[enh] Replace FTP by a simple PHP file manager

2024-09-03 19:46:26 +02:00 · 2015-08-21 22:02:48 +02:00 · 2015-08-21 22:02:48 +02:00 · 0d067d051c
commit 0d067d051c
parent 80fd338682
8 changed files with 3180 additions and 72 deletions
--- a/README.md
+++ b/README.md
@ -1,4 +1,4 @@
-Custom Webapp + FTP
-------------------
+Custom Webapp
+-------------

-Empty App with FTP access to the web directory.
+Empty App with a file access to the web directory.
--- a/conf/ldap.conf
+++ b/conf/ldap.conf
@ -1,6 +0,0 @@
-LDAPBaseDN ou=users,dc=yunohost,dc=org
-LDAPFilter (&(objectClass=mailAccount)(uid=FTPUSER))
-LDAPHomeDir FTPDIR
-LDAPAuthMethod BIND
-LDAPDefaultHomeDirectory FTPDIR
-
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@ -1,5 +1,5 @@
-location PATHTOCHANGE {
-       alias ALIASTOCHANGE;
+location LOCATIONTOCHANGE {
+       alias ALIASTOCHANGE/files/;
       index index.php index.html index.htm;
       default_type text/html;
       location ~ [^/]\.php(/|$) {
@ -12,6 +12,22 @@ location PATHTOCHANGE {
           fastcgi_param  SCRIPT_FILENAME $request_filename;
       }

+  # Include SSOWAT user panel.
+  include conf.d/yunohost_panel.conf.inc;
+}
+
+location PATHTOCHANGE/admin {
+       alias ALIASTOCHANGE;
+       index Cheryl.php;
+       location ~ [^/]\.php(/|$) {
+           fastcgi_split_path_info ^(.+?\.php)(/.*)$;
+           fastcgi_pass unix:/var/run/php5-fpm.sock;
+           fastcgi_index index.php;
+           include fastcgi_params;
+           fastcgi_param  REMOTE_USER     $remote_user;
+           fastcgi_param  PATH_INFO       $fastcgi_path_info;
+           fastcgi_param  SCRIPT_FILENAME $request_filename;
+       }

  # Include SSOWAT user panel.
  include conf.d/yunohost_panel.conf.inc;
--- a/manifest.json
+++ b/manifest.json
@ -1,15 +1,15 @@
 {
-    "name": "Custom Webapp + FTP",
+    "name": "Custom Webapp",
    "id": "my_webapp",
    "description": {
-        "en": "Empty App with FTP access to the web directory",
-        "fr": "App vide avec un accès FTP au répertoire Web"
+        "en": "Empty App with a file access to the web directory",
+        "fr": "Répertoire Web vide avec un accès fichier"
    },
    "maintainer": {
        "name": "kload",
        "email": "kload@kload.fr"
    },
-    "multi_instance": "false",
+    "multi_instance": "true",
    "arguments": {
        "install" : [
            {
@ -35,8 +35,8 @@
                "name": "admin",
                "type": "user",
                "ask": {
-                    "en": "Choose the YunoHost user who will be able to upload documents via FTP",
-                    "fr": "Choisissez l'utilisateur YunoHost qui sera capable d'envoyer des documents via FTP"
+                    "en": "Choose the YunoHost user who will be able to upload documents to this directory",
+                    "fr": "Choisissez l'utilisateur YunoHost qui sera capable d'envoyer des documents dans ce répertoire web"
                },
                "example": "johndoe"
            },
--- a/scripts/install
+++ b/scripts/install
@ -1,5 +1,7 @@
 #!/bin/bash

+set -e
+
 # Retrieve arguments
 domain=$1
 path=$2
@ -9,45 +11,36 @@ final_path=/var/www/my_webapp

 # Check domain/path availability
 sudo yunohost app checkurl $domain$path -a my_webapp
-if [[ ! $? -eq 0 ]]; then
-    exit 1
-fi
+path=${path%/}

 # Check user
-sudo yunohost user list --json | grep -q "\"username\": \"$user\""
-if [[ ! $? -eq 0 ]]; then
-echo "Wrong user"
-    exit 1
-fi
-sudo yunohost app setting my_webapp ftp_user -v $user
+sudo yunohost user list --json | grep -q "\"username\": \"$user\"" \
+  || (echo "User '$user' does not exist" && exit 1)
+sudo yunohost app setting my_webapp allowed_users -v "$user"

-# Check port availability
-sudo yunohost app checkport 21
-if [[ ! $? -eq 0 ]]; then
-  exit 1
-fi
+# Update the salt in the Cheryl.php file
+salt=$(dd if=/dev/urandom bs=1 count=200 2> /dev/null | tr -c -d 'A-Za-z0-9' | sed -n 's/\(.\{24\}\).*/\1/p')
+sed -i "s@SALTTOCHANGE@$salt@g" ../sources/Cheryl.php

-# Open port in firewall
-sudo yunohost firewall allow TCP 21 > /dev/null 2>&1
-
-# Install debian dependencies
-sudo apt-get install pure-ftpd-ldap -y -qq
-
-# Change user ID in configurations
-sed -i "s@FTPUSER@$user@g" ../conf/ldap.conf
-sed -i "s@FTPDIR@$final_path@g" ../conf/ldap.conf
-sed -i "s@FTPUSER@$user@g" ../sources/index.html
-sed -i "s@HOST@$domain@g" ../sources/index.html
+# Modify the index.html instruction file
+sed -i "s@USER@$user@g" ../sources/index.html
+sed -i "s@URL@https://$domain$path/admin/@g" ../sources/index.html

 # Copy files to the right place
-sudo mkdir -p $final_path
-sudo cp ../sources/index.html $final_path/
+sudo mkdir -p $final_path/files
+sudo cp ../sources/index.html $final_path/files
+sudo cp ../sources/Cheryl.php $final_path/

 # Set permissions
-sudo chmod 775 -R $final_path
-sudo chown -hR $user:www-data $final_path
+sudo chmod 775 -R $final_path/files
+sudo chown -hR www-data:www-data $final_path/files

 # Modify Nginx configuration file and copy it to Nginx conf directory
+if [[ "$path" == "" ]]; then
+  sed -i "s@LOCATIONTOCHANGE@/@g" ../conf/nginx.conf
+else
+  sed -i "s@LOCATIONTOCHANGE@$path@g" ../conf/nginx.conf
+fi
 sed -i "s@PATHTOCHANGE@$path@g" ../conf/nginx.conf
 sed -i "s@ALIASTOCHANGE@$final_path/@g" ../conf/nginx.conf
 sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/my_webapp.conf
@ -59,17 +52,9 @@ then
    sudo yunohost app setting my_webapp unprotected_uris -v "/"
 fi

-# Adapt PureFTPd configuration
-sudo cp ../conf/ldap.conf /etc/pure-ftpd/db/
-sudo sh -c 'echo "yes" > /etc/pure-ftpd/conf/NoAnonymous'
-sudo sh -c 'echo "yes" > /etc/pure-ftpd/conf/ChrootEveryone'
-sudo sh -c 'echo "no" > /etc/pure-ftpd/conf/UnixAuthentication'
-sudo sh -c 'echo "50000 50100" > /etc/pure-ftpd/conf/PassivePortRange'
+# Protect the file manager
+sudo yunohost app setting my_webapp protected_uris -v "/admin"

-# Register service to YunoHost monitoring
-sudo yunohost service add pure-ftpd-ldap --log "/var/log/pure-ftpd/transfer.log"
-
-# Reload Nginx, restart PureFTPd and regenerate SSOwat conf
+# Reload Nginx and regenerate SSOwat conf
 sudo service nginx reload
-sudo service pure-ftpd-ldap restart
 sudo yunohost app ssowatconf
--- a/scripts/upgrade
+++ b/scripts/upgrade
@ -1,17 +1,44 @@
 #!/bin/bash

+set -e
+
 # Retrieve arguments
 domain=$(sudo yunohost app setting my_webapp domain)
 path=$(sudo yunohost app setting my_webapp path)
-user=$(sudo yunohost app setting my_webapp ftp_user)
+user=$(sudo yunohost app setting my_webapp ftp_user \
+  || sudo yunohost app setting my_webapp allowed_users \
+  || echo "")
 is_public=$(sudo yunohost app setting my_webapp is_public)
 final_path=/var/www/my_webapp

-# Change user ID in configurations
-sed -i "s@FTPUSER@$user@g" ../conf/ldap.conf
-sed -i "s@FTPDIR@$final_path@g" ../conf/ldap.conf
+# Reset permissions
+if [[ "$user" != "" ]]; then
+  sudo yunohost app setting my_webapp allowed_users -v "$user"
+fi
+
+# Update the salt in the Cheryl.php file
+salt=$(dd if=/dev/urandom bs=1 count=200 2> /dev/null | tr -c -d 'A-Za-z0-9' | sed -n 's/\(.\{24\}\).*/\1/p')
+sed -i "s@SALTTOCHANGE@$salt@g" ../sources/Cheryl.php
+
+# Modify the index.html instruction file
+sed -i "s@USER@$user@g" ../sources/index.html
+sed -i "s@URL@https://$domain$path/admin/@g" ../sources/index.html
+
+# Copy files to the right place
+sudo mkdir -p $final_path/files
+sudo cp ../sources/index.html $final_path/files
+sudo cp ../sources/Cheryl.php $final_path/
+
+# Set permissions
+sudo chmod 775 -R $final_path/files
+sudo chown -hR www-data:www-data $final_path/files

 # Modify Nginx configuration file and copy it to Nginx conf directory
+if [[ "$path" == "" ]]; then
+  sed -i "s@LOCATIONTOCHANGE@/@g" ../conf/nginx.conf
+else
+  sed -i "s@LOCATIONTOCHANGE@$path@g" ../conf/nginx.conf
+fi
 sed -i "s@PATHTOCHANGE@$path@g" ../conf/nginx.conf
 sed -i "s@ALIASTOCHANGE@$final_path/@g" ../conf/nginx.conf
 sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/my_webapp.conf
@ -19,18 +46,12 @@ sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/my_webapp.conf
 # Make app public if necessary
 if [ "$is_public" = "Yes" ];
 then
-    sudo yunohost app setting my_webapp skipped_uris -d
    sudo yunohost app setting my_webapp unprotected_uris -v "/"
 fi

-# Adapt PureFTPd configuration
-sudo cp ../conf/ldap.conf /etc/pure-ftpd/db/
-sudo sh -c 'echo "yes" > /etc/pure-ftpd/conf/NoAnonymous'
-sudo sh -c 'echo "yes" > /etc/pure-ftpd/conf/ChrootEveryone'
-sudo sh -c 'echo "no" > /etc/pure-ftpd/conf/UnixAuthentication'
-sudo sh -c 'echo "50000 50100" > /etc/pure-ftpd/conf/PassivePortRange'
+# Protect the file manager
+sudo yunohost app setting my_webapp protected_uris -v "/admin"

-# Reload Nginx, restart PureFTPd and regenerate SSOwat conf
+# Reload Nginx and regenerate SSOwat conf
 sudo service nginx reload
-sudo service pure-ftpd-ldap restart
 sudo yunohost app ssowatconf
--- a/sources/Cheryl.php
+++ b/sources/Cheryl.php
--- a/sources/index.html
+++ b/sources/index.html
@ -4,8 +4,8 @@

 <h1>It works !</h1>

-<p>Congratulation, you have just installed your custom web app.</p>
-<p>You can access to the directory of this web page by connecting as <strong>FTPUSER</strong> to your server <strong>HOST</strong> via <strong>FTP</strong> on the standard port 21.</p>
+<p>Congratulations, you have just installed a custom web app.</p>
+<p>You can access to the directory of this web page by going to <a target=_blank href="URL">URL</a>. Only <strong>USER</strong> is able to upload and modify the web files.</p>

 <br>