diff --git a/README.md b/README.md index 73f1a0a..5ee58c0 100644 --- a/README.md +++ b/README.md @@ -30,7 +30,7 @@ this package: * Serve `/.well-known` paths for CalDAV and CardDAV on the domain only if it's not already served - i.e. by Baïkal -**Shipped version:** 27.1.2~ynh2 +**Shipped version:** 27.1.3~ynh1 **Demo:** https://demo.nextcloud.com/ @@ -38,31 +38,13 @@ this package: ![Screenshot of Nextcloud](./doc/screenshots/screenshot.png) -## Disclaimers / important information - -### Configure ONLYOFFICE integration - -#### With Nextcloud App (no ARM support, lower performance) - -Starting from Nextcloud 18, it features a direct integration of ONLYOFFICE (an online rich text document editor) through a Nextcloud app. -To install and configure it: -- Install *Community Document Server* application in your Nextcloud. That's the part that runs ONLYOFFICE server. -- Install *ONLYOFFICE* application. That's the client part that will connect to an ONLYOFFICE server. -- Then in Settings -> ONLYOFFICE (`https://yourdomain.tld/nextcloud/settings/admin/onlyoffice`), if you want to configure which file formats should be opened by ONLYOFFICE. -- Here you go :) You should be able to create new type of documents and open them. - -*NB: ONLYOFFICE Nextcloud App is only available for x86 architecture - for **ARM** architecture (Raspberry Pi, OLinuXino...), consider the YunoHost App below* - -#### With YunoHost App (ARM64 support, better performance) - -For better performance and ARM64 support, install ONLYOFFICE YunoHost App and connect it to Nextcloud, see the tutorial in the [doc of onlyoffice_ynh package](https://github.com/YunoHost-Apps/onlyoffice_ynh/blob/master/README_fr.md#configuration-de-onlyoffice-server) - ## Documentation and resources * Official app website: * Official user documentation: * Official admin documentation: * Upstream app code repository: +* YunoHost Store: * Report a bug: ## Developer info diff --git a/README_fr.md b/README_fr.md index e630327..c400f05 100644 --- a/README_fr.md +++ b/README_fr.md @@ -29,7 +29,7 @@ En plus des fonctionnalités principales de Nextcloud, les fonctionnalités suiv * Utilise l'adresse `/.well-known` pour la synchronisation CalDAV et CardDAV du domaine si aucun autre service ne l'utilise déjà - par exemple, Baïkal -**Version incluse :** 27.1.2~ynh2 +**Version incluse :** 27.1.3~ynh1 **Démo :** https://demo.nextcloud.com/ @@ -37,31 +37,13 @@ En plus des fonctionnalités principales de Nextcloud, les fonctionnalités suiv ![Capture d’écran de Nextcloud](./doc/screenshots/screenshot.png) -## Avertissements / informations importantes - -### Configurer l'intégration d'ONLYOFFICE - -#### Avec l'application Nextcloud (pas de support ARM, performances limitées) - -À partir de sa version 18, Nextcloud inclut une intégration directe de ONLYOFFICE (un éditeur de texte enrichi en ligne) via une application Nextcloud. -Pour l'installer et la configurer : -- Installez l'application *Community Document Server* dans votre Nextcloud. C'est la partie qui fait tourner un serveur ONLYOFFICE. -- Installez l'application *ONLYOFFICE*. C'est la partie cliente qui va se connecter au serveur ONLYOFFICE. -- Ensuite dans les Paramètres -> ONLYOFFICE (`https://yourdomain.tld/nextcloud/settings/admin/onlyoffice`), si vous voulez configurer quels formats de fichier s'ouvrent avec ONLYOFFICE. -- Et voilà :) Vous devriez pouvoir créer de nouveaux types de documents, et les ouvrir. - -*NB : l'app Nextcloud ONLYOFFICE Community Document Server n'est disponible que sous architecture x86 - Pour un support de l'architecture **ARM** (Raspberry Pi, OLinuXino...), installez plutôt l'App YunoHost, voir ci-dessous* - -#### Avec l'application YunoHost (support ARM64, meilleures performances) - -Pour de meilleures performances et le support de ARM64, installez l'app YunoHost ONLYOFFICE, voir le tutoriel dans la [doc du paquet onlyoffice_ynh](https://github.com/YunoHost-Apps/onlyoffice_ynh/blob/master/README_fr.md#configuration-de-onlyoffice-server) - ## Documentations et ressources * Site officiel de l’app : * Documentation officielle utilisateur : * Documentation officielle de l’admin : * Dépôt de code officiel de l’app : +* YunoHost Store: * Signaler un bug : ## Informations pour les développeurs diff --git a/check_process b/check_process deleted file mode 100644 index 2d2adce..0000000 --- a/check_process +++ /dev/null @@ -1,27 +0,0 @@ -;; Test complet - ; Manifest - domain="domain.tld" - path="/path" - admin="homer" - is_public=1 - user_home="1" - ; Checks - pkg_linter=1 - setup_sub_dir=1 - setup_root=1 - setup_nourl=0 - setup_private=1 - setup_public=1 - upgrade=1 - #26.0.3 - upgrade=1 from_commit=d02166a533dcf8aa82d49dbb6a3a2dd9a7411812 - backup_restore=1 - multi_instance=1 - change_url=1 -;;; Options -Email= -Notification=none -;;; Upgrade options - ; commit=d02166a533dcf8aa82d49dbb6a3a2dd9a7411812 - name=Merge pull request #495 from 26.0.3 - manifest_arg=domain=DOMAIN&path=PATH&admin=USER&user_home=1& diff --git a/conf/config.json b/conf/config.json index 9e1c8f0..1cd7f95 100644 --- a/conf/config.json +++ b/conf/config.json @@ -13,7 +13,23 @@ }, "hashing_default_password": true, "localstorage.allowsymlinks": true, - "simpleSignUpLink.shown": false + "simpleSignUpLink.shown": false, + "mail_smtpmode": "smtp", + "mail_smtpport": "25", + "mail_smtpauth": 1, + "mail_smtpname": "__APP__", + "mail_smtppassword": "__MAIL_PWD__", + "mail_sendmailmode": "smtp", + "mail_from_address": "__APP__", + "mail_domain": "__DOMAIN__", + "mail_smtphost": "localhost", + "mail_smtpstreamoptions": { + "ssl": { + "allow_self_signed": true, + "verify_peer": false, + "verify_peer_name": false + } + } }, "apps": { "user_ldap": { diff --git a/conf/config_install.json b/conf/config_install.json index 10db7cf..616c276 100644 --- a/conf/config_install.json +++ b/conf/config_install.json @@ -1,9 +1,9 @@ -{ - "system": { - "datadirectory": "__DATADIR__", - "trusted_domains": [ - "localhost", - "__DOMAIN__" - ] - } -} +{ + "system": { + "datadirectory": "__DATA_DIR__/data/", + "trusted_domains": [ + "localhost", + "__DOMAIN__" + ] + } +} diff --git a/conf/extra_php-fpm.conf b/conf/extra_php-fpm.conf index 4e9d349..feee90b 100644 --- a/conf/extra_php-fpm.conf +++ b/conf/extra_php-fpm.conf @@ -8,7 +8,7 @@ php_value[default_charset] = UTF-8 ; OPcache is already activated by default ; php_value[opcache.enable]=1 ; The following parameters are nevertheless recommended for Nextcloud -; see here: https://docs.nextcloud.com/server/15/admin_manual/installation/server_tuning.html#enable-php-opcache +; see here: https://docs.nextcloud.com/server/20/admin_manual/installation/server_tuning.html#enable-php-opcache php_value[opcache.enable_cli]=1 php_value[opcache.interned_strings_buffer]=32 php_value[opcache.max_accelerated_files]=10000 diff --git a/conf/nextcloud.cron b/conf/nextcloud.cron index a2be7ed..31bfe2f 100644 --- a/conf/nextcloud.cron +++ b/conf/nextcloud.cron @@ -1 +1 @@ -*/5 * * * * __APP__ /usr/bin/php__PHPVERSION__ --define apc.enable_cli=1 -f __FINAL_PATH__/cron.php +*/5 * * * * __APP__ /usr/bin/php__PHPVERSION__ --define apc.enable_cli=1 -f __INSTALL_DIR__/cron.php diff --git a/conf/nginx.conf b/conf/nginx.conf index 2033e27..36de478 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -12,27 +12,20 @@ location ^~ /.well-known { location = /.well-known/webfinger { return 301 __PATH__/index.php$uri; } location = /.well-known/nodeinfo { return 301 __PATH__/index.php$uri; } - try_files $uri $uri/ =404; + # Let Nextcloud's API for `/.well-known` URIs handle all other + # requests by passing them to the front-end controller. + return 301 __PATH__/index.php$request_uri; } #sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; location ^~ __PATH__/ { # Path to source - alias __FINALPATH__/; + alias __INSTALL_DIR__/; - # Add headers to serve security related headers - more_set_headers "Strict-Transport-Security: max-age=15768000; includeSubDomains; preload;"; - more_set_headers "Referrer-Policy: no-referrer"; - more_set_headers "X-Content-Type-Options: nosniff"; - more_set_headers "X-Download-Options: noopen"; - more_set_headers "X-Frame-Options: SAMEORIGIN"; - more_set_headers "X-Permitted-Cross-Domain-Policies: none"; - more_set_headers "X-Robots-Tag: noindex, nofollow"; - more_set_headers "X-XSS-Protection: 1; mode=block"; - - # Set max upload size + # set max upload size and increase upload timeout: client_max_body_size 10G; + client_body_timeout 300s; fastcgi_buffers 64 4K; # Enable gzip but do not remove ETag headers @@ -52,6 +45,16 @@ location ^~ __PATH__/ { # for tunning hints client_body_buffer_size 512k; + # HTTP response headers borrowed from Nextcloud `.htaccess` + more_set_headers "Strict-Transport-Security: max-age=15768000; includeSubDomains; preload;"; + more_set_headers "Referrer-Policy: no-referrer"; + more_set_headers "X-Content-Type-Options: nosniff"; + more_set_headers "X-Download-Options: noopen"; + more_set_headers "X-Frame-Options: SAMEORIGIN"; + more_set_headers "X-Permitted-Cross-Domain-Policies: none"; + more_set_headers "X-Robots-Tag: noindex, nofollow"; + more_set_headers "X-XSS-Protection: 1; mode=block"; + # Remove X-Powered-By, which is an information leak fastcgi_hide_header X-Powered-By; @@ -79,7 +82,7 @@ location ^~ __PATH__/ { log_not_found off; access_log off; } - + # Rules borrowed from `.htaccess` to hide certain paths from clients location ~ ^__PATH__/(?:build|tests|config|lib|3rdparty|templates|data)(?:$|/) { return 404; } location ~ ^__PATH__/(?:\.|autotest|occ|issue|indie|db_|console) { return 404; } @@ -90,8 +93,6 @@ location ^~ __PATH__/ { # `/nextcloud/index.php` to the URI, resulting in a HTTP 500 error response. location ~ \.php(?:$|/) { # Required for legacy support - # https://github.com/nextcloud/documentation/pull/2197#issuecomment-721432337 - # This line fix the ldap admin page rewrite ^__PATH__/(?!index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|ocs-provider\/.+|.+\/richdocumentscode\/proxy) __PATH__/index.php$request_uri; fastcgi_split_path_info ^(.+?\.php)(/.*)$; @@ -106,18 +107,28 @@ location ^~ __PATH__/ { fastcgi_param modHeadersAvailable true; # Avoid sending the security headers twice fastcgi_param front_controller_active true; # Enable pretty urls - fastcgi_param HTTP_ACCEPT_ENCODING ""; # Disable encoding of nextcloud response to inject ynh scripts + fastcgi_param HTTP_ACCEPT_ENCODING ""; # Disable encoding of Nextcloud response to inject ynh scripts fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock; + fastcgi_intercept_errors on; fastcgi_request_buffering off; + + fastcgi_read_timeout 600; + fastcgi_send_timeout 600; + fastcgi_connect_timeout 600; + proxy_connect_timeout 600; + proxy_send_timeout 600; + proxy_read_timeout 600; + send_timeout 600; } location ~ ^__PATH__/(?:updater|ocs-provider)(?:$|/) { try_files $uri/ =404; index index.php; } - - location ~ \.(?:css|js|svg|gif|png|jpg|ico|wasm|tflite|map)$ { + + # Serve static files + location ~ \.(?:css|js|mjs|svg|gif|png|jpg|ico|wasm|tflite|map)$ { try_files $uri / __PATH__/index.php$request_uri; expires 6M; # Cache-Control policy borrowed from `.htaccess` access_log off; # Optional: Don't log access to assets @@ -133,6 +144,11 @@ location ^~ __PATH__/ { access_log off; # Optional: Don't log access to assets } + # Rule borrowed from `.htaccess` + location __PATH__/remote { + return 301 __PATH__/remote.php$request_uri; + } + location ~ / { if ($request_method ~ ^(PUT|DELETE|PATCH)$) { rewrite ^ __PATH__/index.php$request_uri last; diff --git a/doc/DISCLAIMER.md b/doc/ADMIN.md similarity index 63% rename from doc/DISCLAIMER.md rename to doc/ADMIN.md index a6d6711..ef43357 100644 --- a/doc/DISCLAIMER.md +++ b/doc/ADMIN.md @@ -1,13 +1,18 @@ +### How to use CLI commande + +`sudo -u __APP__ php__YNH_PHP_VERSION__ --define apc.enable_cli=1 __INSTALL_DIR__/occ ...` + +or use `sudo yunohost app shell __APP__` then run `php occ ...` + ### Configure ONLYOFFICE integration #### With Nextcloud App (no ARM support, lower performance) -Starting from Nextcloud 18, it features a direct integration of ONLYOFFICE (an online rich text document editor) through a Nextcloud app. +Nextcloud features a direct integration of ONLYOFFICE (an online rich text document editor) through a Nextcloud app. To install and configure it: - Install *Community Document Server* application in your Nextcloud. That's the part that runs ONLYOFFICE server. - Install *ONLYOFFICE* application. That's the client part that will connect to an ONLYOFFICE server. -- Then in Settings -> ONLYOFFICE (`https://yourdomain.tld/nextcloud/settings/admin/onlyoffice`), if you want to configure which file formats should be opened by ONLYOFFICE. -- Here you go :) You should be able to create new type of documents and open them. +- Then in Settings -> ONLYOFFICE (`https://__DOMAIN____PATH__/settings/admin/onlyoffice`), if you want to configure which file formats should be opened by ONLYOFFICE. *NB: ONLYOFFICE Nextcloud App is only available for x86 architecture - for **ARM** architecture (Raspberry Pi, OLinuXino...), consider the YunoHost App below* diff --git a/doc/DISCLAIMER_fr.md b/doc/ADMIN_fr.md similarity index 65% rename from doc/DISCLAIMER_fr.md rename to doc/ADMIN_fr.md index 2110000..c617ce3 100644 --- a/doc/DISCLAIMER_fr.md +++ b/doc/ADMIN_fr.md @@ -1,13 +1,18 @@ +### Comment utiliser la commande CLI + +`sudo -u __APP__ php__YNH_PHP_VERSION__ --define apc.enable_cli=1 __INSTALL_DIR__/occ ...` + +ou utilisez `sudo yunohost app shell __APP__` puis `php occ ...` + ### Configurer l'intégration d'ONLYOFFICE #### Avec l'application Nextcloud (pas de support ARM, performances limitées) -À partir de sa version 18, Nextcloud inclut une intégration directe de ONLYOFFICE (un éditeur de texte enrichi en ligne) via une application Nextcloud. +Nextcloud inclut une intégration directe de ONLYOFFICE (un éditeur de texte enrichi en ligne) via une application Nextcloud. Pour l'installer et la configurer : - Installez l'application *Community Document Server* dans votre Nextcloud. C'est la partie qui fait tourner un serveur ONLYOFFICE. - Installez l'application *ONLYOFFICE*. C'est la partie cliente qui va se connecter au serveur ONLYOFFICE. -- Ensuite dans les Paramètres -> ONLYOFFICE (`https://yourdomain.tld/nextcloud/settings/admin/onlyoffice`), si vous voulez configurer quels formats de fichier s'ouvrent avec ONLYOFFICE. -- Et voilà :) Vous devriez pouvoir créer de nouveaux types de documents, et les ouvrir. +- Ensuite dans les Paramètres -> ONLYOFFICE (`https://__DOMAIN____PATH__/settings/admin/onlyoffice`), si vous voulez configurer quels formats de fichier s'ouvrent avec ONLYOFFICE. *NB : l'app Nextcloud ONLYOFFICE Community Document Server n'est disponible que sous architecture x86 - Pour un support de l'architecture **ARM** (Raspberry Pi, OLinuXino...), installez plutôt l'App YunoHost, voir ci-dessous* diff --git a/doc/DESCRIPTION.md b/doc/DESCRIPTION.md index 4a3dbc8..3d35dc4 100644 --- a/doc/DESCRIPTION.md +++ b/doc/DESCRIPTION.md @@ -2,8 +2,7 @@ Nextcloud Hub is a fully open-source on-premises content collaboration platform. ### YunoHost-specific features -In addition to Nextcloud core features, the following are made available with -this package: +In addition to Nextcloud core features, the following are made available with this package: * Integrate with YunoHost users and SSO - i.e. logout button * Allow one user to be the administrator (set at the installation) diff --git a/manifest.json b/manifest.json deleted file mode 100644 index 424a878..0000000 --- a/manifest.json +++ /dev/null @@ -1,70 +0,0 @@ -{ - "id": "nextcloud", - "name": "Nextcloud", - "packaging_format": 1, - "description": { - "en": "Online storage, file sharing platform and various other applications", - "fr": "Stockage en ligne, plateforme de partage de fichiers et diverses autres applications" - }, - "version": "27.1.2~ynh2", - "url": "https://nextcloud.com", - "upstream": { - "license": "AGPL-3.0", - "website": "https://nextcloud.com", - "demo": "https://demo.nextcloud.com/", - "admindoc": "https://docs.nextcloud.com/server/stable/admin_manual/", - "userdoc": "https://docs.nextcloud.com/server/latest/user_manual/en/", - "code": "https://github.com/nextcloud/server", - "cpe": "cpe:2.3:a:nextcloud:nextcloud" - }, - "license": "AGPL-3.0", - "maintainer": { - "name": "kay0u", - "email": "pierre@kayou.io" - }, - "requirements": { - "yunohost": ">= 11.2" - }, - "multi_instance": true, - "services": [ - "nginx", - "php8.1-fpm", - "mysql" - ], - "arguments": { - "install": [ - { - "name": "domain", - "type": "domain" - }, - { - "name": "path", - "type": "path", - "example": "/nextcloud", - "default": "/nextcloud" - }, - { - "name": "admin", - "type": "user" - }, - { - "name": "is_public", - "type": "boolean", - "help": { - "en": "You need to enable public if you want to connect Nextcloud Desktop client to Nextcloud server. This can be changed later via the webadmin.", - "fr": "Vous devez cocher cette case si vous souhaitez connecter le client Nextcloud Desktop au serveur Nextcloud. Cela peut être modifié ultérieurement via l'administrateur Web." - }, - "default": true - }, - { - "name": "user_home", - "type": "boolean", - "ask": { - "en": "Access the users home folder from Nextcloud?", - "fr": "Accéder au dossier personnel des utilisateurs depuis Nextcloud ?" - }, - "default": false - } - ] - } -} \ No newline at end of file diff --git a/manifest.toml b/manifest.toml new file mode 100644 index 0000000..fccf19c --- /dev/null +++ b/manifest.toml @@ -0,0 +1,77 @@ +packaging_format = 2 + +id = "nextcloud" +name = "Nextcloud" +description.en = "Online storage, file sharing platform and various other applications" +description.fr = "Stockage en ligne, plateforme de partage de fichiers et diverses autres applications" + +version = "27.1.3~ynh1" + +maintainers = ["kay0u"] + +[upstream] +license = "AGPL-3.0" +website = "https://nextcloud.com" +demo = "https://demo.nextcloud.com/" +admindoc = "https://docs.nextcloud.com/server/stable/admin_manual/" +userdoc = "https://docs.nextcloud.com/server/latest/user_manual/en/" +code = "https://github.com/nextcloud/server" +cpe = "cpe:2.3:a:nextcloud:nextcloud" + +[integration] +yunohost = ">= 11.2" +architectures = ["amd64", "arm64", "armhf"] +multi_instance = true +ldap = true +sso = true +disk = "50M" +ram.build = "500M" +ram.runtime = "512M" + +[install] + [install.domain] + type = "domain" + + [install.path] + type = "path" + default = "/nextcloud" + + [install.admin] + type = "user" + + [install.init_main_permission] + help.en = "You must activate 'Visitors' if you want to connect Nextcloud Desktop client to Nextcloud server. This can be changed later via the webadmin." + help.fr = "Vous devez activer 'Visiteurs' si vous souhaitez connecter le client Nextcloud Desktop au serveur Nextcloud. Cela peut être modifié ultérieurement via l'administrateur Web." + type = "group" + default = "visitors" + + [install.user_home] + ask.en = "Access the users home folder from Nextcloud?" + ask.fr = "Accéder au dossier personnel des utilisateurs depuis Nextcloud ?" + type = "boolean" + default = false + +[resources] + [resources.system_user] + allow_email = true + + [resources.install_dir] + + [resources.data_dir] + subdirs = ["data"] + + [resources.permissions] + main.url = "/" + + api.url = "re:__DOMAIN__\\/.well-known\\/.*" + api.auth_header = false + api.show_tile = false + api.protected= true + api.allowed = ["visitors", "all_users"] + + [resources.apt] + packages = "mariadb-server, imagemagick, libmagickcore-6.q16-6-extra, acl, tar, smbclient, at, php8.2-fpm, php8.2-bz2, php8.2-imap, php8.2-gmp, php8.2-gd, php8.2-intl, php8.2-curl, php8.2-apcu, php8.2-redis, php8.2-ldap, php8.2-imagick, php8.2-zip, php8.2-mbstring, php8.2-xml, php8.2-mysql, php8.2-igbinary, php8.2-bcmath" + + [resources.database] + type = "mysql" + \ No newline at end of file diff --git a/scripts/_common.sh b/scripts/_common.sh index 669e9ba..19e6a36 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -4,12 +4,6 @@ # COMMON VARIABLES #================================================= -YNH_PHP_VERSION="8.2" - -php_dependencies="php${YNH_PHP_VERSION}-fpm php${YNH_PHP_VERSION}-bz2 php${YNH_PHP_VERSION}-imap php${YNH_PHP_VERSION}-gmp php${YNH_PHP_VERSION}-gd php${YNH_PHP_VERSION}-intl php${YNH_PHP_VERSION}-curl php${YNH_PHP_VERSION}-apcu php${YNH_PHP_VERSION}-redis php${YNH_PHP_VERSION}-ldap php${YNH_PHP_VERSION}-imagick php${YNH_PHP_VERSION}-zip php${YNH_PHP_VERSION}-mbstring php${YNH_PHP_VERSION}-xml php${YNH_PHP_VERSION}-mysql php${YNH_PHP_VERSION}-igbinary php${YNH_PHP_VERSION}-bcmath" - -pkg_dependencies="imagemagick libmagickcore-6.q16-6-extra acl tar smbclient at $php_dependencies" - #================================================= # EXPERIMENTAL HELPERS #================================================= @@ -46,7 +40,6 @@ is_url_handled() { fi } - #================================================= # Check available space before creating a temp directory. diff --git a/scripts/backup b/scripts/backup index 6fd1086..924f0bd 100755 --- a/scripts/backup +++ b/scripts/backup @@ -10,26 +10,6 @@ source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers source ../settings/scripts/_ynh_mysql_dump_db.sh -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= - -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# LOAD SETTINGS -#================================================= -ynh_print_info --message="Loading installation settings..." - -app=$YNH_APP_INSTANCE_NAME - -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -domain=$(ynh_app_setting_get --app=$app --key=domain) -db_name=$(ynh_app_setting_get --app=$app --key=db_name) -phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) -datadir=$(ynh_app_setting_get --app=$app --key=datadir) - #================================================= # DECLARE DATA AND CONF FILES TO BACKUP #================================================= @@ -39,7 +19,13 @@ ynh_print_info --message="Declaring files to be backed up..." # BACKUP THE APP MAIN DIR #================================================= -ynh_backup --src_path="$final_path" +ynh_backup --src_path="$install_dir" + +#================================================= +# BACKUP THE DATA DIRECTORY +#================================================= + +ynh_backup --src_path="$data_dir" --is_big #================================================= # BACKUP THE NGINX CONFIGURATION @@ -53,13 +39,6 @@ ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" -#================================================= -# BACKUP THE MYSQL DATABASE -#================================================= -ynh_print_info --message="Backing up the MySQL database..." - -ynh_mysql_dump_db --database="$db_name" --default_character_set="utf8mb4" > db.sql - #================================================= # SPECIFIC BACKUP #================================================= @@ -82,11 +61,11 @@ ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf" ynh_backup --src_path="/etc/cron.d/$app" #================================================= -# BACKUP THE DATA DIRECTORY +# BACKUP THE MYSQL DATABASE #================================================= -ynh_print_info --message="Backing up data directory..." +ynh_print_info --message="Backing up the MySQL database..." -ynh_backup --src_path="$datadir" --is_big +ynh_mysql_dump_db --database="$db_name" --default_character_set="utf8mb4" > db.sql #================================================= # END OF SCRIPT diff --git a/scripts/change_url b/scripts/change_url index e4e3696..0d8a142 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -9,99 +9,21 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# RETRIEVE ARGUMENTS -#================================================= - -old_domain=$YNH_APP_OLD_DOMAIN -old_path=$YNH_APP_OLD_PATH - -new_domain=$YNH_APP_NEW_DOMAIN -new_path=$YNH_APP_NEW_PATH - -app=$YNH_APP_INSTANCE_NAME - -#================================================= -# LOAD SETTINGS -#================================================= -ynh_script_progression --message="Loading installation settings..." - -# Needed for helper "ynh_add_nginx_config" -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) - -#================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP -#================================================= -ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=1 - -# Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { - # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location. - ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" - - # Restore it if the upgrade fails - ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# CHECK WHICH PARTS SHOULD BE CHANGED -#================================================= - -change_domain=0 -if [ "$old_domain" != "$new_domain" ] -then - change_domain=1 -fi - -change_path=0 -if [ "$old_path" != "$new_path" ] -then - change_path=1 -fi - -#================================================= -# STANDARD MODIFICATIONS #================================================= # MODIFY URL IN NGINX CONF #================================================= ynh_script_progression --message="Updating NGINX web server configuration..." --weight=2 -nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf - -# Change the path in the NGINX config file -if [ $change_path -eq 1 ] -then - # Make a backup of the original NGINX config file if modified - ynh_backup_if_checksum_is_different --file="$nginx_conf_path" - # Set global variables for NGINX helper - domain="$old_domain" - path_url="$new_path" - # Create a dedicated NGINX config - ynh_add_nginx_config -fi - -# Change the domain for NGINX -if [ $change_domain -eq 1 ] -then - # Delete file checksum for the old conf file location - ynh_delete_file_checksum --file="$nginx_conf_path" - mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf - # Store file checksum for the new config file location - ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" -fi +ynh_change_url_nginx_config #================================================= # SPECIFIC MODIFICATIONS #================================================= -ynh_script_progression --message="Applying Nextcloud specific modifications..." --weight=2 +ynh_script_progression --message="Applying $app specific modifications..." --weight=2 # Define a function to execute commands with `occ` exec_occ() { - (cd "$final_path" && ynh_exec_as "$app" \ + (cd "$install_dir" && ynh_exec_as "$app" \ php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi "$@") } @@ -119,7 +41,7 @@ then # Check if .well-known is available for this domain if is_url_handled --domain="$new_domain" --path="/.well-known/caldav" || is_url_handled --domain="$new_domain" --path="/.well-known/carddav" then - ynh_print_warn --message="Another app already uses the domain $new_domain to serve a caldav/carddav feature. You may encounter issues when dealing with your calendar or address book." + ynh_print_warn --message="Another app already uses the domain $new_domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book." # Remove lines about .well-known/carddav and caldav with sed. sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "/etc/nginx/conf.d/$new_domain.d/$app.conf" @@ -127,15 +49,6 @@ then fi fi -#================================================= -# GENERIC FINALISATION -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." - -ynh_systemd_action --service_name=nginx --action=reload - #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/config b/scripts/config index 7b6b67e..5a7a2ac 100644 --- a/scripts/config +++ b/scripts/config @@ -24,7 +24,7 @@ current_fpm_footprint=$(ynh_app_setting_get --app=$app --key=fpm_footprint) get__maintenance_mode() { # Maintenance mode status - maintenance_mode_status="$(cd "$final_path" && ynh_exec_as "$app" \ + maintenance_mode_status="$(cd "$install_dir" && ynh_exec_as "$app" \ php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi maintenance:mode)" 2> /dev/null if echo $maintenance_mode_status | grep -q "disabled" then @@ -68,12 +68,12 @@ get__free_footprint() { set__maintenance_mode() { if [ "$maintenance_mode" -eq "0" ]; then # If maintenance_mode was set to 0, disable maintenance mode - (cd "$final_path" && ynh_exec_as "$app" \ + (cd "$install_dir" && ynh_exec_as "$app" \ php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi maintenance:mode --off) ynh_print_info "Maintenance mode disabled" elif [ "$maintenance_mode" -eq "1" ]; then # If maintenance_mode was set to 1, enable maintenance mode - (cd "$final_path" && ynh_exec_as "$app" \ + (cd "$install_dir" && ynh_exec_as "$app" \ php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi maintenance:mode --on) ynh_print_info "Maintenance mode enabled" fi diff --git a/scripts/install b/scripts/install index 102e984..7b11cfb 100755 --- a/scripts/install +++ b/scripts/install @@ -11,73 +11,29 @@ source /usr/share/yunohost/helpers source _ynh_mysql_connect_as.sh #================================================= -# MANAGE SCRIPT FAILURE +# STORE SETTINGS FROM MANIFEST #================================================= -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# RETRIEVE ARGUMENTS FROM THE MANIFEST -#================================================= - -domain=$YNH_APP_ARG_DOMAIN -path_url=$YNH_APP_ARG_PATH -admin=$YNH_APP_ARG_ADMIN -user_home=$YNH_APP_ARG_USER_HOME -is_public=$YNH_APP_ARG_IS_PUBLIC -phpversion=$YNH_PHP_VERSION - -app=$YNH_APP_INSTANCE_NAME - -#================================================= -# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS -#================================================= -ynh_script_progression --message="Validating installation parameters..." - -final_path=/var/www/$app -test ! -e "$final_path" || ynh_die --message="This path already contains a folder" - -# Register (book) web path -ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url - -# Check machine architecture (Nextcloud will soon deprecate 32-bit support) -if [ $YNH_ARCH == "i386" ] || [ $YNH_ARCH == "armhf" ] -then - ynh_print_warn --message="Nextcloud will soon deprecate 32-bit support. It is recommended to upgrade to a 64-bit architecture." -fi +maintenance_mode=0 +fpm_footprint="high" +fpm_free_footprint=0 +fpm_usage="medium" +phpflags="--define apc.enable_cli=1" #================================================= # STORE SETTINGS FROM MANIFEST #================================================= -ynh_script_progression --message="Storing installation settings..." -ynh_app_setting_set --app=$app --key=domain --value=$domain -ynh_app_setting_set --app=$app --key=path --value=$path_url -ynh_app_setting_set --app=$app --key=admin --value=$admin -ynh_app_setting_set --app=$app --key=user_home --value=$user_home - -maintenance_mode=0 ynh_app_setting_set --app=$app --key=maintenance_mode --value=$maintenance_mode - -#================================================= -# STANDARD MODIFICATIONS -#================================================= -# INSTALL DEPENDENCIES -#================================================= -ynh_script_progression --message="Installing dependencies..." --weight=10 - -ynh_install_app_dependencies $pkg_dependencies +ynh_app_setting_set --app=$app --key=fpm_footprint --value=$fpm_footprint +ynh_app_setting_set --app=$app --key=fpm_free_footprint --value=$fpm_free_footprint +ynh_app_setting_set --app=$app --key=fpm_usage --value=$fpm_usage +ynh_app_setting_set --app=$app --key=phpflags --value=$phpflags #================================================= # CREATE A MYSQL DATABASE #================================================= -ynh_script_progression --message="Creating a MySQL database..." --weight=2 - -db_name=$(ynh_sanitize_dbid --db_name=$app) -db_user=$db_name -ynh_app_setting_set --app=$app --key=db_name --value=$db_name -ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name +ynh_script_progression --message="Migrate MySQL database to utf8..." --weight=2 ynh_mysql_connect_as --user=$db_user --password="$db_pwd" --database=$db_name \ <<< "ALTER DATABASE $db_name CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;" @@ -85,7 +41,7 @@ ynh_mysql_connect_as --user=$db_user --password="$db_pwd" --database=$db_name \ #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= -ynh_script_progression --message="Setting up source files..." +ynh_script_progression --message="Setting up source files..." --weight=5 # Load the last available version source upgrade.d/upgrade.last.sh @@ -99,37 +55,18 @@ SOURCE_FORMAT=tar.bz2 SOURCE_IN_SUBDIR=true EOF -ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Enable YunoHost patches on Nextcloud sources cp -a ../sources/patches_last_version/* ../sources/patches # Download, check integrity, uncompress and patch the source from app.src -ynh_setup_source --dest_dir="$final_path" - -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." --weight=3 - -# Create a system user -ynh_system_user_create --username=$app +ynh_setup_source --dest_dir="$install_dir" #================================================= # PHP-FPM CONFIGURATION #================================================= ynh_script_progression --message="Configuring PHP-FPM..." --weight=50 -fpm_footprint="high" -fpm_free_footprint=0 -fpm_usage="medium" - -ynh_app_setting_set --app=$app --key=fpm_footprint --value=$fpm_footprint -ynh_app_setting_set --app=$app --key=fpm_free_footprint --value=$fpm_free_footprint -ynh_app_setting_set --app=$app --key=fpm_usage --value=$fpm_usage - -# Create a dedicated php-fpm config -ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint --phpversion=$YNH_PHP_VERSION -# Used by ynh_add_nginx_config -phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) +# Create a dedicated PHP-FPM config +ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint #================================================= # NGINX CONFIGURATION @@ -139,7 +76,7 @@ ynh_script_progression --message="Configuring NGINX web server..." --weight=2 # Check if .well-known is available for this domain if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav" then - ynh_print_warn --message="Another app already uses the domain $domain to serve a caldav/carddav feature. You may encounter issues when dealing with your calendar or address book." + ynh_print_warn --message="Another app already uses the domain $domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book." # Remove lines about .well-known/carddav and caldav with sed. sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "../conf/nginx.conf" @@ -148,37 +85,23 @@ fi # Create a dedicated NGINX config ynh_add_nginx_config -#================================================= -# SPECIFIC SETUP -#================================================= -# CREATE THE DATA DIRECTORY -#================================================= -ynh_script_progression --message="Creating a data directory..." --weight=1 - -# Define app's data directory -datadir="/home/yunohost.app/$app/data" -ynh_app_setting_set --app=$app --key=datadir --value=$datadir - -# Create app folders -mkdir -p "$datadir" - #================================================= # INSTALL NEXTCLOUD #================================================= -ynh_script_progression --message="Installing Nextcloud..." --weight=30 +ynh_script_progression --message="Installing $app..." --weight=30 # Define a function to execute commands with `occ` exec_occ() { - (cd "$final_path" && ynh_exec_as "$app" \ + (cd "$install_dir" && ynh_exec_as "$app" \ php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi "$@") } # Set write access for the following commands -chown -R $app: "$final_path" "$datadir" +chown -R $app: "$install_dir" "$data_dir" # Define password in an intermediate var # The fact that it's called _password allows it to be -# picked up by Yunohost's auto-redact mecanism +# picked up by YunoHost's auto-redact mecanism admin_password="$(ynh_string_random --length=6)" # Install Nextcloud using a temporary admin user @@ -186,13 +109,13 @@ exec_occ maintenance:install \ --database "mysql" --database-name $db_name \ --database-user $db_user --database-pass "$db_pwd" \ --admin-user "admin" --admin-pass "$admin_password" \ - --data-dir "$datadir" \ + --data-dir "$data_dir/data" \ || ynh_die --message="Unable to install Nextcloud" #================================================= # CONFIGURE NEXTCLOUD #================================================= -ynh_script_progression --message="Configuring Nextcloud..." --weight=8 +ynh_script_progression --message="Configuring $app..." --weight=8 # Set the mysql.utf8mb4 config to true in config.php exec_occ config:system:set mysql.utf8mb4 --type boolean --value="true" @@ -205,7 +128,7 @@ exec_occ app:enable user_ldap exec_occ ldap:create-empty-config # Load the installation config file in Nextcloud -nc_conf="$final_path/config_install.json" +nc_conf="$install_dir/config_install.json" ynh_add_config --template="../conf/config_install.json" --destination="$nc_conf" exec_occ config:import "$nc_conf" @@ -214,7 +137,7 @@ exec_occ config:import "$nc_conf" ynh_secure_remove --file="$nc_conf" # Load the additional config file (used also for upgrade) -nc_conf="$final_path/config.json" +nc_conf="$install_dir/config.json" ynh_add_config --template="../conf/config.json" --destination="$nc_conf" exec_occ config:import "$nc_conf" @@ -240,7 +163,7 @@ create_external_storage() { local datadir="$1" local mount_name="$2" local mount_id=`exec_occ files_external:create --output=json \ - "$mount_name" 'local' 'null::null' -c "datadir=$datadir" || true` + "$mount_name" 'local' 'null::null' -c "datadir=$data_dir/data" || true` ! [[ $mount_id =~ ^[0-9]+$ ]] \ && ynh_print_warn --message="Unable to create external storage" \ || exec_occ files_external:option "$mount_id" enable_sharing true @@ -269,7 +192,7 @@ exec_occ config:system:get logout_url >/dev/null 2>&1 \ \$main_domain = exec('cat /etc/yunohost/current_host'); \$CONFIG['logout_url'] = 'https://'.\$main_domain.'/yunohost/sso/?action=logout'; //-YunoHost- -" >> "$final_path/config/config.php" +" >> "$install_dir/config/config.php" #================================================= # CHANGE HOSTNAME FOR ACTIVITY NOTIFICATIONS @@ -292,7 +215,7 @@ exec_occ user:delete admin #================================================= # Calculate and store the config file checksum into the app settings -ynh_store_file_checksum --file="$final_path/config/config.php" +ynh_store_file_checksum --file="$install_dir/config/config.php" #================================================= # ADD A CRON JOB @@ -334,23 +257,23 @@ ynh_multimedia_addaccess $app #================================================= # Fix app ownerships & permissions -chown -R $app:www-data "$final_path" -chown -R $app: "$datadir" -find $final_path/ -type f -print0 | xargs -r0 chmod 0644 -find $final_path/ -type d -print0 | xargs -r0 chmod 0755 -find $datadir/ -type f -print0 | xargs -r0 chmod 0640 -find $datadir/ -type d -print0 | xargs -r0 chmod 0750 -chmod 640 "$final_path/config/config.php" +chown -R $app:www-data "$install_dir" +chown -R $app: "$data_dir" +find $install_dir/ -type f -print0 | xargs -r0 chmod 0644 +find $install_dir/ -type d -print0 | xargs -r0 chmod 0755 +find $data_dir/data/ -type f -print0 | xargs -r0 chmod 0640 +find $data_dir/data/ -type d -print0 | xargs -r0 chmod 0750 +chmod 640 "$install_dir/config/config.php" chmod 755 /home/yunohost.app -chmod 750 $final_path +chmod 750 $install_dir #================================================= # SETUP LOGROTATE #================================================= -ynh_script_progression --message="Configuring log rotation..." +ynh_script_progression --message="Configuring log rotation..." --weight=1 # Use logrotate to manage application logfile(s) -ynh_use_logrotate --logfile="$datadir/nextcloud.log" +ynh_use_logrotate --logfile="$data_dir/data/nextcloud.log" #================================================= # SETUP FAIL2BAN @@ -358,27 +281,7 @@ ynh_use_logrotate --logfile="$datadir/nextcloud.log" ynh_script_progression --message="Configuring Fail2Ban..." --weight=8 # Create a dedicated Fail2Ban config -ynh_add_fail2ban_config --logpath="/home/yunohost.app/$app/data/nextcloud.log" --failregex="^.*Login failed: '.*' \(Remote IP: ''.*$" --max_retry=5 - -#================================================= -# SETUP SSOWAT -#================================================= -ynh_script_progression --message="Configuring permissions..." - -# Make app public if necessary -if [ $is_public -eq 1 ] -then - ynh_permission_update --permission="main" --add="visitors" -fi - -ynh_permission_create --permission="api" --label="api" --url="re:$domain\/.well-known\/.*" --allowed="visitors" "all_users" --auth_header="false" --show_tile="false" --protected="true" - -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." - -ynh_systemd_action --service_name=nginx --action=reload +ynh_add_fail2ban_config --logpath="$data_dir/data/nextcloud.log" --failregex="^.*Login failed: '.*' \(Remote IP: ''.*$" --max_retry=5 #================================================= # END OF SCRIPT diff --git a/scripts/remove b/scripts/remove index 36db879..d09cafe 100755 --- a/scripts/remove +++ b/scripts/remove @@ -10,117 +10,35 @@ source _common.sh source /usr/share/yunohost/helpers #================================================= -# LOAD SETTINGS +# REMOVE SYSTEM CONFIGURATIONS #================================================= -ynh_script_progression --message="Loading installation settings..." --weight=2 - -app=$YNH_APP_INSTANCE_NAME - -domain=$(ynh_app_setting_get --app=$app --key=domain) -db_name=$(ynh_app_setting_get --app=$app --key=db_name) -db_user=$db_name -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -datadir=$(ynh_app_setting_get --app=$app --key=datadir) - +# REMOVE SYSTEMD SERVICE #================================================= -# STANDARD REMOVE -#================================================= -# REMOVE DEPENDENCIES -#================================================= -ynh_script_progression --message="Removing dependencies..." --weight=20 - -# Remove metapackage and its dependencies -ynh_remove_app_dependencies - -#================================================= -# REMOVE THE MYSQL DATABASE -#================================================= -ynh_script_progression --message="Removing the MySQL database..." --weight=5 - -# Remove a database if it exists, along with the associated user -ynh_mysql_remove_db --db_user=$db_user --db_name=$db_name - -#================================================= -# REMOVE APP MAIN DIR -#================================================= -ynh_script_progression --message="Removing app main directory..." --weight=3 - -# Remove the app directory securely -ynh_secure_remove --file="$final_path" - -#================================================= -# REMOVE DATA DIR -#================================================= - -# Remove the data directory if --purge option is used -if [ "${YNH_APP_PURGE:-0}" -eq 1 ] -then - ynh_script_progression --message="Removing app data directory..." --weight=1 - ynh_secure_remove --file="$datadir" -fi - -#================================================= -# REMOVE NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Removing NGINX web server configuration..." +ynh_script_progression --message="Removing system configurations related to $app..." --weight=5 # Remove the dedicated NGINX config ynh_remove_nginx_config -#================================================= -# REMOVE PHP-FPM CONFIGURATION -#================================================= -ynh_script_progression --message="Removing PHP-FPM configuration..." --weight=2 - # Remove the dedicated PHP-FPM config ynh_remove_fpm_config -#================================================= -# REMOVE LOGROTATE CONFIGURATION -#================================================= -ynh_script_progression --message="Removing logrotate configuration..." - # Remove the app-specific logrotate config ynh_remove_logrotate -#================================================= -# REMOVE FAIL2BAN CONFIGURATION -#================================================= -ynh_script_progression --message="Removing Fail2Ban configuration..." --weight=8 - # Remove the dedicated Fail2Ban config ynh_remove_fail2ban_config -#================================================= -# SPECIFIC REMOVE -#================================================= -# REMOVE THE CRON FILE -#================================================= - # Remove a cron file # TODO: Ensure that cron job is not running (How !?) ynh_secure_remove --file="/etc/cron.d/$app" -#================================================= -# CLEAN ACL IN HOME DIRECTORIES -#================================================= - +# Cleaning ACL in home directories for i in $(ls /home); do # Clean ACL in every directories in /home, except those which start with 'yunohost.' [[ ! $i == yunohost.* ]] \ && setfacl --remove g:$app:rwx 2>&1 done -#================================================= -# GENERIC FINALIZATION -#================================================= -# REMOVE DEDICATED USER -#================================================= -ynh_script_progression --message="Removing the dedicated system user..." - -# Delete a system user -ynh_system_user_delete --username=$app - #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/restore b/scripts/restore index 42e6dcc..90d8fba 100755 --- a/scripts/restore +++ b/scripts/restore @@ -10,39 +10,6 @@ source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers source ../settings/scripts/_ynh_mysql_connect_as.sh -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= - -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# LOAD SETTINGS -#================================================= -ynh_script_progression --message="Loading settings..." - -app=$YNH_APP_INSTANCE_NAME - -domain=$(ynh_app_setting_get --app=$app --key=domain) -path_url=$(ynh_app_setting_get --app=$app --key=path) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -db_name=$(ynh_app_setting_get --app=$app --key=db_name) -db_user=$db_name -phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) -datadir=$(ynh_app_setting_get --app=$app --key=datadir) - -fpm_footprint=$(ynh_app_setting_get --app=$app --key=fpm_footprint) -fpm_usage=$(ynh_app_setting_get --app=$app --key=fpm_usage) - -#================================================= -# CHECK IF THE APP CAN BE RESTORED -#================================================= -ynh_script_progression --message="Validating restoration parameters..." --weight=4 - -test ! -d $final_path \ - || ynh_die --message="There is already a directory: $final_path " - #================================================= # STANDARD RESTORATION STEPS #================================================= @@ -50,38 +17,15 @@ test ! -d $final_path \ #================================================= ynh_script_progression --message="Restoring the app main directory..." -ynh_restore_file --origin_path="$final_path" +ynh_restore_file --origin_path="$install_dir" #================================================= # RESTORE THE MYSQL DATABASE #================================================= ynh_script_progression --message="Restoring the MySQL database..." --weight=9 -db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) -ynh_mysql_setup_db --db_user=$db_name --db_name=$db_name --db_pwd=$db_pwd -ynh_mysql_connect_as --user=$db_name --password="$db_pwd" --database=$db_name \ - <<< "ALTER DATABASE $db_name CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;" - ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name --default_character_set="utf8mb4" < ./db.sql -#================================================= -# RECREATE THE DEDICATED USER -#================================================= -ynh_script_progression --message="Recreating the dedicated system user..." --weight=3 - -# Create the dedicated user (if not existing) -ynh_system_user_create --username=$app - -#================================================= -# SPECIFIC RESTORATION -#================================================= -# REINSTALL DEPENDENCIES -#================================================= -ynh_script_progression --message="Reinstalling dependencies..." --weight=10 - -# Define and install dependencies -ynh_install_app_dependencies $pkg_dependencies - #================================================= # RESTORE THE PHP-FPM CONFIGURATION #================================================= @@ -102,9 +46,9 @@ ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" # Check if .well-known is available for this domain if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav" then - ynh_print_warn --message="Another app already uses the domain $domain to serve a caldav/carddav feature. You may encounter issues when dealing with your calendar or address book." + ynh_print_warn --message="Another app already uses the domain $domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book." - # Remove lines about .well-known/carddav and caldav with sed. + # Remove lines about .well-known/CardDAV and CalDAV with sed. sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "/etc/nginx/conf.d/$domain.d/$app.conf" fi @@ -128,29 +72,27 @@ ynh_restore_file --origin_path="/etc/logrotate.d/$app" ynh_script_progression --message="Restoring data directory..." --weight=2 # Use --not_mandatory for the data directory, because if the backup has been made with BACKUP_CORE_ONLY, there's no data into the backup. -ynh_restore_file --origin_path="$datadir" --not_mandatory - -mkdir -p "$datadir" +ynh_restore_file --origin_path="$data_dir" --not_mandatory #================================================= # RESTORE USER RIGHTS #================================================= # Fix app ownerships & permissions -chown -R $app:www-data "$final_path" -chown -R $app: "$datadir" -find $final_path/ -type f -print0 | xargs -r0 chmod 0644 -find $final_path/ -type d -print0 | xargs -r0 chmod 0755 -find $datadir/ -type f -print0 | xargs -r0 chmod 0640 -find $datadir/ -type d -print0 | xargs -r0 chmod 0750 -chmod 640 "$final_path/config/config.php" +chown -R $app:www-data "$install_dir" +chown -R $app: "$data_dir" +find $install_dir/ -type f -print0 | xargs -r0 chmod 0644 +find $install_dir/ -type d -print0 | xargs -r0 chmod 0755 +find $data_dir/data/ -type f -print0 | xargs -r0 chmod 0640 +find $data_dir/data/ -type d -print0 | xargs -r0 chmod 0750 +chmod 640 "$install_dir/config/config.php" chmod 755 /home/yunohost.app -chmod 750 $final_path +chmod 750 $install_dir # Iterate over users to extend their home folder permissions - for the external # storage plugin usage - and create relevant Nextcloud directories for u in $(ynh_user_list); do - mkdir -p "$datadir/$u" + mkdir -p "$data_dir/$u" setfacl --modify g:$app:rwx "/home/$u" || true done @@ -172,8 +114,8 @@ ynh_script_progression --message="Restoring the Fail2Ban configuration..." --wei ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf" ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf" -# Make sure a log file exists (mostly for CI tests) -logfile="/home/yunohost.app/$app/data/nextcloud.log" +# Make sure a log file exists (mostly for CI tests) +logfile="$data_dir/data/nextcloud.log" if [ ! -f "$logfile" ]; then touch "$logfile" chown $app: "$logfile" diff --git a/scripts/upgrade b/scripts/upgrade index eb1adb6..5ba8ef7 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -9,97 +9,48 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# LOAD SETTINGS -#================================================= -ynh_script_progression --message="Loading installation settings..." --weight=3 - -app=$YNH_APP_INSTANCE_NAME - -domain=$(ynh_app_setting_get --app=$app --key=domain) -path_url=$(ynh_app_setting_get --app=$app --key=path) -admin=$(ynh_app_setting_get --app=$app --key=admin) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -db_name=$(ynh_app_setting_get --app=$app --key=db_name) -db_user=$db_name -user_home=$(ynh_app_setting_get --app=$app --key=user_home) - -maintenance_mode=$(ynh_app_setting_get --app=$app --key=maintenance_mode) -fpm_footprint=$(ynh_app_setting_get --app=$app --key=fpm_footprint) -fpm_usage=$(ynh_app_setting_get --app=$app --key=fpm_usage) - #================================================= # CHECK VERSION #================================================= upgrade_type=$(ynh_check_app_version_changed) -# Check machine architecture (Nextcloud will soon deprecate 32-bit support) -if [ $YNH_ARCH == "i386" ] || [ $YNH_ARCH == "armhf" ] -then - ynh_print_warn --message="Nextcloud will soon deprecate 32-bit support. It is recommended to upgrade to a 64-bit architecture." -fi - #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= ynh_script_progression --message="Ensuring downward compatibility..." -# If db_name doesn't exist, create it -if [ -z "$db_name" ]; then - db_name=$(ynh_sanitize_dbid --db_name=$app) - ynh_app_setting_set --app=$app --key=db_name --value=$db_name -fi - -# If final_path doesn't exist, create it -if [ -z "$final_path" ]; then - final_path=/var/www/$app - ynh_app_setting_set --app=$app --key=final_path --value=$final_path -fi - -# If datadir doesn't exist, create it -if [ -z "$datadir" ]; then - datadir=/home/yunohost.app/$app - ynh_app_setting_set --app=$app --key=datadir --value=$datadir -fi - # Remove the option backup_core_only if it's in the settings.yml file ynh_app_setting_delete --app=$app --key=backup_core_only # If maintenance_mode doesn't exist, create it -if [ -z "$maintenance_mode" ]; then +if [ -z "${maintenance_mode:-}" ]; then maintenance_mode=0 ynh_app_setting_set --app=$app --key=maintenance_mode --value=$maintenance_mode fi # If fpm_footprint doesn't exist, create it -if [ -z "$fpm_footprint" ]; then +if [ -z "${fpm_footprint:-}" ]; then fpm_footprint=high ynh_app_setting_set --app=$app --key=fpm_footprint --value=$fpm_footprint fi # If fpm_free_footprint doesn't exist, create it -if [ -z "$fpm_free_footprint" ]; then +if [ -z "${fpm_free_footprint:-}" ]; then fpm_free_footprint=0 ynh_app_setting_set --app=$app --key=fpm_free_footprint --value=$fpm_free_footprint fi # If fpm_usage doesn't exist, create it -if [ -z "$fpm_usage" ]; then +if [ -z "${fpm_usage:-}" ]; then fpm_usage=medium ynh_app_setting_set --app=$app --key=fpm_usage --value=$fpm_usage fi -# Cleaning legacy permissions -if ynh_legacy_permissions_exists; then - ynh_legacy_permissions_delete_all - - ynh_app_setting_delete --app=$app --key=is_public -fi - -# Create a permission if needed -if ! ynh_permission_exists --permission="api"; then - ynh_permission_create --permission="api" --label="api" --url="re:$domain\/.well-known\/.*" --allowed="visitors" "all_users" --auth_header="false" --show_tile="false" --protected="true" +# If phpflags doesn't exist, create it +if [ -z "${phpflags:-}" ]; then + phpflags="--define apc.enable_cli=1" + ynh_app_setting_set --app=$app --key=phpflags --value=$phpflags fi # Delete existing ini configuration file (backward compatibility) @@ -107,61 +58,6 @@ if [ -f /etc/php/$YNH_PHP_VERSION/fpm/conf.d/20-$app.ini ]; then ynh_secure_remove --file=/etc/php/$YNH_PHP_VERSION/fpm/conf.d/20-$app.ini fi -#================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP -#================================================= -ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=30 - -# Made a backup only after the version 11.0.0 -# Before, the datas will be always saved. -# Get the current version number of nextcloud/owncloud -current_version=$(grep OC_VersionString "$final_path/version.php" | cut -d\' -f2) -current_major_version=${current_version%%.*} - -if [ $current_major_version -gt 11 ] -then - # Inform the backup/restore process that it should not save the data directory - # Use only for the previous backup script that doesn't set 'is_big' - ynh_app_setting_set --app=$app --key=backup_core_only --value=1 - - # Backup the current version of the app - ynh_backup_before_upgrade - - # Remove the option backup_core_only after the backup. - ynh_app_setting_delete $app backup_core_only - - ynh_clean_setup () { - # restore it if the upgrade fails - ynh_restore_upgradebackup - } -fi - -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -if ynh_legacy_permissions_exists; then - ynh_legacy_permissions_delete_all - - ynh_permission_create --permission="api" --label="api" --url="re:$domain\/.well-known\/.*" --allowed="visitors" "all_users" --auth_header="false" --show_tile="false" --protected="true" -fi - -#================================================= -# UPGRADE DEPENDENCIES -#================================================= -ynh_script_progression --message="Upgrading dependencies..." --weight=7 - -ynh_install_app_dependencies $pkg_dependencies - -#================================================= -# STANDARD UPGRADE STEPS -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Making sure dedicated system user exists..." - -# Create a dedicated user (if not existing) -ynh_system_user_create --username=$app - #================================================= # PHP-FPM CONFIGURATION #================================================= @@ -170,8 +66,6 @@ ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=2 # Recreate a dedicated PHP-FPM config ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint -phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) - #================================================= # NGINX CONFIGURATION #================================================= @@ -189,7 +83,7 @@ ynh_systemd_action --service_name=nginx --action=reload --line_match="Reloaded" # Check if .well-known is available for this domain if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav" then - ynh_print_warn --message="Another app already uses the domain $domain to serve a caldav/carddav feature. You may encounter issues when dealing with your calendar or address book." + ynh_print_warn --message="Another app already uses the domain $domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book." # Remove lines about .well-known/carddav and caldav with sed. sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "../conf/nginx.conf" @@ -205,19 +99,25 @@ ynh_add_nginx_config # VERSION TO THE NEXT ONE #================================================= +current_version=$(grep OC_VersionString "$install_dir/version.php" | cut -d\' -f2) +current_major_version=${current_version%%.*} + # Define a function to execute commands with `occ` exec_occ() { # Backward compatibility to upgrade from older versions - if [ $current_major_version = "last" ] || [ $current_major_version -ge 24 ] + if [ $current_major_version = "last" ] || [ $current_major_version -ge 26 ] then NEXTCLOUD_PHP_VERSION=$phpversion - elif [ $current_major_version -ge 15 ] + elif [ $current_major_version -ge 25 ] + then + NEXTCLOUD_PHP_VERSION="8.1" + elif [ $current_major_version -ge 18 ] then NEXTCLOUD_PHP_VERSION="7.4" else - NEXTCLOUD_PHP_VERSION="7.0" + NEXTCLOUD_PHP_VERSION="7.1" fi -(cd "$final_path" && ynh_exec_as "$app" \ +(cd "$install_dir" && ynh_exec_as "$app" \ php$NEXTCLOUD_PHP_VERSION --define apc.enable_cli=1 occ --no-interaction --no-ansi "$@") } @@ -227,13 +127,11 @@ create_external_storage() { local datadir="$1" local mount_name="$2" local mount_id=$(exec_occ files_external:create --output=json \ - "$mount_name" 'local' 'null::null' -c "datadir=$datadir" || true) + "$mount_name" 'local' 'null::null' -c "datadir=$data_dir/data" || true) ! [[ $mount_id =~ ^[0-9]+$ ]] \ && ynh_print_warn --message="Unable to create external storage" \ || exec_occ files_external:option "$mount_id" enable_sharing true } -# Define app's data directory -datadir="/home/yunohost.app/$app/data" if [ "$upgrade_type" == "UPGRADE_APP" ] then @@ -246,7 +144,7 @@ then last_major_version=${last_version%%.*} # Set write access for the following commands - chown -R $app: "$final_path" "$datadir" + chown -R $app: "$install_dir" "$data_dir" # Print the current version number of Nextcloud exec_occ -V @@ -297,7 +195,7 @@ then # Load the value for this version source upgrade.d/upgrade.$current_major_version.sh - ynh_print_info --message="Upgrade to nextcloud $next_version" + ynh_print_info --message="Upgrade to Nextcloud $next_version" # Create an app.src for this version of Nextcloud cat > ../conf/app.src << EOF @@ -318,13 +216,13 @@ EOF exec_occ maintenance:mode --on # Backup the config file in the temp dir - cp -a "$final_path/config/config.php" "$tmpdir/config/config.php" + cp -a "$install_dir/config/config.php" "$tmpdir/config/config.php" # Backup 3rd party applications from the current Nextcloud # But do not overwrite if there is any upgrade # (apps directory already exists in Nextcloud archive) ( - cd $final_path/apps + cd $install_dir/apps for nc_app_dir in */ do if [ ! -d "$tmpdir/apps/$nc_app_dir" ] @@ -334,13 +232,13 @@ EOF done ) - # Replace the old nextcloud by the new one - ynh_secure_remove --file="$final_path" - mv "$tmpdir" "$final_path" + # Replace the old Nextcloud by the new one + ynh_secure_remove --file="$install_dir" + mv "$tmpdir" "$install_dir" ynh_secure_remove --file="$tmpdir" # Set write access for the following commands - chown -R $app: "$final_path" "$datadir" + chown -R $app: "$install_dir" "$data_dir" # Upgrade Nextcloud (SUCCESS = 0, UP_TO_DATE = 3) exec_occ maintenance:mode --off @@ -348,10 +246,10 @@ EOF || [ $? -eq 3 ] || ynh_die --message="Unable to upgrade Nextcloud" # Get the new current version number - current_version=$(grep OC_VersionString "$final_path/version.php" | cut -d\' -f2) + current_version=$(grep OC_VersionString "$install_dir/version.php" | cut -d\' -f2) current_major_version=${current_version%%.*} - # Print the current version number of nextcloud + # Print the current version number of Nextcloud exec_occ -V done @@ -366,9 +264,9 @@ EOF ynh_script_progression --message="Reconfiguring Nextcloud..." --weight=9 # Verify the checksum and backup the file if it's different - ynh_backup_if_checksum_is_different --file="$final_path/config/config.php" + ynh_backup_if_checksum_is_different --file="$install_dir/config/config.php" - nc_conf="${final_path}/config.json" + nc_conf="${install_dir}/config.json" ynh_add_config --template="../conf/config.json" --destination="$nc_conf" # Reneable the mail app @@ -382,6 +280,9 @@ EOF # Enable LDAP plugin exec_occ app:enable user_ldap + # Update all installed apps + exec_occ app:update --all + # Load the config file in nextcloud exec_occ config:import "$nc_conf" @@ -400,7 +301,7 @@ EOF \$main_domain = exec('cat /etc/yunohost/current_host'); \$CONFIG['logout_url'] = 'https://'.\$main_domain.'/yunohost/sso/?action=logout'; //-YunoHost- - " >> "$final_path/config/config.php" + " >> "$install_dir/config/config.php" #================================================= # CHANGE HOSTNAME FOR ACTIVITY NOTIFICATIONS @@ -429,7 +330,7 @@ EOF #================================================= # Calculate and store the config file checksum into the app settings - ynh_store_file_checksum --file="${final_path}/config/config.php" + ynh_store_file_checksum --file="${install_dir}/config/config.php" fi #================================================= @@ -450,15 +351,15 @@ exec_occ background:cron #================================================= # Fix app ownerships & permissions -chown -R $app:www-data "$final_path" -chown -R $app: "$datadir" -find $final_path/ -type f -print0 | xargs -r0 chmod 0644 -find $final_path/ -type d -print0 | xargs -r0 chmod 0755 -find $datadir/ -type f -print0 | xargs -r0 chmod 0640 -find $datadir/ -type d -print0 | xargs -r0 chmod 0750 -chmod 640 "$final_path/config/config.php" +chown -R $app:www-data "$install_dir" +chown -R $app: "$data_dir" +find $install_dir/ -type f -print0 | xargs -r0 chmod 0644 +find $install_dir/ -type d -print0 | xargs -r0 chmod 0755 +find $data_dir/data/ -type f -print0 | xargs -r0 chmod 0640 +find $data_dir/data/ -type d -print0 | xargs -r0 chmod 0750 +chmod 640 "$install_dir/config/config.php" chmod 755 /home/yunohost.app -chmod 750 $final_path +chmod 750 $install_dir #================================================= # WARNING ABOUT THIRD-PARTY APPS @@ -492,9 +393,8 @@ ynh_add_fail2ban_config --logpath="/home/yunohost.app/$app/data/nextcloud.log" - #================================================= # RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading NGINX web server and PHP-FPM..." +ynh_script_progression --message="Reloading PHP-FPM..." --weight=2 -ynh_systemd_action --service_name=nginx --action=reload ynh_systemd_action --service_name="php${phpversion}-fpm" --action=reload #================================================= diff --git a/scripts/upgrade.d/upgrade.last.sh b/scripts/upgrade.d/upgrade.last.sh index 09a19f6..4a851d5 100644 --- a/scripts/upgrade.d/upgrade.last.sh +++ b/scripts/upgrade.d/upgrade.last.sh @@ -1,7 +1,7 @@ #!/bin/bash # Last available Nextcloud version -next_version="27.1.2" +next_version="27.1.3" # Nextcloud tarball checksum sha256 -nextcloud_source_sha256="0742b247aaee0b7044db0062f0a914aa77338c7a7d8fe7da0917147d76689721" +nextcloud_source_sha256="1d614935245e4a375b4ac991c02f323592b753972f86f88763fd80ed7d275793" diff --git a/tests.toml b/tests.toml new file mode 100644 index 0000000..85768fa --- /dev/null +++ b/tests.toml @@ -0,0 +1,11 @@ +test_format = 1.0 + +[default] + + # ------------------------------- + # Commits to test upgrade from + # ------------------------------- + + test_upgrade_from.c5cf91ad.name = "Upgrade from 25.0.2" + test_upgrade_from.caf917f3.name = "Upgrade from 26.0.2" + \ No newline at end of file