From b68a54032669f782839727f7a2e18f88a69c7c2c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Sun, 4 Feb 2024 18:08:04 +0100 Subject: [PATCH 01/11] fix maintenance window start time configured warning --- conf/config.json | 1 + 1 file changed, 1 insertion(+) diff --git a/conf/config.json b/conf/config.json index 1cd7f95..6e4790c 100644 --- a/conf/config.json +++ b/conf/config.json @@ -14,6 +14,7 @@ "hashing_default_password": true, "localstorage.allowsymlinks": true, "simpleSignUpLink.shown": false, + "maintenance_window_start": 1, "mail_smtpmode": "smtp", "mail_smtpport": "25", "mail_smtpauth": 1, From 5b967e7b254ba668a56b7a8bf25907f3d2ca4bac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Sun, 4 Feb 2024 18:09:10 +0100 Subject: [PATCH 02/11] Update manifest.toml --- manifest.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifest.toml b/manifest.toml index 1ba8ce6..0f141b8 100644 --- a/manifest.toml +++ b/manifest.toml @@ -5,7 +5,7 @@ name = "Nextcloud" description.en = "Online storage, file sharing platform and various other applications" description.fr = "Stockage en ligne, plateforme de partage de fichiers et diverses autres applications" -version = "28.0.2~ynh1" +version = "28.0.2~ynh2" maintainers = ["kay0u"] From 913947186b7d604f661bbce8e16a2cc06a5ff416 Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Sun, 4 Feb 2024 17:09:16 +0000 Subject: [PATCH 03/11] Auto-update README --- README.md | 2 +- README_fr.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 8d429f4..318910a 100644 --- a/README.md +++ b/README.md @@ -29,7 +29,7 @@ In addition to Nextcloud core features, the following are made available with th * Serve `/.well-known` paths for CalDAV and CardDAV on the domain only if it's not already served - i.e. by Baïkal -**Shipped version:** 28.0.2~ynh1 +**Shipped version:** 28.0.2~ynh2 **Demo:** https://demo.nextcloud.com/ diff --git a/README_fr.md b/README_fr.md index daedd3d..1f9ad1d 100644 --- a/README_fr.md +++ b/README_fr.md @@ -29,7 +29,7 @@ En plus des fonctionnalités principales de Nextcloud, les fonctionnalités suiv * Utilise l'adresse `/.well-known` pour la synchronisation CalDAV et CardDAV du domaine si aucun autre service ne l'utilise déjà - par exemple, Baïkal -**Version incluse :** 28.0.2~ynh1 +**Version incluse :** 28.0.2~ynh2 **Démo :** https://demo.nextcloud.com/ From 43c5bab777ce7ca455a212635a3c800748b6ea84 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Tue, 27 Feb 2024 22:04:34 +0100 Subject: [PATCH 04/11] HSTS is already set by the core --- conf/nginx.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/conf/nginx.conf b/conf/nginx.conf index 369c117..3fc37b7 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -55,7 +55,7 @@ location ^~ __PATH__/ { client_body_buffer_size 512k; # HTTP response headers borrowed from Nextcloud `.htaccess` - more_set_headers "Strict-Transport-Security: max-age=15768000; includeSubDomains; preload;"; + #more_set_headers "Strict-Transport-Security: max-age=15768000; includeSubDomains; preload;"; more_set_headers "Referrer-Policy: no-referrer"; more_set_headers "X-Content-Type-Options: nosniff"; more_set_headers "X-Download-Options: noopen"; From 166f3e6546502ea0b1d3ff65dc68ad2ef0f5bfae Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Tue, 27 Feb 2024 21:04:43 +0000 Subject: [PATCH 05/11] Auto-update README --- README.md | 4 ++-- README_fr.md | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 318910a..df111f2 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,5 @@ @@ -58,4 +58,4 @@ or sudo yunohost app upgrade nextcloud -u https://github.com/YunoHost-Apps/nextcloud_ynh/tree/testing --debug ``` -**More info regarding app packaging:** +**More info regarding app packaging:** \ No newline at end of file diff --git a/README_fr.md b/README_fr.md index 1f9ad1d..3a99357 100644 --- a/README_fr.md +++ b/README_fr.md @@ -1,5 +1,5 @@ From f2d0e3145eeba56c130d78efb1a788b8db03e4ac Mon Sep 17 00:00:00 2001 From: OniriCorpe Date: Tue, 27 Feb 2024 22:48:32 +0100 Subject: [PATCH 06/11] move the nextcloud logs to /var/log --- scripts/backup | 6 ++++++ scripts/install | 7 +++++-- scripts/restore | 10 ++++++++-- scripts/upgrade | 8 +++++++- 4 files changed, 26 insertions(+), 5 deletions(-) diff --git a/scripts/backup b/scripts/backup index 924f0bd..da8f172 100755 --- a/scripts/backup +++ b/scripts/backup @@ -60,6 +60,12 @@ ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf" ynh_backup --src_path="/etc/cron.d/$app" +#================================================= +# BACKUP LOGS +#================================================= + +ynh_backup --src_path="/var/log/$app" + #================================================= # BACKUP THE MYSQL DATABASE #================================================= diff --git a/scripts/install b/scripts/install index 1aaf177..24cd665 100755 --- a/scripts/install +++ b/scripts/install @@ -87,6 +87,9 @@ ynh_script_progression --message="Configuring $app..." --weight=8 # Set the mysql.utf8mb4 config to true in config.php exec_occ config:system:set mysql.utf8mb4 --type boolean --value="true" +# move the logs from the data_dir to the standard /var/log +exec_occ config:system:set logfile --value="/var/log/$app/nextcloud.log" + # Ensure that UpdateNotification app is disabled exec_occ app:disable updatenotification @@ -240,7 +243,7 @@ chmod 750 $install_dir ynh_script_progression --message="Configuring log rotation..." --weight=1 # Use logrotate to manage application logfile(s) -ynh_use_logrotate --logfile="$data_dir/data/nextcloud.log" +ynh_use_logrotate #================================================= # SETUP FAIL2BAN @@ -248,7 +251,7 @@ ynh_use_logrotate --logfile="$data_dir/data/nextcloud.log" ynh_script_progression --message="Configuring Fail2Ban..." --weight=8 # Create a dedicated Fail2Ban config -ynh_add_fail2ban_config --logpath="$data_dir/data/nextcloud.log" --failregex="^.*Login failed: '.*' \(Remote IP: ''.*$" --max_retry=5 +ynh_add_fail2ban_config --logpath="/var/log/$app/nextcloud.log" --failregex="^.*Login failed: '.*' \(Remote IP: ''.*$" --max_retry=5 #================================================= # END OF SCRIPT diff --git a/scripts/restore b/scripts/restore index cca5de4..1b0f63c 100755 --- a/scripts/restore +++ b/scripts/restore @@ -53,6 +53,12 @@ ynh_script_progression --message="Restoring cron job..." --weight=1 ynh_restore_file --origin_path="/etc/cron.d/$app" +#================================================= +# RESTORE LOGS +#================================================= + +ynh_restore_file --origin_path="/var/log/$app" + #================================================= # BACKUP THE LOGROTATE CONFIGURATION #================================================= @@ -109,10 +115,10 @@ ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf" ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf" # Make sure a log file exists (mostly for CI tests) -logfile="$data_dir/data/nextcloud.log" +logfile="/var/log/$app/nextcloud.log" if [ ! -f "$logfile" ]; then touch "$logfile" - chown $app: "$logfile" + chown "$app:" "$logfile" fi ynh_systemd_action --action=restart --service_name=fail2ban diff --git a/scripts/upgrade b/scripts/upgrade index 7bce6fe..7189f68 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -24,6 +24,12 @@ then ynh_die --message="Upgrading from Nextcloud < 22.2 is not supported anymore. You should first upgrade to 22.2 using: yunohost app upgrade nextcloud -u https://github.com/YunoHost-Apps/nextcloud_ynh/tree/41f5f902e7c7cd3c30a6793020562ba98b9bf3e9" fi +# move the logs from the data_dir to the standard /var/log +if [ -f "$data_dir/data/nextcloud.log" ]; then + mv "$data_dir"/data/nextcloud.log* "/var/log/$app" + # adapt the nextcloud config + exec_occ config:system:set logfile --value="/var/log/$app/nextcloud.log" +fi #================================================= # SPECIFIC UPGRADE @@ -360,7 +366,7 @@ ynh_use_logrotate --non-append #------------------------------------------------- # Create a dedicated Fail2Ban config -ynh_add_fail2ban_config --logpath="$data_dir/data/nextcloud.log" --failregex="^.*Login failed: '.*' \(Remote IP: ''.*$" --max_retry=5 +ynh_add_fail2ban_config --logpath="/var/log/$app/nextcloud.log" --failregex="^.*Login failed: '.*' \(Remote IP: ''.*$" --max_retry=5 #================================================= # END OF SCRIPT From e1652d4583596de05fa70bd0a8ee30726178101a Mon Sep 17 00:00:00 2001 From: OniriCorpe Date: Tue, 27 Feb 2024 22:56:09 +0100 Subject: [PATCH 07/11] remove logs at app removal --- scripts/remove | 3 +++ 1 file changed, 3 insertions(+) diff --git a/scripts/remove b/scripts/remove index c39ac68..f8d582f 100755 --- a/scripts/remove +++ b/scripts/remove @@ -16,6 +16,9 @@ ynh_remove_nginx_config # Remove the dedicated PHP-FPM config ynh_remove_fpm_config +# remove logs +ynh_secure_remove --file="/var/log/$app" + # Remove the app-specific logrotate config ynh_remove_logrotate From d4f998a22d0bff5eec2da09cee02fddcb4e4a41b Mon Sep 17 00:00:00 2001 From: OniriCorpe Date: Tue, 27 Feb 2024 23:14:46 +0100 Subject: [PATCH 08/11] formating --- scripts/upgrade | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/scripts/upgrade b/scripts/upgrade index 7189f68..503e6e0 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -346,9 +346,10 @@ fi # Create a dedicated NGINX config ynh_add_nginx_config -#------------------------------------------------- +#================================================= # CRON JOB -#------------------------------------------------- +#================================================= + cron_path="/etc/cron.d/$app" ynh_add_config --template="nextcloud.cron" --destination="$cron_path" chown root: "$cron_path" @@ -356,14 +357,15 @@ chmod 644 "$cron_path" exec_occ background:cron -#------------------------------------------------- +#================================================= # LOGROTATE -#------------------------------------------------- +#================================================= + ynh_use_logrotate --non-append -#------------------------------------------------- +#================================================= # FAIL2BAN -#------------------------------------------------- +#================================================= # Create a dedicated Fail2Ban config ynh_add_fail2ban_config --logpath="/var/log/$app/nextcloud.log" --failregex="^.*Login failed: '.*' \(Remote IP: ''.*$" --max_retry=5 From e92e70a00285f4f3f8b6c48331cde22a140189c2 Mon Sep 17 00:00:00 2001 From: OniriCorpe Date: Wed, 28 Feb 2024 02:54:53 +0100 Subject: [PATCH 09/11] fix exec_occ config:system:set logfile --- scripts/upgrade | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/scripts/upgrade b/scripts/upgrade index 503e6e0..c6ea89a 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -24,13 +24,6 @@ then ynh_die --message="Upgrading from Nextcloud < 22.2 is not supported anymore. You should first upgrade to 22.2 using: yunohost app upgrade nextcloud -u https://github.com/YunoHost-Apps/nextcloud_ynh/tree/41f5f902e7c7cd3c30a6793020562ba98b9bf3e9" fi -# move the logs from the data_dir to the standard /var/log -if [ -f "$data_dir/data/nextcloud.log" ]; then - mv "$data_dir"/data/nextcloud.log* "/var/log/$app" - # adapt the nextcloud config - exec_occ config:system:set logfile --value="/var/log/$app/nextcloud.log" -fi - #================================================= # SPECIFIC UPGRADE #================================================= @@ -245,6 +238,15 @@ then # Update all installed apps exec_occ app:update --all + # move the logs from the data_dir to the standard /var/log + # it would be better in the ENSURE DOWNWARD COMPATIBILITY section + # but it must be after the exec_occ() definition, so it's here + if [ -f "$data_dir/data/nextcloud.log" ]; then + mv "$data_dir"/data/nextcloud.log* "/var/log/$app" + # adapt the nextcloud config + exec_occ config:system:set logfile --value="/var/log/$app/nextcloud.log" + fi + # Load the config file in nextcloud exec_occ config:import "$nc_conf" From d1b6322fb3bc171391d0d1a7e7c062313205e395 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Thu, 29 Feb 2024 16:45:06 +0100 Subject: [PATCH 10/11] 28.0.3 --- manifest.toml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/manifest.toml b/manifest.toml index 0f141b8..2610260 100644 --- a/manifest.toml +++ b/manifest.toml @@ -5,7 +5,7 @@ name = "Nextcloud" description.en = "Online storage, file sharing platform and various other applications" description.fr = "Stockage en ligne, plateforme de partage de fichiers et diverses autres applications" -version = "28.0.2~ynh2" +version = "28.0.3~ynh1" maintainers = ["kay0u"] @@ -59,8 +59,8 @@ ram.runtime = "512M" [resources.sources] [resources.sources.main] - url = 'https://download.nextcloud.com/server/releases/nextcloud-28.0.2.tar.bz2' - sha256 = 'de34d6baf3ecceacfdd138e85520cd85e1d2ce6798d9ffa478ac17eb1efa1d08' + url = 'https://download.nextcloud.com/server/releases/nextcloud-28.0.3.tar.bz2' + sha256 = '9ed413c0de16f5b033ceeffcca99c0d61fc698dbeb8db851ac9adf9eef951906' [resources.sources.27] url = 'https://download.nextcloud.com/server/releases/nextcloud-27.0.0.tar.bz2' From ed289c05631f57c044d3142cfd43d42dfd5602b2 Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Thu, 29 Feb 2024 15:45:11 +0000 Subject: [PATCH 11/11] Auto-update README --- README.md | 2 +- README_fr.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index df111f2..8d063f1 100644 --- a/README.md +++ b/README.md @@ -29,7 +29,7 @@ In addition to Nextcloud core features, the following are made available with th * Serve `/.well-known` paths for CalDAV and CardDAV on the domain only if it's not already served - i.e. by Baïkal -**Shipped version:** 28.0.2~ynh2 +**Shipped version:** 28.0.3~ynh1 **Demo:** https://demo.nextcloud.com/ diff --git a/README_fr.md b/README_fr.md index 3a99357..f2e1700 100644 --- a/README_fr.md +++ b/README_fr.md @@ -29,7 +29,7 @@ En plus des fonctionnalités principales de Nextcloud, les fonctionnalités suiv * Utilise l'adresse `/.well-known` pour la synchronisation CalDAV et CardDAV du domaine si aucun autre service ne l'utilise déjà - par exemple, Baïkal -**Version incluse :** 28.0.2~ynh2 +**Version incluse :** 28.0.3~ynh1 **Démo :** https://demo.nextcloud.com/