YunoHost-Apps/nextcloud_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/nextcloud_ynh.git synced 2024-09-03 19:55:57 +02:00
Code Issues Activity Actions

Merge branch 'testing' into patch-2

Browse source
This commit is contained in:
frju365 2018-02-11 22:19:19 +01:00 committed by GitHub
commit 8bcc16539e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
14 changed files with 134 additions and 98 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
README.md
View file

@ -5,7 +5,7 @@ Nextcloud for YunoHost
own data. A personal cloud which run on your own server. With Nextcloud own data. A personal cloud which run on your own server. With Nextcloud
you can synchronize your files over your devices. you can synchronize your files over your devices.
**Shipped version:** 12.0.2 **Shipped version:** 12.0.5
[![Install Nextcloud with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=nextcloud) [![Install Nextcloud with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=nextcloud)
![](https://github.com/nextcloud/screenshots/blob/master/files/filelist.png) ![](https://github.com/nextcloud/screenshots/blob/master/files/filelist.png)

79
conf/config.json
View file

@ -1,38 +1,41 @@
{ {
"system": { "system": {
"datadirectory": "#DATADIR#", "updatechecker": false,
"trusted_domains": [ "memcache.local": "\\OC\\Memcache\\APCu",
"localhost", "integrity.check.disabled": true,
"#DOMAIN#" "filelocking.enabled": true,
], "memcache.locking": "\\OC\\Memcache\\Redis",
"updatechecker": false, "redis": {
"memcache.local": "\\OC\\Memcache\\APCu", "host": "localhost",
"integrity.check.disabled": true "port": "6379",
}, "timeout": "0.0",
"apps": { "password": ""
"user_ldap": { }
"ldap_base": "dc=yunohost,dc=org", },
"ldap_base_groups": "ou=groups,dc=yunohost,dc=org", "apps": {
"ldap_base_users": "ou=users,dc=yunohost,dc=org", "user_ldap": {
"ldap_cache_ttl": "600", "ldap_base": "dc=yunohost,dc=org",
"ldap_configuration_active": "1", "ldap_base_groups": "ou=groups,dc=yunohost,dc=org",
"ldap_display_name": "displayname", "ldap_base_users": "ou=users,dc=yunohost,dc=org",
"ldap_email_attr": "mail", "ldap_cache_ttl": "600",
"ldap_expert_username_attr": "uid", "ldap_configuration_active": "1",
"ldap_group_display_name": "cn", "ldap_display_name": "displayname",
"ldap_group_filter": "objectClass=posixGroup", "ldap_email_attr": "mail",
"ldap_group_filter_mode": "0", "ldap_expert_username_attr": "uid",
"ldap_groupfilter_objectclass": "posixGroup", "ldap_group_display_name": "cn",
"ldap_host": "localhost", "ldap_group_filter": "objectClass=posixGroup",
"ldap_login_filter": "(&(|(objectclass=posixAccount))(uid=%uid))", "ldap_group_filter_mode": "0",
"ldap_login_filter_mode": "0", "ldap_groupfilter_objectclass": "posixGroup",
"ldap_port": "389", "ldap_host": "localhost",
"ldap_quota_attr": "userquota", "ldap_login_filter": "(&(|(objectclass=posixAccount))(uid=%uid))",
"ldap_tls": "0", "ldap_login_filter_mode": "0",
"ldap_user_display_name": "cn", "ldap_port": "389",
"ldap_user_filter_mode": "0", "ldap_quota_attr": "userquota",
"ldap_userfilter_objectclass": "posixAccount", "ldap_tls": "0",
"ldap_userlist_filter": "objectclass=posixAccount" "ldap_user_display_name": "cn",
} "ldap_user_filter_mode": "0",
} "ldap_userfilter_objectclass": "posixAccount",
} "ldap_userlist_filter": "objectclass=posixAccount"
}
}
}

9
conf/config_install.json Normal file
View file

@ -0,0 +1,9 @@
{
"system": {
"datadirectory": "#DATADIR#",
"trusted_domains": [
"localhost",
"#DOMAIN#"
]
}
}

7
conf/nginx.conf
View file

@ -23,7 +23,12 @@ location ^~ __PATH__ {
# Set max upload size # Set max upload size
client_max_body_size 10G; client_max_body_size 10G;
fastcgi_buffers 64 4K; fastcgi_buffers 64 4K;
# Extend timeouts
client_body_timeout 60m;
proxy_read_timeout 60m;
fastcgi_read_timeout 60m;
# Disable gzip to avoid the removal of the ETag header # Disable gzip to avoid the removal of the ETag header
gzip off; gzip off;

1
conf/php-fpm.conf
View file

@ -365,6 +365,7 @@ catch_workers_output = yes
;env[TMP] = /tmp ;env[TMP] = /tmp
;env[TMPDIR] = /tmp ;env[TMPDIR] = /tmp
;env[TEMP] = /tmp ;env[TEMP] = /tmp
env[PATH] = $PATH
; Additional php.ini defines, specific to this pool of workers. These settings ; Additional php.ini defines, specific to this pool of workers. These settings
; overwrite the values previously defined in the php.ini. The directives are the ; overwrite the values previously defined in the php.ini. The directives are the

4
manifest.json
View file

@ -6,9 +6,9 @@
"en": "Access & share your files, calendars, contacts, mail & more from any device, on your terms", "en": "Access & share your files, calendars, contacts, mail & more from any device, on your terms",
"fr": "Consultez et partagez vos fichiers, agendas, carnets d'adresses, emails et bien plus depuis les appareils de votre choix, sous vos conditions" "fr": "Consultez et partagez vos fichiers, agendas, carnets d'adresses, emails et bien plus depuis les appareils de votre choix, sous vos conditions"
}, },
"version": "12.0.2", "version": "12.0.5-1",
"url": "https://nextcloud.com", "url": "https://nextcloud.com",
"license": "AGPL-3", "license": "AGPL-3.0",
"maintainer": { "maintainer": {
"name": "-", "name": "-",
"email": "-" "email": "-"

2
scripts/_common.sh
View file

@ -3,7 +3,7 @@
# COMMON VARIABLES # COMMON VARIABLES
#================================================= #=================================================
pkg_dependencies="php5-gd php5-json php5-intl php5-mcrypt php5-curl php5-apcu php5-imagick php5-ldap acl tar smbclient" pkg_dependencies="php5-gd php5-json php5-intl php5-mcrypt php5-curl php5-apcu php5-redis php5-ldap php5-imagick imagemagick acl tar smbclient"
#================================================= #=================================================
# COMMON HELPERS # COMMON HELPERS

14
scripts/backup
View file

@ -3,11 +3,6 @@
#================================================= #=================================================
# GENERIC START # GENERIC START
#================================================= #=================================================
# MANAGE SCRIPT FAILURE
#=================================================
# Exit on command errors and treat access to unset variables as an error
set -eu
#================================================= #=================================================
# IMPORT GENERIC HELPERS # IMPORT GENERIC HELPERS
@ -21,6 +16,13 @@ fi
source _common.sh source _common.sh
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#================================================= #=================================================
# LOAD SETTINGS # LOAD SETTINGS
#================================================= #=================================================
@ -82,5 +84,5 @@ if [ -z $backup_core_only ]
then then
ynh_backup "/home/yunohost.app/${app}/data" ynh_backup "/home/yunohost.app/${app}/data"
else else
echo "Data dir will not saved, because backup_core_only is set." >&2 echo "Data dir will not be saved, because backup_core_only is set." >&2
fi fi

20
scripts/install
View file

@ -144,11 +144,6 @@ exec_occ maintenance:install \
# CONFIGURE NEXTCLOUD # CONFIGURE NEXTCLOUD
#================================================= #=================================================
nc_conf="${final_path}/config.json"
cp ../conf/config.json "$nc_conf"
ynh_replace_string "#DOMAIN#" "$domain" "$nc_conf"
ynh_replace_string "#DATADIR#" "$datadir" "$nc_conf"
# Ensure that UpdateNotification app is disabled # Ensure that UpdateNotification app is disabled
exec_occ app:disable updatenotification exec_occ app:disable updatenotification
@ -156,7 +151,18 @@ exec_occ app:disable updatenotification
exec_occ app:enable user_ldap exec_occ app:enable user_ldap
exec_occ ldap:create-empty-config exec_occ ldap:create-empty-config
# Load the config file in nextcloud # Load the installation config file in nextcloud
nc_conf="${final_path}/config_install.json"
cp ../conf/config_install.json "$nc_conf"
ynh_replace_string "#DOMAIN#" "$domain" "$nc_conf"
ynh_replace_string "#DATADIR#" "$datadir" "$nc_conf"
exec_occ config:import "$nc_conf"
# Then remove it
rm -f "$nc_conf"
# Load the additional config file (used also for upgrade)
nc_conf="${final_path}/config_install.json"
cp ../conf/config.json "$nc_conf"
exec_occ config:import "$nc_conf" exec_occ config:import "$nc_conf"
# Then remove it # Then remove it
rm -f "$nc_conf" rm -f "$nc_conf"
@ -216,6 +222,8 @@ ynh_store_file_checksum "${final_path}/config/config.php"
cron_path="/etc/cron.d/$app" cron_path="/etc/cron.d/$app"
cp -a ../conf/nextcloud.cron "$cron_path" cp -a ../conf/nextcloud.cron "$cron_path"
chown root: "$cron_path"
chmod 644 "$cron_path"
ynh_replace_string "#USER#" "$app" "$cron_path" ynh_replace_string "#USER#" "$app" "$cron_path"
ynh_replace_string "#DESTDIR#" "$final_path" "$cron_path" ynh_replace_string "#DESTDIR#" "$final_path" "$cron_path"

20
scripts/restore
View file

@ -3,11 +3,6 @@
#================================================= #=================================================
# GENERIC START # GENERIC START
#================================================= #=================================================
# MANAGE SCRIPT FAILURE
#=================================================
# Exit on command errors and treat access to unset variables as an error
set -eu
#================================================= #=================================================
# IMPORT GENERIC HELPERS # IMPORT GENERIC HELPERS
@ -21,6 +16,13 @@ fi
source _common.sh source _common.sh
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#================================================= #=================================================
# LOAD SETTINGS # LOAD SETTINGS
#================================================= #=================================================
@ -102,12 +104,16 @@ ynh_restore_file "/etc/logrotate.d/$app"
# RESTORE THE DATA DIRECTORY # RESTORE THE DATA DIRECTORY
#================================================= #=================================================
datadir="/home/yunohost.app/${app}/data"
# The data directory will be restored only if it exists in the backup archive # The data directory will be restored only if it exists in the backup archive
# So only if it was backup previously. # So only if it was backup previously.
if [ -d "$YNH_BACKUP_DIR/data" ] if [ -d "$YNH_BACKUP_DIR/apps/$app/backup/home/yunohost.app/$app" ]
then then
datadir="/home/yunohost.app/${app}/data"
ynh_restore_file "$datadir" ynh_restore_file "$datadir"
else
# Create app folders
mkdir -p "$datadir"
fi fi
# Remove the option backup_core_only if it's in the settings.yml file # Remove the option backup_core_only if it's in the settings.yml file
ynh_app_setting_delete $app backup_core_only ynh_app_setting_delete $app backup_core_only

4
scripts/upgrade
View file

@ -286,6 +286,8 @@ ynh_store_file_checksum "${final_path}/config/config.php"
cron_path="/etc/cron.d/$app" cron_path="/etc/cron.d/$app"
cp -a ../conf/nextcloud.cron "$cron_path" cp -a ../conf/nextcloud.cron "$cron_path"
chown root: "$cron_path"
chmod 644 "$cron_path"
ynh_replace_string "#USER#" "$app" "$cron_path" ynh_replace_string "#USER#" "$app" "$cron_path"
ynh_replace_string "#DESTDIR#" "$final_path" "$cron_path" ynh_replace_string "#DESTDIR#" "$final_path" "$cron_path"
@ -334,7 +336,7 @@ they are probably disabled and you'll have to manually enable them again." >&2
#================================================= #=================================================
# Use logrotate to manage app-specific logfile(s) # Use logrotate to manage app-specific logfile(s)
ynh_use_logrotate ynh_use_logrotate --non-append
#================================================= #=================================================
# GENERIC FINALIZATION # GENERIC FINALIZATION

4
scripts/upgrade.d/upgrade.last.sh
View file

@ -1,7 +1,7 @@
#!/bin/bash #!/bin/bash
# Last available nextcloud version # Last available nextcloud version
next_version="12.0.2" next_version="12.0.5"
# Nextcloud tarball checksum sha256 # Nextcloud tarball checksum sha256
nextcloud_source_sha256="eb34d6cb9f55ee84bf2ad847b4b08cdb925321848ffa2264a9b1566e7b21a17c" nextcloud_source_sha256="c8be29ace6821079e881818266fe49d28812b5aa0c7d2e76511173d48828ca43"

0
sources/patches/00-add-logout_url-conf.patch → sources/patches/app-00-add-logout_url-conf.patch
View file

66
patches/01-disable-CSPv3-nonce_and_allow-YNH-fonts.patch → sources/patches/app-01-disable-CSPv3-nonce_and_allow-YNH-fonts.patch
View file

@ -1,33 +1,33 @@
lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php | 4 ++++ lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php | 4 ++++
lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php | 3 ++- lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php | 3 ++-
2 files changed, 6 insertions(+), 1 deletion(-) 2 files changed, 6 insertions(+), 1 deletion(-)
diff --git a/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php b/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php diff --git a/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php b/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php
index 85ae127f5f..91618a09fc 100644 index 85ae127f5f..91618a09fc 100644
--- a/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php --- a/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php
+++ b/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php +++ b/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php
@@ -65,6 +65,10 @@ class ContentSecurityPolicyNonceManager { @@ -65,6 +65,10 @@ class ContentSecurityPolicyNonceManager {
* @return bool * @return bool
*/ */
public function browserSupportsCspV3() { public function browserSupportsCspV3() {
+ // YunoHost patch: disable CSPv3 nonces to: + // YunoHost patch: disable CSPv3 nonces to:
+ // - avoid white page on first login from YunoHost portal + // - avoid white page on first login from YunoHost portal
+ // - allow YunoHost tile display + // - allow YunoHost tile display
+ return false; + return false;
$browserWhitelist = [ $browserWhitelist = [
Request::USER_AGENT_CHROME, Request::USER_AGENT_CHROME,
// Firefox 45+ // Firefox 45+
diff --git a/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php b/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php diff --git a/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php b/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php
index 64d4eb6e5d..59d5885620 100644 index 64d4eb6e5d..59d5885620 100644
--- a/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php --- a/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php
+++ b/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php +++ b/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php
@@ -377,7 +377,8 @@ class EmptyContentSecurityPolicy { @@ -377,7 +377,8 @@ class EmptyContentSecurityPolicy {
if(!empty($this->allowedFontDomains)) { if(!empty($this->allowedFontDomains)) {
$policy .= 'font-src ' . implode(' ', $this->allowedFontDomains); $policy .= 'font-src ' . implode(' ', $this->allowedFontDomains);
- $policy .= ';'; - $policy .= ';';
+ // YunoHost patch: extend font-src to load data fonts embedded in YunoHost tile script + // YunoHost patch: extend font-src to load data fonts embedded in YunoHost tile script
+ $policy .= ' data:;'; + $policy .= ' data:;';
} }
if(!empty($this->allowedConnectDomains)) { if(!empty($this->allowedConnectDomains)) {