[enh] Replace FTP by a simple PHP file manager

README.md

@@ -1,4 +1,4 @@
-Custom Webapp + FTP
+Custom Webapp
--------------------
+-------------
 
-Empty App with FTP access to the web directory.
+Empty App with a file access to the web directory.

conf/ldap.conf

@@ -1,6 +0,0 @@
-LDAPBaseDN ou=users,dc=yunohost,dc=org
-LDAPFilter (&(objectClass=mailAccount)(uid=FTPUSER))
-LDAPHomeDir FTPDIR
-LDAPAuthMethod BIND
-LDAPDefaultHomeDirectory FTPDIR
-

conf/nginx.conf

@@ -1,5 +1,5 @@
-location PATHTOCHANGE {
+location LOCATIONTOCHANGE {
-       alias ALIASTOCHANGE;
+       alias ALIASTOCHANGE/files/;
        index index.php index.html index.htm;
        default_type text/html;
        location ~ [^/]\.php(/|$) {
@@ -12,6 +12,22 @@ location PATHTOCHANGE {
            fastcgi_param  SCRIPT_FILENAME $request_filename;
        }
 
+  # Include SSOWAT user panel.
+  include conf.d/yunohost_panel.conf.inc;
+}
+
+location PATHTOCHANGE/admin {
+       alias ALIASTOCHANGE;
+       index Cheryl.php;
+       location ~ [^/]\.php(/|$) {
+           fastcgi_split_path_info ^(.+?\.php)(/.*)$;
+           fastcgi_pass unix:/var/run/php5-fpm.sock;
+           fastcgi_index index.php;
+           include fastcgi_params;
+           fastcgi_param  REMOTE_USER     $remote_user;
+           fastcgi_param  PATH_INFO       $fastcgi_path_info;
+           fastcgi_param  SCRIPT_FILENAME $request_filename;
+       }
 
   # Include SSOWAT user panel.
   include conf.d/yunohost_panel.conf.inc;

manifest.json

@@ -1,15 +1,15 @@
 {
-    "name": "Custom Webapp + FTP",
+    "name": "Custom Webapp",
     "id": "my_webapp",
     "description": {
-        "en": "Empty App with FTP access to the web directory",
+        "en": "Empty App with a file access to the web directory",
-        "fr": "App vide avec un accès FTP au répertoire Web"
+        "fr": "Répertoire Web vide avec un accès fichier"
     },
     "maintainer": {
         "name": "kload",
         "email": "kload@kload.fr"
     },
-    "multi_instance": "false",
+    "multi_instance": "true",
     "arguments": {
         "install" : [
             {
@@ -35,8 +35,8 @@
                 "name": "admin",
                 "type": "user",
                 "ask": {
-                    "en": "Choose the YunoHost user who will be able to upload documents via FTP",
+                    "en": "Choose the YunoHost user who will be able to upload documents to this directory",
-                    "fr": "Choisissez l'utilisateur YunoHost qui sera capable d'envoyer des documents via FTP"
+                    "fr": "Choisissez l'utilisateur YunoHost qui sera capable d'envoyer des documents dans ce répertoire web"
                 },
                 "example": "johndoe"
             },

scripts/install

@@ -1,5 +1,7 @@
 #!/bin/bash
 
+set -e
+
 # Retrieve arguments
 domain=$1
 path=$2
@@ -9,45 +11,36 @@ final_path=/var/www/my_webapp
 
 # Check domain/path availability
 sudo yunohost app checkurl $domain$path -a my_webapp
-if [[ ! $? -eq 0 ]]; then
+path=${path%/}
-    exit 1
-fi
 
 # Check user
-sudo yunohost user list --json | grep -q "\"username\": \"$user\""
+sudo yunohost user list --json | grep -q "\"username\": \"$user\"" \
-if [[ ! $? -eq 0 ]]; then
+  || (echo "User '$user' does not exist" && exit 1)
-echo "Wrong user"
+sudo yunohost app setting my_webapp allowed_users -v "$user"
-    exit 1
-fi
-sudo yunohost app setting my_webapp ftp_user -v $user
 
-# Check port availability
+# Update the salt in the Cheryl.php file
-sudo yunohost app checkport 21
+salt=$(dd if=/dev/urandom bs=1 count=200 2> /dev/null | tr -c -d 'A-Za-z0-9' | sed -n 's/\(.\{24\}\).*/\1/p')
-if [[ ! $? -eq 0 ]]; then
+sed -i "s@SALTTOCHANGE@$salt@g" ../sources/Cheryl.php
-  exit 1
-fi
 
-# Open port in firewall
+# Modify the index.html instruction file
-sudo yunohost firewall allow TCP 21 > /dev/null 2>&1
+sed -i "s@USER@$user@g" ../sources/index.html
-
+sed -i "s@URL@https://$domain$path/admin/@g" ../sources/index.html
-# Install debian dependencies
-sudo apt-get install pure-ftpd-ldap -y -qq
-
-# Change user ID in configurations
-sed -i "s@FTPUSER@$user@g" ../conf/ldap.conf
-sed -i "s@FTPDIR@$final_path@g" ../conf/ldap.conf
-sed -i "s@FTPUSER@$user@g" ../sources/index.html
-sed -i "s@HOST@$domain@g" ../sources/index.html
 
 # Copy files to the right place
-sudo mkdir -p $final_path
+sudo mkdir -p $final_path/files
-sudo cp ../sources/index.html $final_path/
+sudo cp ../sources/index.html $final_path/files
+sudo cp ../sources/Cheryl.php $final_path/
 
 # Set permissions
-sudo chmod 775 -R $final_path
+sudo chmod 775 -R $final_path/files
-sudo chown -hR $user:www-data $final_path
+sudo chown -hR www-data:www-data $final_path/files
 
 # Modify Nginx configuration file and copy it to Nginx conf directory
+if [[ "$path" == "" ]]; then
+  sed -i "s@LOCATIONTOCHANGE@/@g" ../conf/nginx.conf
+else
+  sed -i "s@LOCATIONTOCHANGE@$path@g" ../conf/nginx.conf
+fi
 sed -i "s@PATHTOCHANGE@$path@g" ../conf/nginx.conf
 sed -i "s@ALIASTOCHANGE@$final_path/@g" ../conf/nginx.conf
 sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/my_webapp.conf
@@ -59,17 +52,9 @@ then
     sudo yunohost app setting my_webapp unprotected_uris -v "/"
 fi
 
-# Adapt PureFTPd configuration
+# Protect the file manager
-sudo cp ../conf/ldap.conf /etc/pure-ftpd/db/
+sudo yunohost app setting my_webapp protected_uris -v "/admin"
-sudo sh -c 'echo "yes" > /etc/pure-ftpd/conf/NoAnonymous'
-sudo sh -c 'echo "yes" > /etc/pure-ftpd/conf/ChrootEveryone'
-sudo sh -c 'echo "no" > /etc/pure-ftpd/conf/UnixAuthentication'
-sudo sh -c 'echo "50000 50100" > /etc/pure-ftpd/conf/PassivePortRange'
 
-# Register service to YunoHost monitoring
+# Reload Nginx and regenerate SSOwat conf
-sudo yunohost service add pure-ftpd-ldap --log "/var/log/pure-ftpd/transfer.log"
-
-# Reload Nginx, restart PureFTPd and regenerate SSOwat conf
 sudo service nginx reload
-sudo service pure-ftpd-ldap restart
 sudo yunohost app ssowatconf

scripts/upgrade

@@ -1,17 +1,44 @@
 #!/bin/bash
 
+set -e
+
 # Retrieve arguments
 domain=$(sudo yunohost app setting my_webapp domain)
 path=$(sudo yunohost app setting my_webapp path)
-user=$(sudo yunohost app setting my_webapp ftp_user)
+user=$(sudo yunohost app setting my_webapp ftp_user \
+  || sudo yunohost app setting my_webapp allowed_users \
+  || echo "")
 is_public=$(sudo yunohost app setting my_webapp is_public)
 final_path=/var/www/my_webapp
 
-# Change user ID in configurations
+# Reset permissions
-sed -i "s@FTPUSER@$user@g" ../conf/ldap.conf
+if [[ "$user" != "" ]]; then
-sed -i "s@FTPDIR@$final_path@g" ../conf/ldap.conf
+  sudo yunohost app setting my_webapp allowed_users -v "$user"
+fi
+
+# Update the salt in the Cheryl.php file
+salt=$(dd if=/dev/urandom bs=1 count=200 2> /dev/null | tr -c -d 'A-Za-z0-9' | sed -n 's/\(.\{24\}\).*/\1/p')
+sed -i "s@SALTTOCHANGE@$salt@g" ../sources/Cheryl.php
+
+# Modify the index.html instruction file
+sed -i "s@USER@$user@g" ../sources/index.html
+sed -i "s@URL@https://$domain$path/admin/@g" ../sources/index.html
+
+# Copy files to the right place
+sudo mkdir -p $final_path/files
+sudo cp ../sources/index.html $final_path/files
+sudo cp ../sources/Cheryl.php $final_path/
+
+# Set permissions
+sudo chmod 775 -R $final_path/files
+sudo chown -hR www-data:www-data $final_path/files
 
 # Modify Nginx configuration file and copy it to Nginx conf directory
+if [[ "$path" == "" ]]; then
+  sed -i "s@LOCATIONTOCHANGE@/@g" ../conf/nginx.conf
+else
+  sed -i "s@LOCATIONTOCHANGE@$path@g" ../conf/nginx.conf
+fi
 sed -i "s@PATHTOCHANGE@$path@g" ../conf/nginx.conf
 sed -i "s@ALIASTOCHANGE@$final_path/@g" ../conf/nginx.conf
 sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/my_webapp.conf
@@ -19,18 +46,12 @@ sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/my_webapp.conf
 # Make app public if necessary
 if [ "$is_public" = "Yes" ];
 then
-    sudo yunohost app setting my_webapp skipped_uris -d
     sudo yunohost app setting my_webapp unprotected_uris -v "/"
 fi
 
-# Adapt PureFTPd configuration
+# Protect the file manager
-sudo cp ../conf/ldap.conf /etc/pure-ftpd/db/
+sudo yunohost app setting my_webapp protected_uris -v "/admin"
-sudo sh -c 'echo "yes" > /etc/pure-ftpd/conf/NoAnonymous'
-sudo sh -c 'echo "yes" > /etc/pure-ftpd/conf/ChrootEveryone'
-sudo sh -c 'echo "no" > /etc/pure-ftpd/conf/UnixAuthentication'
-sudo sh -c 'echo "50000 50100" > /etc/pure-ftpd/conf/PassivePortRange'
 
-# Reload Nginx, restart PureFTPd and regenerate SSOwat conf
+# Reload Nginx and regenerate SSOwat conf
 sudo service nginx reload
-sudo service pure-ftpd-ldap restart
 sudo yunohost app ssowatconf

sources/index.html

@@ -4,8 +4,8 @@
 
 <h1>It works !</h1>
 
-<p>Congratulation, you have just installed your custom web app.</p>
+<p>Congratulations, you have just installed a custom web app.</p>
-<p>You can access to the directory of this web page by connecting as <strong>FTPUSER</strong> to your server <strong>HOST</strong> via <strong>FTP</strong> on the standard port 21.</p>
+<p>You can access to the directory of this web page by going to <a target=_blank href="URL">URL</a>. Only <strong>USER</strong> is able to upload and modify the web files.</p>
 
 <br>