From c046535b4eb0aa402601e090c44a7be07763e4a5 Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Sun, 24 Jun 2018 19:20:13 +0200 Subject: [PATCH 1/6] Don't use /tmp anymore --- scripts/upgrade | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/scripts/upgrade b/scripts/upgrade index 6c54ca5..ab91500 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -189,7 +189,7 @@ do ynh_replace_string "__SHA256_SUM__" "$nextcloud_source_sha256" "../conf/app.src" # Create a temporary directory - tmpdir=$(mktemp -d) + tmpdir="${final_path}_temp_upgrade_dir" # Install the next nextcloud version in $tmpdir ynh_setup_source "$tmpdir" @@ -208,6 +208,7 @@ do # Replace the old nextcloud by the new one ynh_secure_remove "$final_path" mv "$tmpdir" "$final_path" + ynh_secure_remove "$tmpdir" # Set write access for the following commands chown -R $app: "$final_path" "$datadir" From 30c19929cbcad3443c67d410e816b30026f659a2 Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Wed, 29 Aug 2018 21:07:53 +0200 Subject: [PATCH 2/6] Add a new helper to create temporary directory --- scripts/_common.sh | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/scripts/_common.sh b/scripts/_common.sh index 7ce131e..77b2812 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -356,3 +356,27 @@ ynh_multimedia_addaccess () { groupadd -f multimedia usermod -a -G multimedia $user_name } + +ynh_smart_mktemp () { + local min_size="${1:-300}" + # Transform the minimum size from megabytes to kilobytes + min_size=$(( $min_size * 1024 )) + + # Check if there's enough free space in a directory + is_there_enough_space () { + local free_space=$(df --output=avail "$1" | sed 1d) + test $free_space -ge $min_size + } + + if is_there_enough_space /tmp; then + local tmpdir=/tmp + elif is_there_enough_space /var; then + local tmpdir=/var + elif is_there_enough_space /; then + local tmpdir=/ + elif is_there_enough_space /home; then + local tmpdir=/home + fi + + echo "$(sudo mktemp --directory --tmpdir="$tmpdir")" +} From 87d92b35a02e5c929c4b57d59e6d61da22da7222 Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Wed, 29 Aug 2018 21:10:08 +0200 Subject: [PATCH 3/6] Use ynh_smart_mktemp --- scripts/upgrade | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/upgrade b/scripts/upgrade index ab91500..44327db 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -189,7 +189,7 @@ do ynh_replace_string "__SHA256_SUM__" "$nextcloud_source_sha256" "../conf/app.src" # Create a temporary directory - tmpdir="${final_path}_temp_upgrade_dir" + tmpdir="$(ynh_smart_mktemp 300)" # Install the next nextcloud version in $tmpdir ynh_setup_source "$tmpdir" From d76dc401512c378649918b4a7c6d0c372d3c7e5a Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Fri, 21 Sep 2018 23:32:02 +0200 Subject: [PATCH 4/6] ynh_die if no free space --- scripts/_common.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/scripts/_common.sh b/scripts/_common.sh index 77b2812..1e2bd82 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -376,6 +376,8 @@ ynh_smart_mktemp () { local tmpdir=/ elif is_there_enough_space /home; then local tmpdir=/home + else + ynh_die "Insufficient free space to continue..." fi echo "$(sudo mktemp --directory --tmpdir="$tmpdir")" From 94087e89d51dae733994c9b2495410566a0fd1bb Mon Sep 17 00:00:00 2001 From: Jimmy Monin Date: Thu, 7 Feb 2019 21:38:17 +0100 Subject: [PATCH 5/6] Upgrade to upstream version 15.0.4 --- README.md | 2 +- manifest.json | 2 +- scripts/upgrade.d/upgrade.last.sh | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 146d35d..865fc0c 100644 --- a/README.md +++ b/README.md @@ -5,7 +5,7 @@ Nextcloud for YunoHost own data. A personal cloud which run on your own server. With Nextcloud you can synchronize your files over your devices. -**Shipped version:** 15.0.2 +**Shipped version:** 15.0.4 [![Install Nextcloud with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=nextcloud) ![](https://raw.githubusercontent.com/nextcloud/screenshots/master/files/Files%20Overview.png) diff --git a/manifest.json b/manifest.json index 568d011..43bf976 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "Access & share your files, calendars, contacts, mail & more from any device, on your terms", "fr": "Consultez et partagez vos fichiers, agendas, carnets d'adresses, emails et bien plus depuis les appareils de votre choix, sous vos conditions" }, - "version": "15.0.2~ynh1", + "version": "15.0.4~ynh1", "url": "https://nextcloud.com", "license": "AGPL-3.0", "maintainer": { diff --git a/scripts/upgrade.d/upgrade.last.sh b/scripts/upgrade.d/upgrade.last.sh index 1a77d52..80d65dd 100755 --- a/scripts/upgrade.d/upgrade.last.sh +++ b/scripts/upgrade.d/upgrade.last.sh @@ -1,10 +1,10 @@ #!/bin/bash # Last available nextcloud version -next_version="15.0.2" +next_version="15.0.4" # Nextcloud tarball checksum sha256 -nextcloud_source_sha256="c1f4cc33e39994ddbe6777370b62c30b7ae52136a0530c0b9922770803ca0fea" +nextcloud_source_sha256="f87db047c174f563e391a22c959d9ace767ca14ef0f97fc394f3061fc63d8f77" # This function will only be executed upon applying the last upgrade referenced above last_upgrade_operations () { From c3480daae60f402982754c152c4e663616d977a6 Mon Sep 17 00:00:00 2001 From: Jimmy Monin Date: Thu, 7 Feb 2019 21:41:32 +0100 Subject: [PATCH 6/6] Adapt nginx configuration to avoid double headers due to core change (https://github.com/YunoHost/yunohost/commit/8cb029a55e471e1ece3a8a2d7bba00975a6f2d17) --- conf/nginx.conf | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/conf/nginx.conf b/conf/nginx.conf index 1691095..2e085c9 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -13,23 +13,23 @@ location ^~ __PATH__ { } # Add headers to serve security related headers - add_header Strict-Transport-Security "max-age=15768000;"; - add_header X-Content-Type-Options nosniff; - add_header X-XSS-Protection "1; mode=block"; - add_header X-Robots-Tag none; - add_header X-Download-Options noopen; - add_header X-Permitted-Cross-Domain-Policies none; - add_header Referrer-Policy no-referrer; + more_set_headers "Strict-Transport-Security: max-age=15768000"; + more_set_headers "X-Content-Type-Options: nosniff"; + more_set_headers "X-XSS-Protection: 1; mode=block"; + more_set_headers "X-Robots-Tag: none"; + more_set_headers "X-Download-Options: noopen"; + more_set_headers "X-Permitted-Cross-Domain-Policies: none"; + more_set_headers "Referrer-Policy: no-referrer"; # Set max upload size client_max_body_size 10G; fastcgi_buffers 64 4K; - + # Extend timeouts client_body_timeout 60m; proxy_read_timeout 60m; fastcgi_read_timeout 60m; - + # Disable gzip to avoid the removal of the ETag header gzip off; @@ -78,15 +78,15 @@ location ^~ __PATH__ { # Adding the cache control header for js and css files location ~* \.(?:css|js)$ { - add_header Cache-Control "public, max-age=7200"; + more_set_headers "Cache-Control: public, max-age=7200"; # Add headers to serve security related headers - add_header Strict-Transport-Security "max-age=15768000;"; - add_header X-Content-Type-Options nosniff; - add_header X-XSS-Protection "1; mode=block"; - add_header X-Robots-Tag none; - add_header X-Download-Options noopen; - add_header X-Permitted-Cross-Domain-Policies none; - add_header Referrer-Policy no-referrer; + more_set_headers "Strict-Transport-Security: max-age=15768000"; + more_set_headers "X-Content-Type-Options: nosniff"; + more_set_headers "X-XSS-Protection: 1; mode=block"; + more_set_headers "X-Robots-Tag: none"; + more_set_headers "X-Download-Options: noopen"; + more_set_headers "X-Permitted-Cross-Domain-Policies: none"; + more_set_headers "Referrer-Policy: no-referrer"; # Optional: Don't log access to assets access_log off;