YunoHost-Apps/nextcloud_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/nextcloud_ynh.git synced 2024-09-03 19:55:57 +02:00
Code Issues Activity Actions

[autopatch] Automatic patch attempt for helpers 2.1

Browse source
This commit is contained in:
Yunohost-Bot 2024-08-31 01:10:10 +02:00 committed by Alexandre Aubin
parent 9bef6d077b
commit ce4f75e70e
15 changed files with 264 additions and 298 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.gitignore vendored
View file

@ -1,2 +1,3 @@
*~
*.sw[op]
.DS_Store

124
conf/config.json
View file

@ -1,62 +1,62 @@
{
"system": {
"updatechecker": false,
"memcache.local": "\\OC\\Memcache\\APCu",
"integrity.check.disabled": true,
"filelocking.enabled": true,
"memcache.locking": "\\OC\\Memcache\\Redis",
"redis": {
"host": "localhost",
"port": "6379",
"timeout": "0.0",
"password": ""
},
"hashing_default_password": true,
"localstorage.allowsymlinks": true,
"simpleSignUpLink.shown": false,
"maintenance_window_start": 1,
"mail_smtpmode": "smtp",
"mail_smtpport": "25",
"mail_smtpauth": 1,
"mail_smtpname": "__APP__",
"mail_smtppassword": "__MAIL_PWD__",
"mail_sendmailmode": "smtp",
"mail_from_address": "__APP__",
"mail_domain": "__DOMAIN__",
"mail_smtphost": "localhost",
"mail_smtpstreamoptions": {
"ssl": {
"allow_self_signed": true,
"verify_peer": false,
"verify_peer_name": false
}
}
},
"apps": {
"user_ldap": {
"ldap_base": "dc=yunohost,dc=org",
"ldap_base_groups": "ou=groups,dc=yunohost,dc=org",
"ldap_base_users": "ou=users,dc=yunohost,dc=org",
"ldap_cache_ttl": "600",
"ldap_configuration_active": "1",
"ldap_display_name": "displayname",
"ldap_email_attr": "mail",
"ldap_expert_username_attr": "uid",
"ldap_group_display_name": "cn",
"ldap_group_filter": "(&(objectclass=top)(memberUid=*))",
"ldap_group_filter_mode": "0",
"ldap_groupfilter_objectclass": "posixGroup",
"ldap_group_member_assoc_attribute": "memberUid",
"ldap_host": "localhost",
"ldap_login_filter": "(&(|(objectclass=posixAccount))(uid=%uid)(permission=cn=__APP__.main,ou=permission,dc=yunohost,dc=org))",
"ldap_login_filter_mode": "0",
"ldap_port": "389",
"ldap_quota_attr": "userquota",
"ldap_tls": "0",
"ldap_user_display_name": "cn",
"ldap_user_filter_mode": "0",
"ldap_userfilter_objectclass": "posixAccount",
"ldap_userlist_filter": "objectclass=posixAccount"
}
}
}
{
"system": {
"updatechecker": false,
"memcache.local": "\\OC\\Memcache\\APCu",
"integrity.check.disabled": true,
"filelocking.enabled": true,
"memcache.locking": "\\OC\\Memcache\\Redis",
"redis": {
"host": "localhost",
"port": "6379",
"timeout": "0.0",
"password": ""
},
"hashing_default_password": true,
"localstorage.allowsymlinks": true,
"simpleSignUpLink.shown": false,
"maintenance_window_start": 1,
"mail_smtpmode": "smtp",
"mail_smtpport": "25",
"mail_smtpauth": 1,
"mail_smtpname": "__APP__",
"mail_smtppassword": "__MAIL_PWD__",
"mail_sendmailmode": "smtp",
"mail_from_address": "__APP__",
"mail_domain": "__DOMAIN__",
"mail_smtphost": "localhost",
"mail_smtpstreamoptions": {
"ssl": {
"allow_self_signed": true,
"verify_peer": false,
"verify_peer_name": false
}
}
},
"apps": {
"user_ldap": {
"ldap_base": "dc=yunohost,dc=org",
"ldap_base_groups": "ou=groups,dc=yunohost,dc=org",
"ldap_base_users": "ou=users,dc=yunohost,dc=org",
"ldap_cache_ttl": "600",
"ldap_configuration_active": "1",
"ldap_display_name": "displayname",
"ldap_email_attr": "mail",
"ldap_expert_username_attr": "uid",
"ldap_group_display_name": "cn",
"ldap_group_filter": "(&(objectclass=top)(memberUid=*))",
"ldap_group_filter_mode": "0",
"ldap_groupfilter_objectclass": "posixGroup",
"ldap_group_member_assoc_attribute": "memberUid",
"ldap_host": "localhost",
"ldap_login_filter": "(&(|(objectclass=posixAccount))(uid=%uid)(permission=cn=__APP__.main,ou=permission,dc=yunohost,dc=org))",
"ldap_login_filter_mode": "0",
"ldap_port": "389",
"ldap_quota_attr": "userquota",
"ldap_tls": "0",
"ldap_user_display_name": "cn",
"ldap_user_filter_mode": "0",
"ldap_userfilter_objectclass": "posixAccount",
"ldap_userlist_filter": "objectclass=posixAccount"
}
}
}

3
conf/extra_php-fpm.conf
View file

@ -1,9 +1,6 @@
; Additional php.ini defines, specific to this pool of workers.
env[PATH] = $PATH
php_admin_value[memory_limit] = 512M
php_value[upload_max_filesize] = 10G
php_value[post_max_size] = 10G
php_value[default_charset] = UTF-8
; OPcache is already activated by default
; php_value[opcache.enable]=1

2
conf/nextcloud.cron
View file

@ -1 +1 @@
*/5 * * * * __APP__ /usr/bin/php__PHPVERSION__ --define apc.enable_cli=1 -f __INSTALL_DIR__/cron.php
*/5 * * * * __APP__ /usr/bin/php__PHP_VERSION__ --define apc.enable_cli=1 -f __INSTALL_DIR__/cron.php

2
conf/nginx.conf
View file

@ -117,7 +117,7 @@ location ^~ __PATH__/ {
fastcgi_param modHeadersAvailable true; # Avoid sending the security headers twice
fastcgi_param front_controller_active true; # Enable pretty urls
fastcgi_param HTTP_ACCEPT_ENCODING ""; # Disable encoding of Nextcloud response to inject ynh scripts
fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock;
fastcgi_pass unix:/var/run/php/php__PHP_VERSION__-fpm-__APP__.sock;
fastcgi_intercept_errors on;
fastcgi_request_buffering off;

4
manifest.toml
View file

@ -19,7 +19,8 @@ code = "https://github.com/nextcloud/server"
cpe = "cpe:2.3:a:nextcloud:nextcloud"
[integration]
yunohost = ">= 11.2.27"
yunohost = ">= 11.2.18"
helpers_version = "2.1"
architectures = ["amd64", "arm64", "armhf"]
multi_instance = true
@ -102,6 +103,7 @@ ram.runtime = "512M"
allow_email = true
[resources.install_dir]
group = "www-data:r-x"
[resources.data_dir]
subdirs = ["data"]

17
scripts/_common.sh
View file

@ -1,11 +1,7 @@
#!/bin/bash
#=================================================
# COMMON VARIABLES
#=================================================
#=================================================
# EXPERIMENTAL HELPERS
# COMMON VARIABLES AND CUSTOM HELPERS
#=================================================
wait_nginx_reload() {
@ -13,12 +9,13 @@ wait_nginx_reload() {
# wait for the Nextcloud configuration file to disappear from NGINX before checking the CalDAV/CardDAV URL.
timeout=30
for i in $(seq 1 $timeout); do
if ! ynh_exec_warn_less nginx -T | grep --quiet "# configuration file /etc/nginx/conf.d/$domain.d/$app.conf:"; then
if ! ynh_hide_warnings nginx -T | grep --quiet "# configuration file /etc/nginx/conf.d/$domain.d/$app.conf:"; then
break
fi
sleep 1
done
# Wait untils NGINX has fully reloaded (avoid cURL fail with http2)
# Wait untils NGINX has fully reloaded (avoid cURL fail with http2)
sleep 2
}
@ -26,7 +23,7 @@ wait_nginx_reload() {
# usage: is_url_handled --domain=DOMAIN --path=PATH_URI
is_url_handled() {
# Declare an array to define the options of this helper.
local legacy_args=dp
#REMOVEME? local legacy_args=dp
declare -Ar args_array=( [d]=domain= [p]=path= )
local domain
local path
@ -53,7 +50,3 @@ is_url_handled() {
return 1
fi
}
#=================================================
# FUTURE OFFICIAL HELPERS
#=================================================

35
scripts/backup
View file

@ -1,66 +1,57 @@
#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
source ../settings/scripts/_ynh_mysql_dump_db.sh
#=================================================
# DECLARE DATA AND CONF FILES TO BACKUP
#=================================================
ynh_print_info --message="Declaring files to be backed up..."
ynh_print_info "Declaring files to be backed up..."
#=================================================
# BACKUP THE APP MAIN DIR
#=================================================
ynh_backup --src_path="$install_dir"
ynh_backup "$install_dir"
#=================================================
# BACKUP THE DATA DIRECTORY
#=================================================
ynh_backup --src_path="$data_dir" --is_big
ynh_backup "$data_dir"
#=================================================
# SYSTEM CONFIGURATION
#=================================================
# Backup the PHP-FPM configuration
ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
ynh_backup "/etc/php/$php_version/fpm/pool.d/$app.conf"
# Backup the nginx configuration
ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf"
# Backup the logrotate configuration
ynh_backup --src_path="/etc/logrotate.d/$app"
ynh_backup "/etc/logrotate.d/$app"
# Backup the Fail2Ban config
ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf"
ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf"
ynh_backup "/etc/fail2ban/jail.d/$app.conf"
ynh_backup "/etc/fail2ban/filter.d/$app.conf"
#=================================================
# BACKUP VARIOUS FILES
#=================================================
ynh_backup --src_path="/etc/cron.d/$app"
ynh_backup "/etc/cron.d/$app"
ynh_backup --src_path="/var/log/$app"
ynh_backup "/var/log/$app"
#=================================================
# BACKUP THE MYSQL DATABASE
#=================================================
ynh_print_info --message="Backing up the MySQL database..."
ynh_print_info "Backing up the MySQL database..."
ynh_mysql_dump_db --database="$db_name" --default_character_set="utf8mb4" > db.sql
ynh_mysql_dump_db --default_character_set="utf8mb4" > db.sql
#=================================================
# END OF SCRIPT
#=================================================
ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)."
ynh_print_info "Backup script completed for $app. (YunoHost will then actually copy those files to the archive)."

26
scripts/change_url
View file

@ -1,43 +1,37 @@
#!/bin/bash
#=================================================
# GENERIC STARTING
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# MODIFY URL IN NGINX CONF
#=================================================
ynh_script_progression --message="Updating NGINX web server configuration..." --weight=2
ynh_script_progression "Updating NGINX web server configuration..."
if [ $change_domain -eq 1 ]
then
# Check if .well-known is available for this domain
if is_url_handled --domain="$new_domain" --path="/.well-known/caldav" || is_url_handled --domain="$new_domain" --path="/.well-known/carddav"
then
ynh_print_warn --message="Another app already uses the domain $new_domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book."
ynh_print_warn "Another app already uses the domain $new_domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book."
# Remove lines about .well-known/carddav and caldav with sed.
sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_store_file_checksum --file="/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_store_file_checksum "/etc/nginx/conf.d/$domain.d/$app.conf"
fi
fi
ynh_change_url_nginx_config
ynh_config_change_url_nginx
#=================================================
# SPECIFIC MODIFICATIONS
#=================================================
ynh_script_progression --message="Applying $app specific modifications..." --weight=2
ynh_script_progression "Applying $app specific modifications..."
# Define a function to execute commands with `occ`
exec_occ() {
(cd "$install_dir" && ynh_exec_as "$app" \
php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi "$@")
(cd "$install_dir" && ynh_exec_as_app \
php${php_version} --define apc.enable_cli=1 occ --no-interaction --no-ansi "$@")
}
if [ $change_domain -eq 1 ]
@ -49,13 +43,13 @@ then
exec_occ config:system:set overwrite.cli.url --value="https://${new_domain}${new_path}"
# Reload PHP-FPM, necessary for force Nextcloud to re-read config.php, cf opcache.revalidate_freq
ynh_systemd_action --service_name=php${phpversion}-fpm --action=reload
ynh_systemctl --service=php${php_version}-fpm --action=reload
fi
#=================================================
# SETUP SSOWAT
#=================================================
ynh_script_progression --message="Configuring permissions..."
ynh_script_progression "Configuring permissions..."
# Temporary fix for the API permission (workaround for https://github.com/YunoHost/issues/issues/2294 )
ynh_permission_url --permission="api" --url="re:$new_domain\/.well-known\/.*" --auth_header="false" --clear_urls
@ -64,4 +58,4 @@ ynh_permission_url --permission="api" --url="re:$new_domain\/.well-known\/.*" --
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Change of URL completed for $app" --last
ynh_script_progression "Change of URL completed for $app"

70
scripts/config
View file

@ -1,22 +1,16 @@
#!/bin/bash
#=================================================
# GENERIC STARTING
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
ynh_abort_if_errors
#REMOVEME? ynh_abort_if_errors
#=================================================
# RETRIEVE ARGUMENTS
#=================================================
phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
current_fpm_footprint=$(ynh_app_setting_get --app=$app --key=fpm_footprint)
php_version=$(ynh_app_setting_get --key=php_version)
current_fpm_footprint=$(ynh_app_setting_get --key=fpm_footprint)
#=================================================
# SPECIFIC GETTERS FOR TOML SHORT KEY
@ -24,8 +18,8 @@ current_fpm_footprint=$(ynh_app_setting_get --app=$app --key=fpm_footprint)
get__maintenance_mode() {
# Maintenance mode status
maintenance_mode_status="$(cd "$install_dir" && ynh_exec_as "$app" \
php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi maintenance:mode)" 2> /dev/null
maintenance_mode_status="$(cd "$install_dir" && ynh_exec_as_app \
php${php_version} --define apc.enable_cli=1 occ --no-interaction --no-ansi maintenance:mode)" 2> /dev/null
if echo $maintenance_mode_status | grep -q "disabled"
then
echo "0"
@ -33,14 +27,14 @@ get__maintenance_mode() {
then
echo "1"
else
ynh_print_err --message="Unexpected output from maintenance status check command."
ynh_print_warn "Unexpected output from maintenance status check command."
exit 0
fi
}
get__system_addressbook_exposed() {
echo $(cd "$install_dir" && ynh_exec_as "$app" \
php${phpversion} --define apc.enable_cli=1 occ config:app:get dav system_addressbook_exposed)
echo $(cd "$install_dir" && ynh_exec_as_app \
php${php_version} --define apc.enable_cli=1 occ config:app:get dav system_addressbook_exposed)
}
get__fpm_footprint() {
@ -73,35 +67,35 @@ get__fpm_free_footprint() {
set__maintenance_mode() {
if [ "$maintenance_mode" -eq "0" ]; then
# If maintenance_mode was set to 0, disable maintenance mode
(cd "$install_dir" && ynh_exec_as "$app" \
php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi maintenance:mode --off)
(cd "$install_dir" && ynh_exec_as_app \
php${php_version} --define apc.enable_cli=1 occ --no-interaction --no-ansi maintenance:mode --off)
ynh_print_info "Maintenance mode disabled"
elif [ "$maintenance_mode" -eq "1" ]; then
# If maintenance_mode was set to 1, enable maintenance mode
(cd "$install_dir" && ynh_exec_as "$app" \
php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi maintenance:mode --on)
(cd "$install_dir" && ynh_exec_as_app \
php${php_version} --define apc.enable_cli=1 occ --no-interaction --no-ansi maintenance:mode --on)
ynh_print_info "Maintenance mode enabled"
fi
ynh_app_setting_set --app=$app --key=maintenance_mode --value="$maintenance_mode"
ynh_app_setting_set --key=maintenance_mode --value="$maintenance_mode"
}
set__system_addressbook_exposed() {
(cd "$install_dir" && ynh_exec_as "$app" \
php${phpversion} --define apc.enable_cli=1 occ config:app:set dav system_addressbook_exposed --value="$system_addressbook_exposed")
(cd "$install_dir" && ynh_exec_as_app \
php${php_version} --define apc.enable_cli=1 occ config:app:set dav system_addressbook_exposed --value="$system_addressbook_exposed")
ynh_print_info "System addressbook is exposed: $system_addressbook_exposed"
}
set__fpm_footprint() {
if [ "$fpm_footprint" != "specific" ]
#REMOVEME? Everything about fpm_footprint is removed in helpers2.1... | set__fpm_footprint() {
#REMOVEME? Everything about fpm_footprint is removed in helpers2.1... | if [ "$fpm_footprint" != "specific" ]
then
ynh_app_setting_set --app=$app --key=fpm_footprint --value="$fpm_footprint"
#REMOVEME? Everything about fpm_footprint is removed in helpers2.1... | ynh_app_setting_set --key=fpm_footprint --value="$fpm_footprint"
fi
}
set__fpm_free_footprint() {
if [ "$fpm_footprint" = "specific" ]
#REMOVEME? Everything about fpm_free_footprint is removed in helpers2.1... | set__fpm_free_footprint() {
#REMOVEME? Everything about fpm_footprint is removed in helpers2.1... | if [ "$fpm_footprint" = "specific" ]
then
ynh_app_setting_set --app=$app --key=fpm_footprint --value="$fpm_free_footprint"
#REMOVEME? Everything about fpm_free_footprint is removed in helpers2.1... | ynh_app_setting_set --key=fpm_footprint --value="$fpm_free_footprint"
fi
}
@ -110,36 +104,34 @@ set__fpm_free_footprint() {
#=================================================
function run__set_permissions_button() {
local data_dir=$(ynh_app_setting_get --app=$app --key=data_dir)
local data_dir=$(ynh_app_setting_get --key=data_dir)
ynh_print_info "Set permissions, it may take some time..."
chown -R $app:www-data "$install_dir"
#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R $app:www-data "$install_dir"
chown -R $app: "$data_dir"
find $install_dir/ -type f -print0 | xargs -r0 chmod 0644
find $install_dir/ -type d -print0 | xargs -r0 chmod 0755
find $data_dir/data/ -type f -print0 | xargs -r0 chmod 0640
find $data_dir/data/ -type d -print0 | xargs -r0 chmod 0750
chmod 640 "$install_dir/config/config.php"
#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 640 "$install_dir/config/config.php"
chmod 755 /home/yunohost.app
chmod 750 $install_dir
#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 750 $install_dir
}
#=================================================
# GENERIC FINALIZATION
#=================================================
ynh_app_config_validate() {
_ynh_app_config_validate
if [ "${changed[fpm_usage]}" == "true" ] || [ "${changed[fpm_footprint]}" == "true" ] || [ "${changed[fpm_free_footprint]}" == "true" ]; then
# If fpm_footprint is set to 'specific', use $fpm_free_footprint value.
if [ "$fpm_footprint" = "specific" ]
#REMOVEME? Everything about fpm_free_footprint is removed in helpers2.1... | # If fpm_footprint is set to 'specific', use $fpm_free_footprint value.
#REMOVEME? Everything about fpm_footprint is removed in helpers2.1... | if [ "$fpm_footprint" = "specific" ]
then
fpm_footprint=$fpm_free_footprint
#REMOVEME? Everything about fpm_free_footprint is removed in helpers2.1... | fpm_footprint=$fpm_free_footprint
fi
if [ "$fpm_footprint" == "0" ]
#REMOVEME? Everything about fpm_footprint is removed in helpers2.1... | if [ "$fpm_footprint" == "0" ]
then
ynh_print_err --message="When selecting 'specific', you have to set a footprint value into the field below."
ynh_print_warn "When selecting 'specific', you have to set a footprint value into the field below."
exit 0
fi
@ -149,7 +141,7 @@ ynh_app_config_validate() {
ynh_app_config_apply() {
_ynh_app_config_apply
ynh_add_fpm_config
ynh_config_add_phpfpm
}
ynh_app_config_run $1

83
scripts/install
View file

@ -2,69 +2,73 @@
source _common.sh
source /usr/share/yunohost/helpers
ynh_app_setting_set --key=php_upload_max_filesize --value=10G
ynh_app_setting_set --key=php_memory_limit --value=512M
source _ynh_mysql_connect_as.sh
phpflags="--define apc.enable_cli=1"
ynh_app_setting_set --app=$app --key=phpflags --value="$phpflags"
ynh_app_setting_set --key=phpflags --value="$phpflags"
#=================================================
# CREATE A MYSQL DATABASE
#=================================================
ynh_script_progression --message="Migrate MySQL database to utf8..." --weight=2
ynh_script_progression "Migrate MySQL database to utf8..."
ynh_mysql_connect_as --user=$db_user --password="$db_pwd" --database=$db_name \
ynh_mysql_db_shell \
<<< "ALTER DATABASE $db_name CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;"
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression --message="Setting up source files..." --weight=5
ynh_script_progression "Setting up source files..."
# Enable YunoHost patches on Nextcloud sources
cp -a ../sources/patches_last_version/* ../sources/patches
cp -a ../patches_last_version/* ../patches
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$install_dir"
#=================================================
# PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring PHP-FPM..." --weight=5
ynh_script_progression "Configuring PHP-FPM..."
ynh_app_setting_set --app=$app --key=fpm_footprint --value=high
ynh_app_setting_set --app=$app --key=fpm_usage --value=medium
ynh_add_fpm_config
ynh_app_setting_set --key=fpm_footprint --value=high
ynh_app_setting_set --key=fpm_usage --value=medium
ynh_config_add_phpfpm
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring NGINX web server..." --weight=2
ynh_script_progression "Configuring NGINX web server..."
# Check if .well-known is available for this domain
if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav"
then
ynh_print_warn --message="Another app already uses the domain $domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book."
ynh_print_warn "Another app already uses the domain $domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book."
# Remove lines about .well-known/carddav and caldav with sed.
sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "../conf/nginx.conf"
fi
# Create a dedicated NGINX config
ynh_add_nginx_config
ynh_config_add_nginx
#=================================================
# INSTALL NEXTCLOUD
#=================================================
ynh_script_progression --message="Installing $app..." --weight=30
ynh_script_progression "Installing $app..."
# Define a function to execute commands with `occ`
exec_occ() {
(cd "$install_dir" && ynh_exec_as "$app" \
php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi "$@")
(cd "$install_dir" && ynh_exec_as_app \
php${php_version} --define apc.enable_cli=1 occ --no-interaction --no-ansi "$@")
}
# Set write access for the following commands
chown -R $app:www-data "$install_dir"
#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R $app:www-data "$install_dir"
chown -R $app: "$data_dir"
# Define password in an intermediate var
@ -78,12 +82,12 @@ exec_occ maintenance:install \
--database-user $db_user --database-pass "$db_pwd" \
--admin-user "admin" --admin-pass "$admin_password" \
--data-dir "$data_dir/data" \
|| ynh_die --message="Unable to install $app"
|| ynh_die "Unable to install $app"
#=================================================
# CONFIGURE NEXTCLOUD
#=================================================
ynh_script_progression --message="Configuring $app..." --weight=8
ynh_script_progression "Configuring $app..."
# Set the mysql.utf8mb4 config to true in config.php
exec_occ config:system:set mysql.utf8mb4 --type boolean --value="true"
@ -100,21 +104,21 @@ exec_occ ldap:create-empty-config
# Load the installation config file in Nextcloud
nc_conf="$install_dir/config_install.json"
ynh_add_config --template="config_install.json" --destination="$nc_conf"
ynh_config_add --template="config_install.json" --destination="$nc_conf"
exec_occ config:import "$nc_conf"
# Then remove the config file
ynh_secure_remove --file="$nc_conf"
ynh_safe_rm "$nc_conf"
# Load the additional config file (used also for upgrade)
nc_conf="$install_dir/config.json"
ynh_add_config --template="config.json" --destination="$nc_conf"
ynh_config_add --template="config.json" --destination="$nc_conf"
exec_occ config:import "$nc_conf"
# Then remove the config file
ynh_secure_remove --file="$nc_conf"
ynh_safe_rm "$nc_conf"
#=================================================
# CHECK THE LDAP CONFIG
@ -122,7 +126,7 @@ ynh_secure_remove --file="$nc_conf"
# Check LDAP configuration to see if everything worked well
exec_occ ldap:test-config '' \
|| ynh_die --message="An error occured during LDAP configuration"
|| ynh_die "An error occured during LDAP configuration"
#=================================================
# MOUNT HOME FOLDERS AS EXTERNAL STORAGE
@ -136,7 +140,7 @@ create_external_storage() {
local mount_id=`exec_occ files_external:create --output=json \
"$mount_name" 'local' 'null::null' -c "datadir=$mount_dir" || true`
! [[ $mount_id =~ ^[0-9]+$ ]] \
&& ynh_print_warn --message="Unable to create external storage" \
&& ynh_print_warn "Unable to create external storage" \
|| exec_occ files_external:option "$mount_id" enable_sharing true
}
@ -177,7 +181,7 @@ exec_occ config:system:set overwrite.cli.url --value="https://${domain}${path}"
#=================================================
# Set the user as admin
ynh_mysql_connect_as --user=$db_name --password="$db_pwd" --database=$db_name --default_character_set="utf8mb4" \
ynh_mysql_db_shell \
<<< "INSERT INTO oc_group_user VALUES ('admin','$admin');"
# And delete admin user
exec_occ user:delete admin
@ -193,16 +197,16 @@ exec_occ config:app:set dav system_addressbook_exposed --value="$system_addressb
#=================================================
# Calculate and store the config file checksum into the app settings
ynh_store_file_checksum --file="$install_dir/config/config.php"
ynh_store_file_checksum "$install_dir/config/config.php"
#=================================================
# ADD A CRON JOB
#=================================================
cron_path="/etc/cron.d/$app"
ynh_add_config --template="nextcloud.cron" --destination="$cron_path"
chown root: "$cron_path"
chmod 644 "$cron_path"
ynh_config_add --template="nextcloud.cron" --destination="$cron_path"
#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown root: "$cron_path"
#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 644 "$cron_path"
exec_occ background:cron
@ -217,7 +221,7 @@ exec_occ db:convert-filecache-bigint -n
#=================================================
# YUNOHOST MULTIMEDIA INTEGRATION
#=================================================
ynh_script_progression --message="Adding multimedia directories..." --weight=6
ynh_script_progression "Adding multimedia directories..."
# Build YunoHost multimedia directories
ynh_multimedia_build_main_dir
@ -228,41 +232,38 @@ create_external_storage "/home/yunohost.multimedia/share" "Shared multimedia"
# Allow nextcloud to write into these directories
ynh_multimedia_addaccess $app
#=================================================
# GENERIC FINALIZATION
#=================================================
# SECURE FILES AND DIRECTORIES
#=================================================
# Fix app ownerships & permissions
chown -R $app:www-data "$install_dir"
#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R $app:www-data "$install_dir"
chown -R $app: "$data_dir"
find $install_dir/ -type f -print0 | xargs -r0 chmod 0644
find $install_dir/ -type d -print0 | xargs -r0 chmod 0755
find $data_dir/data/ -type f -print0 | xargs -r0 chmod 0640
find $data_dir/data/ -type d -print0 | xargs -r0 chmod 0750
chmod 600 "$install_dir/config/config.php"
#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 600 "$install_dir/config/config.php"
chmod 755 /home/yunohost.app
chmod 750 $install_dir
#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 750 $install_dir
#=================================================
# SETUP LOGROTATE
#=================================================
ynh_script_progression --message="Configuring log rotation..." --weight=1
ynh_script_progression "Configuring log rotation..."
# Use logrotate to manage application logfile(s)
ynh_use_logrotate
ynh_config_add_logrotate
#=================================================
# SETUP FAIL2BAN
#=================================================
ynh_script_progression --message="Configuring Fail2Ban..." --weight=8
ynh_script_progression "Configuring Fail2Ban..."
# Create a dedicated Fail2Ban config
ynh_add_fail2ban_config --logpath="/var/log/$app/nextcloud.log" --failregex="^.*Login failed: '.*' \(Remote IP: '<HOST>'.*$" --max_retry=5
ynh_config_add_fail2ban --logpath="/var/log/$app/nextcloud.log" --failregex="^.*Login failed: '.*' \(Remote IP: '<HOST>'.*$"
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Installation of $app completed" --last
ynh_script_progression "Installation of $app completed"

17
scripts/remove
View file

@ -6,25 +6,26 @@ source /usr/share/yunohost/helpers
#=================================================
# REMOVE SYSTEM CONFIGURATIONS
#=================================================
# REMOVE SYSTEMD SERVICE
# REMOVE SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Removing system configurations related to $app..." --weight=5
ynh_script_progression "Removing system configurations related to $app..."
# Remove the dedicated NGINX config
ynh_remove_nginx_config
ynh_config_remove_nginx
# Remove the dedicated PHP-FPM config
ynh_remove_fpm_config
ynh_config_remove_phpfpm
# Remove the app-specific logrotate config
ynh_remove_logrotate
ynh_config_remove_logrotate
# Remove the dedicated Fail2Ban config
ynh_remove_fail2ban_config
ynh_config_remove_fail2ban
# Remove a cron file
# TODO: Ensure that cron job is not running (How !?)
ynh_secure_remove --file="/etc/cron.d/$app"
ynh_safe_rm "/etc/cron.d/$app"
# Cleaning ACL in home directories
for i in $(ls /home); do
@ -37,4 +38,4 @@ done
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Removal of $app completed" --last
ynh_script_progression "Removal of $app completed"

59
scripts/restore
View file

@ -9,38 +9,38 @@ source ../settings/scripts/_ynh_mysql_connect_as.sh
#=================================================
# RESTORE THE APP MAIN DIR
#=================================================
ynh_script_progression --message="Restoring the app main directory..."
ynh_script_progression "Restoring the app main directory..."
ynh_restore_file --origin_path="$install_dir"
ynh_restore "$install_dir"
#=================================================
# RESTORE THE MYSQL DATABASE
#=================================================
ynh_script_progression --message="Restoring the MySQL database..." --weight=9
ynh_script_progression "Restoring the MySQL database..."
ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name --default_character_set="utf8mb4" < ./db.sql
ynh_mysql_db_shell < ./db.sql
#=================================================
# RESTORE THE PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Reconfiguring PHP-FPM..." --weight=50
ynh_script_progression "Reconfiguring PHP-FPM..."
# Restore the file first, so it can have a backup if different
ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
ynh_restore "/etc/php/$php_version/fpm/pool.d/$app.conf"
# Recreate a dedicated PHP-FPM config
ynh_add_fpm_config
ynh_config_add_phpfpm
#=================================================
# RESTORE THE NGINX CONFIGURATION
#=================================================
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_restore "/etc/nginx/conf.d/$domain.d/$app.conf"
# Check if .well-known is available for this domain
if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav"
then
ynh_print_warn --message="Another app already uses the domain $domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book."
ynh_print_warn "Another app already uses the domain $domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book."
# Remove lines about .well-known/CardDAV and CalDAV with sed.
sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "/etc/nginx/conf.d/$domain.d/$app.conf"
@ -49,46 +49,45 @@ fi
#=================================================
# RESTORE THE CRON FILE
#=================================================
ynh_script_progression --message="Restoring cron job..." --weight=1
ynh_script_progression "Restoring cron job..."
ynh_restore_file --origin_path="/etc/cron.d/$app"
ynh_restore "/etc/cron.d/$app"
#=================================================
# RESTORE LOGS
#=================================================
ynh_restore_file --origin_path="/var/log/$app"
ynh_restore "/var/log/$app"
#=================================================
# BACKUP THE LOGROTATE CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the logrotate configuration..." --weight=1
ynh_script_progression "Restoring the logrotate configuration..."
ynh_restore_file --origin_path="/etc/logrotate.d/$app"
ynh_restore "/etc/logrotate.d/$app"
#=================================================
# RESTORE THE DATA DIRECTORY
#=================================================
ynh_script_progression --message="Restoring data directory..." --weight=2
ynh_script_progression "Restoring data directory..."
# Use --not_mandatory for the data directory, because if the backup has been made with BACKUP_CORE_ONLY, there's no data into the backup.
ynh_restore_file --origin_path="$data_dir" --not_mandatory
# Use || true for the data directory, because if the backup has been made with BACKUP_CORE_ONLY, there's no data into the backup.
ynh_restore "$data_dir"
#=================================================
# RESTORE USER RIGHTS
#=================================================
# Fix app ownerships & permissions
chown -R $app:www-data "$install_dir"
#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R $app:www-data "$install_dir"
chown -R $app: "$data_dir"
find $install_dir/ -type f -print0 | xargs -r0 chmod 0644
find $install_dir/ -type d -print0 | xargs -r0 chmod 0755
find $data_dir/data/ -type f -print0 | xargs -r0 chmod 0640
find $data_dir/data/ -type d -print0 | xargs -r0 chmod 0750
chmod 600 "$install_dir/config/config.php"
#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 600 "$install_dir/config/config.php"
chmod 755 /home/yunohost.app
chmod 750 $install_dir
#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 750 $install_dir
# Iterate over users to extend their home folder permissions - for the external
# storage plugin usage - and create relevant Nextcloud directories
for u in $(ynh_user_list); do
@ -99,7 +98,7 @@ done
#=================================================
# YUNOHOST MULTIMEDIA INTEGRATION
#=================================================
ynh_script_progression --message="Adding multimedia directories..." --weight=4
ynh_script_progression "Adding multimedia directories..."
# Build YunoHost multimedia directories
ynh_multimedia_build_main_dir
@ -109,10 +108,10 @@ ynh_multimedia_addaccess $app
#=================================================
# RESTORE THE FAIL2BAN CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the Fail2Ban configuration..." --weight=7
ynh_script_progression "Restoring the Fail2Ban configuration..."
ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf"
ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf"
ynh_restore "/etc/fail2ban/jail.d/$app.conf"
ynh_restore "/etc/fail2ban/filter.d/$app.conf"
# Make sure a log file exists (mostly for CI tests)
logfile="/var/log/$app/nextcloud.log"
@ -121,19 +120,17 @@ if [ ! -f "$logfile" ]; then
chown "$app:" "$logfile"
fi
ynh_systemd_action --action=restart --service_name=fail2ban
ynh_systemctl --action=restart --service=fail2ban
#=================================================
# GENERIC FINALIZATION
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=3
ynh_script_progression "Reloading NGINX web server..."
ynh_systemd_action --service_name=nginx --action=reload
ynh_systemctl --service=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Restoration completed for $app" --last
ynh_script_progression "Restoration completed for $app"

119
scripts/upgrade
View file

@ -3,40 +3,40 @@
source _common.sh
source /usr/share/yunohost/helpers
upgrade_type=$(ynh_check_app_version_changed)
ynh_app_setting_set_default --key=php_upload_max_filesize --value=10G
ynh_app_setting_set_default --key=php_memory_limit --value=512M
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
ynh_script_progression --message="Ensuring downward compatibility..."
ynh_script_progression "Ensuring downward compatibility..."
if [ -z ${system_addressbook_exposed:-} ]; then
ynh_app_setting_set --app=$app --key=system_addressbook_exposed --value=0
ynh_app_setting_set --key=system_addressbook_exposed --value=0
system_addressbook_exposed=0
fi
# Fix system_addressbook_exposed as a boolean
if [ "${system_addressbook_exposed,,}" = "yes" ]; then
ynh_app_setting_set --app=$app --key=system_addressbook_exposed --value=1
ynh_app_setting_set --key=system_addressbook_exposed --value=1
system_addressbook_exposed=1
elif [ "${system_addressbook_exposed,,}" = "no" ]; then
ynh_app_setting_set --app=$app --key=system_addressbook_exposed --value=0
ynh_app_setting_set --key=system_addressbook_exposed --value=0
system_addressbook_exposed=0
fi
# Remove the option backup_core_only if it's in the settings.yml file
ynh_app_setting_delete --app=$app --key=backup_core_only
ynh_app_setting_delete --key=backup_core_only
phpflags="--define apc.enable_cli=1"
ynh_app_setting_set --app=$app --key=phpflags --value="$phpflags"
ynh_app_setting_set --key=phpflags --value="$phpflags"
if ynh_compare_current_package_version --comparison lt --version 22.2~ynh1
if ynh_app_upgrading_from_version_before 22.2~ynh1
then
ynh_die --message="Upgrading from Nextcloud < 22.2 is not supported anymore. You should first upgrade to 22.2 using: yunohost app upgrade nextcloud -u https://github.com/YunoHost-Apps/nextcloud_ynh/tree/41f5f902e7c7cd3c30a6793020562ba98b9bf3e9"
ynh_die "Upgrading from Nextcloud < 22.2 is not supported anymore. You should first upgrade to 22.2 using: yunohost app upgrade nextcloud -u https://github.com/YunoHost-Apps/nextcloud_ynh/tree/41f5f902e7c7cd3c30a6793020562ba98b9bf3e9"
fi
#=================================================
# SPECIFIC UPGRADE
#=================================================
# MAKE SEQUENTIAL UPGRADES FROM EACH MAJOR
# VERSION TO THE NEXT ONE
@ -66,19 +66,19 @@ exec_occ() {
NEXTCLOUD_PHP_VERSION="7.4"
fi
# NB : be super careful when designing this part of the code, because calling ynh_install_app_dependencies
# will do magic regarding php configuration and $phpversion when the php version of the dependencies changes ...
phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
if [[ "$NEXTCLOUD_PHP_VERSION" != "$phpversion" ]]; then
# NB : be super careful when designing this part of the code, because calling ynh_apt_install_dependencies
# will do magic regarding php configuration and $php_version when the php version of the dependencies changes ...
php_version=$(ynh_app_setting_get --key=php_version)
if [[ "$NEXTCLOUD_PHP_VERSION" != "$php_version" ]]; then
local pkg_dependencies="$(dpkg-query --show --showformat='${Depends}' ${app}-ynh-deps)"
pkg_dependencies="${pkg_dependencies//$phpversion/$NEXTCLOUD_PHP_VERSION}"
# Packaging v1 ~legacy : ynh_install_app_dependencies is designed to be called several times
pkg_dependencies="${pkg_dependencies//$php_version/$NEXTCLOUD_PHP_VERSION}"
# Packaging v1 ~legacy : ynh_apt_install_dependencies is designed to be called several times
# but the second time it will *append* the list of dependencies rather than replace the existing dependencies
# resulting in a crash when parsing what's the php version the app uses, hence we need to force the full-replacement
YNH_INSTALL_APP_DEPENDENCIES_REPLACE=true
ynh_install_app_dependencies "$pkg_dependencies"
ynh_apt_install_dependencies "$pkg_dependencies"
fi
(cd "$install_dir" && ynh_exec_as "$app" \
(cd "$install_dir" && ynh_exec_as_app \
php$NEXTCLOUD_PHP_VERSION --define apc.enable_cli=1 occ --no-interaction --no-ansi "$@") 2> >(filter_boring_occ_warnings >&2)
}
@ -90,7 +90,7 @@ create_external_storage() {
local mount_id=$(exec_occ files_external:create --output=json \
"$mount_name" 'local' 'null::null' -c "datadir=$mount_dir" || true)
! [[ $mount_id =~ ^[0-9]+$ ]] \
&& ynh_print_warn --message="Unable to create external storage" \
&& ynh_print_warn "Unable to create external storage" \
|| exec_occ files_external:option "$mount_id" enable_sharing true
}
@ -117,11 +117,10 @@ function list_installed_apps_not_compatible_with_future_version()
comm -23 <(comm -23 $installed_apps $core_apps_in_current_version) $nextcloud_destination_appcatalog
}
current_version=$(grep OC_VersionString "$install_dir/version.php" | cut -d\' -f2)
current_major_version=${current_version%%.*}
last_version=$(ynh_read_manifest --manifest_key="resources.sources.main.url" | grep -o '[0-9][0-9]\.[0-9]\.[0-9]')
last_version=$(ynh_read_manifest | grep -o '[0-9][0-9]\.[0-9]\.[0-9]')
last_major_version=${last_version%%.*}
if [[ "$last_major_version" != "$current_major_version" ]]
@ -129,24 +128,24 @@ then
installed_apps_not_compatible_with_future_version="$(list_installed_apps_not_compatible_with_future_version $last_major_version)"
if [[ -n "$installed_apps_not_compatible_with_future_version" ]]
then
ynh_die --message="The following apps are not (yet?) compatible with Nextcloud $last_major_version. You should make sure to upgrade the app, or disable it, or wait for it to become compatible before running this upgrade : $installed_apps_not_compatible_with_future_version"
ynh_die "The following apps are not (yet?) compatible with Nextcloud $last_major_version. You should make sure to upgrade the app, or disable it, or wait for it to become compatible before running this upgrade : $installed_apps_not_compatible_with_future_version"
fi
fi
if [ "$upgrade_type" == "UPGRADE_APP" ]
# FIXME: this is still supported but the recommendation is now to *always* re-setup the app sources wether or not the upstream sources changed
if ynh_app_upstream_version_changed
then
ynh_script_progression --message="Upgrading $app..." --weight=3
ynh_script_progression "Upgrading $app..."
# Set write access for the following commands
chown -R $app:www-data "$install_dir"
#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R $app:www-data "$install_dir"
# Print the current version number of Nextcloud
exec_occ -V
if [ "$(exec_occ config:system:get mysql.utf8mb4)" != "true" ]; then
db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd)
db_pwd=$(ynh_app_setting_get --key=db_pwd)
# Change your databases character set and collation
ynh_mysql_connect_as --user=$db_user --password="$db_pwd" --database=$db_name \
ynh_mysql_db_shell \
<<< "ALTER DATABASE $db_name CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;"
# Set the mysql.utf8mb4 config to true in config.php
exec_occ config:system:set mysql.utf8mb4 --type boolean --value="true"
@ -169,11 +168,11 @@ then
next_major_version="$(( $current_major_version + 1 ))"
if [[ "$next_major_version" -ge "$last_major_version" ]]; then
ynh_print_info --message="Upgrading to Nextcloud $last_version"
cp -a ../sources/patches_last_version/* ../sources/patches
ynh_print_info "Upgrading to Nextcloud $last_version"
cp -a ../patches_last_version/* ../patches
source_id="main"
else
ynh_print_info --message="Upgrading to Nextcloud $next_major_version"
ynh_print_info "Upgrading to Nextcloud $next_major_version"
source_id="$next_major_version"
fi
@ -203,16 +202,15 @@ then
)
# Replace the old Nextcloud by the new one
ynh_secure_remove --file="$install_dir"
ynh_safe_rm "$install_dir"
mv "$tmpdir" "$install_dir"
# Set write access for the following commands
chown -R $app:www-data "$install_dir"
#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R $app:www-data "$install_dir"
# Upgrade Nextcloud (SUCCESS = 0, UP_TO_DATE = 3)
exec_occ maintenance:mode --off
exec_occ upgrade \
|| [ $? -eq 3 ] || ynh_die --message="Unable to upgrade $app"
|| [ $? -eq 3 ] || ynh_die "Unable to upgrade $app"
# Get the new current version number
current_version=$(grep OC_VersionString "$install_dir/version.php" | cut -d\' -f2)
@ -230,13 +228,13 @@ then
#=================================================
# CONFIGURE NEXTCLOUD
#=================================================
ynh_script_progression --message="Reconfiguring $app..." --weight=9
ynh_script_progression "Reconfiguring $app..."
# Verify the checksum and backup the file if it's different
ynh_backup_if_checksum_is_different --file="$install_dir/config/config.php"
ynh_backup_if_checksum_is_different "$install_dir/config/config.php"
nc_conf="${install_dir}/config.json"
ynh_add_config --template="config.json" --destination="$nc_conf"
ynh_config_add --template="config.json" --destination="$nc_conf"
# Reneable the mail app
if [ $mail_app_must_be_reactived -eq 1 ]; then
@ -257,7 +255,7 @@ then
# but it must be after the exec_occ() definition, so it's here
if [ -f "$data_dir/data/nextcloud.log" ]; then
mkdir -p "/var/log/$app"
chmod 750 "/var/log/$app"
#REMOVEME? Assuming ynh_config_add_logrotate is called, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 750 "/var/log/$app"
mv "$data_dir"/data/nextcloud.log* "/var/log/$app"
# adapt the nextcloud config
exec_occ config:system:set logfile --value="/var/log/$app/nextcloud.log"
@ -267,7 +265,7 @@ then
exec_occ config:import "$nc_conf"
# Then remove the config file
ynh_secure_remove --file="$nc_conf"
ynh_safe_rm "$nc_conf"
#=================================================
# ALLOW USERS TO DISCONNECT FROM NEXTCLOUD
@ -315,67 +313,66 @@ then
#=================================================
# Calculate and store the config file checksum into the app settings
ynh_store_file_checksum --file="${install_dir}/config/config.php"
ynh_store_file_checksum "${install_dir}/config/config.php"
fi
#=================================================
# REGEN PERMISSIONS
#=================================================
ynh_script_progression --message="Reapplying file permissions..." --weight=2
ynh_script_progression "Reapplying file permissions..."
# Fix app ownerships & permissions
chown -R $app:www-data "$install_dir"
#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R $app:www-data "$install_dir"
find $install_dir/ -type f -print0 | xargs -r0 chmod 0644
find $install_dir/ -type d -print0 | xargs -r0 chmod 0755
chmod 600 "$install_dir/config/config.php"
#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 600 "$install_dir/config/config.php"
chmod 755 /home/yunohost.app
chmod 750 $install_dir
#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 750 $install_dir
#=================================================
# REGEN SYSTEM CONFIGURATIONS
#=================================================
ynh_script_progression --message="Regenerating system configurations for $app..." --weight=2
ynh_script_progression "Regenerating system configurations for $app..."
#-------------------------------------------------
# PHP-FPM
#-------------------------------------------------
ynh_add_fpm_config
ynh_config_add_phpfpm
#-------------------------------------------------
# NGINX
#-------------------------------------------------
# Delete current NGINX configuration to be able to check if .well-known is already served.
ynh_backup_if_checksum_is_different --file="/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_remove_nginx_config
ynh_app_setting_delete --app=$app --key="checksum__etc_nginx_conf.d_$domain.d_$app.conf"
ynh_backup_if_checksum_is_different "/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_config_remove_nginx
ynh_app_setting_delete --key="checksum__etc_nginx_conf.d_$domain.d_$app.conf"
# Wait untils NGINX has fully reloaded
ynh_systemd_action --service_name=nginx --action=reload --line_match="Reloaded" --log_path="systemd"
ynh_systemctl --service=nginx --action=reload --wait_until="Reloaded" --log_path="systemd"
wait_nginx_reload
# Check if .well-known is available for this domain
if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav"
then
ynh_print_warn --message="Another app already uses the domain $domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book."
ynh_print_warn "Another app already uses the domain $domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book."
# Remove lines about .well-known/carddav and caldav with sed.
sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "../conf/nginx.conf"
fi
# Create a dedicated NGINX config
ynh_add_nginx_config
ynh_config_add_nginx
#=================================================
# CRON JOB
#=================================================
cron_path="/etc/cron.d/$app"
ynh_add_config --template="nextcloud.cron" --destination="$cron_path"
chown root: "$cron_path"
chmod 644 "$cron_path"
ynh_config_add --template="nextcloud.cron" --destination="$cron_path"
#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown root: "$cron_path"
#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 644 "$cron_path"
exec_occ background:cron
@ -383,17 +380,17 @@ exec_occ background:cron
# LOGROTATE
#=================================================
ynh_use_logrotate --non-append
ynh_config_add_logrotate
#=================================================
# FAIL2BAN
#=================================================
# Create a dedicated Fail2Ban config
ynh_add_fail2ban_config --logpath="/var/log/$app/nextcloud.log" --failregex="^.*Login failed: '.*' \(Remote IP: '<HOST>'.*$" --max_retry=5
ynh_config_add_fail2ban --logpath="/var/log/$app/nextcloud.log" --failregex="^.*Login failed: '.*' \(Remote IP: '<HOST>'.*$"
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Upgrade of $app completed" --last
ynh_script_progression "Upgrade of $app completed"

0
sources/patches/.gitignore vendored
View file