From ce4f75e70efed5cf68df3bcac3e76e29536340e5 Mon Sep 17 00:00:00 2001 From: Yunohost-Bot <> Date: Sat, 31 Aug 2024 01:10:10 +0200 Subject: [PATCH] [autopatch] Automatic patch attempt for helpers 2.1 --- .gitignore | 1 + conf/config.json | 124 ++++++++++++++++++------------------- conf/extra_php-fpm.conf | 3 - conf/nextcloud.cron | 2 +- conf/nginx.conf | 2 +- manifest.toml | 4 +- scripts/_common.sh | 17 ++--- scripts/backup | 35 ++++------- scripts/change_url | 26 +++----- scripts/config | 70 ++++++++++----------- scripts/install | 83 +++++++++++++------------ scripts/remove | 17 ++--- scripts/restore | 59 +++++++++--------- scripts/upgrade | 119 +++++++++++++++++------------------ sources/patches/.gitignore | 0 15 files changed, 264 insertions(+), 298 deletions(-) delete mode 100644 sources/patches/.gitignore diff --git a/.gitignore b/.gitignore index 783a4ae..8f144f3 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ *~ *.sw[op] +.DS_Store diff --git a/conf/config.json b/conf/config.json index 6e4790c..d17d59a 100644 --- a/conf/config.json +++ b/conf/config.json @@ -1,62 +1,62 @@ -{ - "system": { - "updatechecker": false, - "memcache.local": "\\OC\\Memcache\\APCu", - "integrity.check.disabled": true, - "filelocking.enabled": true, - "memcache.locking": "\\OC\\Memcache\\Redis", - "redis": { - "host": "localhost", - "port": "6379", - "timeout": "0.0", - "password": "" - }, - "hashing_default_password": true, - "localstorage.allowsymlinks": true, - "simpleSignUpLink.shown": false, - "maintenance_window_start": 1, - "mail_smtpmode": "smtp", - "mail_smtpport": "25", - "mail_smtpauth": 1, - "mail_smtpname": "__APP__", - "mail_smtppassword": "__MAIL_PWD__", - "mail_sendmailmode": "smtp", - "mail_from_address": "__APP__", - "mail_domain": "__DOMAIN__", - "mail_smtphost": "localhost", - "mail_smtpstreamoptions": { - "ssl": { - "allow_self_signed": true, - "verify_peer": false, - "verify_peer_name": false - } - } - }, - "apps": { - "user_ldap": { - "ldap_base": "dc=yunohost,dc=org", - "ldap_base_groups": "ou=groups,dc=yunohost,dc=org", - "ldap_base_users": "ou=users,dc=yunohost,dc=org", - "ldap_cache_ttl": "600", - "ldap_configuration_active": "1", - "ldap_display_name": "displayname", - "ldap_email_attr": "mail", - "ldap_expert_username_attr": "uid", - "ldap_group_display_name": "cn", - "ldap_group_filter": "(&(objectclass=top)(memberUid=*))", - "ldap_group_filter_mode": "0", - "ldap_groupfilter_objectclass": "posixGroup", - "ldap_group_member_assoc_attribute": "memberUid", - "ldap_host": "localhost", - "ldap_login_filter": "(&(|(objectclass=posixAccount))(uid=%uid)(permission=cn=__APP__.main,ou=permission,dc=yunohost,dc=org))", - "ldap_login_filter_mode": "0", - "ldap_port": "389", - "ldap_quota_attr": "userquota", - "ldap_tls": "0", - "ldap_user_display_name": "cn", - "ldap_user_filter_mode": "0", - "ldap_userfilter_objectclass": "posixAccount", - "ldap_userlist_filter": "objectclass=posixAccount" - } - } -} +{ + "system": { + "updatechecker": false, + "memcache.local": "\\OC\\Memcache\\APCu", + "integrity.check.disabled": true, + "filelocking.enabled": true, + "memcache.locking": "\\OC\\Memcache\\Redis", + "redis": { + "host": "localhost", + "port": "6379", + "timeout": "0.0", + "password": "" + }, + "hashing_default_password": true, + "localstorage.allowsymlinks": true, + "simpleSignUpLink.shown": false, + "maintenance_window_start": 1, + "mail_smtpmode": "smtp", + "mail_smtpport": "25", + "mail_smtpauth": 1, + "mail_smtpname": "__APP__", + "mail_smtppassword": "__MAIL_PWD__", + "mail_sendmailmode": "smtp", + "mail_from_address": "__APP__", + "mail_domain": "__DOMAIN__", + "mail_smtphost": "localhost", + "mail_smtpstreamoptions": { + "ssl": { + "allow_self_signed": true, + "verify_peer": false, + "verify_peer_name": false + } + } + }, + "apps": { + "user_ldap": { + "ldap_base": "dc=yunohost,dc=org", + "ldap_base_groups": "ou=groups,dc=yunohost,dc=org", + "ldap_base_users": "ou=users,dc=yunohost,dc=org", + "ldap_cache_ttl": "600", + "ldap_configuration_active": "1", + "ldap_display_name": "displayname", + "ldap_email_attr": "mail", + "ldap_expert_username_attr": "uid", + "ldap_group_display_name": "cn", + "ldap_group_filter": "(&(objectclass=top)(memberUid=*))", + "ldap_group_filter_mode": "0", + "ldap_groupfilter_objectclass": "posixGroup", + "ldap_group_member_assoc_attribute": "memberUid", + "ldap_host": "localhost", + "ldap_login_filter": "(&(|(objectclass=posixAccount))(uid=%uid)(permission=cn=__APP__.main,ou=permission,dc=yunohost,dc=org))", + "ldap_login_filter_mode": "0", + "ldap_port": "389", + "ldap_quota_attr": "userquota", + "ldap_tls": "0", + "ldap_user_display_name": "cn", + "ldap_user_filter_mode": "0", + "ldap_userfilter_objectclass": "posixAccount", + "ldap_userlist_filter": "objectclass=posixAccount" + } + } +} diff --git a/conf/extra_php-fpm.conf b/conf/extra_php-fpm.conf index fd92447..f584e2c 100644 --- a/conf/extra_php-fpm.conf +++ b/conf/extra_php-fpm.conf @@ -1,9 +1,6 @@ ; Additional php.ini defines, specific to this pool of workers. env[PATH] = $PATH -php_admin_value[memory_limit] = 512M -php_value[upload_max_filesize] = 10G -php_value[post_max_size] = 10G php_value[default_charset] = UTF-8 ; OPcache is already activated by default ; php_value[opcache.enable]=1 diff --git a/conf/nextcloud.cron b/conf/nextcloud.cron index 31bfe2f..29c313c 100644 --- a/conf/nextcloud.cron +++ b/conf/nextcloud.cron @@ -1 +1 @@ -*/5 * * * * __APP__ /usr/bin/php__PHPVERSION__ --define apc.enable_cli=1 -f __INSTALL_DIR__/cron.php +*/5 * * * * __APP__ /usr/bin/php__PHP_VERSION__ --define apc.enable_cli=1 -f __INSTALL_DIR__/cron.php diff --git a/conf/nginx.conf b/conf/nginx.conf index 5a4f22a..21fc12e 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -117,7 +117,7 @@ location ^~ __PATH__/ { fastcgi_param modHeadersAvailable true; # Avoid sending the security headers twice fastcgi_param front_controller_active true; # Enable pretty urls fastcgi_param HTTP_ACCEPT_ENCODING ""; # Disable encoding of Nextcloud response to inject ynh scripts - fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock; + fastcgi_pass unix:/var/run/php/php__PHP_VERSION__-fpm-__APP__.sock; fastcgi_intercept_errors on; fastcgi_request_buffering off; diff --git a/manifest.toml b/manifest.toml index 8102692..5d0f10f 100644 --- a/manifest.toml +++ b/manifest.toml @@ -19,7 +19,8 @@ code = "https://github.com/nextcloud/server" cpe = "cpe:2.3:a:nextcloud:nextcloud" [integration] -yunohost = ">= 11.2.27" +yunohost = ">= 11.2.18" +helpers_version = "2.1" architectures = ["amd64", "arm64", "armhf"] multi_instance = true @@ -102,6 +103,7 @@ ram.runtime = "512M" allow_email = true [resources.install_dir] + group = "www-data:r-x" [resources.data_dir] subdirs = ["data"] diff --git a/scripts/_common.sh b/scripts/_common.sh index 4cdc018..091a079 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -1,11 +1,7 @@ #!/bin/bash #================================================= -# COMMON VARIABLES -#================================================= - -#================================================= -# EXPERIMENTAL HELPERS +# COMMON VARIABLES AND CUSTOM HELPERS #================================================= wait_nginx_reload() { @@ -13,12 +9,13 @@ wait_nginx_reload() { # wait for the Nextcloud configuration file to disappear from NGINX before checking the CalDAV/CardDAV URL. timeout=30 for i in $(seq 1 $timeout); do - if ! ynh_exec_warn_less nginx -T | grep --quiet "# configuration file /etc/nginx/conf.d/$domain.d/$app.conf:"; then + if ! ynh_hide_warnings nginx -T | grep --quiet "# configuration file /etc/nginx/conf.d/$domain.d/$app.conf:"; then break fi sleep 1 done - # Wait untils NGINX has fully reloaded (avoid cURL fail with http2) + # Wait untils NGINX has fully reloaded (avoid cURL fail with http2) + sleep 2 } @@ -26,7 +23,7 @@ wait_nginx_reload() { # usage: is_url_handled --domain=DOMAIN --path=PATH_URI is_url_handled() { # Declare an array to define the options of this helper. - local legacy_args=dp + #REMOVEME? local legacy_args=dp declare -Ar args_array=( [d]=domain= [p]=path= ) local domain local path @@ -53,7 +50,3 @@ is_url_handled() { return 1 fi } - -#================================================= -# FUTURE OFFICIAL HELPERS -#================================================= diff --git a/scripts/backup b/scripts/backup index d56a518..09d57f0 100755 --- a/scripts/backup +++ b/scripts/backup @@ -1,66 +1,57 @@ #!/bin/bash -#================================================= -# GENERIC START -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers source ../settings/scripts/_ynh_mysql_dump_db.sh -#================================================= -# DECLARE DATA AND CONF FILES TO BACKUP -#================================================= -ynh_print_info --message="Declaring files to be backed up..." +ynh_print_info "Declaring files to be backed up..." #================================================= # BACKUP THE APP MAIN DIR #================================================= -ynh_backup --src_path="$install_dir" +ynh_backup "$install_dir" #================================================= # BACKUP THE DATA DIRECTORY #================================================= -ynh_backup --src_path="$data_dir" --is_big +ynh_backup "$data_dir" #================================================= # SYSTEM CONFIGURATION #================================================= # Backup the PHP-FPM configuration -ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" +ynh_backup "/etc/php/$php_version/fpm/pool.d/$app.conf" # Backup the nginx configuration -ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" +ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf" # Backup the logrotate configuration -ynh_backup --src_path="/etc/logrotate.d/$app" +ynh_backup "/etc/logrotate.d/$app" # Backup the Fail2Ban config -ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf" -ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf" +ynh_backup "/etc/fail2ban/jail.d/$app.conf" +ynh_backup "/etc/fail2ban/filter.d/$app.conf" #================================================= # BACKUP VARIOUS FILES #================================================= -ynh_backup --src_path="/etc/cron.d/$app" +ynh_backup "/etc/cron.d/$app" -ynh_backup --src_path="/var/log/$app" +ynh_backup "/var/log/$app" #================================================= # BACKUP THE MYSQL DATABASE #================================================= -ynh_print_info --message="Backing up the MySQL database..." +ynh_print_info "Backing up the MySQL database..." -ynh_mysql_dump_db --database="$db_name" --default_character_set="utf8mb4" > db.sql +ynh_mysql_dump_db --default_character_set="utf8mb4" > db.sql #================================================= # END OF SCRIPT #================================================= -ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." +ynh_print_info "Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." diff --git a/scripts/change_url b/scripts/change_url index 2783932..ec31ea3 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -1,43 +1,37 @@ #!/bin/bash -#================================================= -# GENERIC STARTING -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - source _common.sh source /usr/share/yunohost/helpers #================================================= # MODIFY URL IN NGINX CONF #================================================= -ynh_script_progression --message="Updating NGINX web server configuration..." --weight=2 +ynh_script_progression "Updating NGINX web server configuration..." if [ $change_domain -eq 1 ] then # Check if .well-known is available for this domain if is_url_handled --domain="$new_domain" --path="/.well-known/caldav" || is_url_handled --domain="$new_domain" --path="/.well-known/carddav" then - ynh_print_warn --message="Another app already uses the domain $new_domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book." + ynh_print_warn "Another app already uses the domain $new_domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book." # Remove lines about .well-known/carddav and caldav with sed. sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "/etc/nginx/conf.d/$domain.d/$app.conf" - ynh_store_file_checksum --file="/etc/nginx/conf.d/$domain.d/$app.conf" + ynh_store_file_checksum "/etc/nginx/conf.d/$domain.d/$app.conf" fi fi -ynh_change_url_nginx_config +ynh_config_change_url_nginx #================================================= # SPECIFIC MODIFICATIONS #================================================= -ynh_script_progression --message="Applying $app specific modifications..." --weight=2 +ynh_script_progression "Applying $app specific modifications..." # Define a function to execute commands with `occ` exec_occ() { - (cd "$install_dir" && ynh_exec_as "$app" \ - php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi "$@") + (cd "$install_dir" && ynh_exec_as_app \ + php${php_version} --define apc.enable_cli=1 occ --no-interaction --no-ansi "$@") } if [ $change_domain -eq 1 ] @@ -49,13 +43,13 @@ then exec_occ config:system:set overwrite.cli.url --value="https://${new_domain}${new_path}" # Reload PHP-FPM, necessary for force Nextcloud to re-read config.php, cf opcache.revalidate_freq - ynh_systemd_action --service_name=php${phpversion}-fpm --action=reload + ynh_systemctl --service=php${php_version}-fpm --action=reload fi #================================================= # SETUP SSOWAT #================================================= -ynh_script_progression --message="Configuring permissions..." +ynh_script_progression "Configuring permissions..." # Temporary fix for the API permission (workaround for https://github.com/YunoHost/issues/issues/2294 ) ynh_permission_url --permission="api" --url="re:$new_domain\/.well-known\/.*" --auth_header="false" --clear_urls @@ -64,4 +58,4 @@ ynh_permission_url --permission="api" --url="re:$new_domain\/.well-known\/.*" -- # END OF SCRIPT #================================================= -ynh_script_progression --message="Change of URL completed for $app" --last +ynh_script_progression "Change of URL completed for $app" diff --git a/scripts/config b/scripts/config index e231009..f0b1f58 100644 --- a/scripts/config +++ b/scripts/config @@ -1,22 +1,16 @@ #!/bin/bash -#================================================= -# GENERIC STARTING -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - source _common.sh source /usr/share/yunohost/helpers -ynh_abort_if_errors +#REMOVEME? ynh_abort_if_errors #================================================= # RETRIEVE ARGUMENTS #================================================= -phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) -current_fpm_footprint=$(ynh_app_setting_get --app=$app --key=fpm_footprint) +php_version=$(ynh_app_setting_get --key=php_version) +current_fpm_footprint=$(ynh_app_setting_get --key=fpm_footprint) #================================================= # SPECIFIC GETTERS FOR TOML SHORT KEY @@ -24,8 +18,8 @@ current_fpm_footprint=$(ynh_app_setting_get --app=$app --key=fpm_footprint) get__maintenance_mode() { # Maintenance mode status - maintenance_mode_status="$(cd "$install_dir" && ynh_exec_as "$app" \ - php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi maintenance:mode)" 2> /dev/null + maintenance_mode_status="$(cd "$install_dir" && ynh_exec_as_app \ + php${php_version} --define apc.enable_cli=1 occ --no-interaction --no-ansi maintenance:mode)" 2> /dev/null if echo $maintenance_mode_status | grep -q "disabled" then echo "0" @@ -33,14 +27,14 @@ get__maintenance_mode() { then echo "1" else - ynh_print_err --message="Unexpected output from maintenance status check command." + ynh_print_warn "Unexpected output from maintenance status check command." exit 0 fi } get__system_addressbook_exposed() { - echo $(cd "$install_dir" && ynh_exec_as "$app" \ - php${phpversion} --define apc.enable_cli=1 occ config:app:get dav system_addressbook_exposed) + echo $(cd "$install_dir" && ynh_exec_as_app \ + php${php_version} --define apc.enable_cli=1 occ config:app:get dav system_addressbook_exposed) } get__fpm_footprint() { @@ -73,35 +67,35 @@ get__fpm_free_footprint() { set__maintenance_mode() { if [ "$maintenance_mode" -eq "0" ]; then # If maintenance_mode was set to 0, disable maintenance mode - (cd "$install_dir" && ynh_exec_as "$app" \ - php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi maintenance:mode --off) + (cd "$install_dir" && ynh_exec_as_app \ + php${php_version} --define apc.enable_cli=1 occ --no-interaction --no-ansi maintenance:mode --off) ynh_print_info "Maintenance mode disabled" elif [ "$maintenance_mode" -eq "1" ]; then # If maintenance_mode was set to 1, enable maintenance mode - (cd "$install_dir" && ynh_exec_as "$app" \ - php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi maintenance:mode --on) + (cd "$install_dir" && ynh_exec_as_app \ + php${php_version} --define apc.enable_cli=1 occ --no-interaction --no-ansi maintenance:mode --on) ynh_print_info "Maintenance mode enabled" fi - ynh_app_setting_set --app=$app --key=maintenance_mode --value="$maintenance_mode" + ynh_app_setting_set --key=maintenance_mode --value="$maintenance_mode" } set__system_addressbook_exposed() { - (cd "$install_dir" && ynh_exec_as "$app" \ - php${phpversion} --define apc.enable_cli=1 occ config:app:set dav system_addressbook_exposed --value="$system_addressbook_exposed") + (cd "$install_dir" && ynh_exec_as_app \ + php${php_version} --define apc.enable_cli=1 occ config:app:set dav system_addressbook_exposed --value="$system_addressbook_exposed") ynh_print_info "System addressbook is exposed: $system_addressbook_exposed" } -set__fpm_footprint() { - if [ "$fpm_footprint" != "specific" ] +#REMOVEME? Everything about fpm_footprint is removed in helpers2.1... | set__fpm_footprint() { +#REMOVEME? Everything about fpm_footprint is removed in helpers2.1... | if [ "$fpm_footprint" != "specific" ] then - ynh_app_setting_set --app=$app --key=fpm_footprint --value="$fpm_footprint" +#REMOVEME? Everything about fpm_footprint is removed in helpers2.1... | ynh_app_setting_set --key=fpm_footprint --value="$fpm_footprint" fi } -set__fpm_free_footprint() { - if [ "$fpm_footprint" = "specific" ] +#REMOVEME? Everything about fpm_free_footprint is removed in helpers2.1... | set__fpm_free_footprint() { +#REMOVEME? Everything about fpm_footprint is removed in helpers2.1... | if [ "$fpm_footprint" = "specific" ] then - ynh_app_setting_set --app=$app --key=fpm_footprint --value="$fpm_free_footprint" +#REMOVEME? Everything about fpm_free_footprint is removed in helpers2.1... | ynh_app_setting_set --key=fpm_footprint --value="$fpm_free_footprint" fi } @@ -110,36 +104,34 @@ set__fpm_free_footprint() { #================================================= function run__set_permissions_button() { - local data_dir=$(ynh_app_setting_get --app=$app --key=data_dir) + local data_dir=$(ynh_app_setting_get --key=data_dir) ynh_print_info "Set permissions, it may take some time..." - chown -R $app:www-data "$install_dir" + #REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R $app:www-data "$install_dir" chown -R $app: "$data_dir" find $install_dir/ -type f -print0 | xargs -r0 chmod 0644 find $install_dir/ -type d -print0 | xargs -r0 chmod 0755 find $data_dir/data/ -type f -print0 | xargs -r0 chmod 0640 find $data_dir/data/ -type d -print0 | xargs -r0 chmod 0750 - chmod 640 "$install_dir/config/config.php" + #REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 640 "$install_dir/config/config.php" chmod 755 /home/yunohost.app - chmod 750 $install_dir + #REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 750 $install_dir } -#================================================= -# GENERIC FINALIZATION #================================================= ynh_app_config_validate() { _ynh_app_config_validate if [ "${changed[fpm_usage]}" == "true" ] || [ "${changed[fpm_footprint]}" == "true" ] || [ "${changed[fpm_free_footprint]}" == "true" ]; then - # If fpm_footprint is set to 'specific', use $fpm_free_footprint value. - if [ "$fpm_footprint" = "specific" ] +#REMOVEME? Everything about fpm_free_footprint is removed in helpers2.1... | # If fpm_footprint is set to 'specific', use $fpm_free_footprint value. +#REMOVEME? Everything about fpm_footprint is removed in helpers2.1... | if [ "$fpm_footprint" = "specific" ] then - fpm_footprint=$fpm_free_footprint +#REMOVEME? Everything about fpm_free_footprint is removed in helpers2.1... | fpm_footprint=$fpm_free_footprint fi - if [ "$fpm_footprint" == "0" ] +#REMOVEME? Everything about fpm_footprint is removed in helpers2.1... | if [ "$fpm_footprint" == "0" ] then - ynh_print_err --message="When selecting 'specific', you have to set a footprint value into the field below." + ynh_print_warn "When selecting 'specific', you have to set a footprint value into the field below." exit 0 fi @@ -149,7 +141,7 @@ ynh_app_config_validate() { ynh_app_config_apply() { _ynh_app_config_apply - ynh_add_fpm_config + ynh_config_add_phpfpm } ynh_app_config_run $1 diff --git a/scripts/install b/scripts/install index 0987b84..d864567 100755 --- a/scripts/install +++ b/scripts/install @@ -2,69 +2,73 @@ source _common.sh source /usr/share/yunohost/helpers + +ynh_app_setting_set --key=php_upload_max_filesize --value=10G + +ynh_app_setting_set --key=php_memory_limit --value=512M source _ynh_mysql_connect_as.sh phpflags="--define apc.enable_cli=1" -ynh_app_setting_set --app=$app --key=phpflags --value="$phpflags" +ynh_app_setting_set --key=phpflags --value="$phpflags" #================================================= # CREATE A MYSQL DATABASE #================================================= -ynh_script_progression --message="Migrate MySQL database to utf8..." --weight=2 +ynh_script_progression "Migrate MySQL database to utf8..." -ynh_mysql_connect_as --user=$db_user --password="$db_pwd" --database=$db_name \ +ynh_mysql_db_shell \ <<< "ALTER DATABASE $db_name CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;" #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= -ynh_script_progression --message="Setting up source files..." --weight=5 +ynh_script_progression "Setting up source files..." # Enable YunoHost patches on Nextcloud sources -cp -a ../sources/patches_last_version/* ../sources/patches +cp -a ../patches_last_version/* ../patches # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$install_dir" #================================================= # PHP-FPM CONFIGURATION #================================================= -ynh_script_progression --message="Configuring PHP-FPM..." --weight=5 +ynh_script_progression "Configuring PHP-FPM..." -ynh_app_setting_set --app=$app --key=fpm_footprint --value=high -ynh_app_setting_set --app=$app --key=fpm_usage --value=medium -ynh_add_fpm_config +ynh_app_setting_set --key=fpm_footprint --value=high +ynh_app_setting_set --key=fpm_usage --value=medium +ynh_config_add_phpfpm #================================================= # NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Configuring NGINX web server..." --weight=2 +ynh_script_progression "Configuring NGINX web server..." # Check if .well-known is available for this domain if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav" then - ynh_print_warn --message="Another app already uses the domain $domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book." + ynh_print_warn "Another app already uses the domain $domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book." # Remove lines about .well-known/carddav and caldav with sed. sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "../conf/nginx.conf" fi # Create a dedicated NGINX config -ynh_add_nginx_config +ynh_config_add_nginx #================================================= # INSTALL NEXTCLOUD #================================================= -ynh_script_progression --message="Installing $app..." --weight=30 +ynh_script_progression "Installing $app..." # Define a function to execute commands with `occ` exec_occ() { - (cd "$install_dir" && ynh_exec_as "$app" \ - php${phpversion} --define apc.enable_cli=1 occ --no-interaction --no-ansi "$@") + (cd "$install_dir" && ynh_exec_as_app \ + php${php_version} --define apc.enable_cli=1 occ --no-interaction --no-ansi "$@") } # Set write access for the following commands -chown -R $app:www-data "$install_dir" +#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R $app:www-data "$install_dir" chown -R $app: "$data_dir" # Define password in an intermediate var @@ -78,12 +82,12 @@ exec_occ maintenance:install \ --database-user $db_user --database-pass "$db_pwd" \ --admin-user "admin" --admin-pass "$admin_password" \ --data-dir "$data_dir/data" \ - || ynh_die --message="Unable to install $app" + || ynh_die "Unable to install $app" #================================================= # CONFIGURE NEXTCLOUD #================================================= -ynh_script_progression --message="Configuring $app..." --weight=8 +ynh_script_progression "Configuring $app..." # Set the mysql.utf8mb4 config to true in config.php exec_occ config:system:set mysql.utf8mb4 --type boolean --value="true" @@ -100,21 +104,21 @@ exec_occ ldap:create-empty-config # Load the installation config file in Nextcloud nc_conf="$install_dir/config_install.json" -ynh_add_config --template="config_install.json" --destination="$nc_conf" +ynh_config_add --template="config_install.json" --destination="$nc_conf" exec_occ config:import "$nc_conf" # Then remove the config file -ynh_secure_remove --file="$nc_conf" +ynh_safe_rm "$nc_conf" # Load the additional config file (used also for upgrade) nc_conf="$install_dir/config.json" -ynh_add_config --template="config.json" --destination="$nc_conf" +ynh_config_add --template="config.json" --destination="$nc_conf" exec_occ config:import "$nc_conf" # Then remove the config file -ynh_secure_remove --file="$nc_conf" +ynh_safe_rm "$nc_conf" #================================================= # CHECK THE LDAP CONFIG @@ -122,7 +126,7 @@ ynh_secure_remove --file="$nc_conf" # Check LDAP configuration to see if everything worked well exec_occ ldap:test-config '' \ - || ynh_die --message="An error occured during LDAP configuration" + || ynh_die "An error occured during LDAP configuration" #================================================= # MOUNT HOME FOLDERS AS EXTERNAL STORAGE @@ -136,7 +140,7 @@ create_external_storage() { local mount_id=`exec_occ files_external:create --output=json \ "$mount_name" 'local' 'null::null' -c "datadir=$mount_dir" || true` ! [[ $mount_id =~ ^[0-9]+$ ]] \ - && ynh_print_warn --message="Unable to create external storage" \ + && ynh_print_warn "Unable to create external storage" \ || exec_occ files_external:option "$mount_id" enable_sharing true } @@ -177,7 +181,7 @@ exec_occ config:system:set overwrite.cli.url --value="https://${domain}${path}" #================================================= # Set the user as admin -ynh_mysql_connect_as --user=$db_name --password="$db_pwd" --database=$db_name --default_character_set="utf8mb4" \ +ynh_mysql_db_shell \ <<< "INSERT INTO oc_group_user VALUES ('admin','$admin');" # And delete admin user exec_occ user:delete admin @@ -193,16 +197,16 @@ exec_occ config:app:set dav system_addressbook_exposed --value="$system_addressb #================================================= # Calculate and store the config file checksum into the app settings -ynh_store_file_checksum --file="$install_dir/config/config.php" +ynh_store_file_checksum "$install_dir/config/config.php" #================================================= # ADD A CRON JOB #================================================= cron_path="/etc/cron.d/$app" -ynh_add_config --template="nextcloud.cron" --destination="$cron_path" -chown root: "$cron_path" -chmod 644 "$cron_path" +ynh_config_add --template="nextcloud.cron" --destination="$cron_path" +#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown root: "$cron_path" +#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 644 "$cron_path" exec_occ background:cron @@ -217,7 +221,7 @@ exec_occ db:convert-filecache-bigint -n #================================================= # YUNOHOST MULTIMEDIA INTEGRATION #================================================= -ynh_script_progression --message="Adding multimedia directories..." --weight=6 +ynh_script_progression "Adding multimedia directories..." # Build YunoHost multimedia directories ynh_multimedia_build_main_dir @@ -228,41 +232,38 @@ create_external_storage "/home/yunohost.multimedia/share" "Shared multimedia" # Allow nextcloud to write into these directories ynh_multimedia_addaccess $app -#================================================= -# GENERIC FINALIZATION #================================================= # SECURE FILES AND DIRECTORIES #================================================= # Fix app ownerships & permissions -chown -R $app:www-data "$install_dir" +#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R $app:www-data "$install_dir" chown -R $app: "$data_dir" find $install_dir/ -type f -print0 | xargs -r0 chmod 0644 find $install_dir/ -type d -print0 | xargs -r0 chmod 0755 find $data_dir/data/ -type f -print0 | xargs -r0 chmod 0640 find $data_dir/data/ -type d -print0 | xargs -r0 chmod 0750 -chmod 600 "$install_dir/config/config.php" +#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 600 "$install_dir/config/config.php" chmod 755 /home/yunohost.app -chmod 750 $install_dir - +#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 750 $install_dir #================================================= # SETUP LOGROTATE #================================================= -ynh_script_progression --message="Configuring log rotation..." --weight=1 +ynh_script_progression "Configuring log rotation..." # Use logrotate to manage application logfile(s) -ynh_use_logrotate +ynh_config_add_logrotate #================================================= # SETUP FAIL2BAN #================================================= -ynh_script_progression --message="Configuring Fail2Ban..." --weight=8 +ynh_script_progression "Configuring Fail2Ban..." # Create a dedicated Fail2Ban config -ynh_add_fail2ban_config --logpath="/var/log/$app/nextcloud.log" --failregex="^.*Login failed: '.*' \(Remote IP: ''.*$" --max_retry=5 +ynh_config_add_fail2ban --logpath="/var/log/$app/nextcloud.log" --failregex="^.*Login failed: '.*' \(Remote IP: ''.*$" #================================================= # END OF SCRIPT #================================================= -ynh_script_progression --message="Installation of $app completed" --last +ynh_script_progression "Installation of $app completed" diff --git a/scripts/remove b/scripts/remove index c39ac68..887a10d 100755 --- a/scripts/remove +++ b/scripts/remove @@ -6,25 +6,26 @@ source /usr/share/yunohost/helpers #================================================= # REMOVE SYSTEM CONFIGURATIONS #================================================= -# REMOVE SYSTEMD SERVICE +# REMOVE SYSTEMD SERVICE + #================================================= -ynh_script_progression --message="Removing system configurations related to $app..." --weight=5 +ynh_script_progression "Removing system configurations related to $app..." # Remove the dedicated NGINX config -ynh_remove_nginx_config +ynh_config_remove_nginx # Remove the dedicated PHP-FPM config -ynh_remove_fpm_config +ynh_config_remove_phpfpm # Remove the app-specific logrotate config -ynh_remove_logrotate +ynh_config_remove_logrotate # Remove the dedicated Fail2Ban config -ynh_remove_fail2ban_config +ynh_config_remove_fail2ban # Remove a cron file # TODO: Ensure that cron job is not running (How !?) -ynh_secure_remove --file="/etc/cron.d/$app" +ynh_safe_rm "/etc/cron.d/$app" # Cleaning ACL in home directories for i in $(ls /home); do @@ -37,4 +38,4 @@ done # END OF SCRIPT #================================================= -ynh_script_progression --message="Removal of $app completed" --last +ynh_script_progression "Removal of $app completed" diff --git a/scripts/restore b/scripts/restore index 9ae3611..05edb32 100755 --- a/scripts/restore +++ b/scripts/restore @@ -9,38 +9,38 @@ source ../settings/scripts/_ynh_mysql_connect_as.sh #================================================= # RESTORE THE APP MAIN DIR #================================================= -ynh_script_progression --message="Restoring the app main directory..." +ynh_script_progression "Restoring the app main directory..." -ynh_restore_file --origin_path="$install_dir" +ynh_restore "$install_dir" #================================================= # RESTORE THE MYSQL DATABASE #================================================= -ynh_script_progression --message="Restoring the MySQL database..." --weight=9 +ynh_script_progression "Restoring the MySQL database..." -ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name --default_character_set="utf8mb4" < ./db.sql +ynh_mysql_db_shell < ./db.sql #================================================= # RESTORE THE PHP-FPM CONFIGURATION #================================================= -ynh_script_progression --message="Reconfiguring PHP-FPM..." --weight=50 +ynh_script_progression "Reconfiguring PHP-FPM..." # Restore the file first, so it can have a backup if different -ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" +ynh_restore "/etc/php/$php_version/fpm/pool.d/$app.conf" # Recreate a dedicated PHP-FPM config -ynh_add_fpm_config +ynh_config_add_phpfpm #================================================= # RESTORE THE NGINX CONFIGURATION #================================================= -ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" +ynh_restore "/etc/nginx/conf.d/$domain.d/$app.conf" # Check if .well-known is available for this domain if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav" then - ynh_print_warn --message="Another app already uses the domain $domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book." + ynh_print_warn "Another app already uses the domain $domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book." # Remove lines about .well-known/CardDAV and CalDAV with sed. sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "/etc/nginx/conf.d/$domain.d/$app.conf" @@ -49,46 +49,45 @@ fi #================================================= # RESTORE THE CRON FILE #================================================= -ynh_script_progression --message="Restoring cron job..." --weight=1 +ynh_script_progression "Restoring cron job..." -ynh_restore_file --origin_path="/etc/cron.d/$app" +ynh_restore "/etc/cron.d/$app" #================================================= # RESTORE LOGS #================================================= -ynh_restore_file --origin_path="/var/log/$app" +ynh_restore "/var/log/$app" #================================================= # BACKUP THE LOGROTATE CONFIGURATION #================================================= -ynh_script_progression --message="Restoring the logrotate configuration..." --weight=1 +ynh_script_progression "Restoring the logrotate configuration..." -ynh_restore_file --origin_path="/etc/logrotate.d/$app" +ynh_restore "/etc/logrotate.d/$app" #================================================= # RESTORE THE DATA DIRECTORY #================================================= -ynh_script_progression --message="Restoring data directory..." --weight=2 +ynh_script_progression "Restoring data directory..." -# Use --not_mandatory for the data directory, because if the backup has been made with BACKUP_CORE_ONLY, there's no data into the backup. -ynh_restore_file --origin_path="$data_dir" --not_mandatory +# Use || true for the data directory, because if the backup has been made with BACKUP_CORE_ONLY, there's no data into the backup. +ynh_restore "$data_dir" #================================================= # RESTORE USER RIGHTS #================================================= # Fix app ownerships & permissions -chown -R $app:www-data "$install_dir" +#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R $app:www-data "$install_dir" chown -R $app: "$data_dir" find $install_dir/ -type f -print0 | xargs -r0 chmod 0644 find $install_dir/ -type d -print0 | xargs -r0 chmod 0755 find $data_dir/data/ -type f -print0 | xargs -r0 chmod 0640 find $data_dir/data/ -type d -print0 | xargs -r0 chmod 0750 -chmod 600 "$install_dir/config/config.php" +#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 600 "$install_dir/config/config.php" chmod 755 /home/yunohost.app -chmod 750 $install_dir - +#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 750 $install_dir # Iterate over users to extend their home folder permissions - for the external # storage plugin usage - and create relevant Nextcloud directories for u in $(ynh_user_list); do @@ -99,7 +98,7 @@ done #================================================= # YUNOHOST MULTIMEDIA INTEGRATION #================================================= -ynh_script_progression --message="Adding multimedia directories..." --weight=4 +ynh_script_progression "Adding multimedia directories..." # Build YunoHost multimedia directories ynh_multimedia_build_main_dir @@ -109,10 +108,10 @@ ynh_multimedia_addaccess $app #================================================= # RESTORE THE FAIL2BAN CONFIGURATION #================================================= -ynh_script_progression --message="Restoring the Fail2Ban configuration..." --weight=7 +ynh_script_progression "Restoring the Fail2Ban configuration..." -ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf" -ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf" +ynh_restore "/etc/fail2ban/jail.d/$app.conf" +ynh_restore "/etc/fail2ban/filter.d/$app.conf" # Make sure a log file exists (mostly for CI tests) logfile="/var/log/$app/nextcloud.log" @@ -121,19 +120,17 @@ if [ ! -f "$logfile" ]; then chown "$app:" "$logfile" fi -ynh_systemd_action --action=restart --service_name=fail2ban +ynh_systemctl --action=restart --service=fail2ban -#================================================= -# GENERIC FINALIZATION #================================================= # RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading NGINX web server..." --weight=3 +ynh_script_progression "Reloading NGINX web server..." -ynh_systemd_action --service_name=nginx --action=reload +ynh_systemctl --service=nginx --action=reload #================================================= # END OF SCRIPT #================================================= -ynh_script_progression --message="Restoration completed for $app" --last +ynh_script_progression "Restoration completed for $app" diff --git a/scripts/upgrade b/scripts/upgrade index c4b764c..987865e 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -3,40 +3,40 @@ source _common.sh source /usr/share/yunohost/helpers -upgrade_type=$(ynh_check_app_version_changed) +ynh_app_setting_set_default --key=php_upload_max_filesize --value=10G + +ynh_app_setting_set_default --key=php_memory_limit --value=512M #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= -ynh_script_progression --message="Ensuring downward compatibility..." +ynh_script_progression "Ensuring downward compatibility..." if [ -z ${system_addressbook_exposed:-} ]; then - ynh_app_setting_set --app=$app --key=system_addressbook_exposed --value=0 + ynh_app_setting_set --key=system_addressbook_exposed --value=0 system_addressbook_exposed=0 fi # Fix system_addressbook_exposed as a boolean if [ "${system_addressbook_exposed,,}" = "yes" ]; then - ynh_app_setting_set --app=$app --key=system_addressbook_exposed --value=1 + ynh_app_setting_set --key=system_addressbook_exposed --value=1 system_addressbook_exposed=1 elif [ "${system_addressbook_exposed,,}" = "no" ]; then - ynh_app_setting_set --app=$app --key=system_addressbook_exposed --value=0 + ynh_app_setting_set --key=system_addressbook_exposed --value=0 system_addressbook_exposed=0 fi # Remove the option backup_core_only if it's in the settings.yml file -ynh_app_setting_delete --app=$app --key=backup_core_only +ynh_app_setting_delete --key=backup_core_only phpflags="--define apc.enable_cli=1" -ynh_app_setting_set --app=$app --key=phpflags --value="$phpflags" +ynh_app_setting_set --key=phpflags --value="$phpflags" -if ynh_compare_current_package_version --comparison lt --version 22.2~ynh1 +if ynh_app_upgrading_from_version_before 22.2~ynh1 then - ynh_die --message="Upgrading from Nextcloud < 22.2 is not supported anymore. You should first upgrade to 22.2 using: yunohost app upgrade nextcloud -u https://github.com/YunoHost-Apps/nextcloud_ynh/tree/41f5f902e7c7cd3c30a6793020562ba98b9bf3e9" + ynh_die "Upgrading from Nextcloud < 22.2 is not supported anymore. You should first upgrade to 22.2 using: yunohost app upgrade nextcloud -u https://github.com/YunoHost-Apps/nextcloud_ynh/tree/41f5f902e7c7cd3c30a6793020562ba98b9bf3e9" fi -#================================================= -# SPECIFIC UPGRADE #================================================= # MAKE SEQUENTIAL UPGRADES FROM EACH MAJOR # VERSION TO THE NEXT ONE @@ -66,19 +66,19 @@ exec_occ() { NEXTCLOUD_PHP_VERSION="7.4" fi - # NB : be super careful when designing this part of the code, because calling ynh_install_app_dependencies - # will do magic regarding php configuration and $phpversion when the php version of the dependencies changes ... - phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) - if [[ "$NEXTCLOUD_PHP_VERSION" != "$phpversion" ]]; then + # NB : be super careful when designing this part of the code, because calling ynh_apt_install_dependencies + # will do magic regarding php configuration and $php_version when the php version of the dependencies changes ... + php_version=$(ynh_app_setting_get --key=php_version) + if [[ "$NEXTCLOUD_PHP_VERSION" != "$php_version" ]]; then local pkg_dependencies="$(dpkg-query --show --showformat='${Depends}' ${app}-ynh-deps)" - pkg_dependencies="${pkg_dependencies//$phpversion/$NEXTCLOUD_PHP_VERSION}" - # Packaging v1 ~legacy : ynh_install_app_dependencies is designed to be called several times + pkg_dependencies="${pkg_dependencies//$php_version/$NEXTCLOUD_PHP_VERSION}" + # Packaging v1 ~legacy : ynh_apt_install_dependencies is designed to be called several times # but the second time it will *append* the list of dependencies rather than replace the existing dependencies # resulting in a crash when parsing what's the php version the app uses, hence we need to force the full-replacement YNH_INSTALL_APP_DEPENDENCIES_REPLACE=true - ynh_install_app_dependencies "$pkg_dependencies" + ynh_apt_install_dependencies "$pkg_dependencies" fi -(cd "$install_dir" && ynh_exec_as "$app" \ +(cd "$install_dir" && ynh_exec_as_app \ php$NEXTCLOUD_PHP_VERSION --define apc.enable_cli=1 occ --no-interaction --no-ansi "$@") 2> >(filter_boring_occ_warnings >&2) } @@ -90,7 +90,7 @@ create_external_storage() { local mount_id=$(exec_occ files_external:create --output=json \ "$mount_name" 'local' 'null::null' -c "datadir=$mount_dir" || true) ! [[ $mount_id =~ ^[0-9]+$ ]] \ - && ynh_print_warn --message="Unable to create external storage" \ + && ynh_print_warn "Unable to create external storage" \ || exec_occ files_external:option "$mount_id" enable_sharing true } @@ -117,11 +117,10 @@ function list_installed_apps_not_compatible_with_future_version() comm -23 <(comm -23 $installed_apps $core_apps_in_current_version) $nextcloud_destination_appcatalog } - current_version=$(grep OC_VersionString "$install_dir/version.php" | cut -d\' -f2) current_major_version=${current_version%%.*} -last_version=$(ynh_read_manifest --manifest_key="resources.sources.main.url" | grep -o '[0-9][0-9]\.[0-9]\.[0-9]') +last_version=$(ynh_read_manifest | grep -o '[0-9][0-9]\.[0-9]\.[0-9]') last_major_version=${last_version%%.*} if [[ "$last_major_version" != "$current_major_version" ]] @@ -129,24 +128,24 @@ then installed_apps_not_compatible_with_future_version="$(list_installed_apps_not_compatible_with_future_version $last_major_version)" if [[ -n "$installed_apps_not_compatible_with_future_version" ]] then - ynh_die --message="The following apps are not (yet?) compatible with Nextcloud $last_major_version. You should make sure to upgrade the app, or disable it, or wait for it to become compatible before running this upgrade : $installed_apps_not_compatible_with_future_version" + ynh_die "The following apps are not (yet?) compatible with Nextcloud $last_major_version. You should make sure to upgrade the app, or disable it, or wait for it to become compatible before running this upgrade : $installed_apps_not_compatible_with_future_version" fi fi -if [ "$upgrade_type" == "UPGRADE_APP" ] +# FIXME: this is still supported but the recommendation is now to *always* re-setup the app sources wether or not the upstream sources changed +if ynh_app_upstream_version_changed then - ynh_script_progression --message="Upgrading $app..." --weight=3 + ynh_script_progression "Upgrading $app..." # Set write access for the following commands - chown -R $app:www-data "$install_dir" - + #REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R $app:www-data "$install_dir" # Print the current version number of Nextcloud exec_occ -V if [ "$(exec_occ config:system:get mysql.utf8mb4)" != "true" ]; then - db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd) + db_pwd=$(ynh_app_setting_get --key=db_pwd) # Change your databases character set and collation - ynh_mysql_connect_as --user=$db_user --password="$db_pwd" --database=$db_name \ + ynh_mysql_db_shell \ <<< "ALTER DATABASE $db_name CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;" # Set the mysql.utf8mb4 config to true in config.php exec_occ config:system:set mysql.utf8mb4 --type boolean --value="true" @@ -169,11 +168,11 @@ then next_major_version="$(( $current_major_version + 1 ))" if [[ "$next_major_version" -ge "$last_major_version" ]]; then - ynh_print_info --message="Upgrading to Nextcloud $last_version" - cp -a ../sources/patches_last_version/* ../sources/patches + ynh_print_info "Upgrading to Nextcloud $last_version" + cp -a ../patches_last_version/* ../patches source_id="main" else - ynh_print_info --message="Upgrading to Nextcloud $next_major_version" + ynh_print_info "Upgrading to Nextcloud $next_major_version" source_id="$next_major_version" fi @@ -203,16 +202,15 @@ then ) # Replace the old Nextcloud by the new one - ynh_secure_remove --file="$install_dir" + ynh_safe_rm "$install_dir" mv "$tmpdir" "$install_dir" # Set write access for the following commands - chown -R $app:www-data "$install_dir" - + #REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R $app:www-data "$install_dir" # Upgrade Nextcloud (SUCCESS = 0, UP_TO_DATE = 3) exec_occ maintenance:mode --off exec_occ upgrade \ - || [ $? -eq 3 ] || ynh_die --message="Unable to upgrade $app" + || [ $? -eq 3 ] || ynh_die "Unable to upgrade $app" # Get the new current version number current_version=$(grep OC_VersionString "$install_dir/version.php" | cut -d\' -f2) @@ -230,13 +228,13 @@ then #================================================= # CONFIGURE NEXTCLOUD #================================================= - ynh_script_progression --message="Reconfiguring $app..." --weight=9 + ynh_script_progression "Reconfiguring $app..." # Verify the checksum and backup the file if it's different - ynh_backup_if_checksum_is_different --file="$install_dir/config/config.php" + ynh_backup_if_checksum_is_different "$install_dir/config/config.php" nc_conf="${install_dir}/config.json" - ynh_add_config --template="config.json" --destination="$nc_conf" + ynh_config_add --template="config.json" --destination="$nc_conf" # Reneable the mail app if [ $mail_app_must_be_reactived -eq 1 ]; then @@ -257,7 +255,7 @@ then # but it must be after the exec_occ() definition, so it's here if [ -f "$data_dir/data/nextcloud.log" ]; then mkdir -p "/var/log/$app" - chmod 750 "/var/log/$app" + #REMOVEME? Assuming ynh_config_add_logrotate is called, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 750 "/var/log/$app" mv "$data_dir"/data/nextcloud.log* "/var/log/$app" # adapt the nextcloud config exec_occ config:system:set logfile --value="/var/log/$app/nextcloud.log" @@ -267,7 +265,7 @@ then exec_occ config:import "$nc_conf" # Then remove the config file - ynh_secure_remove --file="$nc_conf" + ynh_safe_rm "$nc_conf" #================================================= # ALLOW USERS TO DISCONNECT FROM NEXTCLOUD @@ -315,67 +313,66 @@ then #================================================= # Calculate and store the config file checksum into the app settings - ynh_store_file_checksum --file="${install_dir}/config/config.php" + ynh_store_file_checksum "${install_dir}/config/config.php" fi #================================================= # REGEN PERMISSIONS #================================================= -ynh_script_progression --message="Reapplying file permissions..." --weight=2 +ynh_script_progression "Reapplying file permissions..." # Fix app ownerships & permissions -chown -R $app:www-data "$install_dir" +#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R $app:www-data "$install_dir" find $install_dir/ -type f -print0 | xargs -r0 chmod 0644 find $install_dir/ -type d -print0 | xargs -r0 chmod 0755 -chmod 600 "$install_dir/config/config.php" +#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 600 "$install_dir/config/config.php" chmod 755 /home/yunohost.app -chmod 750 $install_dir - +#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 750 $install_dir #================================================= # REGEN SYSTEM CONFIGURATIONS #================================================= -ynh_script_progression --message="Regenerating system configurations for $app..." --weight=2 +ynh_script_progression "Regenerating system configurations for $app..." #------------------------------------------------- # PHP-FPM #------------------------------------------------- -ynh_add_fpm_config +ynh_config_add_phpfpm #------------------------------------------------- # NGINX #------------------------------------------------- # Delete current NGINX configuration to be able to check if .well-known is already served. -ynh_backup_if_checksum_is_different --file="/etc/nginx/conf.d/$domain.d/$app.conf" -ynh_remove_nginx_config -ynh_app_setting_delete --app=$app --key="checksum__etc_nginx_conf.d_$domain.d_$app.conf" +ynh_backup_if_checksum_is_different "/etc/nginx/conf.d/$domain.d/$app.conf" +ynh_config_remove_nginx +ynh_app_setting_delete --key="checksum__etc_nginx_conf.d_$domain.d_$app.conf" # Wait untils NGINX has fully reloaded -ynh_systemd_action --service_name=nginx --action=reload --line_match="Reloaded" --log_path="systemd" +ynh_systemctl --service=nginx --action=reload --wait_until="Reloaded" --log_path="systemd" wait_nginx_reload # Check if .well-known is available for this domain if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav" then - ynh_print_warn --message="Another app already uses the domain $domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book." + ynh_print_warn "Another app already uses the domain $domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book." # Remove lines about .well-known/carddav and caldav with sed. sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "../conf/nginx.conf" fi # Create a dedicated NGINX config -ynh_add_nginx_config +ynh_config_add_nginx #================================================= # CRON JOB #================================================= cron_path="/etc/cron.d/$app" -ynh_add_config --template="nextcloud.cron" --destination="$cron_path" -chown root: "$cron_path" -chmod 644 "$cron_path" +ynh_config_add --template="nextcloud.cron" --destination="$cron_path" +#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown root: "$cron_path" +#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 644 "$cron_path" exec_occ background:cron @@ -383,17 +380,17 @@ exec_occ background:cron # LOGROTATE #================================================= -ynh_use_logrotate --non-append +ynh_config_add_logrotate #================================================= # FAIL2BAN #================================================= # Create a dedicated Fail2Ban config -ynh_add_fail2ban_config --logpath="/var/log/$app/nextcloud.log" --failregex="^.*Login failed: '.*' \(Remote IP: ''.*$" --max_retry=5 +ynh_config_add_fail2ban --logpath="/var/log/$app/nextcloud.log" --failregex="^.*Login failed: '.*' \(Remote IP: ''.*$" #================================================= # END OF SCRIPT #================================================= -ynh_script_progression --message="Upgrade of $app completed" --last +ynh_script_progression "Upgrade of $app completed" diff --git a/sources/patches/.gitignore b/sources/patches/.gitignore deleted file mode 100644 index e69de29..0000000