#!/bin/bash #================================================= # GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers #================================================= # MANAGE SCRIPT FAILURE #================================================= # Exit if an error occurs during the execution of the script ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= ynh_script_progression --message="Loading settings..." --weight=2 app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app=$app --key=domain) path_url=$(ynh_app_setting_get --app=$app --key=path) final_path=$(ynh_app_setting_get --app=$app --key=final_path) db_name=$(ynh_app_setting_get --app=$app --key=db_name) with_mysql=$(ynh_app_setting_get --app=$app --key=with_mysql) password=$(ynh_app_setting_get --app=$app --key=password) user=$(ynh_app_setting_get --app=$app --key=user) #================================================= # CHECK IF THE APP CAN BE RESTORED #================================================= ynh_script_progression --message="Validating restoration parameters..." --weight=2 ynh_webpath_available --domain=$domain --path_url=$path_url \ || ynh_die --message="Path not available: ${domain}${path_url}" test ! -d $final_path \ || ynh_die --message="There is already a directory: $final_path " #================================================= # STANDARD RESTORATION STEPS #================================================= # RESTORE THE NGINX CONFIGURATION #================================================= ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= # RESTORE THE APP MAIN DIR #================================================= ynh_script_progression --message="Restoring the app main directory..." ynh_restore_file --origin_path="$final_path" #================================================= # RESTORE THE MYSQL DATABASE #================================================= if [ $with_mysql -eq 1 ]; then ynh_script_progression --message="Restoring the MySQL database..." db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) ynh_mysql_setup_db --db_user=$db_name --db_name=$db_name --db_pwd=$db_pwd ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name < ./db.sql fi #================================================= # RECREATE THE DEDICATED USER #================================================= ynh_script_progression --message="Recreating the dedicated system user..." --weight=2 # Create a standard user (not a system user for sftp) ynh_system_user_exists --username=$user || \ useradd -d "$final_path" -M --user-group "$user" # Add the password to this user chpasswd <<< "${user}:${password}" #================================================= # RESTORE USER RIGHTS #================================================= # Restore permissions on app files chown -R $user: "$final_path" # Home directory of the user need to be owned by root to allow # SFTP connections chown root: "$final_path" #================================================= # RESTORE THE PHP-FPM CONFIGURATION #================================================= ynh_restore_file --origin_path="/etc/php/7.0/fpm/pool.d/$app.conf" #================================================= # SPECIFIC RESTORATION #================================================= # CONFIGURE SSH #================================================= ynh_script_progression --message="Configuring ssh..." # Harden SSH connection for the user echo "##-> ${app} # Hardening user connection Match User ${user} ChrootDirectory %h ForceCommand internal-sftp AllowTcpForwarding no PermitTunnel no X11Forwarding no ##<- ${app}" | tee -a /etc/ssh/sshd_config >/dev/null ynh_systemd_action --service_name=ssh --action=reload #================================================= # GENERIC FINALIZATION #================================================= # RELOAD NGINX AND PHP-FPM #================================================= ynh_script_progression --message="Reloading nginx web server and php-fpm..." ynh_systemd_action --service_name=php7.0-fpm --action=reload ynh_systemd_action --service_name=nginx --action=reload #================================================= # END OF SCRIPT #================================================= ynh_script_progression --message="Restoration completed for $app" --last