diff --git a/config_panel.toml b/config_panel.toml
index b54f7cd..1d5407d 100644
--- a/config_panel.toml
+++ b/config_panel.toml
@@ -1,13 +1,12 @@
-version = "0.1"
-name = "My webapp configuration panel"
+version = "1.0"
[main]
-name = "My webapp configuration"
+name = "My Webapp configuration"
[main.sftp]
name = "SFTP access"
- [main.sftp.sftp]
+ [main.sftp.with_sftp]
ask = "Do you need a SFTP access?"
type = "boolean"
default = true
@@ -16,25 +15,47 @@ name = "My webapp configuration"
ask = "Set a password for the SFTP access"
type = "password"
optional = true
- help = "If a password already exist, it will not be replaced."
+ visible = "with_sftp"
+ help = "If a password already exist, leave blank and it will not be replaced."
[main.php_fpm_config]
name = "PHP-FPM configuration"
- [main.php_fpm_config.footprint]
- ask = "Memory footprint of the service?"
- choices = ["low", "medium", "high", "specific"]
- default = "low"
- help = "low <= 20Mb per pool. medium between 20Mb and 40Mb per pool. high > 40Mb per pool.
Use specific to set a value with the following option."
+ [main.php_fpm_config.phpversion]
+ ask = "PHP version"
+ type = "select"
+ choices = ["none", "7.3", "7.4", "8.0"]
+ default = "none"
- [main.php_fpm_config.free_footprint]
+ [main.php_fpm_config.fpm_footprint]
+ visible = "phpversion != 'none'"
+ ask = "Memory footprint of the service?"
+ type = "select"
+ choices.low = "Low, <= 20Mb per pool"
+ choices.medium = "Medium, between 20Mb and 40Mb per pool"
+ choices.high = "High, > 40Mb per pool"
+ choices.specific = "Use specific value"
+ default = "low"
+
+ [main.php_fpm_config.fpm_free_footprint]
+ visible = "fpm_footprint == 'specific' && phpversion != 'none'"
ask = "Memory footprint of the service?"
type = "number"
default = "0"
help = "Free field to specify exactly the footprint in Mb if you don't want to use one of the three previous values."
- [main.php_fpm_config.usage]
+ [main.php_fpm_config.fpm_usage]
+ visible = "phpversion != 'none'"
ask = "Expected usage of the service?"
+ type = "select"
choices = ["low", "medium", "high"]
default = "low"
help = "low: Personal usage, behind the sso. No RAM footprint when not used, but the impact on the processor can be high if many users are using the service.
medium: Low usage, few people or/and publicly accessible. Low RAM footprint, medium processor footprint when used.
high: High usage, frequently visited website. High RAM footprint, but lower on processor usage and quickly responding."
+
+# TODO: Add protected_path as tags, which are created as permission "label (path)", so admin can protect a specific path
+# [main.permissions]
+# [main.permissions.proteced_path]
+# ask = "Protected path"
+# help = "A permission will be created so you can restrict the access to a subpath of the web app."
+# type = "tags"
+
diff --git a/scripts/_common.sh b/scripts/_common.sh
index ed3594e..31498b2 100644
--- a/scripts/_common.sh
+++ b/scripts/_common.sh
@@ -365,3 +365,38 @@ ynh_app_changelog () {
echo "No significative changes from the changelog..." > "${final_changelog}_lite"
fi
}
+
+ynh_system_user_add_group() {
+ # Declare an array to define the options of this helper.
+ local legacy_args=uhs
+ local -A args_array=([u]=username= [g]=groups=)
+ local username
+ local groups
+
+ # Manage arguments with getopts
+ ynh_handle_getopts_args "$@"
+ groups="${groups:-}"
+
+ local group
+ for group in $groups; do
+ usermod -a -G "$group" "$username"
+ done
+}
+
+
+ynh_system_user_del_group() {
+ # Declare an array to define the options of this helper.
+ local legacy_args=uhs
+ local -A args_array=([u]=username= [g]=groups=)
+ local username
+ local groups
+
+ # Manage arguments with getopts
+ ynh_handle_getopts_args "$@"
+ groups="${groups:-}"
+
+ local group
+ for group in $groups; do
+ gpasswd -d "$username" "$group"
+ done
+}
diff --git a/scripts/config b/scripts/config
index e30a1c3..188b1b6 100644
--- a/scripts/config
+++ b/scripts/config
@@ -9,115 +9,143 @@
source _common.sh
source /usr/share/yunohost/helpers
+ynh_abort_if_errors
+
#=================================================
# RETRIEVE ARGUMENTS
#=================================================
-app=${YNH_APP_INSTANCE_NAME:-$YNH_APP_ID}
+final_path=$(ynh_app_setting_get $app final_path)
+domain=$(ynh_app_setting_get --app=$app --key=domain)
+path_url=$(ynh_app_setting_get --app=$app --key=path)
+
+current_fpm_footprint=$(ynh_app_setting_get --app=$app --key=fpm_footprint)
+fpm_footprint=$(ynh_app_setting_get --app=$app --key=fpm_footprint)
+fpm_usage=$(ynh_app_setting_get --app=$app --key=fpm_usage)
#=================================================
-# SPECIFIC CODE
-#=================================================
-# LOAD VALUES
+# SPECIFIC GETTERS FOR TOML SHORT KEY
#=================================================
-# Load the real value from the app config or elsewhere.
-# Then get the value from the form.
-# If the form has a value for a variable, take the value from the form,
-# Otherwise, keep the value from the app config.
+get__fpm_footprint() {
+ # Free footprint value for php-fpm
+ # Check if current_fpm_footprint is an integer
+ if [ "$current_fpm_footprint" -eq "$current_fpm_footprint" ] 2> /dev/null
+ then
+ echo "specific"
+ else
+ echo "$current_fpm_footprint"
+ fi
+}
-# with_sftp
-old_with_sftp="$(ynh_app_setting_get --app=$app --key=with_sftp)"
-with_sftp="${YNH_CONFIG_MAIN_SFTP_SFTP:-$old_with_sftp}"
-
-# sftp password
-is_password_exist=0
-password=$(ynh_app_setting_get --app=$app --key=password)
-if [ -n "$password" ]
-then
- ynh_print_warn --message="A password already exist, it will not be replaced."
- # If a password already exist, unset the variable password and to not change it.
- unset password
- is_password_exist=1
-else
- # Otherwise, get the new password
- password="$YNH_CONFIG_MAIN_SFTP_PASSWORD"
-fi
-
-
-# Footprint for PHP-FPM
-old_fpm_footprint="$(ynh_app_setting_get --app=$app --key=fpm_footprint)"
-fpm_footprint="${YNH_CONFIG_MAIN_PHP_FPM_CONFIG_FOOTPRINT:-$old_fpm_footprint}"
-
-# Free footprint value for PHP-FPM
-# Check if fpm_footprint is an integer
-if [ "$fpm_footprint" -eq "$fpm_footprint" ] 2> /dev/null
-then
- # If fpm_footprint is an integer, that's a numeric value for the footprint
- old_free_footprint=$fpm_footprint
-else
- old_free_footprint=0
-fi
-free_footprint="${YNH_CONFIG_MAIN_PHP_FPM_CONFIG_FREE_FOOTPRINT:-$old_free_footprint}"
-
-# Usage for PHP-FPM
-old_fpm_usage="$(ynh_app_setting_get --app=$app --key=fpm_usage)"
-fpm_usage="${YNH_CONFIG_MAIN_PHP_FPM_CONFIG_USAGE:-$old_fpm_usage}"
-
-#=================================================
-# SHOW_CONFIG FUNCTION FOR 'SHOW' COMMAND
-#=================================================
-
-show_config() {
- # here you are supposed to read some config file/database/other then print the values
- # ynh_return "YNH_CONFIG_${PANEL_ID}_${SECTION_ID}_${OPTION_ID}=value"
- ynh_return "YNH_CONFIG_MAIN_SFTP_SFTP=$with_sftp"
-# ynh_return "YNH_CONFIG_MAIN_SFTP_PASSWORD=$password"
-
- ynh_return "YNH_CONFIG_MAIN_PHP_FPM_CONFIG_FOOTPRINT=$fpm_footprint"
- ynh_return "YNH_CONFIG_MAIN_PHP_FPM_CONFIG_FREE_FOOTPRINT=$free_footprint"
- ynh_return "YNH_CONFIG_MAIN_PHP_FPM_CONFIG_USAGE=$fpm_usage"
+get__free_footprint() {
+ # Free footprint value for php-fpm
+ # Check if current_fpm_footprint is an integer
+ if [ "$current_fpm_footprint" -eq "$current_fpm_footprint" ] 2> /dev/null
+ then
+ # If current_fpm_footprint is an integer, that's a numeric value for the footprint
+ echo "$current_fpm_footprint"
+ else
+ echo "0"
+ fi
}
#=================================================
-# MODIFY THE CONFIGURATION
+# SPECIFIC VALIDATORS FOR TOML SHORT KEYS
#=================================================
-apply_config() {
- #=================================================
- # REMOVE OR ADD SFTP ACCESS
- #=================================================
+#=================================================
+# SPECIFIC SETTERS FOR TOML SHORT KEYS
+#=================================================
- if [ "$with_sftp" != "$old_with_sftp" ]
+set__password() {
+ if [ "$password" == "" ]
then
- yunohost app action run $app sftp --args with_sftp=$with_sftp
-
- # Change the password only if none was already set for the user
- if [ $is_password_exist -eq 0 ] && [ $with_sftp -eq 1 ]
- then
- # Add the password to the user
- chpasswd <<< "${app}:${password}"
- ynh_app_setting_set --app=$app --key=password --value="$password"
- fi
+ ynh_app_setting_set --app=$app --key=password --value="$password"
fi
+}
- #=================================================
- # RECONFIGURE PHP-FPM
- #=================================================
-
- if [ "$fpm_usage" != "$old_fpm_usage" ] || [ "$fpm_footprint" != "$old_fpm_footprint" ]
+set__fpm_footprint() {
+ if [ "$fpm_footprint" != "specific" ]
then
- ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint
+ ynh_app_setting_set --app=$app --key=fpm_footprint --value="$fpm_footprint"
+ fi
+}
+
+set__fpm_free_footprint() {
+ if [ "$fpm_footprint" = "specific" ]
+ then
+ ynh_app_setting_set --app=$app --key=fpm_footprint --value="$fpm_free_footprint"
fi
}
#=================================================
# GENERIC FINALIZATION
#=================================================
-# SELECT THE ACTION FOLLOWING THE GIVEN ARGUMENT
-#=================================================
-case $1 in
- show) show_config;;
- apply) apply_config;;
-esac
+ynh_app_config_validate() {
+ _ynh_app_config_validate
+
+ if [ "${changed[with_sftp]}" == "true" ] && [ $with_sftp -eq 1 ] && [ "$password" == "" ]
+ then
+ ynh_die --message="You need to set a password to enable SFTP"
+ fi
+
+ if [ "${changed[fpm_usage]}" == "true" ] || [ "${changed[fpm_footprint]}" == "true" ] || [ "${changed[fpm_free_footprint]}" == "true" ]; then
+ # If fpm_footprint is set to 'specific', use $fpm_free_footprint value.
+ if [ "$fpm_footprint" = "specific" ]
+ then
+ fpm_footprint=$fpm_free_footprint
+ fi
+
+ if [ "$fpm_footprint" == "0" ]
+ then
+ ynh_print_err --message="When selecting 'specific', you have to set a footprint value into the field below."
+
+ exit 0
+ fi
+ fi
+}
+
+ynh_app_config_apply() {
+ _ynh_app_config_apply
+
+ if [ "${changed[phpversion]}" == "true" ]
+ then
+ ynh_app_setting_set --app=$app --key=phpversion --value="${old[phpversion]}"
+ ynh_remove_fpm_config
+ # ^ the helper includes ynh_remove_app_dependencies
+ YNH_PHP_VERSION=$phpversion
+ # ^ ynh_add_config replaces __PHPVERSION__ by __PHP_YNH_VERSION__...
+ ynh_app_setting_set --app=$app --key=phpversion --value="$phpversion"
+
+ if [ "$phpversion" == "none" ]
+ then
+ cp ../conf/nginx{_no_php,}.conf
+ else
+ cp ../conf/nginx{_with_php,}.conf
+ ynh_install_app_dependencies "php${phpversion}-fpm"
+ ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint --phpversion=$phpversion
+ # ^ the helper takes care of ynh_app_setting_set the phpversion
+ fi
+
+ ynh_add_nginx_config
+ fi
+
+ if [ "${changed[with_sftp]}" == "true" ] && [ $with_sftp -eq 1 ]
+ then
+ ynh_system_user_add_group --username=$app --groups="sftp.app"
+
+ if [ ! "$password" == "" ]
+ then
+ chpasswd <<< "${app}:${password}"
+ fi
+ elif [ "${changed[with_sftp]}" == "true" ] && [ $with_sftp -eq 0 ]
+ then
+ ynh_system_user_del_group --username=$app --groups="sftp.app"
+ fi
+
+ ynh_add_fpm_config --phpversion=$phpversion --usage=$fpm_usage --footprint=$fpm_footprint
+}
+
+ynh_app_config_run $1
diff --git a/scripts/install b/scripts/install
index 1779a18..24e72f8 100644
--- a/scripts/install
+++ b/scripts/install
@@ -40,6 +40,8 @@ ynh_script_progression --message="Validating installation parameters..." --weigh
final_path=/var/www/$app
test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
+[ $with_sftp -eq 0 ] || [ "$password" != "" ] || ynh_die --message="You need to set a password to enable SFTP"
+
# Register (book) web path
ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
@@ -52,6 +54,7 @@ ynh_app_setting_set --app=$app --key=domain --value=$domain
ynh_app_setting_set --app=$app --key=path --value=$path_url
ynh_app_setting_set --app=$app --key=with_mysql --value=$with_mysql
ynh_app_setting_set --app=$app --key=with_sftp --value=$with_sftp
+ynh_app_setting_set --app=$app --key=password --value="$password"
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
ynh_app_setting_set --app=$app --key=phpversion --value=$phpversion
@@ -94,6 +97,7 @@ ynh_script_progression --message="Configuring NGINX web server..." --weight=2
if [ $phpversion != "none" ]
then
cp ../conf/nginx{_with_php,}.conf
+ YNH_PHP_VERSION="$phpversion"
else
cp ../conf/nginx{_no_php,}.conf
fi
@@ -119,7 +123,6 @@ if [ $with_sftp -eq 1 ]
then
# Add the password to this user
chpasswd <<< "${app}:${password}"
- ynh_app_setting_set --app=$app --key=password --value="$password"
fi
#=================================================
diff --git a/scripts/upgrade b/scripts/upgrade
index 57408d1..f65ad0e 100644
--- a/scripts/upgrade
+++ b/scripts/upgrade
@@ -28,6 +28,7 @@ phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
admin_mail_html=$(ynh_app_setting_get --app=$app --key=admin_mail_html)
fpm_footprint=$(ynh_app_setting_get --app=$app --key=fpm_footprint)
+fpm_free_footprint=$(ynh_app_setting_get --app=$app --key=fpm_free_footprint)
fpm_usage=$(ynh_app_setting_get --app=$app --key=fpm_usage)
#=================================================
@@ -79,6 +80,12 @@ if [ -z "$fpm_footprint" ]; then
ynh_app_setting_set --app=$app --key=fpm_footprint --value=$fpm_footprint
fi
+# If fpm_free_footprint doesn't exist, create it
+if [ -z "$fpm_free_footprint" ]; then
+ fpm_free_footprint=0
+ ynh_app_setting_set --app=$app --key=fpm_free_footprint --value=$fpm_free_footprint
+fi
+
# If fpm_usage doesn't exist, create it
if [ -z "$fpm_usage" ]; then
fpm_usage=low
@@ -91,9 +98,9 @@ if [ -z "$with_sftp" ]; then
ynh_app_setting_set --app=$app --key=with_sftp --value=$with_sftp
fi
-# If phpversion doesn't exist, create it
+# If phpversion doesn't exist, create it. We assume it is the default system one.
if [ -z "$phpversion" ]; then
- phpversion=$YNH_PHP_VERSION
+ phpversion=$YNH_DEFAULT_PHP_VERSION
ynh_app_setting_set --app=$app --key=phpversion --value=$phpversion
fi
@@ -112,6 +119,9 @@ if ynh_legacy_permissions_exists; then
ynh_app_setting_delete --app=$app --key=is_public
fi
+# Ensure password is a setting even if empty, for the config panel
+ynh_app_setting_set --app=$app --key=password --value="$password"
+
#=================================================
# ACTIVATE MAINTENANCE MODE
#=================================================
@@ -147,6 +157,7 @@ ynh_script_progression --message="Upgrading NGINX web server configuration..." -
if [ $phpversion != "none" ]
then
cp ../conf/nginx{_with_php,}.conf
+ YNH_PHP_VERSION="$phpversion"
else
cp ../conf/nginx{_no_php,}.conf
fi