Set rights

check_process

@@ -1,16 +1,11 @@
-# See here for more information
-# https://github.com/YunoHost/package_check#syntax-check_process-file
-
-# Move this file from check_process.default to check_process when you have filled it.
-
 ;; Test complet
 	; Manifest
-		domain="domain.tld"	(DOMAIN)
+		domain="domain.tld"
-		path="/path"	(PATH)
+		path="/path"
-		admin="john"	(USER)
+		admin="john"
 		language="fr"
-		is_public=1	(PUBLIC|public=1|private=0)
+		is_public=1
-		password="pass"
+		password="strongpassword"
 	; Checks
 		pkg_linter=1
 		setup_sub_dir=1

manifest.json

@@ -15,7 +15,7 @@
         "url": "https://computhings.be"
     },
     "requirements": {
-        "yunohost": ">= 4.1.7"
+        "yunohost": ">= 4.2.4"
     },
     "multi_instance": false,
     "services": [

scripts/install

@@ -67,6 +67,14 @@ ynh_app_setting_set --app=$app --key=db_name --value=$db_name
 ynh_psql_test_if_first_run
 ynh_psql_setup_db --db_user=$db_name --db_name=$db_name
 
+#=================================================
+# CREATE DEDICATED USER
+#=================================================
+ynh_script_progression --message="Configuring system user..." --weight=1
+
+# Create a system user
+ynh_system_user_create --username=$app --home_dir="$final_path"
+
 #=================================================
 # DOWNLOAD, CHECK AND UNPACK SOURCE
 #=================================================
@@ -76,6 +84,10 @@ ynh_app_setting_set --app=$app --key=final_path --value=$final_path
 # Download, check integrity, uncompress and patch the source from app.src
 ynh_setup_source --dest_dir="$final_path"
 
+chmod 750 "$final_path"
+chmod -R o-rwx "$final_path"
+chown -R $app:www-data "$final_path"
+
 #=================================================
 # NGINX CONFIGURATION
 #=================================================
@@ -84,14 +96,6 @@ ynh_script_progression --message="Configuring NGINX web server..."
 # Create a dedicated NGINX config
 ynh_add_nginx_config
 
-#=================================================
-# CREATE DEDICATED USER
-#=================================================
-ynh_script_progression --message="Configuring system user..." --weight=1
-
-# Create a system user
-ynh_system_user_create --username=$app
-
 #=================================================
 # PHP-FPM CONFIGURATION
 #=================================================
@@ -133,16 +137,6 @@ ynh_script_progression --message="Modifying $app config file..."
 
 ynh_add_config --template="../conf/noalyss.conf" --destination="$final_path/include/config.inc.php"
 
-#=================================================
-# GENERIC FINALIZATION
-#=================================================
-# SECURE FILES AND DIRECTORIES
-#=================================================
-
-# Set permissions to app files
-chown -R $app: $final_path
-chown $app: $final_path/include/constant.php
-
 #=================================================
 # SETUP LOGROTATE
 #=================================================
@@ -151,12 +145,6 @@ ynh_script_progression --message="Configuring log rotation..."
 # Use logrotate to manage application logfile(s)
 ynh_use_logrotate
 
-#=================================================
-# ADVERTISE SERVICE IN ADMIN PANEL
-#=================================================
-
-#yunohost service add $app --description "Accounting free software" --log "/var/log/$app/$app.log"
-
 #=================================================
 # SETUP SSOWAT
 #=================================================

scripts/remove

@@ -21,19 +21,6 @@ db_name=$(ynh_app_setting_get --app=$app --key=db_name)
 db_user=$db_name
 final_path=$(ynh_app_setting_get --app=$app --key=final_path)
 
-#===============#==================================
-# STANDARD REMOVE
-#=================================================
-# REMOVE SERVICE FROM ADMIN PANEL
-#=================================================
-
-# Remove the service from the list of services known by YunoHost (added from `yunohost service add`)
-# if ynh_exec_warn_less yunohost service status $app >/dev/null
-# then
-# 	ynh_script_progression --message="Removing $app service integration..." --weight=1
-# 	yunohost service remove $app
-# fi
-
 #=================================================
 # REMOVE THE POSTGRESQL DATABASE
 #=================================================
@@ -56,7 +43,7 @@ ynh_remove_app_dependencies
 ynh_script_progression --message="Removing app main directory"
 
 # Remove the app directory securely
-ynh_secure_remove "$final_path"
+ynh_secure_remove --file="$final_path"
 
 #=================================================
 # REMOVE NGINX CONFIGURATION

scripts/restore

@@ -48,28 +48,24 @@ test ! -d $final_path \
 
 ynh_restore_file "/etc/nginx/conf.d/$domain.d/$app.conf"
 
-#=================================================
-# RESTORE THE APP MAIN DIR
-#=================================================
-ynh_script_progression --message="Restoring the app main directory..."
-
-ynh_restore_file "$final_path"
-
 #=================================================
 # RECREATE THE DEDICATED USER
 #=================================================
 ynh_script_progression --message="Recreating the dedicated system user..."
 
 # Create the dedicated user (if not existing)
-ynh_system_user_create $app
+ynh_system_user_create --username=$app --home_dir="$final_path"
 
 #=================================================
-# RESTORE USER RIGHTS
+# RESTORE THE APP MAIN DIR
 #=================================================
+ynh_script_progression --message="Restoring the app main directory..."
 
-# Restore permissions on app files
+ynh_restore_file --origin_path="$final_path"
-chown -R $app: $final_path
+
-chown $app: $final_path/include/constant.php
+chmod 750 "$final_path"
+chmod -R o-rwx "$final_path"
+chown -R $app:www-data "$final_path"
 
 #=================================================
 # RESTORE THE PHP-FPM CONFIGURATION

scripts/upgrade

@@ -30,6 +30,20 @@ phpversion=$(ynh_app_setting_get --app="$app" --key=phpversion)
 
 upgrade_type=$(ynh_check_app_version_changed)
 
+#=================================================
+# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
+#=================================================
+ynh_script_progression --message="Backing up $app before upgrading (may take a while)..." --weight=5
+
+# Backup the current version of the app
+ynh_backup_before_upgrade
+ynh_clean_setup () {
+	# restore it if the upgrade fails
+	ynh_restore_upgradebackup
+}
+# Exit if an error occurs during the execution of the script
+ynh_abort_if_errors
+
 #=================================================
 # ENSURE DOWNWARD COMPATIBILITY
 #=================================================
@@ -55,18 +69,12 @@ if ynh_legacy_permissions_exists; then
 fi
 
 #=================================================
-# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
+# CREATE DEDICATED USER
 #=================================================
-ynh_script_progression --message="Backing up $app before upgrading (may take a while)..." --weight=5
+ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1
 
-# Backup the current version of the app
+# Create a dedicated user (if not existing)
-ynh_backup_before_upgrade
+ynh_system_user_create --username=$app --home_dir="$final_path"
-ynh_clean_setup () {
-	# restore it if the upgrade fails
-	ynh_restore_upgradebackup
-}
-# Exit if an error occurs during the execution of the script
-ynh_abort_if_errors
 
 #=================================================
 # DOWNLOAD, CHECK AND UNPACK SOURCE
@@ -93,6 +101,10 @@ then
 	ynh_secure_remove --file="$tmpdir"
 fi
 
+chmod 750 "$final_path"
+chmod -R o-rwx "$final_path"
+chown -R $app:www-data "$final_path"
+
 #=================================================
 # NGINX CONFIGURATION
 #=================================================
@@ -108,14 +120,6 @@ ynh_script_progression --message="Upgrading dependencies..." --weight=2
 
 ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies
 
-#=================================================
-# CREATE DEDICATED USER
-#=================================================
-ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1
-
-# Create a dedicated user (if not existing)
-ynh_system_user_create --username=$app
-
 #=================================================
 # PHP-FPM CONFIGURATION
 #=================================================
@@ -124,20 +128,6 @@ ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=1
 # Create a dedicated PHP-FPM config
 ynh_add_fpm_config --usage=low --footprint=low --package="$extra_php_dependencies"
 
-#=================================================
-# SECURE FILES AND DIRECTORIES
-#=================================================
-
-# Set permissions to app files
-chown -R $app: $final_path
-chown $app: $final_path/include/constant.php
-
-#=================================================
-# ADVERTISE SERVICE IN ADMIN PANEL
-#=================================================
-
-#yunohost service add $app --description "Accounting free software" --log "/var/log/$app/$app.log"
-
 #=================================================
 # SETUP APPLICATION WITH CURL
 #=================================================