight=1 final_path=/var/www/$app -test ! -e "$final_path" || ynh_die "This path already contains a folder" +test ! -e "$final_path" || ynh_die --message="This path already contains a folder" -path_url=$(ynh_normalize_url_path $path_url) -ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url +# Register (book) web path +ynh_webpath_register --app="$app" --domain="$domain" --path_url="$path_url" #================================================= # GENERATE LDAP USER SETTINGS #================================================= -ynh_script_progression --message="Generating dedicated LDAP user credentials..." --weight=2 +ynh_script_progression --message="Generating dedicated LDAP user credentials..." --weight=1 ldap_user="${app}_ldap" ldap_password=$(ynh_string_random --length=8) @@ -48,47 +54,48 @@ ldap_password=$(ynh_string_random --length=8) #================================================= ynh_script_progression --message="Storing installation settings..." --weight=1 -ynh_app_setting_set --app=$app --key=domain --value=$domain -ynh_app_setting_set --app=$app --key=path --value=$path_url -ynh_app_setting_set --app=$app --key=admin --value=$admin -ynh_app_setting_set --app=$app --key=admin_password --value=$admin_password -ynh_app_setting_set --app=$app --key=is_public --value=$is_public -ynh_app_setting_set --app=$app --key=language --value=$language -ynh_app_setting_set --app=$app --key=wiki_name --value=$wiki_name -ynh_app_setting_set --app=$app --key=ldap_user --value=$ldap_user -ynh_app_setting_set --app=$app --key=ldap_password --value=$ldap_password +ynh_app_setting_set --app="$app" --key=domain --value="$domain" +ynh_app_setting_set --app="$app" --key=path --value="$path_url" +ynh_app_setting_set --app="$app" --key=admin --value="$admin" +ynh_app_setting_set --app="$app" --key=admin_password --value="$admin_password" +ynh_app_setting_set --app="$app" --key=is_public --value="$is_public" +ynh_app_setting_set --app="$app" --key=language --value="$language" +ynh_app_setting_set --app="$app" --key=wiki_name --value="$wiki_name" +ynh_app_setting_set --app="$app" --key=ldap_user --value="$ldap_user" +ynh_app_setting_set --app="$app" --key=ldap_password --value="$ldap_password" +#================================================= +# STANDARD MODIFICATIONS #================================================= # INSTALL DEPENDENCIES #================================================= -ynh_script_progression --message="Installing dependencies..." --weight=10 +ynh_script_progression --message="Installing dependencies..." --weight=15 -ynh_install_app_dependencies $pkg_dependencies +ynh_install_app_dependencies "${pkg_dependencies[@]}" #================================================= # CREATE A MYSQL DATABASE #================================================= -ynh_script_progression --message="Creating a MySQL database..." --weight=3 +ynh_script_progression --message="Creating a MySQL database..." --weight=1 -db_name=$(ynh_sanitize_dbid $app) +db_name=$(ynh_sanitize_dbid --db_name="$app") db_user=$db_name - -ynh_app_setting_set --app=$app --key=db_name --value=$db_name -ynh_app_setting_set --app=$app --key=db_user --value=$db_user - -ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name +ynh_app_setting_set --app="$app" --key=db_name --value="$db_name" +ynh_app_setting_set --app="$app" --key=db_user --value="$db_user" +ynh_mysql_setup_db --db_user="$db_user" --db_name="$db_name" +test -n "${db_pwd:?}" # Check the variable is correctly set by ynh_mysql_setup_db #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= ynh_script_progression --message="Setting up source files..." --weight=4 -ynh_app_setting_set --app=$app --key=final_path --value=$final_path - +ynh_app_setting_set --app="$app" --key=final_path --value="$final_path" +# Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" +ynh_setup_source --dest_dir="$final_path/extensions/" --source_id="ldap_authentication2" ynh_setup_source --dest_dir="$final_path/extensions/" --source_id="ldap_provider" ynh_setup_source --dest_dir="$final_path/extensions/" --source_id="pluggable_auth" -ynh_setup_source --dest_dir="$final_path/extensions/" --source_id="ldap_authentication2" # Note(decentral1se): Disabled and unused for now ... # ynh_setup_source --dest_dir="$final_path/extensions/" --source_id="ldap_groups" @@ -98,104 +105,102 @@ ynh_setup_source --dest_dir="$final_path/extensions/" --source_id="ldap_authenti #================================================= # NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Configuring nginx web server..." --weight=2 +ynh_script_progression --message="Configuring nginx web server..." --weight=1 +# Create a dedicated nginx config ynh_add_nginx_config #================================================= # CREATE DEDICATED USER #================================================= -ynh_script_progression --message="Configuring system user..." --weight=1 +ynh_script_progression --message="Configuring system user..." --weight=2 -ynh_system_user_create $app +# Create a system user +ynh_system_user_create --username="$app" #================================================= # PHP-FPM CONFIGURATION #================================================= -ynh_script_progression --message="Configuring PHP-FPM..." --weight=1 +ynh_script_progression --message="Configuring php-fpm..." --weight=1 +# Create a dedicated php-fpm config ynh_add_fpm_config #================================================= -# CREATING DEDICATED LDAP USER +# SPECIFIC SETUP #================================================= -ynh_script_progression --message="Creating dedicated LDAP user..." --weight=20 - -yunohost user create $ldap_user --firstname "MediaWikiLdap" --lastname "MediaWikiLdap" --mail ${ldap_user}@$domain --password $ldap_password -q 0 - +# CREATE DEDICATED LDAP USER #================================================= -# PUBLIC ACCESS HANDLING -#================================================= -ynh_app_setting_set --app=$app --key=skipped_uris --value="/" +ynh_script_progression --message="Creating dedicated LDAP user..." --weight=1 -if [ $is_public -eq 0 ] -then - ynh_app_setting_delete --app=$app --key=skipped_uris -fi +yunohost user create "$ldap_user" \ + --firstname "MediaWikiLdap" --lastname "MediaWikiLdap" \ + --mail "${ldap_user}@$domain" --password "$ldap_password" -q 0 #================================================= # RUN INSTALLATION OF MEDIAWIKI #================================================= +ynh_script_progression --message="Installing and configuring Mediawiki..." --weight=14 if [ "$path_url" = "/" ]; then scriptpath="" else scriptpath=$path_url fi -php $final_path/maintenance/install.php --conf $final_path \ +php "$final_path/maintenance/install.php" --conf "$final_path" \ --server "https://$domain" \ --scriptpath "$scriptpath" \ - --dbuser $db_name \ - --dbpass $db_pwd \ - --dbname $db_name \ + --dbuser "$db_name" \ + --dbpass "$db_pwd" \ + --dbname "$db_name" \ --dbprefix "mdk_" \ - --lang $language \ - --pass $admin_password \ + --lang "$language" \ + --pass "$admin_password" \ "$wiki_name" "$admin" #================================================= # REPLACE CONFIGURATION SETTINGS #================================================= -cp ../conf/LocalSettings.php $final_path/LocalSettings.php +cp ../conf/LocalSettings.php "$final_path/LocalSettings.php" -ynh_replace_string --match_string="__WIKI_NAME__" --replace_string="$wiki_name" --target_file="$final_path/LocalSettings.php" -ynh_replace_string --match_string="__ADMIN__" --replace_string="$admin" --target_file="$final_path/LocalSettings.php" +ynh_replace_string --target_file="$final_path/LocalSettings.php" --match_string="__WIKI_NAME__" --replace_string="$wiki_name" +ynh_replace_string --target_file="$final_path/LocalSettings.php" --match_string="__ADMIN__" --replace_string="$admin" -if [ $path_url = "/" ]; then +if [ "$path_url" = "/" ]; then # MediaWiki expects a "" for the root URL which is typically assumed to be # "/" by other application packages. Therefore, we assume end-users will do # this as well and make sure to ensure an "" in all cases where "/" is # specified - ynh_replace_string --match_string="__PATH__" --replace_string="" --target_file="$final_path/LocalSettings.php" + ynh_replace_string --target_file="$final_path/LocalSettings.php" --match_string="__PATH__" --replace_string="" else - ynh_replace_string --match_string="__PATH__" --replace_string="$path_url" --target_file="$final_path/LocalSettings.php" + ynh_replace_string --target_file="$final_path/LocalSettings.php" --match_string="__PATH__" --replace_string="$path_url" fi -ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$final_path/LocalSettings.php" -ynh_replace_string --match_string="__DB_NAME__" --replace_string="$db_name" --target_file="$final_path/LocalSettings.php" -ynh_replace_string --match_string="__DB_USER__" --replace_string="$db_name" --target_file="$final_path/LocalSettings.php" -ynh_replace_string --match_string="__DB_PWD__" --replace_string="$db_pwd" --target_file="$final_path/LocalSettings.php" -ynh_replace_string --match_string="__LANGUAGE__" --replace_string="$language" --target_file="$final_path/LocalSettings.php" +ynh_replace_string --target_file="$final_path/LocalSettings.php" --match_string="__DOMAIN__" --replace_string="$domain" +ynh_replace_string --target_file="$final_path/LocalSettings.php" --match_string="__DB_NAME__" --replace_string="$db_name" +ynh_replace_string --target_file="$final_path/LocalSettings.php" --match_string="__DB_USER__" --replace_string="$db_name" +ynh_replace_string --target_file="$final_path/LocalSettings.php" --match_string="__DB_PWD__" --replace_string="$db_pwd" +ynh_replace_string --target_file="$final_path/LocalSettings.php" --match_string="__LANGUAGE__" --replace_string="$language" secret=$(ynh_string_random 64) -ynh_app_setting_set $app secret $secret -ynh_replace_string --match_string="__SECRET__" --replace_string="$secret" --target_file="$final_path/LocalSettings.php" +ynh_app_setting_set "$app" secret "$secret" +ynh_replace_string --target_file="$final_path/LocalSettings.php" --match_string="__SECRET__" --replace_string="$secret" -ynh_replace_string --match_string="__LDAP_USER__" --replace_string="$ldap_user" --target_file="$final_path/LocalSettings.php" -ynh_replace_string --match_string="__LDAP_PASSWORD__" --replace_string="$ldap_password" --target_file="$final_path/LocalSettings.php" +ynh_replace_string --target_file="$final_path/LocalSettings.php" --match_string="__LDAP_USER__" --replace_string="$ldap_user" +ynh_replace_string --target_file="$final_path/LocalSettings.php" --match_string="__LDAP_PASSWORD__" --replace_string="$ldap_password" -php $final_path/maintenance/update.php +php "$final_path/maintenance/update.php" + +chown -R "$app:$app" "$final_path" #================================================= -# SECURE FILES AND DIRECTORIES AND SSOwat +# SETUP SSOWAT #================================================= ynh_script_progression --message="Configuring SSOwat..." --weight=1 -chown -R $app:$app $final_path - -if [ $is_public -eq 1 ] -then - ynh_app_setting_set --app=$app --key=unprotected_uris --value="/" +# Make app public if necessary +if [ "$is_public" -eq 1 ]; then + ynh_permission_update --permission "main" --add "visitors" fi #================================================= @@ -208,4 +213,5 @@ ynh_systemd_action --service_name=nginx --action=reload #================================================= # END OF SCRIPT #================================================= + ynh_script_progression --message="Installation of $app completed" --last diff --git a/scripts/remove b/scripts/remove index a2f0baf..45d6067 100755 --- a/scripts/remove +++ b/scripts/remove @@ -1,8 +1,11 @@ #!/bin/bash +#================================================= +# GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= + source _common.sh source /usr/share/yunohost/helpers @@ -12,25 +15,30 @@ source /usr/share/yunohost/helpers ynh_script_progression --message="Loading installation settings..." --weight=1 app=$YNH_APP_INSTANCE_NAME -domain=$(ynh_app_setting_get $app domain) -port=$(ynh_app_setting_get $app port) -db_name=$(ynh_app_setting_get $app db_name) -db_user=$db_name -final_path=$(ynh_app_setting_get $app final_path) -ldap_user=$(ynh_app_setting_get --app=$app --key=ldap_user) +domain=$(ynh_app_setting_get --app="$app" --key=domain) +port=$(ynh_app_setting_get --app="$app" --key=port) +db_name=$(ynh_app_setting_get --app="$app" --key=db_name) +db_user=$db_name +final_path=$(ynh_app_setting_get --app="$app" --key=final_path) +ldap_user=$(ynh_app_setting_get --app="$app" --key=ldap_user) + +#================================================= +# STANDARD REMOVE #================================================= # REMOVE THE MYSQL DATABASE #================================================= ynh_script_progression --message="Removing the MySQL database..." --weight=4 -ynh_mysql_remove_db --db_user=$db_user --db_name=$db_name +# Remove a database if it exists, along with the associated user +ynh_mysql_remove_db --db_user"=$db_user" --db_name="$db_name" #================================================= # REMOVE DEPENDENCIES #================================================= ynh_script_progression --message="Removing dependencies..." --weight=10 +# Remove metapackage and its dependencies ynh_remove_app_dependencies #================================================= @@ -38,6 +46,7 @@ ynh_remove_app_dependencies #================================================= ynh_script_progression --message="Removing app main directory..." --weight=1 +# Remove the app directory securely ynh_secure_remove --file="$final_path" #================================================= @@ -45,6 +54,7 @@ ynh_secure_remove --file="$final_path" #================================================= ynh_script_progression --message="Removing nginx web server configuration..." --weight=1 +# Remove the dedicated nginx config ynh_remove_nginx_config #================================================= @@ -52,23 +62,30 @@ ynh_remove_nginx_config #================================================= ynh_script_progression --message="Removing php-fpm configuration..." --weight=1 +# Remove the dedicated php-fpm config ynh_remove_fpm_config #================================================= -# REMOVE DEDICATED USER -#================================================= -ynh_script_progression --message="Removing system user..." --weight=2 - -ynh_system_user_delete $app - +# SPECIFIC REMOVE #================================================= # REMOVE LDAP USER #================================================= -ynh_script_progression --message="Removing LDAP user..." --weight=2 +ynh_script_progression --message="Removing LDAP user..." --weight=1 -yunohost user delete $ldap_user --purge +yunohost user delete "$ldap_user" --purge + +#================================================= +# GENERIC FINALIZATION +#================================================= +# REMOVE DEDICATED USER +#================================================= +ynh_script_progression --message="Removing the dedicated system user..." --weight=1 + +# Delete a system user +ynh_system_user_delete --username="$app" #================================================= # END OF SCRIPT #================================================= + ynh_script_progression --message="Removal of $app completed" --last diff --git a/scripts/restore b/scripts/restore index 8af677d..527781c 100755 --- a/scripts/restore +++ b/scripts/restore @@ -1,99 +1,124 @@ #!/bin/bash +#================================================= +# GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= + +#Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers #================================================= # MANAGE SCRIPT FAILURE #================================================= + +# Exit if an error occurs during the execution of the script ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading settings..." --weight=1 +ynh_script_progression --message="Loading installation settings..." --weight=1 app=$YNH_APP_INSTANCE_NAME -domain=$(ynh_app_setting_get $app domain) -path_url=$(ynh_app_setting_get $app path) -final_path=$(ynh_app_setting_get $app final_path) -db_name=$(ynh_app_setting_get $app db_name) -ldap_user=$(ynh_app_setting_get --app=$app --key=ldap_user) -ldap_password=$(ynh_app_setting_get --app=$app --key=ldap_password) + +domain=$(ynh_app_setting_get --app="$app" --key=domain) +path_url=$(ynh_app_setting_get --app="$app" --key=path) +final_path=$(ynh_app_setting_get --app="$app" --key=final_path) +db_name=$(ynh_app_setting_get --app="$app" --key=db_name) +db_user=$db_name +ldap_user=$(ynh_app_setting_get --app="$app" --key=ldap_user) +ldap_password=$(ynh_app_setting_get --app="$app" --key=ldap_password) +phpversion=$(ynh_app_setting_get --app="$app" --key=phpversion) #================================================= # CHECK IF THE APP CAN BE RESTORED #================================================= ynh_script_progression --message="Validating restoration parameters..." --weight=1 -ynh_webpath_available $domain $path_url || ynh_die "Path not available: ${domain}${path_url}" -test ! -d $final_path || ynh_die "There is already a directory: $final_path " +ynh_webpath_available --domain="$domain" --path_url="$path_url" \ + || ynh_die --message="Path not available: ${domain}${path_url}" +test ! -d "$final_path" \ + || ynh_die --message="There is already a directory: $final_path" +#================================================= +# STANDARD RESTORATION STEPS #================================================= # RESTORE THE NGINX CONFIGURATION #================================================= -ynh_restore_file "/etc/nginx/conf.d/$domain.d/$app.conf" + +ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= # RESTORE THE APP MAIN DIR #================================================= -ynh_script_progression --message="Restoring the app main directory..." --weight=3 +ynh_script_progression --message="Restoring the app main directory..." --weight=1 -ynh_restore_file "$final_path" +ynh_restore_file --origin_path="$final_path" #================================================= # RECREATE THE DEDICATED USER #================================================= -ynh_script_progression --message="Restoring system user..." --weight=15 +ynh_script_progression --message="Recreating the dedicated system user..." --weight=2 -ynh_system_user_create $app - -#================================================= -# RESTORE THE LDAP USER -#================================================= -ynh_script_progression --message="Restoring LDAP dedicated user..." --weight=15 - -yunohost user create $ldap_user --firstname "MediaWikiLdap" --lastname "MediaWikiLdap" --mail ${ldap_user}@$domain --password $ldap_password -q 0 +# Create the dedicated user (if not existing) +ynh_system_user_create --username="$app" #================================================= # RESTORE USER RIGHTS #================================================= -chown -R $app:$app $final_path + +# Restore permissions on app files +chown -R "$app:$app" "$final_path" #================================================= # RESTORE THE PHP-FPM CONFIGURATION #================================================= -ynh_restore_file "/etc/php/7.0/fpm/pool.d/$app.conf" +ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" + +#================================================= +# SPECIFIC RESTORATION #================================================= # REINSTALL DEPENDENCIES #================================================= -ynh_script_progression --message="Reinstalling dependencies..." --weight=20 +ynh_script_progression --message="Reinstalling dependencies..." --weight=10 -ynh_install_app_dependencies $pkg_dependencies +# Define and install dependencies +ynh_install_app_dependencies "${pkg_dependencies[@]}" #================================================= # RESTORE THE MYSQL DATABASE #================================================= -ynh_script_progression --message="Restoring the MySQL database..." --weight=30 +ynh_script_progression --message="Restoring the MySQL database..." --weight=5 -db_pwd=$(ynh_app_setting_get $app mysqlpwd) +db_pwd=$(ynh_app_setting_get --app="$app" --key=mysqlpwd) +ynh_mysql_setup_db --db_user="$db_user" --db_name="$db_name" --db_pwd="$db_pwd" +ynh_mysql_connect_as --user="$db_user" --password="$db_pwd" --database="$db_name" < ./db.sql -ynh_mysql_setup_db --db_user=$db_name --db_name=$db_name --db_pwd=$db_pwd -ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name < ./db.sql +#================================================= +# RESTORE THE LDAP USER +#================================================= +ynh_script_progression --message="Restoring LDAP dedicated user..." --weight=1 +yunohost user create "$ldap_user" \ + --firstname "MediaWikiLdap" --lastname "MediaWikiLdap" \ + --mail "${ldap_user}@$domain" --password "$ldap_password" -q 0 + +#================================================= +# GENERIC FINALIZATION #================================================= # RELOAD NGINX AND PHP-FPM #================================================= -ynh_script_progression --message="Reloading nginx web server and php-fpm..." --weight=2 +ynh_script_progression --message="Reloading nginx web server and php-fpm..." --weight=1 -ynh_systemd_action --service_name=php7.0-fpm --action=reload +ynh_systemd_action --service_name="php$phpversion-fpm" --action=reload ynh_systemd_action --service_name=nginx --action=reload #================================================= # END OF SCRIPT #================================================= + ynh_script_progression --message="Restoration completed for $app" --last diff --git a/scripts/upgrade b/scripts/upgrade index 15253b9..f4406e7 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -1,8 +1,11 @@ #!/bin/bash +#================================================= +# GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= + source _common.sh source /usr/share/yunohost/helpers @@ -12,81 +15,83 @@ source /usr/share/yunohost/helpers ynh_script_progression --message="Loading installation settings..." --weight=1 app=$YNH_APP_INSTANCE_NAME -domain=$(ynh_app_setting_get $app domain) -path_url=$(ynh_app_setting_get $app path) -admin=$(ynh_app_setting_get $app admin) -is_public=$(ynh_app_setting_get $app is_public) -final_path=$(ynh_app_setting_get $app final_path) -language=$(ynh_app_setting_get $app language) -db_name=$(ynh_app_setting_get $app db_name) -db_pwd=$(ynh_app_setting_get $app mysqlpwd) -ldap_user=$(ynh_app_setting_get --app=$app --key=ldap_user) -ldap_password=$(ynh_app_setting_get --app=$app --key=ldap_password) + +domain=$(ynh_app_setting_get --app="$app" --key=domain) +path_url=$(ynh_app_setting_get --app="$app" --key=path) +admin=$(ynh_app_setting_get --app="$app" --key=admin) +is_public=$(ynh_app_setting_get --app="$app" --key=is_public) +final_path=$(ynh_app_setting_get --app="$app" --key=final_path) +language=$(ynh_app_setting_get --app="$app" --key=language) +wiki_name=$(ynh_app_setting_get --app="$app" --key=wiki_name) +db_name=$(ynh_app_setting_get --app="$app" --key=db_name) +db_pwd=$(ynh_app_setting_get --app="$app" --key=mysqlpwd) +ldap_user=$(ynh_app_setting_get --app="$app" --key=ldap_user) +ldap_password=$(ynh_app_setting_get --app="$app" --key=ldap_password) # Note(decentral1se): avoid using this on upgrade for the versions # of the application that upgrade and have not stored this in their # settings (when it was not available to them). Later on, when we have # moved a few versions on, we can re-enable this -# wiki_name=$(ynh_app_setting_get --app=$app --key=wiki_name) +# wiki_name=$(ynh_app_setting_get --app="$app" --key=wiki_name) #================================================= -# ENSURE BACKWARD COMPATIBILITY +# ENSURE DOWNWARD COMPATIBILITY #================================================= -ynh_script_progression --message="Ensuring backward compatibility..." --weight=1 +ynh_script_progression --message="Ensuring downward compatibility..." --weight=1 +# Fix is_public as a boolean value if [ "$is_public" = "Yes" ]; then - ynh_app_setting_set $app is_public 1 - is_public=1 + ynh_app_setting_set --app="$app" --key=is_public --value=1 + is_public=1 elif [ "$is_public" = "No" ]; then - ynh_app_setting_set $app is_public 0 - is_public=0 + ynh_app_setting_set --app="$app" --key=is_public --value=0 + is_public=0 fi -if [ -z $db_name ]; then - db_name=$(ynh_sanitize_dbid $app) - ynh_app_setting_set $app db_name $db_name +# If db_name doesn't exist, create it +if [ -z "$db_name" ]; then + db_name=$(ynh_sanitize_dbid --db_name="$app") + ynh_app_setting_set --app="$app" --key=db_name --value="$db_name" fi -if [ -z $final_path ]; then - final_path=/var/www/$app - ynh_app_setting_set $app final_path $final_path -fi - -if [[ -z "$ldap_user" ]]; then - ldap_user="${app}_ldap" - ldap_password=$(ynh_string_random --length=8) - ynh_app_setting_set --app="$app" --key=ldap_user --value="$ldap_user" - ynh_app_setting_set --app="$app" --key=ldap_password --value="$ldap_password" - yunohost user create $ldap_user --firstname "MediaWikiLdap" --lastname "MediaWikiLdap" --mail ${ldap_user}@$domain --password $ldap_password -q 0 +# If final_path doesn't exist, create it +if [ -z "$final_path" ]; then + final_path="/var/www/$app" + ynh_app_setting_set --app="$app" --key=final_path --value="$final_path" fi #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= -ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=100 +ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=6 +# Backup the current version of the app ynh_backup_before_upgrade - ynh_clean_setup () { - ynh_restore_upgradebackup + # restore it if the upgrade fails + ynh_restore_upgradebackup } - +# Exit if an error occurs during the execution of the script ynh_abort_if_errors #================================================= # CHECK THE PATH #================================================= -path_url=$(ynh_normalize_url_path $path_url) +# Normalize the URL path syntax +path_url=$(ynh_normalize_url_path --path_url="$path_url") + +#================================================= +# STANDARD UPGRADE STEPS #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= -ynh_script_progression --message="Upgrading source files..." --weight=5 +ynh_script_progression --message="Setting up source files..." --weight=4 ynh_setup_source --dest_dir="$final_path" +ynh_setup_source --dest_dir="$final_path/extensions/" --source_id="ldap_authentication2" ynh_setup_source --dest_dir="$final_path/extensions/" --source_id="ldap_provider" ynh_setup_source --dest_dir="$final_path/extensions/" --source_id="pluggable_auth" -ynh_setup_source --dest_dir="$final_path/extensions/" --source_id="ldap_authentication2" # Note(decentral1se): Disabled and unused for now ... # ynh_setup_source --dest_dir="$final_path/extensions/" --source_id="ldap_groups" @@ -98,6 +103,7 @@ ynh_setup_source --dest_dir="$final_path/extensions/" --source_id="ldap_authenti #================================================= ynh_script_progression --message="Upgrading nginx web server configuration..." --weight=1 +# Create a dedicated nginx config ynh_add_nginx_config #================================================= @@ -105,14 +111,40 @@ ynh_add_nginx_config #================================================= ynh_script_progression --message="Upgrading dependencies..." --weight=3 -ynh_install_app_dependencies $pkg_dependencies +ynh_install_app_dependencies "${pkg_dependencies[@]}" #================================================= # CREATE DEDICATED USER #================================================= -ynh_script_progression --message="Configuring system user..." --weight=1 +ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 -ynh_system_user_create $app +# Create a dedicated user (if not existing) +ynh_system_user_create --username="$app" + +#================================================= +# PHP-FPM CONFIGURATION +#================================================= +ynh_script_progression --message="Upgrading php-fpm configuration..." --weight=1 + +# Create a dedicated php-fpm config +ynh_add_fpm_config + +#================================================= +# SPECIFIC UPGRADE +#================================================= +# CREATE DEDICATED LDAP USER +#================================================= +ynh_script_progression --message="Creating dedicated LDAP user if necessary..." --weight=1 + +if [[ -z "$ldap_user" ]]; then + ldap_user="${app}_ldap" + ldap_password=$(ynh_string_random --length=8) + ynh_app_setting_set --app="$app" --key=ldap_user --value="$ldap_user" + ynh_app_setting_set --app="$app" --key=ldap_password --value="$ldap_password" + yunohost user create "$ldap_user" \ + --firstname "MediaWikiLdap" --lastname "MediaWikiLdap" \ + --mail "${ldap_user}@$domain" --password "$ldap_password" -q 0 +fi #================================================= # STORE THE CONFIG FILE CHECKSUM @@ -122,59 +154,61 @@ ynh_backup_if_checksum_is_different --file="$final_path/CONFIG_FILE" #================================================= # REPLACE CONFIGURATION SETTINGS #================================================= -rm $final_path/LocalSettings.php -cp ../conf/LocalSettings.php $final_path/LocalSettings.php +ynh_script_progression --message="Upgrading application files..." --weight=4 -# Note(decentral1se): See note around line 24 about the usage of $wiki_name -ynh_replace_string "__WIKI_NAME__" "YunoWiki" "$final_path/LocalSettings.php" +rm "$final_path/LocalSettings.php" +cp ../conf/LocalSettings.php "$final_path/LocalSettings.php" -ynh_replace_string "__ADMIN__" "$admin" "$final_path/LocalSettings.php" +ynh_replace_string --target_file="$final_path/LocalSettings.php" --match_string="__WIKI_NAME__" --replace_string="$wiki_name" +ynh_replace_string --target_file="$final_path/LocalSettings.php" --match_string="__ADMIN__" --replace_string="$admin" -if [ $path_url = "/" ]; then +if [ "$path_url" = "/" ]; then # MediaWiki expects a "" for the root URL which is typically assumed to be # "/" by other application packages. Therefore, we assume end-users will do # this as well and make sure to ensure an "" in all cases where "/" is # specified - ynh_replace_string "__PATH__" "" "$final_path/LocalSettings.php" + ynh_replace_string --target_file="$final_path/LocalSettings.php" --match_string="__PATH__" --replace_string="" else - ynh_replace_string "__PATH__" "$path_url" "$final_path/LocalSettings.php" + ynh_replace_string --target_file="$final_path/LocalSettings.php" --match_string="__PATH__" --replace_string="$path_url" fi -ynh_replace_string "__DOMAIN__" "$domain" "$final_path/LocalSettings.php" -ynh_replace_string "__DB_NAME__" "$db_name" "$final_path/LocalSettings.php" -ynh_replace_string "__DB_USER__" "$db_name" "$final_path/LocalSettings.php" -ynh_replace_string "__DB_PWD__" "$db_pwd" "$final_path/LocalSettings.php" -ynh_replace_string "__LANGUAGE__" "$language" "$final_path/LocalSettings.php" +ynh_replace_string --target_file="$final_path/LocalSettings.php" --match_string="__DOMAIN__" --replace_string="$domain" +ynh_replace_string --target_file="$final_path/LocalSettings.php" --match_string="__DB_NAME__" --replace_string="$db_name" +ynh_replace_string --target_file="$final_path/LocalSettings.php" --match_string="__DB_USER__" --replace_string="$db_name" +ynh_replace_string --target_file="$final_path/LocalSettings.php" --match_string="__DB_PWD__" --replace_string="$db_pwd" +ynh_replace_string --target_file="$final_path/LocalSettings.php" --match_string="__LANGUAGE__" --replace_string="$language" secret=$(ynh_string_random 64) -ynh_app_setting_set $app secret $secret -ynh_replace_string "__SECRET__" "$secret" "$final_path/LocalSettings.php" +ynh_app_setting_set "$app" secret "$secret" +ynh_replace_string --target_file="$final_path/LocalSettings.php" --match_string="__SECRET__" --replace_string="$secret" -ynh_replace_string "__LDAP_USER__" "$ldap_user" "$final_path/LocalSettings.php" -ynh_replace_string "__LDAP_PASSWORD__" "$ldap_password" "$final_path/LocalSettings.php" +ynh_replace_string --target_file="$final_path/LocalSettings.php" --match_string="__LDAP_USER__" --replace_string="$ldap_user" +ynh_replace_string --target_file="$final_path/LocalSettings.php" --match_string="__LDAP_PASSWORD__" --replace_string="$ldap_password" -php $final_path/maintenance/update.php +php "$final_path/maintenance/update.php" #================================================= # SECURE FILES AND DIRECTORIES #================================================= -chown -R $app:$app $final_path -#================================================= -# PHP-FPM CONFIGURATION -#================================================= -ynh_script_progression --message="Upgrading php-fpm configuration..." --weight=2 - -ynh_add_fpm_config +# Set permissions on app files +chown -R "$app:$app" "$final_path" #================================================= # SETUP SSOWAT #================================================= -ynh_script_progression --message="Configuring SSOwat..." --weight=1 +ynh_script_progression --message="Upgrading SSOwat configuration..." --weight=1 -if [ $is_public -eq 1 ] -then - ynh_app_setting_set --app=$app --key=unprotected_uris --value="/" +# Upgrade from the legacy permissions system +protected_uris=$(ynh_app_setting_get --app="$app" --key=protected_uris) +if [ -n "${protected_uris}" ]; then + ynh_app_setting_delete --app="$app" --key=protected_uris +fi + +# Make app public if necessary +if [ $is_public -eq 1 ]; then + # Allow public access on / + ynh_permission_update --permission "main" --add "visitors" fi #================================================= @@ -187,4 +221,5 @@ ynh_systemd_action --service_name=nginx --action=reload #================================================= # END OF SCRIPT #================================================= -ynh_script_progression --message="Installation of $app completed" --last + +ynh_script_progression --message="Upgrade of $app completed" --last