#!/bin/bash #================================================= # GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= source _common.sh source /usr/share/yunohost/helpers #================================================= # MANAGE SCRIPT FAILURE #================================================= # Exit if an error occurs during the execution of the script ynh_abort_if_errors #================================================= # RETRIEVE ARGUMENTS FROM THE MANIFEST #================================================= domain=$YNH_APP_ARG_DOMAIN path_url=$YNH_APP_ARG_PATH admin=$YNH_APP_ARG_ADMIN app=$YNH_APP_INSTANCE_NAME #================================================= # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS #================================================= final_path=/var/www/$app test ! -e "$final_path" || ynh_die "This path already contains a folder" # Normalize the url path syntax path_url=$(ynh_normalize_url_path $path_url) # Register (book) web path ynh_webpath_register $app $domain $path_url #================================================= # STORE SETTINGS FROM MANIFEST #================================================= ynh_app_setting_set $app domain $domain ynh_app_setting_set $app path $path_url ynh_app_setting_set $app admin $admin #================================================= # STANDARD MODIFICATIONS #================================================= # CREATE A MYSQL DATABASE #================================================= db_name=$(ynh_sanitize_dbid $app) ynh_app_setting_set $app db_name $db_name ynh_mysql_setup_db $db_name $db_name # Setup a privileged user for phpmyadmin (to prevent using MySQL root user) db_admin_user="${app}_root" ynh_app_setting_set $app db_admin_user $db_admin_user db_admin_pwd="$(ynh_string_random)" ynh_app_setting_set $app db_admin_pwd $db_admin_pwd if ! ynh_mysql_user_exists "$db_admin_user" then ynh_mysql_create_user "$db_admin_user" "$db_admin_pwd" ynh_mysql_execute_as_root "GRANT ALL PRIVILEGES ON *.* TO '$db_admin_user'@'localhost' IDENTIFIED BY '$db_admin_pwd' WITH GRANT OPTION; FLUSH PRIVILEGES;" mysql fi #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= ynh_app_setting_set $app final_path $final_path # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source "$final_path" #================================================= # NGINX CONFIGURATION #================================================= # Create a dedicated nginx config ynh_add_nginx_config #================================================= # CREATE DEDICATED USER #================================================= # Create a system user ynh_system_user_create $app #================================================= # PHP-FPM CONFIGURATION #================================================= # Create a dedicated php-fpm config ynh_add_fpm_config #================================================= # SPECIFIC SETUP #================================================= # POPULATE THE DATABASE #================================================= ynh_replace_string "__YNH_PMA_USER__" "$db_name" ../conf/create_db.sql ynh_mysql_connect_as "$db_name" "$db_pwd" "$db_name" \ < ../conf/create_db.sql ynh_replace_string "phpmyadmin" "$db_name" $final_path/sql/create_tables.sql ynh_mysql_connect_as "$db_name" "$db_pwd" "$db_name" \ < $final_path/sql/create_tables.sql #================================================= # CONFIGURE PHPMYADMIN #================================================= ynh_replace_string "__YNH_PMA_ADMIN_USER__" "$db_admin_user" ../conf/config.inc.php ynh_replace_string "__YNH_PMA_ADMIN_PASSWORD__" "$db_admin_pwd" ../conf/config.inc.php ynh_replace_string "__YNH_PMA_USER__" "$db_name" ../conf/config.inc.php ynh_replace_string "__YNH_PMA_PASSWORD__" "$db_pwd" ../conf/config.inc.php cp ../conf/config.inc.php $final_path # Calculate and store the config file checksum into the app settings ynh_store_file_checksum "$final_path/config.inc.php" #================================================= # INSTALL DEPENDENCIES WITH COMPOSER #================================================= # Set permissions for initialization chown -R $app: "$final_path" # Install composer curl -sS https://getcomposer.org/installer \ | COMPOSER_HOME="$final_path/.composer" \ php -- --quiet --install-dir="$final_path" \ || ynh_die "Unable to install Composer" # Update dependencies to create composer.lock exec_as $app COMPOSER_HOME="$final_path/.composer" \ php "$final_path/composer.phar" install --no-dev \ -d "$final_path" --quiet --no-interaction \ || ynh_die "Unable to update core dependencies with Composer" # Install dependencies ynh_exec_warn_less exec_as $app COMPOSER_HOME="$final_path/.composer" \ php "$final_path/composer.phar" update --no-dev \ -d "$final_path" --quiet --no-interaction #================================================= # GENERIC FINALIZATION #================================================= # SECURE FILES AND DIRECTORIES #================================================= # Set permissions to app files chown -R root: $final_path # config.inc.php contains sensitive data, restrict its access chown root:$app $final_path/config.inc.php chmod 640 $final_path/config.inc.php # Setup phpMyAdmin temporary folder mkdir -p $final_path/tmp chown $app: $final_path/tmp #================================================= # SETUP SSOWAT #================================================= # Restrict access to admin only yunohost app addaccess --users=$admin $app #================================================= # RELOAD NGINX #================================================= systemctl reload nginx