diff --git a/README.md b/README.md index 2ac60a5..fe003b6 100644 --- a/README.md +++ b/README.md @@ -1,22 +1,32 @@ + + # Osada for YunoHost -[![Integration level](https://dash.yunohost.org/integration/osada.svg)](https://dash.yunohost.org/appci/app/osada) ![](https://ci-apps.yunohost.org/ci/badges/osada.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/osada.maintain.svg) - - +[![Integration level](https://dash.yunohost.org/integration/osada.svg)](https://dash.yunohost.org/appci/app/osada) ![](https://ci-apps.yunohost.org/ci/badges/osada.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/osada.maintain.svg) [![Install Osada with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=osada) -> *This package allow you to install Osada quickly and simply on a YunoHost server. -If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to know how to install and enjoy it.* +*[Lire ce readme en français.](./README_fr.md)* +> *This package allows you to install Osada quickly and simply on a YunoHost server. +If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/install) to learn how to install it.* + +## Overview ## Overview [Osada](http://zotlabs.com/osada/) uses **Zot6 protocol** which is next version of **zot5 protocol**. Osada has native support for the **ActivityPub protocol** (W3C standard) as well as the more advanced features. It can inter-operate with other social networking applications and projects in either of these spaces, including **Mastodon, Pleroma, Pixelfed, PeerTube, Funkwhale, Zap, Friendica, Hubzilla,** and many more. -**Shipped version:** 21.05.21 +**Shipped version:** 21.05.21~ynh2 + + ## Screenshots -![](http://zotlabs.com/osada/img/comment_on_posts.gif) +![](./doc/screenshots/comment_on_posts.gif) + +## Disclaimers / important information ## This app claims following features: - [X] LDAP integration @@ -37,19 +47,12 @@ If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to - **Failed Database after Upgrade:** Some times databse upgrade fails after version upgrade. You can go to hub eg. `https://osada.example.com/admin/dbsync/` and check the numbers of failled update. These updates will have to be ran manually by **phpMyAdmin**. -#### Supported architectures +## Documentation and resources -* x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/osada%20%28Official%29.svg)](https://ci-apps.yunohost.org/ci/apps/osada/) -* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/osada%20%28Official%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/osada/) - -### Interesting links - -- [YunoHost project](https://yunohost.org) -- [Osada website](http://zotlabs.com/osada/) -- [Osada code on Codeberg](https://codeberg.org/zot/osada) -- [Osada addons on Codeberg](https://codeberg.org/zot/osada-addons) - ---- +* Official app website: http://zotlabs.com/osada/ +* Upstream app code repository: https://codeberg.org/zot/osada +* YunoHost documentation for this app: https://yunohost.org/app_osada +* Report a bug: https://github.com/YunoHost-Apps/osada_ynh/issues ## Developer info @@ -61,3 +64,5 @@ sudo yunohost app install https://github.com/YunoHost-Apps/osada_ynh/tree/testin or sudo yunohost app upgrade osada -u https://github.com/YunoHost-Apps/osada_ynh/tree/testing --debug ``` + +**More info regarding app packaging:** https://yunohost.org/packaging_apps \ No newline at end of file diff --git a/README_fr.md b/README_fr.md new file mode 100644 index 0000000..411cf20 --- /dev/null +++ b/README_fr.md @@ -0,0 +1,64 @@ +# Osada pour YunoHost + +[![Niveau d'intégration](https://dash.yunohost.org/integration/osada.svg)](https://dash.yunohost.org/appci/app/osada) ![](https://ci-apps.yunohost.org/ci/badges/osada.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/osada.maintain.svg) +[![Installer Osada avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=osada) + +*[Read this readme in english.](./README.md)* +*[Lire ce readme en français.](./README_fr.md)* + +> *Ce package vous permet d'installer Osada rapidement et simplement sur un serveur YunoHost. +Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.* + +## Vue d'ensemble + +## Overview +[Osada](http://zotlabs.com/osada/) uses **Zot6 protocol** which is next version of **zot5 protocol**. Osada has native support for the **ActivityPub protocol** (W3C standard) as well as the more advanced features. It can inter-operate with other social networking applications and projects in either of these spaces, including **Mastodon, Pleroma, Pixelfed, PeerTube, Funkwhale, Zap, Friendica, Hubzilla,** and many more. + +**Version incluse :** 21.05.21~ynh2 + + + +## Captures d'écran + +![](./doc/screenshots/comment_on_posts.gif) + +## Avertissements / informations importantes + +## This app claims following features: +- [X] LDAP integration +- [X] Multi-instance +- [X] Adeed php.log in the root folder for debugging PHP, with logrotate applied on it (can be accesssed by **admin->logs** and entering the **php.log**). +- [X] Fail2Ban +- [X] Option to choose between **Mysql** and **PostgreSQL** for the Osada + +## Ldap Admin user rights, logs and failed database updates + +- **For admin rights**: When installation is complete, you will need to visit your new hub's page and login with the **admin account username** which was entered at the time of installation process. You should then be able to create your first channel and have the **admin rights** for the hub. + +- **For normal YunoHost users**: Normal LDAP users can login through LDAP authentication and create there channels. + +- **Failing to get admin rights**: If the admin cannot access the admin settings at `https://osada.example.com/admin` then you have to **manually add 4096** to the **account_roles** under **accounts** for that user in the **database through phpMyAdmin**. + +- **For logs**: Go to **admin->logs** and enter the file name **php.log**. + +- **Failed Database after Upgrade:** Some times databse upgrade fails after version upgrade. You can go to hub eg. `https://osada.example.com/admin/dbsync/` and check the numbers of failled update. These updates will have to be ran manually by **phpMyAdmin**. + +## Documentations et ressources + +* Site officiel de l'app : http://zotlabs.com/osada/ +* Dépôt de code officiel de l'app : https://codeberg.org/zot/osada +* Documentation YunoHost pour cette app : https://yunohost.org/app_osada +* Signaler un bug : https://github.com/YunoHost-Apps/osada_ynh/issues + +## Informations pour les développeurs + +Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/osada_ynh/tree/testing). + +Pour essayer la branche testing, procédez comme suit. +``` +sudo yunohost app install https://github.com/YunoHost-Apps/osada_ynh/tree/testing --debug +ou +sudo yunohost app upgrade osada -u https://github.com/YunoHost-Apps/osada_ynh/tree/testing --debug +``` + +**Plus d'infos sur le packaging d'applications :** https://yunohost.org/packaging_apps \ No newline at end of file diff --git a/check_process b/check_process index 3c46ac3..aa00f58 100755 --- a/check_process +++ b/check_process @@ -1,13 +1,8 @@ -# See here for more information -# https://github.com/YunoHost/package_check#syntax-check_process-file - -# Move this file from check_process.default to check_process when you have filled it. - ;; Test complet ; Manifest - domain="domain.tld" (DOMAIN) - admin="john" (USER) - database="1" (STRING) + domain="domain.tld" + admin="john" + database="1" ; Checks pkg_linter=1 setup_sub_dir=0 @@ -16,11 +11,14 @@ setup_private=0 setup_public=1 upgrade=1 - #upgrade=1 from_commit= + upgrade=1 from_commit=81e4171acaa44520d0f527e6af445f4f33f2bca0 backup_restore=1 multi_instance=1 - port_already_use=0 change_url=0 ;;; Options Email= -Notification= \ No newline at end of file +Notification=none +;;; Upgrade options + ; commit=81e4171acaa44520d0f527e6af445f4f33f2bca0 + name=Merge pull request #9 + manifest_arg=domain=DOMAIN&path=PATH&admin=USER&language=fr&is_public=1&password=pass&port=666& diff --git a/conf/app.src b/conf/app.src index b8c853e..ca6dad1 100755 --- a/conf/app.src +++ b/conf/app.src @@ -1,6 +1,4 @@ -SOURCE_URL=https://codeberg.org/zot/osada/archive/0c22781a2271170d0557881ac58a202148351c64.tar.gz -SOURCE_SUM=0cdd761aac0f1a382f6593868bd66d9919333fda4edeb1f2904d13a01febbeed +SOURCE_URL=https://codeberg.org/zot/osada/archive/88b1be4b340262a946b8e2548617cea3641b0a71.tar.gz +SOURCE_SUM=42f4c004e8d0dd78303aa0118b206be86b67ed9b6ba156c69b1e1e2d109de74b SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz -SOURCE_IN_SUBDIR= -SOURCE_FILENAME= diff --git a/conf/app_addons.src b/conf/app_addons.src index ae6a797..89ce920 100755 --- a/conf/app_addons.src +++ b/conf/app_addons.src @@ -1,6 +1,4 @@ -SOURCE_URL=https://codeberg.org/zot/osada-addons/archive/0518974958ef5dbc81829a523753d4d4605bb0b4.tar.gz -SOURCE_SUM=103591cb295be106d163302a036f5942ba3802db853906defa2186ff599a0a5b +SOURCE_URL=https://codeberg.org/zot/osada-addons/archive/34788e835b87535404aee56d0aece885707565e9.tar.gz +SOURCE_SUM=2b0e268472c3c3c1ce14557fa86a7abd1d533554b541a056cd960291160f1328 SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz -SOURCE_IN_SUBDIR= -SOURCE_FILENAME= diff --git a/conf/htconfig.sample.php b/conf/htconfig.sample.php new file mode 100644 index 0000000..69d2d4b --- /dev/null +++ b/conf/htconfig.sample.php @@ -0,0 +1,103 @@ + /dev/null 2>&1 +*/10 * * * * __APP__ /usr/bin/php__PHPVERSION__ __FINALPATH__/Zotlabs/Daemon/Master.php Cron > /dev/null 2>&1 diff --git a/doc/DESCRIPTION.md b/doc/DESCRIPTION.md new file mode 100644 index 0000000..2e572f0 --- /dev/null +++ b/doc/DESCRIPTION.md @@ -0,0 +1,2 @@ +## Overview +[Osada](http://zotlabs.com/osada/) uses **Zot6 protocol** which is next version of **zot5 protocol**. Osada has native support for the **ActivityPub protocol** (W3C standard) as well as the more advanced features. It can inter-operate with other social networking applications and projects in either of these spaces, including **Mastodon, Pleroma, Pixelfed, PeerTube, Funkwhale, Zap, Friendica, Hubzilla,** and many more. \ No newline at end of file diff --git a/doc/DISCLAIMER.md b/doc/DISCLAIMER.md new file mode 100644 index 0000000..244b4c9 --- /dev/null +++ b/doc/DISCLAIMER.md @@ -0,0 +1,18 @@ +## This app claims following features: +- [X] LDAP integration +- [X] Multi-instance +- [X] Adeed php.log in the root folder for debugging PHP, with logrotate applied on it (can be accesssed by **admin->logs** and entering the **php.log**). +- [X] Fail2Ban +- [X] Option to choose between **Mysql** and **PostgreSQL** for the Osada + +## Ldap Admin user rights, logs and failed database updates + +- **For admin rights**: When installation is complete, you will need to visit your new hub's page and login with the **admin account username** which was entered at the time of installation process. You should then be able to create your first channel and have the **admin rights** for the hub. + +- **For normal YunoHost users**: Normal LDAP users can login through LDAP authentication and create there channels. + +- **Failing to get admin rights**: If the admin cannot access the admin settings at `https://osada.example.com/admin` then you have to **manually add 4096** to the **account_roles** under **accounts** for that user in the **database through phpMyAdmin**. + +- **For logs**: Go to **admin->logs** and enter the file name **php.log**. + +- **Failed Database after Upgrade:** Some times databse upgrade fails after version upgrade. You can go to hub eg. `https://osada.example.com/admin/dbsync/` and check the numbers of failled update. These updates will have to be ran manually by **phpMyAdmin**. diff --git a/doc/screenshots/comment_on_posts.gif b/doc/screenshots/comment_on_posts.gif new file mode 100644 index 0000000..08b64c2 Binary files /dev/null and b/doc/screenshots/comment_on_posts.gif differ diff --git a/manifest.json b/manifest.json index 55eb103..0e91e1d 100755 --- a/manifest.json +++ b/manifest.json @@ -1,45 +1,42 @@ { - "packaging_format": 1, + "name": "Osada", "id": "osada", - "name": "osada", + "packaging_format": 1, "description": { - "en": "Osada is a decentralized publication platform and social network.", - "fr": "Osada est une plateforme de publication décentralisée et un réseau social." + "en": "Decentralized publication platform and social network", + "fr": "Plateforme de publication décentralisée et un réseau social" }, + "version": "21.05.21~ynh2", "url": "http://zotlabs.com/osada/", + "upstream": { + "license": "MIT", + "website": "http://zotlabs.com/osada/", + "code": "https://codeberg.org/zot/osada" + }, "license": "MIT", - "version": "21.05.21~ynh1", "maintainer": { "name": "Anmol Sharma", "email": "" }, "services": [ "nginx", - "php7.0-fpm", + "php7.3-fpm", "mysql", "postgresql" ], "requirements": { - "yunohost": ">= 4.0.0" + "yunohost": ">= 4.2.0" }, "multi_instance": true, "arguments": { "install" : [ { "name": "domain", - "type": "domain", - "ask": { - "en": "Choose a domain for your Osada. Osada must run in the root of this domain. It means no other app can be accessed/run from this domain. We advise to use a dedicated subdomain such as osada.domain.tld", - "fr": "Indiquez un domain pour Osada. Osada doit être installé à la racine du domaine. Cela implique qu'aucune autre app ne pourra être installée ou accessible sur ce domain. Nous conseillons un sous-domaine dédié par exemple osada.domain.tld." - } + "type": "domain" }, { "name": "admin", - "type": "user", - "ask": { - "en": "Choose the Osada administrator (must be an existing YunoHost user)", - "fr": "Choisissez l'administrateur de Osada (doit être un utilisateur YunoHost existant)" - } + "type": "user" }, { "name": "database", diff --git a/scripts/backup b/scripts/backup index 337578d..bcb1aeb 100755 --- a/scripts/backup +++ b/scripts/backup @@ -13,17 +13,14 @@ source /usr/share/yunohost/helpers # MANAGE SCRIPT FAILURE #================================================= -ynh_clean_setup () { - ### Remove this function if there's nothing to clean before calling the remove script. - true -} # Exit if an error occurs during the execution of the script ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading installation settings..." +ynh_print_info --message="Loading installation settings..." + app=$YNH_APP_INSTANCE_NAME final_path=$(ynh_app_setting_get --app=$app --key=final_path) @@ -55,22 +52,6 @@ ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" -#================================================= -# BACKUP OF THE DATABASE -#================================================= - -if [ $database -eq 1 ]; then - # Backup MySQL database - ynh_print_info --message="Backup of the MySQL database..." - ynh_mysql_dump_db --database="$db_name" > db.sql -elif [ $database -eq 2 ]; then - # Backup PostgreSQL database - ynh_print_info --message="Backup of the PostgreSQL database..." - ynh_psql_dump_db --database="$db_name" > db.sql -fi - -#================================================= -# SPECIFIC BACKUP #================================================= # BACKUP LOGROTATE #================================================= @@ -90,6 +71,20 @@ ynh_backup --src_path="/etc/cron.d/$app" ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf" ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf" +#================================================= +# BACKUP OF THE DATABASE +#================================================= + +if [ $database -eq 1 ]; then + # Backup MySQL database + ynh_print_info --message="Backup of the MySQL database..." + ynh_mysql_dump_db --database="$db_name" > db.sql +elif [ $database -eq 2 ]; then + # Backup PostgreSQL database + ynh_print_info --message="Backup of the PostgreSQL database..." + ynh_psql_dump_db --database="$db_name" > db.sql +fi + #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/install b/scripts/install index 2d7bb74..ea3ab9f 100755 --- a/scripts/install +++ b/scripts/install @@ -13,10 +13,6 @@ source /usr/share/yunohost/helpers # MANAGE SCRIPT FAILURE #================================================= -ynh_clean_setup () { - ### Remove this function if there's nothing to clean before calling the remove script. - true -} # Exit if an error occurs during the execution of the script ynh_abort_if_errors @@ -27,9 +23,9 @@ ynh_abort_if_errors domain=$YNH_APP_ARG_DOMAIN path_url="/" admin=$YNH_APP_ARG_ADMIN -email=$(yunohost user info $admin | grep "mail:" | cut -d' ' -f2) +email=$(ynh_user_get_info --username=$admin --key=mail) upload="256M" -random_string="$(ynh_string_random)$(ynh_string_random)$(ynh_string_random)" +random_string="$(ynh_string_random --length=48)" database=`expr $YNH_APP_ARG_DATABASE` app=$YNH_APP_INSTANCE_NAME @@ -50,11 +46,11 @@ ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url #================================================= ynh_script_progression --message="Storing installation settings..." -ynh_app_setting_set --app=$app --key=domain --value=$domain -ynh_app_setting_set --app=$app --key=path --value=$path_url -ynh_app_setting_set --app=$app --key=admin --value=$admin -ynh_app_setting_set --app=$app --key=email --value=$email -ynh_app_setting_set --app=$app --key=upload --value=$upload +ynh_app_setting_set --app=$app --key=domain --value=$domain +ynh_app_setting_set --app=$app --key=path --value=$path_url +ynh_app_setting_set --app=$app --key=admin --value=$admin +ynh_app_setting_set --app=$app --key=email --value=$email +ynh_app_setting_set --app=$app --key=upload --value=$upload ynh_app_setting_set --app=$app --key=database --value=$database ynh_app_setting_set --app=$app --key=random_string --value=$random_string @@ -69,6 +65,14 @@ if [ $database -eq 2 ]; then ynh_install_app_dependencies $pkg_dependencies fi +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Configuring system user..." + +# Create a system user +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -79,7 +83,7 @@ ynh_script_progression --message="Setting up Osada source files..." ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src # ynh_setup_source --dest_dir="$final_path" -git clone https://codeberg.org/zot/osada.git "$final_path" +git clone https://codeberg.org/zot/osada.git "$final_path" --quiet # 2 - Osada Addons @@ -92,7 +96,7 @@ ynh_script_progression --message="Setting up Osada addons source files..." pushd "$final_path" mkdir -p extend/addon/zaddons mkdir addon - git clone https://codeberg.org/zot/osada-addons.git $final_path/extend/addon/zaddons + git clone https://codeberg.org/zot/osada-addons.git $final_path/extend/addon/zaddons --quiet filelist=(`ls extend/addon/zaddons`) cd addon for a in "${filelist[@]}" ; do @@ -114,93 +118,23 @@ pushd "$final_path" ln -s ../extend/addon/zaddons/$base $base done - popd +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" # 3 - Some extra folders ynh_script_progression --message="Creating smarty3 folder for personal data..." -mkdir -p "${final_path}/store" -mkdir -p "${final_path}/cache/smarty3" -chmod -R 777 $final_path/store $final_path/cache - -# Copy the template install/htconfig.sample.php to .htconfig.php -ynh_script_progression --message="Moving .htconfig.php to root of Osada ..." -config="$final_path/.htconfig.php" -cp $final_path/install/htconfig.sample.php $config +mkdir -p "$final_path/store" +mkdir -p "$final_path/cache/smarty3" +chmod -R 775 $final_path/store $final_path/cache # Create php.log inside Osada for logs ynh_script_progression --message="Create php.log for the Osada debuging..." touch "$final_path/php.log" -#================================================= -# CREATE A DATABASE -#================================================= - -if [ $database -eq 1 ]; then - ynh_script_progression --message="Creating a MySQL database..." - db_name=$(ynh_sanitize_dbid --db_name=$app) - db_user=$db_name - ynh_app_setting_set --app=$app --key=db_name --value=$db_name - ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name - ynh_script_progression --message="Importing database..." - ynh_mysql_connect_as --user="$db_name" --password="$db_pwd" --database="$db_name" < $final_path/install/schema_mysql.sql -elif [ $database -eq 2 ]; then - # Create postgresql database - ynh_script_progression --message="Creating a postgresql database..." - ynh_replace_string --match_string="db_type = 0;" --replace_string="db_type = 1;" --target_file="$config" - db_name=$(ynh_sanitize_dbid --db_name=$app) - db_user=$app - ynh_psql_test_if_first_run - ynh_psql_setup_db --db_user=$db_user --db_name=$db_name - ynh_app_setting_set --app=$app --key=db_name --value=$db_name - ynh_script_progression --message="Importing database..." - ynh_psql_connect_as --user="$db_name" --password="$db_pwd" --database="$db_name" < $final_path/install/schema_postgres.sql -else - ynh_die --message="Some problem occured in creating the database, contact maintainer" -fi - -#================================================= -# MODIFY A CONFIG FILE -#================================================= - -phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) -ynh_replace_string --match_string="your.mysqlhost.com" --replace_string="localhost" --target_file="$config" -ynh_replace_string --match_string= "mysqlpassword" --replace_string="$db_pwd" --target_file="$config" -ynh_replace_string --match_string="mysqlusername" --replace_string="$db_name" --target_file="$config" -ynh_replace_string --match_string= "mysqldatabasename" --replace_string="$db_name" --target_file="$config" -ynh_replace_string --match_string= "mysite.example" --replace_string="$domain" --target_file="$config" -ynh_replace_string --match_string= "if the auto install failed, put a unique random string here" --replace_string="$random_string" --target_file="$config" -sed -i "s/\['admin_email'\] = '';/\['admin_email'\] = '$email';/g" "$config" -ynh_replace_string --match_string= "//error_reporting(E_ERROR | E_WARNING | E_PARSE );" --replace_string="error_reporting(E_ERROR | E_WARNING | E_PARSE );" --target_file="$config" -ynh_replace_string --match_string= "//ini_set('error_log','php.out');" --replace_string="ini_set('error_log','php.log');" --target_file="$config" -ynh_replace_string --match_string= "//ini_set('log_errors','1');" --replace_string="ini_set('log_errors','1');" --target_file="$config" -ynh_replace_string --match_string= "//ini_set('display_errors', '0');" --replace_string="ini_set('display_errors', '0');" --target_file="$config" -sed -i "s/\['php_path'\] = 'php';/\['php_path'\] = 'php$phpversion';/g" "$config" - -# addon ldap config -ynh_script_progression --message="Push LDAP configuration to .htconfig.php..." - -cat ../conf/ldap_conf.php >> $final_path/.htconfig.php - -#================================================= -# NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Configuring NGINX web server..." -### `ynh_add_nginx_config` will use the file conf/nginx.conf - -# Create a dedicated NGINX config -ynh_add_nginx_config - -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." - -# Create a system user -ynh_system_user_create --username=$app - #================================================= # PHP-FPM CONFIGURATION #================================================= @@ -208,24 +142,61 @@ ynh_script_progression --message="Configuring PHP-FPM..." # Create a dedicated PHP-FPM config ynh_add_fpm_config --package="$extra_php_dependencies" +phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) -# Set right permissions for Osada -ynh_script_progression --message="Set right for Osada..." -chown -R $app: $final_path +#================================================= +# CREATE A DATABASE VAR +#================================================= + +db_name=$(ynh_sanitize_dbid --db_name=$app) +db_user=$db_name +ynh_app_setting_set --app=$app --key=db_name --value=$db_name + +#================================================= +# CREATE A DATABASE +#================================================= + +if [ $database -eq 1 ]; then + ynh_script_progression --message="Creating a MySQL database..." + ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name + ynh_mysql_connect_as --user="$db_name" --password="$db_pwd" --database="$db_name" < $final_path/install/schema_mysql.sql +elif [ $database -eq 2 ]; then + # Create postgresql database + ynh_script_progression --message="Creating a postgresql database..." + ynh_replace_string --match_string="db_type = 0;" --replace_string="db_type = 1;" --target_file="$final_path/.htconfig.php" + ynh_psql_test_if_first_run + ynh_psql_setup_db --db_user=$db_user --db_name=$db_name + ynh_psql_connect_as --user="$db_name" --password="$db_pwd" --database="$db_name" < $final_path/install/schema_postgres.sql +else + ynh_die --message="Some problem occured in creating the database, contact maintainer" +fi + +#================================================= +# MODIFY A CONFIG FILE +#================================================= +ynh_script_progression --message="Adding a configuration file..." --weight=1 + +ynh_add_config --template="../conf/htconfig.sample.php" --destination="$final_path/.htconfig.php" + +chmod 600 "$final_path/.htconfig.php" +chown $app:$app "$final_path/.htconfig.php" + +#================================================= +# NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Configuring NGINX web server..." + +# Create a dedicated NGINX config +ynh_add_nginx_config + +#================================================= +# SET CRON JOB +#================================================= # Set up cron job -ynh_script_progression --message="Setting up cron job..." -ynh_replace_string --match_string="YNH_WWW_PATH" --replace_string="$final_path" --target_file="../conf/poller-cron" -ynh_replace_string --match_string="__USER__" --replace_string="$app" --target_file="../conf/poller-cron" -ynh_replace_string --match_string="__PHP_VERSION__" --replace_string="$phpversion" --target_file="../conf/poller-cron" -cp ../conf/poller-cron /etc/cron.d/$app - -#================================================= -# STORE THE CONFIG FILE CHECKSUM -#================================================= - -# Calculate and store the config file checksum into the app settings -ynh_store_file_checksum --file="$config" +ynh_add_config --template="../conf/poller-cron" --destination="/etc/cron.d/$app" +chown root: "/etc/cron.d/$app" +chmod 644 "/etc/cron.d/$app" #================================================= # SETUP LOGROTATE @@ -239,14 +210,8 @@ ynh_use_logrotate "$final_path/php.log" # SETUP FAIL2BAN #================================================= ynh_script_progression --message="Add Fail2Ban..." -ynh_add_fail2ban_config --logpath="$final_path/php.log" --failregex="^.*auth\.php.*failed login attempt.*from IP .*$" --max_retry="5" -#================================================= -# SETUP SSOWAT -#================================================= -# As Osada is social network and have its own permission there is no need to keep Osada behind SSO -ynh_script_progression --message="Configuring SSOwat..." -ynh_permission_update --permission="main" --add="visitors" +ynh_add_fail2ban_config --logpath="$final_path/php.log" --failregex="^.*auth\.php.*failed login attempt.*from IP .*$" --max_retry="5" #================================================= # RELOAD NGINX diff --git a/scripts/restore b/scripts/restore index 5f8af87..901001d 100755 --- a/scripts/restore +++ b/scripts/restore @@ -14,10 +14,6 @@ source /usr/share/yunohost/helpers # MANAGE SCRIPT FAILURE #================================================= -ynh_clean_setup () { - #### Remove this function if there's nothing to clean before calling the remove script. - true -} # Exit if an error occurs during the execution of the script ynh_abort_if_errors @@ -42,8 +38,6 @@ phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= ynh_script_progression --message="Validating restoration parameters..." -ynh_webpath_available --domain=$domain --path_url=$path_url \ - || ynh_die --message="Path not available: ${domain}${path_url}" test ! -d $final_path \ || ynh_die --message="There is already a directory: $final_path " @@ -55,6 +49,14 @@ test ! -d $final_path \ ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" +#================================================= +# RECREATE THE DEDICATED USER +#================================================= +ynh_script_progression --message="Recreating the dedicated system user..." + +# Create the dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # RESTORE THE APP MAIN DIR #================================================= @@ -62,6 +64,10 @@ ynh_script_progression --message="Restoring the app main directory..." ynh_restore_file --origin_path="$final_path" +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + #================================================= # RESTORE THE MYSQL DATABASE #================================================= @@ -84,14 +90,6 @@ elif [ $database -eq 2 ]; then ynh_psql_execute_file_as_root --file="./db.sql" --database="$db_name" fi -#================================================= -# RECREATE THE DEDICATED USER -#================================================= -ynh_print_info "Recreating the dedicated system user..." - -# Create the dedicated user (if not existing) -ynh_system_user_create $app - #================================================= # RESTORE THE PHP-FPM CONFIGURATION #================================================= @@ -125,9 +123,6 @@ ynh_restore_file "/etc/fail2ban/jail.d/$app.conf" ynh_restore_file "/etc/fail2ban/filter.d/$app.conf" ynh_systemd_action --action=restart --service_name=fail2ban -# Make app public -ynh_app_setting_set $app skipped_uris "/" - #================================================= # GENERIC FINALIZATION #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 9d03e17..5144837 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -23,16 +23,8 @@ upload=$(ynh_app_setting_get --app=$app --key=upload) last_update=$(grep update_time: /etc/yunohost/apps/$app/settings.yml | cut -c 14-) database=$(ynh_app_setting_get --app=$app --key=database) phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) - -#================================================= -# ENSURE DOWNWARD COMPATIBILITY -#================================================= - -# If db_name doesn't exist, create it -if [ -z "$db_name" ]; then - db_name=$(ynh_sanitize_dbid --db_name=$app) - ynh_app_setting_set --app=$app --key=db_name --value=$db_name -fi +db_name=$(ynh_app_setting_get --app=$app --key=db_name) +db_user=$db_name #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP @@ -55,24 +47,33 @@ ynh_abort_if_errors #================================================= ynh_print_info "Upgrading source files..." -# Create a temporary directory -# tmpdir="$(ynh_smart_mktemp 6000)" -# Backup the config file in the temp dir -# cp -a "$final_path/.htconfig.php" "$tmpdir/.htconfig.php" -# cp -a "$final_path/store" "$tmpdir/store" -# cp -a "$final_path/php.log" "$tmpdir/php.log" - -# Remove the app directory securely -# ynh_secure_remove "$final_path" - # If final_path doesn't exist, create it if [ -z "$final_path" ]; then final_path=/var/www/$app ynh_app_setting_set --app=$app --key=final_path --value=$final_path fi +# If db_name doesn't exist, create it +if [ -z "$db_name" ]; then + db_name=$(ynh_sanitize_dbid --db_name=$app) + ynh_app_setting_set --app=$app --key=db_name --value=$db_name +fi + +if ynh_legacy_permissions_exists +then + ynh_legacy_permissions_delete_all + + ynh_app_setting_delete --app=$app --key=is_public +fi + #================================================= -# STANDARD UPGRADE STEPS +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Making sure dedicated system user exists..." + +# Create a dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -85,7 +86,7 @@ ynh_setup_source --dest_dir="$final_path" # cp -a "$tmpdir/.htconfig.php" "${final_path}" # cp -a "$tmpdir/php.log" "${final_path}" # ynh_secure_remove "$tmpdir" -# chmod -R 777 $final_path/store +# chmod -R 775 $final_path/store # mkdir $final_path/addon # ynh_setup_source --dest_dir="$final_path/addon" --source_id="app_addons" @@ -123,7 +124,7 @@ if [ `cd $final_path && git rev-parse --is-inside-work-tree` ]; then fi; done popd - chmod -R 777 $final_path/store + chmod -R 775 $final_path/store else # Create a temporary directory @@ -145,12 +146,15 @@ else cp -a "$tmpdir/.htconfig.php" "${final_path}" cp -a "$tmpdir/php.log" "${final_path}" ynh_secure_remove --file="$tmpdir" - chmod -R 777 $final_path/store + chmod -R 775 $final_path/store mkdir $final_path/addon ynh_setup_source --dest_dir="$final_path/addon" --source_id="app_addons" - fi +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + #================================================= # NGINX CONFIGURATION #================================================= @@ -159,17 +163,6 @@ ynh_script_progression --message="Upgrading NGINX web server configuration..." # Create a dedicated NGINX config ynh_add_nginx_config -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Making sure dedicated system user exists..." - -# Create a dedicated user (if not existing) -ynh_system_user_create --username=$app - -# Set right permissions for curl install -chown -R $app: $final_path - #================================================= # PHP-FPM CONFIGURATION #================================================= @@ -192,28 +185,28 @@ ynh_script_progression --message="Upgrading logrotate configuration..." # Use logrotate to manage app-specific logfile(s) ynh_use_logrotate --non-append +#================================================= # UPGRADE FAIL2BAN #================================================= ynh_script_progression --message="Re-configure Fail2Ban..." ynh_add_fail2ban_config --logpath="$final_path/php.log" --failregex="^.*auth\.php.*failed login attempt.*from IP .*$" --max_retry="5" -# Set cron job -ynh_print_info "Setting up cron job..." -ynh_replace_string --match_string="YNH_WWW_PATH" --replace_string="$final_path" --target_file="../conf/poller-cron" -ynh_replace_string --match_string="__USER__" --replace_string="$app" --target_file="../conf/poller-cron" -ynh_replace_string --match_string="__PHP_VERSION__" --replace_string="$phpversion" --target_file="../conf/poller-cron" -cp -f ../conf/poller-cron /etc/cron.d/$app +#================================================= +# UPGRADE CRON JOB +#================================================= + +# Set up cron job +ynh_add_config --template="../conf/poller-cron" --destination="/etc/cron.d/$app" +chown root: "/etc/cron.d/$app" +chmod 644 "/etc/cron.d/$app" #================================================= # UPGRADE DEPENDENCIES #================================================= ynh_script_progression --message="Upgrading dependencies..." -if [ $database -eq 1 ]; then - #================================================= - # CHECK VERSION FOR SPECIFIC MYSQL UPDATE - #================================================= +if [ $database -eq 1 ]; then # Check version and if this version was a fresh install push mysql query db_name=$(ynh_app_setting_get --app=$app --key=db_name) db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) @@ -222,13 +215,6 @@ elif [ $database -eq 2 ]; then ynh_install_app_dependencies $pkg_dependencies fi -#================================================= -# SETUP SSOWAT -#================================================= -# As Osada is social network and have its own permission there is no need to keep Osada behind SSO -ynh_script_progression --message="Upgrading SSOwat configuration..." -ynh_app_setting_set --app=$app --key=unprotected_uris --value="/" - #================================================= # RELOAD NGINX #=================================================