diff --git a/README.md b/README.md index 1c68a9a..f0153fe 100644 --- a/README.md +++ b/README.md @@ -12,7 +12,8 @@ If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to own data. A personal cloud which run on your own server. With Nextcloud you can synchronize your files over your devices. -**Shipped version:** 15.0.12 + +**Shipped version:** 18.0.2 ## Screenshots @@ -27,7 +28,7 @@ you can synchronize your files over your devices. ## Documentation - * Official documentation: https://docs.nextcloud.com/server/15/user_manual/ + * Official documentation: https://docs.nextcloud.com/server/18/user_manual/ * YunoHost documentation: https://github.com/YunoHost/doc/blob/master/app_nextcloud_fr.md ## YunoHost specific features @@ -49,7 +50,6 @@ this package: * x86-64b - [![Build Status](https://ci-apps.yunohost.org/ci/logs/nextcloud%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/nextcloud/) * ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/nextcloud%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/nextcloud/) -* Jessie x86-64b - [![Build Status](https://ci-stretch.nohost.me/ci/logs/nextcloud%20%28Apps%29.svg)](https://ci-stretch.nohost.me/ci/apps/nextcloud/) ## Limitations diff --git a/check_process b/check_process index 8b4cff8..afc9dec 100644 --- a/check_process +++ b/check_process @@ -12,7 +12,7 @@ setup_private=0 setup_public=0 upgrade=1 - upgrade=1 from_commit=1cdb9ea1619c6acaaa90bae88b5c4bed5084a2a7 + upgrade=1 from_commit=9c57c2f78f3da979d587d708eb9379ffaa41bcfa backup_restore=1 multi_instance=1 incorrect_path=1 @@ -24,6 +24,6 @@ Email= Notification=none ;;; Upgrade options - ; commit=1cdb9ea1619c6acaaa90bae88b5c4bed5084a2a7 - name= Fix Debian Stretch dependencies by installing php-apcu, php-mbstring … + ; commit=9c57c2f78f3da979d587d708eb9379ffaa41bcfa + name=Do not use too much process for php (#247) manifest_arg=domain=DOMAIN&path=PATH&admin=USER&user_home=1& diff --git a/conf/extra_php-fpm.conf b/conf/extra_php-fpm.conf new file mode 100644 index 0000000..4b0d12d --- /dev/null +++ b/conf/extra_php-fpm.conf @@ -0,0 +1,17 @@ + +; Additional php.ini defines, specific to this pool of workers. +env[PATH] = $PATH +php_admin_value[memory_limit] = 512M +php_value[upload_max_filesize] = 10G +php_value[post_max_size] = 10G +php_value[default_charset] = UTF-8 +; OPcache is already activated by default +; php_value[opcache.enable]=1 +; The following parameters are nevertheless recommended for Nextcloud +; see here: https://docs.nextcloud.com/server/15/admin_manual/installation/server_tuning.html#enable-php-opcache +php_value[opcache.enable_cli]=1 +php_value[opcache.interned_strings_buffer]=8 +php_value[opcache.max_accelerated_files]=10000 +php_value[opcache.memory_consumption]=128 +php_value[opcache.save_comments]=1 +php_value[opcache.revalidate_freq]=1 diff --git a/conf/nextcloud.cron b/conf/nextcloud.cron index 93fde63..3a63ff5 100644 --- a/conf/nextcloud.cron +++ b/conf/nextcloud.cron @@ -1 +1 @@ -*/15 * * * * __USER__ /usr/bin/php -f __DESTDIR__/cron.php +*/15 * * * * __USER__ /usr/bin/php__YNH_PHP_VERSION__ -f __DESTDIR__/cron.php diff --git a/conf/nginx.conf b/conf/nginx.conf index ec7954b..8f2b3fb 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -4,6 +4,18 @@ location = /.well-known/carddav { location = /.well-known/caldav { return 301 https://$server_name__PATH__/remote.php/dav; } +location = /.well-known/host-meta { + return 301 $scheme://$host:$server_port__PATH__/public.php?service=host-meta; +} +location = /.well-known/host-meta.json { + return 301 $scheme://$host:$server_port__PATH__/public.php?service=host-meta-json; +} +location = /.well-known/webfinger { + return 301 $scheme://$host:$server_port__PATH__/public.php?service=webfinger; +} +location = /.well-known/nodeinfo { + return 301 $scheme://$host:$server_port__PATH__/public.php?service=nodeinfo; +} #sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; location ^~ __PATH__/ { @@ -41,11 +53,6 @@ location ^~ __PATH__/ { error_page 403 __PATH__/core/templates/403.php; error_page 404 __PATH__/core/templates/404.php; - # The following 2 rules are only needed for the user_webfinger app. - # Uncomment it if you're planning to use this app. - #rewrite ^/.well-known/host-meta __PATH__/public.php?service=host-meta last; - #rewrite ^/.well-known/host-meta.json __PATH__/public.php?service=host-meta-json last; - location __PATH__/ { rewrite ^ __PATH__/index.php; } @@ -63,26 +70,50 @@ location ^~ __PATH__/ { deny all; } - location ~ ^__PATH__/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|ocm-provider/.+)\.php(/.*|)$ { - include fastcgi_params; - fastcgi_split_path_info ^(.+\.php)(/.+)$; + location ~ ^__PATH__/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|oc[ms]-provider/.+)\.php(/.*|)$ { + fastcgi_split_path_info ^(.+?\.php)(/.*|)$; + set $path_info $fastcgi_path_info; try_files $fastcgi_script_name =404; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; - fastcgi_param PATH_INFO $fastcgi_path_info; + fastcgi_param PATH_INFO $path_info; fastcgi_param HTTPS on; + # Avoid sending the security headers twice fastcgi_param modHeadersAvailable true; - fastcgi_param REMOTE_USER $remote_user; - fastcgi_pass unix:/var/run/php/php7.0-fpm-__NAME__.sock; + # Enable pretty urls + fastcgi_param front_controller_active true; + fastcgi_pass unix:/var/run/php/php__YNH_PHP_VERSION__-fpm-__NAME__.sock; fastcgi_intercept_errors on; + fastcgi_request_buffering off; + fastcgi_param REMOTE_USER $remote_user; } - location ~ ^__PATH__/(?:updater|ocs-provider|ocm-provider)(?:$|/) { + location ~ ^__PATH__/(?:updater|oc[ms]-provider)(?:$|/) { try_files $uri/ =404; index index.php; } + location = __PATH__/core/js/oc.js { + rewrite ^ __PATH__/index.php$request_uri; + } + + location = __PATH__/core/preview.png { + rewrite ^ __PATH__/index.php$request_uri; + } + + location ~* ^__PATH__/(?:css|js)/ { + rewrite ^ __PATH__/index.php$request_uri; + } + + location ~* ^__PATH__/apps/theming/img/core/filetypes/ { + rewrite ^ __PATH__/index.php$request_uri; + } + + + # Adding the cache control header for js and css files - location ~ ^__PATH__/.+[^/]\.(?:css|js|woff2?|svg|gif)$ { + location ~ \.(?:css|js|woff2?|svg|gif)$ { try_files $uri __PATH__/index.php$request_uri; more_set_headers "Cache-Control: public, max-age=15778463"; # Add headers to serve security related headers @@ -98,7 +129,8 @@ location ^~ __PATH__/ { access_log off; } - location ~* \.(?:png|html|ttf|ico|jpg|jpeg)$ { + location ~* \.(?:png|html|ttf|ico|jpg|jpeg|bcmap)$ { + try_files $uri __PATH__/index.php$request_uri; # Optional: Don't log access to other assets access_log off; } diff --git a/conf/php-fpm.conf b/conf/php-fpm.conf index 31d62f2..33dcb5e 100644 --- a/conf/php-fpm.conf +++ b/conf/php-fpm.conf @@ -33,7 +33,7 @@ group = __USER__ ; (IPv6 and IPv4-mapped) on a specific port; ; '/path/to/unix/socket' - to listen on a unix socket. ; Note: This value is mandatory. -listen = /var/run/php/php7.0-fpm-__NAMETOCHANGE__.sock +listen = /var/run/php/php__PHPVERSION__-fpm-__NAMETOCHANGE__.sock ; Set listen(2) backlog. ; Default Value: 511 (-1 on FreeBSD and OpenBSD) @@ -229,7 +229,7 @@ pm.max_spare_servers = 3 ; last request memory: 0 ; ; Note: There is a real-time FPM status monitoring sample web page available -; It's available in: /usr/share/php/7.0/fpm/status.html +; It's available in: /usr/share/php/__PHPVERSION__/fpm/status.html ; ; Note: The value must start with a leading slash (/). The value can be ; anything, but it may not be a good idea to use the .php extension or it @@ -430,6 +430,7 @@ env[PATH] = $PATH ; php_admin_flag[short_open_tag] = On ; Additional php.ini defines, specific to this pool of workers. +php_admin_value[memory_limit] = 512M php_value[upload_max_filesize] = 10G php_value[post_max_size] = 10G php_value[default_charset] = UTF-8 diff --git a/config_panel.toml b/config_panel.toml new file mode 100644 index 0000000..b88c83e --- /dev/null +++ b/config_panel.toml @@ -0,0 +1,26 @@ +version = "0.1" +name = "Nextcloud configuration panel" + +[main] +name = "Nextcloud configuration" + + [main.php_fpm_config] + name = "PHP-FPM configuration" + + [main.php_fpm_config.footprint] + ask = "Memory footprint of the service ?" + choices = ["low", "medium", "high", "specific"] + default = "low" + help = "low <= 20Mb per pool. medium between 20Mb and 40Mb per pool. high > 40Mb per pool.
Use specific to set a value with the following option." + + [main.php_fpm_config.free_footprint] + ask = "Memory footprint of the service ?" + type = "number" + default = "0" + help = "Free field to specify exactly the footprint in Mb if you don't want to use one of the three previous values." + + [main.php_fpm_config.usage] + ask = "Expected usage of the service ?" + choices = ["low", "medium", "high"] + default = "low" + help = "low: Personal usage, behind the sso. No RAM footprint when not used, but the impact on the processor can be high if many users are using the service.
medium: Low usage, few people or/and publicly accessible. Low RAM footprint, medium processor footprint when used.
high: High usage, frequently visited website. High RAM footprint, but lower on processor usage and quickly responding." diff --git a/manifest.json b/manifest.json index 563693c..c8a6f0a 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "Access & share your files, calendars, contacts, mail & more from any device, on your terms", "fr": "Consultez et partagez vos fichiers, agendas, carnets d'adresses, emails et bien plus depuis les appareils de votre choix, sous vos conditions" }, - "version": "15.0.12~ynh1", + "version": "18.0.2~ynh1", "url": "https://nextcloud.com", "license": "AGPL-3.0", "maintainer": { diff --git a/scripts/_common.sh b/scripts/_common.sh index 413f729..7b84705 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -3,7 +3,10 @@ # COMMON VARIABLES #================================================= -pkg_dependencies="php-gd php-json php-intl php-mcrypt php-curl php-apcu php-redis php-ldap php-imagick php-zip php-mbstring php-xml imagemagick acl tar smbclient at" +pkg_dependencies="imagemagick acl tar smbclient at" + +YNH_PHP_VERSION="7.3" +extra_pkg_dependencies="php${YNH_PHP_VERSION}-bz2 php${YNH_PHP_VERSION}-imap php${YNH_PHP_VERSION}-smbclient php${YNH_PHP_VERSION}-gmp php${YNH_PHP_VERSION}-gd php${YNH_PHP_VERSION}-json php${YNH_PHP_VERSION}-intl php${YNH_PHP_VERSION}-curl php${YNH_PHP_VERSION}-apcu php${YNH_PHP_VERSION}-redis php${YNH_PHP_VERSION}-ldap php${YNH_PHP_VERSION}-imagick php${YNH_PHP_VERSION}-zip php${YNH_PHP_VERSION}-mbstring php${YNH_PHP_VERSION}-xml php${YNH_PHP_VERSION}-mysql php${YNH_PHP_VERSION}-igbinary" #================================================= # EXPERIMENTAL HELPERS @@ -25,17 +28,19 @@ exec_as() { #================================================= # Check if an URL is already handled -# usage: is_url_handled URL +# usage: is_url_handled --domain=DOMAIN --path=PATH_URI is_url_handled() { # Declare an array to define the options of this helper. - declare -Ar args_array=( [u]=url= ) - local url + local legacy_args=dp + declare -Ar args_array=( [d]=domain= [p]=path= ) + local domain + local path # Manage arguments with getopts ynh_handle_getopts_args "$@" # Try to get the url with curl, and keep the http code and an eventual redirection url. local curl_output="$(curl --insecure --silent --output /dev/null \ - --write-out '%{http_code};%{redirect_url}' "$url")" + --write-out '%{http_code};%{redirect_url}' https://127.0.0.1$path --header "Host: $domain" --resolve $domain:443:127.0.0.1)" # Cut the output and keep only the first part to keep the http code local http_code="${curl_output%%;*}" @@ -329,7 +334,7 @@ ynh_smart_mktemp () { elif is_there_enough_space /var; then local tmpdir=/var elif is_there_enough_space /; then - local tmpdir=/ + local tmpdir=/ elif is_there_enough_space /home; then local tmpdir=/home else @@ -339,6 +344,234 @@ ynh_smart_mktemp () { echo "$(sudo mktemp --directory --tmpdir="$tmpdir")" } +#================================================= + +# Check the amount of available RAM +# +# usage: ynh_check_ram [--required=RAM required in Mb] [--no_swap|--only_swap] [--free_ram] +# | arg: -r, --required= - Amount of RAM required in Mb. The helper will return 0 is there's enough RAM, or 1 otherwise. +# If --required isn't set, the helper will print the amount of RAM, in Mb. +# | arg: -s, --no_swap - Ignore swap +# | arg: -o, --only_swap - Ignore real RAM, consider only swap. +# | arg: -f, --free_ram - Count only free RAM, not the total amount of RAM available. +ynh_check_ram () { + # Declare an array to define the options of this helper. + declare -Ar args_array=( [r]=required= [s]=no_swap [o]=only_swap [f]=free_ram ) + local required + local no_swap + local only_swap + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + required=${required:-} + no_swap=${no_swap:-0} + only_swap=${only_swap:-0} + + local total_ram=$(vmstat --stats --unit M | grep "total memory" | awk '{print $1}') + local total_swap=$(vmstat --stats --unit M | grep "total swap" | awk '{print $1}') + local total_ram_swap=$(( total_ram + total_swap )) + + local free_ram=$(vmstat --stats --unit M | grep "free memory" | awk '{print $1}') + local free_swap=$(vmstat --stats --unit M | grep "free swap" | awk '{print $1}') + local free_ram_swap=$(( free_ram + free_swap )) + + # Use the total amount of ram + local ram=$total_ram_swap + if [ $free_ram -eq 1 ] + then + # Use the total amount of free ram + ram=$free_ram_swap + if [ $no_swap -eq 1 ] + then + # Use only the amount of free ram + ram=$free_ram + elif [ $only_swap -eq 1 ] + then + # Use only the amount of free swap + ram=$free_swap + fi + else + if [ $no_swap -eq 1 ] + then + # Use only the amount of free ram + ram=$total_ram + elif [ $only_swap -eq 1 ] + then + # Use only the amount of free swap + ram=$total_swap + fi + fi + + if [ -n "$required" ] + then + # Return 1 if the amount of ram isn't enough. + if [ $ram -lt $required ] + then + return 1 + else + return 0 + fi + + # If no RAM is required, return the amount of available ram. + else + echo $ram + fi +} + +#================================================= + +# Define the values to configure php-fpm +# +# usage: ynh_get_scalable_phpfpm --usage=usage --footprint=footprint [--print] +# | arg: -f, --footprint - Memory footprint of the service (low/medium/high). +# low - Less than 20Mb of ram by pool. +# medium - Between 20Mb and 40Mb of ram by pool. +# high - More than 40Mb of ram by pool. +# Or specify exactly the footprint, the load of the service as Mb by pool instead of having a standard value. +# To have this value, use the following command and stress the service. +# watch -n0.5 ps -o user,cmd,%cpu,rss -u APP +# +# | arg: -u, --usage - Expected usage of the service (low/medium/high). +# low - Personal usage, behind the sso. +# medium - Low usage, few people or/and publicly accessible. +# high - High usage, frequently visited website. +# +# | arg: -p, --print - Print the result +# +# +# +# The footprint of the service will be used to defined the maximum footprint we can allow, which is half the maximum RAM. +# So it will be used to defined 'pm.max_children' +# A lower value for the footprint will allow more children for 'pm.max_children'. And so for +# 'pm.start_servers', 'pm.min_spare_servers' and 'pm.max_spare_servers' which are defined from the +# value of 'pm.max_children' +# NOTE: 'pm.max_children' can't exceed 4 times the number of processor's cores. +# +# The usage value will defined the way php will handle the children for the pool. +# A value set as 'low' will set the process manager to 'ondemand'. Children will start only if the +# service is used, otherwise no child will stay alive. This config gives the lower footprint when the +# service is idle. But will use more proc since it has to start a child as soon it's used. +# Set as 'medium', the process manager will be at dynamic. If the service is idle, a number of children +# equal to pm.min_spare_servers will stay alive. So the service can be quick to answer to any request. +# The number of children can grow if needed. The footprint can stay low if the service is idle, but +# not null. The impact on the proc is a little bit less than 'ondemand' as there's always a few +# children already available. +# Set as 'high', the process manager will be set at 'static'. There will be always as many children as +# 'pm.max_children', the footprint is important (but will be set as maximum a quarter of the maximum +# RAM) but the impact on the proc is lower. The service will be quick to answer as there's always many +# children ready to answer. +ynh_get_scalable_phpfpm () { + local legacy_args=ufp + # Declare an array to define the options of this helper. + declare -Ar args_array=( [u]=usage= [f]=footprint= [p]=print ) + local usage + local footprint + local print + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + # Set all characters as lowercase + footprint=${footprint,,} + usage=${usage,,} + print=${print:-0} + + if [ "$footprint" = "low" ] + then + footprint=20 + elif [ "$footprint" = "medium" ] + then + footprint=35 + elif [ "$footprint" = "high" ] + then + footprint=50 + fi + + # Define the way the process manager handle child processes. + if [ "$usage" = "low" ] + then + php_pm=ondemand + elif [ "$usage" = "medium" ] + then + php_pm=dynamic + elif [ "$usage" = "high" ] + then + php_pm=static + else + ynh_die --message="Does not recognize '$usage' as an usage value." + fi + + # Get the total of RAM available, except swap. + local max_ram=$(ynh_check_ram --no_swap) + + less0() { + # Do not allow value below 1 + if [ $1 -le 0 ] + then + echo 1 + else + echo $1 + fi + } + + # Define pm.max_children + # The value of pm.max_children is the total amount of ram divide by 2 and divide again by the footprint of a pool for this app. + # So if php-fpm start the maximum of children, it won't exceed half of the ram. + php_max_children=$(( $max_ram / 2 / $footprint )) + # If process manager is set as static, use half less children. + # Used as static, there's always as many children as the value of pm.max_children + if [ "$php_pm" = "static" ] + then + php_max_children=$(( $php_max_children / 2 )) + fi + php_max_children=$(less0 $php_max_children) + + # To not overload the proc, limit the number of children to 4 times the number of cores. + local core_number=$(nproc) + local max_proc=$(( $core_number * 4 )) + if [ $php_max_children -gt $max_proc ] + then + php_max_children=$max_proc + fi + + if [ "$php_pm" = "dynamic" ] + then + # Define pm.start_servers, pm.min_spare_servers and pm.max_spare_servers for a dynamic process manager + php_min_spare_servers=$(( $php_max_children / 8 )) + php_min_spare_servers=$(less0 $php_min_spare_servers) + + php_max_spare_servers=$(( $php_max_children / 2 )) + php_max_spare_servers=$(less0 $php_max_spare_servers) + + php_start_servers=$(( $php_min_spare_servers + ( $php_max_spare_servers - $php_min_spare_servers ) /2 )) + php_start_servers=$(less0 $php_start_servers) + else + php_min_spare_servers=0 + php_max_spare_servers=0 + php_start_servers=0 + fi + + if [ $print -eq 1 ] + then + ynh_debug --message="Footprint=${footprint}Mb by pool." + ynh_debug --message="Process manager=$php_pm" + ynh_debug --message="Max RAM=${max_ram}Mb" + if [ "$php_pm" != "static" ]; then + ynh_debug --message="\nMax estimated footprint=$(( $php_max_children * $footprint ))" + ynh_debug --message="Min estimated footprint=$(( $php_min_spare_servers * $footprint ))" + fi + if [ "$php_pm" = "dynamic" ]; then + ynh_debug --message="Estimated average footprint=$(( $php_max_spare_servers * $footprint ))" + elif [ "$php_pm" = "static" ]; then + ynh_debug --message="Estimated footprint=$(( $php_max_children * $footprint ))" + fi + ynh_debug --message="\nRaw php-fpm values:" + ynh_debug --message="pm.max_children = $php_max_children" + if [ "$php_pm" = "dynamic" ]; then + ynh_debug --message="pm.start_servers = $php_start_servers" + ynh_debug --message="pm.min_spare_servers = $php_min_spare_servers" + ynh_debug --message="pm.max_spare_servers = $php_max_spare_servers" + fi + fi +} + #================================================= # FUTURE OFFICIAL HELPERS #================================================= @@ -381,3 +614,380 @@ ynh_multimedia_addaccess () { groupadd -f multimedia usermod -a -G multimedia $user_name } + +# Install another version of php. +# +# usage: ynh_install_php --phpversion=phpversion [--package=packages] +# | arg: -v, --phpversion - Version of php to install. +# | arg: -p, --package - Additionnal php packages to install +ynh_install_php () { + # Declare an array to define the options of this helper. + local legacy_args=vp + declare -Ar args_array=( [v]=phpversion= [p]=package= ) + local phpversion + local package + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + package=${package:-} + + # Store phpversion into the config of this app + ynh_app_setting_set $app phpversion $phpversion + + if [ "$phpversion" == "7.0" ] + then + ynh_die "Do not use ynh_install_php to install php7.0" + fi + + # Store the ID of this app and the version of php requested for it + echo "$YNH_APP_INSTANCE_NAME:$phpversion" | tee --append "/etc/php/ynh_app_version" + + # Add an extra repository for those packages + ynh_install_extra_repo --repo="https://packages.sury.org/php/ $(lsb_release -sc) main" --key="https://packages.sury.org/php/apt.gpg" --priority=995 --name=extra_php_version + + # Install requested dependencies from this extra repository. + # Install php-fpm first, otherwise php will install apache as a dependency. + ynh_add_app_dependencies --package="php${phpversion}-fpm" + ynh_add_app_dependencies --package="php$phpversion php${phpversion}-common $package" + + # Set php7.0 back as the default version for php-cli. + update-alternatives --set php /usr/bin/php7.0 + + # Pin this extra repository after packages are installed to prevent sury of doing shit + ynh_pin_repo --package="*" --pin="origin \"packages.sury.org\"" --priority=200 --name=extra_php_version + ynh_pin_repo --package="php7.0*" --pin="origin \"packages.sury.org\"" --priority=600 --name=extra_php_version --append + + # Advertise service in admin panel + yunohost service add php${phpversion}-fpm --log "/var/log/php${phpversion}-fpm.log" +} + +# Remove the specific version of php used by the app. +# +# usage: ynh_install_php +ynh_remove_php () { + # Get the version of php used by this app + local phpversion=$(ynh_app_setting_get $app phpversion) + + if [ "$phpversion" == "7.0" ] || [ -z "$phpversion" ] + then + if [ "$phpversion" == "7.0" ] + then + ynh_print_err "Do not use ynh_remove_php to install php7.0" + fi + return 0 + fi + + # Remove the line for this app + sed --in-place "/$YNH_APP_INSTANCE_NAME:$phpversion/d" "/etc/php/ynh_app_version" + + # If no other app uses this version of php, remove it. + if ! grep --quiet "$phpversion" "/etc/php/ynh_app_version" + then + # Purge php dependences for this version. + ynh_package_autopurge "php$phpversion php${phpversion}-fpm php${phpversion}-common" + # Remove the service from the admin panel + yunohost service remove php${phpversion}-fpm + fi + + # If no other app uses alternate php versions, remove the extra repo for php + if [ ! -s "/etc/php/ynh_app_version" ] + then + ynh_secure_remove /etc/php/ynh_app_version + fi +} + +#================================================= +# FUTURE OFFICIAL HELPERS +#================================================= +# Pin a repository. +# +# usage: ynh_pin_repo --package=packages --pin=pin_filter [--priority=priority_value] [--name=name] [--append] +# | arg: -p, --package - Packages concerned by the pin. Or all, *. +# | arg: -i, --pin - Filter for the pin. +# | arg: -p, --priority - Priority for the pin +# | arg: -n, --name - Name for the files for this repo, $app as default value. +# | arg: -a, --append - Do not overwrite existing files. +# +# See https://manpages.debian.org/stretch/apt/apt_preferences.5.en.html for information about pinning. +# +ynh_pin_repo () { + # Declare an array to define the options of this helper. + local legacy_args=pirna + declare -Ar args_array=( [p]=package= [i]=pin= [r]=priority= [n]=name= [a]=append ) + local package + local pin + local priority + local name + local append + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + package="${package:-*}" + priority=${priority:-50} + name="${name:-$app}" + append=${append:-0} + + if [ $append -eq 1 ] + then + append="tee -a" + else + append="tee" + fi + + mkdir -p "/etc/apt/preferences.d" + echo "Package: $package +Pin: $pin +Pin-Priority: $priority +" \ + | $append "/etc/apt/preferences.d/$name" +} + +# Add a repository. +# +# usage: ynh_add_repo --uri=uri --suite=suite --component=component [--name=name] [--append] +# | arg: -u, --uri - Uri of the repository. +# | arg: -s, --suite - Suite of the repository. +# | arg: -c, --component - Component of the repository. +# | arg: -n, --name - Name for the files for this repo, $app as default value. +# | arg: -a, --append - Do not overwrite existing files. +# +# Example for a repo like deb http://forge.yunohost.org/debian/ stretch stable +# uri suite component +# ynh_add_repo --uri=http://forge.yunohost.org/debian/ --suite=stretch --component=stable +# +ynh_add_repo () { + # Declare an array to define the options of this helper. + local legacy_args=uscna + declare -Ar args_array=( [u]=uri= [s]=suite= [c]=component= [n]=name= [a]=append ) + local uri + local suite + local component + local name + local append + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + name="${name:-$app}" + append=${append:-0} + + if [ $append -eq 1 ] + then + append="tee -a" + else + append="tee" + fi + + mkdir -p "/etc/apt/sources.list.d" + # Add the new repo in sources.list.d + echo "deb $uri $suite $component" \ + | $append "/etc/apt/sources.list.d/$name.list" +} + +# Add an extra repository correctly, pin it and get the key. +# +# usage: ynh_install_extra_repo --repo="repo" [--key=key_url] [--priority=priority_value] [--name=name] [--append] +# | arg: -r, --repo - Complete url of the extra repository. +# | arg: -k, --key - url to get the public key. +# | arg: -p, --priority - Priority for the pin +# | arg: -n, --name - Name for the files for this repo, $app as default value. +# | arg: -a, --append - Do not overwrite existing files. +ynh_install_extra_repo () { + # Declare an array to define the options of this helper. + local legacy_args=rkpna + declare -Ar args_array=( [r]=repo= [k]=key= [p]=priority= [n]=name= [a]=append ) + local repo + local key + local priority + local name + local append + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + name="${name:-$app}" + append=${append:-0} + key=${key:-0} + priority=${priority:-} + + if [ $append -eq 1 ] + then + append="--append" + wget_append="tee -a" + else + append="" + wget_append="tee" + fi + + # Split the repository into uri, suite and components. + # Remove "deb " at the beginning of the repo. + repo="${repo#deb }" + + # Get the uri + local uri="$(echo "$repo" | awk '{ print $1 }')" + + # Get the suite + local suite="$(echo "$repo" | awk '{ print $2 }')" + + # Get the components + local component="${repo##$uri $suite }" + + # Add the repository into sources.list.d + ynh_add_repo --uri="$uri" --suite="$suite" --component="$component" --name="$name" $append + + # Pin the new repo with the default priority, so it won't be used for upgrades. + # Build $pin from the uri without http and any sub path + local pin="${uri#*://}" + pin="${pin%%/*}" + # Set a priority only if asked + if [ -n "$priority" ] + then + priority="--priority=$priority" + fi + ynh_pin_repo --package="*" --pin="origin \"$pin\"" $priority --name="$name" $append + + # Get the public key for the repo + if [ -n "$key" ] + then + mkdir -p "/etc/apt/trusted.gpg.d" + wget -q "$key" -O - | gpg --dearmor | $wget_append /etc/apt/trusted.gpg.d/$name.gpg > /dev/null + fi + + # Update the list of package with the new repo + ynh_package_update +} + +# Remove an extra repository and the assiociated configuration. +# +# usage: ynh_remove_extra_repo [--name=name] +# | arg: -n, --name - Name for the files for this repo, $app as default value. +ynh_remove_extra_repo () { + # Declare an array to define the options of this helper. + local legacy_args=n + declare -Ar args_array=( [n]=name= ) + local name + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + name="${name:-$app}" + + ynh_secure_remove "/etc/apt/sources.list.d/$name.list" + ynh_secure_remove "/etc/apt/preferences.d/$name" + ynh_secure_remove "/etc/apt/trusted.gpg.d/$name.gpg" + ynh_secure_remove "/etc/apt/trusted.gpg.d/$name.asc" + + # Update the list of package to exclude the old repo + ynh_package_update +} + +# Install packages from an extra repository properly. +# +# usage: ynh_install_extra_app_dependencies --repo="repo" --package="dep1 dep2" [--key=key_url] [--name=name] +# | arg: -r, --repo - Complete url of the extra repository. +# | arg: -p, --package - The packages to install from this extra repository +# | arg: -k, --key - url to get the public key. +# | arg: -n, --name - Name for the files for this repo, $app as default value. +ynh_install_extra_app_dependencies () { + # Declare an array to define the options of this helper. + local legacy_args=rpkn + declare -Ar args_array=( [r]=repo= [p]=package= [k]=key= [n]=name= ) + local repo + local package + local key + local name + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + name="${name:-$app}" + key=${key:-0} + + # Set a key only if asked + if [ -n "$key" ] + then + key="--key=$key" + fi + # Add an extra repository for those packages + ynh_install_extra_repo --repo="$repo" $key --priority=995 --name=$name + + # Install requested dependencies from this extra repository. + ynh_add_app_dependencies --package="$package" + + # Remove this extra repository after packages are installed + ynh_remove_extra_repo --name=$app +} + +#================================================= + +# patched version of ynh_install_app_dependencies to be used with ynh_add_app_dependencies + +# Define and install dependencies with a equivs control file +# This helper can/should only be called once per app +# +# usage: ynh_install_app_dependencies dep [dep [...]] +# | arg: dep - the package name to install in dependence +# You can give a choice between some package with this syntax : "dep1|dep2" +# Example : ynh_install_app_dependencies dep1 dep2 "dep3|dep4|dep5" +# This mean in the dependence tree : dep1 & dep2 & (dep3 | dep4 | dep5) +# +# Requires YunoHost version 2.6.4 or higher. +ynh_install_app_dependencies () { + local dependencies=$@ + dependencies="$(echo "$dependencies" | sed 's/\([^\<=\>]\)\ \([^(]\)/\1, \2/g')" + dependencies=${dependencies//|/ | } + local manifest_path="../manifest.json" + if [ ! -e "$manifest_path" ]; then + manifest_path="../settings/manifest.json" # Into the restore script, the manifest is not at the same place + fi + + local version=$(grep '\"version\": ' "$manifest_path" | cut -d '"' -f 4) # Retrieve the version number in the manifest file. + if [ ${#version} -eq 0 ]; then + version="1.0" + fi + local dep_app=${app//_/-} # Replace all '_' by '-' + + # Handle specific versions + if [[ "$dependencies" =~ [\<=\>] ]] + then + # Replace version specifications by relationships syntax + # https://www.debian.org/doc/debian-policy/ch-relationships.html + # Sed clarification + # [^(\<=\>] ignore if it begins by ( or < = >. To not apply twice. + # [\<=\>] matches < = or > + # \+ matches one or more occurence of the previous characters, for >= or >>. + # [^,]\+ matches all characters except ',' + # Ex: package>=1.0 will be replaced by package (>= 1.0) + dependencies="$(echo "$dependencies" | sed 's/\([^(\<=\>]\)\([\<=\>]\+\)\([^,]\+\)/\1 (\2 \3)/g')" + fi + + cat > /tmp/${dep_app}-ynh-deps.control << EOF # Make a control file for equivs-build +Section: misc +Priority: optional +Package: ${dep_app}-ynh-deps +Version: ${version} +Depends: ${dependencies} +Architecture: all +Description: Fake package for $app (YunoHost app) dependencies + This meta-package is only responsible of installing its dependencies. +EOF + ynh_package_install_from_equivs /tmp/${dep_app}-ynh-deps.control \ + || ynh_die --message="Unable to install dependencies" # Install the fake package and its dependencies + rm /tmp/${dep_app}-ynh-deps.control + ynh_app_setting_set --app=$app --key=apt_dependencies --value="$dependencies" +} + +ynh_add_app_dependencies () { + # Declare an array to define the options of this helper. + local legacy_args=pr + declare -Ar args_array=( [p]=package= [r]=replace) + local package + local replace + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + replace=${replace:-0} + + local current_dependencies="" + if [ $replace -eq 0 ] + then + local dep_app=${app//_/-} # Replace all '_' by '-' + if ynh_package_is_installed --package="${dep_app}-ynh-deps" + then + current_dependencies="$(dpkg-query --show --showformat='${Depends}' ${dep_app}-ynh-deps) " + fi + + current_dependencies=${current_dependencies// | /|} + fi + + ynh_install_app_dependencies "${current_dependencies}${package}" +} diff --git a/scripts/_ynh_add_fpm_config b/scripts/_ynh_add_fpm_config new file mode 100644 index 0000000..487c044 --- /dev/null +++ b/scripts/_ynh_add_fpm_config @@ -0,0 +1,146 @@ +#!/bin/bash + +# Create a dedicated php-fpm config +# +# usage 1: ynh_add_fpm_config [--phpversion=7.X] [--use_template] +# | arg: -v, --phpversion - Version of php to use. +# | arg: -t, --use_template - Use this helper in template mode. +# +# ----------------------------------------------------------------------------- +# +# usage 2: ynh_add_fpm_config [--phpversion=7.X] --usage=usage --footprint=footprint +# | arg: -v, --phpversion - Version of php to use.# +# | arg: -f, --footprint - Memory footprint of the service (low/medium/high). +# low - Less than 20Mb of ram by pool. +# medium - Between 20Mb and 40Mb of ram by pool. +# high - More than 40Mb of ram by pool. +# Or specify exactly the footprint, the load of the service as Mb by pool instead of having a standard value. +# To have this value, use the following command and stress the service. +# watch -n0.5 ps -o user,cmd,%cpu,rss -u APP +# +# | arg: -u, --usage - Expected usage of the service (low/medium/high). +# low - Personal usage, behind the sso. +# medium - Low usage, few people or/and publicly accessible. +# high - High usage, frequently visited website. +# +# Requires YunoHost version 2.7.2 or higher. +ynh_add_fpm_config () { + # Declare an array to define the options of this helper. + local legacy_args=vtuf + declare -Ar args_array=( [v]=phpversion= [t]=use_template [u]=usage= [f]=footprint= ) + local phpversion + local use_template + local usage + local footprint + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + # The default behaviour is to use the template. + use_template="${use_template:-1}" + usage="${usage:-}" + footprint="${footprint:-}" + if [ -n "$usage" ] || [ -n "$footprint" ]; then + use_template=0 + fi + + # Configure PHP-FPM 7.0 by default + phpversion="${phpversion:-$YNH_PHP_VERSION}" + + local fpm_config_dir="/etc/php/$phpversion/fpm" + local fpm_service="php${phpversion}-fpm" + # Configure PHP-FPM 5 on Debian Jessie + if [ "$(ynh_get_debian_release)" == "jessie" ]; then + fpm_config_dir="/etc/php5/fpm" + fpm_service="php5-fpm" + fi + ynh_app_setting_set --app=$app --key=fpm_config_dir --value="$fpm_config_dir" + ynh_app_setting_set --app=$app --key=fpm_service --value="$fpm_service" + finalphpconf="$fpm_config_dir/pool.d/$app.conf" + ynh_backup_if_checksum_is_different --file="$finalphpconf" + + if [ $use_template -eq 1 ] + then + # Usage 1, use the template in ../conf/php-fpm.conf + sudo cp ../conf/php-fpm.conf "$finalphpconf" + ynh_replace_string --match_string="__NAMETOCHANGE__" --replace_string="$app" --target_file="$finalphpconf" + ynh_replace_string --match_string="__FINALPATH__" --replace_string="$final_path" --target_file="$finalphpconf" + ynh_replace_string --match_string="__USER__" --replace_string="$app" --target_file="$finalphpconf" + ynh_replace_string --match_string="__PHPVERSION__" --replace_string="$phpversion" --target_file="$finalphpconf" + + else + # Usage 2, generate a php-fpm config file with ynh_get_scalable_phpfpm + ynh_get_scalable_phpfpm --usage=$usage --footprint=$footprint + + # Copy the default file + sudo cp "$fpm_config_dir/pool.d/www.conf" "$finalphpconf" + + # Replace standard variables into the default file + ynh_replace_string --match_string="^\[www\]" --replace_string="[$app]" --target_file="$finalphpconf" + ynh_replace_string --match_string=".*listen = .*" --replace_string="listen = /var/run/php/php$phpversion-fpm-$app.sock" --target_file="$finalphpconf" + ynh_replace_string --match_string="^user = .*" --replace_string="user = $app" --target_file="$finalphpconf" + ynh_replace_string --match_string="^group = .*" --replace_string="group = $app" --target_file="$finalphpconf" + ynh_replace_string --match_string=".*chdir = .*" --replace_string="chdir = $final_path" --target_file="$finalphpconf" + + # Configure fpm children + ynh_replace_string --match_string=".*pm = .*" --replace_string="pm = $php_pm" --target_file="$finalphpconf" + ynh_replace_string --match_string=".*pm.max_children = .*" --replace_string="pm.max_children = $php_max_children" --target_file="$finalphpconf" + ynh_replace_string --match_string=".*pm.max_requests = .*" --replace_string="pm.max_requests = 500" --target_file="$finalphpconf" + ynh_replace_string --match_string=".*request_terminate_timeout = .*" --replace_string="request_terminate_timeout = 1d" --target_file="$finalphpconf" + if [ "$php_pm" = "dynamic" ] + then + ynh_replace_string --match_string=".*pm.start_servers = .*" --replace_string="pm.start_servers = $php_start_servers" --target_file="$finalphpconf" + ynh_replace_string --match_string=".*pm.min_spare_servers = .*" --replace_string="pm.min_spare_servers = $php_min_spare_servers" --target_file="$finalphpconf" + ynh_replace_string --match_string=".*pm.max_spare_servers = .*" --replace_string="pm.max_spare_servers = $php_max_spare_servers" --target_file="$finalphpconf" + elif [ "$php_pm" = "ondemand" ] + then + ynh_replace_string --match_string=".*pm.process_idle_timeout = .*" --replace_string="pm.process_idle_timeout = 10s" --target_file="$finalphpconf" + fi + + # Comment unused parameters + if [ "$php_pm" != "dynamic" ] + then + ynh_replace_string --match_string=".*\(pm.start_servers = .*\)" --replace_string=";\1" --target_file="$finalphpconf" + ynh_replace_string --match_string=".*\(pm.min_spare_servers = .*\)" --replace_string=";\1" --target_file="$finalphpconf" + ynh_replace_string --match_string=".*\(pm.max_spare_servers = .*\)" --replace_string=";\1" --target_file="$finalphpconf" + fi + if [ "$php_pm" != "ondemand" ] + then + ynh_replace_string --match_string=".*\(pm.process_idle_timeout = .*\)" --replace_string=";\1" --target_file="$finalphpconf" + fi + + # Concatene the extra config. + if [ -e ../conf/extra_php-fpm.conf ]; then + cat ../conf/extra_php-fpm.conf >> "$finalphpconf" + fi + fi + sudo chown root: "$finalphpconf" + ynh_store_file_checksum --file="$finalphpconf" + + if [ -e "../conf/php-fpm.ini" ] + then + echo "Packagers ! Please do not use a separate php ini file, merge your directives in the pool file instead." >&2 + finalphpini="$fpm_config_dir/conf.d/20-$app.ini" + ynh_backup_if_checksum_is_different "$finalphpini" + sudo cp ../conf/php-fpm.ini "$finalphpini" + sudo chown root: "$finalphpini" + ynh_store_file_checksum "$finalphpini" + fi + ynh_systemd_action --service_name=$fpm_service --action=reload + + # Clean other php version config files for this app. Used for migration purpose. + if [ -e "/etc/php5/fpm/pool.d/$app.conf" ] + then + ynh_secure_remove --file="/etc/php5/fpm/pool.d/$app.conf" + ynh_systemd_action --service_name=php5-fpm --action=reload + fi + for i in `seq 0 4` + do + if [ "$phpversion" != "7.$i" ] + then + if [ -e "/etc/php/7.$i/fpm/pool.d/$app.conf" ] + then + ynh_secure_remove --file="/etc/php/7.$i/fpm/pool.d/$app.conf" + ynh_systemd_action --service_name=php7.$i-fpm --action=reload + fi + fi + done +} diff --git a/scripts/backup b/scripts/backup index 5dbc43c..68ae4ee 100755 --- a/scripts/backup +++ b/scripts/backup @@ -48,7 +48,7 @@ ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= ynh_script_progression --message="Backing up php-fpm configuration..." -ynh_backup --src_path="/etc/php/7.0/fpm/pool.d/$app.conf" +ynh_backup --src_path="/etc/php/$YNH_PHP_VERSION/fpm/pool.d/$app.conf" #================================================= # BACKUP THE MYSQL DATABASE diff --git a/scripts/change_url b/scripts/change_url index 83bcb4e..c9f7a9c 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -63,7 +63,7 @@ then domain="$old_domain" path_url="$new_path" # Create a dedicated nginx config - ynh_add_nginx_config + ynh_add_nginx_config YNH_PHP_VERSION fi # Change the domain for nginx @@ -84,7 +84,7 @@ ynh_script_progression --message="Applying Nextcloud specific modifications..." # Define a function to execute commands with `occ` exec_occ() { (cd "$final_path" && exec_as "$app" \ - php occ --no-interaction --no-ansi "$@") + php${YNH_PHP_VERSION} occ --no-interaction --no-ansi "$@") } if [ $change_domain -eq 1 ] @@ -99,7 +99,7 @@ fi if [ $change_domain -eq 1 ] then # Check if .well-known is available for this domain - if is_url_handled --url="https://$domain/.well-known/caldav" || is_url_handled --url="https://$domain/.well-known/carddav" + if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav" then ynh_print_warn --message="Another app already uses the domain $domain to serve a caldav/carddav feature. You may encounter issues when dealing with your calendar or address book." diff --git a/scripts/config b/scripts/config new file mode 100644 index 0000000..b0314f0 --- /dev/null +++ b/scripts/config @@ -0,0 +1,97 @@ +#!/bin/bash + +#================================================= +# GENERIC STARTING +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +source _common.sh +source /usr/share/yunohost/helpers +source _ynh_add_fpm_config + +#================================================= +# RETRIEVE ARGUMENTS +#================================================= + +app=${YNH_APP_INSTANCE_NAME:-$YNH_APP_ID} + +#================================================= +# LOAD VALUES +#================================================= + +# Load the real value from the app config or elsewhere. +# Then get the value from the form. +# If the form has a value for a variable, take the value from the form, +# Otherwise, keep the value from the app config. + +# Footprint for php-fpm +old_fpm_footprint="$(ynh_app_setting_get --app=$app --key=fpm_footprint)" +fpm_footprint="${YNH_CONFIG_MAIN_PHP_FPM_CONFIG_FOOTPRINT:-$old_fpm_footprint}" + +# Free footprint value for php-fpm +# Check if fpm_footprint is an integer +if [ "$fpm_footprint" -eq "$fpm_footprint" ] 2> /dev/null +then + # If fpm_footprint is an integer, that's a numeric value for the footprint + old_free_footprint=$fpm_footprint + fpm_footprint=specific +else + old_free_footprint=0 +fi +free_footprint="${YNH_CONFIG_MAIN_PHP_FPM_CONFIG_FREE_FOOTPRINT:-$old_free_footprint}" + +# Usage for php-fpm +old_fpm_usage="$(ynh_app_setting_get --app=$app --key=fpm_usage)" +fpm_usage="${YNH_CONFIG_MAIN_PHP_FPM_CONFIG_USAGE:-$old_fpm_usage}" + +#================================================= +# SHOW_CONFIG FUNCTION FOR 'SHOW' COMMAND +#================================================= + +show_config() { + # here you are supposed to read some config file/database/other then print the values + # ynh_return "YNH_CONFIG_${PANEL_ID}_${SECTION_ID}_${OPTION_ID}=value" + + ynh_return "YNH_CONFIG_MAIN_PHP_FPM_CONFIG_FOOTPRINT=$fpm_footprint" + ynh_return "YNH_CONFIG_MAIN_PHP_FPM_CONFIG_FREE_FOOTPRINT=$free_footprint" + ynh_return "YNH_CONFIG_MAIN_PHP_FPM_CONFIG_USAGE=$fpm_usage" +} + +#================================================= +# MODIFY THE CONFIGURATION +#================================================= + +apply_config() { + + #================================================= + # RECONFIGURE PHP-FPM + #================================================= + + if [ "$fpm_usage" != "$old_fpm_usage" ] || [ "$fpm_footprint" != "$old_fpm_footprint" ] || [ "$free_footprint" != "$old_free_footprint" ] + then + # If fpm_footprint is set to 'specific', use $free_footprint value. + if [ "$fpm_footprint" = "specific" ] + then + fpm_footprint=$free_footprint + fi + + if [ "$fpm_footprint" != "0" ] + then + ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint + else + ynh_print_err --message="When selecting 'specific', you have to set a footprint value into the field below." + fi + fi +} + +#================================================= +# GENERIC FINALIZATION +#================================================= +# SELECT THE ACTION FOLLOWING THE GIVEN ARGUMENT +#================================================= + +case $1 in + show) show_config;; + apply) apply_config;; +esac diff --git a/scripts/install b/scripts/install index 47fe8e7..7204c65 100755 --- a/scripts/install +++ b/scripts/install @@ -8,6 +8,7 @@ source _common.sh source /usr/share/yunohost/helpers +source _ynh_add_fpm_config #================================================= # MANAGE SCRIPT FAILURE @@ -57,6 +58,8 @@ ynh_script_progression --message="Installing dependencies..." --weight=60 ynh_install_app_dependencies $pkg_dependencies +ynh_install_php --phpversion="$YNH_PHP_VERSION" --package="$extra_pkg_dependencies" + #================================================= # CREATE A MYSQL DATABASE #================================================= @@ -90,7 +93,7 @@ ynh_setup_source --dest_dir="$final_path" ynh_script_progression --message="Configuring nginx web server..." --weight=2 # Check if .well-known is available for this domain -if is_url_handled --url="https://$domain/.well-known/caldav" || is_url_handled --url="https://$domain/.well-known/carddav" +if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav" then ynh_print_warn --message="Another app already uses the domain $domain to serve a caldav/carddav feature. You may encounter issues when dealing with your calendar or address book." @@ -99,7 +102,7 @@ then fi # Create a dedicated nginx config -ynh_add_nginx_config +ynh_add_nginx_config YNH_PHP_VERSION #================================================= # CREATE DEDICATED USER @@ -115,7 +118,7 @@ ynh_system_user_create --username=$app ynh_script_progression --message="Configuring php-fpm..." --weight=2 # Create a dedicated php-fpm config -ynh_add_fpm_config +ynh_add_fpm_config --usage=medium --footprint=high #================================================= # SPECIFIC SETUP @@ -136,7 +139,7 @@ ynh_script_progression --message="Installing nextcloud..." --weight=30 # Define a function to execute commands with `occ` exec_occ() { (cd "$final_path" && exec_as "$app" \ - php occ --no-interaction --no-ansi "$@") + php$YNH_PHP_VERSION occ --no-interaction --no-ansi "$@") } # Set write access for the following commands @@ -266,6 +269,7 @@ chmod 644 "$cron_path" ynh_replace_string --match_string="__USER__" --replace_string="$app" --target_file="$cron_path" ynh_replace_string --match_string="__DESTDIR__" --replace_string="$final_path" --target_file="$cron_path" +ynh_replace_string --match_string="__YNH_PHP_VERSION__" --replace_string="$YNH_PHP_VERSION" --target_file="$cron_path" exec_occ background:cron @@ -273,7 +277,7 @@ exec_occ background:cron # POST-INSTALL MAINTENANCE #================================================= -(cd /tmp ; at now + 10 minutes <<< "(cd $final_path ; sudo -u $app php occ db:add-missing-indices ; sudo -u $app php occ db:convert-filecache-bigint -n) > /tmp/${app}_maintenance.log") +(cd /tmp ; at now + 10 minutes <<< "(cd $final_path ; sudo -u $app php${YNH_PHP_VERSION} occ db:add-missing-indices ; sudo -u $app php${YNH_PHP_VERSION} occ db:convert-filecache-bigint -n) > /tmp/${app}_maintenance.log") #================================================= # CONFIGURE THE HOOK FILE FOR USER CREATE diff --git a/scripts/restore b/scripts/restore index c6c8e7e..c62be63 100755 --- a/scripts/restore +++ b/scripts/restore @@ -8,6 +8,7 @@ source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers +source _ynh_add_fpm_config #================================================= # MANAGE SCRIPT FAILURE @@ -47,7 +48,7 @@ test ! -d $final_path \ ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" # Check if .well-known is available for this domain -if is_url_handled --url="https://$domain/.well-known/caldav" || is_url_handled --url="https://$domain/.well-known/carddav" +if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav" then ynh_print_warn --message="Another app already uses the domain $domain to serve a caldav/carddav feature. You may encounter issues when dealing with your calendar or address book." @@ -83,7 +84,7 @@ ynh_system_user_create --username=$app # RESTORE THE PHP-FPM CONFIGURATION #================================================= -ynh_restore_file --origin_path="/etc/php/7.0/fpm/pool.d/$app.conf" +ynh_restore_file --origin_path="/etc/php/$YNH_PHP_VERSION/fpm/pool.d/$app.conf" #================================================= # SPECIFIC RESTORATION @@ -95,6 +96,8 @@ ynh_script_progression --message="Reinstalling dependencies..." --weight=60 # Define and install dependencies ynh_install_app_dependencies $pkg_dependencies +ynh_install_php --phpversion="$YNH_PHP_VERSION" --package="$extra_pkg_dependencies" + #================================================= # RESTORE THE CRON FILE #================================================= @@ -169,7 +172,7 @@ ynh_systemd_action --action=restart --service_name=fail2ban #================================================= ynh_script_progression --message="Reloading nginx web server and php-fpm..." -ynh_systemd_action --service_name=php7.0-fpm --action=reload +ynh_systemd_action --service_name=php${YNH_PHP_VERSION}-fpm --action=reload ynh_systemd_action --service_name=nginx --action=reload #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 8a63ab3..c7de781 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -8,6 +8,7 @@ source _common.sh source /usr/share/yunohost/helpers +source _ynh_add_fpm_config #================================================= # LOAD SETTINGS @@ -23,6 +24,9 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path) db_name=$(ynh_app_setting_get --app=$app --key=db_name) user_home=$(ynh_app_setting_get --app=$app --key=user_home) +fpm_footprint=$(ynh_app_setting_get --app=$app --key=fpm_footprint) +fpm_usage=$(ynh_app_setting_get --app=$app --key=fpm_usage) + #================================================= # CHECK VERSION #================================================= @@ -49,6 +53,18 @@ fi # Remove the option backup_core_only if it's in the settings.yml file ynh_app_setting_delete --app=$app --key=backup_core_only +# If fpm_footprint doesn't exist, create it +if [ -z "$fpm_footprint" ]; then + fpm_footprint=high + ynh_app_setting_set --app=$app --key=fpm_footprint --value=$fpm_footprint +fi + +# If fpm_usage doesn't exist, create it +if [ -z "$fpm_usage" ]; then + fpm_usage=medium + ynh_app_setting_set --app=$app --key=fpm_usage --value=$fpm_usage +fi + #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= @@ -116,6 +132,15 @@ fi # Normalize the URL path syntax path_url=$(ynh_normalize_url_path --path_url=$path_url) +#================================================= +# UPGRADE DEPENDENCIES +#================================================= +ynh_script_progression --message="Upgrading dependencies..." --weight=7 + +ynh_install_app_dependencies $pkg_dependencies + +ynh_install_php --phpversion="$YNH_PHP_VERSION" --package="$extra_pkg_dependencies" + #================================================= # STANDARD UPGRADE STEPS #================================================= @@ -126,11 +151,11 @@ ynh_script_progression --message="Upgrading nginx web server configuration..." - ynh_backup_if_checksum_is_different --file="/etc/nginx/conf.d/$domain.d/$app.conf" # Delete current nginx configuration to be able to check if .well-known is already served. -ynh_remove_nginx_config +ynh_remove_nginx_config $YNH_PHP_VERSION ynh_app_setting_delete --app=$app --key="checksum__etc_nginx_conf.d_$domain.d_$app.conf" # Check if .well-known is available for this domain -if is_url_handled --url="https://$domain/.well-known/caldav" || is_url_handled --url="https://$domain/.well-known/carddav" +if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav" then ynh_print_warn --message="Another app already uses the domain $domain to serve a caldav/carddav feature. You may encounter issues when dealing with your calendar or address book." @@ -139,7 +164,7 @@ then fi # Create a dedicated nginx config -ynh_add_nginx_config +ynh_add_nginx_config YNH_PHP_VERSION #================================================= # CREATE DEDICATED USER @@ -155,20 +180,13 @@ ynh_system_user_create --username=$app ynh_script_progression --message="Upgrading php-fpm configuration..." --weight=2 # Create a dedicated php-fpm config -ynh_add_fpm_config +ynh_add_fpm_config --phpversion="$YNH_PHP_VERSION" --usage=$fpm_usage --footprint=$fpm_footprint # Delete existing ini configuration file (backward compatibility) -if [ -f /etc/php/7.0/fpm/conf.d/20-$app.ini ]; then - ynh_secure_remove --file=/etc/php/7.0/fpm/conf.d/20-$app.ini +if [ -f /etc/php/$YNH_PHP_VERSION/fpm/conf.d/20-$app.ini ]; then + ynh_secure_remove --file=/etc/php/$YNH_PHP_VERSION/fpm/conf.d/20-$app.ini fi -#================================================= -# UPGRADE DEPENDENCIES -#================================================= -ynh_script_progression --message="Upgrading dependencies..." --weight=7 - -ynh_install_app_dependencies $pkg_dependencies - #================================================= # SPECIFIC UPGRADE #================================================= @@ -179,7 +197,7 @@ ynh_install_app_dependencies $pkg_dependencies # Define a function to execute commands with `occ` exec_occ() { (cd "$final_path" && exec_as "$app" \ - php occ --no-interaction --no-ansi "$@") + php$YNH_PHP_VERSION occ --no-interaction --no-ansi "$@") } # Define a function to add an external storage @@ -364,6 +382,7 @@ chmod 644 "$cron_path" ynh_replace_string --match_string="__USER__" --replace_string="$app" --target_file="$cron_path" ynh_replace_string --match_string="__DESTDIR__" --replace_string="$final_path" --target_file="$cron_path" +ynh_replace_string --match_string="__YNH_PHP_VERSION__" --replace_string="$YNH_PHP_VERSION" --target_file="$cron_path" exec_occ background:cron diff --git a/scripts/upgrade.d/upgrade.15.sh b/scripts/upgrade.d/upgrade.15.sh new file mode 100644 index 0000000..a8c2c1c --- /dev/null +++ b/scripts/upgrade.d/upgrade.15.sh @@ -0,0 +1,7 @@ +#!/bin/bash + +# Last available nextcloud version +next_version="16.0.0" + +# Nextcloud tarball checksum sha256 +nextcloud_source_sha256="4532f7028b1d9bf060f75ac4fbbde52a59ecd9c9155f3178a038d3cf3609402e" diff --git a/scripts/upgrade.d/upgrade.16.sh b/scripts/upgrade.d/upgrade.16.sh new file mode 100755 index 0000000..cb0d88a --- /dev/null +++ b/scripts/upgrade.d/upgrade.16.sh @@ -0,0 +1,7 @@ +#!/bin/bash + +# Last available nextcloud version +next_version="17.0.0" + +# Nextcloud tarball checksum sha256 +nextcloud_source_sha256="6081421b33ecdb3130b2bfb2293a3f4045aeb0b471ee570e675de3d931a142a6" diff --git a/scripts/upgrade.d/upgrade.17.sh b/scripts/upgrade.d/upgrade.17.sh new file mode 100755 index 0000000..35200da --- /dev/null +++ b/scripts/upgrade.d/upgrade.17.sh @@ -0,0 +1,7 @@ +#!/bin/bash + +# Last available nextcloud version +next_version="18.0.0" + +# Nextcloud tarball checksum sha256 +nextcloud_source_sha256="194095a5586d84040bc455f77b8aa6c80f9a6a6dd713c9aebdad046713d4267b" diff --git a/scripts/upgrade.d/upgrade.last.sh b/scripts/upgrade.d/upgrade.last.sh index 8baa589..24a1692 100755 --- a/scripts/upgrade.d/upgrade.last.sh +++ b/scripts/upgrade.d/upgrade.last.sh @@ -1,10 +1,10 @@ #!/bin/bash # Last available nextcloud version -next_version="15.0.12" +next_version="18.0.2" # Nextcloud tarball checksum sha256 -nextcloud_source_sha256="708966e18c2bacc33ea0dca59449d4c4f9b5ec935f0ef6fa5d02bfe8ae10f682" +nextcloud_source_sha256="d033660923dd27106ec64bff0e3afa2f595bd1b9661b7ea7882a1a33006ecb81" # This function will only be executed upon applying the last upgrade referenced above last_upgrade_operations () { @@ -12,5 +12,5 @@ last_upgrade_operations () { cp -a ../sources/patches_last_version/* ../sources/patches # Execute post-upgrade operations later on - (cd /tmp ; at now + 10 minutes <<< "(cd $final_path ; sudo -u $app php occ db:add-missing-indices ; sudo -u $app php occ db:convert-filecache-bigint -n) > /tmp/${app}_maintenance.log") + (cd /tmp ; at now + 10 minutes <<< "(cd $final_path ; sudo -u $app php${YNH_PHP_VERSION} occ db:add-missing-indices ; sudo -u $app php${YNH_PHP_VERSION} occ db:convert-filecache-bigint -n) > /tmp/${app}_maintenance.log") } diff --git a/sources/patches_last_version/app-00-add-logout_url-conf.patch b/sources/patches_last_version/app-00-add-logout_url-conf.patch index 07a9531..919f2d4 100644 --- a/sources/patches_last_version/app-00-add-logout_url-conf.patch +++ b/sources/patches_last_version/app-00-add-logout_url-conf.patch @@ -1,16 +1,21 @@ diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php -index f83b03bc90..568e20dcd7 100644 +index 13aef8f67a..55d8dbf9d1 100644 --- a/core/Controller/LoginController.php +++ b/core/Controller/LoginController.php -@@ -130,7 +130,10 @@ class LoginController extends Controller { +@@ -119,11 +119,12 @@ class LoginController extends Controller { } $this->userSession->logout(); - -- $response = new RedirectResponse($this->urlGenerator->linkToRouteAbsolute('core.login.showLoginForm')); + +- $response = new RedirectResponse($this->urlGenerator->linkToRouteAbsolute( +- 'core.login.showLoginForm', +- ['clear' => true] // this param the the code in login.js may be removed when the "Clear-Site-Data" is working in the browsers + $redirectUrl = $this->config->getSystemValue('logout_url', -+ $this->urlGenerator->linkToRouteAbsolute('core.login.showLoginForm')); -+ ++ $this->urlGenerator->linkToRouteAbsolute( ++ 'core.login.showLoginForm', ++ ['clear' => true] // this param the the code in login.js may be removed when the "Clear-Site-Data" is working in the browsers) + )); +- + $response = new RedirectResponse($redirectUrl); $this->session->set('clearingExecutionContexts', '1'); $this->session->close(); - $response->addHeader('Clear-Site-Data', '"cache", "storage", "executionContexts"'); +