YunoHost-Apps/nextcloud_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/nextcloud_ynh.git synced 2024-09-03 19:55:57 +02:00
Code Issues Activity Actions

Merge edefc82ab3 into 12024a67e0

Browse source
This commit is contained in:
eric_G 2024-07-30 21:12:58 +02:00 committed by GitHub
commit 7bc94487c0
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
20 changed files with 223 additions and 372 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.gitignore vendored
View file

@ -1,2 +1,3 @@
*~ *~
*.sw[op] *.sw[op]
.DS_Store

124
conf/config.json
View file

@ -1,62 +1,62 @@
{ {
"system": { "system": {
"updatechecker": false, "updatechecker": false,
"memcache.local": "\\OC\\Memcache\\APCu", "memcache.local": "\\OC\\Memcache\\APCu",
"integrity.check.disabled": true, "integrity.check.disabled": true,
"filelocking.enabled": true, "filelocking.enabled": true,
"memcache.locking": "\\OC\\Memcache\\Redis", "memcache.locking": "\\OC\\Memcache\\Redis",
"redis": { "redis": {
"host": "localhost", "host": "localhost",
"port": "6379", "port": "6379",
"timeout": "0.0", "timeout": "0.0",
"password": "" "password": ""
}, },
"hashing_default_password": true, "hashing_default_password": true,
"localstorage.allowsymlinks": true, "localstorage.allowsymlinks": true,
"simpleSignUpLink.shown": false, "simpleSignUpLink.shown": false,
"maintenance_window_start": 1, "maintenance_window_start": 1,
"mail_smtpmode": "smtp", "mail_smtpmode": "smtp",
"mail_smtpport": "25", "mail_smtpport": "25",
"mail_smtpauth": 1, "mail_smtpauth": 1,
"mail_smtpname": "__APP__", "mail_smtpname": "__APP__",
"mail_smtppassword": "__MAIL_PWD__", "mail_smtppassword": "__MAIL_PWD__",
"mail_sendmailmode": "smtp", "mail_sendmailmode": "smtp",
"mail_from_address": "__APP__", "mail_from_address": "__APP__",
"mail_domain": "__DOMAIN__", "mail_domain": "__DOMAIN__",
"mail_smtphost": "localhost", "mail_smtphost": "localhost",
"mail_smtpstreamoptions": { "mail_smtpstreamoptions": {
"ssl": { "ssl": {
"allow_self_signed": true, "allow_self_signed": true,
"verify_peer": false, "verify_peer": false,
"verify_peer_name": false "verify_peer_name": false
} }
} }
}, },
"apps": { "apps": {
"user_ldap": { "user_ldap": {
"ldap_base": "dc=yunohost,dc=org", "ldap_base": "dc=yunohost,dc=org",
"ldap_base_groups": "ou=groups,dc=yunohost,dc=org", "ldap_base_groups": "ou=groups,dc=yunohost,dc=org",
"ldap_base_users": "ou=users,dc=yunohost,dc=org", "ldap_base_users": "ou=users,dc=yunohost,dc=org",
"ldap_cache_ttl": "600", "ldap_cache_ttl": "600",
"ldap_configuration_active": "1", "ldap_configuration_active": "1",
"ldap_display_name": "displayname", "ldap_display_name": "displayname",
"ldap_email_attr": "mail", "ldap_email_attr": "mail",
"ldap_expert_username_attr": "uid", "ldap_expert_username_attr": "uid",
"ldap_group_display_name": "cn", "ldap_group_display_name": "cn",
"ldap_group_filter": "(&(objectclass=top)(memberUid=*))", "ldap_group_filter": "(&(objectclass=top)(memberUid=*))",
"ldap_group_filter_mode": "0", "ldap_group_filter_mode": "0",
"ldap_groupfilter_objectclass": "posixGroup", "ldap_groupfilter_objectclass": "posixGroup",
"ldap_group_member_assoc_attribute": "memberUid", "ldap_group_member_assoc_attribute": "memberUid",
"ldap_host": "localhost", "ldap_host": "localhost",
"ldap_login_filter": "(&(|(objectclass=posixAccount))(uid=%uid)(permission=cn=__APP__.main,ou=permission,dc=yunohost,dc=org))", "ldap_login_filter": "(&(|(objectclass=posixAccount))(uid=%uid)(permission=cn=__APP__.main,ou=permission,dc=yunohost,dc=org))",
"ldap_login_filter_mode": "0", "ldap_login_filter_mode": "0",
"ldap_port": "389", "ldap_port": "389",
"ldap_quota_attr": "userquota", "ldap_quota_attr": "userquota",
"ldap_tls": "0", "ldap_tls": "0",
"ldap_user_display_name": "cn", "ldap_user_display_name": "cn",
"ldap_user_filter_mode": "0", "ldap_user_filter_mode": "0",
"ldap_userfilter_objectclass": "posixAccount", "ldap_userfilter_objectclass": "posixAccount",
"ldap_userlist_filter": "objectclass=posixAccount" "ldap_userlist_filter": "objectclass=posixAccount"
} }
} }
} }

3
conf/extra_php-fpm.conf
View file

@ -1,9 +1,6 @@
; Additional php.ini defines, specific to this pool of workers. ; Additional php.ini defines, specific to this pool of workers.
env[PATH] = $PATH env[PATH] = $PATH
php_admin_value[memory_limit] = 512M
php_value[upload_max_filesize] = 10G
php_value[post_max_size] = 10G
php_value[default_charset] = UTF-8 php_value[default_charset] = UTF-8
; OPcache is already activated by default ; OPcache is already activated by default
; php_value[opcache.enable]=1 ; php_value[opcache.enable]=1

2
conf/nextcloud.cron
View file

@ -1 +1 @@
*/5 * * * * __APP__ /usr/bin/php__PHPVERSION__ --define apc.enable_cli=1 -f __INSTALL_DIR__/cron.php */5 * * * * __APP__ /usr/bin/php__PHP_VERSION__ --define apc.enable_cli=1 -f __INSTALL_DIR__/cron.php

2
conf/nginx.conf
View file

@ -117,7 +117,7 @@ location ^~ __PATH__/ {
fastcgi_param modHeadersAvailable true; # Avoid sending the security headers twice fastcgi_param modHeadersAvailable true; # Avoid sending the security headers twice
fastcgi_param front_controller_active true; # Enable pretty urls fastcgi_param front_controller_active true; # Enable pretty urls
fastcgi_param HTTP_ACCEPT_ENCODING ""; # Disable encoding of Nextcloud response to inject ynh scripts fastcgi_param HTTP_ACCEPT_ENCODING ""; # Disable encoding of Nextcloud response to inject ynh scripts
fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock; fastcgi_pass unix:/var/run/php/php__PHP_VERSION__-fpm-__APP__.sock;
fastcgi_intercept_errors on; fastcgi_intercept_errors on;
fastcgi_request_buffering off; fastcgi_request_buffering off;

26
config_panel.toml
View file

@ -19,29 +19,3 @@ name = "Nextcloud configuration"
type = "boolean" type = "boolean"
yes = "yes" yes = "yes"
no = "no" no = "no"
[main.php_fpm_config]
name = "PHP-FPM configuration"
[main.php_fpm_config.fpm_footprint]
ask = "Memory footprint"
type = "select"
choices.low = "Low, <= 20Mb per pool"
choices.medium = "Medium, between 20Mb and 40Mb per pool"
choices.high = "High, > 40Mb per pool"
choices.specific = "Use specific value"
default = "low"
[main.php_fpm_config.fpm_free_footprint]
visible = "fpm_footprint == 'specific'"
ask = "Memory footprint of the service?"
type = "number"
default = "0"
help = "Free field to specify exactly the footprint in Mb if you don't want to use one of the three previous values."
[main.php_fpm_config.fpm_usage]
ask = "Expected usage"
type = "select"
choices = ["low", "medium", "high"]
default = "low"
help = "low: Personal usage, behind the SSO. No RAM footprint when not used, but the impact on the processor can be high if many users are using the service.<br>medium: Low usage, few people or/and publicly accessible. Low RAM footprint, medium processor footprint when used.<br>high: High usage, frequently visited website. High RAM footprint, but lower on processor usage and quickly responding."

4
hooks/post_user_delete
View file

@ -5,12 +5,12 @@ source /usr/share/yunohost/helpers
user="$1" user="$1"
app="$(basename $0 | cut -d- -f 2-)" # Extract the app name from the script name, which is supposed to be something like "50-app_id" app="$(basename $0 | cut -d- -f 2-)" # Extract the app name from the script name, which is supposed to be something like "50-app_id"
install_dir=$(ynh_app_setting_get --app=$app --key=install_dir) install_dir=$(ynh_app_setting_get --app=$app --key=install_dir)
phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) php_version=$(ynh_app_setting_get --app=$app --key=php_version)
# Define a function to execute commands with `occ` # Define a function to execute commands with `occ`
exec_occ() { exec_occ() {
(cd "$install_dir" && ynh_exec_as "$app" \ (cd "$install_dir" && ynh_exec_as "$app" \
php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi "$@") php${php_version} --define apc.enable_cli=1 occ --no-interaction --no-ansi "$@")
} }
exec_occ user:delete $user exec_occ user:delete $user

4
manifest.toml
View file

@ -19,7 +19,8 @@ code = "https://github.com/nextcloud/server"
cpe = "cpe:2.3:a:nextcloud:nextcloud" cpe = "cpe:2.3:a:nextcloud:nextcloud"
[integration] [integration]
yunohost = ">= 11.2" yunohost = ">= 11.2.19"
helpers_version = "2.1"
architectures = ["amd64", "arm64", "armhf"] architectures = ["amd64", "arm64", "armhf"]
multi_instance = true multi_instance = true
@ -102,6 +103,7 @@ ram.runtime = "512M"
allow_email = true allow_email = true
[resources.install_dir] [resources.install_dir]
group = "www-data:r-x"
[resources.data_dir] [resources.data_dir]
subdirs = ["data"] subdirs = ["data"]

0
sources/patches_last_version/app-00-add-logout_url-conf.patch → patches/main/00-add-logout_url-conf.patch
View file

0
sources/patches_last_version/app-01-disable-CSPv3-nonce_and_allow-YNH-fonts.patch → patches/main/01-disable-CSPv3-nonce_and_allow-YNH-fonts.patch
View file

0
sources/patches_last_version/app-02-Allow-for-eval-in-JS-scripts-for-YunoHost-tile.patch → patches/main/02-Allow-for-eval-in-JS-scripts-for-YunoHost-tile.patch
View file

12
scripts/_common.sh
View file

@ -1,18 +1,14 @@
#!/bin/bash #!/bin/bash
#================================================= #=================================================
# COMMON VARIABLES # COMMON VARIABLES AND CUSTOM HELPERS
#=================================================
#=================================================
# EXPERIMENTAL HELPERS
#================================================= #=================================================
# Check if an URL is already handled # Check if an URL is already handled
# usage: is_url_handled --domain=DOMAIN --path=PATH_URI # usage: is_url_handled --domain=DOMAIN --path=PATH_URI
is_url_handled() { is_url_handled() {
# Declare an array to define the options of this helper. # Declare an array to define the options of this helper.
local legacy_args=dp #REMOVEME? local legacy_args=dp
declare -Ar args_array=( [d]=domain= [p]=path= ) declare -Ar args_array=( [d]=domain= [p]=path= )
local domain local domain
local path local path
@ -39,7 +35,3 @@ is_url_handled() {
return 1 return 1
fi fi
} }
#=================================================
# FUTURE OFFICIAL HELPERS
#=================================================

35
scripts/backup
View file

@ -1,43 +1,34 @@
#!/bin/bash #!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source ../settings/scripts/_common.sh source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
source ../settings/scripts/_ynh_mysql_dump_db.sh source ../settings/scripts/_ynh_mysql_dump_db.sh
#================================================= ynh_print_info "Declaring files to be backed up..."
# DECLARE DATA AND CONF FILES TO BACKUP
#=================================================
ynh_print_info --message="Declaring files to be backed up..."
#================================================= #=================================================
# BACKUP THE APP MAIN DIR # BACKUP THE APP MAIN DIR
#================================================= #=================================================
ynh_backup --src_path="$install_dir" ynh_backup "$install_dir"
#================================================= #=================================================
# BACKUP THE DATA DIRECTORY # BACKUP THE DATA DIRECTORY
#================================================= #=================================================
ynh_backup --src_path="$data_dir" --is_big ynh_backup "$data_dir"
#================================================= #=================================================
# BACKUP THE NGINX CONFIGURATION # BACKUP THE NGINX CONFIGURATION
#================================================= #=================================================
ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf"
#================================================= #=================================================
# BACKUP THE PHP-FPM CONFIGURATION # BACKUP THE PHP-FPM CONFIGURATION
#================================================= #=================================================
ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" ynh_backup "/etc/php/$php_version/fpm/pool.d/$app.conf"
#================================================= #=================================================
# SPECIFIC BACKUP # SPECIFIC BACKUP
@ -45,36 +36,36 @@ ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
# BACKUP LOGROTATE # BACKUP LOGROTATE
#================================================= #=================================================
ynh_backup --src_path="/etc/logrotate.d/$app" ynh_backup "/etc/logrotate.d/$app"
#================================================= #=================================================
# BACKUP FAIL2BAN CONFIGURATION # BACKUP FAIL2BAN CONFIGURATION
#================================================= #=================================================
ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf" ynh_backup "/etc/fail2ban/jail.d/$app.conf"
ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf" ynh_backup "/etc/fail2ban/filter.d/$app.conf"
#================================================= #=================================================
# BACKUP THE CRON FILE # BACKUP THE CRON FILE
#================================================= #=================================================
ynh_backup --src_path="/etc/cron.d/$app" ynh_backup "/etc/cron.d/$app"
#================================================= #=================================================
# BACKUP LOGS # BACKUP LOGS
#================================================= #=================================================
ynh_backup --src_path="/var/log/$app" ynh_backup "/var/log/$app"
#================================================= #=================================================
# BACKUP THE MYSQL DATABASE # BACKUP THE MYSQL DATABASE
#================================================= #=================================================
ynh_print_info --message="Backing up the MySQL database..." ynh_print_info "Backing up the MySQL database..."
ynh_mysql_dump_db --database="$db_name" --default_character_set="utf8mb4" > db.sql ynh_mysql_dump_db --default_character_set="utf8mb4" > db.sql
#================================================= #=================================================
# END OF SCRIPT # END OF SCRIPT
#================================================= #=================================================
ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." ynh_print_info "Backup script completed for $app. (YunoHost will then actually copy those files to the archive)."

26
scripts/change_url
View file

@ -1,30 +1,24 @@
#!/bin/bash #!/bin/bash
#=================================================
# GENERIC STARTING
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh source _common.sh
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
#================================================= #=================================================
# MODIFY URL IN NGINX CONF # MODIFY URL IN NGINX CONF
#================================================= #=================================================
ynh_script_progression --message="Updating NGINX web server configuration..." --weight=2 ynh_script_progression "Updating NGINX web server configuration..."
ynh_change_url_nginx_config ynh_config_change_url_nginx
#================================================= #=================================================
# SPECIFIC MODIFICATIONS # SPECIFIC MODIFICATIONS
#================================================= #=================================================
ynh_script_progression --message="Applying $app specific modifications..." --weight=2 ynh_script_progression "Applying $app specific modifications..."
# Define a function to execute commands with `occ` # Define a function to execute commands with `occ`
exec_occ() { exec_occ() {
(cd "$install_dir" && ynh_exec_as "$app" \ (cd "$install_dir" && ynh_exec_as_app \
php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi "$@") php${php_version} --define apc.enable_cli=1 occ --no-interaction --no-ansi "$@")
} }
if [ $change_domain -eq 1 ] if [ $change_domain -eq 1 ]
@ -36,23 +30,23 @@ then
exec_occ config:system:set overwrite.cli.url --value="https://${new_domain}${new_path}" exec_occ config:system:set overwrite.cli.url --value="https://${new_domain}${new_path}"
# Reload php fpm, necessary for force nextcloud to re-read config.php, cf opcache.revalidate_freq # Reload php fpm, necessary for force nextcloud to re-read config.php, cf opcache.revalidate_freq
ynh_systemd_action --service_name=php${phpversion}-fpm --action=reload ynh_systemctl --service=php${php_version}-fpm --action=reload
# Check if .well-known is available for this domain # Check if .well-known is available for this domain
if is_url_handled --domain="$new_domain" --path="/.well-known/caldav" || is_url_handled --domain="$new_domain" --path="/.well-known/carddav" if is_url_handled --domain="$new_domain" --path="/.well-known/caldav" || is_url_handled --domain="$new_domain" --path="/.well-known/carddav"
then then
ynh_print_warn --message="Another app already uses the domain $new_domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book." ynh_print_warn "Another app already uses the domain $new_domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book."
# Remove lines about .well-known/carddav and caldav with sed. # Remove lines about .well-known/carddav and caldav with sed.
sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "/etc/nginx/conf.d/$new_domain.d/$app.conf" sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "/etc/nginx/conf.d/$new_domain.d/$app.conf"
ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" ynh_store_file_checksum "/etc/nginx/conf.d/$new_domain.d/$app.conf"
fi fi
fi fi
#================================================= #=================================================
# SETUP SSOWAT # SETUP SSOWAT
#================================================= #=================================================
ynh_script_progression --message="Configuring permissions..." ynh_script_progression "Configuring permissions..."
# Temporary fix for the API permission (workaround for https://github.com/YunoHost/issues/issues/2294 ) # Temporary fix for the API permission (workaround for https://github.com/YunoHost/issues/issues/2294 )
ynh_permission_url --permission="api" --url="re:$new_domain\/.well-known\/.*" --auth_header="false" --clear_urls ynh_permission_url --permission="api" --url="re:$new_domain\/.well-known\/.*" --auth_header="false" --clear_urls
@ -61,4 +55,4 @@ ynh_permission_url --permission="api" --url="re:$new_domain\/.well-known\/.*" --
# END OF SCRIPT # END OF SCRIPT
#================================================= #=================================================
ynh_script_progression --message="Change of URL completed for $app" --last ynh_script_progression "Change of URL completed for $app"

101
scripts/config
View file

@ -1,22 +1,13 @@
#!/bin/bash #!/bin/bash
#=================================================
# GENERIC STARTING
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh source _common.sh
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
ynh_abort_if_errors
#================================================= #=================================================
# RETRIEVE ARGUMENTS # RETRIEVE ARGUMENTS
#================================================= #=================================================
phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) php_version=$(ynh_app_setting_get --key=php_version)
current_fpm_footprint=$(ynh_app_setting_get --app=$app --key=fpm_footprint)
#================================================= #=================================================
# SPECIFIC GETTERS FOR TOML SHORT KEY # SPECIFIC GETTERS FOR TOML SHORT KEY
@ -24,8 +15,8 @@ current_fpm_footprint=$(ynh_app_setting_get --app=$app --key=fpm_footprint)
get__maintenance_mode() { get__maintenance_mode() {
# Maintenance mode status # Maintenance mode status
maintenance_mode_status="$(cd "$install_dir" && ynh_exec_as "$app" \ maintenance_mode_status="$(cd "$install_dir" && ynh_exec_as_app \
php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi maintenance:mode)" 2> /dev/null php${php_version} --define apc.enable_cli=1 occ --no-interaction --no-ansi maintenance:mode)" 2> /dev/null
if echo $maintenance_mode_status | grep -q "disabled" if echo $maintenance_mode_status | grep -q "disabled"
then then
echo "0" echo "0"
@ -33,37 +24,14 @@ get__maintenance_mode() {
then then
echo "1" echo "1"
else else
ynh_print_err --message="Unexpected output from maintenance status check command." ynh_print_warn "Unexpected output from maintenance status check command."
exit 0 exit 0
fi fi
} }
get__system_addressbook_exposed() { get__system_addressbook_exposed() {
echo $(cd "$install_dir" && ynh_exec_as "$app" \ echo $(cd "$install_dir" && ynh_exec_as_app \
php${phpversion} --define apc.enable_cli=1 occ config:app:get dav system_addressbook_exposed) php${php_version} --define apc.enable_cli=1 occ config:app:get dav system_addressbook_exposed)
}
get__fpm_footprint() {
# Free footprint value for php-fpm
# Check if current_fpm_footprint is an integer
if [ "$current_fpm_footprint" -eq "$current_fpm_footprint" ] 2> /dev/null
then
echo "specific"
else
echo "$current_fpm_footprint"
fi
}
get__fpm_free_footprint() {
# Free footprint value for php-fpm
# Check if current_fpm_footprint is an integer
if [ "$current_fpm_footprint" -eq "$current_fpm_footprint" ] 2> /dev/null
then
# If current_fpm_footprint is an integer, that's a numeric value for the footprint
echo "$current_fpm_footprint"
else
echo "0"
fi
} }
#================================================= #=================================================
@ -73,65 +41,22 @@ get__fpm_free_footprint() {
set__maintenance_mode() { set__maintenance_mode() {
if [ "$maintenance_mode" -eq "0" ]; then if [ "$maintenance_mode" -eq "0" ]; then
# If maintenance_mode was set to 0, disable maintenance mode # If maintenance_mode was set to 0, disable maintenance mode
(cd "$install_dir" && ynh_exec_as "$app" \ (cd "$install_dir" && ynh_exec_as_app \
php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi maintenance:mode --off) php${php_version} --define apc.enable_cli=1 occ --no-interaction --no-ansi maintenance:mode --off)
ynh_print_info "Maintenance mode disabled" ynh_print_info "Maintenance mode disabled"
elif [ "$maintenance_mode" -eq "1" ]; then elif [ "$maintenance_mode" -eq "1" ]; then
# If maintenance_mode was set to 1, enable maintenance mode # If maintenance_mode was set to 1, enable maintenance mode
(cd "$install_dir" && ynh_exec_as "$app" \ (cd "$install_dir" && ynh_exec_as_app \
php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi maintenance:mode --on) php${php_version} --define apc.enable_cli=1 occ --no-interaction --no-ansi maintenance:mode --on)
ynh_print_info "Maintenance mode enabled" ynh_print_info "Maintenance mode enabled"
fi fi
ynh_app_setting_set --app=$app --key=maintenance_mode --value="$maintenance_mode" ynh_app_setting_set --key=maintenance_mode --value="$maintenance_mode"
} }
set__system_addressbook_exposed() { set__system_addressbook_exposed() {
(cd "$install_dir" && ynh_exec_as "$app" \ (cd "$install_dir" && ynh_exec_as_app \
php${phpversion} --define apc.enable_cli=1 occ config:app:set dav system_addressbook_exposed --value="$system_addressbook_exposed") php${php_version} --define apc.enable_cli=1 occ config:app:set dav system_addressbook_exposed --value="$system_addressbook_exposed")
ynh_print_info "System addressbook is exposed: $system_addressbook_exposed" ynh_print_info "System addressbook is exposed: $system_addressbook_exposed"
} }
set__fpm_footprint() {
if [ "$fpm_footprint" != "specific" ]
then
ynh_app_setting_set --app=$app --key=fpm_footprint --value="$fpm_footprint"
fi
}
set__fpm_free_footprint() {
if [ "$fpm_footprint" = "specific" ]
then
ynh_app_setting_set --app=$app --key=fpm_footprint --value="$fpm_free_footprint"
fi
}
#=================================================
# GENERIC FINALIZATION
#=================================================
ynh_app_config_validate() {
_ynh_app_config_validate
if [ "${changed[fpm_usage]}" == "true" ] || [ "${changed[fpm_footprint]}" == "true" ] || [ "${changed[fpm_free_footprint]}" == "true" ]; then
# If fpm_footprint is set to 'specific', use $fpm_free_footprint value.
if [ "$fpm_footprint" = "specific" ]
then
fpm_footprint=$fpm_free_footprint
fi
if [ "$fpm_footprint" == "0" ]
then
ynh_print_err --message="When selecting 'specific', you have to set a footprint value into the field below."
exit 0
fi
fi
}
ynh_app_config_apply() {
_ynh_app_config_apply
ynh_add_fpm_config
}
ynh_app_config_run $1 ynh_app_config_run $1

77
scripts/install
View file

@ -2,65 +2,65 @@
source _common.sh source _common.sh
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
ynh_app_setting_set --key=php_upload_max_filesize --value=10G
ynh_app_setting_set --key=php_memory_limit --value=512M
source _ynh_mysql_connect_as.sh source _ynh_mysql_connect_as.sh
phpflags="--define apc.enable_cli=1" phpflags="--define apc.enable_cli=1"
ynh_app_setting_set --app=$app --key=phpflags --value="$phpflags" ynh_app_setting_set --key=phpflags --value="$phpflags"
#================================================= #=================================================
# CREATE A MYSQL DATABASE # CREATE A MYSQL DATABASE
#================================================= #=================================================
ynh_script_progression --message="Migrate MySQL database to utf8..." --weight=2 ynh_script_progression "Migrate MySQL database to utf8..."
ynh_mysql_connect_as --user=$db_user --password="$db_pwd" --database=$db_name \ ynh_mysql_db_shell \
<<< "ALTER DATABASE $db_name CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;" <<< "ALTER DATABASE $db_name CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;"
#================================================= #=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE # DOWNLOAD, CHECK AND UNPACK SOURCE
#================================================= #=================================================
ynh_script_progression --message="Setting up source files..." --weight=5 ynh_script_progression "Setting up source files..."
# Enable YunoHost patches on Nextcloud sources
cp -a ../sources/patches_last_version/* ../sources/patches
# Download, check integrity, uncompress and patch the source from app.src # Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$install_dir" ynh_setup_source --dest_dir="$install_dir"
#================================================= #=================================================
# PHP-FPM CONFIGURATION # PHP-FPM CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Configuring PHP-FPM..." --weight=5 ynh_script_progression "Configuring PHP-FPM..."
ynh_app_setting_set --app=$app --key=fpm_footprint --value=high ynh_config_add_phpfpm
ynh_app_setting_set --app=$app --key=fpm_usage --value=medium
ynh_add_fpm_config
#================================================= #=================================================
# NGINX CONFIGURATION # NGINX CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Configuring NGINX web server..." --weight=2 ynh_script_progression "Configuring NGINX web server..."
# Check if .well-known is available for this domain # Check if .well-known is available for this domain
if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav" if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav"
then then
ynh_print_warn --message="Another app already uses the domain $domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book." ynh_print_warn "Another app already uses the domain $domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book."
# Remove lines about .well-known/carddav and caldav with sed. # Remove lines about .well-known/carddav and caldav with sed.
sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "../conf/nginx.conf" sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "../conf/nginx.conf"
fi fi
# Create a dedicated NGINX config # Create a dedicated NGINX config
ynh_add_nginx_config ynh_config_add_nginx
#================================================= #=================================================
# INSTALL NEXTCLOUD # INSTALL NEXTCLOUD
#================================================= #=================================================
ynh_script_progression --message="Installing $app..." --weight=30 ynh_script_progression "Installing $app..."
# Define a function to execute commands with `occ` # Define a function to execute commands with `occ`
exec_occ() { exec_occ() {
(cd "$install_dir" && ynh_exec_as "$app" \ (cd "$install_dir" && ynh_exec_as_app \
php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi "$@") php${php_version} --define apc.enable_cli=1 occ --no-interaction --no-ansi "$@")
} }
# Set write access for the following commands # Set write access for the following commands
@ -77,12 +77,12 @@ exec_occ maintenance:install \
--database-user $db_user --database-pass "$db_pwd" \ --database-user $db_user --database-pass "$db_pwd" \
--admin-user "admin" --admin-pass "$admin_password" \ --admin-user "admin" --admin-pass "$admin_password" \
--data-dir "$data_dir/data" \ --data-dir "$data_dir/data" \
|| ynh_die --message="Unable to install $app" || ynh_die "Unable to install $app"
#================================================= #=================================================
# CONFIGURE NEXTCLOUD # CONFIGURE NEXTCLOUD
#================================================= #=================================================
ynh_script_progression --message="Configuring $app..." --weight=8 ynh_script_progression "Configuring $app..."
# Set the mysql.utf8mb4 config to true in config.php # Set the mysql.utf8mb4 config to true in config.php
exec_occ config:system:set mysql.utf8mb4 --type boolean --value="true" exec_occ config:system:set mysql.utf8mb4 --type boolean --value="true"
@ -99,21 +99,21 @@ exec_occ ldap:create-empty-config
# Load the installation config file in Nextcloud # Load the installation config file in Nextcloud
nc_conf="$install_dir/config_install.json" nc_conf="$install_dir/config_install.json"
ynh_add_config --template="config_install.json" --destination="$nc_conf" ynh_config_add --template="config_install.json" --destination="$nc_conf"
exec_occ config:import "$nc_conf" exec_occ config:import "$nc_conf"
# Then remove the config file # Then remove the config file
ynh_secure_remove --file="$nc_conf" ynh_safe_rm "$nc_conf"
# Load the additional config file (used also for upgrade) # Load the additional config file (used also for upgrade)
nc_conf="$install_dir/config.json" nc_conf="$install_dir/config.json"
ynh_add_config --template="config.json" --destination="$nc_conf" ynh_config_add --template="config.json" --destination="$nc_conf"
exec_occ config:import "$nc_conf" exec_occ config:import "$nc_conf"
# Then remove the config file # Then remove the config file
ynh_secure_remove --file="$nc_conf" ynh_safe_rm "$nc_conf"
#================================================= #=================================================
# CHECK THE LDAP CONFIG # CHECK THE LDAP CONFIG
@ -121,7 +121,7 @@ ynh_secure_remove --file="$nc_conf"
# Check LDAP configuration to see if everything worked well # Check LDAP configuration to see if everything worked well
exec_occ ldap:test-config '' \ exec_occ ldap:test-config '' \
|| ynh_die --message="An error occured during LDAP configuration" || ynh_die "An error occured during LDAP configuration"
#================================================= #=================================================
# MOUNT HOME FOLDERS AS EXTERNAL STORAGE # MOUNT HOME FOLDERS AS EXTERNAL STORAGE
@ -135,7 +135,7 @@ create_external_storage() {
local mount_id=`exec_occ files_external:create --output=json \ local mount_id=`exec_occ files_external:create --output=json \
"$mount_name" 'local' 'null::null' -c "datadir=$mount_dir" || true` "$mount_name" 'local' 'null::null' -c "datadir=$mount_dir" || true`
! [[ $mount_id =~ ^[0-9]+$ ]] \ ! [[ $mount_id =~ ^[0-9]+$ ]] \
&& ynh_print_warn --message="Unable to create external storage" \ && ynh_print_warn "Unable to create external storage" \
|| exec_occ files_external:option "$mount_id" enable_sharing true || exec_occ files_external:option "$mount_id" enable_sharing true
} }
@ -176,7 +176,7 @@ exec_occ config:system:set overwrite.cli.url --value="https://${domain}${path}"
#================================================= #=================================================
# Set the user as admin # Set the user as admin
ynh_mysql_connect_as --user=$db_name --password="$db_pwd" --database=$db_name --default_character_set="utf8mb4" \ ynh_mysql_db_shell \
<<< "INSERT INTO oc_group_user VALUES ('admin','$admin');" <<< "INSERT INTO oc_group_user VALUES ('admin','$admin');"
# And delete admin user # And delete admin user
exec_occ user:delete admin exec_occ user:delete admin
@ -192,16 +192,14 @@ exec_occ config:app:set dav system_addressbook_exposed --value="$system_addressb
#================================================= #=================================================
# Calculate and store the config file checksum into the app settings # Calculate and store the config file checksum into the app settings
ynh_store_file_checksum --file="$install_dir/config/config.php" ynh_store_file_checksum "$install_dir/config/config.php"
#================================================= #=================================================
# ADD A CRON JOB # ADD A CRON JOB
#================================================= #=================================================
cron_path="/etc/cron.d/$app" cron_path="/etc/cron.d/$app"
ynh_add_config --template="nextcloud.cron" --destination="$cron_path" ynh_config_add --template="nextcloud.cron" --destination="$cron_path"
chown root: "$cron_path"
chmod 644 "$cron_path"
exec_occ background:cron exec_occ background:cron
@ -216,7 +214,7 @@ exec_occ db:convert-filecache-bigint -n
#================================================= #=================================================
# YUNOHOST MULTIMEDIA INTEGRATION # YUNOHOST MULTIMEDIA INTEGRATION
#================================================= #=================================================
ynh_script_progression --message="Adding multimedia directories..." --weight=6 ynh_script_progression "Adding multimedia directories..."
# Build YunoHost multimedia directories # Build YunoHost multimedia directories
ynh_multimedia_build_main_dir ynh_multimedia_build_main_dir
@ -227,41 +225,34 @@ create_external_storage "/home/yunohost.multimedia/share" "Shared multimedia"
# Allow nextcloud to write into these directories # Allow nextcloud to write into these directories
ynh_multimedia_addaccess $app ynh_multimedia_addaccess $app
#=================================================
# GENERIC FINALIZATION
#================================================= #=================================================
# SECURE FILES AND DIRECTORIES # SECURE FILES AND DIRECTORIES
#================================================= #=================================================
# Fix app ownerships & permissions # Fix app ownerships & permissions
chown -R $app:www-data "$install_dir" # FIXME: is this really needed x_x
chown -R $app: "$data_dir" chown -R $app: "$data_dir"
find $install_dir/ -type f -print0 | xargs -r0 chmod 0644
find $install_dir/ -type d -print0 | xargs -r0 chmod 0755
find $data_dir/data/ -type f -print0 | xargs -r0 chmod 0640 find $data_dir/data/ -type f -print0 | xargs -r0 chmod 0640
find $data_dir/data/ -type d -print0 | xargs -r0 chmod 0750 find $data_dir/data/ -type d -print0 | xargs -r0 chmod 0750
chmod 640 "$install_dir/config/config.php"
chmod 755 /home/yunohost.app
chmod 750 $install_dir
#================================================= #=================================================
# SETUP LOGROTATE # SETUP LOGROTATE
#================================================= #=================================================
ynh_script_progression --message="Configuring log rotation..." --weight=1 ynh_script_progression "Configuring log rotation..."
# Use logrotate to manage application logfile(s) # Use logrotate to manage application logfile(s)
ynh_use_logrotate ynh_config_add_logrotate
#================================================= #=================================================
# SETUP FAIL2BAN # SETUP FAIL2BAN
#================================================= #=================================================
ynh_script_progression --message="Configuring Fail2Ban..." --weight=8 ynh_script_progression "Configuring Fail2Ban..."
# Create a dedicated Fail2Ban config # Create a dedicated Fail2Ban config
ynh_add_fail2ban_config --logpath="/var/log/$app/nextcloud.log" --failregex="^.*Login failed: '.*' \(Remote IP: '<HOST>'.*$" --max_retry=5 ynh_config_add_fail2ban --logpath="/var/log/$app/nextcloud.log" --failregex="^.*Login failed: '.*' \(Remote IP: '<HOST>'.*$"
#================================================= #=================================================
# END OF SCRIPT # END OF SCRIPT
#================================================= #=================================================
ynh_script_progression --message="Installation of $app completed" --last ynh_script_progression "Installation of $app completed"

17
scripts/remove
View file

@ -6,25 +6,26 @@ source /usr/share/yunohost/helpers
#================================================= #=================================================
# REMOVE SYSTEM CONFIGURATIONS # REMOVE SYSTEM CONFIGURATIONS
#================================================= #=================================================
# REMOVE SYSTEMD SERVICE # REMOVE SYSTEMD SERVICE
#================================================= #=================================================
ynh_script_progression --message="Removing system configurations related to $app..." --weight=5 ynh_script_progression "Removing system configurations related to $app..."
# Remove the dedicated NGINX config # Remove the dedicated NGINX config
ynh_remove_nginx_config ynh_config_remove_nginx
# Remove the dedicated PHP-FPM config # Remove the dedicated PHP-FPM config
ynh_remove_fpm_config ynh_config_remove_phpfpm
# Remove the app-specific logrotate config # Remove the app-specific logrotate config
ynh_remove_logrotate ynh_config_remove_logrotate
# Remove the dedicated Fail2Ban config # Remove the dedicated Fail2Ban config
ynh_remove_fail2ban_config ynh_config_remove_fail2ban
# Remove a cron file # Remove a cron file
# TODO: Ensure that cron job is not running (How !?) # TODO: Ensure that cron job is not running (How !?)
ynh_secure_remove --file="/etc/cron.d/$app" ynh_safe_rm "/etc/cron.d/$app"
# Cleaning ACL in home directories # Cleaning ACL in home directories
for i in $(ls /home); do for i in $(ls /home); do
@ -37,4 +38,4 @@ done
# END OF SCRIPT # END OF SCRIPT
#================================================= #=================================================
ynh_script_progression --message="Removal of $app completed" --last ynh_script_progression "Removal of $app completed"

59
scripts/restore
View file

@ -9,38 +9,38 @@ source ../settings/scripts/_ynh_mysql_connect_as.sh
#================================================= #=================================================
# RESTORE THE APP MAIN DIR # RESTORE THE APP MAIN DIR
#================================================= #=================================================
ynh_script_progression --message="Restoring the app main directory..." ynh_script_progression "Restoring the app main directory..."
ynh_restore_file --origin_path="$install_dir" ynh_restore "$install_dir"
#================================================= #=================================================
# RESTORE THE MYSQL DATABASE # RESTORE THE MYSQL DATABASE
#================================================= #=================================================
ynh_script_progression --message="Restoring the MySQL database..." --weight=9 ynh_script_progression "Restoring the MySQL database..."
ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name --default_character_set="utf8mb4" < ./db.sql ynh_mysql_db_shell < ./db.sql
#================================================= #=================================================
# RESTORE THE PHP-FPM CONFIGURATION # RESTORE THE PHP-FPM CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Reconfiguring PHP-FPM..." --weight=50 ynh_script_progression "Reconfiguring PHP-FPM..."
# Restore the file first, so it can have a backup if different # Restore the file first, so it can have a backup if different
ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" ynh_restore "/etc/php/$php_version/fpm/pool.d/$app.conf"
# Recreate a dedicated PHP-FPM config # Recreate a dedicated PHP-FPM config
ynh_add_fpm_config ynh_config_add_phpfpm
#================================================= #=================================================
# RESTORE THE NGINX CONFIGURATION # RESTORE THE NGINX CONFIGURATION
#================================================= #=================================================
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_restore "/etc/nginx/conf.d/$domain.d/$app.conf"
# Check if .well-known is available for this domain # Check if .well-known is available for this domain
if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav" if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav"
then then
ynh_print_warn --message="Another app already uses the domain $domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book." ynh_print_warn "Another app already uses the domain $domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book."
# Remove lines about .well-known/CardDAV and CalDAV with sed. # Remove lines about .well-known/CardDAV and CalDAV with sed.
sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "/etc/nginx/conf.d/$domain.d/$app.conf" sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "/etc/nginx/conf.d/$domain.d/$app.conf"
@ -49,46 +49,39 @@ fi
#================================================= #=================================================
# RESTORE THE CRON FILE # RESTORE THE CRON FILE
#================================================= #=================================================
ynh_script_progression --message="Restoring cron job..." --weight=1 ynh_script_progression "Restoring cron job..."
ynh_restore_file --origin_path="/etc/cron.d/$app" ynh_restore "/etc/cron.d/$app"
#================================================= #=================================================
# RESTORE LOGS # RESTORE LOGS
#================================================= #=================================================
ynh_restore_file --origin_path="/var/log/$app" ynh_restore "/var/log/$app"
#================================================= #=================================================
# BACKUP THE LOGROTATE CONFIGURATION # BACKUP THE LOGROTATE CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Restoring the logrotate configuration..." --weight=1 ynh_script_progression "Restoring the logrotate configuration..."
ynh_restore_file --origin_path="/etc/logrotate.d/$app" ynh_restore "/etc/logrotate.d/$app"
#================================================= #=================================================
# RESTORE THE DATA DIRECTORY # RESTORE THE DATA DIRECTORY
#================================================= #=================================================
ynh_script_progression --message="Restoring data directory..." --weight=2 ynh_script_progression "Restoring data directory..."
# Use --not_mandatory for the data directory, because if the backup has been made with BACKUP_CORE_ONLY, there's no data into the backup. # Use || true for the data directory, because if the backup has been made with BACKUP_CORE_ONLY, there's no data into the backup.
ynh_restore_file --origin_path="$data_dir" --not_mandatory ynh_restore "$data_dir"
#================================================= #=================================================
# RESTORE USER RIGHTS # RESTORE USER RIGHTS
#================================================= #=================================================
# Fix app ownerships & permissions # Fix app ownerships & permissions
chown -R $app:www-data "$install_dir"
chown -R $app: "$data_dir" chown -R $app: "$data_dir"
find $install_dir/ -type f -print0 | xargs -r0 chmod 0644
find $install_dir/ -type d -print0 | xargs -r0 chmod 0755
find $data_dir/data/ -type f -print0 | xargs -r0 chmod 0640 find $data_dir/data/ -type f -print0 | xargs -r0 chmod 0640
find $data_dir/data/ -type d -print0 | xargs -r0 chmod 0750 find $data_dir/data/ -type d -print0 | xargs -r0 chmod 0750
chmod 640 "$install_dir/config/config.php"
chmod 755 /home/yunohost.app
chmod 750 $install_dir
# Iterate over users to extend their home folder permissions - for the external # Iterate over users to extend their home folder permissions - for the external
# storage plugin usage - and create relevant Nextcloud directories # storage plugin usage - and create relevant Nextcloud directories
for u in $(ynh_user_list); do for u in $(ynh_user_list); do
@ -99,7 +92,7 @@ done
#================================================= #=================================================
# YUNOHOST MULTIMEDIA INTEGRATION # YUNOHOST MULTIMEDIA INTEGRATION
#================================================= #=================================================
ynh_script_progression --message="Adding multimedia directories..." --weight=4 ynh_script_progression "Adding multimedia directories..."
# Build YunoHost multimedia directories # Build YunoHost multimedia directories
ynh_multimedia_build_main_dir ynh_multimedia_build_main_dir
@ -109,10 +102,10 @@ ynh_multimedia_addaccess $app
#================================================= #=================================================
# RESTORE THE FAIL2BAN CONFIGURATION # RESTORE THE FAIL2BAN CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Restoring the Fail2Ban configuration..." --weight=7 ynh_script_progression "Restoring the Fail2Ban configuration..."
ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf" ynh_restore "/etc/fail2ban/jail.d/$app.conf"
ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf" ynh_restore "/etc/fail2ban/filter.d/$app.conf"
# Make sure a log file exists (mostly for CI tests) # Make sure a log file exists (mostly for CI tests)
logfile="/var/log/$app/nextcloud.log" logfile="/var/log/$app/nextcloud.log"
@ -121,19 +114,17 @@ if [ ! -f "$logfile" ]; then
chown "$app:" "$logfile" chown "$app:" "$logfile"
fi fi
ynh_systemd_action --action=restart --service_name=fail2ban ynh_systemctl --action=restart --service=fail2ban
#=================================================
# GENERIC FINALIZATION
#================================================= #=================================================
# RELOAD NGINX # RELOAD NGINX
#================================================= #=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=3 ynh_script_progression "Reloading NGINX web server..."
ynh_systemd_action --service_name=nginx --action=reload ynh_systemctl --service=nginx --action=reload
#================================================= #=================================================
# END OF SCRIPT # END OF SCRIPT
#================================================= #=================================================
ynh_script_progression --message="Restoration completed for $app" --last ynh_script_progression "Restoration completed for $app"

102
scripts/upgrade
View file

@ -3,12 +3,14 @@
source _common.sh source _common.sh
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
upgrade_type=$(ynh_check_app_version_changed) ynh_app_setting_set_default --key=php_upload_max_filesize --value=10G
ynh_app_setting_set_default --key=php_memory_limit --value=512M
#================================================= #=================================================
# ENSURE DOWNWARD COMPATIBILITY # ENSURE DOWNWARD COMPATIBILITY
#================================================= #=================================================
ynh_script_progression --message="Ensuring downward compatibility..." ynh_script_progression "Ensuring downward compatibility..."
if [ -z ${system_addressbook_exposed:-} ]; then if [ -z ${system_addressbook_exposed:-} ]; then
ynh_app_setting_set --app=$app --key=system_addressbook_exposed --value=0 ynh_app_setting_set --app=$app --key=system_addressbook_exposed --value=0
@ -25,18 +27,16 @@ elif [ "${system_addressbook_exposed,,}" = "no" ]; then
fi fi
# Remove the option backup_core_only if it's in the settings.yml file # Remove the option backup_core_only if it's in the settings.yml file
ynh_app_setting_delete --app=$app --key=backup_core_only ynh_app_setting_delete --key=backup_core_only
phpflags="--define apc.enable_cli=1" phpflags="--define apc.enable_cli=1"
ynh_app_setting_set --app=$app --key=phpflags --value="$phpflags" ynh_app_setting_set --key=phpflags --value="$phpflags"
if ynh_compare_current_package_version --comparison lt --version 22.2~ynh1 if ynh_app_upgrading_from_version_before 22.2~ynh1
then then
ynh_die --message="Upgrading from Nextcloud < 22.2 is not supported anymore. You should first upgrade to 22.2 using: yunohost app upgrade nextcloud -u https://github.com/YunoHost-Apps/nextcloud_ynh/tree/41f5f902e7c7cd3c30a6793020562ba98b9bf3e9" ynh_die "Upgrading from Nextcloud < 22.2 is not supported anymore. You should first upgrade to 22.2 using: yunohost app upgrade nextcloud -u https://github.com/YunoHost-Apps/nextcloud_ynh/tree/41f5f902e7c7cd3c30a6793020562ba98b9bf3e9"
fi fi
#=================================================
# SPECIFIC UPGRADE
#================================================= #=================================================
# MAKE SEQUENTIAL UPGRADES FROM EACH MAJOR # MAKE SEQUENTIAL UPGRADES FROM EACH MAJOR
# VERSION TO THE NEXT ONE # VERSION TO THE NEXT ONE
@ -66,19 +66,19 @@ exec_occ() {
NEXTCLOUD_PHP_VERSION="7.4" NEXTCLOUD_PHP_VERSION="7.4"
fi fi
# NB : be super careful when designing this part of the code, because calling ynh_install_app_dependencies # NB : be super careful when designing this part of the code, because calling ynh_apt_install_dependencies
# will do magic regarding php configuration and $phpversion when the php version of the dependencies changes ... # will do magic regarding php configuration and $php_version when the php version of the dependencies changes ...
phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) php_version=$(ynh_app_setting_get --key=php_version)
if [[ "$NEXTCLOUD_PHP_VERSION" != "$phpversion" ]]; then if [[ "$NEXTCLOUD_PHP_VERSION" != "$php_version" ]]; then
local pkg_dependencies="$(dpkg-query --show --showformat='${Depends}' ${app}-ynh-deps)" local pkg_dependencies="$(dpkg-query --show --showformat='${Depends}' ${app}-ynh-deps)"
pkg_dependencies="${pkg_dependencies//$phpversion/$NEXTCLOUD_PHP_VERSION}" pkg_dependencies="${pkg_dependencies//$php_version/$NEXTCLOUD_PHP_VERSION}"
# Packaging v1 ~legacy : ynh_install_app_dependencies is designed to be called several times # Packaging v1 ~legacy : ynh_apt_install_dependencies is designed to be called several times
# but the second time it will *append* the list of dependencies rather than replace the existing dependencies # but the second time it will *append* the list of dependencies rather than replace the existing dependencies
# resulting in a crash when parsing what's the php version the app uses, hence we need to force the full-replacement # resulting in a crash when parsing what's the php version the app uses, hence we need to force the full-replacement
YNH_INSTALL_APP_DEPENDENCIES_REPLACE=true YNH_INSTALL_APP_DEPENDENCIES_REPLACE=true
ynh_install_app_dependencies "$pkg_dependencies" ynh_apt_install_dependencies "$pkg_dependencies"
fi fi
(cd "$install_dir" && ynh_exec_as "$app" \ (cd "$install_dir" && ynh_exec_as_app \
php$NEXTCLOUD_PHP_VERSION --define apc.enable_cli=1 occ --no-interaction --no-ansi "$@") 2> >(filter_boring_occ_warnings >&2) php$NEXTCLOUD_PHP_VERSION --define apc.enable_cli=1 occ --no-interaction --no-ansi "$@") 2> >(filter_boring_occ_warnings >&2)
} }
@ -90,7 +90,7 @@ create_external_storage() {
local mount_id=$(exec_occ files_external:create --output=json \ local mount_id=$(exec_occ files_external:create --output=json \
"$mount_name" 'local' 'null::null' -c "datadir=$mount_dir" || true) "$mount_name" 'local' 'null::null' -c "datadir=$mount_dir" || true)
! [[ $mount_id =~ ^[0-9]+$ ]] \ ! [[ $mount_id =~ ^[0-9]+$ ]] \
&& ynh_print_warn --message="Unable to create external storage" \ && ynh_print_warn "Unable to create external storage" \
|| exec_occ files_external:option "$mount_id" enable_sharing true || exec_occ files_external:option "$mount_id" enable_sharing true
} }
@ -117,11 +117,10 @@ function list_installed_apps_not_compatible_with_future_version()
comm -23 <(comm -23 $installed_apps $core_apps_in_current_version) $nextcloud_destination_appcatalog comm -23 <(comm -23 $installed_apps $core_apps_in_current_version) $nextcloud_destination_appcatalog
} }
current_version=$(grep OC_VersionString "$install_dir/version.php" | cut -d\' -f2) current_version=$(grep OC_VersionString "$install_dir/version.php" | cut -d\' -f2)
current_major_version=${current_version%%.*} current_major_version=${current_version%%.*}
last_version=$(ynh_read_manifest --manifest_key="resources.sources.main.url" | grep -o '[0-9][0-9]\.[0-9]\.[0-9]') last_version=$(ynh_read_manifest "resources.sources.main.url" | grep -o '[0-9][0-9]\.[0-9]\.[0-9]')
last_major_version=${last_version%%.*} last_major_version=${last_version%%.*}
if [[ "$last_major_version" != "$current_major_version" ]] if [[ "$last_major_version" != "$current_major_version" ]]
@ -129,13 +128,14 @@ then
installed_apps_not_compatible_with_future_version="$(list_installed_apps_not_compatible_with_future_version $last_major_version)" installed_apps_not_compatible_with_future_version="$(list_installed_apps_not_compatible_with_future_version $last_major_version)"
if [[ -n "$installed_apps_not_compatible_with_future_version" ]] if [[ -n "$installed_apps_not_compatible_with_future_version" ]]
then then
ynh_die --message="The following apps are not (yet?) compatible with Nextcloud $last_major_version. You should make sure to upgrade the app, or disable it, or wait for it to become compatible before running this upgrade : $installed_apps_not_compatible_with_future_version" ynh_die "The following apps are not (yet?) compatible with Nextcloud $last_major_version. You should make sure to upgrade the app, or disable it, or wait for it to become compatible before running this upgrade : $installed_apps_not_compatible_with_future_version"
fi fi
fi fi
if [ "$upgrade_type" == "UPGRADE_APP" ] # FIXME: this is still supported but the recommendation is now to *always* re-setup the app sources wether or not the upstream sources changed
if ynh_app_upstream_version_changed
then then
ynh_script_progression --message="Upgrading $app..." --weight=3 ynh_script_progression "Upgrading $app..."
# Set write access for the following commands # Set write access for the following commands
chown -R $app: "$install_dir" "$data_dir" chown -R $app: "$install_dir" "$data_dir"
@ -144,9 +144,9 @@ then
exec_occ -V exec_occ -V
if [ "$(exec_occ config:system:get mysql.utf8mb4)" != "true" ]; then if [ "$(exec_occ config:system:get mysql.utf8mb4)" != "true" ]; then
db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd) db_pwd=$(ynh_app_setting_get --key=db_pwd)
# Change your databases character set and collation # Change your databases character set and collation
ynh_mysql_connect_as --user=$db_user --password="$db_pwd" --database=$db_name \ ynh_mysql_db_shell \
<<< "ALTER DATABASE $db_name CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;" <<< "ALTER DATABASE $db_name CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;"
# Set the mysql.utf8mb4 config to true in config.php # Set the mysql.utf8mb4 config to true in config.php
exec_occ config:system:set mysql.utf8mb4 --type boolean --value="true" exec_occ config:system:set mysql.utf8mb4 --type boolean --value="true"
@ -169,11 +169,10 @@ then
next_major_version="$(( $current_major_version + 1 ))" next_major_version="$(( $current_major_version + 1 ))"
if [[ "$next_major_version" -ge "$last_major_version" ]]; then if [[ "$next_major_version" -ge "$last_major_version" ]]; then
ynh_print_info --message="Upgrading to Nextcloud $last_version" ynh_print_info "Upgrading to Nextcloud $last_version"
cp -a ../sources/patches_last_version/* ../sources/patches
source_id="main" source_id="main"
else else
ynh_print_info --message="Upgrading to Nextcloud $next_major_version" ynh_print_info "Upgrading to Nextcloud $next_major_version"
source_id="$next_major_version" source_id="$next_major_version"
fi fi
@ -203,7 +202,7 @@ then
) )
# Replace the old Nextcloud by the new one # Replace the old Nextcloud by the new one
ynh_secure_remove --file="$install_dir" ynh_safe_rm "$install_dir"
mv "$tmpdir" "$install_dir" mv "$tmpdir" "$install_dir"
# Set write access for the following commands # Set write access for the following commands
@ -212,7 +211,7 @@ then
# Upgrade Nextcloud (SUCCESS = 0, UP_TO_DATE = 3) # Upgrade Nextcloud (SUCCESS = 0, UP_TO_DATE = 3)
exec_occ maintenance:mode --off exec_occ maintenance:mode --off
exec_occ upgrade \ exec_occ upgrade \
|| [ $? -eq 3 ] || ynh_die --message="Unable to upgrade $app" || [ $? -eq 3 ] || ynh_die "Unable to upgrade $app"
# Get the new current version number # Get the new current version number
current_version=$(grep OC_VersionString "$install_dir/version.php" | cut -d\' -f2) current_version=$(grep OC_VersionString "$install_dir/version.php" | cut -d\' -f2)
@ -230,13 +229,13 @@ then
#================================================= #=================================================
# CONFIGURE NEXTCLOUD # CONFIGURE NEXTCLOUD
#================================================= #=================================================
ynh_script_progression --message="Reconfiguring $app..." --weight=9 ynh_script_progression "Reconfiguring $app..."
# Verify the checksum and backup the file if it's different # Verify the checksum and backup the file if it's different
ynh_backup_if_checksum_is_different --file="$install_dir/config/config.php" ynh_backup_if_checksum_is_different "$install_dir/config/config.php"
nc_conf="${install_dir}/config.json" nc_conf="${install_dir}/config.json"
ynh_add_config --template="config.json" --destination="$nc_conf" ynh_config_add --template="config.json" --destination="$nc_conf"
# Reneable the mail app # Reneable the mail app
if [ $mail_app_must_be_reactived -eq 1 ]; then if [ $mail_app_must_be_reactived -eq 1 ]; then
@ -267,7 +266,7 @@ then
exec_occ config:import "$nc_conf" exec_occ config:import "$nc_conf"
# Then remove the config file # Then remove the config file
ynh_secure_remove --file="$nc_conf" ynh_safe_rm "$nc_conf"
#================================================= #=================================================
# ALLOW USERS TO DISCONNECT FROM NEXTCLOUD # ALLOW USERS TO DISCONNECT FROM NEXTCLOUD
@ -315,68 +314,61 @@ then
#================================================= #=================================================
# Calculate and store the config file checksum into the app settings # Calculate and store the config file checksum into the app settings
ynh_store_file_checksum --file="${install_dir}/config/config.php" ynh_store_file_checksum "${install_dir}/config/config.php"
fi fi
#================================================= #=================================================
# REGEN PERMISSIONS # REGEN PERMISSIONS
#================================================= #=================================================
ynh_script_progression --message="Reapplying file permissions..." --weight=2 ynh_script_progression "Reapplying file permissions..."
# Fix app ownerships & permissions # Fix app ownerships & permissions
chown -R $app:www-data "$install_dir"
chown -R $app: "$data_dir" chown -R $app: "$data_dir"
find $install_dir/ -type f -print0 | xargs -r0 chmod 0644
find $install_dir/ -type d -print0 | xargs -r0 chmod 0755
find $data_dir/data/ -type f -print0 | xargs -r0 chmod 0640 find $data_dir/data/ -type f -print0 | xargs -r0 chmod 0640
find $data_dir/data/ -type d -print0 | xargs -r0 chmod 0750 find $data_dir/data/ -type d -print0 | xargs -r0 chmod 0750
chmod 640 "$install_dir/config/config.php" chmod 640 "$install_dir/config/config.php"
chmod 755 /home/yunohost.app #
chmod 750 $install_dir
#================================================= #=================================================
# REGEN SYSTEM CONFIGURATIONS # REGEN SYSTEM CONFIGURATIONS
#================================================= #=================================================
ynh_script_progression --message="Regenerating system configurations for $app..." --weight=2 ynh_script_progression "Regenerating system configurations for $app..."
#------------------------------------------------- #-------------------------------------------------
# PHP-FPM # PHP-FPM
#------------------------------------------------- #-------------------------------------------------
ynh_add_fpm_config ynh_config_add_phpfpm
#------------------------------------------------- #-------------------------------------------------
# NGINX # NGINX
#------------------------------------------------- #-------------------------------------------------
# Delete current NGINX configuration to be able to check if .well-known is already served. # Delete current NGINX configuration to be able to check if .well-known is already served.
ynh_backup_if_checksum_is_different --file="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_backup_if_checksum_is_different "/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_remove_nginx_config ynh_config_remove_nginx
ynh_app_setting_delete --app=$app --key="checksum__etc_nginx_conf.d_$domain.d_$app.conf" ynh_app_setting_delete --key="checksum__etc_nginx_conf.d_$domain.d_$app.conf"
# Wait untils NGINX has fully reloaded # Wait untils NGINX has fully reloaded
ynh_systemd_action --service_name=nginx --action=reload --line_match="Reloaded" --log_path="systemd" ynh_systemctl --service=nginx --action=reload --wait_until="Reloaded" --log_path="systemd"
# Check if .well-known is available for this domain # Check if .well-known is available for this domain
if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav" if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav"
then then
ynh_print_warn --message="Another app already uses the domain $domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book." ynh_print_warn "Another app already uses the domain $domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book."
# Remove lines about .well-known/carddav and caldav with sed. # Remove lines about .well-known/carddav and caldav with sed.
sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "../conf/nginx.conf" sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "../conf/nginx.conf"
fi fi
# Create a dedicated NGINX config # Create a dedicated NGINX config
ynh_add_nginx_config ynh_config_add_nginx
#================================================= #=================================================
# CRON JOB # CRON JOB
#================================================= #=================================================
cron_path="/etc/cron.d/$app" cron_path="/etc/cron.d/$app"
ynh_add_config --template="nextcloud.cron" --destination="$cron_path" ynh_config_add --template="nextcloud.cron" --destination="$cron_path"
chown root: "$cron_path"
chmod 644 "$cron_path"
exec_occ background:cron exec_occ background:cron
@ -384,17 +376,17 @@ exec_occ background:cron
# LOGROTATE # LOGROTATE
#================================================= #=================================================
ynh_use_logrotate --non-append ynh_config_add_logrotate
#================================================= #=================================================
# FAIL2BAN # FAIL2BAN
#================================================= #=================================================
# Create a dedicated Fail2Ban config # Create a dedicated Fail2Ban config
ynh_add_fail2ban_config --logpath="/var/log/$app/nextcloud.log" --failregex="^.*Login failed: '.*' \(Remote IP: '<HOST>'.*$" --max_retry=5 ynh_config_add_fail2ban --logpath="/var/log/$app/nextcloud.log" --failregex="^.*Login failed: '.*' \(Remote IP: '<HOST>'.*$"
#================================================= #=================================================
# END OF SCRIPT # END OF SCRIPT
#================================================= #=================================================
ynh_script_progression --message="Upgrade of $app completed" --last ynh_script_progression "Upgrade of $app completed"

0
sources/patches/.gitignore vendored
View file