YunoHost-Apps/nextcloud_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/nextcloud_ynh.git synced 2024-09-03 19:55:57 +02:00
Code Issues Activity Actions

[enh] Rewrite install/remove script for ownCloud 9.0

Browse source 
ownCloud 9.0 comes with improved occ which allows to install easily from
the command-line. This install rewrite uses those new facilities and also uses
the config:import command to set system and LDAP configuration.
This commit is contained in:
Jérôme Lebleu 2016-04-02 11:43:48 +02:00
commit 4fcbb58642
15 changed files with 939 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
.gitignore vendored Normal file
View file

@ -0,0 +1,2 @@
*~
*.sw[op]

10
README.md Normal file
View file

@ -0,0 +1,10 @@
# owncloud_ynh
Owncloud package for YunoHost.
OwnCloud gives you freedom and control over your own data. A personal cloud which run on your own server. With Owncloud you can synchronize your files over your devices.
The current version in this package is Owncloud 8.1.3 from owncloud.org. The files have been checked with the sha256 sum.
<img src="https://github.com/owncloud/owncloud.org/blob/9519c21f0bdc1a590053aa78bf1c0efe9a7ee9ec/assets/img/screenshots/serverwebui.png" style="max-width:100%;" alt="Screen of owncloud webui"/>
### Official Website: https://owncloud.org ###

27
conf/config.json Normal file
View file

@ -0,0 +1,27 @@
{
"system": {
"trusted_domains": [
"localhost",
"#DOMAIN#"
],
"updatechecker": false,
"memcache.local": "\\OC\\Memcache\\APCu"
},
"apps": {
"user_ldap": {
"ldap_host": "localhost",
"ldap_port": "389",
"ldap_base": "dc=yunohost,dc=org",
"ldap_base_groups": "dc=yunohost,dc=org",
"ldap_base_users": "dc=yunohost,dc=org",
"ldap_email_attribute": "mail",
"ldap_expert_username_attr": "uid",
"ldap_quota_attr": "mailQuota",
"ldap_user_display_name": "cn",
"ldap_user_filter": "objectClass=mailAccount",
"ldap_login_filter": "(&(|(objectclass=mailAccount))(uid=%uid))",
"ldap_group_filter": "objectClass=posixGroup",
"ldap_configuration_active": "1"
}
}
}

1
conf/mount.json Normal file
View file

@ -0,0 +1 @@
{"user":{"all":{"\/$user\/files\/Home":{"class":"\\OC\\Files\\Storage\\Local","options":{"datadir":"\/home\/$user"}}}}}

58
conf/nginx.conf Normal file
View file

@ -0,0 +1,58 @@
location #LOCATION# {
alias #DESTDIR#;
if ($scheme = http) {
rewrite ^ https://$server_name$request_uri? permanent;
}
#fastcgi_buffers 64 4K;
rewrite ^#PATH#/caldav(.*)$ #PATH#/remote.php/caldav$1 redirect;
rewrite ^#PATH#/carddav(.*)$ #PATH#/remote.php/carddav$1 redirect;
rewrite ^#PATH#/webdav(.*)$ #PATH#/remote.php/webdav$1 redirect;
error_page 403 #PATH#/core/templates/403.php;
error_page 404 #PATH#/core/templates/404.php;
rewrite ^#PATH#/.well-known/host-meta #PATH#/public.php?service=host-meta last;
rewrite ^#PATH#/.well-known/host-meta.json #PATH#/public.php?service=host-meta-json last;
rewrite ^#PATH#/.well-known/carddav #PATH#/remote.php/carddav/ redirect;
rewrite ^#PATH#/.well-known/caldav #PATH#/remote.php/caldav/ redirect;
rewrite ^(#PATH#/core/doc/[^\/]+/)$ $1/index.html;
client_max_body_size 10G;
index index.php;
try_files $uri $uri/ /index.php;
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
fastcgi_pass unix:/var/run/php5-fpm-#APP#.sock;
include fastcgi_params;
fastcgi_param REMOTE_USER $remote_user;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param HTTPS on;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param modHeadersAvailable true;
fastcgi_buffers 64 4K;
}
location ~ robots\.txt {
allow all;
log_not_found off;
access_log off;
}
gzip off;
# Add headers to serve security related headers
add_header Strict-Transport-Security "max-age=15768000;";
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
# show YunoHost panel access
include conf.d/yunohost_panel.conf.inc;
}
location ~ ^#PATH#/(data|config|\.ht|db_structure\.xml|README) {
deny all;
}

16
conf/owncloud-deps.control Normal file
View file

@ -0,0 +1,16 @@
Section: misc
Priority: optional
Homepage: https://mediagoblin.org/
Standards-Version: 3.9.2
Package: owncloud-deps
Version: 9.0.0-1
Depends: acl, php5-cli, php5-apcu, tar, smbclient
Architecture: all
Description: meta package for owncloud dependencies
ownCloud gives you universal access to your files through a web
interface or WebDAV. It also provides a platform to easily view & sync
your contacts, calendars and bookmarks across all your devices and
enables basic editing right on the web.
.
This meta-package is only responsible of installing its dependencies.

246
conf/php-fpm.conf Normal file
View file

@ -0,0 +1,246 @@
; Start a new pool named 'www'.
; the variable $pool can we used in any directive and will be replaced by the
; pool name ('www' here)
[#POOLNAME#]
; Per pool prefix
; It only applies on the following directives:
; - 'slowlog'
; - 'listen' (unixsocket)
; - 'chroot'
; - 'chdir'
; - 'php_values'
; - 'php_admin_values'
; When not set, the global prefix (or /usr) applies instead.
; Note: This directive can also be relative to the global prefix.
; Default Value: none
;prefix = /path/to/pools/$pool
; The address on which to accept FastCGI requests.
; Valid syntaxes are:
; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific address on
; a specific port;
; 'port' - to listen on a TCP socket to all addresses on a
; specific port;
; '/path/to/unix/socket' - to listen on a unix socket.
; Note: This value is mandatory.
listen = /var/run/php5-fpm-#POOLNAME#.sock
; Set listen(2) backlog. A value of '-1' means unlimited.
; Default Value: 128 (-1 on FreeBSD and OpenBSD)
;listen.backlog = -1
; List of ipv4 addresses of FastCGI clients which are allowed to connect.
; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
; must be separated by a comma. If this value is left blank, connections will be
; accepted from any ip address.
; Default Value: any
;listen.allowed_clients = 127.0.0.1
; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many
; BSD-derived systems allow connections regardless of permissions.
; Default Values: user and group are set as the running user
; mode is set to 0666
listen.owner = www-data
listen.group = www-data
listen.mode = 0600
; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
; will be used.
user = #POOLNAME#
group = #POOLNAME#
; Choose how the process manager will control the number of child processes.
; Possible Values:
; static - a fixed number (pm.max_children) of child processes;
; dynamic - the number of child processes are set dynamically based on the
; following directives:
; pm.max_children - the maximum number of children that can
; be alive at the same time.
; pm.start_servers - the number of children created on startup.
; pm.min_spare_servers - the minimum number of children in 'idle'
; state (waiting to process). If the number
; of 'idle' processes is less than this
; number then some children will be created.
; pm.max_spare_servers - the maximum number of children in 'idle'
; state (waiting to process). If the number
; of 'idle' processes is greater than this
; number then some children will be killed.
; Note: This value is mandatory.
pm = dynamic
; The number of child processes to be created when pm is set to 'static' and the
; maximum number of child processes to be created when pm is set to 'dynamic'.
; This value sets the limit on the number of simultaneous requests that will be
; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
; CGI.
; Note: Used when pm is set to either 'static' or 'dynamic'
; Note: This value is mandatory.
pm.max_children = 6
; The number of child processes created on startup.
; Note: Used only when pm is set to 'dynamic'
; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2
pm.start_servers = 3
; The desired minimum number of idle server processes.
; Note: Used only when pm is set to 'dynamic'
; Note: Mandatory when pm is set to 'dynamic'
pm.min_spare_servers = 3
; The desired maximum number of idle server processes.
; Note: Used only when pm is set to 'dynamic'
; Note: Mandatory when pm is set to 'dynamic'
pm.max_spare_servers = 5
; The number of requests each child process should execute before respawning.
; This can be useful to work around memory leaks in 3rd party libraries. For
; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
; Default Value: 0
pm.max_requests = 500
; The URI to view the FPM status page. If this value is not set, no URI will be
; recognized as a status page. By default, the status page shows the following
; information:
; accepted conn - the number of request accepted by the pool;
; pool - the name of the pool;
; process manager - static or dynamic;
; idle processes - the number of idle processes;
; active processes - the number of active processes;
; total processes - the number of idle + active processes.
; max children reached - number of times, the process limit has been reached,
; when pm tries to start more children (works only for
; pm 'dynamic')
; The values of 'idle processes', 'active processes' and 'total processes' are
; updated each second. The value of 'accepted conn' is updated in real time.
; Example output:
; accepted conn: 12073
; pool: www
; process manager: static
; idle processes: 35
; active processes: 65
; total processes: 100
; max children reached: 1
; By default the status page output is formatted as text/plain. Passing either
; 'html' or 'json' as a query string will return the corresponding output
; syntax. Example:
; http://www.foo.bar/status
; http://www.foo.bar/status?json
; http://www.foo.bar/status?html
; Note: The value must start with a leading slash (/). The value can be
; anything, but it may not be a good idea to use the .php extension or it
; may conflict with a real PHP file.
; Default Value: not set
pm.status_path = /fpm-status
; The ping URI to call the monitoring page of FPM. If this value is not set, no
; URI will be recognized as a ping page. This could be used to test from outside
; that FPM is alive and responding, or to
; - create a graph of FPM availability (rrd or such);
; - remove a server from a group if it is not responding (load balancing);
; - trigger alerts for the operating team (24/7).
; Note: The value must start with a leading slash (/). The value can be
; anything, but it may not be a good idea to use the .php extension or it
; may conflict with a real PHP file.
; Default Value: not set
ping.path = /ping
; This directive may be used to customize the response of a ping request. The
; response is formatted as text/plain with a 200 response code.
; Default Value: pong
;ping.response = pong
; The timeout for serving a single request after which the worker process will
; be killed. This option should be used when the 'max_execution_time' ini option
; does not stop script execution for some reason. A value of '0' means 'off'.
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
; Default Value: 0
request_terminate_timeout = 1d
; The timeout for serving a single request after which a PHP backtrace will be
; dumped to the 'slowlog' file. A value of '0s' means 'off'.
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
; Default Value: 0
request_slowlog_timeout = 5s
; The log file for slow requests
; Default Value: not set
; Note: slowlog is mandatory if request_slowlog_timeout is set
slowlog = /var/log/nginx/#POOLNAME#.slow.log
; Set open file descriptor rlimit.
; Default Value: system defined value
rlimit_files = 4096
; Set max core size rlimit.
; Possible Values: 'unlimited' or an integer greater or equal to 0
; Default Value: system defined value
rlimit_core = 0
; Chroot to this directory at the start. This value must be defined as an
; absolute path. When this value is not set, chroot is not used.
; Note: you can prefix with '$prefix' to chroot to the pool prefix or one
; of its subdirectories. If the pool prefix is not set, the global prefix
; will be used instead.
; Note: chrooting is a great security feature and should be used whenever
; possible. However, all PHP paths will be relative to the chroot
; (error_log, sessions.save_path, ...).
; Default Value: not set
;chroot =
; Chdir to this directory at the start.
; Note: relative path can be used.
; Default Value: current directory or / when chroot
chdir = #DESTDIR#
; Redirect worker stdout and stderr into main error log. If not set, stdout and
; stderr will be redirected to /dev/null according to FastCGI specs.
; Note: on highloaded environement, this can cause some delay in the page
; process time (several ms).
; Default Value: no
catch_workers_output = yes
; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
; the current environment.
; Default Value: clean env
;env[HOSTNAME] = $HOSTNAME
;env[PATH] = /usr/local/bin:/usr/bin:/bin
;env[TMP] = /tmp
;env[TMPDIR] = /tmp
;env[TEMP] = /tmp
; Additional php.ini defines, specific to this pool of workers. These settings
; overwrite the values previously defined in the php.ini. The directives are the
; same as the PHP SAPI:
; php_value/php_flag - you can set classic ini defines which can
; be overwritten from PHP call 'ini_set'.
; php_admin_value/php_admin_flag - these directives won't be overwritten by
; PHP call 'ini_set'
; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no.
; Defining 'extension' will load the corresponding shared extension from
; extension_dir. Defining 'disable_functions' or 'disable_classes' will not
; overwrite previously defined php.ini values, but will append the new value
; instead.
; Note: path INI options can be relative and will be expanded with the prefix
; (pool, global or /usr)
; Default Value: nothing is defined by default except the values in php.ini and
; specified at startup with the -d argument
;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com
;php_flag[display_errors] = off
;php_admin_value[error_log] = /var/log/fpm-php.www.log
;php_admin_flag[log_errors] = on
;php_admin_value[memory_limit] = 32M
php_value[upload_max_filesize] = 10G
php_value[post_max_size] = 10G
php_value[session.save_path] = #DESTDIR#/lib/private/session/
php_value[default_charset] = UTF-8
php_value[always_populate_raw_post_data] = -1
clear_env = no

6
hooks/post_user_create Normal file
View file

@ -0,0 +1,6 @@
#!/bin/bash
APP=${!#}
user=$1
sudo mkdir -p /home/$user
sudo setfacl -m g:$APP:rwx /home/$user

51
manifest.json Normal file
View file

@ -0,0 +1,51 @@
{
"name": "OwnCloud",
"id": "owncloud",
"description": {
"en": "Sync & share your files, pictures, music, contacts, calendars, and much more !",
"fr": "Synchronisez et partagez vos fichiers, images, musiques, contacts, calendriers, et bien plus !"
},
"url": "http://owncloud.org",
"maintainer": {
"name": "kload",
"email": "kload@kload.fr"
},
"multi_instance": "true",
"services": [
"nginx",
"php5-fpm",
"mysql"
],
"arguments": {
"install" : [
{
"name": "domain",
"type": "domain",
"ask": {
"en": "Choose a domain for Owncloud",
"fr": "Choisissez un domaine pour Owncloud"
},
"example": "domain.org"
},
{
"name": "path",
"type": "path",
"ask": {
"en": "Choose a path for Owncloud",
"fr": "Choisissez un chemin pour Owncloud"
},
"example": "/owncloud",
"default": "/owncloud"
},
{
"name": "admin",
"type": "user",
"ask": {
"en": "Choose the Owncloud administrator (must be an existing YunoHost user)",
"fr": "Choisissez l'administrateur d'Owncloud (doit être un utilisateur YunoHost déjà existant)"
},
"example": "homer"
}
]
}
}

75
scripts/_common.sh Normal file
View file

@ -0,0 +1,75 @@
#
# Common variables
#
APPNAME="owncloud"
# ownCloud version
VERSION=9.0.0
# Package name for MediaGoblin dependencies
DEPS_PKG_NAME="owncloud-deps"
# Remote URL to fetch ownCloud tarball
OWNCLOUD_SOURCE_URL="https://download.owncloud.org/community/owncloud-${VERSION}.tar.bz2"
# Remote URL to fetch ownCloud tarball checksum
OWNCLOUD_SOUCE_SHA256="d16737510a77a81489f7c4d5e19b0756fa2ea1c5081ba174b0fec0f00da3a77c"
# App package root directory should be the parent folder
PKGDIR=$(cd ../; pwd)
#
# Common helpers
#
# Print a message to stderr and exit
# usage: die msg [retcode]
die() {
printf "%s" "$1" 1>&2
exit "${2:-1}"
}
# Download and extract ownCloud sources to the given directory
# usage: extract_owncloud DESTDIR [AS_USER]
extract_owncloud() {
local DESTDIR=$1
local AS_USER=${2:-admin}
# retrieve and extract Roundcube tarball
oc_tarball="/tmp/owncloud.tar.bz2"
rm -f "$oc_tarball"
# wget -q -O "$oc_tarball" "$OWNCLOUD_SOURCE_URL" \
cp /home/admin/owncloud.tar.bz2 "$oc_tarball" \
|| die "Unable to download ownCloud tarball"
echo "$OWNCLOUD_SOUCE_SHA256 $oc_tarball" | sha256sum -c >/dev/null \
|| die "Invalid checksum of downloaded tarball"
exec_as "$AS_USER" tar xjf "$oc_tarball" -C "$DESTDIR" --strip-components 1 \
|| die "Unable to extract ownCloud tarball"
rm -f "$oc_tarball"
}
# Execute a command as another user
# usage: exec_as USER COMMAND [ARG ...]
exec_as() {
local USER=$1
shift 1
if [[ $USER = $(whoami) ]]; then
eval $@
else
# use sudo twice to be root and be allowed to use another user
sudo sudo -u "$USER" $@
fi
}
# Execute a command with occ as a given user from a given directory
# usage: exec_occ WORKDIR AS_USER COMMAND [ARG ...]
exec_occ() {
local WORKDIR=$1
local AS_USER=$2
shift 2
(cd "$WORKDIR" && exec_as "$AS_USER" \
php occ --no-interaction --quiet --no-ansi $@)
}

31
scripts/backup Executable file
View file

@ -0,0 +1,31 @@
#!/bin/bash
APP=${!#}
CAN_BIND=1
# The parameter $1 is the backup directory location dedicated to the app
backup_dir=$1
domain=$(sudo yunohost app setting $APP domain)
path=$(sudo yunohost app setting $APP path)
user=$(sudo yunohost app setting $APP admin_user)
# Backup sources & data
sudo cp -a /var/www/$APP $backup_dir/www
# TODO Shallow copy because data could be very big
sudo cp -a /home/yunohost.app/$APP/data $backup_dir/data
# Copy Conf
sudo mkdir -p "${backup_dir}/conf"
sudo cp -a /etc/nginx/conf.d/$domain.d/$APP.conf $backup_dir/conf/nginx.conf
sudo cp -a /etc/php5/fpm/pool.d/$APP.conf "${backup_dir}/conf/php-fpm.conf"
sudo cp -a /etc/php5/cli/conf.d/20-apc.ini $backup_dir/conf/ \
|| sudo cp -a /etc/php5/cli/conf.d/20-apcu.ini $backup_dir/conf/
# Backup db
db_pwd=$(sudo yunohost app setting $APP mysqlpwd)
sudo su -c "mysqldump -u $APP -p"$db_pwd" --no-create-db $APP > ${backup_dir}/db.sql"

133
scripts/install Executable file
View file

@ -0,0 +1,133 @@
#!/bin/bash
set -e
set -u
# Retrieve arguments
domain=$1
path=${2%/}
admin=$3
app=${!#}
# Load common variables
. ./_common.sh
# Set app specific variables
dbname=$app
dbuser=$app
# Source app helpers
. /usr/share/yunohost/helpers
# TODO: Check domain/path availability with app helper
sudo yunohost app checkurl $domain$path -a $app \
|| die "The path ${domain}${path} is not available for app installation."
# Check user parameter
ynh_user_exists "$admin" \
|| die "The chosen admin user does not exist."
ynh_app_setting_set $app admin_user $admin
# Check destination directory
DESTDIR="/var/www/$app"
[[ -d $DESTDIR ]] && die \
"The destination directory '$DESTDIR' already exists.\
You should safely delete it before installing this app."
# Install dependencies
ynh_package_install_from_equivs ../conf/${DEPS_PKG_NAME}.control \
|| die "Unable to install dependencies"
# Generate random password
dbpass=$(ynh_string_random)
ynh_app_setting_set $app mysqlpwd $dbpass
# Initialize database
ynh_mysql_create_db $dbname $dbuser $dbpass
# Create a system account for ownCloud
sudo useradd -c "$app system account" \
-d /var/lib/$app --system --user-group $app \
|| die "Unable to create $app system account"
# Create ownCloud destination directory
sudo mkdir -p "$DESTDIR"
# Copy ownCloud configuration file
oc_conf="${DESTDIR}/config.json"
sed -i "s@#DOMAIN#@${domain}@g" ../conf/config.json
sudo cp ../conf/config.json "$oc_conf"
# Create and init data folder
DATADIR="/home/yunohost.app/${app}/data"
sudo mkdir -p "$DATADIR"
sudo cp ../conf/mount.json "$DATADIR"
# Set app folders ownership
sudo chown -R $app: "$DESTDIR" "$DATADIR"
# Copy and set nginx configuration
nginx_conf="/etc/nginx/conf.d/${domain}.d/${app}.conf"
sed -i "s@#APP#@${app}@g" ../conf/nginx.conf
sed -i "s@#PATH#@${path}@g" ../conf/nginx.conf
sed -i "s@#LOCATION#@${path:-/}@g" ../conf/nginx.conf
sed -i "s@#DESTDIR#@${DESTDIR}@g" ../conf/nginx.conf
sudo cp ../conf/nginx.conf "$nginx_conf"
# Copy and set php-fpm configuration
phpfpm_conf="/etc/php5/fpm/pool.d/${app}.conf"
sed -i "s@#POOLNAME#@${app}@g" ../conf/php-fpm.conf
sed -i "s@#DESTDIR#@${DESTDIR}/@g" ../conf/php-fpm.conf
sudo cp ../conf/php-fpm.conf "$phpfpm_conf"
sudo chown root: $phpfpm_conf
sudo chmod 644 $phpfpm_conf
# occ helper for the current installation
_exec_occ() {
exec_occ "$DESTDIR" "$app" $@
}
# Retrieve and install ownCloud using a temporary admin user
extract_owncloud "$DESTDIR" "$app"
_exec_occ maintenance:install \
--database "mysql" --database-name "$dbname" \
--database-user "$dbuser" --database-pass "$dbpass" \
--admin-user "admin" --admin-pass "$(ynh_string_random 6)" \
|| die "Unable to install ownCloud"
# Enable plugins and set ownCloud configuration
_exec_occ app:enable files_external
_exec_occ app:enable user_ldap
_exec_occ ldap:create-empty-config
_exec_occ config:import "$oc_conf"
sudo rm -f "$oc_conf"
# Set the user as admin and delete admin user
ynh_mysql_connect_as $dbuser $dbpass $dbname \
<<< "INSERT INTO oc_group_user VALUES ('admin','$admin');"
_exec_occ user:delete admin
## Needed for Jessie/PHP5.6 compatibility
#sudo sed -i "s/;always_populate_raw/always_populate_raw/" /etc/php5/cli/php.ini
# Iterate over users to extend their home folder permissions - for the external
# storage plugin usage - and create relevant ownCloud directories
for u in $(ynh_user_list); do
sudo mkdir -p "${DATADIR}/${u}"
sudo setfacl -m g:$app:rwx "/home/$u" || true
done
# Fix app folders permissions
sudo chown -R $app: "$DESTDIR" "$DATADIR"
sudo chmod 755 /home/yunohost.app
find ${DESTDIR}/ -type f -print0 | xargs -0 sudo chmod 0644
find ${DESTDIR}/ -type d -print0 | xargs -0 sudo chmod 0755
find ${DATADIR}/ -type f -print0 | xargs -0 sudo chmod 0640
find ${DATADIR}/ -type d -print0 | xargs -0 sudo chmod 0750
# Set SSOwat rules
ynh_app_setting_set $app unprotected_uris "/"
# Reload services
sudo service php5-fpm restart || true
sudo service nginx reload || true

36
scripts/remove Executable file
View file

@ -0,0 +1,36 @@
#!/bin/bash
# Set app specific variables
app=${!#}
dbname=$app
dbuser=$app
# Load common variables and helpers
. ./_common.sh
# Source app helpers
. /usr/share/yunohost/helpers
# Drop MySQL database and user
ynh_mysql_drop_db $dbname || true
ynh_mysql_drop_user $dbuser || true
# Retrieve domain from app settings
domain=$(ynh_app_setting_get $app domain)
# Delete app directory and configurations
sudo rm -rf "/var/www/${app}"
sudo rm -f "/etc/php5/fpm/pool.d/${app}.conf"
[[ -n $domain ]] && sudo rm -f "/etc/nginx/conf.d/${domain}.d/${app}.conf"
# Reload services
sudo service php5-fpm restart || true
sudo service nginx reload || true
# Remove app dependencies and system user
ynh_package_autoremove "$DEPS_PKG_NAME" || true
for i in $(ls /home); do
[[ ! $i == yunohost.* ]] \
&& sudo setfacl -x g:$app:rwx > /dev/null 2>&1
done
sudo deluser --quiet --remove-home --system $app > /dev/null

100
scripts/restore Executable file
View file

@ -0,0 +1,100 @@
#!/bin/bash
# This restore script is adapted to Yunohost >=2.4
APP=${!#}
# The parameter $1 is the backup directory location dedicated to the app
backup_dir=$1
# Get old parameter of the app
domain=$(sudo yunohost app setting $APP domain)
path=$(sudo yunohost app setting $APP path)
user=$(sudo yunohost app setting $APP admin_user)
# Check domain/path availability
sudo yunohost app checkurl $domain$path -a $APP
if [[ ! $? -eq 0 ]]; then
echo "There is already an app on this URL : $domain$path" | sudo tee /dev/stderr
exit 1
fi
final_path=/var/www/$APP
if [ -d $final_path ]; then
echo "There is already a directory: $final_path " | sudo tee /dev/stderr
exit 1
fi
data_path=/home/yunohost.app/$APP/data
if [ -d $data_path ]; then
echo "There is already a directory: $data_path " | sudo tee /dev/stderr
exit 1
fi
conf_nginx=/etc/nginx/conf.d/$domain.d/$APP.conf
if [ -f $conf_nginx ]; then
echo "There is already a nginx conf file at this path: $conf_nginx " | sudo tee /dev/stderr
exit 1
fi
conf_fpm=/etc/php5/fpm/pool.d/$APP.conf
if [ -f $conf_fpm ]; then
echo "There is already a nginx conf file at this path: $conf_fpm " | sudo tee /dev/stderr
exit 1
fi
# Install dependencies
sudo apt-get update -qq
sudo DEBIAN_FRONTEND=noninteractive apt-get -o Dpkg::Options::="--force-confold" -o Dpkg::Options::="--force-confdef" -y --force-yes -qq install acl smbclient php5-cli php-apc coreutils gnupg tar
# Create user if not exists
sudo useradd -d /var/www/$APP $APP || echo "User $APP"
# Restore sources & data
sudo cp -a "${backup_dir}/www" $final_path
sudo mkdir -p $data_path
sudo cp -a "${backup_dir}/data/." $data_path
db_pwd=$(sudo yunohost app setting $APP mysqlpwd)
db_user=$APP
sudo yunohost app initdb $db_user -p $db_pwd
sudo su -c "mysql -u $db_user -p$db_pwd $APP < ${backup_dir}/db.sql"
# TODO Change config.php with potential new database name
# Set permissions
sudo chown -hR $APP:www-data $final_path
sudo chown -hR $APP:www-data $data_path
sudo chown $APP:www-data /home/yunohost.app/$APP
sudo chmod 755 /home/yunohost.app
sudo chmod -R u=rwX,g=rwX,o=rX $final_path
sudo chmod -R u=rwX,g=rwX,o= $data_path
sudo chmod -R 665 $final_path
sudo find $final_path -type d -print0 | xargs -0 sudo chmod 775 \
|| echo "No file to modify"
sudo chmod -R 770 $data_path
# Set permissions to owncloud directories and /home directories + add Home external storage
for i in $(ls /home)
do
sudo yunohost user list --json | grep -q "\"username\": \"$i\"" && (
sudo setfacl -m g:$APP:rwx /home/$i || echo "ACL not available"
) || true
done
# Needed for Jessie/PHP5.6 compatibility
sudo sed -i "s/;always_populate_raw/always_populate_raw/" /etc/php5/cli/php.ini
# Restore conf files
sudo cp -a "${backup_dir}/conf/nginx.conf" $conf_nginx
sudo cp -a "${backup_dir}/conf/php-fpm.conf" $conf_fpm
sudo cp -a "${backup_dir}/conf/20-apc.ini" /etc/php5/cli/conf.d/ \
|| sudo cp -a "${backup_dir}/conf/20-apcu.ini" /etc/php5/cli/conf.d/
# Reload Services
sudo killall php5-fpm
sudo service php5-fpm start
sudo service nginx reload
sudo yunohost app setting $APP unprotected_uris -v "/"
sudo yunohost app ssowatconf
# Set ssowat config
sudo yunohost app setting $APP unprotected_uris -v "/"
sudo yunohost app ssowatconf

147
scripts/upgrade Executable file
View file

@ -0,0 +1,147 @@
#!/bin/bash
APP=${!#}
set -e
APPNAME=`echo -n own;echo 'cloud'`
SOURCES=`echo -n $APPNAME;echo '-8.2.2'`
# Retrieve arguments
domain=$(sudo yunohost app setting owncloud domain)
path=$(sudo yunohost app setting owncloud path)
#user=$(sudo yunohost app setting owncloud admin_user)
db_pwd=$(sudo yunohost app setting owncloud mysqlpwd)
# Install dependencies
sudo apt-get update -qq
sudo apt-get install acl smbclient php5-cli php-apc coreutils gnupg tar -y -qq
# Remove trailing "/" for next commands
path=${path%/}
# Use 'owncloud' as database name and user \
db_user=owncloud
# Verify sources and extract it
sha256sum --strict --quiet -c ../sources/$SOURCES.tar.bz2.sha256sum < ../sources/$SOURCES.tar.bz2
gpg --import ../sources/$APPNAME.asc
gpg --verify ../sources/$SOURCES.tar.bz2.asc ../sources/$SOURCES.tar.bz2
sudo mkdir -p ../tmp/
sudo tar -jxf ../sources/$SOURCES.tar.bz2 -C ../tmp/
# Copy files to the right place
final_path=/var/www/owncloud
data_path=/home/yunohost.app/owncloud/data
sudo mkdir -p $final_path
sudo mkdir -p $data_path
old_pwd=$(pwd)
sudo chmod -R u=rwX,g=rwX,o=rX $final_path
sudo chmod -R u=rwX,g=rwX,o= $data_path
cd $final_path
sudo mkdir -p old_apps
sudo rm -Rf old_apps/*
sudo mv apps/* old_apps \
|| echo "No app to backup"
shopt -s extglob
sudo rm -Rf !(old_apps|data|config|themes)
shopt -u extglob
cd $old_pwd
sudo cp -a ../tmp/$APPNAME/. $final_path/
cd $final_path/old_apps
sudo rm -Rf $(ls $final_path/apps)
cd $old_pwd
sudo cp -a $final_path/old_apps/* $final_path/apps/ \
|| echo "No app to restore"
sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/owncloud.conf
sudo cp ../conf/php-fpm.conf /etc/php5/fpm/pool.d/owncloud.conf
sudo ls /usr/lib/php5/2*/ | grep apc.so \
&& sudo cp ../conf/20-apc.ini /etc/php5/cli/conf.d/20-apc.ini \
|| sudo cp ../conf/20-apcu.ini /etc/php5/cli/conf.d/20-apcu.ini
sudo cp ../conf/mount.json $data_path
sudo chown -hR owncloud:www-data $final_path
sudo chown -hR owncloud:www-data $data_path
sudo chmod 755 /home/yunohost.app
sudo chmod -R u=rwX,g=rwX,o=rX $final_path
sudo chmod -R u=rwX,g=rwX,o= $data_path
sudo chmod -R 770 $data_path
# Needed for Jessie/PHP5.6 compatibility
sudo sed -i "s/;always_populate_raw/always_populate_raw/" /etc/php5/cli/php.ini
# Change variables in Owncloud configuration
if [[ "$path" == "" ]]; then
sudo sed -i "s@LOCATIONTOCHANGE@/@g" /etc/nginx/conf.d/$domain.d/owncloud.conf
else
sudo sed -i "s@LOCATIONTOCHANGE@$path@g" /etc/nginx/conf.d/$domain.d/owncloud.conf
fi
sudo sed -i "s@PATHTOCHANGE@$path@g" /etc/nginx/conf.d/$domain.d/owncloud.conf
sudo sed -i "s@ALIASTOCHANGE@$final_path/@g" /etc/nginx/conf.d/$domain.d/owncloud.conf
sudo sed -i "s@NAMETOCHANGE@owncloud@g" /etc/nginx/conf.d/$domain.d/owncloud.conf
sudo sed -i "s@NAMETOCHANGE@owncloud@g" /etc/php5/fpm/pool.d/owncloud.conf
if ! grep -Fq "memcache" $final_path/config/config.php
then
sudo bash -c "echo \"\\\$CONFIG['memcache.local']= '\OC\Memcache\APC';\" >> $final_path/config/config.php"
fi
if ! grep -Fq "memcache.locking" $final_path/config/config.php
then
sudo bash -c "echo \"\\\$CONFIG['memcache.locking']= '\OC\Memcache\APC';\" >> $final_path/config/config.php"
fi
# Set permissions to owncloud directories and /home directories + add Home external storage
for i in $(ls /home)
do
sudo yunohost user list --json | grep -q "\"username\": \"$i\"" && (
sudo mkdir -p $data_path/$i
sudo setfacl -m g:owncloud:rwx /home/$i || echo "ACL not available"
) || true
done
# Reload Nginx and regenerate SSOwat conf
sudo killall php5-fpm
sudo service php5-fpm start
sudo service nginx reload
sudo yunohost app setting owncloud unprotected_uris -v "/"
sudo yunohost app setting owncloud skipped_uris -d
sudo yunohost app ssowatconf
sudo chown -hR owncloud:owncloud $final_path
sudo chown -hR owncloud:owncloud $data_path
sudo chmod 755 /home/yunohost.app
sudo chmod -R u=rwX,g=rwX,o=rX $final_path
sudo chmod -R u=rwX,g=rwX,o= $data_path
#Run owncloud upgrade script to avoid to have to do this in the browser
cd $final_path
#sudo su -c "php occ app:disable gallery -n -q --no-ansi" owncloud
sudo su -c "php occ upgrade -n -q --no-ansi || echo 'Owncloud upgrade already done'" owncloud
# Configure LDAP plugin
sudo su -c "php occ ldap:set-config '' ldapBase dc=yunohost,dc=org -n -q --no-ansi" owncloud
sudo su -c "php occ ldap:set-config '' ldapBaseGroups dc=yunohost,dc=org -n -q --no-ansi" owncloud
sudo su -c "php occ ldap:set-config '' ldapBaseUsers dc=yunohost,dc=org -n -q --no-ansi" owncloud
sudo su -c "php occ ldap:set-config '' ldapCacheTTL 600 -n -q --no-ansi" owncloud
sudo su -c "php occ ldap:set-config '' ldapConfigurationActive 1 -n -q --no-ansi" owncloud
sudo su -c "php occ ldap:set-config '' ldapEmailAttribute mail -n -q --no-ansi" owncloud
sudo su -c "php occ ldap:set-config '' ldapExperiencedAdmin 0 -n -q --no-ansi" owncloud
sudo su -c "php occ ldap:set-config '' ldapExpertUsernameAttr uid -n -q --no-ansi" owncloud
sudo su -c "php occ ldap:set-config '' ldapGroupDisplayName cn -n -q --no-ansi" owncloud
sudo su -c "php occ ldap:set-config '' ldapGroupFilter objectClass=posixGroup -n -q --no-ansi" owncloud
sudo su -c "php occ ldap:set-config '' ldapGroupFilterMode 0 -n -q --no-ansi" owncloud
sudo su -c "php occ ldap:set-config '' ldapGroupMemberAssocAttr uniqueMember -n -q --no-ansi" owncloud
sudo su -c "php occ ldap:set-config '' ldapHost localhost -n -q --no-ansi" owncloud
sudo su -c "php occ ldap:set-config '' ldapLoginFilter '(&(|(objectclass=mailAccount))(uid=%uid))' -n -q --no-ansi" owncloud
sudo su -c "php occ ldap:set-config '' ldapLoginFilterEmail 0 -n -q --no-ansi" owncloud
sudo su -c "php occ ldap:set-config '' ldapLoginFilterMode 0 -n -q --no-ansi" owncloud
sudo su -c "php occ ldap:set-config '' ldapLoginFilterUsername 1 -n -q --no-ansi" owncloud
sudo su -c "php occ ldap:set-config '' ldapNestedGroups 0 -n -q --no-ansi" owncloud
sudo su -c "php occ ldap:set-config '' ldapPagingSize 500 -n -q --no-ansi" owncloud
sudo su -c "php occ ldap:set-config '' ldapPort 389 -n -q --no-ansi" owncloud
sudo su -c "php occ ldap:set-config '' ldapQuotaAttribute mailQuota -n -q --no-ansi" owncloud
sudo su -c "php occ ldap:set-config '' ldapTLS 0 -n -q --no-ansi" owncloud
sudo su -c "php occ ldap:set-config '' ldapUserDisplayName cn -n -q --no-ansi" owncloud
sudo su -c "php occ ldap:set-config '' ldapUserFilter objectClass=mailAccount -n -q --no-ansi" owncloud
sudo su -c "php occ ldap:set-config '' ldapUserFilterMode 0 -n -q --no-ansi" owncloud
sudo su -c "php occ ldap:set-config '' ldapUuidGroupAttribute auto -n -q --no-ansi" owncloud
sudo su -c "php occ ldap:set-config '' ldapUuidUserAttribute auto -n -q --no-ansi" owncloud