Merge pull request #10 from YunoHost-Apps/autopatch

[autopatch] Autopatch to migrate to new permission system

check_process

@@ -11,10 +11,14 @@
 		setup_private=0
 		setup_public=1
 		upgrade=1
-		#upgrade=1	from_commit=
+		upgrade=1	from_commit=81e4171acaa44520d0f527e6af445f4f33f2bca0
 		backup_restore=1
 		multi_instance=1
 		change_url=0
 ;;; Options
 Email=
-Notification=
+Notification=none
+;;; Upgrade options
+	; commit=81e4171acaa44520d0f527e6af445f4f33f2bca0
+		name=Merge pull request #9
+		manifest_arg=domain=DOMAIN&path=PATH&admin=USER&language=fr&is_public=1&password=pass&port=666&

conf/app.src

@@ -1,6 +1,4 @@
-SOURCE_URL=https://codeberg.org/zot/osada/archive/0c22781a2271170d0557881ac58a202148351c64.tar.gz
-SOURCE_SUM=0cdd761aac0f1a382f6593868bd66d9919333fda4edeb1f2904d13a01febbeed
+SOURCE_URL=https://codeberg.org/zot/osada/archive/88b1be4b340262a946b8e2548617cea3641b0a71.tar.gz
+SOURCE_SUM=42f4c004e8d0dd78303aa0118b206be86b67ed9b6ba156c69b1e1e2d109de74b
 SOURCE_SUM_PRG=sha256sum
 SOURCE_FORMAT=tar.gz
-SOURCE_IN_SUBDIR=
-SOURCE_FILENAME=

conf/app_addons.src

@@ -1,6 +1,4 @@
-SOURCE_URL=https://codeberg.org/zot/osada-addons/archive/0518974958ef5dbc81829a523753d4d4605bb0b4.tar.gz
-SOURCE_SUM=103591cb295be106d163302a036f5942ba3802db853906defa2186ff599a0a5b
+SOURCE_URL=https://codeberg.org/zot/osada-addons/archive/34788e835b87535404aee56d0aece885707565e9.tar.gz
+SOURCE_SUM=2b0e268472c3c3c1ce14557fa86a7abd1d533554b541a056cd960291160f1328
 SOURCE_SUM_PRG=sha256sum
 SOURCE_FORMAT=tar.gz
-SOURCE_IN_SUBDIR=
-SOURCE_FILENAME=

conf/htconfig.sample.php

@@ -0,0 +1,103 @@
+<?php
+
+// If automatic system installation fails: 
+
+// Copy or rename this file to .htconfig.php in the top level 
+// Hubzilla directory
+
+// Why .htconfig.php? Because it contains sensitive information which could
+// give somebody complete control of your database. Apache's default 
+// configuration denies access to and refuses to serve any file beginning 
+// with .ht
+
+// Then set the following for your MySQL installation
+
+$db_host = 'localhost'; // Use 'localhost' if you aren't using a remote server
+$db_port = 0;                    // leave 0 for default or set your port
+$db_user = '__DB_USER__';
+$db_pass = '__DB_PWD__';
+$db_data = '__DB_NAME__';
+$db_type = 0; // use 1 for postgres, 0 for mysql
+
+/*
+ * Notice: Many of the following settings will be available in the admin panel 
+ * after a successful site install. Once they are set in the admin panel, they
+ * are stored in the DB - and the DB setting will over-ride any corresponding
+ * setting in this file
+ *
+ * The command-line tool util/config is able to query and set the DB items 
+ * directly if for some reason the admin panel is not available and a system
+ * setting requires modification. 
+ *
+ */ 
+
+
+// Choose a legal default timezone. If you are unsure, use "America/Los_Angeles".
+// It can be changed later and only applies to timestamps for anonymous viewers.
+
+App::$config['system']['timezone'] = 'America/Los_Angeles';
+
+// What is your site name? DO NOT ADD A TRAILING SLASH!
+
+App::$config['system']['baseurl'] = 'https://__DOMAIN__';
+App::$config['system']['sitename'] = "Zap";
+App::$config['system']['location_hash'] = '__RANDOM_STRING__';
+
+
+// These lines set additional security headers to be sent with all responses
+// You may wish to set transport_security_header to 0 if your server already sends
+// this header. content_security_policy may need to be disabled if you wish to
+// run the piwik analytics plugin or include other offsite resources on a page
+
+App::$config['system']['transport_security_header'] = 1;
+App::$config['system']['content_security_policy'] = 1;
+App::$config['system']['ssl_cookie_protection'] = 1;
+
+
+// Your choices are REGISTER_OPEN, REGISTER_APPROVE, or REGISTER_CLOSED.
+// Be certain to create your own personal account before setting 
+// REGISTER_CLOSED. 'register_text' (if set) will be displayed prominently on 
+// the registration page. REGISTER_APPROVE requires you set 'admin_email'
+// to the email address of an already registered person who can authorise
+// and/or approve/deny the request. 
+
+// In order to perform system administration via the admin panel, admin_email
+// must precisely match the email address of the person logged in.
+
+App::$config['system']['register_policy'] = REGISTER_OPEN;
+App::$config['system']['register_text'] = '';
+App::$config['system']['admin_email'] = '__EMAIL__';
+
+// Location of PHP command line processor
+
+App::$config['system']['php_path'] = 'php__PHPVERSION__';
+
+
+// Configure how we communicate with directory servers.
+// DIRECTORY_MODE_NORMAL     = directory client, we will find a directory (all of your member's queries will be directed elsewhere)
+// DIRECTORY_MODE_SECONDARY  = caching directory or mirror (keeps in sync with realm primary [adds significant cron execution time])
+// DIRECTORY_MODE_PRIMARY    = main directory server (you do not want this unless you are operating your own realm. one per realm.)
+// DIRECTORY_MODE_STANDALONE = "off the grid" or private directory services (only local site members in directory)
+
+App::$config['system']['directory_mode']  = DIRECTORY_MODE_NORMAL;
+
+
+// PHP error logging setup
+// Before doing this ensure that the webserver has permission
+// to create and write to php.out in the top level Red directory,
+// or change the name (below) to a file/path where this is allowed.
+
+ini_set('display_errors', '0');
+
+// Uncomment the following 4 lines to turn on PHP error logging.
+error_reporting(E_ERROR | E_PARSE ); 
+ini_set('error_log','php.out'); 
+ini_set('log_errors','1'); 
+
+App::$config['system']['addon'] = 'ldapauth';
+
+App::$config['ldapauth']['ldap_server'] = 'localhost';
+App::$config['ldapauth']['ldap_searchdn'] = 'ou=users,dc=yunohost,dc=org';
+App::$config['ldapauth']['ldap_userattr'] = 'uid';
+App::$config['ldapauth']['ldap_autocreateaccount_emailattribute'] = 'mail';
+App::$config['ldapauth']['create_account'] = '1';

scripts/backup

@@ -20,6 +20,7 @@ ynh_abort_if_errors
 # LOAD SETTINGS
 #=================================================
 ynh_print_info --message="Loading installation settings..."
+
 app=$YNH_APP_INSTANCE_NAME
 
 final_path=$(ynh_app_setting_get --app=$app --key=final_path)

scripts/install

@@ -25,7 +25,7 @@ path_url="/"
 admin=$YNH_APP_ARG_ADMIN
 email=$(ynh_user_get_info --username=$admin --key=mail)
 upload="256M"
-random_string="$(ynh_string_random)$(ynh_string_random)$(ynh_string_random)"
+random_string="$(ynh_string_random --length=48)"
 database=`expr $YNH_APP_ARG_DATABASE`
 
 app=$YNH_APP_INSTANCE_NAME
@@ -120,83 +120,21 @@ pushd "$final_path"
 	done
 popd
 
+chmod 750 "$final_path"
+chmod -R o-rwx "$final_path"
+chown -R $app:www-data "$final_path"
 
 # 3 - Some extra folders
 ynh_script_progression --message="Creating smarty3 folder for personal data..."
 
-mkdir -p "${final_path}/store"
-mkdir -p  "${final_path}/cache/smarty3"
+mkdir -p "$final_path/store"
+mkdir -p  "$final_path/cache/smarty3"
 chmod -R 775 $final_path/store $final_path/cache
 
-# Copy the template install/htconfig.sample.php to .htconfig.php
-ynh_script_progression --message="Moving .htconfig.php to root of Osada ..."
-config="$final_path/.htconfig.php"
-cp $final_path/install/htconfig.sample.php $config
-
 # Create php.log inside Osada for logs
 ynh_script_progression --message="Create php.log for the Osada debuging..."
 touch "$final_path/php.log"
 
-#=================================================
-# CREATE A  DATABASE
-#=================================================
-
-if [  $database -eq 1 ]; then
-	ynh_script_progression --message="Creating a MySQL database..."
-	db_name=$(ynh_sanitize_dbid --db_name=$app)
-	db_user=$db_name
-	ynh_app_setting_set --app=$app --key=db_name --value=$db_name
-	ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name
-	ynh_script_progression --message="Importing database..."
-	ynh_mysql_connect_as --user="$db_name" --password="$db_pwd" --database="$db_name" < $final_path/install/schema_mysql.sql
-elif [ $database -eq 2 ]; then
-	# Create postgresql database
-	ynh_script_progression --message="Creating a postgresql database..."
-	ynh_replace_string --match_string="db_type = 0;" --replace_string="db_type = 1;" --target_file="$config"
-	db_name=$(ynh_sanitize_dbid --db_name=$app)
-	db_user=$app
-	ynh_psql_test_if_first_run
-	ynh_psql_setup_db --db_user=$db_user --db_name=$db_name
-	ynh_app_setting_set --app=$app --key=db_name --value=$db_name
-	ynh_script_progression --message="Importing database..."
-	ynh_psql_connect_as --user="$db_name" --password="$db_pwd" --database="$db_name" < $final_path/install/schema_postgres.sql
-else
-	ynh_die --message="Some problem occured in creating the database, contact maintainer"
-fi
-
-#=================================================
-# MODIFY A CONFIG FILE
-#=================================================
-
-phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
-ynh_replace_string --match_string="your.mysqlhost.com" --replace_string="localhost" --target_file="$config"
-ynh_replace_string --match_string= "mysqlpassword" --replace_string="$db_pwd" --target_file="$config"
-ynh_replace_string --match_string="mysqlusername" --replace_string="$db_name" --target_file="$config"
-ynh_replace_string --match_string= "mysqldatabasename" --replace_string="$db_name" --target_file="$config"
-ynh_replace_string --match_string= "mysite.example" --replace_string="$domain" --target_file="$config"
-ynh_replace_string --match_string= "if the auto install failed, put a unique random string here" --replace_string="$random_string" --target_file="$config"
-sed -i "s/\['admin_email'\] = '';/\['admin_email'\] = '$email';/g" "$config"
-ynh_replace_string --match_string= "//error_reporting(E_ERROR | E_WARNING | E_PARSE );" --replace_string="error_reporting(E_ERROR | E_WARNING | E_PARSE );" --target_file="$config"
-ynh_replace_string --match_string= "//ini_set('error_log','php.out');" --replace_string="ini_set('error_log','php.log');" --target_file="$config"
-ynh_replace_string --match_string= "//ini_set('log_errors','1');" --replace_string="ini_set('log_errors','1');" --target_file="$config"
-ynh_replace_string --match_string= "//ini_set('display_errors', '0');" --replace_string="ini_set('display_errors', '0');" --target_file="$config"
-sed -i "s/\['php_path'\] = 'php';/\['php_path'\] = 'php$phpversion';/g" "$config"
-
-# addon ldap config
-ynh_script_progression --message="Push LDAP configuration to .htconfig.php..."
-
-cat ../conf/ldap_conf.php >> $final_path/.htconfig.php
-
-ynh_store_file_checksum --file="$config"
-
-#=================================================
-# NGINX CONFIGURATION
-#=================================================
-ynh_script_progression --message="Configuring NGINX web server..."
-
-# Create a dedicated NGINX config
-ynh_add_nginx_config
-
 #=================================================
 # PHP-FPM CONFIGURATION
 #=================================================
@@ -204,6 +142,52 @@ ynh_script_progression --message="Configuring PHP-FPM..."
 
 # Create a dedicated PHP-FPM config
 ynh_add_fpm_config --package="$extra_php_dependencies"
+phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
+
+#=================================================
+# CREATE A  DATABASE VAR
+#=================================================
+
+db_name=$(ynh_sanitize_dbid --db_name=$app)
+db_user=$db_name
+ynh_app_setting_set --app=$app --key=db_name --value=$db_name
+
+#=================================================
+# CREATE A  DATABASE
+#=================================================
+
+if [  $database -eq 1 ]; then
+	ynh_script_progression --message="Creating a MySQL database..."
+	ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name
+	ynh_mysql_connect_as --user="$db_name" --password="$db_pwd" --database="$db_name" < $final_path/install/schema_mysql.sql
+elif [ $database -eq 2 ]; then
+	# Create postgresql database
+	ynh_script_progression --message="Creating a postgresql database..."
+	ynh_replace_string --match_string="db_type = 0;" --replace_string="db_type = 1;" --target_file="$final_path/.htconfig.php"
+	ynh_psql_test_if_first_run
+	ynh_psql_setup_db --db_user=$db_user --db_name=$db_name
+	ynh_psql_connect_as --user="$db_name" --password="$db_pwd" --database="$db_name" < $final_path/install/schema_postgres.sql
+else
+	ynh_die --message="Some problem occured in creating the database, contact maintainer"
+fi
+
+#=================================================
+# MODIFY A CONFIG FILE
+#=================================================
+ynh_script_progression --message="Adding a configuration file..." --weight=1
+
+ynh_add_config --template="../conf/htconfig.sample.php" --destination="$final_path/.htconfig.php"
+
+chmod 600 "$final_path/.htconfig.php"
+chown $app:$app "$final_path/.htconfig.php"
+
+#=================================================
+# NGINX CONFIGURATION
+#=================================================
+ynh_script_progression --message="Configuring NGINX web server..."
+
+# Create a dedicated NGINX config
+ynh_add_nginx_config
 
 #=================================================
 # SET CRON JOB

scripts/upgrade

@@ -41,7 +41,9 @@ ynh_clean_setup () {
 ynh_abort_if_errors
 
 #=================================================
-# ENSURE DOWNWARD COMPATIBILITY
+# STANDARD UPGRADE STEPS
+#=================================================
+# REMOVE APP MAIN DIR
 #=================================================
 ynh_print_info "Upgrading source files..."
 
@@ -57,6 +59,13 @@ if [ -z "$db_name" ]; then
 	ynh_app_setting_set --app=$app --key=db_name --value=$db_name
 fi
 
+if ynh_legacy_permissions_exists
+then
+	ynh_legacy_permissions_delete_all
+
+	ynh_app_setting_delete --app=$app --key=is_public
+fi
+
 #=================================================
 # CREATE DEDICATED USER
 #=================================================
@@ -198,10 +207,6 @@ chmod 644 "/etc/cron.d/$app"
 ynh_script_progression --message="Upgrading dependencies..."
 
 if [  $database -eq 1 ]; then
-	#=================================================
-	# CHECK VERSION FOR SPECIFIC MYSQL UPDATE
-	#=================================================
-
 	# Check version and if this version was a fresh install push mysql query
 	db_name=$(ynh_app_setting_get --app=$app --key=db_name)
 	db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd)