From 1a4ff65d4845b1ad26bedd1eead8a041a1d7d8b8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Tue, 12 Dec 2023 19:57:53 +0100 Subject: [PATCH 01/34] 28.0.0 --- manifest.toml | 2 +- scripts/upgrade.d/upgrade.27.sh | 7 +++++++ scripts/upgrade.d/upgrade.last.sh | 4 ++-- 3 files changed, 10 insertions(+), 3 deletions(-) create mode 100644 scripts/upgrade.d/upgrade.27.sh diff --git a/manifest.toml b/manifest.toml index a8200f6..4fb2032 100644 --- a/manifest.toml +++ b/manifest.toml @@ -5,7 +5,7 @@ name = "Nextcloud" description.en = "Online storage, file sharing platform and various other applications" description.fr = "Stockage en ligne, plateforme de partage de fichiers et diverses autres applications" -version = "27.1.4~ynh1" +version = "28.0.0~ynh1" maintainers = ["kay0u"] diff --git a/scripts/upgrade.d/upgrade.27.sh b/scripts/upgrade.d/upgrade.27.sh new file mode 100644 index 0000000..3716a7f --- /dev/null +++ b/scripts/upgrade.d/upgrade.27.sh @@ -0,0 +1,7 @@ +#!/bin/bash + +# Last available Nextcloud version +next_version="28.0.0" + +# Nextcloud tarball checksum sha256 +nextcloud_source_sha256="4e8b0b74b40221e85f92ab869d0873c69a52d7e43889d9259c6259428a6a36f2" diff --git a/scripts/upgrade.d/upgrade.last.sh b/scripts/upgrade.d/upgrade.last.sh index b31e5b5..3716a7f 100644 --- a/scripts/upgrade.d/upgrade.last.sh +++ b/scripts/upgrade.d/upgrade.last.sh @@ -1,7 +1,7 @@ #!/bin/bash # Last available Nextcloud version -next_version="27.1.4" +next_version="28.0.0" # Nextcloud tarball checksum sha256 -nextcloud_source_sha256="bec65f2166b82c9303baf476c1e424f71aa196dad010ffe4c0c39d03990d594c" +nextcloud_source_sha256="4e8b0b74b40221e85f92ab869d0873c69a52d7e43889d9259c6259428a6a36f2" From 086cfe8054198eee72d5fc3e4c7f9189ecc2b084 Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Tue, 12 Dec 2023 18:57:58 +0000 Subject: [PATCH 02/34] Auto-update README --- README.md | 2 +- README_fr.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index abbfd57..73b3afe 100644 --- a/README.md +++ b/README.md @@ -29,7 +29,7 @@ In addition to Nextcloud core features, the following are made available with th * Serve `/.well-known` paths for CalDAV and CardDAV on the domain only if it's not already served - i.e. by Baïkal -**Shipped version:** 27.1.4~ynh1 +**Shipped version:** 28.0.0~ynh1 **Demo:** https://demo.nextcloud.com/ diff --git a/README_fr.md b/README_fr.md index f4fdfaa..dc3c8b6 100644 --- a/README_fr.md +++ b/README_fr.md @@ -29,7 +29,7 @@ En plus des fonctionnalités principales de Nextcloud, les fonctionnalités suiv * Utilise l'adresse `/.well-known` pour la synchronisation CalDAV et CardDAV du domaine si aucun autre service ne l'utilise déjà - par exemple, Baïkal -**Version incluse :** 27.1.4~ynh1 +**Version incluse :** 28.0.0~ynh1 **Démo :** https://demo.nextcloud.com/ From 4e49c46ed5983e33132528e595f6195b83441dff Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Tue, 12 Dec 2023 21:13:44 +0100 Subject: [PATCH 03/34] Update app-00-add-logout_url-conf.patch --- sources/patches_last_version/app-00-add-logout_url-conf.patch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sources/patches_last_version/app-00-add-logout_url-conf.patch b/sources/patches_last_version/app-00-add-logout_url-conf.patch index 919f2d4..2fdeff4 100644 --- a/sources/patches_last_version/app-00-add-logout_url-conf.patch +++ b/sources/patches_last_version/app-00-add-logout_url-conf.patch @@ -2,7 +2,7 @@ diff --git a/core/Controller/LoginController.php b/core/Controller/LoginControll index 13aef8f67a..55d8dbf9d1 100644 --- a/core/Controller/LoginController.php +++ b/core/Controller/LoginController.php -@@ -119,11 +119,12 @@ class LoginController extends Controller { +@@ -97,11 +97,13 @@ class LoginController extends Controller { } $this->userSession->logout(); From 182f3c88be8253539d8229ec963c67d18f69182f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Tue, 12 Dec 2023 21:18:13 +0100 Subject: [PATCH 04/34] Revert "Update app-00-add-logout_url-conf.patch" This reverts commit 4e49c46ed5983e33132528e595f6195b83441dff. --- sources/patches_last_version/app-00-add-logout_url-conf.patch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sources/patches_last_version/app-00-add-logout_url-conf.patch b/sources/patches_last_version/app-00-add-logout_url-conf.patch index 2fdeff4..919f2d4 100644 --- a/sources/patches_last_version/app-00-add-logout_url-conf.patch +++ b/sources/patches_last_version/app-00-add-logout_url-conf.patch @@ -2,7 +2,7 @@ diff --git a/core/Controller/LoginController.php b/core/Controller/LoginControll index 13aef8f67a..55d8dbf9d1 100644 --- a/core/Controller/LoginController.php +++ b/core/Controller/LoginController.php -@@ -97,11 +97,13 @@ class LoginController extends Controller { +@@ -119,11 +119,12 @@ class LoginController extends Controller { } $this->userSession->logout(); From ca4ad9a444a88e524e25d4a02298ed94b3bb123c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Sun, 17 Dec 2023 18:37:29 +0100 Subject: [PATCH 05/34] Update app-00-add-logout_url-conf.patch --- .../app-00-add-logout_url-conf.patch | 34 ++++++++++--------- 1 file changed, 18 insertions(+), 16 deletions(-) diff --git a/sources/patches_last_version/app-00-add-logout_url-conf.patch b/sources/patches_last_version/app-00-add-logout_url-conf.patch index 919f2d4..31ab09d 100644 --- a/sources/patches_last_version/app-00-add-logout_url-conf.patch +++ b/sources/patches_last_version/app-00-add-logout_url-conf.patch @@ -1,21 +1,23 @@ diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php -index 13aef8f67a..55d8dbf9d1 100644 +index db3e8a64d64..fe63a896c85 100644 --- a/core/Controller/LoginController.php +++ b/core/Controller/LoginController.php -@@ -119,11 +119,12 @@ class LoginController extends Controller { - } - $this->userSession->logout(); - -- $response = new RedirectResponse($this->urlGenerator->linkToRouteAbsolute( -- 'core.login.showLoginForm', -- ['clear' => true] // this param the the code in login.js may be removed when the "Clear-Site-Data" is working in the browsers -+ $redirectUrl = $this->config->getSystemValue('logout_url', -+ $this->urlGenerator->linkToRouteAbsolute( -+ 'core.login.showLoginForm', -+ ['clear' => true] // this param the the code in login.js may be removed when the "Clear-Site-Data" is working in the browsers) - )); +@@ -97,11 +97,13 @@ class LoginController extends Controller { + } + $this->userSession->logout(); + +- $response = new RedirectResponse($this->urlGenerator->linkToRouteAbsolute( +- 'core.login.showLoginForm', +- ['clear' => true] // this param the code in login.js may be removed when the "Clear-Site-Data" is working in the browsers +- )); - -+ $response = new RedirectResponse($redirectUrl); - $this->session->set('clearingExecutionContexts', '1'); - $this->session->close(); ++ $redirectUrl = $this->config->getSystemValue('logout_url', +++ $this->urlGenerator->linkToRouteAbsolute( +++ 'core.login.showLoginForm', +++ ['clear' => true] // this param the the code in login.js may be removed when the "Clear-Site-Data" is working in the browsers) ++ )); ++- +++ $response = new RedirectResponse($redirectUrl); + $this->session->set('clearingExecutionContexts', '1'); + $this->session->close(); From 34e482baa9fee34055b460908c3bee83d8e3a5e3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Sun, 17 Dec 2023 19:01:23 +0100 Subject: [PATCH 06/34] Update app-02-Allow-for-eval-in-JS-scripts-for-YunoHost-tile.patch --- ...eval-in-JS-scripts-for-YunoHost-tile.patch | 26 +++++++++---------- 1 file changed, 12 insertions(+), 14 deletions(-) diff --git a/sources/patches_last_version/app-02-Allow-for-eval-in-JS-scripts-for-YunoHost-tile.patch b/sources/patches_last_version/app-02-Allow-for-eval-in-JS-scripts-for-YunoHost-tile.patch index 43159c3..6ea0754 100644 --- a/sources/patches_last_version/app-02-Allow-for-eval-in-JS-scripts-for-YunoHost-tile.patch +++ b/sources/patches_last_version/app-02-Allow-for-eval-in-JS-scripts-for-YunoHost-tile.patch @@ -1,17 +1,15 @@ - lib/public/AppFramework/Http/ContentSecurityPolicy.php | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - diff --git a/lib/public/AppFramework/Http/ContentSecurityPolicy.php b/lib/public/AppFramework/Http/ContentSecurityPolicy.php -index e9ecf00036..8e69c8d2dc 100644 +index 7f93f7004d9..c3fbee8baa7 100644 --- a/lib/public/AppFramework/Http/ContentSecurityPolicy.php +++ b/lib/public/AppFramework/Http/ContentSecurityPolicy.php -@@ -44,7 +44,8 @@ class ContentSecurityPolicy extends EmptyContentSecurityPolicy { - /** @var bool Whether inline JS snippets are allowed */ - protected $inlineScriptAllowed = false; - /** @var bool Whether eval in JS scripts is allowed */ -- protected $evalScriptAllowed = false; -+ // YunoHost patch: allow for eval in JS scripts for YunoHost tile -+ protected $evalScriptAllowed = true; - /** @var bool Whether strict-dynamic should be set */ - protected $strictDynamicAllowed = null; - /** @var array Domains from which scripts can get loaded */ +@@ -43,7 +43,8 @@ class ContentSecurityPolicy extends EmptyContentSecurityPolicy { + /** @var bool Whether inline JS snippets are allowed */ + protected $inlineScriptAllowed = false; + /** @var bool Whether eval in JS scripts is allowed */ +- protected $evalScriptAllowed = false; ++ // YunoHost patch: allow for eval in JS scripts for YunoHost tile ++ protected $evalScriptAllowed = true; + /** @var bool Whether WebAssembly compilation is allowed */ + protected ?bool $evalWasmAllowed = false; + /** @var bool Whether strict-dynamic should be set */ + From 2a14a558d05edb02cf3c945a4e312ac47477acb7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Sun, 17 Dec 2023 21:06:30 +0100 Subject: [PATCH 07/34] reverting --- scripts/change_url | 8 -------- 1 file changed, 8 deletions(-) diff --git a/scripts/change_url b/scripts/change_url index 6da4c8d..0d8c794 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -49,14 +49,6 @@ then fi fi -#================================================= -# SETUP SSOWAT -#================================================= -ynh_script_progression --message="Configuring permissions..." - -# Temporary fix for the API permission -ynh_permission_url --permission="api" --url="re:$new_domain\/.well-known\/.*" --auth_header="false" --clear_urls - #================================================= # END OF SCRIPT #================================================= From 156dadf5f279fcba4b7ba536211fd6fc32a31c83 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Sun, 17 Dec 2023 21:12:08 +0100 Subject: [PATCH 08/34] Revert "Update app-00-add-logout_url-conf.patch" This reverts commit ca4ad9a444a88e524e25d4a02298ed94b3bb123c. --- .../app-00-add-logout_url-conf.patch | 36 +++++++++---------- 1 file changed, 17 insertions(+), 19 deletions(-) diff --git a/sources/patches_last_version/app-00-add-logout_url-conf.patch b/sources/patches_last_version/app-00-add-logout_url-conf.patch index 31ab09d..919f2d4 100644 --- a/sources/patches_last_version/app-00-add-logout_url-conf.patch +++ b/sources/patches_last_version/app-00-add-logout_url-conf.patch @@ -1,23 +1,21 @@ diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php -index db3e8a64d64..fe63a896c85 100644 +index 13aef8f67a..55d8dbf9d1 100644 --- a/core/Controller/LoginController.php +++ b/core/Controller/LoginController.php -@@ -97,11 +97,13 @@ class LoginController extends Controller { - } - $this->userSession->logout(); - -- $response = new RedirectResponse($this->urlGenerator->linkToRouteAbsolute( -- 'core.login.showLoginForm', -- ['clear' => true] // this param the code in login.js may be removed when the "Clear-Site-Data" is working in the browsers -- )); -- -+ $redirectUrl = $this->config->getSystemValue('logout_url', -++ $this->urlGenerator->linkToRouteAbsolute( -++ 'core.login.showLoginForm', -++ ['clear' => true] // this param the the code in login.js may be removed when the "Clear-Site-Data" is working in the browsers) -+ )); -+- -++ $response = new RedirectResponse($redirectUrl); - $this->session->set('clearingExecutionContexts', '1'); - $this->session->close(); +@@ -119,11 +119,12 @@ class LoginController extends Controller { + } + $this->userSession->logout(); + +- $response = new RedirectResponse($this->urlGenerator->linkToRouteAbsolute( +- 'core.login.showLoginForm', +- ['clear' => true] // this param the the code in login.js may be removed when the "Clear-Site-Data" is working in the browsers ++ $redirectUrl = $this->config->getSystemValue('logout_url', ++ $this->urlGenerator->linkToRouteAbsolute( ++ 'core.login.showLoginForm', ++ ['clear' => true] // this param the the code in login.js may be removed when the "Clear-Site-Data" is working in the browsers) + )); +- ++ $response = new RedirectResponse($redirectUrl); + $this->session->set('clearingExecutionContexts', '1'); + $this->session->close(); From ef4e806bccfda9cda1aff945e03f0f5cc9edef99 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Sun, 17 Dec 2023 21:12:15 +0100 Subject: [PATCH 09/34] Revert "Update app-02-Allow-for-eval-in-JS-scripts-for-YunoHost-tile.patch" This reverts commit 34e482baa9fee34055b460908c3bee83d8e3a5e3. --- ...eval-in-JS-scripts-for-YunoHost-tile.patch | 26 ++++++++++--------- 1 file changed, 14 insertions(+), 12 deletions(-) diff --git a/sources/patches_last_version/app-02-Allow-for-eval-in-JS-scripts-for-YunoHost-tile.patch b/sources/patches_last_version/app-02-Allow-for-eval-in-JS-scripts-for-YunoHost-tile.patch index 6ea0754..43159c3 100644 --- a/sources/patches_last_version/app-02-Allow-for-eval-in-JS-scripts-for-YunoHost-tile.patch +++ b/sources/patches_last_version/app-02-Allow-for-eval-in-JS-scripts-for-YunoHost-tile.patch @@ -1,15 +1,17 @@ + lib/public/AppFramework/Http/ContentSecurityPolicy.php | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + diff --git a/lib/public/AppFramework/Http/ContentSecurityPolicy.php b/lib/public/AppFramework/Http/ContentSecurityPolicy.php -index 7f93f7004d9..c3fbee8baa7 100644 +index e9ecf00036..8e69c8d2dc 100644 --- a/lib/public/AppFramework/Http/ContentSecurityPolicy.php +++ b/lib/public/AppFramework/Http/ContentSecurityPolicy.php -@@ -43,7 +43,8 @@ class ContentSecurityPolicy extends EmptyContentSecurityPolicy { - /** @var bool Whether inline JS snippets are allowed */ - protected $inlineScriptAllowed = false; - /** @var bool Whether eval in JS scripts is allowed */ -- protected $evalScriptAllowed = false; -+ // YunoHost patch: allow for eval in JS scripts for YunoHost tile -+ protected $evalScriptAllowed = true; - /** @var bool Whether WebAssembly compilation is allowed */ - protected ?bool $evalWasmAllowed = false; - /** @var bool Whether strict-dynamic should be set */ - +@@ -44,7 +44,8 @@ class ContentSecurityPolicy extends EmptyContentSecurityPolicy { + /** @var bool Whether inline JS snippets are allowed */ + protected $inlineScriptAllowed = false; + /** @var bool Whether eval in JS scripts is allowed */ +- protected $evalScriptAllowed = false; ++ // YunoHost patch: allow for eval in JS scripts for YunoHost tile ++ protected $evalScriptAllowed = true; + /** @var bool Whether strict-dynamic should be set */ + protected $strictDynamicAllowed = null; + /** @var array Domains from which scripts can get loaded */ From ab33a96bc4e08ce4e8367a8a4e8bbc293fe8d176 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Thu, 21 Dec 2023 17:15:23 +0100 Subject: [PATCH 10/34] 28.0.1 --- manifest.toml | 2 +- scripts/upgrade.d/upgrade.last.sh | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/manifest.toml b/manifest.toml index 4fb2032..4d53e38 100644 --- a/manifest.toml +++ b/manifest.toml @@ -5,7 +5,7 @@ name = "Nextcloud" description.en = "Online storage, file sharing platform and various other applications" description.fr = "Stockage en ligne, plateforme de partage de fichiers et diverses autres applications" -version = "28.0.0~ynh1" +version = "28.0.1~ynh1" maintainers = ["kay0u"] diff --git a/scripts/upgrade.d/upgrade.last.sh b/scripts/upgrade.d/upgrade.last.sh index 3716a7f..067e91b 100644 --- a/scripts/upgrade.d/upgrade.last.sh +++ b/scripts/upgrade.d/upgrade.last.sh @@ -1,7 +1,7 @@ #!/bin/bash # Last available Nextcloud version -next_version="28.0.0" +next_version="28.0.1" # Nextcloud tarball checksum sha256 -nextcloud_source_sha256="4e8b0b74b40221e85f92ab869d0873c69a52d7e43889d9259c6259428a6a36f2" +nextcloud_source_sha256="2f80735b443082272fe6a3b5e32137957f1fc448c75342b94b5200b29725f3a4" From f957b2b4ad432d9296b5124f20ec37e0aaad1a9c Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Thu, 21 Dec 2023 16:15:29 +0000 Subject: [PATCH 11/34] Auto-update README --- README.md | 2 +- README_fr.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 73b3afe..5b8a14b 100644 --- a/README.md +++ b/README.md @@ -29,7 +29,7 @@ In addition to Nextcloud core features, the following are made available with th * Serve `/.well-known` paths for CalDAV and CardDAV on the domain only if it's not already served - i.e. by Baïkal -**Shipped version:** 28.0.0~ynh1 +**Shipped version:** 28.0.1~ynh1 **Demo:** https://demo.nextcloud.com/ diff --git a/README_fr.md b/README_fr.md index dc3c8b6..8b6334c 100644 --- a/README_fr.md +++ b/README_fr.md @@ -29,7 +29,7 @@ En plus des fonctionnalités principales de Nextcloud, les fonctionnalités suiv * Utilise l'adresse `/.well-known` pour la synchronisation CalDAV et CardDAV du domaine si aucun autre service ne l'utilise déjà - par exemple, Baïkal -**Version incluse :** 28.0.0~ynh1 +**Version incluse :** 28.0.1~ynh1 **Démo :** https://demo.nextcloud.com/ From aabf29a29443a10dbb1bf55d9c7741e424471880 Mon Sep 17 00:00:00 2001 From: lapineige Date: Thu, 21 Dec 2023 17:48:42 +0100 Subject: [PATCH 12/34] the typo was fixed https://github.com/nextcloud/server/blame/master/core/Controller/LoginController.php#L102 --- sources/patches_last_version/app-00-add-logout_url-conf.patch | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sources/patches_last_version/app-00-add-logout_url-conf.patch b/sources/patches_last_version/app-00-add-logout_url-conf.patch index 919f2d4..44cce42 100644 --- a/sources/patches_last_version/app-00-add-logout_url-conf.patch +++ b/sources/patches_last_version/app-00-add-logout_url-conf.patch @@ -8,11 +8,11 @@ index 13aef8f67a..55d8dbf9d1 100644 - $response = new RedirectResponse($this->urlGenerator->linkToRouteAbsolute( - 'core.login.showLoginForm', -- ['clear' => true] // this param the the code in login.js may be removed when the "Clear-Site-Data" is working in the browsers +- ['clear' => true] // this param the code in login.js may be removed when the "Clear-Site-Data" is working in the browsers + $redirectUrl = $this->config->getSystemValue('logout_url', + $this->urlGenerator->linkToRouteAbsolute( + 'core.login.showLoginForm', -+ ['clear' => true] // this param the the code in login.js may be removed when the "Clear-Site-Data" is working in the browsers) ++ ['clear' => true] // this param the code in login.js may be removed when the "Clear-Site-Data" is working in the browsers) )); - + $response = new RedirectResponse($redirectUrl); From f1402466ce6af12ea28605c7683ff8e92a578dbe Mon Sep 17 00:00:00 2001 From: lapineige Date: Thu, 21 Dec 2023 17:56:45 +0100 Subject: [PATCH 13/34] Adapt the nextcloud 28 content https://github.com/nextcloud/server/blob/e231abd9bfac66e69db810c986792f9ba1a9d581/lib/public/AppFramework/Http/ContentSecurityPolicy.php#L42 --- ...-02-Allow-for-eval-in-JS-scripts-for-YunoHost-tile.patch | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/sources/patches_last_version/app-02-Allow-for-eval-in-JS-scripts-for-YunoHost-tile.patch b/sources/patches_last_version/app-02-Allow-for-eval-in-JS-scripts-for-YunoHost-tile.patch index 43159c3..abe9ad4 100644 --- a/sources/patches_last_version/app-02-Allow-for-eval-in-JS-scripts-for-YunoHost-tile.patch +++ b/sources/patches_last_version/app-02-Allow-for-eval-in-JS-scripts-for-YunoHost-tile.patch @@ -5,13 +5,13 @@ diff --git a/lib/public/AppFramework/Http/ContentSecurityPolicy.php b/lib/public index e9ecf00036..8e69c8d2dc 100644 --- a/lib/public/AppFramework/Http/ContentSecurityPolicy.php +++ b/lib/public/AppFramework/Http/ContentSecurityPolicy.php -@@ -44,7 +44,8 @@ class ContentSecurityPolicy extends EmptyContentSecurityPolicy { +@@ -42,7 +42,8 @@ class ContentSecurityPolicy extends EmptyContentSecurityPolicy { /** @var bool Whether inline JS snippets are allowed */ protected $inlineScriptAllowed = false; /** @var bool Whether eval in JS scripts is allowed */ - protected $evalScriptAllowed = false; + // YunoHost patch: allow for eval in JS scripts for YunoHost tile + protected $evalScriptAllowed = true; + /** @var bool Whether WebAssembly compilation is allowed */ + protected ?bool $evalWasmAllowed = false; /** @var bool Whether strict-dynamic should be set */ - protected $strictDynamicAllowed = null; - /** @var array Domains from which scripts can get loaded */ From 83ac399638fe44f7a50e9de51d4f8cdb4659333b Mon Sep 17 00:00:00 2001 From: lapineige Date: Thu, 21 Dec 2023 17:58:02 +0100 Subject: [PATCH 14/34] fix line number ``` 153105 INFO DEBUG - patching file core/Controller/LoginController.php 153105 INFO DEBUG - Hunk #1 succeeded at 97 (offset -22 lines). ``` From https://ci-apps-dev.yunohost.org/ci/job/12038 --- sources/patches_last_version/app-00-add-logout_url-conf.patch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sources/patches_last_version/app-00-add-logout_url-conf.patch b/sources/patches_last_version/app-00-add-logout_url-conf.patch index 44cce42..2c81a65 100644 --- a/sources/patches_last_version/app-00-add-logout_url-conf.patch +++ b/sources/patches_last_version/app-00-add-logout_url-conf.patch @@ -2,7 +2,7 @@ diff --git a/core/Controller/LoginController.php b/core/Controller/LoginControll index 13aef8f67a..55d8dbf9d1 100644 --- a/core/Controller/LoginController.php +++ b/core/Controller/LoginController.php -@@ -119,11 +119,12 @@ class LoginController extends Controller { +@@ -97,11 +97,12 @@ class LoginController extends Controller { } $this->userSession->logout(); From 1729962f9e30235134afa0df7035a2d16f2e8f1e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Thu, 21 Dec 2023 19:37:25 +0100 Subject: [PATCH 15/34] Update change_url --- scripts/change_url | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/change_url b/scripts/change_url index 0d8c794..0d8a142 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -33,7 +33,7 @@ then exec_occ config:system:set trusted_domains 1 --value=$new_domain # Change hostname for activity notifications - exec_occ config:system:set overwrite.cli.url --value="https://${new_domain}${new_path}" + exec_occ config:system:set overwrite.cli.url --value="https://${new_domain}" fi if [ $change_domain -eq 1 ] From 84c71a56e9cbd9e72803ad10b0ed2dfa09aac7b9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Thu, 21 Dec 2023 21:02:29 +0100 Subject: [PATCH 16/34] Update change_url --- scripts/change_url | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/scripts/change_url b/scripts/change_url index 0d8a142..6da4c8d 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -33,7 +33,7 @@ then exec_occ config:system:set trusted_domains 1 --value=$new_domain # Change hostname for activity notifications - exec_occ config:system:set overwrite.cli.url --value="https://${new_domain}" + exec_occ config:system:set overwrite.cli.url --value="https://${new_domain}${new_path}" fi if [ $change_domain -eq 1 ] @@ -49,6 +49,14 @@ then fi fi +#================================================= +# SETUP SSOWAT +#================================================= +ynh_script_progression --message="Configuring permissions..." + +# Temporary fix for the API permission +ynh_permission_url --permission="api" --url="re:$new_domain\/.well-known\/.*" --auth_header="false" --clear_urls + #================================================= # END OF SCRIPT #================================================= From 263bc166ff42b6b1c5bce2c9b5827444fc1da908 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Thu, 21 Dec 2023 21:05:34 +0100 Subject: [PATCH 17/34] Update tests.toml --- tests.toml | 1 + 1 file changed, 1 insertion(+) diff --git a/tests.toml b/tests.toml index 85768fa..0e8e459 100644 --- a/tests.toml +++ b/tests.toml @@ -8,4 +8,5 @@ test_format = 1.0 test_upgrade_from.c5cf91ad.name = "Upgrade from 25.0.2" test_upgrade_from.caf917f3.name = "Upgrade from 26.0.2" + test_upgrade_from.9c6d1eea.name = "Upgrade from 27.1.4" \ No newline at end of file From 5116bde160a9c33c9d1cd927765baf5281a813c6 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin <4533074+alexAubin@users.noreply.github.com> Date: Sun, 7 Jan 2024 17:27:45 +0100 Subject: [PATCH 18/34] Update change_url: add tmp debug ... --- scripts/change_url | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/scripts/change_url b/scripts/change_url index 6da4c8d..420f4cd 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -62,3 +62,10 @@ ynh_permission_url --permission="api" --url="re:$new_domain\/.well-known\/.*" -- #================================================= ynh_script_progression --message="Change of URL completed for $app" --last + +# Tmp debug for the stupid trusted domain issue x_x +ynh_print_info $(cat /var/www/nextcloud/config/config.php) + +systemctl restart php${phpversion}-fpm + +sleep 5 From b90f5e934cd669eaab47f0406f710190bbb1251b Mon Sep 17 00:00:00 2001 From: Alexandre Aubin <4533074+alexAubin@users.noreply.github.com> Date: Sun, 7 Jan 2024 17:29:08 +0100 Subject: [PATCH 19/34] Update change_url --- scripts/change_url | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/change_url b/scripts/change_url index 420f4cd..615883e 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -64,7 +64,7 @@ ynh_permission_url --permission="api" --url="re:$new_domain\/.well-known\/.*" -- ynh_script_progression --message="Change of URL completed for $app" --last # Tmp debug for the stupid trusted domain issue x_x -ynh_print_info $(cat /var/www/nextcloud/config/config.php) +cat /var/www/nextcloud/config/config.php >&$YNH_STDINFO systemctl restart php${phpversion}-fpm From 3259e4abb5126fb4b4f6ab1ef1fd9c6d841b2b89 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin <4533074+alexAubin@users.noreply.github.com> Date: Mon, 8 Jan 2024 19:34:02 +0100 Subject: [PATCH 20/34] Update change_url: properly reload php-fpm when changing trusted_domains --- scripts/change_url | 35 ++++++++++++++--------------------- 1 file changed, 14 insertions(+), 21 deletions(-) diff --git a/scripts/change_url b/scripts/change_url index 615883e..4ba48b3 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -29,24 +29,24 @@ exec_occ() { if [ $change_domain -eq 1 ] then - # Change the trusted domain - exec_occ config:system:set trusted_domains 1 --value=$new_domain + # Change the trusted domain + exec_occ config:system:set trusted_domains 1 --value=$new_domain - # Change hostname for activity notifications + # Change hostname for activity notifications exec_occ config:system:set overwrite.cli.url --value="https://${new_domain}${new_path}" -fi -if [ $change_domain -eq 1 ] -then - # Check if .well-known is available for this domain - if is_url_handled --domain="$new_domain" --path="/.well-known/caldav" || is_url_handled --domain="$new_domain" --path="/.well-known/carddav" - then - ynh_print_warn --message="Another app already uses the domain $new_domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book." + # Reload php fpm, necessary for force nextcloud to re-read config.php, cf opcache.revalidate_freq + ynh_systemd_action --service_name=php${phpversion}-fpm --action=reload - # Remove lines about .well-known/carddav and caldav with sed. - sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "/etc/nginx/conf.d/$new_domain.d/$app.conf" - ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" - fi + # Check if .well-known is available for this domain + if is_url_handled --domain="$new_domain" --path="/.well-known/caldav" || is_url_handled --domain="$new_domain" --path="/.well-known/carddav" + then + ynh_print_warn --message="Another app already uses the domain $new_domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book." + + # Remove lines about .well-known/carddav and caldav with sed. + sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "/etc/nginx/conf.d/$new_domain.d/$app.conf" + ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" + fi fi #================================================= @@ -62,10 +62,3 @@ ynh_permission_url --permission="api" --url="re:$new_domain\/.well-known\/.*" -- #================================================= ynh_script_progression --message="Change of URL completed for $app" --last - -# Tmp debug for the stupid trusted domain issue x_x -cat /var/www/nextcloud/config/config.php >&$YNH_STDINFO - -systemctl restart php${phpversion}-fpm - -sleep 5 From 5932bdc22ffc36d1f698634c14db69807967a3e8 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin <4533074+alexAubin@users.noreply.github.com> Date: Mon, 8 Jan 2024 20:00:44 +0100 Subject: [PATCH 21/34] Update upgrade: fix inconsistent handling of the php version stuff between major upgrades --- scripts/upgrade | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/scripts/upgrade b/scripts/upgrade index 32c7001..c7fd701 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -107,7 +107,7 @@ exec_occ() { # Backward compatibility to upgrade from older versions if [ $current_major_version = "last" ] || [ $current_major_version -ge 26 ] then - NEXTCLOUD_PHP_VERSION=$phpversion + NEXTCLOUD_PHP_VERSION="8.2" elif [ $current_major_version -ge 24 ] then NEXTCLOUD_PHP_VERSION="8.1" @@ -117,7 +117,11 @@ exec_occ() { else NEXTCLOUD_PHP_VERSION="7.1" fi - if ! timeout 1 php$NEXTCLOUD_PHP_VERSION 2>/dev/null; then + + # NB : be super careful when designing this part of the code, because calling ynh_install_app_dependencies + # will do magic regarding php configuration and $phpversion when the php version of the dependencies changes ... + phpversion=$(ynh_app_setting_set --app=$app --key=phpversion) + if [[ "$NEXTCLOUD_PHP_VERSION" != "$phpversion" ]; then local pkg_dependencies="$(dpkg-query --show --showformat='${Depends}' ${app}-ynh-deps)" pkg_dependencies="${pkg_dependencies//$phpversion/$NEXTCLOUD_PHP_VERSION}" ynh_install_app_dependencies "$pkg_dependencies" From e1651583be54bee2d276a150d29211fedb04c119 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin <4533074+alexAubin@users.noreply.github.com> Date: Mon, 8 Jan 2024 21:54:18 +0100 Subject: [PATCH 22/34] Update upgrade: stupid typo --- scripts/upgrade | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/upgrade b/scripts/upgrade index c7fd701..6950f48 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -121,7 +121,7 @@ exec_occ() { # NB : be super careful when designing this part of the code, because calling ynh_install_app_dependencies # will do magic regarding php configuration and $phpversion when the php version of the dependencies changes ... phpversion=$(ynh_app_setting_set --app=$app --key=phpversion) - if [[ "$NEXTCLOUD_PHP_VERSION" != "$phpversion" ]; then + if [[ "$NEXTCLOUD_PHP_VERSION" != "$phpversion" ]]; then local pkg_dependencies="$(dpkg-query --show --showformat='${Depends}' ${app}-ynh-deps)" pkg_dependencies="${pkg_dependencies//$phpversion/$NEXTCLOUD_PHP_VERSION}" ynh_install_app_dependencies "$pkg_dependencies" From 10c7976d054d1b17d884185c4a1e35dc7b2d0350 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Mon, 8 Jan 2024 23:00:49 +0100 Subject: [PATCH 23/34] During upgrade, the backup of config.php should occurr before the maintenance mode is set to on, otherwise the restored version will have maintenance=true and appear as manually modified.. --- scripts/upgrade | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/scripts/upgrade b/scripts/upgrade index 6950f48..ac1c1e1 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -221,12 +221,12 @@ EOF # Install the next nextcloud version in $tmpdir ynh_setup_source --dest_dir="$tmpdir" - # Enable maintenance mode - exec_occ maintenance:mode --on - # Backup the config file in the temp dir cp -a "$install_dir/config/config.php" "$tmpdir/config/config.php" + # Enable maintenance mode + exec_occ maintenance:mode --on + # Backup 3rd party applications from the current Nextcloud # But do not overwrite if there is any upgrade # (apps directory already exists in Nextcloud archive) From f2829d02bc69b59249133053760d807f5e6cf58f Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Mon, 8 Jan 2024 23:02:58 +0100 Subject: [PATCH 24/34] Zgrompf --- scripts/upgrade | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/upgrade b/scripts/upgrade index ac1c1e1..fd7a5f6 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -120,7 +120,7 @@ exec_occ() { # NB : be super careful when designing this part of the code, because calling ynh_install_app_dependencies # will do magic regarding php configuration and $phpversion when the php version of the dependencies changes ... - phpversion=$(ynh_app_setting_set --app=$app --key=phpversion) + phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) if [[ "$NEXTCLOUD_PHP_VERSION" != "$phpversion" ]]; then local pkg_dependencies="$(dpkg-query --show --showformat='${Depends}' ${app}-ynh-deps)" pkg_dependencies="${pkg_dependencies//$phpversion/$NEXTCLOUD_PHP_VERSION}" From bee14c89729b694f0953ece8f9143f1721ff6821 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Mon, 8 Jan 2024 23:10:11 +0100 Subject: [PATCH 25/34] Simplify the overly complex mess about fpm_usage, fpm_footprint ... and fpm_free_footprint doesn't seem to even be something used anywhere --- scripts/config | 2 +- scripts/install | 25 +++---------------------- scripts/remove | 6 ------ scripts/restore | 8 +------- scripts/upgrade | 30 +----------------------------- 5 files changed, 6 insertions(+), 65 deletions(-) diff --git a/scripts/config b/scripts/config index 5a7a2ac..35e9cd0 100644 --- a/scripts/config +++ b/scripts/config @@ -120,7 +120,7 @@ ynh_app_config_validate() { ynh_app_config_apply() { _ynh_app_config_apply - ynh_add_fpm_config --phpversion=$phpversion --usage=$fpm_usage --footprint=$fpm_footprint + ynh_add_fpm_config } ynh_app_config_run $1 diff --git a/scripts/install b/scripts/install index c1b9599..fe87cb8 100755 --- a/scripts/install +++ b/scripts/install @@ -1,33 +1,13 @@ #!/bin/bash -#================================================= -# GENERIC START -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - source _common.sh source /usr/share/yunohost/helpers source _ynh_mysql_connect_as.sh -#================================================= -# STORE SETTINGS FROM MANIFEST -#================================================= - maintenance_mode=0 -fpm_footprint="high" -fpm_free_footprint=0 -fpm_usage="medium" phpflags="--define apc.enable_cli=1" -#================================================= -# STORE SETTINGS FROM MANIFEST -#================================================= - ynh_app_setting_set --app=$app --key=maintenance_mode --value=$maintenance_mode -ynh_app_setting_set --app=$app --key=fpm_footprint --value=$fpm_footprint -ynh_app_setting_set --app=$app --key=fpm_free_footprint --value=$fpm_free_footprint -ynh_app_setting_set --app=$app --key=fpm_usage --value=$fpm_usage ynh_app_setting_set --app=$app --key=phpflags --value=$phpflags #================================================= @@ -65,8 +45,9 @@ ynh_setup_source --dest_dir="$install_dir" #================================================= ynh_script_progression --message="Configuring PHP-FPM..." --weight=5 -# Create a dedicated PHP-FPM config -ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint +ynh_app_setting_set --app=$app --key=fpm_footprint --value=high +ynh_app_setting_set --app=$app --key=fpm_usage --value=medium +ynh_add_fpm_config #================================================= # NGINX CONFIGURATION diff --git a/scripts/remove b/scripts/remove index d09cafe..c39ac68 100755 --- a/scripts/remove +++ b/scripts/remove @@ -1,11 +1,5 @@ #!/bin/bash -#================================================= -# GENERIC START -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - source _common.sh source /usr/share/yunohost/helpers diff --git a/scripts/restore b/scripts/restore index 90d8fba..fe6be1e 100755 --- a/scripts/restore +++ b/scripts/restore @@ -1,11 +1,5 @@ #!/bin/bash -#================================================= -# GENERIC START -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers source ../settings/scripts/_ynh_mysql_connect_as.sh @@ -35,7 +29,7 @@ ynh_script_progression --message="Reconfiguring PHP-FPM..." --weight=50 ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" # Recreate a dedicated php-fpm config -ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint --phpversion=$phpversion +ynh_add_fpm_config #================================================= # RESTORE THE NGINX CONFIGURATION diff --git a/scripts/upgrade b/scripts/upgrade index fd7a5f6..f84cb99 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -1,18 +1,8 @@ #!/bin/bash -#================================================= -# GENERIC START -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - source _common.sh source /usr/share/yunohost/helpers -#================================================= -# CHECK VERSION -#================================================= - upgrade_type=$(ynh_check_app_version_changed) #================================================= @@ -29,24 +19,6 @@ if [ -z "${maintenance_mode:-}" ]; then ynh_app_setting_set --app=$app --key=maintenance_mode --value=$maintenance_mode fi -# If fpm_footprint doesn't exist, create it -if [ -z "${fpm_footprint:-}" ]; then - fpm_footprint=high - ynh_app_setting_set --app=$app --key=fpm_footprint --value=$fpm_footprint -fi - -# If fpm_free_footprint doesn't exist, create it -if [ -z "${fpm_free_footprint:-}" ]; then - fpm_free_footprint=0 - ynh_app_setting_set --app=$app --key=fpm_free_footprint --value=$fpm_free_footprint -fi - -# If fpm_usage doesn't exist, create it -if [ -z "${fpm_usage:-}" ]; then - fpm_usage=medium - ynh_app_setting_set --app=$app --key=fpm_usage --value=$fpm_usage -fi - # If phpflags doesn't exist, create it if [ -z "${phpflags:-}" ]; then phpflags="--define apc.enable_cli=1" @@ -64,7 +36,7 @@ fi ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=2 # Recreate a dedicated PHP-FPM config -ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint +ynh_add_fpm_config #================================================= # NGINX CONFIGURATION From fe63ef6dfc01132a654a65a50d8f825d0b51823a Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Mon, 8 Jan 2024 23:33:05 +0100 Subject: [PATCH 26/34] Fix custom getter for fpm_free_footprint >_> --- scripts/config | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/config b/scripts/config index 35e9cd0..1b5e26b 100644 --- a/scripts/config +++ b/scripts/config @@ -49,7 +49,7 @@ get__fpm_footprint() { fi } -get__free_footprint() { +get__fpm_free_footprint() { # Free footprint value for php-fpm # Check if current_fpm_footprint is an integer if [ "$current_fpm_footprint" -eq "$current_fpm_footprint" ] 2> /dev/null From 07ed2f2ecd56041e56117a5ba331dc9b47b01e82 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Tue, 9 Jan 2024 19:45:52 +0100 Subject: [PATCH 27/34] No need to create the 'maintenance_mode' thing because there's a custom getter ... --- scripts/install | 2 -- scripts/upgrade | 6 ------ 2 files changed, 8 deletions(-) diff --git a/scripts/install b/scripts/install index fe87cb8..6e5858a 100755 --- a/scripts/install +++ b/scripts/install @@ -4,10 +4,8 @@ source _common.sh source /usr/share/yunohost/helpers source _ynh_mysql_connect_as.sh -maintenance_mode=0 phpflags="--define apc.enable_cli=1" -ynh_app_setting_set --app=$app --key=maintenance_mode --value=$maintenance_mode ynh_app_setting_set --app=$app --key=phpflags --value=$phpflags #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index f84cb99..6e082f1 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -13,12 +13,6 @@ ynh_script_progression --message="Ensuring downward compatibility..." # Remove the option backup_core_only if it's in the settings.yml file ynh_app_setting_delete --app=$app --key=backup_core_only -# If maintenance_mode doesn't exist, create it -if [ -z "${maintenance_mode:-}" ]; then - maintenance_mode=0 - ynh_app_setting_set --app=$app --key=maintenance_mode --value=$maintenance_mode -fi - # If phpflags doesn't exist, create it if [ -z "${phpflags:-}" ]; then phpflags="--define apc.enable_cli=1" From 862ee4f08f02be9dee1debaacfa7ff5b8b1dd8df Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Tue, 9 Jan 2024 19:53:18 +0100 Subject: [PATCH 28/34] Rework upgrade script to move the fpm config, nginx and all system configurations at the end --- scripts/upgrade | 114 +++++++++++++++++++++--------------------------- 1 file changed, 50 insertions(+), 64 deletions(-) diff --git a/scripts/upgrade b/scripts/upgrade index 6e082f1..280eb7d 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -24,40 +24,6 @@ if [ -f /etc/php/$YNH_PHP_VERSION/fpm/conf.d/20-$app.ini ]; then ynh_secure_remove --file=/etc/php/$YNH_PHP_VERSION/fpm/conf.d/20-$app.ini fi -#================================================= -# PHP-FPM CONFIGURATION -#================================================= -ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=2 - -# Recreate a dedicated PHP-FPM config -ynh_add_fpm_config - -#================================================= -# NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=2 - -ynh_backup_if_checksum_is_different --file="/etc/nginx/conf.d/$domain.d/$app.conf" - -# Delete current NGINX configuration to be able to check if .well-known is already served. -ynh_remove_nginx_config -ynh_app_setting_delete --app=$app --key="checksum__etc_nginx_conf.d_$domain.d_$app.conf" - -# Wait untils NGINX has fully reloaded -ynh_systemd_action --service_name=nginx --action=reload --line_match="Reloaded" --log_path="systemd" - -# Check if .well-known is available for this domain -if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav" -then - ynh_print_warn --message="Another app already uses the domain $domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book." - - # Remove lines about .well-known/carddav and caldav with sed. - sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "../conf/nginx.conf" -fi - -# Create a dedicated NGINX config -ynh_add_nginx_config - #================================================= # SPECIFIC UPGRADE #================================================= @@ -309,21 +275,9 @@ EOF fi #================================================= -# UPDATE THE CRON JOB -#================================================= - -cron_path="/etc/cron.d/$app" -ynh_add_config --template="../conf/nextcloud.cron" --destination="$cron_path" -chown root: "$cron_path" -chmod 644 "$cron_path" - -exec_occ background:cron - -#================================================= -# GENERIC FINALIZATION -#================================================= -# SECURE FILES AND DIRECTORIES +# REGEN SYSTEM CONFIGURATIONS #================================================= +ynh_script_progression --message="Reapplying file permissions..." --weight=2 # Fix app ownerships & permissions chown -R $app:www-data "$install_dir" @@ -337,30 +291,62 @@ chmod 755 /home/yunohost.app chmod 750 $install_dir #================================================= -# SETUP LOGROTATE +# REGEN SYSTEM CONFIGURATIONS #================================================= -ynh_script_progression --message="Upgrading logrotate configuration..." +ynh_script_progression --message="Regenerating system configurations for $app..." --weight=2 -# Use logrotate to manage app-specific logfile(s) +# ------- +# PHP-FPM +# ------- + +ynh_add_fpm_config + +# ------- +# NGINX +# ------- + +# Delete current NGINX configuration to be able to check if .well-known is already served. +ynh_backup_if_checksum_is_different --file="/etc/nginx/conf.d/$domain.d/$app.conf" +ynh_remove_nginx_config +ynh_app_setting_delete --app=$app --key="checksum__etc_nginx_conf.d_$domain.d_$app.conf" + +# Wait untils NGINX has fully reloaded +ynh_systemd_action --service_name=nginx --action=reload --line_match="Reloaded" --log_path="systemd" + +# Check if .well-known is available for this domain +if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav" +then + ynh_print_warn --message="Another app already uses the domain $domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book." + + # Remove lines about .well-known/carddav and caldav with sed. + sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "../conf/nginx.conf" +fi + +# Create a dedicated NGINX config +ynh_add_nginx_config + +# ------- +# CRON JOB +# ------- +cron_path="/etc/cron.d/$app" +ynh_add_config --template="../conf/nextcloud.cron" --destination="$cron_path" +chown root: "$cron_path" +chmod 644 "$cron_path" + +exec_occ background:cron + +# ------- +# LOGROTATE +# ------- ynh_use_logrotate --non-append -#================================================= -# SETUP FAIL2BAN -#================================================= -ynh_script_progression --message="Reconfiguring Fail2Ban..." --weight=7 +# ------- +# FAIL2BAN +# ------- # Create a dedicated Fail2Ban config ynh_add_fail2ban_config --logpath="/home/yunohost.app/$app/data/nextcloud.log" --failregex="^.*Login failed: '.*' \(Remote IP: ''.*$" --max_retry=5 -#================================================= -# GENERIC FINALIZATION -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading PHP-FPM..." --weight=2 - -ynh_systemd_action --service_name="php${phpversion}-fpm" --action=reload - #================================================= # END OF SCRIPT #================================================= From 3e9462656ebd60b0e5179b3ed342f9fcf9e67c10 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Wed, 10 Jan 2024 16:56:53 +0100 Subject: [PATCH 29/34] Add .mjs as a file extension --- conf/nginx.conf | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/conf/nginx.conf b/conf/nginx.conf index 1750d6a..6375a8b 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,4 +1,13 @@ -location ^~ /.well-known { +# Add .mjs as a file extension for javascript +# Either include it in the default mime.types list +# or include you can include that list explicitly and add the file extension +# only for Nextcloud like below: +include mime.types; +types { + text/javascript js mjs; +} + + location ^~ /.well-known { # The following 6 rules are borrowed from `.htaccess` # The following 2 rules are only needed for the user_webfinger app. From 874a0c516a58a19bbe6ec94598c08d90eb43af76 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Wed, 10 Jan 2024 16:57:20 +0100 Subject: [PATCH 30/34] Update nginx.conf --- conf/nginx.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/conf/nginx.conf b/conf/nginx.conf index 6375a8b..9ab915b 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -7,7 +7,7 @@ types { text/javascript js mjs; } - location ^~ /.well-known { +location ^~ /.well-known { # The following 6 rules are borrowed from `.htaccess` # The following 2 rules are only needed for the user_webfinger app. From 2f11e708b6027bce7951b06b042f32076533a4a0 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin <4533074+alexAubin@users.noreply.github.com> Date: Wed, 10 Jan 2024 18:49:37 +0100 Subject: [PATCH 31/34] Update ADMIN.md --- doc/ADMIN.md | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/doc/ADMIN.md b/doc/ADMIN.md index 0f1d6a1..e9b7da8 100644 --- a/doc/ADMIN.md +++ b/doc/ADMIN.md @@ -1,19 +1,24 @@ -### How to use CLI commande +### Manually running Nextcloud commands -`sudo -u __APP__ php__YNH_PHP_VERSION__ --define apc.enable_cli=1 __INSTALL_DIR__/occ ...` +You can run Nextcloud commands from the command line using: -or use `sudo yunohost app shell __APP__` then run `php occ ...` +``` +sudo -u __APP__ php__YNH_PHP_VERSION__ --define apc.enable_cli=1 __INSTALL_DIR__/occ ... +``` -### Configure ONLYOFFICE integration +Alternatively, you may open a 'Nextcloud shell' with `sudo yunohost app shell __APP__`, then run `php occ ...` + +### ONLYOFFICE integration + +ONLYOFFICE is an online rich text document editor which can be integrated in Nextcloud #### With YunoHost App (ARM64 support, better performance) -For better performance and ARM64 support (Raspberry Pi, OLinuXino...), install ONLYOFFICE YunoHost App and connect it to Nextcloud, see the tutorial in the [doc of onlyoffice_ynh package](https://github.com/YunoHost-Apps/onlyoffice_ynh/blob/master/README_fr.md#configuration-de-onlyoffice-server) +For better performance and ARM64 support (Raspberry Pi, OLinuXino...), install the [OnlyOffice YunoHost app](https://apps.yunohost.org/app/onlyoffice) and connect it to Nextcloud, see the tutorial in the [doc of onlyoffice_ynh package](https://github.com/YunoHost-Apps/onlyoffice_ynh/blob/master/README_fr.md#configuration-de-onlyoffice-server) #### Alternative: With Nextcloud App (no ARM support, lower performance) -Nextcloud features a direct integration of ONLYOFFICE (an online rich text document editor) through a Nextcloud app. -To install and configure it: +Nextcloud features a direct integration of ONLYOFFICE through a Nextcloud app. - Install *Community Document Server* application in your Nextcloud. That's the part that runs ONLYOFFICE server. - Install *ONLYOFFICE* application. That's the client part that will connect to an ONLYOFFICE server. - Then in Settings -> ONLYOFFICE (`https://__DOMAIN____PATH__/settings/admin/onlyoffice`), if you want to configure which file formats should be opened by ONLYOFFICE. From b4f66f67c5a634696a0020e241b88edcf4d80a88 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin <4533074+alexAubin@users.noreply.github.com> Date: Wed, 10 Jan 2024 18:54:31 +0100 Subject: [PATCH 32/34] Update ADMIN_fr.md --- doc/ADMIN_fr.md | 23 +++++++++++++---------- 1 file changed, 13 insertions(+), 10 deletions(-) diff --git a/doc/ADMIN_fr.md b/doc/ADMIN_fr.md index 3a691ba..85445bd 100644 --- a/doc/ADMIN_fr.md +++ b/doc/ADMIN_fr.md @@ -1,21 +1,24 @@ -### Comment utiliser la commande CLI +### Exécuter manuellement des commandes Nextcloud -`sudo -u __APP__ php__YNH_PHP_VERSION__ --define apc.enable_cli=1 __INSTALL_DIR__/occ ...` +Vous pouvez lancer des commandes Nextcloud depuis la ligne de commande avec: -ou utilisez `sudo yunohost app shell __APP__` puis `php occ ...` +``` +sudo -u __APP__ php__YNH_PHP_VERSION__ --define apc.enable_cli=1 __INSTALL_DIR__/occ ... +``` -### Configurer l'intégration d'ONLYOFFICE +Ou bien, vous pouvez ouvrir un "shell Nextcloud" avec `sudo yunohost app shell __APP__`, puis lancer `php occ ...` + +### Intégration d'ONLYOFFICE + +ONLYOFFICE est un éditeur de texte enrichi en ligne qui peut s'intégrer dans Nextcloud #### Avec l'application YunoHost (support ARM64, meilleures performances) -Pour de meilleures performances et le support de ARM64 (Raspberry Pi, OLinuXino...), installez l'app YunoHost ONLYOFFICE, voir le tutoriel dans la [doc du paquet onlyoffice_ynh](https://github.com/YunoHost-Apps/onlyoffice_ynh/blob/master/README_fr.md#configuration-de-onlyoffice-server) +Pour de meilleures performances et le support de ARM64 (Raspberry Pi, OLinuXino...), installez l'[app YunoHost OnlyOffice](https://apps.yunohost.org/app/onlyoffice), puis connectez-la à Nextcloud : voir le tutoriel dans la [doc du paquet onlyoffice_ynh](https://github.com/YunoHost-Apps/onlyoffice_ynh/blob/master/README_fr.md#configuration-de-onlyoffice-server) -#### Alternative: Avec l'application Nextcloud (pas de support ARM, performances limitées) +#### Alternative: avec l'application Nextcloud (pas de support ARM, performances limitées) -Nextcloud inclut une intégration directe de ONLYOFFICE (un éditeur de texte enrichi en ligne) via une application Nextcloud. -Pour l'installer et la configurer : +Nextcloud inclut une intégration directe via une application Nextcloud. - Installez l'application *Community Document Server* dans votre Nextcloud. C'est la partie qui fait tourner un serveur ONLYOFFICE. - Installez l'application *ONLYOFFICE*. C'est la partie cliente qui va se connecter au serveur ONLYOFFICE. - Ensuite dans les Paramètres -> ONLYOFFICE (`https://__DOMAIN____PATH__/settings/admin/onlyoffice`), si vous voulez configurer quels formats de fichier s'ouvrent avec ONLYOFFICE. - -*NB : l'app Nextcloud ONLYOFFICE Community Document Server n'est disponible que sous architecture x86 From b678d77ee9f1f8c797ba5187838a6d843fad9e17 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Fri, 12 Jan 2024 13:56:03 +0100 Subject: [PATCH 33/34] Fix --- doc/ADMIN.md | 2 +- doc/ADMIN_fr.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/ADMIN.md b/doc/ADMIN.md index e9b7da8..8d401d2 100644 --- a/doc/ADMIN.md +++ b/doc/ADMIN.md @@ -3,7 +3,7 @@ You can run Nextcloud commands from the command line using: ``` -sudo -u __APP__ php__YNH_PHP_VERSION__ --define apc.enable_cli=1 __INSTALL_DIR__/occ ... +sudo -u __APP__ php__PHPVERSION__ --define apc.enable_cli=1 __INSTALL_DIR__/occ ... ``` Alternatively, you may open a 'Nextcloud shell' with `sudo yunohost app shell __APP__`, then run `php occ ...` diff --git a/doc/ADMIN_fr.md b/doc/ADMIN_fr.md index 85445bd..06b76b1 100644 --- a/doc/ADMIN_fr.md +++ b/doc/ADMIN_fr.md @@ -3,7 +3,7 @@ Vous pouvez lancer des commandes Nextcloud depuis la ligne de commande avec: ``` -sudo -u __APP__ php__YNH_PHP_VERSION__ --define apc.enable_cli=1 __INSTALL_DIR__/occ ... +sudo -u __APP__ php__PHPVERSION__ --define apc.enable_cli=1 __INSTALL_DIR__/occ ... ``` Ou bien, vous pouvez ouvrir un "shell Nextcloud" avec `sudo yunohost app shell __APP__`, puis lancer `php occ ...` From 2cd5f4d85b3274034065efa4f267d1332ac2dbce Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Fri, 12 Jan 2024 18:30:43 +0100 Subject: [PATCH 34/34] cleaning --- scripts/install | 6 +++--- scripts/upgrade | 28 ++++++++++++++-------------- 2 files changed, 17 insertions(+), 17 deletions(-) diff --git a/scripts/install b/scripts/install index 6e5858a..787641d 100755 --- a/scripts/install +++ b/scripts/install @@ -108,7 +108,7 @@ exec_occ ldap:create-empty-config # Load the installation config file in Nextcloud nc_conf="$install_dir/config_install.json" -ynh_add_config --template="../conf/config_install.json" --destination="$nc_conf" +ynh_add_config --template="config_install.json" --destination="$nc_conf" exec_occ config:import "$nc_conf" @@ -117,7 +117,7 @@ ynh_secure_remove --file="$nc_conf" # Load the additional config file (used also for upgrade) nc_conf="$install_dir/config.json" -ynh_add_config --template="../conf/config.json" --destination="$nc_conf" +ynh_add_config --template="config.json" --destination="$nc_conf" exec_occ config:import "$nc_conf" @@ -201,7 +201,7 @@ ynh_store_file_checksum --file="$install_dir/config/config.php" #================================================= cron_path="/etc/cron.d/$app" -ynh_add_config --template="../conf/nextcloud.cron" --destination="$cron_path" +ynh_add_config --template="nextcloud.cron" --destination="$cron_path" chown root: "$cron_path" chmod 644 "$cron_path" diff --git a/scripts/upgrade b/scripts/upgrade index 280eb7d..715c330 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -184,7 +184,7 @@ EOF # Upgrade Nextcloud (SUCCESS = 0, UP_TO_DATE = 3) exec_occ maintenance:mode --off exec_occ upgrade \ - || [ $? -eq 3 ] || ynh_die --message="Unable to upgrade Nextcloud" + || [ $? -eq 3 ] || ynh_die --message="Unable to upgrade $app" # Get the new current version number current_version=$(grep OC_VersionString "$install_dir/version.php" | cut -d\' -f2) @@ -202,13 +202,13 @@ EOF #================================================= # CONFIGURE NEXTCLOUD #================================================= - ynh_script_progression --message="Reconfiguring Nextcloud..." --weight=9 + ynh_script_progression --message="Reconfiguring $app..." --weight=9 # Verify the checksum and backup the file if it's different ynh_backup_if_checksum_is_different --file="$install_dir/config/config.php" nc_conf="${install_dir}/config.json" - ynh_add_config --template="../conf/config.json" --destination="$nc_conf" + ynh_add_config --template="config.json" --destination="$nc_conf" # Reneable the mail app if [ $mail_app_must_be_reactived -eq 1 ]; then @@ -295,15 +295,15 @@ chmod 750 $install_dir #================================================= ynh_script_progression --message="Regenerating system configurations for $app..." --weight=2 -# ------- +#------------------------------------------------- # PHP-FPM -# ------- +#------------------------------------------------- ynh_add_fpm_config -# ------- +#------------------------------------------------- # NGINX -# ------- +#------------------------------------------------- # Delete current NGINX configuration to be able to check if .well-known is already served. ynh_backup_if_checksum_is_different --file="/etc/nginx/conf.d/$domain.d/$app.conf" @@ -325,24 +325,24 @@ fi # Create a dedicated NGINX config ynh_add_nginx_config -# ------- +#------------------------------------------------- # CRON JOB -# ------- +#------------------------------------------------- cron_path="/etc/cron.d/$app" -ynh_add_config --template="../conf/nextcloud.cron" --destination="$cron_path" +ynh_add_config --template="nextcloud.cron" --destination="$cron_path" chown root: "$cron_path" chmod 644 "$cron_path" exec_occ background:cron -# ------- +#------------------------------------------------- # LOGROTATE -# ------- +#------------------------------------------------- ynh_use_logrotate --non-append -# ------- +#------------------------------------------------- # FAIL2BAN -# ------- +#------------------------------------------------- # Create a dedicated Fail2Ban config ynh_add_fail2ban_config --logpath="/home/yunohost.app/$app/data/nextcloud.log" --failregex="^.*Login failed: '.*' \(Remote IP: ''.*$" --max_retry=5