YunoHost-Apps/nextcloud_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/nextcloud_ynh.git synced 2024-09-03 19:55:57 +02:00
Code Issues Activity Actions

Merge branch 'testing' into hook-post-user-delete

Browse source
This commit is contained in:
Éric Gaspar 2023-11-10 15:58:32 +01:00
commit 811938c9d1
23 changed files with 294 additions and 750 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
README.md
View file

@ -30,7 +30,7 @@ this package:
* Serve `/.well-known` paths for CalDAV and CardDAV on the domain only if it's not already served - i.e. by Baïkal
**Shipped version:** 27.1.2~ynh2
**Shipped version:** 27.1.3~ynh1
**Demo:** https://demo.nextcloud.com/
@ -38,31 +38,13 @@ this package:
![Screenshot of Nextcloud](./doc/screenshots/screenshot.png)
## Disclaimers / important information
### Configure ONLYOFFICE integration
#### With Nextcloud App (no ARM support, lower performance)
Starting from Nextcloud 18, it features a direct integration of ONLYOFFICE (an online rich text document editor) through a Nextcloud app.
To install and configure it:
- Install *Community Document Server* application in your Nextcloud. That's the part that runs ONLYOFFICE server.
- Install *ONLYOFFICE* application. That's the client part that will connect to an ONLYOFFICE server.
- Then in Settings -> ONLYOFFICE (`https://yourdomain.tld/nextcloud/settings/admin/onlyoffice`), if you want to configure which file formats should be opened by ONLYOFFICE.
- Here you go :) You should be able to create new type of documents and open them.
*NB: ONLYOFFICE Nextcloud App is only available for x86 architecture - for **ARM** architecture (Raspberry Pi, OLinuXino...), consider the YunoHost App below*
#### With YunoHost App (ARM64 support, better performance)
For better performance and ARM64 support, install ONLYOFFICE YunoHost App and connect it to Nextcloud, see the tutorial in the [doc of onlyoffice_ynh package](https://github.com/YunoHost-Apps/onlyoffice_ynh/blob/master/README_fr.md#configuration-de-onlyoffice-server)
## Documentation and resources
* Official app website: <https://nextcloud.com>
* Official user documentation: <https://docs.nextcloud.com/server/latest/user_manual/en/>
* Official admin documentation: <https://docs.nextcloud.com/server/stable/admin_manual/>
* Upstream app code repository: <https://github.com/nextcloud/server>
* YunoHost Store: <https://apps.yunohost.org/app/nextcloud>
* Report a bug: <https://github.com/YunoHost-Apps/nextcloud_ynh/issues>
## Developer info

22
README_fr.md
View file

@ -29,7 +29,7 @@ En plus des fonctionnalités principales de Nextcloud, les fonctionnalités suiv
* Utilise l'adresse `/.well-known` pour la synchronisation CalDAV et CardDAV du domaine si aucun autre service ne l'utilise déjà - par exemple, Baïkal
**Version incluse :** 27.1.2~ynh2
**Version incluse :** 27.1.3~ynh1
**Démo :** https://demo.nextcloud.com/
@ -37,31 +37,13 @@ En plus des fonctionnalités principales de Nextcloud, les fonctionnalités suiv
![Capture décran de Nextcloud](./doc/screenshots/screenshot.png)
## Avertissements / informations importantes
### Configurer l'intégration d'ONLYOFFICE
#### Avec l'application Nextcloud (pas de support ARM, performances limitées)
À partir de sa version 18, Nextcloud inclut une intégration directe de ONLYOFFICE (un éditeur de texte enrichi en ligne) via une application Nextcloud.
Pour l'installer et la configurer :
- Installez l'application *Community Document Server* dans votre Nextcloud. C'est la partie qui fait tourner un serveur ONLYOFFICE.
- Installez l'application *ONLYOFFICE*. C'est la partie cliente qui va se connecter au serveur ONLYOFFICE.
- Ensuite dans les Paramètres -> ONLYOFFICE (`https://yourdomain.tld/nextcloud/settings/admin/onlyoffice`), si vous voulez configurer quels formats de fichier s'ouvrent avec ONLYOFFICE.
- Et voilà :) Vous devriez pouvoir créer de nouveaux types de documents, et les ouvrir.
*NB : l'app Nextcloud ONLYOFFICE Community Document Server n'est disponible que sous architecture x86 - Pour un support de l'architecture **ARM** (Raspberry Pi, OLinuXino...), installez plutôt l'App YunoHost, voir ci-dessous*
#### Avec l'application YunoHost (support ARM64, meilleures performances)
Pour de meilleures performances et le support de ARM64, installez l'app YunoHost ONLYOFFICE, voir le tutoriel dans la [doc du paquet onlyoffice_ynh](https://github.com/YunoHost-Apps/onlyoffice_ynh/blob/master/README_fr.md#configuration-de-onlyoffice-server)
## Documentations et ressources
* Site officiel de lapp : <https://nextcloud.com>
* Documentation officielle utilisateur : <https://docs.nextcloud.com/server/latest/user_manual/en/>
* Documentation officielle de ladmin : <https://docs.nextcloud.com/server/stable/admin_manual/>
* Dépôt de code officiel de lapp : <https://github.com/nextcloud/server>
* YunoHost Store: <https://apps.yunohost.org/app/nextcloud>
* Signaler un bug : <https://github.com/YunoHost-Apps/nextcloud_ynh/issues>
## Informations pour les développeurs

27
check_process
View file

@ -1,27 +0,0 @@
;; Test complet
; Manifest
domain="domain.tld"
path="/path"
admin="homer"
is_public=1
user_home="1"
; Checks
pkg_linter=1
setup_sub_dir=1
setup_root=1
setup_nourl=0
setup_private=1
setup_public=1
upgrade=1
#26.0.3
upgrade=1 from_commit=d02166a533dcf8aa82d49dbb6a3a2dd9a7411812
backup_restore=1
multi_instance=1
change_url=1
;;; Options
Email=
Notification=none
;;; Upgrade options
; commit=d02166a533dcf8aa82d49dbb6a3a2dd9a7411812
name=Merge pull request #495 from 26.0.3
manifest_arg=domain=DOMAIN&path=PATH&admin=USER&user_home=1&

18
conf/config.json
View file

@ -13,7 +13,23 @@
},
"hashing_default_password": true,
"localstorage.allowsymlinks": true,
"simpleSignUpLink.shown": false
"simpleSignUpLink.shown": false,
"mail_smtpmode": "smtp",
"mail_smtpport": "25",
"mail_smtpauth": 1,
"mail_smtpname": "__APP__",
"mail_smtppassword": "__MAIL_PWD__",
"mail_sendmailmode": "smtp",
"mail_from_address": "__APP__",
"mail_domain": "__DOMAIN__",
"mail_smtphost": "localhost",
"mail_smtpstreamoptions": {
"ssl": {
"allow_self_signed": true,
"verify_peer": false,
"verify_peer_name": false
}
}
},
"apps": {
"user_ldap": {

2
conf/config_install.json
View file

@ -1,6 +1,6 @@
{
"system": {
"datadirectory": "__DATADIR__",
"datadirectory": "__DATA_DIR__/data/",
"trusted_domains": [
"localhost",
"__DOMAIN__"

2
conf/extra_php-fpm.conf
View file

@ -8,7 +8,7 @@ php_value[default_charset] = UTF-8
; OPcache is already activated by default
; php_value[opcache.enable]=1
; The following parameters are nevertheless recommended for Nextcloud
; see here: https://docs.nextcloud.com/server/15/admin_manual/installation/server_tuning.html#enable-php-opcache
; see here: https://docs.nextcloud.com/server/20/admin_manual/installation/server_tuning.html#enable-php-opcache
php_value[opcache.enable_cli]=1
php_value[opcache.interned_strings_buffer]=32
php_value[opcache.max_accelerated_files]=10000

2
conf/nextcloud.cron
View file

@ -1 +1 @@
*/5 * * * * __APP__ /usr/bin/php__PHPVERSION__ --define apc.enable_cli=1 -f __FINAL_PATH__/cron.php
*/5 * * * * __APP__ /usr/bin/php__PHPVERSION__ --define apc.enable_cli=1 -f __INSTALL_DIR__/cron.php

50
conf/nginx.conf
View file

@ -12,27 +12,20 @@ location ^~ /.well-known {
location = /.well-known/webfinger { return 301 __PATH__/index.php$uri; }
location = /.well-known/nodeinfo { return 301 __PATH__/index.php$uri; }
try_files $uri $uri/ =404;
# Let Nextcloud's API for `/.well-known` URIs handle all other
# requests by passing them to the front-end controller.
return 301 __PATH__/index.php$request_uri;
}
#sub_path_only rewrite ^__PATH__$ __PATH__/ permanent;
location ^~ __PATH__/ {
# Path to source
alias __FINALPATH__/;
alias __INSTALL_DIR__/;
# Add headers to serve security related headers
more_set_headers "Strict-Transport-Security: max-age=15768000; includeSubDomains; preload;";
more_set_headers "Referrer-Policy: no-referrer";
more_set_headers "X-Content-Type-Options: nosniff";
more_set_headers "X-Download-Options: noopen";
more_set_headers "X-Frame-Options: SAMEORIGIN";
more_set_headers "X-Permitted-Cross-Domain-Policies: none";
more_set_headers "X-Robots-Tag: noindex, nofollow";
more_set_headers "X-XSS-Protection: 1; mode=block";
# Set max upload size
# set max upload size and increase upload timeout:
client_max_body_size 10G;
client_body_timeout 300s;
fastcgi_buffers 64 4K;
# Enable gzip but do not remove ETag headers
@ -52,6 +45,16 @@ location ^~ __PATH__/ {
# for tunning hints
client_body_buffer_size 512k;
# HTTP response headers borrowed from Nextcloud `.htaccess`
more_set_headers "Strict-Transport-Security: max-age=15768000; includeSubDomains; preload;";
more_set_headers "Referrer-Policy: no-referrer";
more_set_headers "X-Content-Type-Options: nosniff";
more_set_headers "X-Download-Options: noopen";
more_set_headers "X-Frame-Options: SAMEORIGIN";
more_set_headers "X-Permitted-Cross-Domain-Policies: none";
more_set_headers "X-Robots-Tag: noindex, nofollow";
more_set_headers "X-XSS-Protection: 1; mode=block";
# Remove X-Powered-By, which is an information leak
fastcgi_hide_header X-Powered-By;
@ -90,8 +93,6 @@ location ^~ __PATH__/ {
# `/nextcloud/index.php` to the URI, resulting in a HTTP 500 error response.
location ~ \.php(?:$|/) {
# Required for legacy support
# https://github.com/nextcloud/documentation/pull/2197#issuecomment-721432337
# This line fix the ldap admin page
rewrite ^__PATH__/(?!index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|ocs-provider\/.+|.+\/richdocumentscode\/proxy) __PATH__/index.php$request_uri;
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
@ -106,10 +107,19 @@ location ^~ __PATH__/ {
fastcgi_param modHeadersAvailable true; # Avoid sending the security headers twice
fastcgi_param front_controller_active true; # Enable pretty urls
fastcgi_param HTTP_ACCEPT_ENCODING ""; # Disable encoding of nextcloud response to inject ynh scripts
fastcgi_param HTTP_ACCEPT_ENCODING ""; # Disable encoding of Nextcloud response to inject ynh scripts
fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock;
fastcgi_intercept_errors on;
fastcgi_request_buffering off;
fastcgi_read_timeout 600;
fastcgi_send_timeout 600;
fastcgi_connect_timeout 600;
proxy_connect_timeout 600;
proxy_send_timeout 600;
proxy_read_timeout 600;
send_timeout 600;
}
location ~ ^__PATH__/(?:updater|ocs-provider)(?:$|/) {
@ -117,7 +127,8 @@ location ^~ __PATH__/ {
index index.php;
}
location ~ \.(?:css|js|svg|gif|png|jpg|ico|wasm|tflite|map)$ {
# Serve static files
location ~ \.(?:css|js|mjs|svg|gif|png|jpg|ico|wasm|tflite|map)$ {
try_files $uri / __PATH__/index.php$request_uri;
expires 6M; # Cache-Control policy borrowed from `.htaccess`
access_log off; # Optional: Don't log access to assets
@ -133,6 +144,11 @@ location ^~ __PATH__/ {
access_log off; # Optional: Don't log access to assets
}
# Rule borrowed from `.htaccess`
location __PATH__/remote {
return 301 __PATH__/remote.php$request_uri;
}
location ~ / {
if ($request_method ~ ^(PUT|DELETE|PATCH)$) {
rewrite ^ __PATH__/index.php$request_uri last;

11
doc/DISCLAIMER.md → doc/ADMIN.md
View file

@ -1,13 +1,18 @@
### How to use CLI commande
`sudo -u __APP__ php__YNH_PHP_VERSION__ --define apc.enable_cli=1 __INSTALL_DIR__/occ ...`
or use `sudo yunohost app shell __APP__` then run `php occ ...`
### Configure ONLYOFFICE integration
#### With Nextcloud App (no ARM support, lower performance)
Starting from Nextcloud 18, it features a direct integration of ONLYOFFICE (an online rich text document editor) through a Nextcloud app.
Nextcloud features a direct integration of ONLYOFFICE (an online rich text document editor) through a Nextcloud app.
To install and configure it:
- Install *Community Document Server* application in your Nextcloud. That's the part that runs ONLYOFFICE server.
- Install *ONLYOFFICE* application. That's the client part that will connect to an ONLYOFFICE server.
- Then in Settings -> ONLYOFFICE (`https://yourdomain.tld/nextcloud/settings/admin/onlyoffice`), if you want to configure which file formats should be opened by ONLYOFFICE.
- Here you go :) You should be able to create new type of documents and open them.
- Then in Settings -> ONLYOFFICE (`https://__DOMAIN____PATH__/settings/admin/onlyoffice`), if you want to configure which file formats should be opened by ONLYOFFICE.
*NB: ONLYOFFICE Nextcloud App is only available for x86 architecture - for **ARM** architecture (Raspberry Pi, OLinuXino...), consider the YunoHost App below*

11
doc/DISCLAIMER_fr.md → doc/ADMIN_fr.md
View file

@ -1,13 +1,18 @@
### Comment utiliser la commande CLI
`sudo -u __APP__ php__YNH_PHP_VERSION__ --define apc.enable_cli=1 __INSTALL_DIR__/occ ...`
ou utilisez `sudo yunohost app shell __APP__` puis `php occ ...`
### Configurer l'intégration d'ONLYOFFICE
#### Avec l'application Nextcloud (pas de support ARM, performances limitées)
À partir de sa version 18, Nextcloud inclut une intégration directe de ONLYOFFICE (un éditeur de texte enrichi en ligne) via une application Nextcloud.
Nextcloud inclut une intégration directe de ONLYOFFICE (un éditeur de texte enrichi en ligne) via une application Nextcloud.
Pour l'installer et la configurer :
- Installez l'application *Community Document Server* dans votre Nextcloud. C'est la partie qui fait tourner un serveur ONLYOFFICE.
- Installez l'application *ONLYOFFICE*. C'est la partie cliente qui va se connecter au serveur ONLYOFFICE.
- Ensuite dans les Paramètres -> ONLYOFFICE (`https://yourdomain.tld/nextcloud/settings/admin/onlyoffice`), si vous voulez configurer quels formats de fichier s'ouvrent avec ONLYOFFICE.
- Et voilà :) Vous devriez pouvoir créer de nouveaux types de documents, et les ouvrir.
- Ensuite dans les Paramètres -> ONLYOFFICE (`https://__DOMAIN____PATH__/settings/admin/onlyoffice`), si vous voulez configurer quels formats de fichier s'ouvrent avec ONLYOFFICE.
*NB : l'app Nextcloud ONLYOFFICE Community Document Server n'est disponible que sous architecture x86 - Pour un support de l'architecture **ARM** (Raspberry Pi, OLinuXino...), installez plutôt l'App YunoHost, voir ci-dessous*

3
doc/DESCRIPTION.md
View file

@ -2,8 +2,7 @@ Nextcloud Hub is a fully open-source on-premises content collaboration platform.
### YunoHost-specific features
In addition to Nextcloud core features, the following are made available with
this package:
In addition to Nextcloud core features, the following are made available with this package:
* Integrate with YunoHost users and SSO - i.e. logout button
* Allow one user to be the administrator (set at the installation)

70
manifest.json
View file

@ -1,70 +0,0 @@
{
"id": "nextcloud",
"name": "Nextcloud",
"packaging_format": 1,
"description": {
"en": "Online storage, file sharing platform and various other applications",
"fr": "Stockage en ligne, plateforme de partage de fichiers et diverses autres applications"
},
"version": "27.1.2~ynh2",
"url": "https://nextcloud.com",
"upstream": {
"license": "AGPL-3.0",
"website": "https://nextcloud.com",
"demo": "https://demo.nextcloud.com/",
"admindoc": "https://docs.nextcloud.com/server/stable/admin_manual/",
"userdoc": "https://docs.nextcloud.com/server/latest/user_manual/en/",
"code": "https://github.com/nextcloud/server",
"cpe": "cpe:2.3:a:nextcloud:nextcloud"
},
"license": "AGPL-3.0",
"maintainer": {
"name": "kay0u",
"email": "pierre@kayou.io"
},
"requirements": {
"yunohost": ">= 11.2"
},
"multi_instance": true,
"services": [
"nginx",
"php8.1-fpm",
"mysql"
],
"arguments": {
"install": [
{
"name": "domain",
"type": "domain"
},
{
"name": "path",
"type": "path",
"example": "/nextcloud",
"default": "/nextcloud"
},
{
"name": "admin",
"type": "user"
},
{
"name": "is_public",
"type": "boolean",
"help": {
"en": "You need to enable public if you want to connect Nextcloud Desktop client to Nextcloud server. This can be changed later via the webadmin.",
"fr": "Vous devez cocher cette case si vous souhaitez connecter le client Nextcloud Desktop au serveur Nextcloud. Cela peut être modifié ultérieurement via l'administrateur Web."
},
"default": true
},
{
"name": "user_home",
"type": "boolean",
"ask": {
"en": "Access the users home folder from Nextcloud?",
"fr": "Accéder au dossier personnel des utilisateurs depuis Nextcloud ?"
},
"default": false
}
]
}
}

77
manifest.toml Normal file
View file

@ -0,0 +1,77 @@
packaging_format = 2
id = "nextcloud"
name = "Nextcloud"
description.en = "Online storage, file sharing platform and various other applications"
description.fr = "Stockage en ligne, plateforme de partage de fichiers et diverses autres applications"
version = "27.1.3~ynh1"
maintainers = ["kay0u"]
[upstream]
license = "AGPL-3.0"
website = "https://nextcloud.com"
demo = "https://demo.nextcloud.com/"
admindoc = "https://docs.nextcloud.com/server/stable/admin_manual/"
userdoc = "https://docs.nextcloud.com/server/latest/user_manual/en/"
code = "https://github.com/nextcloud/server"
cpe = "cpe:2.3:a:nextcloud:nextcloud"
[integration]
yunohost = ">= 11.2"
architectures = ["amd64", "arm64", "armhf"]
multi_instance = true
ldap = true
sso = true
disk = "50M"
ram.build = "500M"
ram.runtime = "512M"
[install]
[install.domain]
type = "domain"
[install.path]
type = "path"
default = "/nextcloud"
[install.admin]
type = "user"
[install.init_main_permission]
help.en = "You must activate 'Visitors' if you want to connect Nextcloud Desktop client to Nextcloud server. This can be changed later via the webadmin."
help.fr = "Vous devez activer 'Visiteurs' si vous souhaitez connecter le client Nextcloud Desktop au serveur Nextcloud. Cela peut être modifié ultérieurement via l'administrateur Web."
type = "group"
default = "visitors"
[install.user_home]
ask.en = "Access the users home folder from Nextcloud?"
ask.fr = "Accéder au dossier personnel des utilisateurs depuis Nextcloud ?"
type = "boolean"
default = false
[resources]
[resources.system_user]
allow_email = true
[resources.install_dir]
[resources.data_dir]
subdirs = ["data"]
[resources.permissions]
main.url = "/"
api.url = "re:__DOMAIN__\\/.well-known\\/.*"
api.auth_header = false
api.show_tile = false
api.protected= true
api.allowed = ["visitors", "all_users"]
[resources.apt]
packages = "mariadb-server, imagemagick, libmagickcore-6.q16-6-extra, acl, tar, smbclient, at, php8.2-fpm, php8.2-bz2, php8.2-imap, php8.2-gmp, php8.2-gd, php8.2-intl, php8.2-curl, php8.2-apcu, php8.2-redis, php8.2-ldap, php8.2-imagick, php8.2-zip, php8.2-mbstring, php8.2-xml, php8.2-mysql, php8.2-igbinary, php8.2-bcmath"
[resources.database]
type = "mysql"

7
scripts/_common.sh
View file

@ -4,12 +4,6 @@
# COMMON VARIABLES
#=================================================
YNH_PHP_VERSION="8.2"
php_dependencies="php${YNH_PHP_VERSION}-fpm php${YNH_PHP_VERSION}-bz2 php${YNH_PHP_VERSION}-imap php${YNH_PHP_VERSION}-gmp php${YNH_PHP_VERSION}-gd php${YNH_PHP_VERSION}-intl php${YNH_PHP_VERSION}-curl php${YNH_PHP_VERSION}-apcu php${YNH_PHP_VERSION}-redis php${YNH_PHP_VERSION}-ldap php${YNH_PHP_VERSION}-imagick php${YNH_PHP_VERSION}-zip php${YNH_PHP_VERSION}-mbstring php${YNH_PHP_VERSION}-xml php${YNH_PHP_VERSION}-mysql php${YNH_PHP_VERSION}-igbinary php${YNH_PHP_VERSION}-bcmath"
pkg_dependencies="imagemagick libmagickcore-6.q16-6-extra acl tar smbclient at $php_dependencies"
#=================================================
# EXPERIMENTAL HELPERS
#=================================================
@ -46,7 +40,6 @@ is_url_handled() {
fi
}
#=================================================
# Check available space before creating a temp directory.

41
scripts/backup
View file

@ -10,26 +10,6 @@ source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
source ../settings/scripts/_ynh_mysql_dump_db.sh
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
ynh_print_info --message="Loading installation settings..."
app=$YNH_APP_INSTANCE_NAME
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
domain=$(ynh_app_setting_get --app=$app --key=domain)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
#=================================================
# DECLARE DATA AND CONF FILES TO BACKUP
#=================================================
@ -39,7 +19,13 @@ ynh_print_info --message="Declaring files to be backed up..."
# BACKUP THE APP MAIN DIR
#=================================================
ynh_backup --src_path="$final_path"
ynh_backup --src_path="$install_dir"
#=================================================
# BACKUP THE DATA DIRECTORY
#=================================================
ynh_backup --src_path="$data_dir" --is_big
#=================================================
# BACKUP THE NGINX CONFIGURATION
@ -53,13 +39,6 @@ ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
#=================================================
# BACKUP THE MYSQL DATABASE
#=================================================
ynh_print_info --message="Backing up the MySQL database..."
ynh_mysql_dump_db --database="$db_name" --default_character_set="utf8mb4" > db.sql
#=================================================
# SPECIFIC BACKUP
#=================================================
@ -82,11 +61,11 @@ ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf"
ynh_backup --src_path="/etc/cron.d/$app"
#=================================================
# BACKUP THE DATA DIRECTORY
# BACKUP THE MYSQL DATABASE
#=================================================
ynh_print_info --message="Backing up data directory..."
ynh_print_info --message="Backing up the MySQL database..."
ynh_backup --src_path="$datadir" --is_big
ynh_mysql_dump_db --database="$db_name" --default_character_set="utf8mb4" > db.sql
#=================================================
# END OF SCRIPT

95
scripts/change_url
View file

@ -9,99 +9,21 @@
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# RETRIEVE ARGUMENTS
#=================================================
old_domain=$YNH_APP_OLD_DOMAIN
old_path=$YNH_APP_OLD_PATH
new_domain=$YNH_APP_NEW_DOMAIN
new_path=$YNH_APP_NEW_PATH
app=$YNH_APP_INSTANCE_NAME
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..."
# Needed for helper "ynh_add_nginx_config"
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=1
# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
# Remove the new domain config file, the remove script won't do it as it doesn't know yet its location.
ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
# Restore it if the upgrade fails
ynh_restore_upgradebackup
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# CHECK WHICH PARTS SHOULD BE CHANGED
#=================================================
change_domain=0
if [ "$old_domain" != "$new_domain" ]
then
change_domain=1
fi
change_path=0
if [ "$old_path" != "$new_path" ]
then
change_path=1
fi
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# MODIFY URL IN NGINX CONF
#=================================================
ynh_script_progression --message="Updating NGINX web server configuration..." --weight=2
nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
# Change the path in the NGINX config file
if [ $change_path -eq 1 ]
then
# Make a backup of the original NGINX config file if modified
ynh_backup_if_checksum_is_different --file="$nginx_conf_path"
# Set global variables for NGINX helper
domain="$old_domain"
path_url="$new_path"
# Create a dedicated NGINX config
ynh_add_nginx_config
fi
# Change the domain for NGINX
if [ $change_domain -eq 1 ]
then
# Delete file checksum for the old conf file location
ynh_delete_file_checksum --file="$nginx_conf_path"
mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf
# Store file checksum for the new config file location
ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
fi
ynh_change_url_nginx_config
#=================================================
# SPECIFIC MODIFICATIONS
#=================================================
ynh_script_progression --message="Applying Nextcloud specific modifications..." --weight=2
ynh_script_progression --message="Applying $app specific modifications..." --weight=2
# Define a function to execute commands with `occ`
exec_occ() {
(cd "$final_path" && ynh_exec_as "$app" \
(cd "$install_dir" && ynh_exec_as "$app" \
php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi "$@")
}
@ -119,7 +41,7 @@ then
# Check if .well-known is available for this domain
if is_url_handled --domain="$new_domain" --path="/.well-known/caldav" || is_url_handled --domain="$new_domain" --path="/.well-known/carddav"
then
ynh_print_warn --message="Another app already uses the domain $new_domain to serve a caldav/carddav feature. You may encounter issues when dealing with your calendar or address book."
ynh_print_warn --message="Another app already uses the domain $new_domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book."
# Remove lines about .well-known/carddav and caldav with sed.
sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "/etc/nginx/conf.d/$new_domain.d/$app.conf"
@ -127,15 +49,6 @@ then
fi
fi
#=================================================
# GENERIC FINALISATION
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..."
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================

6
scripts/config
View file

@ -24,7 +24,7 @@ current_fpm_footprint=$(ynh_app_setting_get --app=$app --key=fpm_footprint)
get__maintenance_mode() {
# Maintenance mode status
maintenance_mode_status="$(cd "$final_path" && ynh_exec_as "$app" \
maintenance_mode_status="$(cd "$install_dir" && ynh_exec_as "$app" \
php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi maintenance:mode)" 2> /dev/null
if echo $maintenance_mode_status | grep -q "disabled"
then
@ -68,12 +68,12 @@ get__free_footprint() {
set__maintenance_mode() {
if [ "$maintenance_mode" -eq "0" ]; then
# If maintenance_mode was set to 0, disable maintenance mode
(cd "$final_path" && ynh_exec_as "$app" \
(cd "$install_dir" && ynh_exec_as "$app" \
php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi maintenance:mode --off)
ynh_print_info "Maintenance mode disabled"
elif [ "$maintenance_mode" -eq "1" ]; then
# If maintenance_mode was set to 1, enable maintenance mode
(cd "$final_path" && ynh_exec_as "$app" \
(cd "$install_dir" && ynh_exec_as "$app" \
php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi maintenance:mode --on)
ynh_print_info "Maintenance mode enabled"
fi

173
scripts/install
View file

@ -11,73 +11,29 @@ source /usr/share/yunohost/helpers
source _ynh_mysql_connect_as.sh
#=================================================
# MANAGE SCRIPT FAILURE
# STORE SETTINGS FROM MANIFEST
#=================================================
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================
domain=$YNH_APP_ARG_DOMAIN
path_url=$YNH_APP_ARG_PATH
admin=$YNH_APP_ARG_ADMIN
user_home=$YNH_APP_ARG_USER_HOME
is_public=$YNH_APP_ARG_IS_PUBLIC
phpversion=$YNH_PHP_VERSION
app=$YNH_APP_INSTANCE_NAME
#=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#=================================================
ynh_script_progression --message="Validating installation parameters..."
final_path=/var/www/$app
test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
# Register (book) web path
ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
# Check machine architecture (Nextcloud will soon deprecate 32-bit support)
if [ $YNH_ARCH == "i386" ] || [ $YNH_ARCH == "armhf" ]
then
ynh_print_warn --message="Nextcloud will soon deprecate 32-bit support. It is recommended to upgrade to a 64-bit architecture."
fi
maintenance_mode=0
fpm_footprint="high"
fpm_free_footprint=0
fpm_usage="medium"
phpflags="--define apc.enable_cli=1"
#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
ynh_script_progression --message="Storing installation settings..."
ynh_app_setting_set --app=$app --key=domain --value=$domain
ynh_app_setting_set --app=$app --key=path --value=$path_url
ynh_app_setting_set --app=$app --key=admin --value=$admin
ynh_app_setting_set --app=$app --key=user_home --value=$user_home
maintenance_mode=0
ynh_app_setting_set --app=$app --key=maintenance_mode --value=$maintenance_mode
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# INSTALL DEPENDENCIES
#=================================================
ynh_script_progression --message="Installing dependencies..." --weight=10
ynh_install_app_dependencies $pkg_dependencies
ynh_app_setting_set --app=$app --key=fpm_footprint --value=$fpm_footprint
ynh_app_setting_set --app=$app --key=fpm_free_footprint --value=$fpm_free_footprint
ynh_app_setting_set --app=$app --key=fpm_usage --value=$fpm_usage
ynh_app_setting_set --app=$app --key=phpflags --value=$phpflags
#=================================================
# CREATE A MYSQL DATABASE
#=================================================
ynh_script_progression --message="Creating a MySQL database..." --weight=2
db_name=$(ynh_sanitize_dbid --db_name=$app)
db_user=$db_name
ynh_app_setting_set --app=$app --key=db_name --value=$db_name
ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name
ynh_script_progression --message="Migrate MySQL database to utf8..." --weight=2
ynh_mysql_connect_as --user=$db_user --password="$db_pwd" --database=$db_name \
<<< "ALTER DATABASE $db_name CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;"
@ -85,7 +41,7 @@ ynh_mysql_connect_as --user=$db_user --password="$db_pwd" --database=$db_name \
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression --message="Setting up source files..."
ynh_script_progression --message="Setting up source files..." --weight=5
# Load the last available version
source upgrade.d/upgrade.last.sh
@ -99,37 +55,18 @@ SOURCE_FORMAT=tar.bz2
SOURCE_IN_SUBDIR=true
EOF
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
# Enable YunoHost patches on Nextcloud sources
cp -a ../sources/patches_last_version/* ../sources/patches
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$final_path"
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Configuring system user..." --weight=3
# Create a system user
ynh_system_user_create --username=$app
ynh_setup_source --dest_dir="$install_dir"
#=================================================
# PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring PHP-FPM..." --weight=50
fpm_footprint="high"
fpm_free_footprint=0
fpm_usage="medium"
ynh_app_setting_set --app=$app --key=fpm_footprint --value=$fpm_footprint
ynh_app_setting_set --app=$app --key=fpm_free_footprint --value=$fpm_free_footprint
ynh_app_setting_set --app=$app --key=fpm_usage --value=$fpm_usage
# Create a dedicated php-fpm config
ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint --phpversion=$YNH_PHP_VERSION
# Used by ynh_add_nginx_config
phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
# Create a dedicated PHP-FPM config
ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint
#=================================================
# NGINX CONFIGURATION
@ -139,7 +76,7 @@ ynh_script_progression --message="Configuring NGINX web server..." --weight=2
# Check if .well-known is available for this domain
if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav"
then
ynh_print_warn --message="Another app already uses the domain $domain to serve a caldav/carddav feature. You may encounter issues when dealing with your calendar or address book."
ynh_print_warn --message="Another app already uses the domain $domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book."
# Remove lines about .well-known/carddav and caldav with sed.
sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "../conf/nginx.conf"
@ -148,37 +85,23 @@ fi
# Create a dedicated NGINX config
ynh_add_nginx_config
#=================================================
# SPECIFIC SETUP
#=================================================
# CREATE THE DATA DIRECTORY
#=================================================
ynh_script_progression --message="Creating a data directory..." --weight=1
# Define app's data directory
datadir="/home/yunohost.app/$app/data"
ynh_app_setting_set --app=$app --key=datadir --value=$datadir
# Create app folders
mkdir -p "$datadir"
#=================================================
# INSTALL NEXTCLOUD
#=================================================
ynh_script_progression --message="Installing Nextcloud..." --weight=30
ynh_script_progression --message="Installing $app..." --weight=30
# Define a function to execute commands with `occ`
exec_occ() {
(cd "$final_path" && ynh_exec_as "$app" \
(cd "$install_dir" && ynh_exec_as "$app" \
php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi "$@")
}
# Set write access for the following commands
chown -R $app: "$final_path" "$datadir"
chown -R $app: "$install_dir" "$data_dir"
# Define password in an intermediate var
# The fact that it's called _password allows it to be
# picked up by Yunohost's auto-redact mecanism
# picked up by YunoHost's auto-redact mecanism
admin_password="$(ynh_string_random --length=6)"
# Install Nextcloud using a temporary admin user
@ -186,13 +109,13 @@ exec_occ maintenance:install \
--database "mysql" --database-name $db_name \
--database-user $db_user --database-pass "$db_pwd" \
--admin-user "admin" --admin-pass "$admin_password" \
--data-dir "$datadir" \
--data-dir "$data_dir/data" \
|| ynh_die --message="Unable to install Nextcloud"
#=================================================
# CONFIGURE NEXTCLOUD
#=================================================
ynh_script_progression --message="Configuring Nextcloud..." --weight=8
ynh_script_progression --message="Configuring $app..." --weight=8
# Set the mysql.utf8mb4 config to true in config.php
exec_occ config:system:set mysql.utf8mb4 --type boolean --value="true"
@ -205,7 +128,7 @@ exec_occ app:enable user_ldap
exec_occ ldap:create-empty-config
# Load the installation config file in Nextcloud
nc_conf="$final_path/config_install.json"
nc_conf="$install_dir/config_install.json"
ynh_add_config --template="../conf/config_install.json" --destination="$nc_conf"
exec_occ config:import "$nc_conf"
@ -214,7 +137,7 @@ exec_occ config:import "$nc_conf"
ynh_secure_remove --file="$nc_conf"
# Load the additional config file (used also for upgrade)
nc_conf="$final_path/config.json"
nc_conf="$install_dir/config.json"
ynh_add_config --template="../conf/config.json" --destination="$nc_conf"
exec_occ config:import "$nc_conf"
@ -240,7 +163,7 @@ create_external_storage() {
local datadir="$1"
local mount_name="$2"
local mount_id=`exec_occ files_external:create --output=json \
"$mount_name" 'local' 'null::null' -c "datadir=$datadir" || true`
"$mount_name" 'local' 'null::null' -c "datadir=$data_dir/data" || true`
! [[ $mount_id =~ ^[0-9]+$ ]] \
&& ynh_print_warn --message="Unable to create external storage" \
|| exec_occ files_external:option "$mount_id" enable_sharing true
@ -269,7 +192,7 @@ exec_occ config:system:get logout_url >/dev/null 2>&1 \
\$main_domain = exec('cat /etc/yunohost/current_host');
\$CONFIG['logout_url'] = 'https://'.\$main_domain.'/yunohost/sso/?action=logout';
//-YunoHost-
" >> "$final_path/config/config.php"
" >> "$install_dir/config/config.php"
#=================================================
# CHANGE HOSTNAME FOR ACTIVITY NOTIFICATIONS
@ -292,7 +215,7 @@ exec_occ user:delete admin
#=================================================
# Calculate and store the config file checksum into the app settings
ynh_store_file_checksum --file="$final_path/config/config.php"
ynh_store_file_checksum --file="$install_dir/config/config.php"
#=================================================
# ADD A CRON JOB
@ -334,23 +257,23 @@ ynh_multimedia_addaccess $app
#=================================================
# Fix app ownerships & permissions
chown -R $app:www-data "$final_path"
chown -R $app: "$datadir"
find $final_path/ -type f -print0 | xargs -r0 chmod 0644
find $final_path/ -type d -print0 | xargs -r0 chmod 0755
find $datadir/ -type f -print0 | xargs -r0 chmod 0640
find $datadir/ -type d -print0 | xargs -r0 chmod 0750
chmod 640 "$final_path/config/config.php"
chown -R $app:www-data "$install_dir"
chown -R $app: "$data_dir"
find $install_dir/ -type f -print0 | xargs -r0 chmod 0644
find $install_dir/ -type d -print0 | xargs -r0 chmod 0755
find $data_dir/data/ -type f -print0 | xargs -r0 chmod 0640
find $data_dir/data/ -type d -print0 | xargs -r0 chmod 0750
chmod 640 "$install_dir/config/config.php"
chmod 755 /home/yunohost.app
chmod 750 $final_path
chmod 750 $install_dir
#=================================================
# SETUP LOGROTATE
#=================================================
ynh_script_progression --message="Configuring log rotation..."
ynh_script_progression --message="Configuring log rotation..." --weight=1
# Use logrotate to manage application logfile(s)
ynh_use_logrotate --logfile="$datadir/nextcloud.log"
ynh_use_logrotate --logfile="$data_dir/data/nextcloud.log"
#=================================================
# SETUP FAIL2BAN
@ -358,27 +281,7 @@ ynh_use_logrotate --logfile="$datadir/nextcloud.log"
ynh_script_progression --message="Configuring Fail2Ban..." --weight=8
# Create a dedicated Fail2Ban config
ynh_add_fail2ban_config --logpath="/home/yunohost.app/$app/data/nextcloud.log" --failregex="^.*Login failed: '.*' \(Remote IP: '<HOST>'.*$" --max_retry=5
#=================================================
# SETUP SSOWAT
#=================================================
ynh_script_progression --message="Configuring permissions..."
# Make app public if necessary
if [ $is_public -eq 1 ]
then
ynh_permission_update --permission="main" --add="visitors"
fi
ynh_permission_create --permission="api" --label="api" --url="re:$domain\/.well-known\/.*" --allowed="visitors" "all_users" --auth_header="false" --show_tile="false" --protected="true"
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..."
ynh_systemd_action --service_name=nginx --action=reload
ynh_add_fail2ban_config --logpath="$data_dir/data/nextcloud.log" --failregex="^.*Login failed: '.*' \(Remote IP: '<HOST>'.*$" --max_retry=5
#=================================================
# END OF SCRIPT

90
scripts/remove
View file

@ -10,117 +10,35 @@ source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
# REMOVE SYSTEM CONFIGURATIONS
#=================================================
ynh_script_progression --message="Loading installation settings..." --weight=2
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user=$db_name
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
# REMOVE SYSTEMD SERVICE
#=================================================
# STANDARD REMOVE
#=================================================
# REMOVE DEPENDENCIES
#=================================================
ynh_script_progression --message="Removing dependencies..." --weight=20
# Remove metapackage and its dependencies
ynh_remove_app_dependencies
#=================================================
# REMOVE THE MYSQL DATABASE
#=================================================
ynh_script_progression --message="Removing the MySQL database..." --weight=5
# Remove a database if it exists, along with the associated user
ynh_mysql_remove_db --db_user=$db_user --db_name=$db_name
#=================================================
# REMOVE APP MAIN DIR
#=================================================
ynh_script_progression --message="Removing app main directory..." --weight=3
# Remove the app directory securely
ynh_secure_remove --file="$final_path"
#=================================================
# REMOVE DATA DIR
#=================================================
# Remove the data directory if --purge option is used
if [ "${YNH_APP_PURGE:-0}" -eq 1 ]
then
ynh_script_progression --message="Removing app data directory..." --weight=1
ynh_secure_remove --file="$datadir"
fi
#=================================================
# REMOVE NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Removing NGINX web server configuration..."
ynh_script_progression --message="Removing system configurations related to $app..." --weight=5
# Remove the dedicated NGINX config
ynh_remove_nginx_config
#=================================================
# REMOVE PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Removing PHP-FPM configuration..." --weight=2
# Remove the dedicated PHP-FPM config
ynh_remove_fpm_config
#=================================================
# REMOVE LOGROTATE CONFIGURATION
#=================================================
ynh_script_progression --message="Removing logrotate configuration..."
# Remove the app-specific logrotate config
ynh_remove_logrotate
#=================================================
# REMOVE FAIL2BAN CONFIGURATION
#=================================================
ynh_script_progression --message="Removing Fail2Ban configuration..." --weight=8
# Remove the dedicated Fail2Ban config
ynh_remove_fail2ban_config
#=================================================
# SPECIFIC REMOVE
#=================================================
# REMOVE THE CRON FILE
#=================================================
# Remove a cron file
# TODO: Ensure that cron job is not running (How !?)
ynh_secure_remove --file="/etc/cron.d/$app"
#=================================================
# CLEAN ACL IN HOME DIRECTORIES
#=================================================
# Cleaning ACL in home directories
for i in $(ls /home); do
# Clean ACL in every directories in /home, except those which start with 'yunohost.'
[[ ! $i == yunohost.* ]] \
&& setfacl --remove g:$app:rwx 2>&1
done
#=================================================
# GENERIC FINALIZATION
#=================================================
# REMOVE DEDICATED USER
#=================================================
ynh_script_progression --message="Removing the dedicated system user..."
# Delete a system user
ynh_system_user_delete --username=$app
#=================================================
# END OF SCRIPT
#=================================================

88
scripts/restore
View file

@ -10,39 +10,6 @@ source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
source ../settings/scripts/_ynh_mysql_connect_as.sh
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading settings..."
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app=$app --key=path)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user=$db_name
phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
fpm_footprint=$(ynh_app_setting_get --app=$app --key=fpm_footprint)
fpm_usage=$(ynh_app_setting_get --app=$app --key=fpm_usage)
#=================================================
# CHECK IF THE APP CAN BE RESTORED
#=================================================
ynh_script_progression --message="Validating restoration parameters..." --weight=4
test ! -d $final_path \
|| ynh_die --message="There is already a directory: $final_path "
#=================================================
# STANDARD RESTORATION STEPS
#=================================================
@ -50,38 +17,15 @@ test ! -d $final_path \
#=================================================
ynh_script_progression --message="Restoring the app main directory..."
ynh_restore_file --origin_path="$final_path"
ynh_restore_file --origin_path="$install_dir"
#=================================================
# RESTORE THE MYSQL DATABASE
#=================================================
ynh_script_progression --message="Restoring the MySQL database..." --weight=9
db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd)
ynh_mysql_setup_db --db_user=$db_name --db_name=$db_name --db_pwd=$db_pwd
ynh_mysql_connect_as --user=$db_name --password="$db_pwd" --database=$db_name \
<<< "ALTER DATABASE $db_name CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;"
ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name --default_character_set="utf8mb4" < ./db.sql
#=================================================
# RECREATE THE DEDICATED USER
#=================================================
ynh_script_progression --message="Recreating the dedicated system user..." --weight=3
# Create the dedicated user (if not existing)
ynh_system_user_create --username=$app
#=================================================
# SPECIFIC RESTORATION
#=================================================
# REINSTALL DEPENDENCIES
#=================================================
ynh_script_progression --message="Reinstalling dependencies..." --weight=10
# Define and install dependencies
ynh_install_app_dependencies $pkg_dependencies
#=================================================
# RESTORE THE PHP-FPM CONFIGURATION
#=================================================
@ -102,9 +46,9 @@ ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
# Check if .well-known is available for this domain
if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav"
then
ynh_print_warn --message="Another app already uses the domain $domain to serve a caldav/carddav feature. You may encounter issues when dealing with your calendar or address book."
ynh_print_warn --message="Another app already uses the domain $domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book."
# Remove lines about .well-known/carddav and caldav with sed.
# Remove lines about .well-known/CardDAV and CalDAV with sed.
sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "/etc/nginx/conf.d/$domain.d/$app.conf"
fi
@ -128,29 +72,27 @@ ynh_restore_file --origin_path="/etc/logrotate.d/$app"
ynh_script_progression --message="Restoring data directory..." --weight=2
# Use --not_mandatory for the data directory, because if the backup has been made with BACKUP_CORE_ONLY, there's no data into the backup.
ynh_restore_file --origin_path="$datadir" --not_mandatory
mkdir -p "$datadir"
ynh_restore_file --origin_path="$data_dir" --not_mandatory
#=================================================
# RESTORE USER RIGHTS
#=================================================
# Fix app ownerships & permissions
chown -R $app:www-data "$final_path"
chown -R $app: "$datadir"
find $final_path/ -type f -print0 | xargs -r0 chmod 0644
find $final_path/ -type d -print0 | xargs -r0 chmod 0755
find $datadir/ -type f -print0 | xargs -r0 chmod 0640
find $datadir/ -type d -print0 | xargs -r0 chmod 0750
chmod 640 "$final_path/config/config.php"
chown -R $app:www-data "$install_dir"
chown -R $app: "$data_dir"
find $install_dir/ -type f -print0 | xargs -r0 chmod 0644
find $install_dir/ -type d -print0 | xargs -r0 chmod 0755
find $data_dir/data/ -type f -print0 | xargs -r0 chmod 0640
find $data_dir/data/ -type d -print0 | xargs -r0 chmod 0750
chmod 640 "$install_dir/config/config.php"
chmod 755 /home/yunohost.app
chmod 750 $final_path
chmod 750 $install_dir
# Iterate over users to extend their home folder permissions - for the external
# storage plugin usage - and create relevant Nextcloud directories
for u in $(ynh_user_list); do
mkdir -p "$datadir/$u"
mkdir -p "$data_dir/$u"
setfacl --modify g:$app:rwx "/home/$u" || true
done
@ -172,8 +114,8 @@ ynh_script_progression --message="Restoring the Fail2Ban configuration..." --wei
ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf"
ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf"
# Make sure a log file exists (mostly for CI tests)
logfile="/home/yunohost.app/$app/data/nextcloud.log"
# Make sure a log file exists (mostly for CI tests)
logfile="$data_dir/data/nextcloud.log"
if [ ! -f "$logfile" ]; then
touch "$logfile"
chown $app: "$logfile"

192
scripts/upgrade
View file

@ -9,97 +9,48 @@
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..." --weight=3
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app=$app --key=path)
admin=$(ynh_app_setting_get --app=$app --key=admin)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user=$db_name
user_home=$(ynh_app_setting_get --app=$app --key=user_home)
maintenance_mode=$(ynh_app_setting_get --app=$app --key=maintenance_mode)
fpm_footprint=$(ynh_app_setting_get --app=$app --key=fpm_footprint)
fpm_usage=$(ynh_app_setting_get --app=$app --key=fpm_usage)
#=================================================
# CHECK VERSION
#=================================================
upgrade_type=$(ynh_check_app_version_changed)
# Check machine architecture (Nextcloud will soon deprecate 32-bit support)
if [ $YNH_ARCH == "i386" ] || [ $YNH_ARCH == "armhf" ]
then
ynh_print_warn --message="Nextcloud will soon deprecate 32-bit support. It is recommended to upgrade to a 64-bit architecture."
fi
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
ynh_script_progression --message="Ensuring downward compatibility..."
# If db_name doesn't exist, create it
if [ -z "$db_name" ]; then
db_name=$(ynh_sanitize_dbid --db_name=$app)
ynh_app_setting_set --app=$app --key=db_name --value=$db_name
fi
# If final_path doesn't exist, create it
if [ -z "$final_path" ]; then
final_path=/var/www/$app
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
fi
# If datadir doesn't exist, create it
if [ -z "$datadir" ]; then
datadir=/home/yunohost.app/$app
ynh_app_setting_set --app=$app --key=datadir --value=$datadir
fi
# Remove the option backup_core_only if it's in the settings.yml file
ynh_app_setting_delete --app=$app --key=backup_core_only
# If maintenance_mode doesn't exist, create it
if [ -z "$maintenance_mode" ]; then
if [ -z "${maintenance_mode:-}" ]; then
maintenance_mode=0
ynh_app_setting_set --app=$app --key=maintenance_mode --value=$maintenance_mode
fi
# If fpm_footprint doesn't exist, create it
if [ -z "$fpm_footprint" ]; then
if [ -z "${fpm_footprint:-}" ]; then
fpm_footprint=high
ynh_app_setting_set --app=$app --key=fpm_footprint --value=$fpm_footprint
fi
# If fpm_free_footprint doesn't exist, create it
if [ -z "$fpm_free_footprint" ]; then
if [ -z "${fpm_free_footprint:-}" ]; then
fpm_free_footprint=0
ynh_app_setting_set --app=$app --key=fpm_free_footprint --value=$fpm_free_footprint
fi
# If fpm_usage doesn't exist, create it
if [ -z "$fpm_usage" ]; then
if [ -z "${fpm_usage:-}" ]; then
fpm_usage=medium
ynh_app_setting_set --app=$app --key=fpm_usage --value=$fpm_usage
fi
# Cleaning legacy permissions
if ynh_legacy_permissions_exists; then
ynh_legacy_permissions_delete_all
ynh_app_setting_delete --app=$app --key=is_public
fi
# Create a permission if needed
if ! ynh_permission_exists --permission="api"; then
ynh_permission_create --permission="api" --label="api" --url="re:$domain\/.well-known\/.*" --allowed="visitors" "all_users" --auth_header="false" --show_tile="false" --protected="true"
# If phpflags doesn't exist, create it
if [ -z "${phpflags:-}" ]; then
phpflags="--define apc.enable_cli=1"
ynh_app_setting_set --app=$app --key=phpflags --value=$phpflags
fi
# Delete existing ini configuration file (backward compatibility)
@ -107,61 +58,6 @@ if [ -f /etc/php/$YNH_PHP_VERSION/fpm/conf.d/20-$app.ini ]; then
ynh_secure_remove --file=/etc/php/$YNH_PHP_VERSION/fpm/conf.d/20-$app.ini
fi
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=30
# Made a backup only after the version 11.0.0
# Before, the datas will be always saved.
# Get the current version number of nextcloud/owncloud
current_version=$(grep OC_VersionString "$final_path/version.php" | cut -d\' -f2)
current_major_version=${current_version%%.*}
if [ $current_major_version -gt 11 ]
then
# Inform the backup/restore process that it should not save the data directory
# Use only for the previous backup script that doesn't set 'is_big'
ynh_app_setting_set --app=$app --key=backup_core_only --value=1
# Backup the current version of the app
ynh_backup_before_upgrade
# Remove the option backup_core_only after the backup.
ynh_app_setting_delete $app backup_core_only
ynh_clean_setup () {
# restore it if the upgrade fails
ynh_restore_upgradebackup
}
fi
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
if ynh_legacy_permissions_exists; then
ynh_legacy_permissions_delete_all
ynh_permission_create --permission="api" --label="api" --url="re:$domain\/.well-known\/.*" --allowed="visitors" "all_users" --auth_header="false" --show_tile="false" --protected="true"
fi
#=================================================
# UPGRADE DEPENDENCIES
#=================================================
ynh_script_progression --message="Upgrading dependencies..." --weight=7
ynh_install_app_dependencies $pkg_dependencies
#=================================================
# STANDARD UPGRADE STEPS
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Making sure dedicated system user exists..."
# Create a dedicated user (if not existing)
ynh_system_user_create --username=$app
#=================================================
# PHP-FPM CONFIGURATION
#=================================================
@ -170,8 +66,6 @@ ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=2
# Recreate a dedicated PHP-FPM config
ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint
phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
#=================================================
# NGINX CONFIGURATION
#=================================================
@ -189,7 +83,7 @@ ynh_systemd_action --service_name=nginx --action=reload --line_match="Reloaded"
# Check if .well-known is available for this domain
if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav"
then
ynh_print_warn --message="Another app already uses the domain $domain to serve a caldav/carddav feature. You may encounter issues when dealing with your calendar or address book."
ynh_print_warn --message="Another app already uses the domain $domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book."
# Remove lines about .well-known/carddav and caldav with sed.
sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "../conf/nginx.conf"
@ -205,19 +99,25 @@ ynh_add_nginx_config
# VERSION TO THE NEXT ONE
#=================================================
current_version=$(grep OC_VersionString "$install_dir/version.php" | cut -d\' -f2)
current_major_version=${current_version%%.*}
# Define a function to execute commands with `occ`
exec_occ() {
# Backward compatibility to upgrade from older versions
if [ $current_major_version = "last" ] || [ $current_major_version -ge 24 ]
if [ $current_major_version = "last" ] || [ $current_major_version -ge 26 ]
then
NEXTCLOUD_PHP_VERSION=$phpversion
elif [ $current_major_version -ge 15 ]
elif [ $current_major_version -ge 25 ]
then
NEXTCLOUD_PHP_VERSION="8.1"
elif [ $current_major_version -ge 18 ]
then
NEXTCLOUD_PHP_VERSION="7.4"
else
NEXTCLOUD_PHP_VERSION="7.0"
NEXTCLOUD_PHP_VERSION="7.1"
fi
(cd "$final_path" && ynh_exec_as "$app" \
(cd "$install_dir" && ynh_exec_as "$app" \
php$NEXTCLOUD_PHP_VERSION --define apc.enable_cli=1 occ --no-interaction --no-ansi "$@")
}
@ -227,13 +127,11 @@ create_external_storage() {
local datadir="$1"
local mount_name="$2"
local mount_id=$(exec_occ files_external:create --output=json \
"$mount_name" 'local' 'null::null' -c "datadir=$datadir" || true)
"$mount_name" 'local' 'null::null' -c "datadir=$data_dir/data" || true)
! [[ $mount_id =~ ^[0-9]+$ ]] \
&& ynh_print_warn --message="Unable to create external storage" \
|| exec_occ files_external:option "$mount_id" enable_sharing true
}
# Define app's data directory
datadir="/home/yunohost.app/$app/data"
if [ "$upgrade_type" == "UPGRADE_APP" ]
then
@ -246,7 +144,7 @@ then
last_major_version=${last_version%%.*}
# Set write access for the following commands
chown -R $app: "$final_path" "$datadir"
chown -R $app: "$install_dir" "$data_dir"
# Print the current version number of Nextcloud
exec_occ -V
@ -297,7 +195,7 @@ then
# Load the value for this version
source upgrade.d/upgrade.$current_major_version.sh
ynh_print_info --message="Upgrade to nextcloud $next_version"
ynh_print_info --message="Upgrade to Nextcloud $next_version"
# Create an app.src for this version of Nextcloud
cat > ../conf/app.src << EOF
@ -318,13 +216,13 @@ EOF
exec_occ maintenance:mode --on
# Backup the config file in the temp dir
cp -a "$final_path/config/config.php" "$tmpdir/config/config.php"
cp -a "$install_dir/config/config.php" "$tmpdir/config/config.php"
# Backup 3rd party applications from the current Nextcloud
# But do not overwrite if there is any upgrade
# (apps directory already exists in Nextcloud archive)
(
cd $final_path/apps
cd $install_dir/apps
for nc_app_dir in */
do
if [ ! -d "$tmpdir/apps/$nc_app_dir" ]
@ -334,13 +232,13 @@ EOF
done
)
# Replace the old nextcloud by the new one
ynh_secure_remove --file="$final_path"
mv "$tmpdir" "$final_path"
# Replace the old Nextcloud by the new one
ynh_secure_remove --file="$install_dir"
mv "$tmpdir" "$install_dir"
ynh_secure_remove --file="$tmpdir"
# Set write access for the following commands
chown -R $app: "$final_path" "$datadir"
chown -R $app: "$install_dir" "$data_dir"
# Upgrade Nextcloud (SUCCESS = 0, UP_TO_DATE = 3)
exec_occ maintenance:mode --off
@ -348,10 +246,10 @@ EOF
|| [ $? -eq 3 ] || ynh_die --message="Unable to upgrade Nextcloud"
# Get the new current version number
current_version=$(grep OC_VersionString "$final_path/version.php" | cut -d\' -f2)
current_version=$(grep OC_VersionString "$install_dir/version.php" | cut -d\' -f2)
current_major_version=${current_version%%.*}
# Print the current version number of nextcloud
# Print the current version number of Nextcloud
exec_occ -V
done
@ -366,9 +264,9 @@ EOF
ynh_script_progression --message="Reconfiguring Nextcloud..." --weight=9
# Verify the checksum and backup the file if it's different
ynh_backup_if_checksum_is_different --file="$final_path/config/config.php"
ynh_backup_if_checksum_is_different --file="$install_dir/config/config.php"
nc_conf="${final_path}/config.json"
nc_conf="${install_dir}/config.json"
ynh_add_config --template="../conf/config.json" --destination="$nc_conf"
# Reneable the mail app
@ -382,6 +280,9 @@ EOF
# Enable LDAP plugin
exec_occ app:enable user_ldap
# Update all installed apps
exec_occ app:update --all
# Load the config file in nextcloud
exec_occ config:import "$nc_conf"
@ -400,7 +301,7 @@ EOF
\$main_domain = exec('cat /etc/yunohost/current_host');
\$CONFIG['logout_url'] = 'https://'.\$main_domain.'/yunohost/sso/?action=logout';
//-YunoHost-
" >> "$final_path/config/config.php"
" >> "$install_dir/config/config.php"
#=================================================
# CHANGE HOSTNAME FOR ACTIVITY NOTIFICATIONS
@ -429,7 +330,7 @@ EOF
#=================================================
# Calculate and store the config file checksum into the app settings
ynh_store_file_checksum --file="${final_path}/config/config.php"
ynh_store_file_checksum --file="${install_dir}/config/config.php"
fi
#=================================================
@ -450,15 +351,15 @@ exec_occ background:cron
#=================================================
# Fix app ownerships & permissions
chown -R $app:www-data "$final_path"
chown -R $app: "$datadir"
find $final_path/ -type f -print0 | xargs -r0 chmod 0644
find $final_path/ -type d -print0 | xargs -r0 chmod 0755
find $datadir/ -type f -print0 | xargs -r0 chmod 0640
find $datadir/ -type d -print0 | xargs -r0 chmod 0750
chmod 640 "$final_path/config/config.php"
chown -R $app:www-data "$install_dir"
chown -R $app: "$data_dir"
find $install_dir/ -type f -print0 | xargs -r0 chmod 0644
find $install_dir/ -type d -print0 | xargs -r0 chmod 0755
find $data_dir/data/ -type f -print0 | xargs -r0 chmod 0640
find $data_dir/data/ -type d -print0 | xargs -r0 chmod 0750
chmod 640 "$install_dir/config/config.php"
chmod 755 /home/yunohost.app
chmod 750 $final_path
chmod 750 $install_dir
#=================================================
# WARNING ABOUT THIRD-PARTY APPS
@ -492,9 +393,8 @@ ynh_add_fail2ban_config --logpath="/home/yunohost.app/$app/data/nextcloud.log" -
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server and PHP-FPM..."
ynh_script_progression --message="Reloading PHP-FPM..." --weight=2
ynh_systemd_action --service_name=nginx --action=reload
ynh_systemd_action --service_name="php${phpversion}-fpm" --action=reload
#=================================================

4
scripts/upgrade.d/upgrade.last.sh
View file

@ -1,7 +1,7 @@
#!/bin/bash
# Last available Nextcloud version
next_version="27.1.2"
next_version="27.1.3"
# Nextcloud tarball checksum sha256
nextcloud_source_sha256="0742b247aaee0b7044db0062f0a914aa77338c7a7d8fe7da0917147d76689721"
nextcloud_source_sha256="1d614935245e4a375b4ac991c02f323592b753972f86f88763fd80ed7d275793"

11
tests.toml Normal file
View file

@ -0,0 +1,11 @@
test_format = 1.0
[default]
# -------------------------------
# Commits to test upgrade from
# -------------------------------
test_upgrade_from.c5cf91ad.name = "Upgrade from 25.0.2"
test_upgrade_from.caf917f3.name = "Upgrade from 26.0.2"