diff --git a/README.md b/README.md index 126e09d..09d5889 100644 --- a/README.md +++ b/README.md @@ -5,7 +5,9 @@ Nextcloud for YunoHost own data. A personal cloud which run on your own server. With Nextcloud you can synchronize your files over your devices. -**Shipped version:** 11.0.2 +**Shipped version:** 12.0.0 + +[![Install Nextcloud with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=nextcloud) ![](https://github.com/nextcloud/screenshots/blob/master/files/filelist.png) diff --git a/conf/nginx.conf b/conf/nginx.conf index 445eca8..82c54ad 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -15,7 +15,6 @@ location ^~ #LOCATION# { # Add headers to serve security related headers add_header Strict-Transport-Security "max-age=15768000;"; add_header X-Content-Type-Options nosniff; - add_header X-Frame-Options "SAMEORIGIN"; add_header X-XSS-Protection "1; mode=block"; add_header X-Robots-Tag none; add_header X-Download-Options noopen; @@ -77,7 +76,6 @@ location ^~ #LOCATION# { # Add headers to serve security related headers add_header Strict-Transport-Security "max-age=15768000;"; add_header X-Content-Type-Options nosniff; - add_header X-Frame-Options "SAMEORIGIN"; add_header X-XSS-Protection "1; mode=block"; add_header X-Robots-Tag none; add_header X-Download-Options noopen; diff --git a/conf/php-fpm.ini b/conf/php-fpm.ini new file mode 100644 index 0000000..104f242 --- /dev/null +++ b/conf/php-fpm.ini @@ -0,0 +1,7 @@ +opcache.enable=1 +opcache.enable_cli=1 +opcache.interned_strings_buffer=8 +opcache.max_accelerated_files=10000 +opcache.memory_consumption=128 +opcache.save_comments=1 +opcache.revalidate_freq=1 diff --git a/manifest.json b/manifest.json index 66c7f9f..324f3a3 100644 --- a/manifest.json +++ b/manifest.json @@ -8,7 +8,7 @@ }, "url": "https://nextcloud.com", "license": "AGPL-3", - "version": "11.0.2", + "version": "12.0.0", "maintainer": { "name": "-", "email": "-" diff --git a/scripts/_common.sh b/scripts/_common.sh index d539cfe..96edec7 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -191,6 +191,7 @@ ynh_remove_logrotate () { sudo rm "/etc/logrotate.d/$app" fi } + # Calculate and store a file checksum into the app settings # # $app should be defined when calling this helper @@ -284,3 +285,36 @@ ynh_remove_fail2ban_config () { sudo systemctl restart fail2ban } +# Create a dedicated php-fpm config +final_path=$1 +# usage: ynh_add_fpm_config +ynh_add_fpm_config () { + finalphpconf="/etc/php5/fpm/pool.d/$app.conf" + ynh_backup_if_checksum_is_different "$finalphpconf" 1 + sudo cp ../conf/php-fpm.conf "$finalphpconf" + ynh_replace_string "__NAMETOCHANGE__" "$app" "$finalphpconf" + ynh_replace_string "__FINALPATH__" "$final_path" "$finalphpconf" + ynh_replace_string "__USER__" "$app" "$finalphpconf" + sudo chown root: "$finalphpconf" + ynh_store_file_checksum "$finalphpconf" + + if [ -e "../conf/php-fpm.ini" ] + then + finalphpini="/etc/php5/fpm/conf.d/20-$app.ini" + ynh_backup_if_checksum_is_different "$finalphpini" 1 + sudo cp ../conf/php-fpm.ini "$finalphpini" + sudo chown root: "$finalphpini" + ynh_store_file_checksum "$finalphpini" + fi + + sudo systemctl reload php5-fpm +} + +# Remove the dedicated php-fpm config +# +# usage: ynh_remove_fpm_config +ynh_remove_fpm_config () { + ynh_secure_remove "/etc/php5/fpm/pool.d/$app.conf" + ynh_secure_remove "/etc/php5/fpm/conf.d/20-$app.ini" 2>&1 + sudo systemctl reload php5-fpm +} diff --git a/scripts/install b/scripts/install index 4780c06..0dfa3ef 100755 --- a/scripts/install +++ b/scripts/install @@ -94,6 +94,7 @@ sed -i "s@#DESTDIR#@${DESTDIR}/@g" ../conf/php-fpm.conf sudo cp ../conf/php-fpm.conf "$phpfpm_conf" sudo chown root: $phpfpm_conf sudo chmod 644 $phpfpm_conf +ynh_add_fpm_config # occ helper for the current installation _exec_occ() { diff --git a/scripts/upgrade b/scripts/upgrade index ad354da..560939a 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -127,6 +127,7 @@ sed -i "s@#DESTDIR#@${DESTDIR}/@g" ../conf/php-fpm.conf sudo cp ../conf/php-fpm.conf "$phpfpm_conf" sudo chown root: $phpfpm_conf sudo chmod 644 $phpfpm_conf +ynh_add_fpm_config # Set system group in hooks sed -i "s@#GROUP#@${app}@g" ../hooks/post_user_create diff --git a/scripts/upgrade.d/upgrade.11.sh b/scripts/upgrade.d/upgrade.11.sh new file mode 100755 index 0000000..33419d6 --- /dev/null +++ b/scripts/upgrade.d/upgrade.11.sh @@ -0,0 +1,18 @@ +#!/bin/bash + +# Version cible de la mise à jour de Nextcloud +VERSION="12.0.0" + +# Nextcloud tarball checksum +NEXTCLOUD_SOURCE_SHA256="1b9d9cf05e657cd564a552b418fbf42d669ca51e0fd1f1f118fe44cbf93a243f" + +# Load common variables and helpers +source ./_common.sh + +# Source app helpers +source /usr/share/yunohost/helpers + +# Load common upgrade function +source ./upgrade.d/upgrade.generic.sh + +COMMON_UPGRADE # Met à jour Nextcloud vers la version suivante diff --git a/scripts/upgrade.d/upgrade.generic.sh b/scripts/upgrade.d/upgrade.generic.sh index 4765259..cd09b99 100755 --- a/scripts/upgrade.d/upgrade.generic.sh +++ b/scripts/upgrade.d/upgrade.generic.sh @@ -17,7 +17,10 @@ COMMON_UPGRADE () { # Retrieve new Nextcloud sources in a temporary directory TMPDIR=$(mktemp -d) - extract_nextcloud "$TMPDIR" # Télécharge nextcloud, vérifie sa somme de contrôle et le décompresse. + + # Set temp folder ownership + sudo chown -R $app: "$TMPDIR" + extract_nextcloud "$TMPDIR" "$app" # Télécharge nextcloud, vérifie sa somme de contrôle et le décompresse. # Copy Nextcloud configuration file sed -i "s@#DOMAIN#@${domain}@g" ../conf/config.json diff --git a/scripts/upgrade.d/upgrade.last.sh b/scripts/upgrade.d/upgrade.last.sh index ef5ed99..e677a8e 100755 --- a/scripts/upgrade.d/upgrade.last.sh +++ b/scripts/upgrade.d/upgrade.last.sh @@ -1,10 +1,10 @@ #!/bin/bash # Version cible de la mise à jour de Nextcloud -VERSION=11.0.2 +VERSION=12.0.0 # Nextcloud tarball checksum sha256 -NEXTCLOUD_SOURCE_SHA256=5d1ef19d8f1f340b46c05ba3741dcb043dfc84fc3b9e2cfce1409c71a89b8700 +NEXTCLOUD_SOURCE_SHA256=5288f645348eddc1a7768825678bd19f110cec585a16f98b52c64389358c74bc # Load common variables and helpers source ./_common.sh