From 21767e31334e982a32cd0275d38bc6ac584a4b8a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?E=CC=81ric=20Gaspar?=
<46165813+ericgaspar@users.noreply.github.com>
Date: Wed, 10 Jan 2024 12:50:39 +0100
Subject: [PATCH] v2
---
conf/app.src | 7 -
conf/entityengine.xml | 834 ++++++++++++++++++++++++++++++++
conf/security.properties | 265 ++++++++++
conf/systemd.service | 8 +-
conf/url.properties | 47 ++
doc/{DISCLAIMER.md => ADMIN.md} | 0
manifest.json | 41 --
manifest.toml | 56 +++
scripts/_common.sh | 3 -
scripts/backup | 25 +-
scripts/change_url | 97 +---
scripts/install | 145 +-----
scripts/remove | 74 +--
scripts/restore | 101 +---
scripts/upgrade | 107 +---
tests.toml | 0
16 files changed, 1263 insertions(+), 547 deletions(-)
delete mode 100644 conf/app.src
create mode 100644 conf/entityengine.xml
create mode 100644 conf/security.properties
create mode 100644 conf/url.properties
rename doc/{DISCLAIMER.md => ADMIN.md} (100%)
delete mode 100644 manifest.json
create mode 100644 manifest.toml
create mode 100644 tests.toml
diff --git a/conf/app.src b/conf/app.src
deleted file mode 100644
index 14560b3..0000000
--- a/conf/app.src
+++ /dev/null
@@ -1,7 +0,0 @@
-SOURCE_URL=https://archive.apache.org/dist/ofbiz/apache-ofbiz-18.12.07.zip
-SOURCE_SUM=b3f7b23167cae3ccc96c3d088e42c8df600485b8b7f88ac63b834a82e19fa5de
-SOURCE_SUM_PRG=sha256sum
-SOURCE_FORMAT=zip
-SOURCE_IN_SUBDIR=true
-SOURCE_FILENAME=
-SOURCE_EXTRACT=true
diff --git a/conf/entityengine.xml b/conf/entityengine.xml
new file mode 100644
index 0000000..8105fe3
--- /dev/null
+++ b/conf/entityengine.xml
@@ -0,0 +1,834 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/conf/security.properties b/conf/security.properties
new file mode 100644
index 0000000..329ec82
--- /dev/null
+++ b/conf/security.properties
@@ -0,0 +1,265 @@
+##############################################################################
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+###############################################################################
+####
+# OFBiz Security Settings
+####
+
+# -- define the password restrictions --
+password.length.min=5
+
+### -- pattern based password OFBIZ-4958
+security.login.password.pattern.enable=true
+security.login.password.pattern=^.*(?=.{5,}).*$
+# This is a mix to handle the localisation of the OOTB pattern which is only a fixed length
+security.login.password.pattern.description=loginservices.password_must_be_least_characters_long
+# -- For More restrictive pattern you can use the following, no localisation-
+#security.login.password.pattern=^.*(?=.{5,})(?=.*[a-zA-Z])(?=.*[!@#$%^&*]).*$
+#security.login.password.pattern.description=Your password must be 5 characters long, Only contains alphanumeric(number optional) and at least one from following special characters: !@#$%^&*.
+# Only contains alphanumeric and the following special characters: !@#$%^&*
+# Contains at least 1 of the special characters in the list above
+# The required special character can appear anywhere in the string (for example: !abc, a!bc, abc!)
+# minimum length 5 digit.
+# HELP
+# Start of group
+# (
+# (?=.*\d) # must contains one digit from 0-9
+# (?=.*[a-z]) # must contains one lowercase characters
+# (?=.*[A-Z]) # must contains one uppercase characters
+# (?=.*[!@#$%^&*]) # must contains one special symbols in the list "!@#$%^&*"
+# . # match anything with previous condition checking
+# {5,20} # length at least 5 characters and maximum of 20
+# {5,} # minimum length 5 chars and no linitation to max length.
+# )
+# End of group
+# For further password patterns look at
+# http://docs.oracle.com/javase/1.4.2/docs/api/java/util/regex/Pattern.html#sum
+
+# -- disable the account after this many logins --
+max.failed.logins=3
+
+# -- number of password change to be saved in UserLoginPasswordHistory.
+# -- passwords saved in history of userLoginId will not be allowed to be reused.
+# -- 0 to not save history at all
+password.change.history.limit=0
+
+# Security Policy : Force user to reset login password in fix number of days -
+# To enable this functionality need to be a non zero number. And need to set as true.
+user.auto.change.password.enable=false
+user.change.password.days=90
+user.change.password.notification.days=5
+
+# -- disable the account for this many minutes (if 0, then indefinite) --
+login.disable.minutes=5
+
+# -- disable global logout --
+login.disable.global.logout=false
+
+# -- store a record for each login attempt? --
+store.login.history=true
+store.login.history.on.service.auth=false
+store.login.history.incorrect.password=true
+
+# -- disable impersonation
+security.disable.impersonation=true
+# -- if you want that an user cannot operate during an administrator impersonate his account. If true, it can be helpful for QA and dev site
+security.login.authorised.during.impersonate=false
+
+# -- should we encrypt (SHA Hash) the password? --
+password.encrypt=true
+
+# -- specify the type of hash to use for one-way encryption, will be passed to java.security.MessageDigest.getInstance() --
+# -- options may include: SHA, PBKDF2WithHmacSHA1, PBKDF2WithHmacSHA256, PBKDF2WithHmacSHA384, PBKDF2WithHmacSHA512 and etc
+password.encrypt.hash.type=SHA
+
+# -- if the type of hash to use for one-way encryption is PBKDF2WithHmacSHA1 or PBKDF2WithHmacSHA256 or PBKDF2WithHmacSHA384 or PBKDF2WithHmacSHA512
+# -- the type of hash to use for one-way encryption needs iteration
+password.encrypt.pbkdf2.iterations=10000
+
+# -- this is helpful to recover old accounts or to be able to login at all sometimes --
+# -- SHOULD GENERALLY NOT BE TRUE FOR PRODUCTION SITES, but is useful for interim periods when going to password encryption --
+password.accept.encrypted.and.plain=false
+
+# -- set request life time after a password change (like email) in hours, set -1 if you want disable it --
+password.request.change.timeout=24
+
+# -- should we convert usernames and passwords to lowercase? (useful for case insensitive usernames and passwords) --
+username.lowercase=false
+password.lowercase=false
+
+# -- Use LDAP for user authentication? --
+security.ldap.enable=false
+
+# -- Fail login if LDAP authentication fails? --
+security.ldap.fail.login=false
+
+# -- should we allow x509 certificate login
+security.login.cert.allow=true
+
+# -- HTTP header based ID (for integrations; uncomment to enable)
+#security.login.http.header=REMOTE_USER
+
+# -- HttpServletRequest.getRemoteUser() based ID (for integration; uncomment to enable)
+# Use for external authentication solutions like CAS which overload the getRemoteUser method.
+#security.login.http.servlet.remoteuserlogin.allow=true
+
+# -- pattern for the userlogin id in CN section of certificate
+security.login.cert.pattern=^(\\w*\\s?\\w*)\\W*.*$
+
+# -- Use Tomcat SingleSignOn valve to allow single sign on (SSO) and single log out (SLO).
+# -- Remember to set security.login.externalLoginKey.enabled to false when using Tomcat SSO.
+# -- Note Tomcat SSO is not implemented for cluster as Tomcat ClusterSingleSignOn is not used: OFBIZ-10123
+security.login.tomcat.sso=false
+
+# -- Hours after which EmailAdressVerification should expire
+email_verification.expire.hours=48
+
+# -- Name of the protect-view preprocessor method (this should not change, but in case...)
+protect-view.preprocessor=java.org.apache.ofbiz.webapp.control.ProtectViewWorker.checkProtectedView
+
+# -- Name of the default error response view for protected views ("none:" will be rendered as a blank page, see RequestHandler.java)
+#default.error.response.view=none:
+default.error.response.view=view:viewBlocked
+
+# -- If false, then no externalLoginKey parameters will be added to cross-webapp urls
+security.login.externalLoginKey.enabled=true
+
+# -- Security key used to encrypt and decrypt the autogenerated password in forgot password functionality.
+# Read Passwords and JWT (JSON Web Tokens) usage documentation to choose the way you want to store this key
+login.secret_key_string=login.secret_key_string
+
+# -- Time To Live of the token send to the external server in seconds, 10 seconds seems plenty enough OOTB. Custom projects might want set a lower value.
+security.jwt.token.expireTime=1800
+
+# -- Enables the internal Single Sign On feature which allows a token based login between OFBiz instances
+# -- To make this work you also have to configure a secret key with security.token.key
+security.internal.sso.enabled=false
+
+# -- The secret key for the JWT token signature. Read Passwords and JWT (JSON Web Tokens) usage documentation to choose the way you want to store this key
+security.token.key=security.token.key
+
+# -- List of domains or IP addresses to be checked to prevent Host Header Injection,
+# -- no spaces after commas,no wildcard, can be extended of course...
+host-headers-allowed=localhost,127.0.0.1,__DOMAIN__
+
+# -- By default the SameSite value in SameSiteFilter is 'strict'.
+# -- This property allows to change to 'lax' if needed.
+# -- If you use 'lax' we recommend that you set
+# -- org.apache.ofbiz.security.CsrfDefenseStrategy
+# -- for csrf.defense.strategy (see below)
+SameSiteCookieAttribute=
+
+# -- Freemarker TemplateClassResolver option, see OFBIZ-11709.
+# -- By default OFBiz uses the SAFER_RESOLVER because OOTB it does not use any of the Freemarker classes
+# -- that SAFER_RESOLVER prevents: ObjectConstructor, Execute and JythonRuntime.
+# -- If you need to use one to these classes you need to change the TemplateClassResolver
+# -- to UNRESTRICTED_RESOLVER and look at MemberAccessPolicy. In any cases better read
+# -- https://freemarker.apache.org/docs/app_faq.html#faq_template_uploading_security
+templateClassResolver=
+
+
+#-- ===== UPLOAD: supported file formats are *safe* PNG, GIF, TIFF, JPEG, PDF, Audio and Video and ZIP
+#--
+#-- No proprietary file formats (Excel, Word, etc.) are handled OOTB.
+#-- They can be handled by custom projects using https://github.com/righettod/document-upload-protection:
+#-- https://github.com/OWASP/www-projectchapter-example/blob/master/cheatsheets/Protect_FileUpload_Against_Malicious_File.md
+#-- Also Tika is an option, but you have to check Tika code, to be sure it's secure enough (ie don't use only metadata)
+#--
+#-- Apache Commons Imaging is used for images.
+#-- For supported formats see https://commons.apache.org/proper/commons-imaging/formatsupport.html
+#-- Notably https://commons.apache.org/proper/commons-imaging/formatsupport.html#Metadata_Format_Support
+#-- OOTB OFBiz only supports PNG, GIF, TIFF and JPEG, it's a breeze to extend using more:
+#-- commonsImagingSupportedFormats=BMP,GIF,JPEG/JFIF,ICNS,ICO/CUR,PCX/DCX,PNM/PGM/PBM/PPM/PAMPortablePixmap,PNG,PSD/Photoshop,RGBE/RadianceHDR,\
+ TIFF,WBMP,XBM,XPM
+#-- You should then modify SupportedImageFormats label.
+#--
+#-- If you want to get more image formats then use imageJ:
+#-- For imagejSupportedFormats see https://imagejdocu.tudor.lu/faq/general/which_file_formats_are_supported_by_imagej. NOTE: plugins support is important here
+#-- imagejSupportedFormats=TIFF(.tiff,.tif),JPEG(.jpeg,.jpg),BMP(.bmp),FITS(.fits),PGM(.pgm),PPM(.ppm),PBM(.pbm),GIF(.gif),AnimatedGIF(.gif),\
+ PNG(.png),DICOM(.dic,.dcm,.dicom),PICT(.pict,.pic,.pct),PSD(.psd),TGA(.tga),ICO(.ico),CUR(.cur),Sunraster(.sun),\
+ XBM(.xbm),XPM(.xpm),PCX(.pcx),ANALYZE,NIfTi,AHF(.ahf),SPE(.spe),PIC(.pic),LeicaTIFF(.tiff,.lei),Quicktime(.pic,.mov),\
+ AVI(.avi),PDS(.pds),LSM(.lsm),RAW,ISAC,FluoViewTIFF(.tiff),FluoviewFV1000OIB(.oib),\
+ FluoviewFV1000OIF(.oif,.tif,-ro.pty,.lut,.bmp),IPLAB(.ipl),BrukerNMR(.fid,.ser,.2dseq,.2rr,.2ii,.3rrr,.3iii),FDF(.fdf),\
+ VFF(.vff),SIF(.sif),AxioVisionZVI(.zvi),DM3(.dm3),Deltavision(.dv,.r3d),MI,NII,NIII,IMG(.img),UNC,PerkinElmer(.tif,.tim,\
+ .zpo,.csv,.htm,.ano,.rec,.cfg,.2,.3,.4,.5,.6,.7,.8,\u2026),EPS(.eps,.epsi),SEQ(.seq),IPW(.ipw),OpenLabLIFF(.liff),\
+ OpenLabRAW(.raw),Metamorph(.stk),ICS(.ics,.ids),LeicaLif(.lif),Imaris(.ims),OME-XML(.ome),OME-TIFF(.tiff),\
+ ABD-TIFF(.tiff),GEL(.gel),Nikon(.nef,.tiff),Slidebook(.sld),SPCImage(.sdt),AL3D(.al3d),ND2(.nd2),μManager(.tif,.txt),\
+ MRC(.mrc),JPEG2000(.jp2),MNG(.mng),Flex(.flex),NRRD(.nrrd,.nhdr),VIFFbitmapimage(.xv),ROI(.roi),ERS(.ers),RS(.rs),HPGL
+#--
+#-- PDFBox and PDFReader are used for PDF files
+#--
+#-- For text files, the philosophy is we can't presume of all possible text contents used for attacks with payloads
+#-- At least there is an easy way to prevent them in SecuredUpload::isValidTextFile
+#--
+#-- List of denied files suffixes to be uploaded
+#-- OFBiz of course also check contents...
+deniedFileExtensions=html,htm,php,php1,php2,hph3,php4,php5,php6,php7,phps,asp,aspx,asa,asax,ascx,ashx,asmx,jsp,jspa,jspx,jsw,jsv,jspf,jtml,cfm,cfc,bat,exe,com,dll,\
+ vbs,js,reg,cgi,asis,sh,phtm,pht,phtml,shtm,inc,asp,cdx,asa,cer,py,pl,shtml,hta,ps1,tag,pgif,htaccess,phar,inc,cgi,wss,do,action
+#--
+#-- The upload vulnerability is only a post-auth (needs a credential with suitable permissions),
+#-- people may like to allow more than what is allowed OOTB
+#-- As it name says, allowAllUploads opens all possibilities
+allowAllUploads=
+
+#--
+#-- CSV format used to upload CSV files, cf. https://commons.apache.org/proper/commons-csv/apidocs/org/apache/commons/csv/CSVFormat.html
+csvformat=CSVFormat.DEFAULT
+
+
+#--
+#-- List of denied tokens often part of webshells. Note that, for now at least, most are supposed to be used on a *nix system
+#-- TODO.... to be continued with known webshell contents... a complete allow list is impossible anyway...
+#--
+#-- It could notably be improved by checking for all Javascripts payloads.
+#-- As listed at https://portswigger.net/web-security/cross-site-scripting/cheat-sheet,
+#-- at 2022-02-25 there are 8929 of them considering all tags, all events and all browsers...!
+#--
+#-- "freemarker" should be OK, should not be used in Freemarker templates, not part of the syntax.
+#-- Else "template.utility.Execute" is a good replacement but not as much catching, who knows...
+#--
+#-- If you are sure you are safe for a token you can remove it, etc.
+deniedWebShellTokens=java.,beans,freemarker,= 4.3.0"
- },
- "multi_instance": false,
- "services": [
- "nginx"
- ],
- "arguments": {
- "install": [
- {
- "name": "domain",
- "type": "domain"
- },
- {
- "name": "admin",
- "type": "user"
- }
- ]
- }
-}
diff --git a/manifest.toml b/manifest.toml
new file mode 100644
index 0000000..d141b3c
--- /dev/null
+++ b/manifest.toml
@@ -0,0 +1,56 @@
+packaging_format = 2
+
+id = "ofbiz"
+name = "OFBiz"
+description.en = "Apache-OFBiz ERP"
+
+version = "18.12.07~ynh1"
+
+maintainers = ["JulienNICOLAS"]
+
+[upstream]
+license = "Apache-2.0"
+website = "https://ofbiz.apache.org"
+userdoc = "https://cwiki.apache.org/confluence/display/OFBIZ/Documentation"
+code = "https://github.com/apache/ofbiz-framework"
+
+[integration]
+yunohost = ">= 11.2"
+architectures = "all"
+multi_instance = false
+
+ldap = false
+
+sso = false
+
+disk = "50M"
+ram.build = "50M"
+ram.runtime = "50M"
+
+[install]
+ [install.domain]
+ type = "domain"
+
+ [install.admin]
+ type = "user"
+
+[resources]
+ [resources.sources.main]
+ url = "https://dlcdn.apache.org/ofbiz/apache-ofbiz-18.12.07.zip"
+ sha256 = "b3f7b23167cae3ccc96c3d088e42c8df600485b8b7f88ac63b834a82e19fa5de"
+
+
+ [resources.system_user]
+
+ [resources.install_dir]
+
+ [resources.ports]
+
+ [resources.permissions]
+ main.url = "/"
+
+ [resources.apt]
+ packages = "openjdk-11-jdk, postgresql"
+
+ [resources.database]
+ type = "postgresql"
diff --git a/scripts/_common.sh b/scripts/_common.sh
index 8fc2053..944a65e 100644
--- a/scripts/_common.sh
+++ b/scripts/_common.sh
@@ -4,9 +4,6 @@
# COMMON VARIABLES
#=================================================
-# dependencies used by the app
-pkg_dependencies="openjdk-11-jdk postgresql"
-
#=================================================
# PERSONAL HELPERS
#=================================================
diff --git a/scripts/backup b/scripts/backup
index 6534f46..db41c0a 100755
--- a/scripts/backup
+++ b/scripts/backup
@@ -10,27 +10,6 @@
source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
-#=================================================
-# MANAGE SCRIPT FAILURE
-#=================================================
-
-ynh_clean_setup () {
- true
-}
-# Exit if an error occurs during the execution of the script
-ynh_abort_if_errors
-
-#=================================================
-# LOAD SETTINGS
-#=================================================
-ynh_print_info --message="Loading installation settings..."
-
-app=$YNH_APP_INSTANCE_NAME
-
-final_path=$(ynh_app_setting_get --app=$app --key=final_path)
-domain=$(ynh_app_setting_get --app=$app --key=domain)
-db_name=$(ynh_app_setting_get --app=$app --key=db_name)
-
#=================================================
# DECLARE DATA AND CONF FILES TO BACKUP
#=================================================
@@ -40,7 +19,7 @@ ynh_print_info --message="Declaring files to be backed up..."
# BACKUP THE APP MAIN DIR
#=================================================
-ynh_backup --src_path="$final_path"
+ynh_backup --src_path="$install_dir"
#=================================================
# BACKUP THE NGINX CONFIGURATION
@@ -48,8 +27,6 @@ ynh_backup --src_path="$final_path"
ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
-#=================================================
-# SPECIFIC BACKUP
#=================================================
# BACKUP SYSTEMD
#=================================================
diff --git a/scripts/change_url b/scripts/change_url
index 80eeb04..275190a 100644
--- a/scripts/change_url
+++ b/scripts/change_url
@@ -9,66 +9,6 @@
source _common.sh
source /usr/share/yunohost/helpers
-#=================================================
-# RETRIEVE ARGUMENTS
-#=================================================
-
-old_domain=$YNH_APP_OLD_DOMAIN
-old_path=$YNH_APP_OLD_PATH
-
-new_domain=$YNH_APP_NEW_DOMAIN
-new_path="/"
-
-app=$YNH_APP_INSTANCE_NAME
-
-#=================================================
-# LOAD SETTINGS
-#=================================================
-ynh_script_progression --message="Loading installation settings..."
-
-# Needed for helper "ynh_add_nginx_config"
-final_path=$(ynh_app_setting_get --app=$app --key=final_path)
-
-port=$(ynh_app_setting_get --app=$app --key=port)
-# Add settings here as needed by your application
-#db_name=$(ynh_app_setting_get --app=$app --key=db_name)
-#db_user=$db_name
-#db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd)
-
-#=================================================
-# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP
-#=================================================
-ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..."
-
-# Backup the current version of the app
-ynh_backup_before_upgrade
-ynh_clean_setup () {
- ynh_clean_check_starting
- # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location.
- ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
-
- # Restore it if the upgrade fails
- ynh_restore_upgradebackup
-}
-# Exit if an error occurs during the execution of the script
-ynh_abort_if_errors
-
-#=================================================
-# CHECK WHICH PARTS SHOULD BE CHANGED
-#=================================================
-
-change_domain=0
-if [ "$old_domain" != "$new_domain" ]
-then
- change_domain=1
-fi
-
-change_path=0
-if [ "$old_path" != "$new_path" ]
-then
- change_path=1
-fi
-
#=================================================
# STANDARD MODIFICATIONS
#=================================================
@@ -83,35 +23,7 @@ ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app
#=================================================
ynh_script_progression --message="Updating NGINX web server configuration..."
-nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
-
-# Change the path in the NGINX config file
-if [ $change_path -eq 1 ]
-then
- # Make a backup of the original NGINX config file if modified
- ynh_backup_if_checksum_is_different --file="$nginx_conf_path"
- # Set global variables for NGINX helper
- domain="$old_domain"
- path_url="$new_path"
- # Create a dedicated NGINX config
- ynh_add_nginx_config
-fi
-
-# Change the domain for NGINX
-if [ $change_domain -eq 1 ]
-then
- # Delete file checksum for the old conf file location
- ynh_delete_file_checksum --file="$nginx_conf_path"
- mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf
- # Store file checksum for the new config file location
- ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
-fi
-
-#=================================================
-# SPECIFIC MODIFICATIONS
-#=================================================
-# ...
-#=================================================
+ynh_change_url_nginx_config
#=================================================
# GENERIC FINALISATION
@@ -123,13 +35,6 @@ ynh_script_progression --message="Starting a systemd service..."
# Start a systemd service
ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
-#=================================================
-# RELOAD NGINX
-#=================================================
-ynh_script_progression --message="Reloading NGINX web server..."
-
-ynh_systemd_action --service_name=nginx --action=reload
-
#=================================================
# END OF SCRIPT
#=================================================
diff --git a/scripts/install b/scripts/install
index 9260d1b..6fc91d2 100755
--- a/scripts/install
+++ b/scripts/install
@@ -10,100 +10,24 @@ source _common.sh
source /usr/share/yunohost/helpers
#=================================================
-# MANAGE SCRIPT FAILURE
+# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
+ynh_script_progression --message="Setting up source files..."
-ynh_clean_setup () {
- ynh_clean_check_starting
-}
-# Exit if an error occurs during the execution of the script
-ynh_abort_if_errors
+ynh_setup_source --dest_dir="$install_dir"
-#=================================================
-# RETRIEVE ARGUMENTS FROM THE MANIFEST
-#=================================================
-
-domain=$YNH_APP_ARG_DOMAIN
-path_url="/"
-admin=$YNH_APP_ARG_ADMIN
-
-app=$YNH_APP_INSTANCE_NAME
-
-#=================================================
-# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
-#=================================================
-ynh_script_progression --message="Validating installation parameters..."
-
-final_path=/var/www/$app
-test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
-
-# Register (book) web path
-ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
-
-#=================================================
-# STORE SETTINGS FROM MANIFEST
-#=================================================
-ynh_script_progression --message="Storing installation settings..."
-
-ynh_app_setting_set --app=$app --key=domain --value=$domain
-ynh_app_setting_set --app=$app --key=path --value=$path_url
-ynh_app_setting_set --app=$app --key=admin --value=$admin
-
-#=================================================
-# STANDARD MODIFICATIONS
-#=================================================
-# FIND AND OPEN A PORT
-#=================================================
-ynh_script_progression --message="Finding an available port..."
-
-# Find an available port
-port=$(ynh_find_port --port=8095)
-ynh_app_setting_set --app=$app --key=port --value=$port
-
-#=================================================
-# INSTALL DEPENDENCIES
-#=================================================
-ynh_script_progression --message="Installing dependencies..."
-
-ynh_install_app_dependencies $pkg_dependencies
-
-#=================================================
-# CREATE DEDICATED USER
-#=================================================
-ynh_script_progression --message="Configuring system user..."
-
-# Create a system user
-ynh_system_user_create --username=$app --home_dir="$final_path"
+chmod -R o-rwx "$install_dir"
+chown -R $app:www-data "$install_dir"
#=================================================
# CREATE A POSTGRESQL DATABASE
#=================================================
ynh_script_progression --message="Creating a PostgreSQL database..."
-db_name=$(ynh_sanitize_dbid --db_name=$app)
-db_user=$db_name
-db_pwd=$(ynh_string_random --length=30)
-ynh_app_setting_set --app=$app --key=db_name --value=$db_name
-ynh_app_setting_set --app=$app --key=db_pwd --value=$db_pwd
-ynh_psql_test_if_first_run
-ynh_psql_create_user "$db_user" "$db_pwd"
ynh_psql_execute_as_root --sql="CREATE DATABASE ${db_name} WITH OWNER ${db_user} TEMPLATE template0 ENCODING 'UTF8';"
ynh_psql_execute_as_root --sql="CREATE DATABASE ${db_name}olap WITH OWNER ${db_user} TEMPLATE template0 ENCODING 'UTF8';"
ynh_psql_execute_as_root --sql="CREATE DATABASE ${db_name}tenant WITH OWNER ${db_user} TEMPLATE template0 ENCODING 'UTF8';"
-#=================================================
-# DOWNLOAD, CHECK AND UNPACK SOURCE
-#=================================================
-ynh_script_progression --message="Setting up source files..."
-
-ynh_app_setting_set --app=$app --key=final_path --value=$final_path
-# Download, check integrity, uncompress and patch the source from app.src
-ynh_setup_source --dest_dir="$final_path"
-
-chmod 750 "$final_path"
-chmod -R o-rwx "$final_path"
-chown -R $app:www-data "$final_path"
-
#=================================================
# NGINX CONFIGURATION
#=================================================
@@ -119,30 +43,28 @@ ynh_add_nginx_config
#=================================================
ynh_script_progression --message="Building app..."
-ynh_replace_string --match_string="port.https=" --replace_string="port.https=443" --target_file="$final_path/framework/webapp/config/url.properties"
-ynh_replace_string --match_string="force.https.host=" --replace_string="force.https.host=$domain" --target_file="$final_path/framework/webapp/config/url.properties"
-ynh_replace_string --match_string="port.http=8080" --replace_string="port.http=80" --target_file="$final_path/framework/webapp/config/url.properties"
-ynh_replace_string --match_string="force.http.host=" --replace_string="force.http.host=$domain" --target_file="$final_path/framework/webapp/config/url.properties"
+ynh_add_config --template="url.properties" --destination="$install_dir/framework/webapp/config/url.properties"
-ynh_replace_string --match_string="host-headers-allowed=.*" --replace_string="host-headers-allowed=$domain" --target_file="$final_path/framework/security/config/security.properties"
+ynh_add_config --template="security.properties" --destination="$install_dir/framework/security/config/security.properties"
-ynh_replace_string --match_string="8443" --replace_string="$port" --target_file="$final_path/framework/catalina/ofbiz-component.xml"
+ynh_replace_string --match_string="8443" --replace_string="$port" --target_file="$install_dir/framework/catalina/ofbiz-component.xml"
-ynh_replace_string --match_string="jdbc:postgresql://127.0.0.1/ofbiz" --replace_string="jdbc:postgresql://127.0.0.1:5432/${db_name}" --target_file="$final_path/framework/entity/config/entityengine.xml"
-ynh_replace_string --match_string="jdbc:postgresql://127.0.0.1/ofbizolap" --replace_string="jdbc:postgresql://127.0.0.1:5432/${db_name}olap" --target_file="$final_path/framework/entity/config/entityengine.xml"
-ynh_replace_string --match_string="jdbc:postgresql://127.0.0.1/ofbiztenant" --replace_string="jdbc:postgresql://127.0.0.1:5432/${db_name}tenant" --target_file="$final_path/framework/entity/config/entityengine.xml"
-ynh_replace_string --match_string="jdbc-username=\"ofbiz\"" --replace_string="jdbc-username=\"$db_user\"" --target_file="$final_path/framework/entity/config/entityengine.xml"
-ynh_replace_string --match_string="jdbc-password=\"ofbiz\"" --replace_string="jdbc-password=\"$db_pwd\"" --target_file="$final_path/framework/entity/config/entityengine.xml"
-ynh_replace_string --match_string="group-map group-name=\"org.apache.ofbiz\" datasource-name=\"localderby\"" --replace_string="group-map group-name=\"org.apache.ofbiz\" datasource-name=\"localpostgres\"" --target_file="$final_path/framework/entity/config/entityengine.xml"
-ynh_replace_string --match_string="group-map group-name=\"org.apache.ofbiz.olap\" datasource-name=\"localderbyolap\"" --replace_string="group-map group-name=\"org.apache.ofbiz.olap\" datasource-name=\"localpostgresolap\"" --target_file="$final_path/framework/entity/config/entityengine.xml"
-ynh_replace_string --match_string="group-map group-name=\"org.apache.ofbiz.tenant\" datasource-name=\"localderbytenant\"" --replace_string="group-map group-name=\"org.apache.ofbiz.tenant\" datasource-name=\"localpostgrestenant\"" --target_file="$final_path/framework/entity/config/entityengine.xml"
+ynh_replace_string --match_string="jdbc:postgresql://127.0.0.1/ofbiz" --replace_string="jdbc:postgresql://127.0.0.1:5432/${db_name}" --target_file="$install_dir/framework/entity/config/entityengine.xml"
+ynh_replace_string --match_string="jdbc:postgresql://127.0.0.1/ofbizolap" --replace_string="jdbc:postgresql://127.0.0.1:5432/${db_name}olap" --target_file="$install_dir/framework/entity/config/entityengine.xml"
+ynh_replace_string --match_string="jdbc:postgresql://127.0.0.1/ofbiztenant" --replace_string="jdbc:postgresql://127.0.0.1:5432/${db_name}tenant" --target_file="$install_dir/framework/entity/config/entityengine.xml"
+ynh_replace_string --match_string="jdbc-username=\"ofbiz\"" --replace_string="jdbc-username=\"$db_user\"" --target_file="$install_dir/framework/entity/config/entityengine.xml"
+ynh_replace_string --match_string="jdbc-password=\"ofbiz\"" --replace_string="jdbc-password=\"$db_pwd\"" --target_file="$install_dir/framework/entity/config/entityengine.xml"
+ynh_replace_string --match_string="group-map group-name=\"org.apache.ofbiz\" datasource-name=\"localderby\"" --replace_string="group-map group-name=\"org.apache.ofbiz\" datasource-name=\"localpostgres\"" --target_file="$install_dir/framework/entity/config/entityengine.xml"
+ynh_replace_string --match_string="group-map group-name=\"org.apache.ofbiz.olap\" datasource-name=\"localderbyolap\"" --replace_string="group-map group-name=\"org.apache.ofbiz.olap\" datasource-name=\"localpostgresolap\"" --target_file="$install_dir/framework/entity/config/entityengine.xml"
+ynh_replace_string --match_string="group-map group-name=\"org.apache.ofbiz.tenant\" datasource-name=\"localderbytenant\"" --replace_string="group-map group-name=\"org.apache.ofbiz.tenant\" datasource-name=\"localpostgrestenant\"" --target_file="$install_dir/framework/entity/config/entityengine.xml"
-ynh_replace_string --match_string="security.ldap.enable=false" --replace_string="security.ldap.enable=true" --target_file="$final_path/framework/security/config/security.properties"
-ynh_replace_string --match_string="ldap.dn.template=cn=%u,ou=system" --replace_string="ldap.dn.template=uid=%u,ou=users,dc=yunohost,dc=org" --target_file="$final_path/framework/security/config/jndiLdap.properties"
+ynh_replace_string --match_string="security.ldap.enable=false" --replace_string="security.ldap.enable=true" --target_file="$install_dir/framework/security/config/security.properties"
+ynh_replace_string --match_string="ldap.dn.template=cn=%u,ou=system" --replace_string="ldap.dn.template=uid=%u,ou=users,dc=yunohost,dc=org" --target_file="$install_dir/framework/security/config/jndiLdap.properties"
-cp -f ../conf/build.gradle "$final_path/build.gradle"
-pushd "$final_path"
+ynh_add_config --template="build.gradle" --destination="$install_dir/build.gradle"
+
+pushd "$install_dir"
ynh_exec_as $app ./gradle/init-gradle-wrapper.sh
ynh_exec_as $app ./gradlew cleanAll loadAll 2>&1
popd
@@ -155,13 +77,6 @@ ynh_script_progression --message="Configuring a systemd service..."
# Create a dedicated systemd config
ynh_add_systemd_config
-#=================================================
-# GENERIC FINALIZATION
-#=================================================
-# INTEGRATE SERVICE IN YUNOHOST
-#=================================================
-ynh_script_progression --message="Integrating service in YunoHost..."
-
yunohost service add $app --log="/var/log/$app/$app.log"
#=================================================
@@ -173,23 +88,7 @@ mkdir -p /var/log/$app
chown -R $app:$app "/var/log/$app"
# Start a systemd service
-ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" --line_match="is started and ready"
-
-#=================================================
-# SETUP SSOWAT
-#=================================================
-ynh_script_progression --message="Configuring permissions..."
-
-# Everyone can access the app.
-# The "main" permission is automatically created before the install script.
-ynh_permission_update --permission="main" --add="visitors"
-
-#=================================================
-# RELOAD NGINX
-#=================================================
-ynh_script_progression --message="Reloading NGINX web server..."
-
-ynh_systemd_action --service_name=nginx --action=reload
+ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" #--line_match="is started and ready"
#=================================================
# END OF SCRIPT
diff --git a/scripts/remove b/scripts/remove
index 186c404..696f5a5 100755
--- a/scripts/remove
+++ b/scripts/remove
@@ -9,100 +9,28 @@
source _common.sh
source /usr/share/yunohost/helpers
-#=================================================
-# LOAD SETTINGS
-#=================================================
-ynh_script_progression --message="Loading installation settings..."
-
-app=$YNH_APP_INSTANCE_NAME
-
-domain=$(ynh_app_setting_get --app=$app --key=domain)
-db_name=$(ynh_app_setting_get --app=$app --key=db_name)
-db_user=$db_name
-final_path=$(ynh_app_setting_get --app=$app --key=final_path)
-
#=================================================
# STANDARD REMOVE
#=================================================
# REMOVE SERVICE INTEGRATION IN YUNOHOST
#=================================================
+ynh_script_progression --message="Removing system configurations related to $app..." --weight=1
-# Remove the service from the list of services known by YunoHost (added from `yunohost service add`)
if ynh_exec_warn_less yunohost service status $app >/dev/null
then
ynh_script_progression --message="Removing $app service integration..."
yunohost service remove $app
fi
-#=================================================
-# STOP SYSTEMD SERVICE
-#=================================================
-ynh_script_progression --message="Stopping a systemd service..."
-
-ynh_systemd_action --service_name=$app --action="stop" --log_path="systemd" --line_match="Stopped OFBiz Service"
-
-#=================================================
-# STOP AND REMOVE SERVICE
-#=================================================
-ynh_script_progression --message="Stopping and removing the systemd service..."
-
# Remove the dedicated systemd config
ynh_remove_systemd_config
-#=================================================
-# REMOVE THE POSTGRESQL DATABASE
-#=================================================
-ynh_script_progression --message="Removing the PostgreSQL database..."
-
-# Remove a database if it exists, along with the associated user
-ynh_psql_drop_db ${db_name}tenant
-ynh_psql_drop_db ${db_name}olap
-ynh_psql_remove_db --db_user=$db_user --db_name=$db_name
-
-#=================================================
-# REMOVE APP MAIN DIR
-#=================================================
-ynh_script_progression --message="Removing app main directory..."
-
-# Remove the app directory securely
-ynh_secure_remove --file="$final_path"
-
-#=================================================
-# REMOVE NGINX CONFIGURATION
-#=================================================
-ynh_script_progression --message="Removing NGINX web server configuration..."
-
# Remove the dedicated NGINX config
ynh_remove_nginx_config
-#=================================================
-# REMOVE DEPENDENCIES
-#=================================================
-ynh_script_progression --message="Removing dependencies..."
-
-# Remove metapackage and its dependencies
-ynh_remove_app_dependencies
-
-#=================================================
-# SPECIFIC REMOVE
-#=================================================
-# REMOVE VARIOUS FILES
-#=================================================
-ynh_script_progression --message="Removing various files..."
-
# Remove the log files
ynh_secure_remove --file="/var/log/$app"
-#=================================================
-# GENERIC FINALIZATION
-#=================================================
-# REMOVE DEDICATED USER
-#=================================================
-ynh_script_progression --message="Removing the dedicated system user..."
-
-# Delete a system user
-ynh_system_user_delete --username=$app
-
#=================================================
# END OF SCRIPT
#=================================================
diff --git a/scripts/restore b/scripts/restore
index d1b5b5e..6016528 100755
--- a/scripts/restore
+++ b/scripts/restore
@@ -6,127 +6,50 @@
# IMPORT GENERIC HELPERS
#=================================================
-# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts
source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
-#=================================================
-# MANAGE SCRIPT FAILURE
-#=================================================
-
-ynh_clean_setup () {
- ynh_clean_check_starting
-}
-# Exit if an error occurs during the execution of the script
-ynh_abort_if_errors
-
-#=================================================
-# LOAD SETTINGS
-#=================================================
-ynh_script_progression --message="Loading installation settings..."
-
-app=$YNH_APP_INSTANCE_NAME
-
-domain=$(ynh_app_setting_get --app=$app --key=domain)
-path_url=$(ynh_app_setting_get --app=$app --key=path)
-final_path=$(ynh_app_setting_get --app=$app --key=final_path)
-db_name=$(ynh_app_setting_get --app=$app --key=db_name)
-db_user=$db_name
-db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd)
-port=$(ynh_app_setting_get --app=$app --key=port)
-
-#=================================================
-# CHECK IF THE APP CAN BE RESTORED
-#=================================================
-ynh_script_progression --message="Validating restoration parameters..."
-
-test ! -d $final_path \
- || ynh_die --message="There is already a directory: $final_path "
-
-#=================================================
-# STANDARD RESTORATION STEPS
-#=================================================
-# RESTORE THE NGINX CONFIGURATION
-#=================================================
-ynh_script_progression --message="Restoring the NGINX web server configuration..."
-
-ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
-
-#=================================================
-# RECREATE THE DEDICATED USER
-#=================================================
-ynh_script_progression --message="Recreating the dedicated system user..."
-
-# Create the dedicated user (if not existing)
-ynh_system_user_create --username=$app --home_dir="$final_path"
-
#=================================================
# RESTORE THE APP MAIN DIR
#=================================================
ynh_script_progression --message="Restoring the app main directory..."
-ynh_restore_file --origin_path="$final_path"
+ynh_restore_file --origin_path="$install_dir"
-chmod 750 "$final_path"
-chmod -R o-rwx "$final_path"
-chown -R $app:www-data "$final_path"
-
-#=================================================
-# SPECIFIC RESTORATION
-#=================================================
-# REINSTALL DEPENDENCIES
-#=================================================
-ynh_script_progression --message="Reinstalling dependencies..."
-
-# Define and install dependencies
-ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies
+chmod -R o-rwx "$install_dir"
+chown -R $app:www-data "$install_dir"
#=================================================
# RESTORE THE POSTGRESQL DATABASE
#=================================================
-ynh_script_progression --message="Restoring the PostgreSQL database..."
+ynh_script_progression --message="Restoring the PostgreSQL database..." --weight=1
-ynh_psql_test_if_first_run
-ynh_psql_create_user "$db_user" "$db_pwd"
-ynh_psql_execute_as_root --sql="CREATE DATABASE ${db_name} WITH OWNER ${db_user} TEMPLATE template0 ENCODING 'UTF8';"
-ynh_psql_execute_as_root --sql="CREATE DATABASE ${db_name}olap WITH OWNER ${db_user} TEMPLATE template0 ENCODING 'UTF8';"
-ynh_psql_execute_as_root --sql="CREATE DATABASE ${db_name}tenant WITH OWNER ${db_user} TEMPLATE template0 ENCODING 'UTF8';"
-ynh_psql_execute_file_as_root --file="./db.sql" --database=${db_name}
-ynh_psql_execute_file_as_root --file="./dbolap.sql" --database=${db_name}olap
-ynh_psql_execute_file_as_root --file="./dbtenant.sql" --database=${db_name}tenant
+ynh_psql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql
#=================================================
# RESTORE SYSTEMD
#=================================================
ynh_script_progression --message="Restoring the systemd configuration..."
+ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
+
ynh_restore_file --origin_path="/etc/systemd/system/$app.service"
systemctl enable $app.service --quiet
-#=================================================
-# INTEGRATE SERVICE IN YUNOHOST
-#=================================================
-ynh_script_progression --message="Integrating service in YunoHost..."
-
yunohost service add $app --log="/var/log/$app/$app.log"
-#=================================================
-# START SYSTEMD SERVICE
-#=================================================
-ynh_script_progression --message="Starting a systemd service..."
-
mkdir -p /var/log/$app
chown -R $app:$app "/var/log/$app"
-# Start a systemd service
-ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" --line_match="is started and ready"
-
#=================================================
# GENERIC FINALIZATION
#=================================================
-# RELOAD NGINX
+# RELOAD NGINX AND PHP-FPM OR THE APP SERVICE
#=================================================
-ynh_script_progression --message="Reloading NGINX web server..."
+ynh_script_progression --message="Reloading NGINX web server and $app's service..." --weight=1
+
+# Start a systemd service
+ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" --line_match="is started and ready"
ynh_systemd_action --service_name=nginx --action=reload
diff --git a/scripts/upgrade b/scripts/upgrade
index 6ae9c4c..11c53f5 100644
--- a/scripts/upgrade
+++ b/scripts/upgrade
@@ -10,44 +10,12 @@ source _common.sh
source ynh_package_version
source /usr/share/yunohost/helpers
-#=================================================
-# LOAD SETTINGS
-#=================================================
-ynh_script_progression --message="Loading installation settings..."
-
-app=$YNH_APP_INSTANCE_NAME
-
-domain=$(ynh_app_setting_get --app=$app --key=domain)
-path_url=$(ynh_app_setting_get --app=$app --key=path)
-admin=$(ynh_app_setting_get --app=$app --key=admin)
-final_path=$(ynh_app_setting_get --app=$app --key=final_path)
-db_name=$(ynh_app_setting_get --app=$app --key=db_name)
-db_user=$db_name
-db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd)
-port=$(ynh_app_setting_get --app=$app --key=port)
-
#=================================================
# CHECK VERSION
#=================================================
-ynh_script_progression --message="Checking version..."
upgrade_type=$(ynh_check_app_version_changed)
-#=================================================
-# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
-#=================================================
-ynh_script_progression --message="Backing up the app before upgrading (may take a while)..."
-
-# Backup the current version of the app
-ynh_backup_before_upgrade
-ynh_clean_setup () {
- ynh_clean_check_starting
- # Restore it if the upgrade fails
- ynh_restore_upgradebackup
-}
-# Exit if an error occurs during the execution of the script
-ynh_abort_if_errors
-
#=================================================
# STANDARD UPGRADE STEPS
#=================================================
@@ -57,19 +25,6 @@ ynh_script_progression --message="Stopping a systemd service..."
ynh_systemd_action --service_name=$app --action="stop" --log_path="systemd" --line_match="Stopped OFBiz Service"
-#=================================================
-# ENSURE DOWNWARD COMPATIBILITY
-#=================================================
-ynh_script_progression --message="Ensuring downward compatibility..."
-
-#=================================================
-# CREATE DEDICATED USER
-#=================================================
-ynh_script_progression --message="Making sure dedicated system user exists..."
-
-# Create a dedicated user (if not existing)
-ynh_system_user_create --username=$app --home_dir=$final_path
-
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
@@ -79,12 +34,11 @@ then
ynh_script_progression --message="Upgrading source files..."
# Download, check integrity, uncompress and patch the source from app.src
- ynh_setup_source --dest_dir="$final_path"
+ ynh_setup_source --dest_dir="$install_dir"
fi
-chmod 750 "$final_path"
-chmod -R o-rwx "$final_path"
-chown -R $app:www-data "$final_path"
+chmod -R o-rwx "$install_dir"
+chown -R $app:www-data "$install_dir"
#=================================================
# NGINX CONFIGURATION
@@ -94,13 +48,6 @@ ynh_script_progression --message="Upgrading NGINX web server configuration..."
# Create a dedicated NGINX config
ynh_add_nginx_config
-#=================================================
-# UPGRADE DEPENDENCIES
-#=================================================
-ynh_script_progression --message="Upgrading dependencies..."
-
-ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies
-
#=================================================
# SPECIFIC UPGRADE
#=================================================
@@ -111,28 +58,28 @@ if [ "$upgrade_type" == "UPGRADE_APP" ]
then
ynh_script_progression --message="Building app..."
- ynh_replace_string --match_string="port.https=" --replace_string="port.https=443" --target_file="$final_path/framework/webapp/config/url.properties"
- ynh_replace_string --match_string="force.https.host=" --replace_string="force.https.host=$domain" --target_file="$final_path/framework/webapp/config/url.properties"
- ynh_replace_string --match_string="port.http=8080" --replace_string="port.http=80" --target_file="$final_path/framework/webapp/config/url.properties"
- ynh_replace_string --match_string="force.http.host=" --replace_string="force.http.host=$domain" --target_file="$final_path/framework/webapp/config/url.properties"
+ ynh_replace_string --match_string="port.https=" --replace_string="port.https=443" --target_file="$install_dir/framework/webapp/config/url.properties"
+ ynh_replace_string --match_string="force.https.host=" --replace_string="force.https.host=$domain" --target_file="$install_dir/framework/webapp/config/url.properties"
+ ynh_replace_string --match_string="port.http=8080" --replace_string="port.http=80" --target_file="$install_dir/framework/webapp/config/url.properties"
+ ynh_replace_string --match_string="force.http.host=" --replace_string="force.http.host=$domain" --target_file="$install_dir/framework/webapp/config/url.properties"
- ynh_replace_string --match_string="host-headers-allowed=.*" --replace_string="host-headers-allowed=$domain" --target_file="$final_path/framework/security/config/security.properties"
+ ynh_replace_string --match_string="host-headers-allowed=.*" --replace_string="host-headers-allowed=$domain" --target_file="$install_dir/framework/security/config/security.properties"
- ynh_replace_string --match_string="8443" --replace_string="$port" --target_file="$final_path/framework/catalina/ofbiz-component.xml"
+ ynh_replace_string --match_string="8443" --replace_string="$port" --target_file="$install_dir/framework/catalina/ofbiz-component.xml"
- ynh_replace_string --match_string="jdbc:postgresql://127.0.0.1/ofbiz" --replace_string="jdbc:postgresql://127.0.0.1:5432/${db_name}" --target_file="$final_path/framework/entity/config/entityengine.xml"
- ynh_replace_string --match_string="jdbc:postgresql://127.0.0.1/ofbizolap" --replace_string="jdbc:postgresql://127.0.0.1:5432/${db_name}olap" --target_file="$final_path/framework/entity/config/entityengine.xml"
- ynh_replace_string --match_string="jdbc:postgresql://127.0.0.1/ofbiztenant" --replace_string="jdbc:postgresql://127.0.0.1:5432/${db_name}tenant" --target_file="$final_path/framework/entity/config/entityengine.xml"
- ynh_replace_string --match_string="jdbc-username=\"ofbiz\"" --replace_string="jdbc-username=\"$db_user\"" --target_file="$final_path/framework/entity/config/entityengine.xml"
- ynh_replace_string --match_string="jdbc-password=\"ofbiz\"" --replace_string="jdbc-password=\"$db_pwd\"" --target_file="$final_path/framework/entity/config/entityengine.xml"
- ynh_replace_string --match_string="group-map group-name=\"org.apache.ofbiz\" datasource-name=\"localderby\"" --replace_string="group-map group-name=\"org.apache.ofbiz\" datasource-name=\"localpostgres\"" --target_file="$final_path/framework/entity/config/entityengine.xml"
- ynh_replace_string --match_string="group-map group-name=\"org.apache.ofbiz.olap\" datasource-name=\"localderbyolap\"" --replace_string="group-map group-name=\"org.apache.ofbiz.olap\" datasource-name=\"localpostgresolap\"" --target_file="$final_path/framework/entity/config/entityengine.xml"
- ynh_replace_string --match_string="group-map group-name=\"org.apache.ofbiz.tenant\" datasource-name=\"localderbytenant\"" --replace_string="group-map group-name=\"org.apache.ofbiz.tenant\" datasource-name=\"localpostgrestenant\"" --target_file="$final_path/framework/entity/config/entityengine.xml"
+ ynh_replace_string --match_string="jdbc:postgresql://127.0.0.1/ofbiz" --replace_string="jdbc:postgresql://127.0.0.1:5432/${db_name}" --target_file="$install_dir/framework/entity/config/entityengine.xml"
+ ynh_replace_string --match_string="jdbc:postgresql://127.0.0.1/ofbizolap" --replace_string="jdbc:postgresql://127.0.0.1:5432/${db_name}olap" --target_file="$install_dir/framework/entity/config/entityengine.xml"
+ ynh_replace_string --match_string="jdbc:postgresql://127.0.0.1/ofbiztenant" --replace_string="jdbc:postgresql://127.0.0.1:5432/${db_name}tenant" --target_file="$install_dir/framework/entity/config/entityengine.xml"
+ ynh_replace_string --match_string="jdbc-username=\"ofbiz\"" --replace_string="jdbc-username=\"$db_user\"" --target_file="$install_dir/framework/entity/config/entityengine.xml"
+ ynh_replace_string --match_string="jdbc-password=\"ofbiz\"" --replace_string="jdbc-password=\"$db_pwd\"" --target_file="$install_dir/framework/entity/config/entityengine.xml"
+ ynh_replace_string --match_string="group-map group-name=\"org.apache.ofbiz\" datasource-name=\"localderby\"" --replace_string="group-map group-name=\"org.apache.ofbiz\" datasource-name=\"localpostgres\"" --target_file="$install_dir/framework/entity/config/entityengine.xml"
+ ynh_replace_string --match_string="group-map group-name=\"org.apache.ofbiz.olap\" datasource-name=\"localderbyolap\"" --replace_string="group-map group-name=\"org.apache.ofbiz.olap\" datasource-name=\"localpostgresolap\"" --target_file="$install_dir/framework/entity/config/entityengine.xml"
+ ynh_replace_string --match_string="group-map group-name=\"org.apache.ofbiz.tenant\" datasource-name=\"localderbytenant\"" --replace_string="group-map group-name=\"org.apache.ofbiz.tenant\" datasource-name=\"localpostgrestenant\"" --target_file="$install_dir/framework/entity/config/entityengine.xml"
- ynh_replace_string --match_string="security.ldap.enable=false" --replace_string="security.ldap.enable=true" --target_file="$final_path/framework/security/config/security.properties"
- ynh_replace_string --match_string="ldap.dn.template=cn=%u,ou=system" --replace_string="ldap.dn.template=uid=%u,ou=users,dc=yunohost,dc=org" --target_file="$final_path/framework/security/config/jndiLdap.properties"
+ ynh_replace_string --match_string="security.ldap.enable=false" --replace_string="security.ldap.enable=true" --target_file="$install_dir/framework/security/config/security.properties"
+ ynh_replace_string --match_string="ldap.dn.template=cn=%u,ou=system" --replace_string="ldap.dn.template=uid=%u,ou=users,dc=yunohost,dc=org" --target_file="$install_dir/framework/security/config/jndiLdap.properties"
- cp -f ../conf/build.gradle "$final_path/build.gradle"
+ cp -f ../conf/build.gradle "$install_dir/build.gradle"
fi
#=================================================
@@ -143,13 +90,6 @@ ynh_script_progression --message="Upgrading systemd configuration..."
# Create a dedicated systemd config
ynh_add_systemd_config
-#=================================================
-# GENERIC FINALIZATION
-#=================================================
-# INTEGRATE SERVICE IN YUNOHOST
-#=================================================
-ynh_script_progression --message="Integrating service in YunoHost..."
-
yunohost service add $app --log="/var/log/$app/$app.log"
#=================================================
@@ -163,13 +103,6 @@ chown -R $app:$app "/var/log/$app"
# Start a systemd service
ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" --line_match="is started and ready"
-#=================================================
-# RELOAD NGINX
-#=================================================
-ynh_script_progression --message="Reloading NGINX web server..."
-
-ynh_systemd_action --service_name=nginx --action=reload
-
#=================================================
# END OF SCRIPT
#=================================================
diff --git a/tests.toml b/tests.toml
new file mode 100644
index 0000000..e69de29