diff --git a/README.md b/README.md index a7c334d..f0153fe 100644 --- a/README.md +++ b/README.md @@ -12,7 +12,8 @@ If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to own data. A personal cloud which run on your own server. With Nextcloud you can synchronize your files over your devices. -**Shipped version:** 15.0.14 + +**Shipped version:** 18.0.2 ## Screenshots @@ -27,7 +28,7 @@ you can synchronize your files over your devices. ## Documentation - * Official documentation: https://docs.nextcloud.com/server/15/user_manual/ + * Official documentation: https://docs.nextcloud.com/server/18/user_manual/ * YunoHost documentation: https://github.com/YunoHost/doc/blob/master/app_nextcloud_fr.md ## YunoHost specific features @@ -49,7 +50,6 @@ this package: * x86-64b - [![Build Status](https://ci-apps.yunohost.org/ci/logs/nextcloud%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/nextcloud/) * ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/nextcloud%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/nextcloud/) -* Jessie x86-64b - [![Build Status](https://ci-stretch.nohost.me/ci/logs/nextcloud%20%28Apps%29.svg)](https://ci-stretch.nohost.me/ci/apps/nextcloud/) ## Limitations diff --git a/check_process b/check_process index 8b4cff8..afc9dec 100644 --- a/check_process +++ b/check_process @@ -12,7 +12,7 @@ setup_private=0 setup_public=0 upgrade=1 - upgrade=1 from_commit=1cdb9ea1619c6acaaa90bae88b5c4bed5084a2a7 + upgrade=1 from_commit=9c57c2f78f3da979d587d708eb9379ffaa41bcfa backup_restore=1 multi_instance=1 incorrect_path=1 @@ -24,6 +24,6 @@ Email= Notification=none ;;; Upgrade options - ; commit=1cdb9ea1619c6acaaa90bae88b5c4bed5084a2a7 - name= Fix Debian Stretch dependencies by installing php-apcu, php-mbstring … + ; commit=9c57c2f78f3da979d587d708eb9379ffaa41bcfa + name=Do not use too much process for php (#247) manifest_arg=domain=DOMAIN&path=PATH&admin=USER&user_home=1& diff --git a/conf/extra_php-fpm.conf b/conf/extra_php-fpm.conf index b626ca2..4b0d12d 100644 --- a/conf/extra_php-fpm.conf +++ b/conf/extra_php-fpm.conf @@ -1,5 +1,7 @@ ; Additional php.ini defines, specific to this pool of workers. +env[PATH] = $PATH +php_admin_value[memory_limit] = 512M php_value[upload_max_filesize] = 10G php_value[post_max_size] = 10G php_value[default_charset] = UTF-8 diff --git a/conf/nextcloud.cron b/conf/nextcloud.cron index 93fde63..3a63ff5 100644 --- a/conf/nextcloud.cron +++ b/conf/nextcloud.cron @@ -1 +1 @@ -*/15 * * * * __USER__ /usr/bin/php -f __DESTDIR__/cron.php +*/15 * * * * __USER__ /usr/bin/php__YNH_PHP_VERSION__ -f __DESTDIR__/cron.php diff --git a/conf/nginx.conf b/conf/nginx.conf index ec7954b..8f2b3fb 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -4,6 +4,18 @@ location = /.well-known/carddav { location = /.well-known/caldav { return 301 https://$server_name__PATH__/remote.php/dav; } +location = /.well-known/host-meta { + return 301 $scheme://$host:$server_port__PATH__/public.php?service=host-meta; +} +location = /.well-known/host-meta.json { + return 301 $scheme://$host:$server_port__PATH__/public.php?service=host-meta-json; +} +location = /.well-known/webfinger { + return 301 $scheme://$host:$server_port__PATH__/public.php?service=webfinger; +} +location = /.well-known/nodeinfo { + return 301 $scheme://$host:$server_port__PATH__/public.php?service=nodeinfo; +} #sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; location ^~ __PATH__/ { @@ -41,11 +53,6 @@ location ^~ __PATH__/ { error_page 403 __PATH__/core/templates/403.php; error_page 404 __PATH__/core/templates/404.php; - # The following 2 rules are only needed for the user_webfinger app. - # Uncomment it if you're planning to use this app. - #rewrite ^/.well-known/host-meta __PATH__/public.php?service=host-meta last; - #rewrite ^/.well-known/host-meta.json __PATH__/public.php?service=host-meta-json last; - location __PATH__/ { rewrite ^ __PATH__/index.php; } @@ -63,26 +70,50 @@ location ^~ __PATH__/ { deny all; } - location ~ ^__PATH__/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|ocm-provider/.+)\.php(/.*|)$ { - include fastcgi_params; - fastcgi_split_path_info ^(.+\.php)(/.+)$; + location ~ ^__PATH__/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|oc[ms]-provider/.+)\.php(/.*|)$ { + fastcgi_split_path_info ^(.+?\.php)(/.*|)$; + set $path_info $fastcgi_path_info; try_files $fastcgi_script_name =404; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; - fastcgi_param PATH_INFO $fastcgi_path_info; + fastcgi_param PATH_INFO $path_info; fastcgi_param HTTPS on; + # Avoid sending the security headers twice fastcgi_param modHeadersAvailable true; - fastcgi_param REMOTE_USER $remote_user; - fastcgi_pass unix:/var/run/php/php7.0-fpm-__NAME__.sock; + # Enable pretty urls + fastcgi_param front_controller_active true; + fastcgi_pass unix:/var/run/php/php__YNH_PHP_VERSION__-fpm-__NAME__.sock; fastcgi_intercept_errors on; + fastcgi_request_buffering off; + fastcgi_param REMOTE_USER $remote_user; } - location ~ ^__PATH__/(?:updater|ocs-provider|ocm-provider)(?:$|/) { + location ~ ^__PATH__/(?:updater|oc[ms]-provider)(?:$|/) { try_files $uri/ =404; index index.php; } + location = __PATH__/core/js/oc.js { + rewrite ^ __PATH__/index.php$request_uri; + } + + location = __PATH__/core/preview.png { + rewrite ^ __PATH__/index.php$request_uri; + } + + location ~* ^__PATH__/(?:css|js)/ { + rewrite ^ __PATH__/index.php$request_uri; + } + + location ~* ^__PATH__/apps/theming/img/core/filetypes/ { + rewrite ^ __PATH__/index.php$request_uri; + } + + + # Adding the cache control header for js and css files - location ~ ^__PATH__/.+[^/]\.(?:css|js|woff2?|svg|gif)$ { + location ~ \.(?:css|js|woff2?|svg|gif)$ { try_files $uri __PATH__/index.php$request_uri; more_set_headers "Cache-Control: public, max-age=15778463"; # Add headers to serve security related headers @@ -98,7 +129,8 @@ location ^~ __PATH__/ { access_log off; } - location ~* \.(?:png|html|ttf|ico|jpg|jpeg)$ { + location ~* \.(?:png|html|ttf|ico|jpg|jpeg|bcmap)$ { + try_files $uri __PATH__/index.php$request_uri; # Optional: Don't log access to other assets access_log off; } diff --git a/conf/php-fpm.conf b/conf/php-fpm.conf index 31d62f2..33dcb5e 100644 --- a/conf/php-fpm.conf +++ b/conf/php-fpm.conf @@ -33,7 +33,7 @@ group = __USER__ ; (IPv6 and IPv4-mapped) on a specific port; ; '/path/to/unix/socket' - to listen on a unix socket. ; Note: This value is mandatory. -listen = /var/run/php/php7.0-fpm-__NAMETOCHANGE__.sock +listen = /var/run/php/php__PHPVERSION__-fpm-__NAMETOCHANGE__.sock ; Set listen(2) backlog. ; Default Value: 511 (-1 on FreeBSD and OpenBSD) @@ -229,7 +229,7 @@ pm.max_spare_servers = 3 ; last request memory: 0 ; ; Note: There is a real-time FPM status monitoring sample web page available -; It's available in: /usr/share/php/7.0/fpm/status.html +; It's available in: /usr/share/php/__PHPVERSION__/fpm/status.html ; ; Note: The value must start with a leading slash (/). The value can be ; anything, but it may not be a good idea to use the .php extension or it @@ -430,6 +430,7 @@ env[PATH] = $PATH ; php_admin_flag[short_open_tag] = On ; Additional php.ini defines, specific to this pool of workers. +php_admin_value[memory_limit] = 512M php_value[upload_max_filesize] = 10G php_value[post_max_size] = 10G php_value[default_charset] = UTF-8 diff --git a/manifest.json b/manifest.json index 4aaacf5..9976a6e 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "Access & share your files, calendars, contacts, mail & more from any device, on your terms", "fr": "Consultez et partagez vos fichiers, agendas, carnets d'adresses, emails et bien plus depuis les appareils de votre choix, sous vos conditions" }, - "version": "15.0.14~ynh1", + "version": "18.0.2~ynh1", "url": "https://nextcloud.com", "license": "AGPL-3.0", "maintainer": { diff --git a/scripts/_common.sh b/scripts/_common.sh index 249fb61..7b84705 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -3,7 +3,10 @@ # COMMON VARIABLES #================================================= -pkg_dependencies="php-gd php-json php-intl php-mcrypt php-curl php-apcu php-redis php-ldap php-imagick php-zip php-mbstring php-xml imagemagick acl tar smbclient at" +pkg_dependencies="imagemagick acl tar smbclient at" + +YNH_PHP_VERSION="7.3" +extra_pkg_dependencies="php${YNH_PHP_VERSION}-bz2 php${YNH_PHP_VERSION}-imap php${YNH_PHP_VERSION}-smbclient php${YNH_PHP_VERSION}-gmp php${YNH_PHP_VERSION}-gd php${YNH_PHP_VERSION}-json php${YNH_PHP_VERSION}-intl php${YNH_PHP_VERSION}-curl php${YNH_PHP_VERSION}-apcu php${YNH_PHP_VERSION}-redis php${YNH_PHP_VERSION}-ldap php${YNH_PHP_VERSION}-imagick php${YNH_PHP_VERSION}-zip php${YNH_PHP_VERSION}-mbstring php${YNH_PHP_VERSION}-xml php${YNH_PHP_VERSION}-mysql php${YNH_PHP_VERSION}-igbinary" #================================================= # EXPERIMENTAL HELPERS @@ -25,17 +28,19 @@ exec_as() { #================================================= # Check if an URL is already handled -# usage: is_url_handled URL +# usage: is_url_handled --domain=DOMAIN --path=PATH_URI is_url_handled() { # Declare an array to define the options of this helper. - declare -Ar args_array=( [u]=url= ) - local url + local legacy_args=dp + declare -Ar args_array=( [d]=domain= [p]=path= ) + local domain + local path # Manage arguments with getopts ynh_handle_getopts_args "$@" # Try to get the url with curl, and keep the http code and an eventual redirection url. local curl_output="$(curl --insecure --silent --output /dev/null \ - --write-out '%{http_code};%{redirect_url}' "$url")" + --write-out '%{http_code};%{redirect_url}' https://127.0.0.1$path --header "Host: $domain" --resolve $domain:443:127.0.0.1)" # Cut the output and keep only the first part to keep the http code local http_code="${curl_output%%;*}" @@ -329,7 +334,7 @@ ynh_smart_mktemp () { elif is_there_enough_space /var; then local tmpdir=/var elif is_there_enough_space /; then - local tmpdir=/ + local tmpdir=/ elif is_there_enough_space /home; then local tmpdir=/home else @@ -609,3 +614,380 @@ ynh_multimedia_addaccess () { groupadd -f multimedia usermod -a -G multimedia $user_name } + +# Install another version of php. +# +# usage: ynh_install_php --phpversion=phpversion [--package=packages] +# | arg: -v, --phpversion - Version of php to install. +# | arg: -p, --package - Additionnal php packages to install +ynh_install_php () { + # Declare an array to define the options of this helper. + local legacy_args=vp + declare -Ar args_array=( [v]=phpversion= [p]=package= ) + local phpversion + local package + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + package=${package:-} + + # Store phpversion into the config of this app + ynh_app_setting_set $app phpversion $phpversion + + if [ "$phpversion" == "7.0" ] + then + ynh_die "Do not use ynh_install_php to install php7.0" + fi + + # Store the ID of this app and the version of php requested for it + echo "$YNH_APP_INSTANCE_NAME:$phpversion" | tee --append "/etc/php/ynh_app_version" + + # Add an extra repository for those packages + ynh_install_extra_repo --repo="https://packages.sury.org/php/ $(lsb_release -sc) main" --key="https://packages.sury.org/php/apt.gpg" --priority=995 --name=extra_php_version + + # Install requested dependencies from this extra repository. + # Install php-fpm first, otherwise php will install apache as a dependency. + ynh_add_app_dependencies --package="php${phpversion}-fpm" + ynh_add_app_dependencies --package="php$phpversion php${phpversion}-common $package" + + # Set php7.0 back as the default version for php-cli. + update-alternatives --set php /usr/bin/php7.0 + + # Pin this extra repository after packages are installed to prevent sury of doing shit + ynh_pin_repo --package="*" --pin="origin \"packages.sury.org\"" --priority=200 --name=extra_php_version + ynh_pin_repo --package="php7.0*" --pin="origin \"packages.sury.org\"" --priority=600 --name=extra_php_version --append + + # Advertise service in admin panel + yunohost service add php${phpversion}-fpm --log "/var/log/php${phpversion}-fpm.log" +} + +# Remove the specific version of php used by the app. +# +# usage: ynh_install_php +ynh_remove_php () { + # Get the version of php used by this app + local phpversion=$(ynh_app_setting_get $app phpversion) + + if [ "$phpversion" == "7.0" ] || [ -z "$phpversion" ] + then + if [ "$phpversion" == "7.0" ] + then + ynh_print_err "Do not use ynh_remove_php to install php7.0" + fi + return 0 + fi + + # Remove the line for this app + sed --in-place "/$YNH_APP_INSTANCE_NAME:$phpversion/d" "/etc/php/ynh_app_version" + + # If no other app uses this version of php, remove it. + if ! grep --quiet "$phpversion" "/etc/php/ynh_app_version" + then + # Purge php dependences for this version. + ynh_package_autopurge "php$phpversion php${phpversion}-fpm php${phpversion}-common" + # Remove the service from the admin panel + yunohost service remove php${phpversion}-fpm + fi + + # If no other app uses alternate php versions, remove the extra repo for php + if [ ! -s "/etc/php/ynh_app_version" ] + then + ynh_secure_remove /etc/php/ynh_app_version + fi +} + +#================================================= +# FUTURE OFFICIAL HELPERS +#================================================= +# Pin a repository. +# +# usage: ynh_pin_repo --package=packages --pin=pin_filter [--priority=priority_value] [--name=name] [--append] +# | arg: -p, --package - Packages concerned by the pin. Or all, *. +# | arg: -i, --pin - Filter for the pin. +# | arg: -p, --priority - Priority for the pin +# | arg: -n, --name - Name for the files for this repo, $app as default value. +# | arg: -a, --append - Do not overwrite existing files. +# +# See https://manpages.debian.org/stretch/apt/apt_preferences.5.en.html for information about pinning. +# +ynh_pin_repo () { + # Declare an array to define the options of this helper. + local legacy_args=pirna + declare -Ar args_array=( [p]=package= [i]=pin= [r]=priority= [n]=name= [a]=append ) + local package + local pin + local priority + local name + local append + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + package="${package:-*}" + priority=${priority:-50} + name="${name:-$app}" + append=${append:-0} + + if [ $append -eq 1 ] + then + append="tee -a" + else + append="tee" + fi + + mkdir -p "/etc/apt/preferences.d" + echo "Package: $package +Pin: $pin +Pin-Priority: $priority +" \ + | $append "/etc/apt/preferences.d/$name" +} + +# Add a repository. +# +# usage: ynh_add_repo --uri=uri --suite=suite --component=component [--name=name] [--append] +# | arg: -u, --uri - Uri of the repository. +# | arg: -s, --suite - Suite of the repository. +# | arg: -c, --component - Component of the repository. +# | arg: -n, --name - Name for the files for this repo, $app as default value. +# | arg: -a, --append - Do not overwrite existing files. +# +# Example for a repo like deb http://forge.yunohost.org/debian/ stretch stable +# uri suite component +# ynh_add_repo --uri=http://forge.yunohost.org/debian/ --suite=stretch --component=stable +# +ynh_add_repo () { + # Declare an array to define the options of this helper. + local legacy_args=uscna + declare -Ar args_array=( [u]=uri= [s]=suite= [c]=component= [n]=name= [a]=append ) + local uri + local suite + local component + local name + local append + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + name="${name:-$app}" + append=${append:-0} + + if [ $append -eq 1 ] + then + append="tee -a" + else + append="tee" + fi + + mkdir -p "/etc/apt/sources.list.d" + # Add the new repo in sources.list.d + echo "deb $uri $suite $component" \ + | $append "/etc/apt/sources.list.d/$name.list" +} + +# Add an extra repository correctly, pin it and get the key. +# +# usage: ynh_install_extra_repo --repo="repo" [--key=key_url] [--priority=priority_value] [--name=name] [--append] +# | arg: -r, --repo - Complete url of the extra repository. +# | arg: -k, --key - url to get the public key. +# | arg: -p, --priority - Priority for the pin +# | arg: -n, --name - Name for the files for this repo, $app as default value. +# | arg: -a, --append - Do not overwrite existing files. +ynh_install_extra_repo () { + # Declare an array to define the options of this helper. + local legacy_args=rkpna + declare -Ar args_array=( [r]=repo= [k]=key= [p]=priority= [n]=name= [a]=append ) + local repo + local key + local priority + local name + local append + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + name="${name:-$app}" + append=${append:-0} + key=${key:-0} + priority=${priority:-} + + if [ $append -eq 1 ] + then + append="--append" + wget_append="tee -a" + else + append="" + wget_append="tee" + fi + + # Split the repository into uri, suite and components. + # Remove "deb " at the beginning of the repo. + repo="${repo#deb }" + + # Get the uri + local uri="$(echo "$repo" | awk '{ print $1 }')" + + # Get the suite + local suite="$(echo "$repo" | awk '{ print $2 }')" + + # Get the components + local component="${repo##$uri $suite }" + + # Add the repository into sources.list.d + ynh_add_repo --uri="$uri" --suite="$suite" --component="$component" --name="$name" $append + + # Pin the new repo with the default priority, so it won't be used for upgrades. + # Build $pin from the uri without http and any sub path + local pin="${uri#*://}" + pin="${pin%%/*}" + # Set a priority only if asked + if [ -n "$priority" ] + then + priority="--priority=$priority" + fi + ynh_pin_repo --package="*" --pin="origin \"$pin\"" $priority --name="$name" $append + + # Get the public key for the repo + if [ -n "$key" ] + then + mkdir -p "/etc/apt/trusted.gpg.d" + wget -q "$key" -O - | gpg --dearmor | $wget_append /etc/apt/trusted.gpg.d/$name.gpg > /dev/null + fi + + # Update the list of package with the new repo + ynh_package_update +} + +# Remove an extra repository and the assiociated configuration. +# +# usage: ynh_remove_extra_repo [--name=name] +# | arg: -n, --name - Name for the files for this repo, $app as default value. +ynh_remove_extra_repo () { + # Declare an array to define the options of this helper. + local legacy_args=n + declare -Ar args_array=( [n]=name= ) + local name + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + name="${name:-$app}" + + ynh_secure_remove "/etc/apt/sources.list.d/$name.list" + ynh_secure_remove "/etc/apt/preferences.d/$name" + ynh_secure_remove "/etc/apt/trusted.gpg.d/$name.gpg" + ynh_secure_remove "/etc/apt/trusted.gpg.d/$name.asc" + + # Update the list of package to exclude the old repo + ynh_package_update +} + +# Install packages from an extra repository properly. +# +# usage: ynh_install_extra_app_dependencies --repo="repo" --package="dep1 dep2" [--key=key_url] [--name=name] +# | arg: -r, --repo - Complete url of the extra repository. +# | arg: -p, --package - The packages to install from this extra repository +# | arg: -k, --key - url to get the public key. +# | arg: -n, --name - Name for the files for this repo, $app as default value. +ynh_install_extra_app_dependencies () { + # Declare an array to define the options of this helper. + local legacy_args=rpkn + declare -Ar args_array=( [r]=repo= [p]=package= [k]=key= [n]=name= ) + local repo + local package + local key + local name + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + name="${name:-$app}" + key=${key:-0} + + # Set a key only if asked + if [ -n "$key" ] + then + key="--key=$key" + fi + # Add an extra repository for those packages + ynh_install_extra_repo --repo="$repo" $key --priority=995 --name=$name + + # Install requested dependencies from this extra repository. + ynh_add_app_dependencies --package="$package" + + # Remove this extra repository after packages are installed + ynh_remove_extra_repo --name=$app +} + +#================================================= + +# patched version of ynh_install_app_dependencies to be used with ynh_add_app_dependencies + +# Define and install dependencies with a equivs control file +# This helper can/should only be called once per app +# +# usage: ynh_install_app_dependencies dep [dep [...]] +# | arg: dep - the package name to install in dependence +# You can give a choice between some package with this syntax : "dep1|dep2" +# Example : ynh_install_app_dependencies dep1 dep2 "dep3|dep4|dep5" +# This mean in the dependence tree : dep1 & dep2 & (dep3 | dep4 | dep5) +# +# Requires YunoHost version 2.6.4 or higher. +ynh_install_app_dependencies () { + local dependencies=$@ + dependencies="$(echo "$dependencies" | sed 's/\([^\<=\>]\)\ \([^(]\)/\1, \2/g')" + dependencies=${dependencies//|/ | } + local manifest_path="../manifest.json" + if [ ! -e "$manifest_path" ]; then + manifest_path="../settings/manifest.json" # Into the restore script, the manifest is not at the same place + fi + + local version=$(grep '\"version\": ' "$manifest_path" | cut -d '"' -f 4) # Retrieve the version number in the manifest file. + if [ ${#version} -eq 0 ]; then + version="1.0" + fi + local dep_app=${app//_/-} # Replace all '_' by '-' + + # Handle specific versions + if [[ "$dependencies" =~ [\<=\>] ]] + then + # Replace version specifications by relationships syntax + # https://www.debian.org/doc/debian-policy/ch-relationships.html + # Sed clarification + # [^(\<=\>] ignore if it begins by ( or < = >. To not apply twice. + # [\<=\>] matches < = or > + # \+ matches one or more occurence of the previous characters, for >= or >>. + # [^,]\+ matches all characters except ',' + # Ex: package>=1.0 will be replaced by package (>= 1.0) + dependencies="$(echo "$dependencies" | sed 's/\([^(\<=\>]\)\([\<=\>]\+\)\([^,]\+\)/\1 (\2 \3)/g')" + fi + + cat > /tmp/${dep_app}-ynh-deps.control << EOF # Make a control file for equivs-build +Section: misc +Priority: optional +Package: ${dep_app}-ynh-deps +Version: ${version} +Depends: ${dependencies} +Architecture: all +Description: Fake package for $app (YunoHost app) dependencies + This meta-package is only responsible of installing its dependencies. +EOF + ynh_package_install_from_equivs /tmp/${dep_app}-ynh-deps.control \ + || ynh_die --message="Unable to install dependencies" # Install the fake package and its dependencies + rm /tmp/${dep_app}-ynh-deps.control + ynh_app_setting_set --app=$app --key=apt_dependencies --value="$dependencies" +} + +ynh_add_app_dependencies () { + # Declare an array to define the options of this helper. + local legacy_args=pr + declare -Ar args_array=( [p]=package= [r]=replace) + local package + local replace + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + replace=${replace:-0} + + local current_dependencies="" + if [ $replace -eq 0 ] + then + local dep_app=${app//_/-} # Replace all '_' by '-' + if ynh_package_is_installed --package="${dep_app}-ynh-deps" + then + current_dependencies="$(dpkg-query --show --showformat='${Depends}' ${dep_app}-ynh-deps) " + fi + + current_dependencies=${current_dependencies// | /|} + fi + + ynh_install_app_dependencies "${current_dependencies}${package}" +} diff --git a/scripts/_ynh_add_fpm_config b/scripts/_ynh_add_fpm_config index 9d4dacf..487c044 100644 --- a/scripts/_ynh_add_fpm_config +++ b/scripts/_ynh_add_fpm_config @@ -43,7 +43,7 @@ ynh_add_fpm_config () { fi # Configure PHP-FPM 7.0 by default - phpversion="${phpversion:-7.0}" + phpversion="${phpversion:-$YNH_PHP_VERSION}" local fpm_config_dir="/etc/php/$phpversion/fpm" local fpm_service="php${phpversion}-fpm" @@ -75,7 +75,7 @@ ynh_add_fpm_config () { # Replace standard variables into the default file ynh_replace_string --match_string="^\[www\]" --replace_string="[$app]" --target_file="$finalphpconf" - ynh_replace_string --match_string=".*listen = .*" --replace_string="listen = /var/run/php/php7.0-fpm-$app.sock" --target_file="$finalphpconf" + ynh_replace_string --match_string=".*listen = .*" --replace_string="listen = /var/run/php/php$phpversion-fpm-$app.sock" --target_file="$finalphpconf" ynh_replace_string --match_string="^user = .*" --replace_string="user = $app" --target_file="$finalphpconf" ynh_replace_string --match_string="^group = .*" --replace_string="group = $app" --target_file="$finalphpconf" ynh_replace_string --match_string=".*chdir = .*" --replace_string="chdir = $final_path" --target_file="$finalphpconf" @@ -125,4 +125,22 @@ ynh_add_fpm_config () { ynh_store_file_checksum "$finalphpini" fi ynh_systemd_action --service_name=$fpm_service --action=reload + + # Clean other php version config files for this app. Used for migration purpose. + if [ -e "/etc/php5/fpm/pool.d/$app.conf" ] + then + ynh_secure_remove --file="/etc/php5/fpm/pool.d/$app.conf" + ynh_systemd_action --service_name=php5-fpm --action=reload + fi + for i in `seq 0 4` + do + if [ "$phpversion" != "7.$i" ] + then + if [ -e "/etc/php/7.$i/fpm/pool.d/$app.conf" ] + then + ynh_secure_remove --file="/etc/php/7.$i/fpm/pool.d/$app.conf" + ynh_systemd_action --service_name=php7.$i-fpm --action=reload + fi + fi + done } diff --git a/scripts/backup b/scripts/backup index 5dbc43c..68ae4ee 100755 --- a/scripts/backup +++ b/scripts/backup @@ -48,7 +48,7 @@ ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= ynh_script_progression --message="Backing up php-fpm configuration..." -ynh_backup --src_path="/etc/php/7.0/fpm/pool.d/$app.conf" +ynh_backup --src_path="/etc/php/$YNH_PHP_VERSION/fpm/pool.d/$app.conf" #================================================= # BACKUP THE MYSQL DATABASE diff --git a/scripts/change_url b/scripts/change_url index 83bcb4e..c9f7a9c 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -63,7 +63,7 @@ then domain="$old_domain" path_url="$new_path" # Create a dedicated nginx config - ynh_add_nginx_config + ynh_add_nginx_config YNH_PHP_VERSION fi # Change the domain for nginx @@ -84,7 +84,7 @@ ynh_script_progression --message="Applying Nextcloud specific modifications..." # Define a function to execute commands with `occ` exec_occ() { (cd "$final_path" && exec_as "$app" \ - php occ --no-interaction --no-ansi "$@") + php${YNH_PHP_VERSION} occ --no-interaction --no-ansi "$@") } if [ $change_domain -eq 1 ] @@ -99,7 +99,7 @@ fi if [ $change_domain -eq 1 ] then # Check if .well-known is available for this domain - if is_url_handled --url="https://$domain/.well-known/caldav" || is_url_handled --url="https://$domain/.well-known/carddav" + if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav" then ynh_print_warn --message="Another app already uses the domain $domain to serve a caldav/carddav feature. You may encounter issues when dealing with your calendar or address book." diff --git a/scripts/install b/scripts/install index 377e82d..5c80e56 100755 --- a/scripts/install +++ b/scripts/install @@ -58,6 +58,8 @@ ynh_script_progression --message="Installing dependencies..." --weight=60 ynh_install_app_dependencies $pkg_dependencies +ynh_install_php --phpversion="$YNH_PHP_VERSION" --package="$extra_pkg_dependencies" + #================================================= # CREATE A MYSQL DATABASE #================================================= @@ -91,7 +93,7 @@ ynh_setup_source --dest_dir="$final_path" ynh_script_progression --message="Configuring nginx web server..." --weight=2 # Check if .well-known is available for this domain -if is_url_handled --url="https://$domain/.well-known/caldav" || is_url_handled --url="https://$domain/.well-known/carddav" +if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav" then ynh_print_warn --message="Another app already uses the domain $domain to serve a caldav/carddav feature. You may encounter issues when dealing with your calendar or address book." @@ -100,7 +102,7 @@ then fi # Create a dedicated nginx config -ynh_add_nginx_config +ynh_add_nginx_config YNH_PHP_VERSION #================================================= # CREATE DEDICATED USER @@ -137,7 +139,7 @@ ynh_script_progression --message="Installing nextcloud..." --weight=30 # Define a function to execute commands with `occ` exec_occ() { (cd "$final_path" && exec_as "$app" \ - php occ --no-interaction --no-ansi "$@") + php$YNH_PHP_VERSION occ --no-interaction --no-ansi "$@") } # Set write access for the following commands @@ -266,6 +268,7 @@ chmod 644 "$cron_path" ynh_replace_string --match_string="__USER__" --replace_string="$app" --target_file="$cron_path" ynh_replace_string --match_string="__DESTDIR__" --replace_string="$final_path" --target_file="$cron_path" +ynh_replace_string --match_string="__YNH_PHP_VERSION__" --replace_string="$YNH_PHP_VERSION" --target_file="$cron_path" exec_occ background:cron @@ -273,7 +276,7 @@ exec_occ background:cron # POST-INSTALL MAINTENANCE #================================================= -(cd /tmp ; at now + 10 minutes <<< "(cd $final_path ; sudo -u $app php occ db:add-missing-indices ; sudo -u $app php occ db:convert-filecache-bigint -n) > /tmp/${app}_maintenance.log") +(cd /tmp ; at now + 10 minutes <<< "(cd $final_path ; sudo -u $app php${YNH_PHP_VERSION} occ db:add-missing-indices ; sudo -u $app php${YNH_PHP_VERSION} occ db:convert-filecache-bigint -n) > /tmp/${app}_maintenance.log") #================================================= # CONFIGURE THE HOOK FILE FOR USER CREATE diff --git a/scripts/restore b/scripts/restore index c6c8e7e..c62be63 100755 --- a/scripts/restore +++ b/scripts/restore @@ -8,6 +8,7 @@ source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers +source _ynh_add_fpm_config #================================================= # MANAGE SCRIPT FAILURE @@ -47,7 +48,7 @@ test ! -d $final_path \ ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" # Check if .well-known is available for this domain -if is_url_handled --url="https://$domain/.well-known/caldav" || is_url_handled --url="https://$domain/.well-known/carddav" +if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav" then ynh_print_warn --message="Another app already uses the domain $domain to serve a caldav/carddav feature. You may encounter issues when dealing with your calendar or address book." @@ -83,7 +84,7 @@ ynh_system_user_create --username=$app # RESTORE THE PHP-FPM CONFIGURATION #================================================= -ynh_restore_file --origin_path="/etc/php/7.0/fpm/pool.d/$app.conf" +ynh_restore_file --origin_path="/etc/php/$YNH_PHP_VERSION/fpm/pool.d/$app.conf" #================================================= # SPECIFIC RESTORATION @@ -95,6 +96,8 @@ ynh_script_progression --message="Reinstalling dependencies..." --weight=60 # Define and install dependencies ynh_install_app_dependencies $pkg_dependencies +ynh_install_php --phpversion="$YNH_PHP_VERSION" --package="$extra_pkg_dependencies" + #================================================= # RESTORE THE CRON FILE #================================================= @@ -169,7 +172,7 @@ ynh_systemd_action --action=restart --service_name=fail2ban #================================================= ynh_script_progression --message="Reloading nginx web server and php-fpm..." -ynh_systemd_action --service_name=php7.0-fpm --action=reload +ynh_systemd_action --service_name=php${YNH_PHP_VERSION}-fpm --action=reload ynh_systemd_action --service_name=nginx --action=reload #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index c436f71..bcc8182 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -132,6 +132,15 @@ fi # Normalize the URL path syntax path_url=$(ynh_normalize_url_path --path_url=$path_url) +#================================================= +# UPGRADE DEPENDENCIES +#================================================= +ynh_script_progression --message="Upgrading dependencies..." --weight=7 + +ynh_install_app_dependencies $pkg_dependencies + +ynh_install_php --phpversion="$YNH_PHP_VERSION" --package="$extra_pkg_dependencies" + #================================================= # STANDARD UPGRADE STEPS #================================================= @@ -142,11 +151,11 @@ ynh_script_progression --message="Upgrading nginx web server configuration..." - ynh_backup_if_checksum_is_different --file="/etc/nginx/conf.d/$domain.d/$app.conf" # Delete current nginx configuration to be able to check if .well-known is already served. -ynh_remove_nginx_config +ynh_remove_nginx_config $YNH_PHP_VERSION ynh_app_setting_delete --app=$app --key="checksum__etc_nginx_conf.d_$domain.d_$app.conf" # Check if .well-known is available for this domain -if is_url_handled --url="https://$domain/.well-known/caldav" || is_url_handled --url="https://$domain/.well-known/carddav" +if is_url_handled --domain="$domain" --path="/.well-known/caldav" || is_url_handled --domain="$domain" --path="/.well-known/carddav" then ynh_print_warn --message="Another app already uses the domain $domain to serve a caldav/carddav feature. You may encounter issues when dealing with your calendar or address book." @@ -155,7 +164,7 @@ then fi # Create a dedicated nginx config -ynh_add_nginx_config +ynh_add_nginx_config YNH_PHP_VERSION #================================================= # CREATE DEDICATED USER @@ -171,20 +180,13 @@ ynh_system_user_create --username=$app ynh_script_progression --message="Upgrading php-fpm configuration..." --weight=2 # Create a dedicated php-fpm config -ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint +ynh_add_fpm_config --phpversion="$YNH_PHP_VERSION" --usage=$fpm_usage --footprint=$fpm_footprint # Delete existing ini configuration file (backward compatibility) -if [ -f /etc/php/7.0/fpm/conf.d/20-$app.ini ]; then - ynh_secure_remove --file=/etc/php/7.0/fpm/conf.d/20-$app.ini +if [ -f /etc/php/$YNH_PHP_VERSION/fpm/conf.d/20-$app.ini ]; then + ynh_secure_remove --file=/etc/php/$YNH_PHP_VERSION/fpm/conf.d/20-$app.ini fi -#================================================= -# UPGRADE DEPENDENCIES -#================================================= -ynh_script_progression --message="Upgrading dependencies..." --weight=7 - -ynh_install_app_dependencies $pkg_dependencies - #================================================= # SPECIFIC UPGRADE #================================================= @@ -195,7 +197,7 @@ ynh_install_app_dependencies $pkg_dependencies # Define a function to execute commands with `occ` exec_occ() { (cd "$final_path" && exec_as "$app" \ - php occ --no-interaction --no-ansi "$@") + php$YNH_PHP_VERSION occ --no-interaction --no-ansi "$@") } # Define a function to add an external storage @@ -381,6 +383,7 @@ chmod 644 "$cron_path" ynh_replace_string --match_string="__USER__" --replace_string="$app" --target_file="$cron_path" ynh_replace_string --match_string="__DESTDIR__" --replace_string="$final_path" --target_file="$cron_path" +ynh_replace_string --match_string="__YNH_PHP_VERSION__" --replace_string="$YNH_PHP_VERSION" --target_file="$cron_path" exec_occ background:cron diff --git a/scripts/upgrade.d/upgrade.15.sh b/scripts/upgrade.d/upgrade.15.sh new file mode 100644 index 0000000..a8c2c1c --- /dev/null +++ b/scripts/upgrade.d/upgrade.15.sh @@ -0,0 +1,7 @@ +#!/bin/bash + +# Last available nextcloud version +next_version="16.0.0" + +# Nextcloud tarball checksum sha256 +nextcloud_source_sha256="4532f7028b1d9bf060f75ac4fbbde52a59ecd9c9155f3178a038d3cf3609402e" diff --git a/scripts/upgrade.d/upgrade.16.sh b/scripts/upgrade.d/upgrade.16.sh new file mode 100755 index 0000000..cb0d88a --- /dev/null +++ b/scripts/upgrade.d/upgrade.16.sh @@ -0,0 +1,7 @@ +#!/bin/bash + +# Last available nextcloud version +next_version="17.0.0" + +# Nextcloud tarball checksum sha256 +nextcloud_source_sha256="6081421b33ecdb3130b2bfb2293a3f4045aeb0b471ee570e675de3d931a142a6" diff --git a/scripts/upgrade.d/upgrade.17.sh b/scripts/upgrade.d/upgrade.17.sh new file mode 100755 index 0000000..35200da --- /dev/null +++ b/scripts/upgrade.d/upgrade.17.sh @@ -0,0 +1,7 @@ +#!/bin/bash + +# Last available nextcloud version +next_version="18.0.0" + +# Nextcloud tarball checksum sha256 +nextcloud_source_sha256="194095a5586d84040bc455f77b8aa6c80f9a6a6dd713c9aebdad046713d4267b" diff --git a/scripts/upgrade.d/upgrade.last.sh b/scripts/upgrade.d/upgrade.last.sh index b06bacc..24a1692 100755 --- a/scripts/upgrade.d/upgrade.last.sh +++ b/scripts/upgrade.d/upgrade.last.sh @@ -1,10 +1,10 @@ #!/bin/bash # Last available nextcloud version -next_version="15.0.14" +next_version="18.0.2" # Nextcloud tarball checksum sha256 -nextcloud_source_sha256="6916f3ae828ee481f79a53a722c631be1ee1dc319180492ea8459f526516f2a7" +nextcloud_source_sha256="d033660923dd27106ec64bff0e3afa2f595bd1b9661b7ea7882a1a33006ecb81" # This function will only be executed upon applying the last upgrade referenced above last_upgrade_operations () { @@ -12,5 +12,5 @@ last_upgrade_operations () { cp -a ../sources/patches_last_version/* ../sources/patches # Execute post-upgrade operations later on - (cd /tmp ; at now + 10 minutes <<< "(cd $final_path ; sudo -u $app php occ db:add-missing-indices ; sudo -u $app php occ db:convert-filecache-bigint -n) > /tmp/${app}_maintenance.log") + (cd /tmp ; at now + 10 minutes <<< "(cd $final_path ; sudo -u $app php${YNH_PHP_VERSION} occ db:add-missing-indices ; sudo -u $app php${YNH_PHP_VERSION} occ db:convert-filecache-bigint -n) > /tmp/${app}_maintenance.log") } diff --git a/sources/patches_last_version/app-00-add-logout_url-conf.patch b/sources/patches_last_version/app-00-add-logout_url-conf.patch index 07a9531..919f2d4 100644 --- a/sources/patches_last_version/app-00-add-logout_url-conf.patch +++ b/sources/patches_last_version/app-00-add-logout_url-conf.patch @@ -1,16 +1,21 @@ diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php -index f83b03bc90..568e20dcd7 100644 +index 13aef8f67a..55d8dbf9d1 100644 --- a/core/Controller/LoginController.php +++ b/core/Controller/LoginController.php -@@ -130,7 +130,10 @@ class LoginController extends Controller { +@@ -119,11 +119,12 @@ class LoginController extends Controller { } $this->userSession->logout(); - -- $response = new RedirectResponse($this->urlGenerator->linkToRouteAbsolute('core.login.showLoginForm')); + +- $response = new RedirectResponse($this->urlGenerator->linkToRouteAbsolute( +- 'core.login.showLoginForm', +- ['clear' => true] // this param the the code in login.js may be removed when the "Clear-Site-Data" is working in the browsers + $redirectUrl = $this->config->getSystemValue('logout_url', -+ $this->urlGenerator->linkToRouteAbsolute('core.login.showLoginForm')); -+ ++ $this->urlGenerator->linkToRouteAbsolute( ++ 'core.login.showLoginForm', ++ ['clear' => true] // this param the the code in login.js may be removed when the "Clear-Site-Data" is working in the browsers) + )); +- + $response = new RedirectResponse($redirectUrl); $this->session->set('clearingExecutionContexts', '1'); $this->session->close(); - $response->addHeader('Clear-Site-Data', '"cache", "storage", "executionContexts"'); +