diff --git a/manifest.json b/manifest.json index 0da2013..49809cc 100755 --- a/manifest.json +++ b/manifest.json @@ -1,7 +1,7 @@ { "packaging_format": 1, "id": "osada", - "name": "osada", + "name": "Osada", "description": { "en": "Decentralized publication platform and social network", "fr": "Plateforme de publication décentralisée et un réseau social" diff --git a/scripts/install b/scripts/install index b1a1bdd..dc3e0a8 100755 --- a/scripts/install +++ b/scripts/install @@ -27,7 +27,7 @@ ynh_abort_if_errors domain=$YNH_APP_ARG_DOMAIN path_url="/" admin=$YNH_APP_ARG_ADMIN -email=$(yunohost user info $admin | grep "mail:" | cut -d' ' -f2) +email=$(ynh_user_get_info --username=$admin --key=mail) upload="256M" random_string="$(ynh_string_random)$(ynh_string_random)$(ynh_string_random)" database=`expr $YNH_APP_ARG_DATABASE` @@ -69,6 +69,14 @@ if [ $database -eq 2 ]; then ynh_install_app_dependencies $pkg_dependencies fi +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Configuring system user..." + +# Create a system user +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -79,7 +87,7 @@ ynh_script_progression --message="Setting up Osada source files..." ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src # ynh_setup_source --dest_dir="$final_path" -git clone https://codeberg.org/zot/osada.git "$final_path" +git clone https://codeberg.org/zot/osada.git "$final_path" --quiet # 2 - Osada Addons @@ -92,7 +100,7 @@ ynh_script_progression --message="Setting up Osada addons source files..." pushd "$final_path" mkdir -p extend/addon/zaddons mkdir addon - git clone https://codeberg.org/zot/osada-addons.git $final_path/extend/addon/zaddons + git clone https://codeberg.org/zot/osada-addons.git $final_path/extend/addon/zaddons --quiet filelist=(`ls extend/addon/zaddons`) cd addon for a in "${filelist[@]}" ; do @@ -123,7 +131,7 @@ ynh_script_progression --message="Creating smarty3 folder for personal data..." mkdir -p "${final_path}/store" mkdir -p "${final_path}/cache/smarty3" -chmod -R 777 $final_path/store $final_path/cache +chmod -R 775 $final_path/store $final_path/cache # Copy the template install/htconfig.sample.php to .htconfig.php ynh_script_progression --message="Moving .htconfig.php to root of Osada ..." @@ -184,23 +192,16 @@ ynh_script_progression --message="Push LDAP configuration to .htconfig.php..." cat ../conf/ldap_conf.php >> $final_path/.htconfig.php +ynh_store_file_checksum --file="$config" + #================================================= # NGINX CONFIGURATION #================================================= ynh_script_progression --message="Configuring NGINX web server..." -### `ynh_add_nginx_config` will use the file conf/nginx.conf # Create a dedicated NGINX config ynh_add_nginx_config -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." - -# Create a system user -ynh_system_user_create --username=$app - #================================================= # PHP-FPM CONFIGURATION #================================================= @@ -209,10 +210,6 @@ ynh_script_progression --message="Configuring PHP-FPM..." # Create a dedicated PHP-FPM config ynh_add_fpm_config --package="$extra_php_dependencies" -# Set right permissions for Osada -ynh_script_progression --message="Set right for Osada..." -chown -R $app: $final_path - #================================================= # SET CRON JOB #================================================= @@ -222,13 +219,6 @@ ynh_add_config --template="../conf/poller-cron" --destination="/etc/cron.d/$app" chown root: "/etc/cron.d/$app" chmod 644 "/etc/cron.d/$app" -#================================================= -# STORE THE CONFIG FILE CHECKSUM -#================================================= - -# Calculate and store the config file checksum into the app settings -ynh_store_file_checksum --file="$config" - #================================================= # SETUP LOGROTATE #================================================= @@ -241,14 +231,8 @@ ynh_use_logrotate "$final_path/php.log" # SETUP FAIL2BAN #================================================= ynh_script_progression --message="Add Fail2Ban..." -ynh_add_fail2ban_config --logpath="$final_path/php.log" --failregex="^.*auth\.php.*failed login attempt.*from IP .*$" --max_retry="5" -#================================================= -# SETUP SSOWAT -#================================================= -# As Osada is social network and have its own permission there is no need to keep Osada behind SSO -ynh_script_progression --message="Configuring SSOwat..." -ynh_permission_update --permission="main" --add="visitors" +ynh_add_fail2ban_config --logpath="$final_path/php.log" --failregex="^.*auth\.php.*failed login attempt.*from IP .*$" --max_retry="5" #================================================= # RELOAD NGINX diff --git a/scripts/restore b/scripts/restore index 5f8af87..551d495 100755 --- a/scripts/restore +++ b/scripts/restore @@ -42,8 +42,6 @@ phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= ynh_script_progression --message="Validating restoration parameters..." -ynh_webpath_available --domain=$domain --path_url=$path_url \ - || ynh_die --message="Path not available: ${domain}${path_url}" test ! -d $final_path \ || ynh_die --message="There is already a directory: $final_path " @@ -55,6 +53,18 @@ test ! -d $final_path \ ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" +#================================================= +# RECREATE THE DEDICATED USER +#================================================= +ynh_script_progression --message="Recreating the dedicated system user..." + +# Create the dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" + +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + #================================================= # RESTORE THE APP MAIN DIR #================================================= @@ -84,14 +94,6 @@ elif [ $database -eq 2 ]; then ynh_psql_execute_file_as_root --file="./db.sql" --database="$db_name" fi -#================================================= -# RECREATE THE DEDICATED USER -#================================================= -ynh_print_info "Recreating the dedicated system user..." - -# Create the dedicated user (if not existing) -ynh_system_user_create $app - #================================================= # RESTORE THE PHP-FPM CONFIGURATION #================================================= @@ -125,9 +127,6 @@ ynh_restore_file "/etc/fail2ban/jail.d/$app.conf" ynh_restore_file "/etc/fail2ban/filter.d/$app.conf" ynh_systemd_action --action=restart --service_name=fail2ban -# Make app public -ynh_app_setting_set $app skipped_uris "/" - #================================================= # GENERIC FINALIZATION #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 6c41776..b152aa8 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -24,16 +24,6 @@ last_update=$(grep update_time: /etc/yunohost/apps/$app/settings.yml | cut -c database=$(ynh_app_setting_get --app=$app --key=database) phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) -#================================================= -# ENSURE DOWNWARD COMPATIBILITY -#================================================= - -# If db_name doesn't exist, create it -if [ -z "$db_name" ]; then - db_name=$(ynh_sanitize_dbid --db_name=$app) - ynh_app_setting_set --app=$app --key=db_name --value=$db_name -fi - #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= @@ -49,30 +39,30 @@ ynh_clean_setup () { ynh_abort_if_errors #================================================= -# STANDARD UPGRADE STEPS -#================================================= -# REMOVE APP MAIN DIR +# ENSURE DOWNWARD COMPATIBILITY #================================================= ynh_print_info "Upgrading source files..." -# Create a temporary directory -# tmpdir="$(ynh_smart_mktemp 6000)" -# Backup the config file in the temp dir -# cp -a "$final_path/.htconfig.php" "$tmpdir/.htconfig.php" -# cp -a "$final_path/store" "$tmpdir/store" -# cp -a "$final_path/php.log" "$tmpdir/php.log" - -# Remove the app directory securely -# ynh_secure_remove "$final_path" - # If final_path doesn't exist, create it if [ -z "$final_path" ]; then final_path=/var/www/$app ynh_app_setting_set --app=$app --key=final_path --value=$final_path fi +# If db_name doesn't exist, create it +if [ -z "$db_name" ]; then + db_name=$(ynh_sanitize_dbid --db_name=$app) + ynh_app_setting_set --app=$app --key=db_name --value=$db_name +fi + #================================================= -# STANDARD UPGRADE STEPS +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Making sure dedicated system user exists..." + +# Create a dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -148,9 +138,12 @@ else chmod -R 777 $final_path/store mkdir $final_path/addon ynh_setup_source --dest_dir="$final_path/addon" --source_id="app_addons" - fi +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + #================================================= # NGINX CONFIGURATION #================================================= @@ -159,17 +152,6 @@ ynh_script_progression --message="Upgrading NGINX web server configuration..." # Create a dedicated NGINX config ynh_add_nginx_config -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Making sure dedicated system user exists..." - -# Create a dedicated user (if not existing) -ynh_system_user_create --username=$app - -# Set right permissions for curl install -chown -R $app: $final_path - #================================================= # PHP-FPM CONFIGURATION #================================================= @@ -212,6 +194,7 @@ chmod 644 "/etc/cron.d/$app" # UPGRADE DEPENDENCIES #================================================= ynh_script_progression --message="Upgrading dependencies..." + if [ $database -eq 1 ]; then #================================================= # CHECK VERSION FOR SPECIFIC MYSQL UPDATE @@ -225,13 +208,6 @@ elif [ $database -eq 2 ]; then ynh_install_app_dependencies $pkg_dependencies fi -#================================================= -# SETUP SSOWAT -#================================================= -# As Osada is social network and have its own permission there is no need to keep Osada behind SSO -ynh_script_progression --message="Upgrading SSOwat configuration..." -ynh_app_setting_set --app=$app --key=unprotected_uris --value="/" - #================================================= # RELOAD NGINX #=================================================