diff --git a/.gitignore b/.gitignore index 783a4ae..8f144f3 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ *~ *.sw[op] +.DS_Store diff --git a/conf/config.json b/conf/config.json index 6e4790c..d17d59a 100644 --- a/conf/config.json +++ b/conf/config.json @@ -1,62 +1,62 @@ -{ - "system": { - "updatechecker": false, - "memcache.local": "\\OC\\Memcache\\APCu", - "integrity.check.disabled": true, - "filelocking.enabled": true, - "memcache.locking": "\\OC\\Memcache\\Redis", - "redis": { - "host": "localhost", - "port": "6379", - "timeout": "0.0", - "password": "" - }, - "hashing_default_password": true, - "localstorage.allowsymlinks": true, - "simpleSignUpLink.shown": false, - "maintenance_window_start": 1, - "mail_smtpmode": "smtp", - "mail_smtpport": "25", - "mail_smtpauth": 1, - "mail_smtpname": "__APP__", - "mail_smtppassword": "__MAIL_PWD__", - "mail_sendmailmode": "smtp", - "mail_from_address": "__APP__", - "mail_domain": "__DOMAIN__", - "mail_smtphost": "localhost", - "mail_smtpstreamoptions": { - "ssl": { - "allow_self_signed": true, - "verify_peer": false, - "verify_peer_name": false - } - } - }, - "apps": { - "user_ldap": { - "ldap_base": "dc=yunohost,dc=org", - "ldap_base_groups": "ou=groups,dc=yunohost,dc=org", - "ldap_base_users": "ou=users,dc=yunohost,dc=org", - "ldap_cache_ttl": "600", - "ldap_configuration_active": "1", - "ldap_display_name": "displayname", - "ldap_email_attr": "mail", - "ldap_expert_username_attr": "uid", - "ldap_group_display_name": "cn", - "ldap_group_filter": "(&(objectclass=top)(memberUid=*))", - "ldap_group_filter_mode": "0", - "ldap_groupfilter_objectclass": "posixGroup", - "ldap_group_member_assoc_attribute": "memberUid", - "ldap_host": "localhost", - "ldap_login_filter": "(&(|(objectclass=posixAccount))(uid=%uid)(permission=cn=__APP__.main,ou=permission,dc=yunohost,dc=org))", - "ldap_login_filter_mode": "0", - "ldap_port": "389", - "ldap_quota_attr": "userquota", - "ldap_tls": "0", - "ldap_user_display_name": "cn", - "ldap_user_filter_mode": "0", - "ldap_userfilter_objectclass": "posixAccount", - "ldap_userlist_filter": "objectclass=posixAccount" - } - } -} +{ + "system": { + "updatechecker": false, + "memcache.local": "\\OC\\Memcache\\APCu", + "integrity.check.disabled": true, + "filelocking.enabled": true, + "memcache.locking": "\\OC\\Memcache\\Redis", + "redis": { + "host": "localhost", + "port": "6379", + "timeout": "0.0", + "password": "" + }, + "hashing_default_password": true, + "localstorage.allowsymlinks": true, + "simpleSignUpLink.shown": false, + "maintenance_window_start": 1, + "mail_smtpmode": "smtp", + "mail_smtpport": "25", + "mail_smtpauth": 1, + "mail_smtpname": "__APP__", + "mail_smtppassword": "__MAIL_PWD__", + "mail_sendmailmode": "smtp", + "mail_from_address": "__APP__", + "mail_domain": "__DOMAIN__", + "mail_smtphost": "localhost", + "mail_smtpstreamoptions": { + "ssl": { + "allow_self_signed": true, + "verify_peer": false, + "verify_peer_name": false + } + } + }, + "apps": { + "user_ldap": { + "ldap_base": "dc=yunohost,dc=org", + "ldap_base_groups": "ou=groups,dc=yunohost,dc=org", + "ldap_base_users": "ou=users,dc=yunohost,dc=org", + "ldap_cache_ttl": "600", + "ldap_configuration_active": "1", + "ldap_display_name": "displayname", + "ldap_email_attr": "mail", + "ldap_expert_username_attr": "uid", + "ldap_group_display_name": "cn", + "ldap_group_filter": "(&(objectclass=top)(memberUid=*))", + "ldap_group_filter_mode": "0", + "ldap_groupfilter_objectclass": "posixGroup", + "ldap_group_member_assoc_attribute": "memberUid", + "ldap_host": "localhost", + "ldap_login_filter": "(&(|(objectclass=posixAccount))(uid=%uid)(permission=cn=__APP__.main,ou=permission,dc=yunohost,dc=org))", + "ldap_login_filter_mode": "0", + "ldap_port": "389", + "ldap_quota_attr": "userquota", + "ldap_tls": "0", + "ldap_user_display_name": "cn", + "ldap_user_filter_mode": "0", + "ldap_userfilter_objectclass": "posixAccount", + "ldap_userlist_filter": "objectclass=posixAccount" + } + } +} diff --git a/conf/extra_php-fpm.conf b/conf/extra_php-fpm.conf index fd92447..f584e2c 100644 --- a/conf/extra_php-fpm.conf +++ b/conf/extra_php-fpm.conf @@ -1,9 +1,6 @@ ; Additional php.ini defines, specific to this pool of workers. env[PATH] = $PATH -php_admin_value[memory_limit] = 512M -php_value[upload_max_filesize] = 10G -php_value[post_max_size] = 10G php_value[default_charset] = UTF-8 ; OPcache is already activated by default ; php_value[opcache.enable]=1 diff --git a/conf/nextcloud.cron b/conf/nextcloud.cron index 31bfe2f..29c313c 100644 --- a/conf/nextcloud.cron +++ b/conf/nextcloud.cron @@ -1 +1 @@ -*/5 * * * * __APP__ /usr/bin/php__PHPVERSION__ --define apc.enable_cli=1 -f __INSTALL_DIR__/cron.php +*/5 * * * * __APP__ /usr/bin/php__PHP_VERSION__ --define apc.enable_cli=1 -f __INSTALL_DIR__/cron.php diff --git a/conf/nginx.conf b/conf/nginx.conf index 0300bad..5f444f1 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -117,7 +117,7 @@ location ^~ __PATH__/ { fastcgi_param modHeadersAvailable true; # Avoid sending the security headers twice fastcgi_param front_controller_active true; # Enable pretty urls fastcgi_param HTTP_ACCEPT_ENCODING ""; # Disable encoding of Nextcloud response to inject ynh scripts - fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock; + fastcgi_pass unix:/var/run/php/php__PHP_VERSION__-fpm-__APP__.sock; fastcgi_intercept_errors on; fastcgi_request_buffering off; diff --git a/manifest.toml b/manifest.toml index ef01371..c004899 100644 --- a/manifest.toml +++ b/manifest.toml @@ -19,7 +19,8 @@ code = "https://github.com/nextcloud/server" cpe = "cpe:2.3:a:nextcloud:nextcloud" [integration] -yunohost = ">= 11.2" +yunohost = ">= 11.2.17" +helpers_version = "2.1" architectures = ["amd64", "arm64", "armhf"] multi_instance = true diff --git a/scripts/_common.sh b/scripts/_common.sh index 65cce78..e861ed8 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -1,18 +1,14 @@ #!/bin/bash #================================================= -# COMMON VARIABLES -#================================================= - -#================================================= -# EXPERIMENTAL HELPERS +# COMMON VARIABLES AND CUSTOM HELPERS #================================================= # Check if an URL is already handled # usage: is_url_handled --domain=DOMAIN --path=PATH_URI is_url_handled() { # Declare an array to define the options of this helper. - local legacy_args=dp + #REMOVEME? local legacy_args=dp declare -Ar args_array=( [d]=domain= [p]=path= ) local domain local path @@ -39,7 +35,3 @@ is_url_handled() { return 1 fi } - -#================================================= -# FUTURE OFFICIAL HELPERS -#================================================= diff --git a/scripts/backup b/scripts/backup index da8f172..db94113 100755 --- a/scripts/backup +++ b/scripts/backup @@ -1,43 +1,34 @@ #!/bin/bash -#================================================= -# GENERIC START -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers source ../settings/scripts/_ynh_mysql_dump_db.sh -#================================================= -# DECLARE DATA AND CONF FILES TO BACKUP -#================================================= -ynh_print_info --message="Declaring files to be backed up..." +ynh_print_info "Declaring files to be backed up..." #================================================= # BACKUP THE APP MAIN DIR #================================================= -ynh_backup --src_path="$install_dir" +ynh_backup "$install_dir" #================================================= # BACKUP THE DATA DIRECTORY #================================================= -ynh_backup --src_path="$data_dir" --is_big +ynh_backup "$data_dir" #================================================= # BACKUP THE NGINX CONFIGURATION #================================================= -ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" +ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= # BACKUP THE PHP-FPM CONFIGURATION #================================================= -ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" +ynh_backup "/etc/php/$php_version/fpm/pool.d/$app.conf" #================================================= # SPECIFIC BACKUP @@ -45,36 +36,36 @@ ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" # BACKUP LOGROTATE #================================================= -ynh_backup --src_path="/etc/logrotate.d/$app" +ynh_backup "/etc/logrotate.d/$app" #================================================= # BACKUP FAIL2BAN CONFIGURATION #================================================= -ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf" -ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf" +ynh_backup "/etc/fail2ban/jail.d/$app.conf" +ynh_backup "/etc/fail2ban/filter.d/$app.conf" #================================================= # BACKUP THE CRON FILE #================================================= -ynh_backup --src_path="/etc/cron.d/$app" +ynh_backup "/etc/cron.d/$app" #================================================= # BACKUP LOGS #================================================= -ynh_backup --src_path="/var/log/$app" +ynh_backup "/var/log/$app" #================================================= # BACKUP THE MYSQL DATABASE #================================================= -ynh_print_info --message="Backing up the MySQL database..." +ynh_print_info "Backing up the MySQL database..." -ynh_mysql_dump_db --database="$db_name" --default_character_set="utf8mb4" > db.sql +ynh_mysql_dump_db --default_character_set="utf8mb4" > db.sql #================================================= # END OF SCRIPT #================================================= -ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." +ynh_print_info "Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." diff --git a/scripts/change_url b/scripts/change_url index aac12f0..989ee63 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -1,30 +1,24 @@ #!/bin/bash -#================================================= -# GENERIC STARTING -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - source _common.sh source /usr/share/yunohost/helpers #================================================= # MODIFY URL IN NGINX CONF #================================================= -ynh_script_progression --message="Updating NGINX web server configuration..." --weight=2 +ynh_script_progression "Updating NGINX web server configuration..." -ynh_change_url_nginx_config +ynh_config_change_url_nginx #================================================= # SPECIFIC MODIFICATIONS #================================================= -ynh_script_progression --message="Applying $app specific modifications..." --weight=2 +ynh_script_progression "Applying $app specific modifications..." # Define a function to execute commands with `occ` exec_occ() { - (cd "$install_dir" && ynh_exec_as "$app" \ - php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi "$@") + (cd "$install_dir" && ynh_exec_as_app \ + php${php_version} --define apc.enable_cli=1 occ --no-interaction --no-ansi "$@") } if [ $change_domain -eq 1 ] @@ -36,23 +30,23 @@ then exec_occ config:system:set overwrite.cli.url --value="https://${new_domain}${new_path}" # Reload php fpm, necessary for force nextcloud to re-read config.php, cf opcache.revalidate_freq - ynh_systemd_action --service_name=php${phpversion}-fpm --action=reload + ynh_systemctl --service=php${php_version}-fpm --action=reload # Check if .well-known is available for this domain if is_url_handled --domain="$new_domain" --path="/.well-known/caldav" || is_url_handled --domain="$new_domain" --path="/.well-known/carddav" then - ynh_print_warn --message="Another app already uses the domain $new_domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book." + ynh_print_warn "Another app already uses the domain $new_domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book." # Remove lines about .well-known/carddav and caldav with sed. sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "/etc/nginx/conf.d/$new_domain.d/$app.conf" - ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" + ynh_store_file_checksum "/etc/nginx/conf.d/$new_domain.d/$app.conf" fi fi #================================================= # SETUP SSOWAT #================================================= -ynh_script_progression --message="Configuring permissions..." +ynh_script_progression "Configuring permissions..." # Temporary fix for the API permission (workaround for https://github.com/YunoHost/issues/issues/2294 ) ynh_permission_url --permission="api" --url="re:$new_domain\/.well-known\/.*" --auth_header="false" --clear_urls @@ -61,4 +55,4 @@ ynh_permission_url --permission="api" --url="re:$new_domain\/.well-known\/.*" -- # END OF SCRIPT #================================================= -ynh_script_progression --message="Change of URL completed for $app" --last +ynh_script_progression "Change of URL completed for $app" diff --git a/scripts/config b/scripts/config index 93ced20..febc454 100644 --- a/scripts/config +++ b/scripts/config @@ -1,11 +1,5 @@ #!/bin/bash -#================================================= -# GENERIC STARTING -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - source _common.sh source /usr/share/yunohost/helpers @@ -15,8 +9,8 @@ ynh_abort_if_errors # RETRIEVE ARGUMENTS #================================================= -phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) -current_fpm_footprint=$(ynh_app_setting_get --app=$app --key=fpm_footprint) +php_version=$(ynh_app_setting_get --key=php_version) +current_fpm_footprint=$(ynh_app_setting_get --key=fpm_footprint) #================================================= # SPECIFIC GETTERS FOR TOML SHORT KEY @@ -24,8 +18,8 @@ current_fpm_footprint=$(ynh_app_setting_get --app=$app --key=fpm_footprint) get__maintenance_mode() { # Maintenance mode status - maintenance_mode_status="$(cd "$install_dir" && ynh_exec_as "$app" \ - php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi maintenance:mode)" 2> /dev/null + maintenance_mode_status="$(cd "$install_dir" && ynh_exec_as_app \ + php${php_version} --define apc.enable_cli=1 occ --no-interaction --no-ansi maintenance:mode)" 2> /dev/null if echo $maintenance_mode_status | grep -q "disabled" then echo "0" @@ -33,14 +27,14 @@ get__maintenance_mode() { then echo "1" else - ynh_print_err --message="Unexpected output from maintenance status check command." + ynh_print_warn "Unexpected output from maintenance status check command." exit 0 fi } get__system_addressbook_exposed() { - echo $(cd "$install_dir" && ynh_exec_as "$app" \ - php${phpversion} --define apc.enable_cli=1 occ config:app:get dav system_addressbook_exposed) + echo $(cd "$install_dir" && ynh_exec_as_app \ + php${php_version} --define apc.enable_cli=1 occ config:app:get dav system_addressbook_exposed) } get__fpm_footprint() { @@ -73,55 +67,53 @@ get__fpm_free_footprint() { set__maintenance_mode() { if [ "$maintenance_mode" -eq "0" ]; then # If maintenance_mode was set to 0, disable maintenance mode - (cd "$install_dir" && ynh_exec_as "$app" \ - php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi maintenance:mode --off) + (cd "$install_dir" && ynh_exec_as_app \ + php${php_version} --define apc.enable_cli=1 occ --no-interaction --no-ansi maintenance:mode --off) ynh_print_info "Maintenance mode disabled" elif [ "$maintenance_mode" -eq "1" ]; then # If maintenance_mode was set to 1, enable maintenance mode - (cd "$install_dir" && ynh_exec_as "$app" \ - php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi maintenance:mode --on) + (cd "$install_dir" && ynh_exec_as_app \ + php${php_version} --define apc.enable_cli=1 occ --no-interaction --no-ansi maintenance:mode --on) ynh_print_info "Maintenance mode enabled" fi - ynh_app_setting_set --app=$app --key=maintenance_mode --value="$maintenance_mode" + ynh_app_setting_set --key=maintenance_mode --value="$maintenance_mode" } set__system_addressbook_exposed() { - (cd "$install_dir" && ynh_exec_as "$app" \ - php${phpversion} --define apc.enable_cli=1 occ config:app:set dav system_addressbook_exposed --value="$system_addressbook_exposed") + (cd "$install_dir" && ynh_exec_as_app \ + php${php_version} --define apc.enable_cli=1 occ config:app:set dav system_addressbook_exposed --value="$system_addressbook_exposed") ynh_print_info "System addressbook is exposed: $system_addressbook_exposed" } -set__fpm_footprint() { - if [ "$fpm_footprint" != "specific" ] +#REMOVEME? Everything about fpm_footprint is removed in helpers2.1... | set__fpm_footprint() { +#REMOVEME? Everything about fpm_footprint is removed in helpers2.1... | if [ "$fpm_footprint" != "specific" ] then - ynh_app_setting_set --app=$app --key=fpm_footprint --value="$fpm_footprint" +#REMOVEME? Everything about fpm_footprint is removed in helpers2.1... | ynh_app_setting_set --key=fpm_footprint --value="$fpm_footprint" fi } -set__fpm_free_footprint() { - if [ "$fpm_footprint" = "specific" ] +#REMOVEME? Everything about fpm_free_footprint is removed in helpers2.1... | set__fpm_free_footprint() { +#REMOVEME? Everything about fpm_footprint is removed in helpers2.1... | if [ "$fpm_footprint" = "specific" ] then - ynh_app_setting_set --app=$app --key=fpm_footprint --value="$fpm_free_footprint" +#REMOVEME? Everything about fpm_free_footprint is removed in helpers2.1... | ynh_app_setting_set --key=fpm_footprint --value="$fpm_free_footprint" fi } -#================================================= -# GENERIC FINALIZATION #================================================= ynh_app_config_validate() { _ynh_app_config_validate if [ "${changed[fpm_usage]}" == "true" ] || [ "${changed[fpm_footprint]}" == "true" ] || [ "${changed[fpm_free_footprint]}" == "true" ]; then - # If fpm_footprint is set to 'specific', use $fpm_free_footprint value. - if [ "$fpm_footprint" = "specific" ] +#REMOVEME? Everything about fpm_free_footprint is removed in helpers2.1... | # If fpm_footprint is set to 'specific', use $fpm_free_footprint value. +#REMOVEME? Everything about fpm_footprint is removed in helpers2.1... | if [ "$fpm_footprint" = "specific" ] then - fpm_footprint=$fpm_free_footprint +#REMOVEME? Everything about fpm_free_footprint is removed in helpers2.1... | fpm_footprint=$fpm_free_footprint fi - if [ "$fpm_footprint" == "0" ] +#REMOVEME? Everything about fpm_footprint is removed in helpers2.1... | if [ "$fpm_footprint" == "0" ] then - ynh_print_err --message="When selecting 'specific', you have to set a footprint value into the field below." + ynh_print_warn "When selecting 'specific', you have to set a footprint value into the field below." exit 0 fi @@ -131,7 +123,7 @@ ynh_app_config_validate() { ynh_app_config_apply() { _ynh_app_config_apply - ynh_add_fpm_config + ynh_config_add_phpfpm } ynh_app_config_run $1 diff --git a/scripts/install b/scripts/install index 88c1c0d..d691942 100755 --- a/scripts/install +++ b/scripts/install @@ -2,65 +2,69 @@ source _common.sh source /usr/share/yunohost/helpers + +ynh_app_setting_set --key=php_upload_max_filesize --value=10G + +ynh_app_setting_set --key=php_memory_limit --value=512M source _ynh_mysql_connect_as.sh phpflags="--define apc.enable_cli=1" -ynh_app_setting_set --app=$app --key=phpflags --value="$phpflags" +ynh_app_setting_set --key=phpflags --value="$phpflags" #================================================= # CREATE A MYSQL DATABASE #================================================= -ynh_script_progression --message="Migrate MySQL database to utf8..." --weight=2 +ynh_script_progression "Migrate MySQL database to utf8..." -ynh_mysql_connect_as --user=$db_user --password="$db_pwd" --database=$db_name \ +ynh_mysql_db_shell \ <<< "ALTER DATABASE $db_name CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;" #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= -ynh_script_progression --message="Setting up source files..." --weight=5 +ynh_script_progression "Setting up source files..." # Enable YunoHost patches on Nextcloud sources -cp -a ../sources/patches_last_version/* ../sources/patches +cp -a ../patches_last_version/* ../patches # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$install_dir" #================================================= # PHP-FPM CONFIGURATION #================================================= -ynh_script_progression --message="Configuring PHP-FPM..." --weight=5 +ynh_script_progression "Configuring PHP-FPM..." -ynh_app_setting_set --app=$app --key=fpm_footprint --value=high -ynh_app_setting_set --app=$app --key=fpm_usage --value=medium -ynh_add_fpm_config +ynh_app_setting_set --key=fpm_footprint --value=high +ynh_app_setting_set --key=fpm_usage --value=medium +ynh_config_add_phpfpm #================================================= # NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Configuring NGINX web server..." --weight=2 +ynh_script_progression "Configuring NGINX web server..." # Check if .well-known is available for this domain if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav" then - ynh_print_warn --message="Another app already uses the domain $domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book." + ynh_print_warn "Another app already uses the domain $domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book." # Remove lines about .well-known/carddav and caldav with sed. sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "../conf/nginx.conf" fi # Create a dedicated NGINX config -ynh_add_nginx_config +ynh_config_add_nginx #================================================= # INSTALL NEXTCLOUD #================================================= -ynh_script_progression --message="Installing $app..." --weight=30 +ynh_script_progression "Installing $app..." # Define a function to execute commands with `occ` exec_occ() { - (cd "$install_dir" && ynh_exec_as "$app" \ - php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi "$@") + (cd "$install_dir" && ynh_exec_as_app \ + php${php_version} --define apc.enable_cli=1 occ --no-interaction --no-ansi "$@") } # Set write access for the following commands @@ -77,12 +81,12 @@ exec_occ maintenance:install \ --database-user $db_user --database-pass "$db_pwd" \ --admin-user "admin" --admin-pass "$admin_password" \ --data-dir "$data_dir/data" \ - || ynh_die --message="Unable to install $app" + || ynh_die "Unable to install $app" #================================================= # CONFIGURE NEXTCLOUD #================================================= -ynh_script_progression --message="Configuring $app..." --weight=8 +ynh_script_progression "Configuring $app..." # Set the mysql.utf8mb4 config to true in config.php exec_occ config:system:set mysql.utf8mb4 --type boolean --value="true" @@ -99,21 +103,21 @@ exec_occ ldap:create-empty-config # Load the installation config file in Nextcloud nc_conf="$install_dir/config_install.json" -ynh_add_config --template="config_install.json" --destination="$nc_conf" +ynh_config_add --template="config_install.json" --destination="$nc_conf" exec_occ config:import "$nc_conf" # Then remove the config file -ynh_secure_remove --file="$nc_conf" +ynh_safe_rm "$nc_conf" # Load the additional config file (used also for upgrade) nc_conf="$install_dir/config.json" -ynh_add_config --template="config.json" --destination="$nc_conf" +ynh_config_add --template="config.json" --destination="$nc_conf" exec_occ config:import "$nc_conf" # Then remove the config file -ynh_secure_remove --file="$nc_conf" +ynh_safe_rm "$nc_conf" #================================================= # CHECK THE LDAP CONFIG @@ -121,7 +125,7 @@ ynh_secure_remove --file="$nc_conf" # Check LDAP configuration to see if everything worked well exec_occ ldap:test-config '' \ - || ynh_die --message="An error occured during LDAP configuration" + || ynh_die "An error occured during LDAP configuration" #================================================= # MOUNT HOME FOLDERS AS EXTERNAL STORAGE @@ -135,7 +139,7 @@ create_external_storage() { local mount_id=`exec_occ files_external:create --output=json \ "$mount_name" 'local' 'null::null' -c "datadir=$mount_dir" || true` ! [[ $mount_id =~ ^[0-9]+$ ]] \ - && ynh_print_warn --message="Unable to create external storage" \ + && ynh_print_warn "Unable to create external storage" \ || exec_occ files_external:option "$mount_id" enable_sharing true } @@ -176,7 +180,7 @@ exec_occ config:system:set overwrite.cli.url --value="https://${domain}${path}" #================================================= # Set the user as admin -ynh_mysql_connect_as --user=$db_name --password="$db_pwd" --database=$db_name --default_character_set="utf8mb4" \ +ynh_mysql_db_shell \ <<< "INSERT INTO oc_group_user VALUES ('admin','$admin');" # And delete admin user exec_occ user:delete admin @@ -192,14 +196,14 @@ exec_occ config:app:set dav system_addressbook_exposed --value="$system_addressb #================================================= # Calculate and store the config file checksum into the app settings -ynh_store_file_checksum --file="$install_dir/config/config.php" +ynh_store_file_checksum "$install_dir/config/config.php" #================================================= # ADD A CRON JOB #================================================= cron_path="/etc/cron.d/$app" -ynh_add_config --template="nextcloud.cron" --destination="$cron_path" +ynh_config_add --template="nextcloud.cron" --destination="$cron_path" chown root: "$cron_path" chmod 644 "$cron_path" @@ -216,7 +220,7 @@ exec_occ db:convert-filecache-bigint -n #================================================= # YUNOHOST MULTIMEDIA INTEGRATION #================================================= -ynh_script_progression --message="Adding multimedia directories..." --weight=6 +ynh_script_progression "Adding multimedia directories..." # Build YunoHost multimedia directories ynh_multimedia_build_main_dir @@ -227,8 +231,6 @@ create_external_storage "/home/yunohost.multimedia/share" "Shared multimedia" # Allow nextcloud to write into these directories ynh_multimedia_addaccess $app -#================================================= -# GENERIC FINALIZATION #================================================= # SECURE FILES AND DIRECTORIES #================================================= @@ -247,21 +249,21 @@ chmod 750 $install_dir #================================================= # SETUP LOGROTATE #================================================= -ynh_script_progression --message="Configuring log rotation..." --weight=1 +ynh_script_progression "Configuring log rotation..." # Use logrotate to manage application logfile(s) -ynh_use_logrotate +ynh_config_add_logrotate #================================================= # SETUP FAIL2BAN #================================================= -ynh_script_progression --message="Configuring Fail2Ban..." --weight=8 +ynh_script_progression "Configuring Fail2Ban..." # Create a dedicated Fail2Ban config -ynh_add_fail2ban_config --logpath="/var/log/$app/nextcloud.log" --failregex="^.*Login failed: '.*' \(Remote IP: ''.*$" --max_retry=5 +ynh_config_add_fail2ban --logpath="/var/log/$app/nextcloud.log" --failregex="^.*Login failed: '.*' \(Remote IP: ''.*$" #================================================= # END OF SCRIPT #================================================= -ynh_script_progression --message="Installation of $app completed" --last +ynh_script_progression "Installation of $app completed" diff --git a/scripts/remove b/scripts/remove index c39ac68..887a10d 100755 --- a/scripts/remove +++ b/scripts/remove @@ -6,25 +6,26 @@ source /usr/share/yunohost/helpers #================================================= # REMOVE SYSTEM CONFIGURATIONS #================================================= -# REMOVE SYSTEMD SERVICE +# REMOVE SYSTEMD SERVICE + #================================================= -ynh_script_progression --message="Removing system configurations related to $app..." --weight=5 +ynh_script_progression "Removing system configurations related to $app..." # Remove the dedicated NGINX config -ynh_remove_nginx_config +ynh_config_remove_nginx # Remove the dedicated PHP-FPM config -ynh_remove_fpm_config +ynh_config_remove_phpfpm # Remove the app-specific logrotate config -ynh_remove_logrotate +ynh_config_remove_logrotate # Remove the dedicated Fail2Ban config -ynh_remove_fail2ban_config +ynh_config_remove_fail2ban # Remove a cron file # TODO: Ensure that cron job is not running (How !?) -ynh_secure_remove --file="/etc/cron.d/$app" +ynh_safe_rm "/etc/cron.d/$app" # Cleaning ACL in home directories for i in $(ls /home); do @@ -37,4 +38,4 @@ done # END OF SCRIPT #================================================= -ynh_script_progression --message="Removal of $app completed" --last +ynh_script_progression "Removal of $app completed" diff --git a/scripts/restore b/scripts/restore index 1b0f63c..9520138 100755 --- a/scripts/restore +++ b/scripts/restore @@ -9,38 +9,38 @@ source ../settings/scripts/_ynh_mysql_connect_as.sh #================================================= # RESTORE THE APP MAIN DIR #================================================= -ynh_script_progression --message="Restoring the app main directory..." +ynh_script_progression "Restoring the app main directory..." -ynh_restore_file --origin_path="$install_dir" +ynh_restore "$install_dir" #================================================= # RESTORE THE MYSQL DATABASE #================================================= -ynh_script_progression --message="Restoring the MySQL database..." --weight=9 +ynh_script_progression "Restoring the MySQL database..." -ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name --default_character_set="utf8mb4" < ./db.sql +ynh_mysql_db_shell < ./db.sql #================================================= # RESTORE THE PHP-FPM CONFIGURATION #================================================= -ynh_script_progression --message="Reconfiguring PHP-FPM..." --weight=50 +ynh_script_progression "Reconfiguring PHP-FPM..." # Restore the file first, so it can have a backup if different -ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" +ynh_restore "/etc/php/$php_version/fpm/pool.d/$app.conf" # Recreate a dedicated PHP-FPM config -ynh_add_fpm_config +ynh_config_add_phpfpm #================================================= # RESTORE THE NGINX CONFIGURATION #================================================= -ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" +ynh_restore "/etc/nginx/conf.d/$domain.d/$app.conf" # Check if .well-known is available for this domain if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav" then - ynh_print_warn --message="Another app already uses the domain $domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book." + ynh_print_warn "Another app already uses the domain $domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book." # Remove lines about .well-known/CardDAV and CalDAV with sed. sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "/etc/nginx/conf.d/$domain.d/$app.conf" @@ -49,30 +49,30 @@ fi #================================================= # RESTORE THE CRON FILE #================================================= -ynh_script_progression --message="Restoring cron job..." --weight=1 +ynh_script_progression "Restoring cron job..." -ynh_restore_file --origin_path="/etc/cron.d/$app" +ynh_restore "/etc/cron.d/$app" #================================================= # RESTORE LOGS #================================================= -ynh_restore_file --origin_path="/var/log/$app" +ynh_restore "/var/log/$app" #================================================= # BACKUP THE LOGROTATE CONFIGURATION #================================================= -ynh_script_progression --message="Restoring the logrotate configuration..." --weight=1 +ynh_script_progression "Restoring the logrotate configuration..." -ynh_restore_file --origin_path="/etc/logrotate.d/$app" +ynh_restore "/etc/logrotate.d/$app" #================================================= # RESTORE THE DATA DIRECTORY #================================================= -ynh_script_progression --message="Restoring data directory..." --weight=2 +ynh_script_progression "Restoring data directory..." -# Use --not_mandatory for the data directory, because if the backup has been made with BACKUP_CORE_ONLY, there's no data into the backup. -ynh_restore_file --origin_path="$data_dir" --not_mandatory +# Use || true for the data directory, because if the backup has been made with BACKUP_CORE_ONLY, there's no data into the backup. +ynh_restore "$data_dir" #================================================= # RESTORE USER RIGHTS @@ -99,7 +99,7 @@ done #================================================= # YUNOHOST MULTIMEDIA INTEGRATION #================================================= -ynh_script_progression --message="Adding multimedia directories..." --weight=4 +ynh_script_progression "Adding multimedia directories..." # Build YunoHost multimedia directories ynh_multimedia_build_main_dir @@ -109,10 +109,10 @@ ynh_multimedia_addaccess $app #================================================= # RESTORE THE FAIL2BAN CONFIGURATION #================================================= -ynh_script_progression --message="Restoring the Fail2Ban configuration..." --weight=7 +ynh_script_progression "Restoring the Fail2Ban configuration..." -ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf" -ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf" +ynh_restore "/etc/fail2ban/jail.d/$app.conf" +ynh_restore "/etc/fail2ban/filter.d/$app.conf" # Make sure a log file exists (mostly for CI tests) logfile="/var/log/$app/nextcloud.log" @@ -121,19 +121,17 @@ if [ ! -f "$logfile" ]; then chown "$app:" "$logfile" fi -ynh_systemd_action --action=restart --service_name=fail2ban +ynh_systemctl --action=restart --service=fail2ban -#================================================= -# GENERIC FINALIZATION #================================================= # RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading NGINX web server..." --weight=3 +ynh_script_progression "Reloading NGINX web server..." -ynh_systemd_action --service_name=nginx --action=reload +ynh_systemctl --service=nginx --action=reload #================================================= # END OF SCRIPT #================================================= -ynh_script_progression --message="Restoration completed for $app" --last +ynh_script_progression "Restoration completed for $app" diff --git a/scripts/upgrade b/scripts/upgrade index c2ddc1d..6755aca 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -3,26 +3,26 @@ source _common.sh source /usr/share/yunohost/helpers -upgrade_type=$(ynh_check_app_version_changed) +ynh_app_setting_set_default --key=php_upload_max_filesize --value=10G + +ynh_app_setting_set_default --key=php_memory_limit --value=512M #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= -ynh_script_progression --message="Ensuring downward compatibility..." +ynh_script_progression "Ensuring downward compatibility..." # Remove the option backup_core_only if it's in the settings.yml file -ynh_app_setting_delete --app=$app --key=backup_core_only +ynh_app_setting_delete --key=backup_core_only phpflags="--define apc.enable_cli=1" -ynh_app_setting_set --app=$app --key=phpflags --value="$phpflags" +ynh_app_setting_set --key=phpflags --value="$phpflags" -if ynh_compare_current_package_version --comparison lt --version 22.2~ynh1 +if ynh_app_upgrading_from_version_before 22.2~ynh1 then - ynh_die --message="Upgrading from Nextcloud < 22.2 is not supported anymore. You should first upgrade to 22.2 using: yunohost app upgrade nextcloud -u https://github.com/YunoHost-Apps/nextcloud_ynh/tree/41f5f902e7c7cd3c30a6793020562ba98b9bf3e9" + ynh_die "Upgrading from Nextcloud < 22.2 is not supported anymore. You should first upgrade to 22.2 using: yunohost app upgrade nextcloud -u https://github.com/YunoHost-Apps/nextcloud_ynh/tree/41f5f902e7c7cd3c30a6793020562ba98b9bf3e9" fi -#================================================= -# SPECIFIC UPGRADE #================================================= # MAKE SEQUENTIAL UPGRADES FROM EACH MAJOR # VERSION TO THE NEXT ONE @@ -52,19 +52,19 @@ exec_occ() { NEXTCLOUD_PHP_VERSION="7.4" fi - # NB : be super careful when designing this part of the code, because calling ynh_install_app_dependencies - # will do magic regarding php configuration and $phpversion when the php version of the dependencies changes ... - phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) - if [[ "$NEXTCLOUD_PHP_VERSION" != "$phpversion" ]]; then + # NB : be super careful when designing this part of the code, because calling ynh_apt_install_dependencies + # will do magic regarding php configuration and $php_version when the php version of the dependencies changes ... + php_version=$(ynh_app_setting_get --key=php_version) + if [[ "$NEXTCLOUD_PHP_VERSION" != "$php_version" ]]; then local pkg_dependencies="$(dpkg-query --show --showformat='${Depends}' ${app}-ynh-deps)" - pkg_dependencies="${pkg_dependencies//$phpversion/$NEXTCLOUD_PHP_VERSION}" - # Packaging v1 ~legacy : ynh_install_app_dependencies is designed to be called several times + pkg_dependencies="${pkg_dependencies//$php_version/$NEXTCLOUD_PHP_VERSION}" + # Packaging v1 ~legacy : ynh_apt_install_dependencies is designed to be called several times # but the second time it will *append* the list of dependencies rather than replace the existing dependencies # resulting in a crash when parsing what's the php version the app uses, hence we need to force the full-replacement YNH_INSTALL_APP_DEPENDENCIES_REPLACE=true - ynh_install_app_dependencies "$pkg_dependencies" + ynh_apt_install_dependencies "$pkg_dependencies" fi -(cd "$install_dir" && ynh_exec_as "$app" \ +(cd "$install_dir" && ynh_exec_as_app \ php$NEXTCLOUD_PHP_VERSION --define apc.enable_cli=1 occ --no-interaction --no-ansi "$@") 2> >(filter_boring_occ_warnings >&2) } @@ -76,7 +76,7 @@ create_external_storage() { local mount_id=$(exec_occ files_external:create --output=json \ "$mount_name" 'local' 'null::null' -c "datadir=$mount_dir" || true) ! [[ $mount_id =~ ^[0-9]+$ ]] \ - && ynh_print_warn --message="Unable to create external storage" \ + && ynh_print_warn "Unable to create external storage" \ || exec_occ files_external:option "$mount_id" enable_sharing true } @@ -103,11 +103,10 @@ function list_installed_apps_not_compatible_with_future_version() comm -23 <(comm -23 $installed_apps $core_apps_in_current_version) $nextcloud_destination_appcatalog } - current_version=$(grep OC_VersionString "$install_dir/version.php" | cut -d\' -f2) current_major_version=${current_version%%.*} -last_version=$(ynh_read_manifest --manifest_key="resources.sources.main.url" | grep -o '[0-9][0-9]\.[0-9]\.[0-9]') +last_version=$(ynh_read_manifest | grep -o '[0-9][0-9]\.[0-9]\.[0-9]') last_major_version=${last_version%%.*} if [[ "$last_major_version" != "$current_major_version" ]] @@ -115,13 +114,13 @@ then installed_apps_not_compatible_with_future_version="$(list_installed_apps_not_compatible_with_future_version $last_major_version)" if [[ -n "$installed_apps_not_compatible_with_future_version" ]] then - ynh_die --message="The following apps are not (yet?) compatible with Nextcloud $last_major_version. You should make sure to upgrade the app, or disable it, or wait for it to become compatible before running this upgrade : $installed_apps_not_compatible_with_future_version" + ynh_die "The following apps are not (yet?) compatible with Nextcloud $last_major_version. You should make sure to upgrade the app, or disable it, or wait for it to become compatible before running this upgrade : $installed_apps_not_compatible_with_future_version" fi fi -if [ "$upgrade_type" == "UPGRADE_APP" ] +if ynh_app_upstream_version_changed then - ynh_script_progression --message="Upgrading $app..." --weight=3 + ynh_script_progression "Upgrading $app..." # Set write access for the following commands chown -R $app: "$install_dir" "$data_dir" @@ -130,9 +129,9 @@ then exec_occ -V if [ "$(exec_occ config:system:get mysql.utf8mb4)" != "true" ]; then - db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd) + db_pwd=$(ynh_app_setting_get --key=db_pwd) # Change your databases character set and collation - ynh_mysql_connect_as --user=$db_user --password="$db_pwd" --database=$db_name \ + ynh_mysql_db_shell \ <<< "ALTER DATABASE $db_name CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;" # Set the mysql.utf8mb4 config to true in config.php exec_occ config:system:set mysql.utf8mb4 --type boolean --value="true" @@ -155,11 +154,11 @@ then next_major_version="$(( $current_major_version + 1 ))" if [[ "$next_major_version" -ge "$last_major_version" ]]; then - ynh_print_info --message="Upgrading to Nextcloud $last_version" - cp -a ../sources/patches_last_version/* ../sources/patches + ynh_print_info "Upgrading to Nextcloud $last_version" + cp -a ../patches_last_version/* ../patches source_id="main" else - ynh_print_info --message="Upgrading to Nextcloud $next_major_version" + ynh_print_info "Upgrading to Nextcloud $next_major_version" source_id="$next_major_version" fi @@ -189,7 +188,7 @@ then ) # Replace the old Nextcloud by the new one - ynh_secure_remove --file="$install_dir" + ynh_safe_rm "$install_dir" mv "$tmpdir" "$install_dir" # Set write access for the following commands @@ -198,7 +197,7 @@ then # Upgrade Nextcloud (SUCCESS = 0, UP_TO_DATE = 3) exec_occ maintenance:mode --off exec_occ upgrade \ - || [ $? -eq 3 ] || ynh_die --message="Unable to upgrade $app" + || [ $? -eq 3 ] || ynh_die "Unable to upgrade $app" # Get the new current version number current_version=$(grep OC_VersionString "$install_dir/version.php" | cut -d\' -f2) @@ -216,13 +215,13 @@ then #================================================= # CONFIGURE NEXTCLOUD #================================================= - ynh_script_progression --message="Reconfiguring $app..." --weight=9 + ynh_script_progression "Reconfiguring $app..." # Verify the checksum and backup the file if it's different - ynh_backup_if_checksum_is_different --file="$install_dir/config/config.php" + ynh_backup_if_checksum_is_different "$install_dir/config/config.php" nc_conf="${install_dir}/config.json" - ynh_add_config --template="config.json" --destination="$nc_conf" + ynh_config_add --template="config.json" --destination="$nc_conf" # Reneable the mail app if [ $mail_app_must_be_reactived -eq 1 ]; then @@ -253,7 +252,7 @@ then exec_occ config:import "$nc_conf" # Then remove the config file - ynh_secure_remove --file="$nc_conf" + ynh_safe_rm "$nc_conf" #================================================= # ALLOW USERS TO DISCONNECT FROM NEXTCLOUD @@ -301,13 +300,13 @@ then #================================================= # Calculate and store the config file checksum into the app settings - ynh_store_file_checksum --file="${install_dir}/config/config.php" + ynh_store_file_checksum "${install_dir}/config/config.php" fi #================================================= # REGEN PERMISSIONS #================================================= -ynh_script_progression --message="Reapplying file permissions..." --weight=2 +ynh_script_progression "Reapplying file permissions..." # Fix app ownerships & permissions chown -R $app:www-data "$install_dir" @@ -323,44 +322,44 @@ chmod 750 $install_dir #================================================= # REGEN SYSTEM CONFIGURATIONS #================================================= -ynh_script_progression --message="Regenerating system configurations for $app..." --weight=2 +ynh_script_progression "Regenerating system configurations for $app..." #------------------------------------------------- # PHP-FPM #------------------------------------------------- -ynh_add_fpm_config +ynh_config_add_phpfpm #------------------------------------------------- # NGINX #------------------------------------------------- # Delete current NGINX configuration to be able to check if .well-known is already served. -ynh_backup_if_checksum_is_different --file="/etc/nginx/conf.d/$domain.d/$app.conf" -ynh_remove_nginx_config -ynh_app_setting_delete --app=$app --key="checksum__etc_nginx_conf.d_$domain.d_$app.conf" +ynh_backup_if_checksum_is_different "/etc/nginx/conf.d/$domain.d/$app.conf" +ynh_config_remove_nginx +ynh_app_setting_delete --key="checksum__etc_nginx_conf.d_$domain.d_$app.conf" # Wait untils NGINX has fully reloaded -ynh_systemd_action --service_name=nginx --action=reload --line_match="Reloaded" --log_path="systemd" +ynh_systemctl --service=nginx --action=reload --wait_until="Reloaded" --log_path="systemd" # Check if .well-known is available for this domain if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav" then - ynh_print_warn --message="Another app already uses the domain $domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book." + ynh_print_warn "Another app already uses the domain $domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book." # Remove lines about .well-known/carddav and caldav with sed. sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "../conf/nginx.conf" fi # Create a dedicated NGINX config -ynh_add_nginx_config +ynh_config_add_nginx #================================================= # CRON JOB #================================================= cron_path="/etc/cron.d/$app" -ynh_add_config --template="nextcloud.cron" --destination="$cron_path" +ynh_config_add --template="nextcloud.cron" --destination="$cron_path" chown root: "$cron_path" chmod 644 "$cron_path" @@ -370,17 +369,17 @@ exec_occ background:cron # LOGROTATE #================================================= -ynh_use_logrotate --non-append +ynh_config_add_logrotate #================================================= # FAIL2BAN #================================================= # Create a dedicated Fail2Ban config -ynh_add_fail2ban_config --logpath="/var/log/$app/nextcloud.log" --failregex="^.*Login failed: '.*' \(Remote IP: ''.*$" --max_retry=5 +ynh_config_add_fail2ban --logpath="/var/log/$app/nextcloud.log" --failregex="^.*Login failed: '.*' \(Remote IP: ''.*$" #================================================= # END OF SCRIPT #================================================= -ynh_script_progression --message="Upgrade of $app completed" --last +ynh_script_progression "Upgrade of $app completed" diff --git a/sources/patches/.gitignore b/sources/patches/.gitignore deleted file mode 100644 index e69de29..0000000