mirror of
https://github.com/YunoHost-Apps/phpmyadmin_ynh.git
synced 2024-09-03 19:56:46 +02:00
Éric Gaspar
GitHub
parent
840c860961
commit
ba80089c71
6 changed files with 65 additions and 129 deletions
|
|
@ -28,8 +28,8 @@ $i = 0;
|
|||
$i++;
|
||||
/* Authentication type */
|
||||
$cfg['Servers'][$i]['auth_type'] = 'config';
|
||||
$cfg['Servers'][$i]['user'] = '__YNH_PMA_ADMIN_USER__';
|
||||
$cfg['Servers'][$i]['password'] = '__YNH_PMA_ADMIN_PASSWORD__';
|
||||
$cfg['Servers'][$i]['user'] = '__DB_ADMIN_USER__';
|
||||
$cfg['Servers'][$i]['password'] = '__DB_ADMIN_PWD__';
|
||||
/* Server parameters */
|
||||
/*
|
||||
$cfg['Servers'][$i]['host'] = 'localhost';
|
||||
|
|
@ -49,11 +49,11 @@ $cfg['Servers'][$i]['AllowNoPassword'] = false;
|
|||
/* User used to manipulate with storage */
|
||||
// $cfg['Servers'][$i]['controlhost'] = '';
|
||||
// $cfg['Servers'][$i]['controlport'] = '';
|
||||
$cfg['Servers'][$i]['controluser'] = '__YNH_PMA_USER__';
|
||||
$cfg['Servers'][$i]['controlpass'] = '__YNH_PMA_PASSWORD__';
|
||||
$cfg['Servers'][$i]['controluser'] = '__DB_USER__';
|
||||
$cfg['Servers'][$i]['controlpass'] = '__DB_PWD__';
|
||||
|
||||
/* Storage database and tables */
|
||||
$cfg['Servers'][$i]['pmadb'] = '__YNH_PMA_USER__';
|
||||
$cfg['Servers'][$i]['pmadb'] = '__DB_USER__';
|
||||
$cfg['Servers'][$i]['bookmarktable'] = 'pma__bookmark';
|
||||
$cfg['Servers'][$i]['relation'] = 'pma__relation';
|
||||
$cfg['Servers'][$i]['table_info'] = 'pma__table_info';
|
||||
|
|
|
|||
|
|
@ -14,14 +14,14 @@
|
|||
|
||||
-- --------------------------------------------------------
|
||||
|
||||
DROP DATABASE `__YNH_PMA_USER__`;
|
||||
DROP DATABASE `__DB_USER__`;
|
||||
|
||||
--
|
||||
-- Database : `__YNH_PMA_USER__`
|
||||
-- Database : `__DB_USER__`
|
||||
--
|
||||
CREATE DATABASE IF NOT EXISTS `__YNH_PMA_USER__`
|
||||
CREATE DATABASE IF NOT EXISTS `__DB_USER__`
|
||||
DEFAULT CHARACTER SET utf8 COLLATE utf8_bin;
|
||||
USE __YNH_PMA_USER__;
|
||||
USE __DB_USER__;
|
||||
|
||||
GRANT SELECT, INSERT, DELETE, UPDATE ON `__YNH_PMA_USER__`.* TO
|
||||
'__YNH_PMA_USER__'@localhost;
|
||||
GRANT SELECT, INSERT, DELETE, UPDATE ON `__DB_USER__`.* TO
|
||||
'__DB_USER__'@localhost;
|
||||
|
|
|
|||
|
|
@ -8,58 +8,16 @@ YNH_PHP_VERSION="7.3"
|
|||
|
||||
extra_php_dependencies="php${YNH_PHP_VERSION}-xml php${YNH_PHP_VERSION}-curl php${YNH_PHP_VERSION}-zip php${YNH_PHP_VERSION}-mysql php${YNH_PHP_VERSION}-mbstring"
|
||||
|
||||
YNH_COMPOSER_VERSION=2.0.14
|
||||
|
||||
#=================================================
|
||||
# PERSONAL HELPERS
|
||||
#=================================================
|
||||
|
||||
#=================================================
|
||||
# EXPERIMENTAL HELPERS
|
||||
#=================================================
|
||||
|
||||
# Execute a command with Composer
|
||||
#
|
||||
# usage: ynh_composer_exec [--phpversion=phpversion] [--workdir=$final_path] --commands="commands"
|
||||
# | arg: -v, --phpversion - PHP version to use with composer
|
||||
# | arg: -w, --workdir - The directory from where the command will be executed. Default $final_path.
|
||||
# | arg: -c, --commands - Commands to execute.
|
||||
ynh_composer_exec () {
|
||||
# Declare an array to define the options of this helper.
|
||||
local legacy_args=vwc
|
||||
declare -Ar args_array=( [v]=phpversion= [w]=workdir= [c]=commands= )
|
||||
local phpversion
|
||||
local workdir
|
||||
local commands
|
||||
# Manage arguments with getopts
|
||||
ynh_handle_getopts_args "$@"
|
||||
workdir="${workdir:-$final_path}"
|
||||
phpversion="${phpversion:-$YNH_PHP_VERSION}"
|
||||
|
||||
COMPOSER_HOME="$workdir/.composer" \
|
||||
php${phpversion} "$workdir/composer.phar" $commands \
|
||||
-d "$workdir" --quiet --no-interaction
|
||||
}
|
||||
|
||||
# Install and initialize Composer in the given directory
|
||||
#
|
||||
# usage: ynh_install_composer [--phpversion=phpversion] [--workdir=$final_path] [--install_args="--optimize-autoloader"]
|
||||
# | arg: -v, --phpversion - PHP version to use with composer
|
||||
# | arg: -w, --workdir - The directory from where the command will be executed. Default $final_path.
|
||||
# | arg: -a, --install_args - Additional arguments provided to the composer install. Argument --no-dev already include
|
||||
ynh_install_composer () {
|
||||
# Declare an array to define the options of this helper.
|
||||
local legacy_args=vwa
|
||||
declare -Ar args_array=( [v]=phpversion= [w]=workdir= [a]=install_args=)
|
||||
local phpversion
|
||||
local workdir
|
||||
local install_args
|
||||
# Manage arguments with getopts
|
||||
ynh_handle_getopts_args "$@"
|
||||
workdir="${workdir:-$final_path}"
|
||||
phpversion="${phpversion:-$YNH_PHP_VERSION}"
|
||||
install_args="${install_args:-}"
|
||||
|
||||
curl -sS https://getcomposer.org/installer \
|
||||
| COMPOSER_HOME="$workdir/.composer" \
|
||||
php${phpversion} -- --quiet --install-dir="$workdir" \
|
||||
|| ynh_die "Unable to install Composer."
|
||||
|
||||
# update dependencies to create composer.lock
|
||||
ynh_composer_exec --phpversion="${phpversion}" --workdir="$workdir" --commands="install --no-dev $install_args" \
|
||||
|| ynh_die "Unable to update core dependencies with Composer."
|
||||
}
|
||||
#=================================================
|
||||
# FUTURE OFFICIAL HELPERS
|
||||
#=================================================
|
||||
|
|
|
|||
|
|
@ -54,6 +54,7 @@ ynh_app_setting_set --app=$app --key=admin --value=$admin
|
|||
ynh_script_progression --message="Creating a MySQL database..."
|
||||
|
||||
db_name=$(ynh_sanitize_dbid --db_name=$app)
|
||||
db_user=$db_name
|
||||
ynh_app_setting_set --app=$app --key=db_name --value=$db_name
|
||||
ynh_mysql_setup_db --db_user=$db_name --db_name=$db_name
|
||||
|
||||
|
|
@ -70,6 +71,14 @@ then
|
|||
FLUSH PRIVILEGES;" --database=mysql
|
||||
fi
|
||||
|
||||
#=================================================
|
||||
# CREATE DEDICATED USER
|
||||
#=================================================
|
||||
ynh_script_progression --message="Configuring system user..." --weight=3
|
||||
|
||||
# Create a system user
|
||||
ynh_system_user_create --username=$app --home_dir="$final_path"
|
||||
|
||||
#=================================================
|
||||
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
||||
#=================================================
|
||||
|
|
@ -79,6 +88,10 @@ ynh_app_setting_set --app=$app --key=final_path --value=$final_path
|
|||
# Download, check integrity, uncompress and patch the source from app.src
|
||||
ynh_setup_source --dest_dir="$final_path"
|
||||
|
||||
chmod 750 "$final_path"
|
||||
chmod -R o-rwx "$final_path"
|
||||
chown -R $app:www-data "$final_path"
|
||||
|
||||
#=================================================
|
||||
# NGINX CONFIGURATION
|
||||
#=================================================
|
||||
|
|
@ -87,14 +100,6 @@ ynh_script_progression --message="Configuring NGINX web server..." --weight=3
|
|||
# Create a dedicated NGINX config
|
||||
ynh_add_nginx_config
|
||||
|
||||
#=================================================
|
||||
# CREATE DEDICATED USER
|
||||
#=================================================
|
||||
ynh_script_progression --message="Configuring system user..." --weight=3
|
||||
|
||||
# Create a system user
|
||||
ynh_system_user_create --username=$app
|
||||
|
||||
#=================================================
|
||||
# PHP-FPM CONFIGURATION
|
||||
#=================================================
|
||||
|
|
@ -110,7 +115,7 @@ ynh_add_fpm_config --package="$extra_php_dependencies"
|
|||
#=================================================
|
||||
ynh_script_progression --message="Filling database..." --weight=3
|
||||
|
||||
ynh_replace_string --match_string="__YNH_PMA_USER__" --replace_string="$db_name" --target_file=../conf/create_db.sql
|
||||
ynh_replace_string --match_string="__DB_USER__" --replace_string="$db_name" --target_file=../conf/create_db.sql
|
||||
ynh_mysql_connect_as --user="$db_name" --password="$db_pwd" --database="$db_name" \
|
||||
< ../conf/create_db.sql
|
||||
ynh_replace_string --match_string="phpmyadmin" --replace_string="$db_name" --target_file=$final_path/sql/create_tables.sql
|
||||
|
|
@ -122,15 +127,10 @@ ynh_mysql_connect_as --user="$db_name" --password="$db_pwd" --database="$db_name
|
|||
#=================================================
|
||||
ynh_script_progression --message="Configuring phpMyAdmin..."
|
||||
|
||||
ynh_replace_string --match_string="__YNH_PMA_ADMIN_USER__" --replace_string="$db_admin_user" --target_file=../conf/config.inc.php
|
||||
ynh_replace_string --match_string="__YNH_PMA_ADMIN_PASSWORD__" --replace_string="$db_admin_pwd" --target_file=../conf/config.inc.php
|
||||
ynh_replace_string --match_string="__YNH_PMA_USER__" --replace_string="$db_name" --target_file=../conf/config.inc.php
|
||||
ynh_replace_string --match_string="__YNH_PMA_PASSWORD__" --replace_string="$db_pwd" --target_file=../conf/config.inc.php
|
||||
|
||||
cp ../conf/config.inc.php $final_path
|
||||
|
||||
# Calculate and store the config file checksum into the app settings
|
||||
ynh_store_file_checksum --file="$final_path/config.inc.php"
|
||||
ynh_add_config --template="../conf/config.inc.php" --destination="$final_path/config.inc.php"
|
||||
# config.inc.php contains sensitive data, restrict its access
|
||||
chown $app: $final_path/config.inc.php
|
||||
chmod 640 $final_path/config.inc.php
|
||||
|
||||
#=================================================
|
||||
# INSTALL DEPENDENCIES WITH COMPOSER
|
||||
|
|
@ -150,11 +150,6 @@ ynh_composer_exec --commands="update --no-dev"
|
|||
# SECURE FILES AND DIRECTORIES
|
||||
#=================================================
|
||||
|
||||
# Set permissions to app files
|
||||
chown -R root: $final_path
|
||||
# config.inc.php contains sensitive data, restrict its access
|
||||
chown root:$app $final_path/config.inc.php
|
||||
chmod 640 $final_path/config.inc.php
|
||||
# Setup phpMyAdmin temporary folder
|
||||
mkdir -p $final_path/tmp
|
||||
chown $app: $final_path/tmp
|
||||
|
|
@ -165,7 +160,7 @@ chown $app: $final_path/tmp
|
|||
ynh_script_progression --message="Configuring permissions..." --weight=3
|
||||
|
||||
# Restrict access to admin only
|
||||
ynh_permission_update --permission="main" --add=$admin --remove="all_users"
|
||||
ynh_permission_update --permission="main" --remove="all_users" --add=$admin
|
||||
|
||||
#=================================================
|
||||
# RELOAD NGINX
|
||||
|
|
|
|||
|
|
@ -47,6 +47,14 @@ test ! -d $final_path \
|
|||
|
||||
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
|
||||
|
||||
#=================================================
|
||||
# RECREATE THE DEDICATED USER
|
||||
#=================================================
|
||||
ynh_script_progression --message="Recreating the dedicated system user..." --weight=2
|
||||
|
||||
# Create the dedicated user (if not existing)
|
||||
ynh_system_user_create --username=$app --home_dir="$final_path"
|
||||
|
||||
#=================================================
|
||||
# RESTORE THE APP MAIN DIR
|
||||
#=================================================
|
||||
|
|
@ -54,6 +62,10 @@ ynh_script_progression --message="Restoring phpMyAdmin main directory..."
|
|||
|
||||
ynh_restore_file --origin_path="$final_path"
|
||||
|
||||
chmod 750 "$final_path"
|
||||
chmod -R o-rwx "$final_path"
|
||||
chown -R $app:www-data "$final_path"
|
||||
|
||||
#=================================================
|
||||
# RESTORE THE MYSQL DATABASE
|
||||
#=================================================
|
||||
|
|
@ -74,21 +86,10 @@ then
|
|||
FLUSH PRIVILEGES;" --database=mysql
|
||||
fi
|
||||
|
||||
#=================================================
|
||||
# RECREATE THE DEDICATED USER
|
||||
#=================================================
|
||||
ynh_script_progression --message="Recreating the dedicated system user..." --weight=2
|
||||
|
||||
# Create the dedicated user (if not existing)
|
||||
ynh_system_user_create --username=$app
|
||||
|
||||
#=================================================
|
||||
# RESTORE USER RIGHTS
|
||||
#=================================================
|
||||
|
||||
# config.inc.php contains sensitive data, restrict its access
|
||||
chown root:$app $final_path/config.inc.php
|
||||
|
||||
chown $app: $final_path/tmp
|
||||
|
||||
#=================================================
|
||||
|
|
|
|||
|
|
@ -21,6 +21,7 @@ path_url=$(ynh_app_setting_get --app=$app --key=path)
|
|||
admin=$(ynh_app_setting_get --app=$app --key=admin)
|
||||
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
|
||||
db_user=$db_name
|
||||
db_admin_user=$(ynh_app_setting_get --app=$app --key=db_admin_user)
|
||||
db_admin_pwd=$(ynh_app_setting_get --app=$app --key=db_admin_pwd)
|
||||
|
||||
|
|
@ -90,6 +91,14 @@ ynh_clean_setup () {
|
|||
# Exit if an error occurs during the execution of the script
|
||||
ynh_abort_if_errors
|
||||
|
||||
#=================================================
|
||||
# CREATE DEDICATED USER
|
||||
#=================================================
|
||||
ynh_script_progression --message="Making sure dedicated system user exists..."
|
||||
|
||||
# Create a dedicated user (if not existing)
|
||||
ynh_system_user_create --username=$app --home_dir="$final_path"
|
||||
|
||||
#=================================================
|
||||
# STANDARD UPGRADE STEPS
|
||||
#=================================================
|
||||
|
|
@ -101,9 +110,13 @@ then
|
|||
ynh_script_progression --message="Upgrading source files..." --weight=5
|
||||
|
||||
# Download, check integrity, uncompress and patch the source from app.src
|
||||
ynh_setup_source --dest_dir="$final_path"
|
||||
ynh_setup_source --dest_dir="$final_path" --keep="$final_path/config.inc.php"
|
||||
fi
|
||||
|
||||
chmod 750 "$final_path"
|
||||
chmod -R o-rwx "$final_path"
|
||||
chown -R $app:www-data "$final_path"
|
||||
|
||||
#=================================================
|
||||
# NGINX CONFIGURATION
|
||||
#=================================================
|
||||
|
|
@ -112,14 +125,6 @@ ynh_script_progression --message="Upgrading NGINX web server configuration..." -
|
|||
# Create a dedicated NGINX config
|
||||
ynh_add_nginx_config
|
||||
|
||||
#=================================================
|
||||
# CREATE DEDICATED USER
|
||||
#=================================================
|
||||
ynh_script_progression --message="Making sure dedicated system user exists..."
|
||||
|
||||
# Create a dedicated user (if not existing)
|
||||
ynh_system_user_create --username=$app
|
||||
|
||||
#=================================================
|
||||
# PHP-FPM CONFIGURATION
|
||||
#=================================================
|
||||
|
|
@ -156,35 +161,12 @@ then
|
|||
< $final_path/sql/create_tables.sql
|
||||
fi
|
||||
|
||||
#=================================================
|
||||
# CONFIGURE PHPMYADMIN
|
||||
#=================================================
|
||||
ynh_script_progression --message="Reconfiguring phpMyAdmin..."
|
||||
|
||||
# Verify the checksum and backup the file if it's different
|
||||
ynh_backup_if_checksum_is_different --file="$final_path/config.inc.php"
|
||||
|
||||
ynh_replace_string --match_string="__YNH_PMA_ADMIN_USER__" --replace_string="$db_admin_user" --target_file=../conf/config.inc.php
|
||||
ynh_replace_string --match_string="__YNH_PMA_ADMIN_PASSWORD__" --replace_string="$db_admin_pwd" --target_file=../conf/config.inc.php
|
||||
ynh_replace_string --match_string="__YNH_PMA_USER__" --replace_string="$db_name" --target_file=../conf/config.inc.php
|
||||
ynh_replace_string --match_string="__YNH_PMA_PASSWORD__" --replace_string="$db_pwd" --target_file=../conf/config.inc.php
|
||||
|
||||
cp ../conf/config.inc.php $final_path
|
||||
|
||||
# Recalculate and store the config file checksum into the app settings
|
||||
ynh_store_file_checksum --file="$final_path/config.inc.php"
|
||||
|
||||
#=================================================
|
||||
# GENERIC FINALIZATION
|
||||
#=================================================
|
||||
# SECURE FILES AND DIRECTORIES
|
||||
#=================================================
|
||||
|
||||
# Set permissions to app files
|
||||
chown -R root: $final_path
|
||||
# config.inc.php contains sensitive data, restrict its access
|
||||
chown root:$app $final_path/config.inc.php
|
||||
chmod 640 $final_path/config.inc.php
|
||||
# Setup phpMyAdmin temporary folder
|
||||
mkdir -p $final_path/tmp
|
||||
chown -R $app: $final_path/tmp
|
||||
|
|
|
|||
Loading…
Reference in a new issue