Testing (#713)

* Update manifest.toml * Auto-update READMEs * add pre upgrade warning for NC 29 * update to PHP8.3 * Auto-update READMEs * Update manifest.toml * Auto-update READMEs * Fix space splitting in phpflags on install (#690) * Auto-update READMEs * Update upgrade * Update manifest.toml * Auto-update READMEs * Fix phpflags (#691) * Fix upgrade: php version is 8.3 starting from 29.x ? (#692) * Update manifest.toml * Auto-update READMEs * Update tests.toml * [autopatch] Do not delete logs on app removal (#697) * [autopatch] Do not delete logs on app removal (#698) Co-authored-by: Yunohost-Bot <> * 29.0.3 * Auto-update READMEs * Update remove * Indent * Fix again upgrade ending with Nextcloud being in PHP 8.2 ? * Auto-update READMEs * Update nginx.conf * Update manifest.toml * Auto-update READMEs * Rework DESCRIPTION.md (#707) * Update DESCRIPTION_fr.md * Auto-update READMEs * Update DESCRIPTION.md * Auto-update READMEs * Update DESCRIPTION_fr.md * Auto-update READMEs --------- Co-authored-by: yunohost-bot <yunohost@yunohost.org> * bump all old versions * oupsie * Auto-update READMEs * system_addressbook_exposed is a boolean * Auto-update READMEs * migrate system_addressbook_exposed to boolean, fix upgrade test * another fix for system_addressbook_exposed, update the dav conf accordingly * zblerg, do not modify system_addressbook_exposed config value in the upgrade script * add redis-server as deps * find files before chown them * chown the root folder too * fix find condition * find ... chmod is not faster, at least avoid to chown -R the data_dir in the upgrade script * add a button in the config panel to run chown/chmod on data_dir * we can avoid this chmod too i guess? * only nextcloud is allowed to read the config file * zblerg, the config file doesn't exist before install * wait until nginx has actually remove the nextcloud conf during upgrade before checking the url_handled * create a function for that * fix change-url dav detection * only if domain has changed... * Update scripts/_common.sh * moar sleep * oups * minor typos * Update backup * minor typos --------- Co-authored-by: Éric Gaspar <46165813+ericgaspar@users.noreply.github.com> Co-authored-by: yunohost-bot <yunohost@yunohost.org> Co-authored-by: OniriCorpe <oniricorpe@disroot.org> Co-authored-by: lyyn <79758863+lyynd@users.noreply.github.com> Co-authored-by: tituspijean <titus+yunohost@pijean.ovh> Co-authored-by: Alexandre Aubin <4533074+alexAubin@users.noreply.github.com> Co-authored-by: YunoHost Bot <yunohost-bot@users.noreply.github.com> Co-authored-by: Alexandre Aubin <alex.aubin@mailoo.org>
2024-09-03 19:55:57 +02:00 · 2024-08-08 17:20:30 +02:00 · 2024-08-08 17:20:30 +02:00 · d0400f751d
commit d0400f751d
parent 79bbe7d11e
8 changed files with 77 additions and 51 deletions
--- a/config_panel.toml
+++ b/config_panel.toml
@ -3,14 +3,19 @@ version = "1.0"
 [main]
 name = "Nextcloud configuration"
-    [main.maintenance_mode]
+    [main.maintenance]
-    name = "Maintenance mode"
+    name = "Maintenance"
-        [main.maintenance_mode.maintenance_mode]
+        [main.maintenance.maintenance_mode]
        ask = "Enable maintenance mode"
        type = "boolean"
        default = "0"
        [main.maintenance.set_permissions_button]
        ask.en = "Set permissions for all data (Can take up to several hours if users have a lot of data)"
        type = "button"
        style = "success"
    [main.addressbook]
    name = "Address book configuration"
--- a/scripts/_common.sh
+++ b/scripts/_common.sh
@ -8,6 +8,20 @@
 # EXPERIMENTAL HELPERS
 #=================================================
 wait_nginx_reload() {
    # NGINX may take some time to support the new configuration,
    # wait for the Nextcloud configuration file to disappear from NGINX before checking the CalDAV/CardDAV URL.
    timeout=30
    for i in $(seq 1 $timeout); do
        if ! ynh_exec_warn_less nginx -T | grep --quiet "# configuration file /etc/nginx/conf.d/$domain.d/$app.conf:"; then
            break
        fi
        sleep 1
    done
    # Wait untils NGINX has fully reloaded (avoid cURL fail with http2) 
    sleep 2
 }
 # Check if an URL is already handled
 # usage: is_url_handled --domain=DOMAIN --path=PATH_URI
 is_url_handled() {
@ -19,22 +33,22 @@ is_url_handled() {
    # Manage arguments with getopts
    ynh_handle_getopts_args "$@"
-    # Try to get the url with curl, and keep the http code and an eventual redirection url.
+    # Try to get the URL with cURL, and keep the http code and an eventual redirection URL.
    local curl_output="$(curl --insecure --silent --output /dev/null \
      --write-out '%{http_code};%{redirect_url}' https://127.0.0.1$path --header "Host: $domain" --resolve $domain:443:127.0.0.1)"
    # Cut the output and keep only the first part to keep the http code
    local http_code="${curl_output%%;*}"
-    # Do the same thing but keep the second part, the redirection url
+    # Do the same thing but keep the second part, the redirection URL
    local redirection="${curl_output#*;}"
-    # Return 1 if the url isn't handled.
+    # Return 1 if the URL isn't handled.
-    # Which means either curl got a 404 (or the admin) or the sso.
+    # Which means either cURL got a 404 (or the admin) or the SSO.
-    # A handled url should redirect to a publicly accessible url.
+    # A handled URL should redirect to a publicly accessible URL.
-    # Return 1 if the url has returned 404
+    # Return 1 if the URL has returned 404
    if [ "$http_code" = "404" ] || [[ $redirection =~ "/yunohost/admin" ]]; then
        return 1
-    # Return 1 if the url is redirected to the SSO
+    # Return 1 if the URL is redirected to the SSO
    elif [[ $redirection =~ "/yunohost/sso" ]]; then
        return 1
    fi
--- a/scripts/backup
+++ b/scripts/backup
@ -28,42 +28,28 @@ ynh_backup --src_path="$install_dir"
 ynh_backup --src_path="$data_dir" --is_big
 #=================================================
-# BACKUP THE NGINX CONFIGURATION
+# SYSTEM CONFIGURATION
 #=================================================
 ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
 #=================================================
 # BACKUP THE PHP-FPM CONFIGURATION
 #=================================================
 # Backup the PHP-FPM configuration
 ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
-#=================================================
+# Backup the nginx configuration
-# SPECIFIC BACKUP
+ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
 #=================================================
 # BACKUP LOGROTATE
 #=================================================
 # Backup the logrotate configuration
 ynh_backup --src_path="/etc/logrotate.d/$app"
-#=================================================
+# Backup the Fail2Ban config
 # BACKUP FAIL2BAN CONFIGURATION
 #=================================================
 ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf"
 ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf"
 #=================================================
-# BACKUP THE CRON FILE
+# BACKUP VARIOUS FILES
 #=================================================
 ynh_backup --src_path="/etc/cron.d/$app"
 #=================================================
 # BACKUP LOGS
 #=================================================
 ynh_backup --src_path="/var/log/$app"
 #=================================================
--- a/scripts/change_url
+++ b/scripts/change_url
@ -14,6 +14,19 @@ source /usr/share/yunohost/helpers
 #=================================================
 ynh_script_progression --message="Updating NGINX web server configuration..." --weight=2
 if [ $change_domain -eq 1 ]
 then
    # Check if .well-known is available for this domain
    if is_url_handled --domain="$new_domain" --path="/.well-known/caldav" || is_url_handled --domain="$new_domain" --path="/.well-known/carddav"
    then
        ynh_print_warn --message="Another app already uses the domain $new_domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book."
        # Remove lines about .well-known/carddav and caldav with sed.
        sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "/etc/nginx/conf.d/$domain.d/$app.conf"
        ynh_store_file_checksum --file="/etc/nginx/conf.d/$domain.d/$app.conf"
    fi
 fi
 ynh_change_url_nginx_config
 #=================================================
@ -35,18 +48,8 @@ then
    # Change hostname for activity notifications
    exec_occ config:system:set overwrite.cli.url --value="https://${new_domain}${new_path}"
-    # Reload php fpm, necessary for force nextcloud to re-read config.php, cf opcache.revalidate_freq
+    # Reload PHP-FPM, necessary for force Nextcloud to re-read config.php, cf opcache.revalidate_freq
    ynh_systemd_action --service_name=php${phpversion}-fpm --action=reload
    # Check if .well-known is available for this domain
    if is_url_handled --domain="$new_domain" --path="/.well-known/caldav" || is_url_handled --domain="$new_domain" --path="/.well-known/carddav"
    then
        ynh_print_warn --message="Another app already uses the domain $new_domain to serve a CalDAV/CardDAV feature. You may encounter issues when dealing with your calendar or address book."
        # Remove lines about .well-known/carddav and caldav with sed.
        sed --in-place --regexp-extended '/location = \/\.well\-known\/(caldav|carddav)/d' "/etc/nginx/conf.d/$new_domain.d/$app.conf"
        ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
    fi
 fi
 #=================================================
--- a/scripts/config
+++ b/scripts/config
@ -105,6 +105,24 @@ set__fpm_free_footprint() {
    fi
 }
 #=================================================
 # SPECIFIC RUNNERS FOR TOML SHORT KEYS
 #=================================================
 function run__set_permissions_button() {
    local data_dir=$(ynh_app_setting_get --app=$app --key=data_dir)
    ynh_print_info "Set permissions, it may take some time..."
    chown -R $app:www-data "$install_dir"
    chown -R $app: "$data_dir"
    find $install_dir/ -type f -print0 | xargs -r0 chmod 0644
    find $install_dir/ -type d -print0 | xargs -r0 chmod 0755
    find $data_dir/data/ -type f -print0 | xargs -r0 chmod 0640
    find $data_dir/data/ -type d -print0 | xargs -r0 chmod 0750
    chmod 640 "$install_dir/config/config.php"
    chmod 755 /home/yunohost.app
    chmod 750 $install_dir
 }
 #=================================================
 # GENERIC FINALIZATION
 #=================================================
--- a/scripts/install
+++ b/scripts/install
@ -64,7 +64,8 @@ exec_occ() {
 }
 # Set write access for the following commands
-chown -R $app: "$install_dir" "$data_dir"
+chown -R $app:www-data "$install_dir"
 chown -R $app: "$data_dir"
 # Define password in an intermediate var
 # The fact that it's called _password allows it to be
@ -240,7 +241,7 @@ find $install_dir/ -type f -print0 | xargs -r0 chmod 0644
 find $install_dir/ -type d -print0 | xargs -r0 chmod 0755
 find $data_dir/data/ -type f -print0 | xargs -r0 chmod 0640
 find $data_dir/data/ -type d -print0 | xargs -r0 chmod 0750
-chmod 640 "$install_dir/config/config.php"
+chmod 600 "$install_dir/config/config.php"
 chmod 755 /home/yunohost.app
 chmod 750 $install_dir
--- a/scripts/restore
+++ b/scripts/restore
@ -85,7 +85,7 @@ find $install_dir/ -type f -print0 | xargs -r0 chmod 0644
 find $install_dir/ -type d -print0 | xargs -r0 chmod 0755
 find $data_dir/data/ -type f -print0 | xargs -r0 chmod 0640
 find $data_dir/data/ -type d -print0 | xargs -r0 chmod 0750
-chmod 640 "$install_dir/config/config.php"
+chmod 600 "$install_dir/config/config.php"
 chmod 755 /home/yunohost.app
 chmod 750 $install_dir
--- a/scripts/upgrade
+++ b/scripts/upgrade
@ -138,7 +138,7 @@ then
    ynh_script_progression --message="Upgrading $app..." --weight=3
    # Set write access for the following commands
-    chown -R $app: "$install_dir" "$data_dir"
+    chown -R $app:www-data "$install_dir"
    # Print the current version number of Nextcloud
    exec_occ -V
@ -207,7 +207,7 @@ then
        mv "$tmpdir" "$install_dir"
        # Set write access for the following commands
-        chown -R $app: "$install_dir" "$data_dir"
+        chown -R $app:www-data "$install_dir"
        # Upgrade Nextcloud (SUCCESS = 0, UP_TO_DATE = 3)
        exec_occ maintenance:mode --off
@ -325,12 +325,9 @@ ynh_script_progression --message="Reapplying file permissions..." --weight=2
 # Fix app ownerships & permissions
 chown -R $app:www-data "$install_dir"
 chown -R $app: "$data_dir"
 find $install_dir/ -type f -print0 | xargs -r0 chmod 0644
 find $install_dir/ -type d -print0 | xargs -r0 chmod 0755
-find $data_dir/data/ -type f -print0 | xargs -r0 chmod 0640
+chmod 600 "$install_dir/config/config.php"
 find $data_dir/data/ -type d -print0 | xargs -r0 chmod 0750
 chmod 640 "$install_dir/config/config.php"
 chmod 755 /home/yunohost.app
 chmod 750 $install_dir
@ -357,6 +354,8 @@ ynh_app_setting_delete --app=$app --key="checksum__etc_nginx_conf.d_$domain.d_$a
 # Wait untils NGINX has fully reloaded
 ynh_systemd_action --service_name=nginx --action=reload --line_match="Reloaded" --log_path="systemd"
 wait_nginx_reload
 # Check if .well-known is available for this domain
 if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav"
 then