YunoHost-Apps/nextcloud_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/nextcloud_ynh.git synced 2024-09-03 19:55:57 +02:00
Code Issues Activity Actions

Merge branch 'testing' into enh-faster-permissions-setter

Browse source
This commit is contained in:
Éric Gaspar 2024-01-11 21:54:49 +01:00
commit be7370e5c7
9 changed files with 113 additions and 173 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
conf/nginx.conf
View file

@ -1,3 +1,12 @@
# Add .mjs as a file extension for javascript
# Either include it in the default mime.types list
# or include you can include that list explicitly and add the file extension
# only for Nextcloud like below:
include mime.types;
types {
text/javascript js mjs;
}
location ^~ /.well-known {
# The following 6 rules are borrowed from `.htaccess`

19
doc/ADMIN.md
View file

@ -1,19 +1,24 @@
### How to use CLI commande
### Manually running Nextcloud commands
`sudo -u __APP__ php__YNH_PHP_VERSION__ --define apc.enable_cli=1 __INSTALL_DIR__/occ ...`
You can run Nextcloud commands from the command line using:
or use `sudo yunohost app shell __APP__` then run `php occ ...`
```
sudo -u __APP__ php__YNH_PHP_VERSION__ --define apc.enable_cli=1 __INSTALL_DIR__/occ ...
```
### Configure ONLYOFFICE integration
Alternatively, you may open a 'Nextcloud shell' with `sudo yunohost app shell __APP__`, then run `php occ ...`
### ONLYOFFICE integration
ONLYOFFICE is an online rich text document editor which can be integrated in Nextcloud
#### With YunoHost App (ARM64 support, better performance)
For better performance and ARM64 support (Raspberry Pi, OLinuXino...), install ONLYOFFICE YunoHost App and connect it to Nextcloud, see the tutorial in the [doc of onlyoffice_ynh package](https://github.com/YunoHost-Apps/onlyoffice_ynh/blob/master/README_fr.md#configuration-de-onlyoffice-server)
For better performance and ARM64 support (Raspberry Pi, OLinuXino...), install the [OnlyOffice YunoHost app](https://apps.yunohost.org/app/onlyoffice) and connect it to Nextcloud, see the tutorial in the [doc of onlyoffice_ynh package](https://github.com/YunoHost-Apps/onlyoffice_ynh/blob/master/README_fr.md#configuration-de-onlyoffice-server)
#### Alternative: With Nextcloud App (no ARM support, lower performance)
Nextcloud features a direct integration of ONLYOFFICE (an online rich text document editor) through a Nextcloud app.
To install and configure it:
Nextcloud features a direct integration of ONLYOFFICE through a Nextcloud app.
- Install *Community Document Server* application in your Nextcloud. That's the part that runs ONLYOFFICE server.
- Install *ONLYOFFICE* application. That's the client part that will connect to an ONLYOFFICE server.
- Then in Settings -> ONLYOFFICE (`https://__DOMAIN____PATH__/settings/admin/onlyoffice`), if you want to configure which file formats should be opened by ONLYOFFICE.

23
doc/ADMIN_fr.md
View file

@ -1,21 +1,24 @@
### Comment utiliser la commande CLI
### Exécuter manuellement des commandes Nextcloud
`sudo -u __APP__ php__YNH_PHP_VERSION__ --define apc.enable_cli=1 __INSTALL_DIR__/occ ...`
Vous pouvez lancer des commandes Nextcloud depuis la ligne de commande avec:
ou utilisez `sudo yunohost app shell __APP__` puis `php occ ...`
```
sudo -u __APP__ php__YNH_PHP_VERSION__ --define apc.enable_cli=1 __INSTALL_DIR__/occ ...
```
### Configurer l'intégration d'ONLYOFFICE
Ou bien, vous pouvez ouvrir un "shell Nextcloud" avec `sudo yunohost app shell __APP__`, puis lancer `php occ ...`
### Intégration d'ONLYOFFICE
ONLYOFFICE est un éditeur de texte enrichi en ligne qui peut s'intégrer dans Nextcloud
#### Avec l'application YunoHost (support ARM64, meilleures performances)
Pour de meilleures performances et le support de ARM64 (Raspberry Pi, OLinuXino...), installez l'app YunoHost ONLYOFFICE, voir le tutoriel dans la [doc du paquet onlyoffice_ynh](https://github.com/YunoHost-Apps/onlyoffice_ynh/blob/master/README_fr.md#configuration-de-onlyoffice-server)
Pour de meilleures performances et le support de ARM64 (Raspberry Pi, OLinuXino...), installez l'[app YunoHost OnlyOffice](https://apps.yunohost.org/app/onlyoffice), puis connectez-la à Nextcloud : voir le tutoriel dans la [doc du paquet onlyoffice_ynh](https://github.com/YunoHost-Apps/onlyoffice_ynh/blob/master/README_fr.md#configuration-de-onlyoffice-server)
#### Alternative: Avec l'application Nextcloud (pas de support ARM, performances limitées)
#### Alternative: avec l'application Nextcloud (pas de support ARM, performances limitées)
Nextcloud inclut une intégration directe de ONLYOFFICE (un éditeur de texte enrichi en ligne) via une application Nextcloud.
Pour l'installer et la configurer :
Nextcloud inclut une intégration directe via une application Nextcloud.
- Installez l'application *Community Document Server* dans votre Nextcloud. C'est la partie qui fait tourner un serveur ONLYOFFICE.
- Installez l'application *ONLYOFFICE*. C'est la partie cliente qui va se connecter au serveur ONLYOFFICE.
- Ensuite dans les Paramètres -> ONLYOFFICE (`https://__DOMAIN____PATH__/settings/admin/onlyoffice`), si vous voulez configurer quels formats de fichier s'ouvrent avec ONLYOFFICE.
*NB : l'app Nextcloud ONLYOFFICE Community Document Server n'est disponible que sous architecture x86

28
scripts/change_url
View file

@ -29,24 +29,24 @@ exec_occ() {
if [ $change_domain -eq 1 ]
then
# Change the trusted domain
exec_occ config:system:set trusted_domains 1 --value=$new_domain
# Change the trusted domain
exec_occ config:system:set trusted_domains 1 --value=$new_domain
# Change hostname for activity notifications
# Change hostname for activity notifications
exec_occ config:system:set overwrite.cli.url --value="https://${new_domain}${new_path}"
fi
if [ $change_domain -eq 1 ]
then
# Check if .well-known is available for this domain
if is_url_handled --domain="$new_domain" --path="/.well-known/caldav" || is_url_handled --domain="$new_domain" --path="/.well-known/carddav"
then
ynh_print_warn --message="Another app already uses the domain $new_domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book."
# Reload php fpm, necessary for force nextcloud to re-read config.php, cf opcache.revalidate_freq
ynh_systemd_action --service_name=php${phpversion}-fpm --action=reload
# Remove lines about .well-known/carddav and caldav with sed.
sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "/etc/nginx/conf.d/$new_domain.d/$app.conf"
ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
fi
# Check if .well-known is available for this domain
if is_url_handled --domain="$new_domain" --path="/.well-known/caldav" || is_url_handled --domain="$new_domain" --path="/.well-known/carddav"
then
ynh_print_warn --message="Another app already uses the domain $new_domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book."
# Remove lines about .well-known/carddav and caldav with sed.
sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "/etc/nginx/conf.d/$new_domain.d/$app.conf"
ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
fi
fi
#=================================================

4
scripts/config
View file

@ -49,7 +49,7 @@ get__fpm_footprint() {
fi
}
get__free_footprint() {
get__fpm_free_footprint() {
# Free footprint value for php-fpm
# Check if current_fpm_footprint is an integer
if [ "$current_fpm_footprint" -eq "$current_fpm_footprint" ] 2> /dev/null
@ -120,7 +120,7 @@ ynh_app_config_validate() {
ynh_app_config_apply() {
_ynh_app_config_apply
ynh_add_fpm_config --phpversion=$phpversion --usage=$fpm_usage --footprint=$fpm_footprint
ynh_add_fpm_config
}
ynh_app_config_run $1

27
scripts/install
View file

@ -1,33 +1,11 @@
#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
source _ynh_mysql_connect_as.sh
#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
maintenance_mode=0
fpm_footprint="high"
fpm_free_footprint=0
fpm_usage="medium"
phpflags="--define apc.enable_cli=1"
#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
ynh_app_setting_set --app=$app --key=maintenance_mode --value=$maintenance_mode
ynh_app_setting_set --app=$app --key=fpm_footprint --value=$fpm_footprint
ynh_app_setting_set --app=$app --key=fpm_free_footprint --value=$fpm_free_footprint
ynh_app_setting_set --app=$app --key=fpm_usage --value=$fpm_usage
ynh_app_setting_set --app=$app --key=phpflags --value=$phpflags
#=================================================
@ -65,8 +43,9 @@ ynh_setup_source --dest_dir="$install_dir"
#=================================================
ynh_script_progression --message="Configuring PHP-FPM..." --weight=5
# Create a dedicated PHP-FPM config
ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint
ynh_app_setting_set --app=$app --key=fpm_footprint --value=high
ynh_app_setting_set --app=$app --key=fpm_usage --value=medium
ynh_add_fpm_config
#=================================================
# NGINX CONFIGURATION

6
scripts/remove
View file

@ -1,11 +1,5 @@
#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers

8
scripts/restore
View file

@ -1,11 +1,5 @@
#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
source ../settings/scripts/_ynh_mysql_connect_as.sh
@ -35,7 +29,7 @@ ynh_script_progression --message="Reconfiguring PHP-FPM..." --weight=50
ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
# Recreate a dedicated php-fpm config
ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint --phpversion=$phpversion
ynh_add_fpm_config
#=================================================
# RESTORE THE NGINX CONFIGURATION

162
scripts/upgrade
View file

@ -1,18 +1,8 @@
#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# CHECK VERSION
#=================================================
upgrade_type=$(ynh_check_app_version_changed)
#=================================================
@ -23,30 +13,6 @@ ynh_script_progression --message="Ensuring downward compatibility..."
# Remove the option backup_core_only if it's in the settings.yml file
ynh_app_setting_delete --app=$app --key=backup_core_only
# If maintenance_mode doesn't exist, create it
if [ -z "${maintenance_mode:-}" ]; then
maintenance_mode=0
ynh_app_setting_set --app=$app --key=maintenance_mode --value=$maintenance_mode
fi
# If fpm_footprint doesn't exist, create it
if [ -z "${fpm_footprint:-}" ]; then
fpm_footprint=high
ynh_app_setting_set --app=$app --key=fpm_footprint --value=$fpm_footprint
fi
# If fpm_free_footprint doesn't exist, create it
if [ -z "${fpm_free_footprint:-}" ]; then
fpm_free_footprint=0
ynh_app_setting_set --app=$app --key=fpm_free_footprint --value=$fpm_free_footprint
fi
# If fpm_usage doesn't exist, create it
if [ -z "${fpm_usage:-}" ]; then
fpm_usage=medium
ynh_app_setting_set --app=$app --key=fpm_usage --value=$fpm_usage
fi
# If phpflags doesn't exist, create it
if [ -z "${phpflags:-}" ]; then
phpflags="--define apc.enable_cli=1"
@ -58,40 +24,6 @@ if [ -f /etc/php/$YNH_PHP_VERSION/fpm/conf.d/20-$app.ini ]; then
ynh_secure_remove --file=/etc/php/$YNH_PHP_VERSION/fpm/conf.d/20-$app.ini
fi
#=================================================
# PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=2
# Recreate a dedicated PHP-FPM config
ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=2
ynh_backup_if_checksum_is_different --file="/etc/nginx/conf.d/$domain.d/$app.conf"
# Delete current NGINX configuration to be able to check if .well-known is already served.
ynh_remove_nginx_config
ynh_app_setting_delete --app=$app --key="checksum__etc_nginx_conf.d_$domain.d_$app.conf"
# Wait untils NGINX has fully reloaded
ynh_systemd_action --service_name=nginx --action=reload --line_match="Reloaded" --log_path="systemd"
# Check if .well-known is available for this domain
if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav"
then
ynh_print_warn --message="Another app already uses the domain $domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book."
# Remove lines about .well-known/carddav and caldav with sed.
sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "../conf/nginx.conf"
fi
# Create a dedicated NGINX config
ynh_add_nginx_config
#=================================================
# SPECIFIC UPGRADE
#=================================================
@ -107,7 +39,7 @@ exec_occ() {
# Backward compatibility to upgrade from older versions
if [ $current_major_version = "last" ] || [ $current_major_version -ge 26 ]
then
NEXTCLOUD_PHP_VERSION=$phpversion
NEXTCLOUD_PHP_VERSION="8.2"
elif [ $current_major_version -ge 24 ]
then
NEXTCLOUD_PHP_VERSION="8.1"
@ -117,7 +49,11 @@ exec_occ() {
else
NEXTCLOUD_PHP_VERSION="7.1"
fi
if ! timeout 1 php$NEXTCLOUD_PHP_VERSION 2>/dev/null; then
# NB : be super careful when designing this part of the code, because calling ynh_install_app_dependencies
# will do magic regarding php configuration and $phpversion when the php version of the dependencies changes ...
phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
if [[ "$NEXTCLOUD_PHP_VERSION" != "$phpversion" ]]; then
local pkg_dependencies="$(dpkg-query --show --showformat='${Depends}' ${app}-ynh-deps)"
pkg_dependencies="${pkg_dependencies//$phpversion/$NEXTCLOUD_PHP_VERSION}"
ynh_install_app_dependencies "$pkg_dependencies"
@ -217,12 +153,12 @@ EOF
# Install the next nextcloud version in $tmpdir
ynh_setup_source --dest_dir="$tmpdir"
# Enable maintenance mode
exec_occ maintenance:mode --on
# Backup the config file in the temp dir
cp -a "$install_dir/config/config.php" "$tmpdir/config/config.php"
# Enable maintenance mode
exec_occ maintenance:mode --on
# Backup 3rd party applications from the current Nextcloud
# But do not overwrite if there is any upgrade
# (apps directory already exists in Nextcloud archive)
@ -339,21 +275,9 @@ EOF
fi
#=================================================
# UPDATE THE CRON JOB
#=================================================
cron_path="/etc/cron.d/$app"
ynh_add_config --template="../conf/nextcloud.cron" --destination="$cron_path"
chown root: "$cron_path"
chmod 644 "$cron_path"
exec_occ background:cron
#=================================================
# GENERIC FINALIZATION
#=================================================
# SECURE FILES AND DIRECTORIES
# REGEN SYSTEM CONFIGURATIONS
#=================================================
ynh_script_progression --message="Reapplying file permissions..." --weight=2
# Fix app ownerships & permissions
chown -R $app:www-data "$install_dir"
@ -365,30 +289,62 @@ chmod 755 /home/yunohost.app
chmod 750 $install_dir
#=================================================
# SETUP LOGROTATE
# REGEN SYSTEM CONFIGURATIONS
#=================================================
ynh_script_progression --message="Upgrading logrotate configuration..."
ynh_script_progression --message="Regenerating system configurations for $app..." --weight=2
# Use logrotate to manage app-specific logfile(s)
# -------
# PHP-FPM
# -------
ynh_add_fpm_config
# -------
# NGINX
# -------
# Delete current NGINX configuration to be able to check if .well-known is already served.
ynh_backup_if_checksum_is_different --file="/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_remove_nginx_config
ynh_app_setting_delete --app=$app --key="checksum__etc_nginx_conf.d_$domain.d_$app.conf"
# Wait untils NGINX has fully reloaded
ynh_systemd_action --service_name=nginx --action=reload --line_match="Reloaded" --log_path="systemd"
# Check if .well-known is available for this domain
if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav"
then
ynh_print_warn --message="Another app already uses the domain $domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book."
# Remove lines about .well-known/carddav and caldav with sed.
sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "../conf/nginx.conf"
fi
# Create a dedicated NGINX config
ynh_add_nginx_config
# -------
# CRON JOB
# -------
cron_path="/etc/cron.d/$app"
ynh_add_config --template="../conf/nextcloud.cron" --destination="$cron_path"
chown root: "$cron_path"
chmod 644 "$cron_path"
exec_occ background:cron
# -------
# LOGROTATE
# -------
ynh_use_logrotate --non-append
#=================================================
# SETUP FAIL2BAN
#=================================================
ynh_script_progression --message="Reconfiguring Fail2Ban..." --weight=7
# -------
# FAIL2BAN
# -------
# Create a dedicated Fail2Ban config
ynh_add_fail2ban_config --logpath="/home/yunohost.app/$app/data/nextcloud.log" --failregex="^.*Login failed: '.*' \(Remote IP: '<HOST>'.*$" --max_retry=5
#=================================================
# GENERIC FINALIZATION
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading PHP-FPM..." --weight=2
ynh_systemd_action --service_name="php${phpversion}-fpm" --action=reload
#=================================================
# END OF SCRIPT
#=================================================