fix permission

2024-09-03 19:56:38 +02:00 · 2024-01-30 16:37:46 +01:00 · 2024-01-30 16:37:46 +01:00 · 701094e25b
commit 701094e25b
parent bbc3f1a0ea
5 changed files with 87 additions and 119 deletions
--- a/conf/setup_database.py
+++ b/conf/setup_database.py
@ -0,0 +1,55 @@
+#!/usr/bin/python
+
+from importlib.machinery import SourceFileLoader
+import sqlite3
+import sys
+
+# Import crypto from pgadmin project __PYTHON_VERSION__
+python_version = str(sys.version_info[0]) + "." + str(sys.version_info[1])
+crypto = SourceFileLoader('crypto', '/var/www/pgadmin/venv/lib/python' +
+                          python_version + '/site-packages/pgadmin4/pgadmin/utils/crypto.py').load_module()
+
+# Get arguments
+username = sys.argv[1]
+password = sys.argv[2]
+
+# Connect to sqlite3
+conn = sqlite3.connect('/var/lib/pgadmin/pgadmin4.db')
+
+# Get encrypte user password from the database
+cursor = conn.execute('SELECT `password`,1 FROM `user`')
+user_encrypted_password = cursor.fetchone()[0]
+
+# Encrypt database password
+crypted_password = crypto.encrypt(password, user_encrypted_password)
+
+# Declare database data to put in database
+data = {'id': 1, 'user_id': 1, 'servergroup_id': 1, 'name': 'Yunohost Server', 'host': 'localhost', 'port': 5432, 'maintenance_db': 'postgres',
+        'username': username, 'comment': '', 'password': crypted_password, 'role': '', 'discovery_id': '',
+        'db_res': '', 'bgcolor': '', 'fgcolor': '', 'service': '',
+        'use_ssh_tunnel': '', 'tunnel_host': '', 'tunnel_port': 22, 'tunnel_username': '', 'tunnel_authentication': '', 'tunnel_identity_file': '', 'tunnel_password': '',
+        'save_password': 1, 'shared': '', 'kerberos_conn': 0, 'cloud_status': 0, 'passexec_cmd': '', 'passexec_expiration': '',
+        'connection_params': '''{"sslmode": "prefer", "connect_timeout": 10, "sslcert": "<STORAGE_DIR>/.postgresql/postgresql.crt", "sslkey": "<STORAGE_DIR>/.postgresql/postgresql.key"}'''}
+
+# Insert new data in database
+cursor = conn.cursor()
+cursor.execute('''
+    INSERT INTO `server` (
+        `id`,`user_id`,`servergroup_id`,`name`,`host`,`port`,`maintenance_db`,
+        `username`,`comment`,`password`,`role`,`discovery_id`,
+        `db_res`,`bgcolor`,`fgcolor`,`service`,
+        `use_ssh_tunnel`,`tunnel_host`,`tunnel_port`,`tunnel_username`,`tunnel_authentication`,`tunnel_identity_file`,`tunnel_password`,
+        `save_password`,`shared`,`kerberos_conn`,`cloud_status`,`passexec_cmd`,`passexec_expiration`,
+        `connection_params`
+    ) VALUES (
+        :id,:user_id,:servergroup_id,:name,:host,:port,:maintenance_db,
+        :username,:comment,:password,:role,:discovery_id,
+        :db_res,:bgcolor,:fgcolor,:service,
+        :use_ssh_tunnel,:tunnel_host,:tunnel_port,:tunnel_username,:tunnel_authentication,:tunnel_identity_file,:tunnel_password,
+        :save_password,:shared,:kerberos_conn,:cloud_status,:passexec_cmd,:passexec_expiration,
+        :connection_params
+        );''', data)
+conn.commit()
+
+# Close connection
+conn.close()
--- a/scripts/backup
+++ b/scripts/backup
@ -11,26 +11,6 @@ source ../settings/scripts/experimental_helper.sh
 source ../settings/scripts/_common.sh
 source /usr/share/yunohost/helpers

-#=================================================
-# MANAGE SCRIPT FAILURE
-#=================================================
-
-#REMOVEME? ynh_clean_setup () {
-	true
-}
-# Exit if an error occurs during the execution of the script
-#REMOVEME? ynh_abort_if_errors
-
-#=================================================
-# LOAD SETTINGS
-#=================================================
-#REMOVEME? ynh_print_info --message="Loading installation settings..."
-
-#REMOVEME? app=$YNH_APP_INSTANCE_NAME
-
-#REMOVEME? #REMOVEME? install_dir=$(ynh_app_setting_get --app=$app --key=install_dir)
-#REMOVEME? domain=$(ynh_app_setting_get --app=$app --key=domain)
-
 #=================================================
 # DECLARE DATA AND CONF FILES TO BACKUP
 #=================================================
@ -43,25 +23,19 @@ ynh_print_info --message="Declaring files to be backed up..."
 ynh_backup --src_path="$install_dir"

 #=================================================
-# BACKUP THE NGINX CONFIGURATION
+# SYSTEM CONFIGURATION
 #=================================================

 ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"

-#=================================================
-# SPECIFIC BACKUP
-#=================================================
-# BACKUP LOGROTATE
-#=================================================
-
 ynh_backup --src_path="/etc/logrotate.d/$app"

+ynh_backup --src_path="/etc/uwsgi/apps-available/$app.ini"
+
 #=================================================
 # BACKUP VARIOUS FILES
 #=================================================

-ynh_backup --src_path="/etc/uwsgi/apps-available/$app.ini"
-
 ynh_backup --src_path="/var/lib/pgadmin"

 #=================================================
--- a/scripts/install
+++ b/scripts/install
@ -36,6 +36,7 @@ ynh_add_config --template="config_local.py" --destination="$install_dir/venv/lib
 ynh_script_progression --message="Configuring $app..."

 ynh_add_config --template="setup.exp" --destination="$install_dir/setup.exp"
+chmod +x "$install_dir/setup.exp"
 "$install_dir/setup.exp" "$install_dir/venv/bin/python3" "$install_dir/venv/lib/python$python_version/site-packages/pgadmin4/setup.py" "$email"

 #=================================================
@ -46,6 +47,7 @@ ynh_psql_execute_as_root --sql "CREATE USER $db_user WITH PASSWORD '$db_pwd' SUP

 # Add Server In PGadmin database
 ynh_add_config --template="setup_database.py" --destination "$install_dir/setup_database.py"
+chmod +x "$install_dir/setup_database.py"
 "$install_dir/venv/bin/python3" "$install_dir/setup_database.py" "$db_user" "$db_pwd"

 # Set permission after initialisation
--- a/scripts/remove
+++ b/scripts/remove
@ -11,19 +11,9 @@ source _common.sh
 source /usr/share/yunohost/helpers

 #=================================================
-# LOAD SETTINGS
-#=================================================
-#REMOVEME? ynh_script_progression --message="Loading installation settings..."
-
-#REMOVEME? app=$YNH_APP_INSTANCE_NAME
-
-#REMOVEME? domain=$(ynh_app_setting_get --app=$app --key=domain)
-#REMOVEME? db_user=$(ynh_app_setting_get --app=$app --key=db_user)
-#REMOVEME? #REMOVEME? install_dir=$(ynh_app_setting_get --app=$app --key=install_dir)
-
-#=================================================
-# STANDARD REMOVE
+# REMOVE SYSTEM CONFIGURATIONS
 #=================================================
+ynh_script_progression --message="Removing system configurations related to $app..." --weight=1

 # Stop service
 ynh_systemd_action --service_name "uwsgi-app@$app.service" --action stop
@ -31,44 +21,18 @@ ynh_systemd_action --service_name "uwsgi-app@$app.service" --action stop
 # Remove uwsgi config
 ynh_remove_uwsgi_service

-#=================================================
-# REMOVE LOGROTATE CONFIGURATION
-#=================================================
-ynh_script_progression --message="Removing logrotate configuration..."
-
 # Remove the app-specific logrotate config
 ynh_remove_logrotate

-#=================================================
-# REMOVE DB_USER
-#=================================================
-#REMOVEME? ynh_script_progression --message="Cleaning the PostgreSQL database..."
-
-ynh_psql_drop_user $db_user
-
-#=================================================
-# REMOVE APP MAIN DIR
-#=================================================
-#REMOVEME? ynh_script_progression --message="Removing app main directory..." --weight=4
-
-# Remove the app directory securely
-#REMOVEME? ynh_secure_remove --file="$install_dir"
-
-#=================================================
-# REMOVE NGINX CONFIGURATION
-#=================================================
-ynh_script_progression --message="Removing NGINX web server configuration..."
-
 # Remove the dedicated NGINX config
 ynh_remove_nginx_config

 #=================================================
-# REMOVE DEPENDENCIES
+# CONFIGURE POSTGRESQL
 #=================================================
-#REMOVEME? ynh_script_progression --message="Removing dependencies..." --weight=10
+ynh_script_progression --message="Removing the Postgresql superuser..."

-# Remove metapackage and its dependencies
-#REMOVEME? ynh_remove_app_dependencies || true
+ynh_psql_drop_user "$db_user"

 #=================================================
 # SPECIFIC REMOVE
@ -83,15 +47,8 @@ ynh_secure_remove --file="/var/lib/$app"
 # Remove the log files
 ynh_secure_remove --file="/var/log/$app"

-#=================================================
-# GENERIC FINALIZATION
-#=================================================
-# REMOVE DEDICATED USER
-#=================================================
-#REMOVEME? ynh_script_progression --message="Removing the dedicated system user..."
-
-# Delete a system user
-#REMOVEME? ynh_system_user_delete --username=$app
+# Remove the log files
+ynh_secure_remove --file="/var/log/uwsgi/$app"

 #=================================================
 # END OF SCRIPT
--- a/scripts/restore
+++ b/scripts/restore
@ -12,31 +12,16 @@ source ../settings/scripts/_common.sh
 source /usr/share/yunohost/helpers

 #=================================================
-# MANAGE SCRIPT FAILURE
+# RESTORE THE APP MAIN DIR
 #=================================================
+ynh_script_progression --message="Restoring the app main directory..." --weight=1

-#REMOVEME? ynh_clean_setup () {
-	ynh_clean_check_starting
-}
-# Exit if an error occurs during the execution of the script
-#REMOVEME? ynh_abort_if_errors
+ynh_restore_file --origin_path="$install_dir"

-#=================================================
-# LOAD SETTINGS
-#=================================================
-#REMOVEME? ynh_script_progression --message="Loading installation settings..."
-
-#REMOVEME? app=$YNH_APP_INSTANCE_NAME
-
-#REMOVEME? domain=$(ynh_app_setting_get --app=$app --key=domain)
-#REMOVEME? path=$(ynh_app_setting_get --app=$app --key=path)
-#REMOVEME? admin=$(ynh_app_setting_get --app=$app --key=admin)
-#REMOVEME? #REMOVEME? install_dir=$(ynh_app_setting_get --app=$app --key=install_dir)
-#REMOVEME? db_user=$(ynh_app_setting_get --app=$app --key=db_user)
-#REMOVEME? db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd)
-
-app_version=$(ynh_app_upstream_version)
-app_sub_version=$(echo $app_version | cut -d'-' -f2)
+### $install_dir will automatically be initialized with some decent
+### permissions by default ... however, you may need to recursively reapply
+### ownership to all files such as after the ynh_setup_source step
+chown -R "$app:www-data" "$install_dir"


 #=================================================
@ -46,22 +31,13 @@ app_sub_version=$(echo $app_version | cut -d'-' -f2)
 #=================================================
 ynh_script_progression --message="Restoring the NGINX web server configuration..."

-ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"

 #=================================================
-# RECREATE THE DEDICATED USER
+# RESTORE THE POSTGRESQL SUPERUSER
 #=================================================
-#REMOVEME? ynh_script_progression --message="Recreating the dedicated system user..."
+ynh_script_progression --message="Restoring the Postgresql superuser..." --weight=1

-# Create the dedicated user (if not existing)
-#REMOVEME? ynh_system_user_create --username=$app --home_dir=$install_dir
-
-#=================================================
-# RESTORE THE APP MAIN DIR
-#=================================================
-ynh_script_progression --message="Restoring the app main directory..." --weight=5
-
-ynh_restore_file --origin_path="$install_dir"
+ynh_psql_execute_as_root --sql "CREATE USER ${db_user} WITH PASSWORD '${db_pwd}' SUPERUSER CREATEDB CREATEROLE REPLICATION"

 #=================================================
 # SPECIFIC RESTORATION
@ -77,17 +53,22 @@ ynh_restore_file --origin_path="$install_dir"
 # If not upgrade the source
 install_source

-# POPULATE THE DATABASE
-ynh_script_progression --message="Reconfiguring Postgresql database..."
-#REMOVEME? ynh_psql_test_if_first_run
-ynh_psql_execute_as_root --sql "CREATE USER ${db_user} WITH PASSWORD '${db_pwd}' SUPERUSER CREATEDB CREATEROLE REPLICATION"
+#=================================================
+# RESTORE SYSTEM CONFIGURATIONS
+#=================================================
+ynh_script_progression --message="Restoring system configurations related to $app..." --weight=1
+
+ynh_restore_file --origin_path="/etc/logrotate.d/$app"
+
+ynh_restore_file --origin_path="/etc/uwsgi/apps-available/$app.ini"
+
+ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"

 #=================================================
 # RESTORE VARIOUS FILES
 #=================================================
 ynh_script_progression --message="Restoring various files..."

-ynh_restore_file --origin_path="/etc/uwsgi/apps-available/$app.ini"
 ynh_restore_file --origin_path="/var/lib/pgadmin"

 # Restore systemd configuration
@ -103,7 +84,6 @@ set_permission
 #=================================================
 ynh_script_progression --message="Restoring the logrotate configuration..."

-ynh_restore_file --origin_path="/etc/logrotate.d/$app"

 #=================================================
 # START SYSTEMD SERVICE