From 19f61e95b546c746a36f6eca690558a4ed328671 Mon Sep 17 00:00:00 2001 From: Inrepublica Date: Wed, 25 Mar 2020 14:52:02 +0100 Subject: [PATCH 01/12] Update to ynh 3.6.5 Major change to Yunohost 3.6.5 and upgrade to Phpsysinfo 3.3.2 --- README.md | 57 +++++- conf/app.src | 6 + conf/nginx.conf | 59 ++++-- conf/php-fpm.conf | 436 ++++++++++++++++++++++++++++++++++++++++++++ conf/phpsysinfo.ini | 324 ++++++++++++++++++++++++-------- manifest.json | 20 +- scripts/_common.sh | 1 + scripts/backup | 61 +++++-- scripts/change_url | 92 ++++++++++ scripts/install | 150 ++++++++++----- scripts/remove | 67 +++++-- scripts/restore | 88 ++++++--- scripts/upgrade | 194 +++++++++++++++----- 13 files changed, 1311 insertions(+), 244 deletions(-) create mode 100644 conf/app.src create mode 100644 conf/php-fpm.conf create mode 100644 scripts/_common.sh create mode 100644 scripts/change_url diff --git a/README.md b/README.md index 8979e13..9fa928d 100644 --- a/README.md +++ b/README.md @@ -1,10 +1,55 @@ # PHPSysInfo for Yunohost -PhpSysInfo 3.2.5 for [Yunohost](http://yunohost.org/). Work with YunoHost 2.4.0.6. +[![Integration level](https://dash.yunohost.org/integration/phpsysinfo_ynh.svg)](https://dash.yunohost.org/appci/app/phpsysinfo_ynh) +[![Install Custom Webapp with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=phpsysinfo_ynh) -# Installation -You can install this package by going through the administration web interface by choosing "Install custom app", or using the moulinette: -`yunohost app install https://github.com/inrepublica/phpsysinfo_ynh` +> *This package allow you to install PHPSysInfo quickly and simply on a YunoHost server. +If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to know how to install and enjoy it.* -# Configuration -Edit `phpsysinfo.ini` in `/var/www/phpsysinfo/phpsysinfo.ini`. \ No newline at end of file +## Overview + +A customizable PHP script that displays information about your system nicely. + +**Shipped version:** 3.3.2 + +## Screenshots +![screenshot phpsyinfo](https://a.fsdn.com/con/app/proj/phpsysinfo/screenshots/294411.jpg/max/max/1 "phpsysinfo screenshot") + +## Demo +[Demo on NAS Synology](http://phpsysinfo.sourceforge.net/multi/index.php?disp=bootstrap&xml=synology) + +## Configuration +Edit `phpsysinfo.ini` in `/var/www/phpsysinfo/phpsysinfo.ini`. + +## Documentation + +## YunoHost specific features + +#### Multi-users support + +#### Supported architectures + +* x86-64b - [![Build Status](https://ci-apps.yunohost.org/ci/logs/phpsysinfo_ynh%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/phpsysinfo_ynh/) +* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/phpsysinfo_ynh%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/phpsysinfo_ynh/) +* Jessie x86-64b - [![Build Status](https://ci-stretch.nohost.me/ci/logs/phpsysinfo_ynh%20%28Apps%29.svg)](https://ci-stretch.nohost.me/ci/apps/phpsysinfo_ynh/) + +## Limitations + +## Additional information + +## Links + +--- + +Developers info +---------------- + +**Only if you want to use a testing branch for coding, instead of merging directly into master.** +Please do your pull request to the [testing branch](https://github.com/inrepublica/phpsysinfo_ynh/tree/testing). + +To try the testing branch, please proceed like that. +``` +sudo yunohost app install https://github.com/inrepublica/phpsysinfo_ynh/tree/testing --debug +or +sudo yunohost app upgrade my_webapp -u https://github.com/inrepublica/phpsysinfo_ynh/tree/testing --debug +``` diff --git a/conf/app.src b/conf/app.src new file mode 100644 index 0000000..5ce8c82 --- /dev/null +++ b/conf/app.src @@ -0,0 +1,6 @@ +SOURCE_URL=https://github.com/phpsysinfo/phpsysinfo/archive/v3.3.2.tar.gz +SOURCE_SUM=C13A3F12DC7E5FBC71A7B12645F2F08D +SOURCE_SUM_PRG=md5sum +ARCH_FORMAT=tar.gz +SOURCE_IN_SUBDIR=true +SOURCE_FILENAME= \ No newline at end of file diff --git a/conf/nginx.conf b/conf/nginx.conf index 929d465..2e7ac71 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,23 +1,46 @@ -location YNH_WWW_PATH { +#sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; +location __PATH__/ { - # Path to source - alias YNH_WWW_ALIAS ; + # Path to source + alias __FINALPATH__/www/; - # Example PHP configuration - index index.php; + # Force usage of https + if ($scheme = http) { + rewrite ^ https://$server_name$request_uri? permanent; + } - try_files $uri $uri/ index.php; - location ~ [^/]\.php(/|$) { - fastcgi_split_path_info ^(.+?\.php)(/.*)$; - fastcgi_pass unix:/var/run/php5-fpm.sock; + # Default indexes and catch-all + index index.html index.php; + try_files $uri $uri/ __PATH__/index.php?$args; - fastcgi_index index.php; - include fastcgi_params; - fastcgi_param REMOTE_USER $remote_user; - fastcgi_param PATH_INFO $fastcgi_path_info; - fastcgi_param SCRIPT_FILENAME $request_filename; - } + # Prevent useless logs + location = __PATH__/favicon.ico { + log_not_found off; + access_log off; + } + location = __PATH__/robots.txt { + allow all; + log_not_found off; + access_log off; + } - # Include SSOWAT user panel. - include conf.d/yunohost_panel.conf.inc; -} + # Deny access to hidden files and directories + location ~ ^__PATH__/(.+/|)\.(?!well-known\/) { + deny all; + } + + # Execute and serve PHP files + location ~ [^/]\.php(/|$) { + fastcgi_split_path_info ^(.+?\.php)(/.*)$; + fastcgi_pass unix:/var/run/php/php7.0-fpm-__NAME__.sock; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param REMOTE_USER $remote_user; + fastcgi_param PATH_INFO $fastcgi_path_info; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +### End of PHP configuration part + + # Include SSOWAT user panel. + include conf.d/yunohost_panel.conf.inc; +} \ No newline at end of file diff --git a/conf/php-fpm.conf b/conf/php-fpm.conf new file mode 100644 index 0000000..1f4f865 --- /dev/null +++ b/conf/php-fpm.conf @@ -0,0 +1,436 @@ +; Start a new pool named 'www'. +; the variable $pool can be used in any directive and will be replaced by the +; pool name ('www' here) +[__NAMETOCHANGE__] + +; Per pool prefix +; It only applies on the following directives: +; - 'access.log' +; - 'slowlog' +; - 'listen' (unixsocket) +; - 'chroot' +; - 'chdir' +; - 'php_values' +; - 'php_admin_values' +; When not set, the global prefix (or /usr) applies instead. +; Note: This directive can also be relative to the global prefix. +; Default Value: none +;prefix = /path/to/pools/$pool + +; Unix user/group of processes +; Note: The user is mandatory. If the group is not set, the default user's group +; will be used. +user = __USER__ +group = __USER__ + +; The address on which to accept FastCGI requests. +; Valid syntaxes are: +; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on +; a specific port; +; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on +; a specific port; +; 'port' - to listen on a TCP socket to all addresses +; (IPv6 and IPv4-mapped) on a specific port; +; '/path/to/unix/socket' - to listen on a unix socket. +; Note: This value is mandatory. +listen = /var/run/php/php7.0-fpm-__NAMETOCHANGE__.sock + +; Set listen(2) backlog. +; Default Value: 511 (-1 on FreeBSD and OpenBSD) +;listen.backlog = 511 + +; Set permissions for unix socket, if one is used. In Linux, read/write +; permissions must be set in order to allow connections from a web server. Many +; BSD-derived systems allow connections regardless of permissions. +; Default Values: user and group are set as the running user +; mode is set to 0660 +listen.owner = www-data +listen.group = www-data +;listen.mode = 0660 +; When POSIX Access Control Lists are supported you can set them using +; these options, value is a comma separated list of user/group names. +; When set, listen.owner and listen.group are ignored +;listen.acl_users = +;listen.acl_groups = + +; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect. +; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original +; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address +; must be separated by a comma. If this value is left blank, connections will be +; accepted from any ip address. +; Default Value: any +;listen.allowed_clients = 127.0.0.1 + +; Specify the nice(2) priority to apply to the pool processes (only if set) +; The value can vary from -19 (highest priority) to 20 (lower priority) +; Note: - It will only work if the FPM master process is launched as root +; - The pool processes will inherit the master process priority +; unless it specified otherwise +; Default Value: no set +; process.priority = -19 + +; Set the process dumpable flag (PR_SET_DUMPABLE prctl) even if the process user +; or group is differrent than the master process user. It allows to create process +; core dump and ptrace the process for the pool user. +; Default Value: no +; process.dumpable = yes + +; Choose how the process manager will control the number of child processes. +; Possible Values: +; static - a fixed number (pm.max_children) of child processes; +; dynamic - the number of child processes are set dynamically based on the +; following directives. With this process management, there will be +; always at least 1 children. +; pm.max_children - the maximum number of children that can +; be alive at the same time. +; pm.start_servers - the number of children created on startup. +; pm.min_spare_servers - the minimum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is less than this +; number then some children will be created. +; pm.max_spare_servers - the maximum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is greater than this +; number then some children will be killed. +; ondemand - no children are created at startup. Children will be forked when +; new requests will connect. The following parameter are used: +; pm.max_children - the maximum number of children that +; can be alive at the same time. +; pm.process_idle_timeout - The number of seconds after which +; an idle process will be killed. +; Note: This value is mandatory. +pm = dynamic + +; The number of child processes to be created when pm is set to 'static' and the +; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'. +; This value sets the limit on the number of simultaneous requests that will be +; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. +; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP +; CGI. The below defaults are based on a server without much resources. Don't +; forget to tweak pm.* to fit your needs. +; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' +; Note: This value is mandatory. +pm.max_children = 5 + +; The number of child processes created on startup. +; Note: Used only when pm is set to 'dynamic' +; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2 +pm.start_servers = 2 + +; The desired minimum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.min_spare_servers = 1 + +; The desired maximum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.max_spare_servers = 3 + +; The number of seconds after which an idle process will be killed. +; Note: Used only when pm is set to 'ondemand' +; Default Value: 10s +;pm.process_idle_timeout = 10s; + +; The number of requests each child process should execute before respawning. +; This can be useful to work around memory leaks in 3rd party libraries. For +; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. +; Default Value: 0 +;pm.max_requests = 500 + +; The URI to view the FPM status page. If this value is not set, no URI will be +; recognized as a status page. It shows the following informations: +; pool - the name of the pool; +; process manager - static, dynamic or ondemand; +; start time - the date and time FPM has started; +; start since - number of seconds since FPM has started; +; accepted conn - the number of request accepted by the pool; +; listen queue - the number of request in the queue of pending +; connections (see backlog in listen(2)); +; max listen queue - the maximum number of requests in the queue +; of pending connections since FPM has started; +; listen queue len - the size of the socket queue of pending connections; +; idle processes - the number of idle processes; +; active processes - the number of active processes; +; total processes - the number of idle + active processes; +; max active processes - the maximum number of active processes since FPM +; has started; +; max children reached - number of times, the process limit has been reached, +; when pm tries to start more children (works only for +; pm 'dynamic' and 'ondemand'); +; Value are updated in real time. +; Example output: +; pool: www +; process manager: static +; start time: 01/Jul/2011:17:53:49 +0200 +; start since: 62636 +; accepted conn: 190460 +; listen queue: 0 +; max listen queue: 1 +; listen queue len: 42 +; idle processes: 4 +; active processes: 11 +; total processes: 15 +; max active processes: 12 +; max children reached: 0 +; +; By default the status page output is formatted as text/plain. Passing either +; 'html', 'xml' or 'json' in the query string will return the corresponding +; output syntax. Example: +; http://www.foo.bar/status +; http://www.foo.bar/status?json +; http://www.foo.bar/status?html +; http://www.foo.bar/status?xml +; +; By default the status page only outputs short status. Passing 'full' in the +; query string will also return status for each pool process. +; Example: +; http://www.foo.bar/status?full +; http://www.foo.bar/status?json&full +; http://www.foo.bar/status?html&full +; http://www.foo.bar/status?xml&full +; The Full status returns for each process: +; pid - the PID of the process; +; state - the state of the process (Idle, Running, ...); +; start time - the date and time the process has started; +; start since - the number of seconds since the process has started; +; requests - the number of requests the process has served; +; request duration - the duration in µs of the requests; +; request method - the request method (GET, POST, ...); +; request URI - the request URI with the query string; +; content length - the content length of the request (only with POST); +; user - the user (PHP_AUTH_USER) (or '-' if not set); +; script - the main script called (or '-' if not set); +; last request cpu - the %cpu the last request consumed +; it's always 0 if the process is not in Idle state +; because CPU calculation is done when the request +; processing has terminated; +; last request memory - the max amount of memory the last request consumed +; it's always 0 if the process is not in Idle state +; because memory calculation is done when the request +; processing has terminated; +; If the process is in Idle state, then informations are related to the +; last request the process has served. Otherwise informations are related to +; the current request being served. +; Example output: +; ************************ +; pid: 31330 +; state: Running +; start time: 01/Jul/2011:17:53:49 +0200 +; start since: 63087 +; requests: 12808 +; request duration: 1250261 +; request method: GET +; request URI: /test_mem.php?N=10000 +; content length: 0 +; user: - +; script: /home/fat/web/docs/php/test_mem.php +; last request cpu: 0.00 +; last request memory: 0 +; +; Note: There is a real-time FPM status monitoring sample web page available +; It's available in: /usr/share/php/7.0/fpm/status.html +; +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +;pm.status_path = /status + +; The ping URI to call the monitoring page of FPM. If this value is not set, no +; URI will be recognized as a ping page. This could be used to test from outside +; that FPM is alive and responding, or to +; - create a graph of FPM availability (rrd or such); +; - remove a server from a group if it is not responding (load balancing); +; - trigger alerts for the operating team (24/7). +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +;ping.path = /ping + +; This directive may be used to customize the response of a ping request. The +; response is formatted as text/plain with a 200 response code. +; Default Value: pong +;ping.response = pong + +; The access log file +; Default: not set +;access.log = log/$pool.access.log + +; The access log format. +; The following syntax is allowed +; %%: the '%' character +; %C: %CPU used by the request +; it can accept the following format: +; - %{user}C for user CPU only +; - %{system}C for system CPU only +; - %{total}C for user + system CPU (default) +; %d: time taken to serve the request +; it can accept the following format: +; - %{seconds}d (default) +; - %{miliseconds}d +; - %{mili}d +; - %{microseconds}d +; - %{micro}d +; %e: an environment variable (same as $_ENV or $_SERVER) +; it must be associated with embraces to specify the name of the env +; variable. Some exemples: +; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e +; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e +; %f: script filename +; %l: content-length of the request (for POST request only) +; %m: request method +; %M: peak of memory allocated by PHP +; it can accept the following format: +; - %{bytes}M (default) +; - %{kilobytes}M +; - %{kilo}M +; - %{megabytes}M +; - %{mega}M +; %n: pool name +; %o: output header +; it must be associated with embraces to specify the name of the header: +; - %{Content-Type}o +; - %{X-Powered-By}o +; - %{Transfert-Encoding}o +; - .... +; %p: PID of the child that serviced the request +; %P: PID of the parent of the child that serviced the request +; %q: the query string +; %Q: the '?' character if query string exists +; %r: the request URI (without the query string, see %q and %Q) +; %R: remote IP address +; %s: status (response code) +; %t: server time the request was received +; it can accept a strftime(3) format: +; %d/%b/%Y:%H:%M:%S %z (default) +; The strftime(3) format must be encapsuled in a %{}t tag +; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t +; %T: time the log has been written (the request has finished) +; it can accept a strftime(3) format: +; %d/%b/%Y:%H:%M:%S %z (default) +; The strftime(3) format must be encapsuled in a %{}t tag +; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t +; %u: remote user +; +; Default: "%R - %u %t \"%m %r\" %s" +;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%" + +; The log file for slow requests +; Default Value: not set +; Note: slowlog is mandatory if request_slowlog_timeout is set +;slowlog = log/$pool.log.slow + +; The timeout for serving a single request after which a PHP backtrace will be +; dumped to the 'slowlog' file. A value of '0s' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +;request_slowlog_timeout = 0 + +; The timeout for serving a single request after which the worker process will +; be killed. This option should be used when the 'max_execution_time' ini option +; does not stop script execution for some reason. A value of '0' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +request_terminate_timeout = 1d + +; Set open file descriptor rlimit. +; Default Value: system defined value +;rlimit_files = 1024 + +; Set max core size rlimit. +; Possible Values: 'unlimited' or an integer greater or equal to 0 +; Default Value: system defined value +;rlimit_core = 0 + +; Chroot to this directory at the start. This value must be defined as an +; absolute path. When this value is not set, chroot is not used. +; Note: you can prefix with '$prefix' to chroot to the pool prefix or one +; of its subdirectories. If the pool prefix is not set, the global prefix +; will be used instead. +; Note: chrooting is a great security feature and should be used whenever +; possible. However, all PHP paths will be relative to the chroot +; (error_log, sessions.save_path, ...). +; Default Value: not set +;chroot = + +; Chdir to this directory at the start. +; Note: relative path can be used. +; Default Value: current directory or / when chroot +chdir = __FINALPATH__ + +; Redirect worker stdout and stderr into main error log. If not set, stdout and +; stderr will be redirected to /dev/null according to FastCGI specs. +; Note: on highloaded environement, this can cause some delay in the page +; process time (several ms). +; Default Value: no +;catch_workers_output = yes + +; Clear environment in FPM workers +; Prevents arbitrary environment variables from reaching FPM worker processes +; by clearing the environment in workers before env vars specified in this +; pool configuration are added. +; Setting to "no" will make all environment variables available to PHP code +; via getenv(), $_ENV and $_SERVER. +; Default Value: yes +;clear_env = no + +; Limits the extensions of the main script FPM will allow to parse. This can +; prevent configuration mistakes on the web server side. You should only limit +; FPM to .php extensions to prevent malicious users to use other extensions to +; execute php code. +; Note: set an empty value to allow all extensions. +; Default Value: .php +;security.limit_extensions = .php .php3 .php4 .php5 .php7 + +; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from +; the current environment. +; Default Value: clean env +;env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +;env[TMP] = /tmp +;env[TMPDIR] = /tmp +;env[TEMP] = /tmp + +; Additional php.ini defines, specific to this pool of workers. These settings +; overwrite the values previously defined in the php.ini. The directives are the +; same as the PHP SAPI: +; php_value/php_flag - you can set classic ini defines which can +; be overwritten from PHP call 'ini_set'. +; php_admin_value/php_admin_flag - these directives won't be overwritten by +; PHP call 'ini_set' +; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no. + +; Defining 'extension' will load the corresponding shared extension from +; extension_dir. Defining 'disable_functions' or 'disable_classes' will not +; overwrite previously defined php.ini values, but will append the new value +; instead. + +; Note: path INI options can be relative and will be expanded with the prefix +; (pool, global or /usr) + +; Default Value: nothing is defined by default except the values in php.ini and +; specified at startup with the -d argument +;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com +;php_flag[display_errors] = off +;php_admin_value[error_log] = /var/log/fpm-php.www.log +;php_admin_flag[log_errors] = on +;php_admin_value[memory_limit] = 32M + +; Common values to change to increase file upload limit +; php_admin_value[upload_max_filesize] = 50M +; php_admin_value[post_max_size] = 50M +; php_admin_flag[mail.add_x_header] = Off + +; Other common parameters +; php_admin_value[max_execution_time] = 600 +; php_admin_value[max_input_time] = 300 +; php_admin_value[memory_limit] = 256M +; php_admin_flag[short_open_tag] = On + +; Additional php.ini defines, specific to this pool of workers. +php_value[upload_max_filesize] = 1G +php_value[post_max_size] = 1G +php_value[default_charset] = UTF-8 +php_value[always_populate_raw_post_data] = -1 \ No newline at end of file diff --git a/conf/phpsysinfo.ini b/conf/phpsysinfo.ini index 401f115..851cf54 100644 --- a/conf/phpsysinfo.ini +++ b/conf/phpsysinfo.ini @@ -4,7 +4,7 @@ ; @package PSI ; @author Michael Cramer ; @copyright 2009 phpSysInfo -; @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License +; @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License version 2, or (at your option) any later version ; @version SVN: $Id: phpsysinfo.ini.new 705 2012-11-11 00:33:29Z namiltd $ ; @link http://phpsysinfo.sourceforge.net @@ -47,22 +47,38 @@ ADD_PATHS=false ; ALLOWED=false +; List of sudo commands +; Example : SUDO_COMMANDS="iptables-save" //execute "sudo iptables-save" instead "iptables-save" +; SUDO_COMMANDS=false //no sudo commands +; +SUDO_COMMANDS=false + +; Order of data blocks +; Example : BLOCKS="vitals,hardware,memory,filesystem,network,voltage,current,temperature,fans,power,other,ups" or BLOCKS=true //default order +; BLOCKS=false //hide all blocks +; +BLOCKS=true + + ; Plugins that should be included in xml and output ; List of plugins should look like "plugin,plugin,plugin". See /plugins directory ; - PLUGINS="MDStatus,PS" //list of plugins ; - PLUGINS=false //no plugins ; included plugins: -; - MDStatus - show the raid status and whats currently going on -; - DMRaid - show the software raid status +; - Raid - show the software, fake, zpool or megaraid RAID status ; - PS - show a process tree of all running processes ; - PSStatus - show a graphical representation if a process is running or not ; - Quotas - show a table with all quotas that are active and there current state ; - SMART - show S.M.A.R.T. information from drives that support it -; - BAT - show battery state on a laptop -; - IPMIInfo - show IPMI status +; - BAT - show battery state on a laptop, tablet or phone ; - UpdateNotifier - show update notifications (only for Ubuntu server) ; - SNMPPInfo - show printers info via SNMP ; - Uprecords - show uprecords info +; - Iptables - show iptables rules list +; - PingTest - show Ping Test info +; - StableBit - show StableBit Scanner info (WinNT) +; - HyperV - show Hyper-V info (WinNT) +; - Docker - show docker stats ; PLUGINS=false @@ -78,12 +94,12 @@ PLUGINS=false ; static: static page (use metatag to reload page) ; bootstrap: use twitter bootstrap template ; -DEFAULT_DISPLAY_MODE="YNH_DISPLAY_MODE" +DEFAULT_DISPLAY_MODE="__DISPLAY_MODE__" ; Define the default language ; -DEFAULT_LANG="YNH_DEFAULT_LANGUAGE" +DEFAULT_LANG="__LANGUAGE__" ; Define the default template @@ -121,6 +137,11 @@ SHOW_CPUINFO_EXPANDED=false SHOW_MEMORY_INFOS_EXPANDED=false +; Hide loader for frontend "bootstrap" +; +HIDE_BOOTSTRAP_LOADER=false + + ; Define the interval for refreshing data in ms ; - 0 : disabled ; - 1000 : 1 second @@ -131,9 +152,10 @@ REFRESH=60000 ; Show a graph for current cpuload ; - true : displayed, but it's a performance hit (because we have to wait to get a value, 1 second) +; - "compact" : displayed like above but in compact mode ; - false : will not be displayed ; -LOAD_BAR=false +LOAD_BAR=true ; Display the virtual host name and address @@ -172,13 +194,32 @@ BYTE_FORMAT="auto_binary" TEMP_FORMAT="c" +; Show devices infos +; Example : SHOW_DEVICES_INFOS=true +; +SHOW_DEVICES_INFOS=true + + +; Show devices serial number +; Example : SHOW_DEVICES_SERIAL=true +; +SHOW_DEVICES_SERIAL=false + + +; Format in which datetime is displayed +; - "UTC" shown as UTC string +; - "locale" shown as Locale string +; +DATETIME_FORMAT="UTC" + + ; ******************************** ; SENSORS PARAMETERS ; ******************************** ; Define the motherboard monitoring program -; We support the following programs far +; We support the following programs so far ; - HDDtemp http://www.guzu.net/linux/hddtemp.php (Linux) ; - LMSensors http://www.lm-sensors.org/ (Linux) ; - Healthd http://healthd.thehousleys.net/ (FreeBSD) @@ -186,7 +227,7 @@ TEMP_FORMAT="c" ; - MBMon http://www.nt.phys.kyushu-u.ac.jp/shimizu/download/download.html (FreeBSD/Linux/NetBSD/OpenBSD) ; - MBM5 http://mbm.livewiredev.com/ (data from file data/MBM5.csv - WinNT) ; - Coretemp No addon tool neded (FreeBSD/Linux) -; - IPMI http://openipmi.sourceforge.net/ (Linux) +; - IPMItool http://ipmitool.sourceforge.net/ (Linux) ; - FreeIPMI http://www.gnu.org/software/freeipmi/ (FreeBSD/Linux/OpenBSD/SunOS) ; - IPMIutil http://ipmiutil.sourceforge.net/ (Darwin/FreeBSD/Linux/SunOS/WinNT) ; - K8Temp http://hur.st/k8temp/ (DragonFly/FreeBSD/NetBSD/OpenBSD) @@ -196,18 +237,26 @@ TEMP_FORMAT="c" ; - QTSsnmp SNMP service enabled and snmp-utils package installed: opkg install snmp-utils (QNAP - QTS Linux) ; - Hwmon No addon tool neded (Linux) ; - SpeedFan http://www.almico.com/speedfan.php (required tool packaged in: tools/speedfan/SpeedFanGet_bin.zip) (WinNT) +; - Thinkpad No addon tool neded (Lenovo Thinkpad - Linux) ; ; Example: If you want to use lmsensors : SENSOR_PROGRAM="LMSensors" -; If you want to use lmsensors and IPMI: SENSOR_PROGRAM="LMSensors,IPMI" +; If you want to use lmsensors and IPMItool: SENSOR_PROGRAM="LMSensors,IPMItool" ; SENSOR_PROGRAM=false + ; Show events of sensors ; - true : show events ; - false : do not show events ; SENSOR_EVENTS=true + +; Sort sensors list +; +SORT_SENSORS_LIST=false + + ; Some sensors programs contain an additional configuration in the relevant sections [sensor_...] @@ -250,6 +299,32 @@ SHOW_INODES=true HIDE_MOUNTS="" +; Filesystem usage warning threshold in percent +; - 0 : disabled +; - 90 : 90% +; Default is 90% +; +FS_USAGE_THRESHOLD=90 + + +; Ignore usage and usage threshold for filesystem types +; Example : IGNORE_THRESHOLD_FS_TYPES="iso9660, squashfs, devfs, devtmpfs, lxfs, udf, UDF, CDFS" +; +IGNORE_THRESHOLD_FS_TYPES="iso9660, squashfs, devfs, devtmpfs, lxfs, udf, UDF, CDFS" + + +; Ignore usage of mounts +; Example : IGNORE_USAGE="/root,/mnt/c" +; +IGNORE_USAGE="" + + +; Ignore free space size of mounts +; Example : IGNORE_FREE="/zfs/space,/zfs/data" +; +IGNORE_FREE="" + + ; Hide filesystem types ; Example : HIDE_FS_TYPES="tmpfs,devtmpfs,usbfs,bstfolder" ; @@ -263,14 +338,6 @@ HIDE_FS_TYPES="" HIDE_DISKS="" -; Filesystem usage warning threshold in percent -; - 0 : disabled -; - 90 : 90% -; Default is 90% -; -FS_USAGE_THRESHOLD=90 - - ; ******************************** ; NETWORK PARAMETERS ; ******************************** @@ -289,11 +356,29 @@ HIDE_NETWORK_INTERFACE="" SHOW_NETWORK_INFOS=true +; Hide MAC address in the infos +; +HIDE_NETWORK_MACADDR=false + + +; Sort network interfaces list +; +SORT_NETWORK_INTERFACES_LIST=false + + ; Show network infos expanded ; SHOW_NETWORK_INFOS_EXPANDED=false +; Show network active speed +; - true : display network active speed +; - "bps" : display network active speed in bits per second (b/s, Kb/s, etc...) +; - false : hide them +; +SHOW_NETWORK_ACTIVE_SPEED=false + + ; ******************************** ; UPS PARAMETERS ; ******************************** @@ -389,11 +474,12 @@ ACCESS="command" ; ACCESS="command" -[sensor_ipmi] -; IPMI motherboard monitoring program configuration +[sensor_ipmitool] +; IPMItool motherboard monitoring program configuration ; -; - ACCESS="command" //read data from 'ipmitool sensor' command -; - ACCESS="data" //read data from file data/ipmi.txt +; - ACCESS="command" //read data from 'ipmitool sensor -v' command +; //if access error execute first: chmod 666 /dev/ipmi0 +; - ACCESS="data" //read data from file data/ipmitool.txt ; ACCESS="command" @@ -409,6 +495,7 @@ ACCESS="command" ; IPMIutil motherboard monitoring program configuration ; ; - ACCESS="command" //read data from 'ipmiutil sensor -stw' command +; //if access error execute first: chmod 666 /dev/ipmi0 ; - ACCESS="data" //read data from file data/ipmiutil.txt ; ACCESS="command" @@ -439,67 +526,66 @@ ACCESS="command" ; BAT Plugin configuration ; define how to access the battery statistic data -; - "command" read data from /proc/acpi/battery/BAT0/info and /proc/acpi/battery/BAT0/state -; on newer kernel or on Android read files from /sys/class/power_supply/ - on Darwin read data from 'ioreg -w0 -l -n AppleSmartBattery -r' command - on FreeBSD read data from 'acpiconf -i batt' command - on OpenBSD read data from 'sysctl hw.sensors.acpibat0' command +; - "command" on Linux and Android read data from /proc/acpi/battery/BAT0/info and /proc/acpi/battery/BAT0/state +; or on newer kernel from /sys/class/power_supply/ +; or from 'upower -d' command (if UPOWER is true) +; on Android read data from /sys/class/power_supply/ +; on Darwin read data from 'ioreg -w0 -l -n AppleSmartBattery -r' command +; on FreeBSD read data from 'acpiconf -i batt' command +; on OpenBSD read data from 'sysctl hw.sensors.acpibat0' command ; - "data" (a file must be available in the data directory of the phpsysinfo installation ; with the filename "bat_info.txt" and "bat_state.txt"; content is the output ; from "cat /proc/acpi/battery/BAT0/info" and "cat /proc/acpi/battery/BAT0/state") ; ACCESS="command" -; define the battery device (no matter for WinNT, FreeBSD, Darwin and some Android and Linux) +; on Lunux try executing 'upower -d' command +; +UPOWER=false + +; Show battery serial number ; -DEVICE="BAT0" +SHOW_SERIAL=false -[ipmiinfo] -; ipmiinfo Plugin configuration +[raid] +; Raid Plugin configuration -; define how to access the IPMI statistic data -; - "command" ipmitool command is run everytime the block gets refreshed or build -; if access error execute first: chmod 666 /dev/ipmi0 +; define how to access the raid statistic data +; - "command" - mdstat: file "/proc/mdstat" is read (on Linux only) +; - dmraid: command "dmraid -s -vv 2>&1" is run (on Linux only) +; If access error try execute first: chmod 4755 /sbin/dmraid +; This method is not recommended for safety reasons! +; - megactl: command "megactl" (on Linux only) +; downloaded from http://sourceforge.net/projects/megactl/ or http://github.com/hmage/megactl +; If permission error try execute first: chmod 4755 /usr/sbin/megactl +; - megasasctl: command "megasasctl" (on Linux only) +; downloaded from http://sourceforge.net/projects/megactl/ or http://github.com/hmage/megactl +; If permission error try execute first: chmod 4755 /usr/sbin/megasasctl +; - graid: command "graid list" is run (on FreeBSD only) +; - zpool: command "zpool status" is run +; - idrac: command "snmpwalk -Ona -c public -v 1 -r 0 -t 3 {device} .1.3.6.1.4.1.674.10892.5.5.1.20" is run +; - "php-snmp"- idrac: execute php snmprealwalk function (php-snmp module must be installed) +; - for others the option is inactive (uses "command" instead) ; - "data" (a file must be available in the data directory of the phpsysinfo installation -; with the filename "ipmiinfo.txt"; content is the output from "ipmitool sensor") +; with the filename "raidmdstat.txt" or "raiddmraid.txt" or "raidmegactl.txt" +; or "raidmegasasctl.txt" or "raidgraid.txt" or "raidzpool.txt" or "raididrac{device_number}.txt") ; ACCESS="command" - -[mdstatus] -; MDStatus Plugin configuration - -; define how to access the mdstat statistic data -; - "file" /proc/mdstat is read -; - "data" (a file must be available in the data directory of the phpsysinfo installation -; with the filename "mdstat.txt"; content is the output from "cat /proc/mdstat") -; -ACCESS="file" +; define possible programs +PROGRAM="mdstat,dmraid,megactl,megasasctl,graid,zpool,idrac" ; Hide RAID devices -; Example : HIDE_RAID_DEVICES="md127" +; Example : HIDE_DEVICES="md127" ; -HIDE_RAID_DEVICES="" +HIDE_DEVICES="" - -[dmraid] -; DMRaid Plugin configuration - -; define how to access the dmraid statistic data -; - "command" dmraid command is run everytime the block gets refreshed or build -; if access error try execute first: chmod 4755 /sbin/dmraid -; This method is not recommended for safety reasons! -; - "data" (a file must be available in the data directory of the phpsysinfo installation -; with the filename "dmraid.txt"; content is generated by command "dmraid -s -vv >dmraid.txt 2>&1") ; -ACCESS="command" - -; Hide RAID devices -; Example : HIDE_RAID_DEVICES=".ddf1_disks" +; string contains a list of IDRAC devices that are checked +; Example : IDRAC_DEVICES="192.168.0.120" ; -HIDE_RAID_DEVICES="" - +IDRAC_DEVICES="" [ps] ; PS Plugin configuration @@ -512,9 +598,21 @@ HIDE_RAID_DEVICES="" ; ACCESS="command" +; Memory Usage info +; +MEMORY_USAGE=true + +; CPU Usage info +; +CPU_USAGE=true + ; Show kthreadd child list expanded ; -SHOW_KTHREADD_EXPANDED=true +SHOW_KTHREADD_EXPANDED=false + +; Show PID 1 child list expanded +; +SHOW_PID1CHILD_EXPANDED=false [psstatus] @@ -525,7 +623,7 @@ SHOW_KTHREADD_EXPANDED=true ; information is retrieved everytime through WMI ; - "data" a file must be available in the data directory of the phpsysinfo installation ; with the filename "psstatus.txt"; content is the output from -; for ps in "apache2" "mysqld" "sshd"; do echo $ps "|" `pidof -s $ps`; done +; for ps in "apache2" "mysqld" "sshd"; do echo $ps "|" `pidof -s -x "$ps"`; done ; ACCESS="command" @@ -560,10 +658,13 @@ ACCESS="command" ; - "command" smartctl command is run everytime the block gets refreshed or build ; if error: Smartctl open device: /dev/sda failed: Permission denied ; Not recommended method: -; execute: chmod 4755 /usr/sbin/smartctl +; execute: chmod 4755 /usr/sbin/smartctl +; Second method: +; try to set: SUDO_COMMANDS="smartctl" and add to file /etc/sudoers line: apache ALL = (ALL) NOPASSWD: /usr/sbin/smartctl ; - "data" (a file must be available in the data directory of the ; phpsysinfo installation with the filename "smart{disk_number}.txt"; ; content is the output from "smartctl --all device") +; - "wmi" information is retrieved everytime through WMI (WinNT only) ; ACCESS="command" @@ -595,9 +696,10 @@ IDS="005-RAW_VALUE,194-RAW_VALUE,4-RAW_VALUE,009-RAW_VALUE,012-RAW_VALUE,193-RAW ; - "data" a file must be available in the data directory of the ; phpsysinfo installation with the filename "snmppinfo{printer_number}.txt"; ; content is the output from: -; LANG=C LC_ALL=C snmpwalk -On -c public -v 1 {printer_address} .1.3.6.1.2.1.1.5 > snmppinfo{printer_number}.txt -; LANG=C LC_ALL=C snmpwalk -On -c public -v 1 {printer_address} .1.3.6.1.2.1.43.11.1.1 >> snmppinfo{printer_number}.txt -; LANG=C LC_ALL=C snmpwalk -On -c public -v 1 {printer_address} .1.3.6.1.2.1.43.18.1.1 >> snmppinfo{printer_number}.txt +; LANG=C LC_ALL=C snmpwalk -On -c public -v 1 -r 0 -t 3 {printer_address} .1.3.6.1.2.1.1.5 > snmppinfo{printer_number}.txt +; LANG=C LC_ALL=C snmpwalk -On -c public -v 1 -r 0 -t 3 {printer_address} .1.3.6.1.4.1.367.3.2.1.2.24.1.1 >> snmppinfo{printer_number}.txt +; LANG=C LC_ALL=C snmpwalk -On -c public -v 1 -r 0 -t 3 {printer_address} .1.3.6.1.2.1.43.11.1.1 >> snmppinfo{printer_number}.txt +; LANG=C LC_ALL=C snmpwalk -On -c public -v 1 -r 0 -t 3 {printer_address} .1.3.6.1.2.1.43.18.1.1 >> snmppinfo{printer_number}.txt ; ACCESS="php-snmp" @@ -611,6 +713,12 @@ DEVICES="192.168.0.5, 192.168.0.9" [updatenotifier] ; Update Notifier Plugin configuration +; define how to access the updatenotifier statistic data +; - "command" execute command /usr/lib/update-notifier/apt-check +; - "data" reads data from file defined in FILE parameter +; +ACCESS="data" + ; define the update info file format ; - true: Ubuntu Landscape format (file: /var/lib/update-notifier/updates-available) ; - false: universal format (format: A;B) @@ -619,10 +727,11 @@ DEVICES="192.168.0.5, 192.168.0.9" ; UBUNTU_LANDSCAPE_FORMAT=true -; define the update info file +; define the update info file. The default is: /var/lib/update-notifier/updates-available ; FILE="/var/lib/update-notifier/updates-available" + [uprecords] ; Uprecords Plugin configuration @@ -639,3 +748,76 @@ ACCESS="command" ; default is 10 ; MAX_ENTRIES = 10 + +; define the short mode (do not print extra statistics) +; default is false +; +SHORT_MODE = false + +; denote current system session by asterisk (* at the end) instead by the arrow (-> at the beginning) +; default is false +; +DENOTE_BY_ASTERISK = false + + +[iptables] +; Iptables Plugin configuration + +; define how to access the iptables rules data +; - "command" iptables-save command is run everytime the block gets refreshed or build +; if access error try to set: SUDO_COMMANDS="iptables-save" and add to file /etc/sudoers line: apache ALL = (ALL) NOPASSWD: /sbin/iptables-save +; - "data" (a file must be available in the data directory of the phpsysinfo installation with the filename "iptables.txt"; content is the output from "iptables-save") +; +ACCESS="command" + + +[pingtest] +; PingTest Plugin configuration + +; define how to access the psstatus statistic data +; - "command" ping command is run everytime the block gets refreshed or build +; - "data" (a file must be available in the data directory of the phpsysinfo installation +; with the filename "pingtest.txt") +; +ACCESS="command" + +;define the Addresses +; +; string contains a list of addresses that are checked +; Example : ADDRESSES="127.0.0.1,8.8.8.8" +; +ADDRESSES="" + +; Define ping timeout in seconds +; - 0 : default ping command timeout +; - 3 : 3 seconds +; Default is 2 seconds +; +TIMEOUT=2 + +[stablebit] +; StableBit Plugin configuration + +; Show or hide disks serial number +; +SHOW_SERIAL=false + +[hyperv] +; HyperV Plugin configuration + +; define how to access the ps statistic data +; - "command" information is retrieved through WMI +; - "data" (a file must be available in the data directory of the phpsysinfo installation +; with the filename "hyperv.txt") +; +ACCESS="command" + +[docker] +; Docker Plugin configuration + +; define how to access the docker statistic data +; - "command" docker command is run everytime the block gets refreshed or build +; - "data" (a file must be available in the data directory of the phpsysinfo installation +; with the filename "docker.txt"; content is the output from "docker stats --no-stream --format 'table {{.Name}}\t{{.CPUPerc}}\t{{.MemUsage}}\t{{.MemPerc}}\t{{.NetIO}}\t{{.BlockIO}}\t{{.PIDs}}'") +; +ACCESS="command" diff --git a/manifest.json b/manifest.json index fb385e1..32fad2d 100644 --- a/manifest.json +++ b/manifest.json @@ -1,24 +1,25 @@ { - "name": "PhpSysInfo", "id": "phpsysinfo", + "name": "PhpSysInfo", "packaging_format": 1, "description": { "en": "A customizable PHP script that displays information about your system nicely.", "fr": "Un script PHP paramétrable qui affiche des informations sur votre système." }, - "url": "http://phpsysinfo.github.io/phpsysinfo/", - "license": "free", + "version": "3.3.2~ynh2", + "url": "https://github.com/inrepublica/phpsysinfo_ynh/", + "license": "GPL-3.0-only", "maintainer": { "name": "inrepublica", "email": "duvalmickael@gmail.com" }, "requirements": { - "yunohost": ">= 2.4.0.6" + "yunohost": ">= 3.6.5" }, "multi_instance": false, "services": [ "nginx", - "php5-fpm" + "php7.0-fpm" ], "arguments": { "install" : [ @@ -43,12 +44,12 @@ }, { "name": "is_public", + "type": "boolean", "ask": { - "en": "Is it a public WordPress site?", + "en": "Is it a public website?", "fr": "Est-ce un site public ?" }, - "choices": ["Yes", "No"], - "default": "No" + "default": false }, { "name": "language", @@ -68,6 +69,7 @@ "choices": ["auto", "dynamic", "static", "bootstrap"], "default": "bootstrap" } + } ] } -} +} \ No newline at end of file diff --git a/scripts/_common.sh b/scripts/_common.sh new file mode 100644 index 0000000..cc1f786 --- /dev/null +++ b/scripts/_common.sh @@ -0,0 +1 @@ +#!/bin/bash \ No newline at end of file diff --git a/scripts/backup b/scripts/backup index 1868b73..83eb601 100644 --- a/scripts/backup +++ b/scripts/backup @@ -1,19 +1,56 @@ #!/bin/bash -# Exit on command errors and treat unset variables as an error -set -eu +#================================================= +# GENERIC START +#================================================= +# IMPORT GENERIC HELPERS +#================================================= -# See comments in install script -app=phpsysinfo +source ../settings/scripts/_common.sh +source /usr/share/yunohost/helpers -# Source YunoHost helpers -. /usr/share/yunohost/helpers +#================================================= +# MANAGE SCRIPT FAILURE +#================================================= -# Retrieve app settings -domain=$(ynh_app_setting_get "$app" domain) +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors -# Backup sources & data -ynh_backup "/var/www/${app}" "sources" +#================================================= +# LOAD SETTINGS +#================================================= +ynh_script_progression --message="Loading installation settings..." -# Copy NGINX configuration -ynh_backup "/etc/nginx/conf.d/${domain}.d/${app}.conf" "nginx.conf" \ No newline at end of file +app=$YNH_APP_INSTANCE_NAME + +final_path=$(ynh_app_setting_get --app=$app --key=final_path) +domain=$(ynh_app_setting_get --app=$app --key=domain) + +#================================================= +# STANDARD BACKUP STEPS +#================================================= +# BACKUP THE APP MAIN DIR +#================================================= +ynh_script_progression --message="Backing up the main app directory..." + +ynh_backup --src_path="$final_path" + +#================================================= +# BACKUP THE NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Backing up nginx web server configuration..." + +ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" + +#================================================= +# BACKUP THE PHP-FPM CONFIGURATION +#================================================= +ynh_script_progression --message="Backing up php-fpm configuration..." + +ynh_backup --src_path="/etc/php/7.0/fpm/pool.d/$app.conf" + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." --last \ No newline at end of file diff --git a/scripts/change_url b/scripts/change_url new file mode 100644 index 0000000..3aeea70 --- /dev/null +++ b/scripts/change_url @@ -0,0 +1,92 @@ +#!/bin/bash + +#================================================= +# GENERIC STARTING +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +source _common.sh +source /usr/share/yunohost/helpers + +#================================================= +# RETRIEVE ARGUMENTS +#================================================= + +old_domain=$YNH_APP_OLD_DOMAIN +old_path=$YNH_APP_OLD_PATH + +new_domain=$YNH_APP_NEW_DOMAIN +new_path=$YNH_APP_NEW_PATH + +app=$YNH_APP_INSTANCE_NAME + +#================================================= +# LOAD SETTINGS +#================================================= +ynh_script_progression --message="Loading installation settings..." + +# Needed for helper "ynh_add_nginx_config" +final_path=$(ynh_app_setting_get --app=$app --key=final_path) + +#================================================= +# CHECK WHICH PARTS SHOULD BE CHANGED +#================================================= + +change_domain=0 +if [ "$old_domain" != "$new_domain" ] +then + change_domain=1 +fi + +change_path=0 +if [ "$old_path" != "$new_path" ] +then + change_path=1 +fi + +#================================================= +# STANDARD MODIFICATIONS +#================================================= +# MODIFY URL IN NGINX CONF +#================================================= +ynh_script_progression --message="Updating nginx web server configuration..." --weight=2 + +nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf + +# Change the path in the nginx config file +if [ $change_path -eq 1 ] +then + # Make a backup of the original nginx config file if modified + ynh_backup_if_checksum_is_different --file="$nginx_conf_path" + # Set global variables for nginx helper + domain="$old_domain" + path_url="$new_path" + # Create a dedicated nginx config + ynh_add_nginx_config +fi + +# Change the domain for nginx +if [ $change_domain -eq 1 ] +then + # Delete file checksum for the old conf file location + ynh_delete_file_checksum --file="$nginx_conf_path" + mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf + # Store file checksum for the new config file location + ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" +fi + +#================================================= +# GENERIC FINALISATION +#================================================= +# RELOAD NGINX +#================================================= +ynh_script_progression --message="Reloading nginx web server..." + +ynh_systemd_action --service_name=nginx --action=reload + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Change of URL completed for $app" --last \ No newline at end of file diff --git a/scripts/install b/scripts/install index b47bb97..46d0a5f 100644 --- a/scripts/install +++ b/scripts/install @@ -1,69 +1,119 @@ #!/bin/bash -# Exit on command errors and treat unset variables as an error -set -eu +#================================================= +# GENERIC START +#================================================= +# IMPORT GENERIC HELPERS +#================================================= -# Define app -app=phpsysinfo -version=3.2.5 -md5_source=08875b31a9a7a662473d8cbe866059e7 +source _common.sh +source /usr/share/yunohost/helpers + +#================================================= +# MANAGE SCRIPT FAILURE +#================================================= + +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + +#================================================= +# RETRIEVE ARGUMENTS FROM THE MANIFEST +#================================================= -# Retrieve arguments domain=$YNH_APP_ARG_DOMAIN -path=$YNH_APP_ARG_PATH +path_url=$YNH_APP_ARG_PATH is_public=$YNH_APP_ARG_IS_PUBLIC language=$YNH_APP_ARG_LANGUAGE display_mode=$YNH_APP_ARG_DISPLAY_MODE -# Source YunoHost helpers -. /usr/share/yunohost/helpers +app=$YNH_APP_INSTANCE_NAME +app_nb=$YNH_APP_INSTANCE_NUMBER -# Save app settings -ynh_app_setting_set "$app" domain "$domain" -ynh_app_setting_set "$app" path "$path" -ynh_app_setting_set "$app" is_public "$is_public" -ynh_app_setting_set "$app" language "$language" -ynh_app_setting_set "$app" display_mode "$display_mode" +#================================================= +# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS +#================================================= +ynh_script_progression --message="Validating installation parameters..." --weight=2 -# Check domain/path availability -sudo yunohost app checkurl "${domain}${path}" -a "$app" \ - || ynh_die "Path not available: ${domain}${path}" - -# Download source, check md5, untar, copy it -sudo wget -q https://github.com/phpsysinfo/phpsysinfo/archive/v$version.tar.gz -O /tmp/phpsysinfo.tar.gz - -# Check md5 -md5_check=($(md5sum /tmp/phpsysinfo.tar.gz)) -if [ $md5_source != $md5_check ] -then - ynh_die "the download is corrupted (md5 different)" -fi - -# untar and copy it -sudo tar -xvf /tmp/phpsysinfo.tar.gz -C /tmp/ final_path=/var/www/$app -sudo mkdir -p $final_path -sudo cp -a /tmp/phpsysinfo-$version/. $final_path +test ! -e "$final_path" || ynh_die --message="This path already contains a folder" -# Modify Phpsysinfo configuration and copy it -sed -i "s@YNH_DEFAULT_LANGUAGE@$language@g" ../conf/phpsysinfo.ini -sed -i "s@YNH_DISPLAY_MODE@$display_mode@g" ../conf/phpsysinfo.ini -sudo cp ../conf/phpsysinfo.ini $final_path +# Register (book) web path +ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url -# Set permissions to phpsysinfo directory -sudo chown -R www-data: $final_path +#================================================= +# STORE SETTINGS FROM MANIFEST +#================================================= +ynh_script_progression --message="Storing installation settings..." -# Modify Nginx configuration file and copy it to Nginx conf directory -sed -i "s@YNH_WWW_PATH@$path@g" ../conf/nginx.conf -sed -i "s@YNH_WWW_ALIAS@$final_path/@g" ../conf/nginx.conf -sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf +user=webapp${app_nb} +ynh_app_setting_set --app=$app --key=domain --value=$domain +ynh_app_setting_set --app=$app --key=path --value=$path_url +ynh_app_setting_set --app=$app --key=is_public --value=$is_public +ynh_app_setting_set --app=$app --key=language --value=$language +ynh_app_setting_set --app=$app --key=display_mode --value=$display_mode +ynh_app_setting_set --app=$app --key=user --value=$user +ynh_app_setting_set --app=$app --key=final_path --value=$final_path -# If app is public, add url to SSOWat conf as skipped_uris -if [ "$is_public" = "Yes" ]; +#================================================= +# STANDARD MODIFICATIONS +#================================================= +# NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Configuring nginx web server..." --weight=2 + +# Create a dedicated nginx config +ynh_add_nginx_config + +#================================================= +# SPECIFIC SETUP +#================================================= +# DOWNLOAD, CHECK AND UNPACK SOURCE +#================================================= +ynh_script_progression --message="Setting up source files..." --weight=3 + +ynh_app_setting_set --app=$app --key=final_path --value=$final_path +# Download, check integrity, uncompress and patch the source from app.src +ynh_setup_source --dest_dir="$final_path" + +#================================================= +# MODIFY A CONFIG FILE +#================================================= + +ynh_replace_string --match_string="__DISPLAY_MODE__" --replace_string="$display_mode" --target_file=../conf/phpsysinfo.ini +ynh_replace_string --match_string="__LANGUAGE__" --replace_string="$language" --target_file=../conf/phpsysinfo.ini + +# Copy files to the right place +cp -r ../conf/phpsysinfo.ini "$final_path" + +#================================================= +# PHP-FPM CONFIGURATION +#================================================= +ynh_script_progression --message="Configuring php-fpm..." --weight=2 + +# Create a dedicated php-fpm config +ynh_replace_string --match_string="__USER__" --replace_string="$user" --target_file="../conf/php-fpm.conf" +ynh_add_fpm_config + +#================================================= +# GENERIC FINALIZATION +#================================================= +# SETUP SSOWAT +#================================================= +ynh_script_progression --message="Configuring SSOwat..." + +# Make app public if necessary +if [ $is_public -eq 1 ] then - # unprotected_uris allows SSO credentials to be passed anyway. - ynh_app_setting_set "$app" unprotected_uris "/" + ynh_app_setting_set --app=$app --key=skipped_uris --value="/" fi -# Restart services -sudo service nginx reload \ No newline at end of file +#================================================= +# RELOAD NGINX +#================================================= +ynh_script_progression --message="Reloading nginx web server..." + +ynh_systemd_action --service_name=nginx --action=reload + +#================================================= +# END OF SCRIPT +#================================================= \ No newline at end of file diff --git a/scripts/remove b/scripts/remove index f84322a..7243194 100644 --- a/scripts/remove +++ b/scripts/remove @@ -1,19 +1,62 @@ #!/bin/bash -# Define app -app=phpsysinfo +#================================================= +# GENERIC START +#================================================= +# IMPORT GENERIC HELPERS +#================================================= -# Source YunoHost helpers -. /usr/share/yunohost/helpers +source _common.sh +source /usr/share/yunohost/helpers -# Retrieve app settings -domain=$(ynh_app_setting_get "$app" domain) +#================================================= +# LOAD SETTINGS +#================================================= +ynh_script_progression --message="Loading installation settings..." --weight=2 -# Remove sources -sudo rm -rf /var/www/$app +app=$YNH_APP_INSTANCE_NAME -# Remove configuration files -sudo rm -f /etc/nginx/conf.d/$domain.d/$app.conf +domain=$(ynh_app_setting_get --app=$app --key=domain) +user=$(ynh_app_setting_get --app=$app --key=user) +final_path=$(ynh_app_setting_get --app=$app --key=final_path) -# Restart services -sudo service nginx reload \ No newline at end of file +#================================================= +# STANDARD REMOVE +#================================================= +# REMOVE APP MAIN DIR +#================================================= +ynh_script_progression --message="Removing app main directory..." + +# Remove the app directory securely +ynh_secure_remove --file="$final_path" + +#================================================= +# REMOVE NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Removing nginx web server configuration..." --weight=2 + +# Remove the dedicated nginx config +ynh_remove_nginx_config + +#================================================= +# REMOVE PHP-FPM CONFIGURATION +#================================================= +ynh_script_progression --message="Removing php-fpm configuration..." + +# Remove the dedicated php-fpm config +ynh_remove_fpm_config + +#================================================= +# GENERIC FINALIZATION +#================================================= +# REMOVE DEDICATED USER +#================================================= +ynh_script_progression --message="Removing the dedicated system user..." + +# Delete a system user +ynh_system_user_delete --username=$app + +#================================================= +# END OF SCRIPT +#================================================= +ynh_script_progression --message="Removal of $app completed" --last \ No newline at end of file diff --git a/scripts/restore b/scripts/restore index 3b25824..c0d9ef4 100644 --- a/scripts/restore +++ b/scripts/restore @@ -1,32 +1,76 @@ #!/bin/bash -# Exit on command errors and treat unset variables as an error -set -eu +#================================================= +# GENERIC START +#================================================= +# IMPORT GENERIC HELPERS +#================================================= -# See comments in install script -app=phpsysinfo +source ../settings/scripts/_common.sh +source /usr/share/yunohost/helpers -# Source YunoHost helpers -. /usr/share/yunohost/helpers +#================================================= +# MANAGE SCRIPT FAILURE +#================================================= -# Retrieve old app settings -domain=$(ynh_app_setting_get "$app" domain) -path=$(ynh_app_setting_get "$app" path) +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors -# Check domain/path availability -sudo yunohost app checkurl "${domain}${path}" -a "$app" \ - || ynh_die "Path not available: ${domain}${path}" +#================================================= +# LOAD SETTINGS +#================================================= +ynh_script_progression --message="Loading settings..." --weight=2 -# Restore sources & data -final_path="/var/www/${app}" -sudo cp -a ./sources "$final_path" +app=$YNH_APP_INSTANCE_NAME -# Restore permissions to app files -# you may need to make some file and/or directory writeable by www-data (nginx user) -sudo chown -R root:root "$final_path" +domain=$(ynh_app_setting_get --app=$app --key=domain) +path_url=$(ynh_app_setting_get --app=$app --key=path) +final_path=$(ynh_app_setting_get --app=$app --key=final_path) +user=$(ynh_app_setting_get --app=$app --key=user) -# Restore NGINX configuration -sudo cp -a ./nginx.conf "/etc/nginx/conf.d/${domain}.d/${app}.conf" +#================================================= +# CHECK IF THE APP CAN BE RESTORED +#================================================= +ynh_script_progression --message="Validating restoration parameters..." --weight=2 -# Restart webserver -sudo service nginx reload \ No newline at end of file +ynh_webpath_available --domain=$domain --path_url=$path_url \ + || ynh_die --message="Path not available: ${domain}${path_url}" +test ! -d $final_path \ + || ynh_die --message="There is already a directory: $final_path " + +#================================================= +# STANDARD RESTORATION STEPS +#================================================= +# RESTORE THE NGINX CONFIGURATION +#================================================= + +ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" + +#================================================= +# RESTORE THE APP MAIN DIR +#================================================= +ynh_script_progression --message="Restoring the app main directory..." + +ynh_restore_file --origin_path="$final_path" + +#================================================= +# RESTORE THE PHP-FPM CONFIGURATION +#================================================= + +ynh_restore_file --origin_path="/etc/php/7.0/fpm/pool.d/$app.conf" + +#================================================= +# GENERIC FINALIZATION +#================================================= +# RELOAD NGINX AND PHP-FPM +#================================================= +ynh_script_progression --message="Reloading nginx web server and php-fpm..." + +ynh_systemd_action --service_name=php7.0-fpm --action=reload +ynh_systemd_action --service_name=nginx --action=reload + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Restoration completed for $app" --last \ No newline at end of file diff --git a/scripts/upgrade b/scripts/upgrade index e570bdd..ee7d7e4 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -1,55 +1,161 @@ #!/bin/bash -# Exit on command errors and treat unset variables as an error -set -eu +#================================================= +# GENERIC START +#================================================= +# IMPORT GENERIC HELPERS +#================================================= -# Define app -app=phpsysinfo -version=3.2.5 -md5_source=08875b31a9a7a662473d8cbe866059e7 +source _common.sh +source /usr/share/yunohost/helpers -# Source YunoHost helpers -. /usr/share/yunohost/helpers +#================================================= +# LOAD SETTINGS +#================================================= +ynh_script_progression --message="Loading installation settings..." --weight=2 -# Retrieve app settings -domain=$(ynh_app_setting_get "$app" domain) -path=$(ynh_app_setting_get "$app" path) -is_public=$(ynh_app_setting_get "$app" is_public) -language=$(ynh_app_setting_get "$app" language) -display_mode=$(ynh_app_setting_get "$app" display_mode) +app=$YNH_APP_INSTANCE_NAME -# Download source, check md5, untar, copy it -sudo wget -q https://github.com/phpsysinfo/phpsysinfo/archive/v$version.tar.gz -O /tmp/phpsysinfo.tar.gz +domain=$(ynh_app_setting_get --app=$app --key=domain) +path_url=$(ynh_app_setting_get --app=$app --key=path) +is_public=$(ynh_app_setting_get --app=$app --key=is_public) +final_path=$(ynh_app_setting_get --app=$app --key=final_path) +language=$(ynh_app_setting_get --app=$app --key=language) +display_mode=$(ynh_app_setting_get --app=$app --key=display_mode) +user=$(ynh_app_setting_get --app=$app --key=user) -# Check md5 -md5_check=($(md5sum /tmp/phpsysinfo.tar.gz)) -if [ $md5_source != $md5_check ] -then - ynh_die "the download is corrupted (md5 different)" +#================================================= +# CHECK VERSION +#================================================= +upgrade_type=$(ynh_check_app_version_changed) + +#================================================= +# ENSURE DOWNWARD COMPATIBILITY +#================================================= +ynh_script_progression --message="Ensuring downward compatibility..." + +# Fix is_public as a boolean value +if [ "$is_public" = "Yes" ]; then + ynh_app_setting_set --app=$app --key=is_public --value=1 + is_public=1 +elif [ "$is_public" = "No" ]; then + ynh_app_setting_set --app=$app --key=is_public --value=0 + is_public=0 fi -# untar and copy it -sudo tar -xvf /tmp/phpsysinfo.tar.gz -C /tmp/ -final_path=/var/www/$app -sudo mkdir -p $final_path -sudo cp -a /tmp/phpsysinfo-$version/. $final_path - -# Set permissions to app files -sudo chown -R root:root $final_path - -# Modify Nginx configuration file and copy it to Nginx conf directory -sed -i "s@YNH_WWW_PATH@$path@g" ../conf/nginx.conf -sed -i "s@YNH_WWW_ALIAS@$final_path/@g" ../conf/nginx.conf -sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf - -# If app is public, add url to SSOWat conf as skipped_uris -if [ "$is_public" = "Yes" ]; -then - # See install script - ynh_app_setting_set "$app" unprotected_uris "/" - # Remove old settings - ynh_app_setting_delete "$app" skipped_uris +# If final_path doesn't exist, create it +if [ -z "$final_path" ]; then + final_path=/var/www/$app + ynh_app_setting_set --app=$app --key=final_path --value=$final_path fi -# Restart services -sudo service nginx reload \ No newline at end of file +#================================================= +# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +#================================================= +ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=3 + +# Backup the current version of the app +ynh_backup_before_upgrade +ynh_clean_setup () { + # restore it if the upgrade fails + ynh_restore_upgradebackup +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + +#================================================= +# CHECK THE PATH +#================================================= + +# Normalize the URL path syntax +path_url=$(ynh_normalize_url_path --path_url=$path_url) + +#================================================= +# STANDARD UPGRADE STEPS +#================================================= +# DOWNLOAD, CHECK AND UNPACK SOURCE +#================================================= + +if [ "$upgrade_type" == "UPGRADE_APP" ] +then + ynh_script_progression --message="Upgrading source files..." --weight=6 + + # Download, check integrity, uncompress and patch the source from app.src + ynh_setup_source --dest_dir="$final_path" + + # Clear cache + ynh_secure_remove --file="$final_path/var/cache" + mkdir "$final_path/var/cache" +fi + +#================================================= +# NGINX CONFIGURATION +#================================================= + +modified_config=$(ynh_backup_if_checksum_is_different --file="/etc/nginx/conf.d/$domain.d/$app.conf") +# Replace nginx config only if it wasn't modified. +if [ -z "$modified_config" ] +then + ynh_script_progression --message="Upgrading nginx web server configuration..." --weight=2 + + # Create a dedicated nginx config + ynh_add_nginx_config +fi + +#================================================= +# PHP-FPM CONFIGURATION +#================================================= + +modified_config=$(ynh_backup_if_checksum_is_different --file="/etc/php/7.0/fpm/pool.d/$app.conf") +# Replace nginx config only if it wasn't modified. +if [ -z "$modified_config" ] +then + ynh_script_progression --message="Upgrading php-fpm configuration..." --weight=2 + + # Create a dedicated php-fpm config + ynh_replace_string --match_string="__USER__" --replace_string="$user" --target_file="../conf/php-fpm.conf" + ynh_add_fpm_config +fi + +#================================================= +# SPECIFIC UPGRADE +#================================================= +# CONFIGURE PHPSYSINFO +#================================================= +if [ "$upgrade_type" == "UPGRADE_APP" ] +then + ynh_script_progression --message="Reconfiguring Phpsysinfo..." --weight=11 + + ynh_replace_string --match_string="__DISPLAY_MODE__" --replace_string="$display_mode" --target_file=../conf/phpsysinfo.ini + ynh_replace_string --match_string="__LANGUAGE__" --replace_string="$language" --target_file=../conf/phpsysinfo.ini + + # Copy files to the right place + cp -r ../conf/phpsysinfo.ini "$final_path" +fi + + +#================================================= +# GENERIC FINALIZATION +#================================================= +# SETUP SSOWAT +#================================================= +ynh_script_progression --message="Upgrading SSOwat configuration..." + +# Make app public if necessary +if [ $is_public -eq 1 ] +then + ynh_app_setting_set --app=$app --key=skipped_uris --value="/" +fi + +#================================================= +# RELOAD NGINX +#================================================= +ynh_script_progression --message="Reloading nginx web server..." + +ynh_systemd_action --service_name=nginx --action=reload + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Upgrade of $app completed" --last \ No newline at end of file From 32aea7fab04390642e248f4eec3793c7fd8f59a6 Mon Sep 17 00:00:00 2001 From: Inrepublica Date: Wed, 25 Mar 2020 19:14:05 +0100 Subject: [PATCH 02/12] Update manifest.json Error on typo --- manifest.json | 1 - 1 file changed, 1 deletion(-) diff --git a/manifest.json b/manifest.json index 32fad2d..a484e93 100644 --- a/manifest.json +++ b/manifest.json @@ -69,7 +69,6 @@ "choices": ["auto", "dynamic", "static", "bootstrap"], "default": "bootstrap" } - } ] } } \ No newline at end of file From cf48546861a174c84fb74040b0c7b7bdcb266503 Mon Sep 17 00:00:00 2001 From: Inrepublica Date: Wed, 25 Mar 2020 19:22:43 +0100 Subject: [PATCH 03/12] Update manifest.json Add help and type in JSON. --- manifest.json | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/manifest.json b/manifest.json index a484e93..57ce960 100644 --- a/manifest.json +++ b/manifest.json @@ -45,6 +45,10 @@ { "name": "is_public", "type": "boolean", + "help": { + "en": "Be careful, putting this application in public will expose some sensitive information.", + "fr": "Attention mettre cette application en publique exposera certaines informations sensibles." + }, "ask": { "en": "Is it a public website?", "fr": "Est-ce un site public ?" @@ -53,6 +57,7 @@ }, { "name": "language", + "type": "string", "ask": { "en": "Default Language?", "fr": "Langue par défaut ?" @@ -62,6 +67,7 @@ }, { "name": "display_mode", + "type": "string", "ask": { "en": "Display Mode?", "fr": "Mode d'affichage ?" From 7d45bd20cb0b4ae9225615ac4f7f845f7e04566a Mon Sep 17 00:00:00 2001 From: Inrepublica Date: Wed, 25 Mar 2020 21:46:05 +0100 Subject: [PATCH 04/12] create user in install Add deducated user in install script --- scripts/install | 8 ++++++++ scripts/restore | 8 ++++++++ scripts/upgrade | 9 ++++++++- 3 files changed, 24 insertions(+), 1 deletion(-) diff --git a/scripts/install b/scripts/install index 46d0a5f..5b21be4 100644 --- a/scripts/install +++ b/scripts/install @@ -85,6 +85,14 @@ ynh_replace_string --match_string="__LANGUAGE__" --replace_string="$language" -- # Copy files to the right place cp -r ../conf/phpsysinfo.ini "$final_path" +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Configuring system user..." --time --weight=1 + +# Create a system user +ynh_system_user_create --username=$app + #================================================= # PHP-FPM CONFIGURATION #================================================= diff --git a/scripts/restore b/scripts/restore index c0d9ef4..06998c5 100644 --- a/scripts/restore +++ b/scripts/restore @@ -53,6 +53,14 @@ ynh_script_progression --message="Restoring the app main directory..." ynh_restore_file --origin_path="$final_path" +#================================================= +# RECREATE THE DEDICATED USER +#================================================= +ynh_script_progression --message="Recreating the dedicated system user..." --time --weight=1 + +# Create the dedicated user (if not existing) +ynh_system_user_create --username=$app + #================================================= # RESTORE THE PHP-FPM CONFIGURATION #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index ee7d7e4..1f4a986 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -22,7 +22,6 @@ is_public=$(ynh_app_setting_get --app=$app --key=is_public) final_path=$(ynh_app_setting_get --app=$app --key=final_path) language=$(ynh_app_setting_get --app=$app --key=language) display_mode=$(ynh_app_setting_get --app=$app --key=display_mode) -user=$(ynh_app_setting_get --app=$app --key=user) #================================================= # CHECK VERSION @@ -102,6 +101,14 @@ then ynh_add_nginx_config fi +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Making sure dedicated system user exists..." --time --weight=1 + +# Create a dedicated user (if not existing) +ynh_system_user_create --username=$app + #================================================= # PHP-FPM CONFIGURATION #================================================= From 1c98f016b602d0c04d194f5ce0eed37ebb72ca1c Mon Sep 17 00:00:00 2001 From: Inrepublica Date: Wed, 25 Mar 2020 22:49:44 +0100 Subject: [PATCH 05/12] Add check_process Add check_process for self testing --- check_process | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 check_process diff --git a/check_process b/check_process new file mode 100644 index 0000000..2eedf38 --- /dev/null +++ b/check_process @@ -0,0 +1,24 @@ +;; Test complet + ; Manifest + domain="domain.tld" (DOMAIN) + path="/path" (PATH) + admin="john" (USER) + is_public=1 (PUBLIC|public=1|private=0) + language="fr" + display_mode="bootstrap" + ; Checks + pkg_linter=1 + setup_sub_dir=1 + setup_root=1 + setup_private=1 + setup_public=1 + upgrade=1 + backup_restore=1 + port_already_use=0 + change_url=1 +;;; Levels + # If the level 5 (Package linter) is forced to 1. Please add justifications here. + Level 5=auto +;;; Options +Email= +Notification=all \ No newline at end of file From 25fc54b1db6eee898aa1e58e0a432514bc619bb2 Mon Sep 17 00:00:00 2001 From: Inrepublica Date: Wed, 25 Mar 2020 23:04:34 +0100 Subject: [PATCH 06/12] Reset nginx and phpfpm conf Copy from example app --- conf/nginx.conf | 57 ++++++++++++++++++----------------------------- conf/php-fpm.conf | 8 +------ 2 files changed, 23 insertions(+), 42 deletions(-) diff --git a/conf/nginx.conf b/conf/nginx.conf index 2e7ac71..ec4b8d3 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,46 +1,33 @@ #sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; location __PATH__/ { - # Path to source - alias __FINALPATH__/www/; + # Path to source + alias __FINALPATH__/ ; - # Force usage of https - if ($scheme = http) { - rewrite ^ https://$server_name$request_uri? permanent; - } + # Force usage of https + if ($scheme = http) { + rewrite ^ https://$server_name$request_uri? permanent; + } - # Default indexes and catch-all - index index.html index.php; - try_files $uri $uri/ __PATH__/index.php?$args; +### Example PHP configuration (remove it if not used) + index index.php; - # Prevent useless logs - location = __PATH__/favicon.ico { - log_not_found off; - access_log off; - } - location = __PATH__/robots.txt { - allow all; - log_not_found off; - access_log off; - } + # Common parameter to increase upload size limit in conjunction with dedicated php-fpm file + #client_max_body_size 50M; - # Deny access to hidden files and directories - location ~ ^__PATH__/(.+/|)\.(?!well-known\/) { - deny all; - } + try_files $uri $uri/ index.php; + location ~ [^/]\.php(/|$) { + fastcgi_split_path_info ^(.+?\.php)(/.*)$; + fastcgi_pass unix:/var/run/php/php7.0-fpm-__NAME__.sock; - # Execute and serve PHP files - location ~ [^/]\.php(/|$) { - fastcgi_split_path_info ^(.+?\.php)(/.*)$; - fastcgi_pass unix:/var/run/php/php7.0-fpm-__NAME__.sock; - fastcgi_index index.php; - include fastcgi_params; - fastcgi_param REMOTE_USER $remote_user; - fastcgi_param PATH_INFO $fastcgi_path_info; - fastcgi_param SCRIPT_FILENAME $request_filename; - } + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param REMOTE_USER $remote_user; + fastcgi_param PATH_INFO $fastcgi_path_info; + fastcgi_param SCRIPT_FILENAME $request_filename; + } ### End of PHP configuration part - # Include SSOWAT user panel. - include conf.d/yunohost_panel.conf.inc; + # Include SSOWAT user panel. + include conf.d/yunohost_panel.conf.inc; } \ No newline at end of file diff --git a/conf/php-fpm.conf b/conf/php-fpm.conf index 1f4f865..60da25a 100644 --- a/conf/php-fpm.conf +++ b/conf/php-fpm.conf @@ -427,10 +427,4 @@ chdir = __FINALPATH__ ; php_admin_value[max_execution_time] = 600 ; php_admin_value[max_input_time] = 300 ; php_admin_value[memory_limit] = 256M -; php_admin_flag[short_open_tag] = On - -; Additional php.ini defines, specific to this pool of workers. -php_value[upload_max_filesize] = 1G -php_value[post_max_size] = 1G -php_value[default_charset] = UTF-8 -php_value[always_populate_raw_post_data] = -1 \ No newline at end of file +; php_admin_flag[short_open_tag] = On \ No newline at end of file From f477c1877d63db568991b6524e1afad843934e49 Mon Sep 17 00:00:00 2001 From: Inrepublica Date: Thu, 26 Mar 2020 11:27:03 +0100 Subject: [PATCH 07/12] Rework from example_app Complete rework from example_app --- README.md | 7 +-- manifest.json | 11 +++- scripts/_common.sh | 18 ++++++- scripts/backup | 23 +++++++-- scripts/change_url | 25 ++++++++-- scripts/install | 122 ++++++++++++++++++++++++++++++++++----------- scripts/remove | 22 +++++--- scripts/restore | 32 +++++++++--- scripts/upgrade | 85 +++++++++++++++++++------------ 9 files changed, 256 insertions(+), 89 deletions(-) diff --git a/README.md b/README.md index 9fa928d..ed728b3 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # PHPSysInfo for Yunohost -[![Integration level](https://dash.yunohost.org/integration/phpsysinfo_ynh.svg)](https://dash.yunohost.org/appci/app/phpsysinfo_ynh) +[![Integration level](https://dash.yunohost.org/appci/app/phpsysinfo_ynh.svg)](https://dash.yunohost.org/appci/app/phpsysinfo_ynh) [![Install Custom Webapp with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=phpsysinfo_ynh) > *This package allow you to install PHPSysInfo quickly and simply on a YunoHost server. @@ -26,6 +26,7 @@ Edit `phpsysinfo.ini` in `/var/www/phpsysinfo/phpsysinfo.ini`. ## YunoHost specific features #### Multi-users support +No support for multi-users. #### Supported architectures @@ -49,7 +50,7 @@ Please do your pull request to the [testing branch](https://github.com/inrepubli To try the testing branch, please proceed like that. ``` -sudo yunohost app install https://github.com/inrepublica/phpsysinfo_ynh/tree/testing --debug +sudo yunohost app install https://github.com/YunoHost-Apps/phpsysinfo_ynh/tree/testing --debug or -sudo yunohost app upgrade my_webapp -u https://github.com/inrepublica/phpsysinfo_ynh/tree/testing --debug +sudo yunohost app upgrade my_webapp -u https://github.com/YunoHost-Apps/phpsysinfo_ynh/tree/testing --debug ``` diff --git a/manifest.json b/manifest.json index 57ce960..cfab75c 100644 --- a/manifest.json +++ b/manifest.json @@ -41,6 +41,15 @@ }, "example": "/phpsysinfo", "default": "/phpsysinfo" + }, + { + "name": "admin", + "type": "user", + "ask": { + "en": "Choose an admin user", + "fr": "Choisissez l’administrateur" + }, + "example": "johndoe" }, { "name": "is_public", @@ -73,7 +82,7 @@ "fr": "Mode d'affichage ?" }, "choices": ["auto", "dynamic", "static", "bootstrap"], - "default": "bootstrap" + "default": "auto" } ] } diff --git a/scripts/_common.sh b/scripts/_common.sh index cc1f786..69c72c9 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -1 +1,17 @@ -#!/bin/bash \ No newline at end of file +#!/bin/bash + +#================================================= +# COMMON VARIABLES +#================================================= + +#================================================= +# PERSONAL HELPERS +#================================================= + +#================================================= +# EXPERIMENTAL HELPERS +#================================================= + +#================================================= +# FUTURE OFFICIAL HELPERS +#================================================= \ No newline at end of file diff --git a/scripts/backup b/scripts/backup index 83eb601..58cfde0 100644 --- a/scripts/backup +++ b/scripts/backup @@ -6,6 +6,7 @@ # IMPORT GENERIC HELPERS #================================================= +#Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers @@ -13,13 +14,17 @@ source /usr/share/yunohost/helpers # MANAGE SCRIPT FAILURE #================================================= +ynh_clean_setup () { + ### Remove this function if there's nothing to clean before calling the remove script. + true +} # Exit if an error occurs during the execution of the script ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading installation settings..." +ynh_script_progression --message="Loading installation settings..." --time --weight=1 app=$YNH_APP_INSTANCE_NAME @@ -31,26 +36,34 @@ domain=$(ynh_app_setting_get --app=$app --key=domain) #================================================= # BACKUP THE APP MAIN DIR #================================================= -ynh_script_progression --message="Backing up the main app directory..." +ynh_script_progression --message="Backing up the main app directory..." --time --weight=1 ynh_backup --src_path="$final_path" #================================================= # BACKUP THE NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Backing up nginx web server configuration..." +ynh_script_progression --message="Backing up nginx web server configuration..." --time --weight=1 ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= # BACKUP THE PHP-FPM CONFIGURATION #================================================= -ynh_script_progression --message="Backing up php-fpm configuration..." +ynh_script_progression --message="Backing up php-fpm configuration..." --time --weight=1 ynh_backup --src_path="/etc/php/7.0/fpm/pool.d/$app.conf" +#================================================= +# BACKUP FAIL2BAN CONFIGURATION +#================================================= +ynh_script_progression --message="Backing up fail2ban configuration..." --time --weight=1 + +ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf" +ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf" + #================================================= # END OF SCRIPT #================================================= -ynh_script_progression --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." --last \ No newline at end of file +ynh_script_progression --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." --time --last \ No newline at end of file diff --git a/scripts/change_url b/scripts/change_url index 3aeea70..ce99034 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -24,11 +24,28 @@ app=$YNH_APP_INSTANCE_NAME #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading installation settings..." +ynh_script_progression --message="Loading installation settings..." --time --weight=1 # Needed for helper "ynh_add_nginx_config" final_path=$(ynh_app_setting_get --app=$app --key=final_path) +#================================================= +# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +#================================================= +ynh_script_progression --message="Backing up the app before changing its url (may take a while)..." --time --weight=1 + +# Backup the current version of the app +ynh_backup_before_upgrade +ynh_clean_setup () { + # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location. + ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" + + # restore it if the upgrade fails + ynh_restore_upgradebackup +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + #================================================= # CHECK WHICH PARTS SHOULD BE CHANGED #================================================= @@ -50,7 +67,7 @@ fi #================================================= # MODIFY URL IN NGINX CONF #================================================= -ynh_script_progression --message="Updating nginx web server configuration..." --weight=2 +ynh_script_progression --message="Updating nginx web server configuration..." --time --weight=1 nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf @@ -81,7 +98,7 @@ fi #================================================= # RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading nginx web server..." +ynh_script_progression --message="Reloading nginx web server..." --time --weight=1 ynh_systemd_action --service_name=nginx --action=reload @@ -89,4 +106,4 @@ ynh_systemd_action --service_name=nginx --action=reload # END OF SCRIPT #================================================= -ynh_script_progression --message="Change of URL completed for $app" --last \ No newline at end of file +ynh_script_progression --message="Change of URL completed for $app" --time --last \ No newline at end of file diff --git a/scripts/install b/scripts/install index 5b21be4..a9a8574 100644 --- a/scripts/install +++ b/scripts/install @@ -13,6 +13,10 @@ source /usr/share/yunohost/helpers # MANAGE SCRIPT FAILURE #================================================= +ynh_clean_setup () { + ### Remove this function if there's nothing to clean before calling the remove script. + true +} # Exit if an error occurs during the execution of the script ynh_abort_if_errors @@ -22,18 +26,26 @@ ynh_abort_if_errors domain=$YNH_APP_ARG_DOMAIN path_url=$YNH_APP_ARG_PATH +admin=$YNH_APP_ARG_ADMIN is_public=$YNH_APP_ARG_IS_PUBLIC language=$YNH_APP_ARG_LANGUAGE display_mode=$YNH_APP_ARG_DISPLAY_MODE -app=$YNH_APP_INSTANCE_NAME -app_nb=$YNH_APP_INSTANCE_NUMBER - #================================================= # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS #================================================= -ynh_script_progression --message="Validating installation parameters..." --weight=2 +### About --weight and --time +### ynh_script_progression will show to your final users the progression of each scripts. +### In order to do that, --weight will represent the relative time of execution compared to the other steps in the script. +### --time is a packager option, it will show you the execution time since the previous call. +### This option should be removed before releasing your app. +### Use the execution time, given by --time, to estimate the weight of a step. +### A common way to do it is to set a weight equal to the execution time in second +1. +### The execution time is given for the duration since the previous call. So the weight should be applied to this previous call. +ynh_script_progression --message="Validating installation parameters..." --time --weight=1 +### If the app uses nginx as web server (written in HTML/PHP in most cases), the final path should be "/var/www/$app". +### If the app provides an internal web server (or uses another application server such as uwsgi), the final path should be "/opt/yunohost/$app" final_path=/var/www/$app test ! -e "$final_path" || ynh_die --message="This path already contains a folder" @@ -43,47 +55,39 @@ ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url #================================================= # STORE SETTINGS FROM MANIFEST #================================================= -ynh_script_progression --message="Storing installation settings..." +ynh_script_progression --message="Storing installation settings..." --time --weight=1 -user=webapp${app_nb} ynh_app_setting_set --app=$app --key=domain --value=$domain ynh_app_setting_set --app=$app --key=path --value=$path_url +ynh_app_setting_set --app=$app --key=admin --value=$admin ynh_app_setting_set --app=$app --key=is_public --value=$is_public ynh_app_setting_set --app=$app --key=language --value=$language ynh_app_setting_set --app=$app --key=display_mode --value=$display_mode -ynh_app_setting_set --app=$app --key=user --value=$user -ynh_app_setting_set --app=$app --key=final_path --value=$final_path #================================================= # STANDARD MODIFICATIONS #================================================= -# NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Configuring nginx web server..." --weight=2 - -# Create a dedicated nginx config -ynh_add_nginx_config - -#================================================= -# SPECIFIC SETUP -#================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= -ynh_script_progression --message="Setting up source files..." --weight=3 +ynh_script_progression --message="Setting up source files..." --time --weight=1 + +### `ynh_setup_source` is used to install an app from a zip or tar.gz file, +### downloaded from an upstream source, like a git repository. +### `ynh_setup_source` use the file conf/app.src ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" #================================================= -# MODIFY A CONFIG FILE +# NGINX CONFIGURATION #================================================= +ynh_script_progression --message="Configuring nginx web server..." --time --weight=1 -ynh_replace_string --match_string="__DISPLAY_MODE__" --replace_string="$display_mode" --target_file=../conf/phpsysinfo.ini -ynh_replace_string --match_string="__LANGUAGE__" --replace_string="$language" --target_file=../conf/phpsysinfo.ini +### `ynh_add_nginx_config` will use the file conf/nginx.conf -# Copy files to the right place -cp -r ../conf/phpsysinfo.ini "$final_path" +# Create a dedicated nginx config +ynh_add_nginx_config #================================================= # CREATE DEDICATED USER @@ -96,32 +100,90 @@ ynh_system_user_create --username=$app #================================================= # PHP-FPM CONFIGURATION #================================================= -ynh_script_progression --message="Configuring php-fpm..." --weight=2 +ynh_script_progression --message="Configuring php-fpm..." --time --weight=1 + +### `ynh_add_fpm_config` is used to set up a PHP config. +### You can remove it if your app doesn't use PHP. +### `ynh_add_fpm_config` will use the files conf/php-fpm.conf +### If you're not using these lines: +### - You can remove these files in conf/. +### - Remove the section "BACKUP THE PHP-FPM CONFIGURATION" in the backup script +### - Remove also the section "REMOVE PHP-FPM CONFIGURATION" in the remove script +### - As well as the section "RESTORE THE PHP-FPM CONFIGURATION" in the restore script +### With the reload at the end of the script. +### - And the section "PHP-FPM CONFIGURATION" in the upgrade script # Create a dedicated php-fpm config -ynh_replace_string --match_string="__USER__" --replace_string="$user" --target_file="../conf/php-fpm.conf" ynh_add_fpm_config +#================================================= +# SPECIFIC SETUP +#================================================= +# MODIFY A CONFIG FILE +#================================================= + +### `ynh_replace_string` is used to replace a string in a file. +### (It's compatible with sed regular expressions syntax) + +ynh_replace_string --match_string="__DISPLAY_MODE__" --replace_string="$display_mode" --target_file=../conf/phpsysinfo.ini +ynh_replace_string --match_string="__LANGUAGE__" --replace_string="$language" --target_file=../conf/phpsysinfo.ini + +# Copy files to the right place +cp -r ../conf/phpsysinfo.ini "$final_path" + +#================================================= +# STORE THE CONFIG FILE CHECKSUM +#================================================= + +### `ynh_store_file_checksum` is used to store the checksum of a file. +### That way, during the upgrade script, by using `ynh_backup_if_checksum_is_different`, +### you can make a backup of this file before modifying it again if the admin had modified it. + +# Calculate and store the config file checksum into the app settings +ynh_store_file_checksum --file="$final_path/phpsysinfo.ini" + #================================================= # GENERIC FINALIZATION +#================================================= +# SECURE FILES AND DIRECTORIES +#================================================= + +### For security reason, any app should set the permissions to root: before anything else. +### Then, if write authorization is needed, any access should be given only to directories +### that really need such authorization. + +# Set permissions to app files +chown -R root: $final_path + +#================================================= +# SETUP FAIL2BAN +#================================================= +ynh_script_progression --message="Configuring fail2ban..." --time --weight=1 + +# Create a dedicated fail2ban config +ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login" + #================================================= # SETUP SSOWAT #================================================= -ynh_script_progression --message="Configuring SSOwat..." +ynh_script_progression --message="Configuring SSOwat..." --time --weight=1 # Make app public if necessary if [ $is_public -eq 1 ] then - ynh_app_setting_set --app=$app --key=skipped_uris --value="/" + # unprotected_uris allows SSO credentials to be passed anyway. + ynh_app_setting_set --app=$app --key=unprotected_uris --value="/" fi #================================================= # RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading nginx web server..." +ynh_script_progression --message="Reloading nginx web server..." --time --weight=1 ynh_systemd_action --service_name=nginx --action=reload #================================================= # END OF SCRIPT -#================================================= \ No newline at end of file +#================================================= + +ynh_script_progression --message="Installation of $app completed" --time --last \ No newline at end of file diff --git a/scripts/remove b/scripts/remove index 7243194..7737ea8 100644 --- a/scripts/remove +++ b/scripts/remove @@ -12,12 +12,11 @@ source /usr/share/yunohost/helpers #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading installation settings..." --weight=2 +ynh_script_progression --message="Loading installation settings..." --time --weight=1 app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app=$app --key=domain) -user=$(ynh_app_setting_get --app=$app --key=user) final_path=$(ynh_app_setting_get --app=$app --key=final_path) #================================================= @@ -25,7 +24,7 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path) #================================================= # REMOVE APP MAIN DIR #================================================= -ynh_script_progression --message="Removing app main directory..." +ynh_script_progression --message="Removing app main directory..." --time --weight=1 # Remove the app directory securely ynh_secure_remove --file="$final_path" @@ -33,7 +32,7 @@ ynh_secure_remove --file="$final_path" #================================================= # REMOVE NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Removing nginx web server configuration..." --weight=2 +ynh_script_progression --message="Removing nginx web server configuration..." --time --weight=1 # Remove the dedicated nginx config ynh_remove_nginx_config @@ -41,17 +40,25 @@ ynh_remove_nginx_config #================================================= # REMOVE PHP-FPM CONFIGURATION #================================================= -ynh_script_progression --message="Removing php-fpm configuration..." +ynh_script_progression --message="Removing php-fpm configuration..." --time --weight=1 # Remove the dedicated php-fpm config ynh_remove_fpm_config +#================================================= +# REMOVE FAIL2BAN CONFIGURATION +#================================================= +ynh_script_progression --message="Removing fail2ban configuration..." --time --weight=1 + +# Remove the dedicated fail2ban config +ynh_remove_fail2ban_config + #================================================= # GENERIC FINALIZATION #================================================= # REMOVE DEDICATED USER #================================================= -ynh_script_progression --message="Removing the dedicated system user..." +ynh_script_progression --message="Removing the dedicated system user..." --time --weight=1 # Delete a system user ynh_system_user_delete --username=$app @@ -59,4 +66,5 @@ ynh_system_user_delete --username=$app #================================================= # END OF SCRIPT #================================================= -ynh_script_progression --message="Removal of $app completed" --last \ No newline at end of file + +ynh_script_progression --message="Removal of $app completed" --time --last \ No newline at end of file diff --git a/scripts/restore b/scripts/restore index 06998c5..286aa90 100644 --- a/scripts/restore +++ b/scripts/restore @@ -6,6 +6,7 @@ # IMPORT GENERIC HELPERS #================================================= +#Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers @@ -13,25 +14,28 @@ source /usr/share/yunohost/helpers # MANAGE SCRIPT FAILURE #================================================= +ynh_clean_setup () { + #### Remove this function if there's nothing to clean before calling the remove script. + true +} # Exit if an error occurs during the execution of the script ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading settings..." --weight=2 +ynh_script_progression --message="Loading settings..." --time --weight=1 app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app=$app --key=domain) path_url=$(ynh_app_setting_get --app=$app --key=path) final_path=$(ynh_app_setting_get --app=$app --key=final_path) -user=$(ynh_app_setting_get --app=$app --key=user) #================================================= # CHECK IF THE APP CAN BE RESTORED #================================================= -ynh_script_progression --message="Validating restoration parameters..." --weight=2 +ynh_script_progression --message="Validating restoration parameters..." --time --weight=1 ynh_webpath_available --domain=$domain --path_url=$path_url \ || ynh_die --message="Path not available: ${domain}${path_url}" @@ -49,7 +53,7 @@ ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= # RESTORE THE APP MAIN DIR #================================================= -ynh_script_progression --message="Restoring the app main directory..." +ynh_script_progression --message="Restoring the app main directory..." --time --weight=1 ynh_restore_file --origin_path="$final_path" @@ -61,18 +65,34 @@ ynh_script_progression --message="Recreating the dedicated system user..." --tim # Create the dedicated user (if not existing) ynh_system_user_create --username=$app +#================================================= +# RESTORE USER RIGHTS +#================================================= + +# Restore permissions on app files +chown -R root: $final_path + #================================================= # RESTORE THE PHP-FPM CONFIGURATION #================================================= ynh_restore_file --origin_path="/etc/php/7.0/fpm/pool.d/$app.conf" +#================================================= +# RESTORE FAIL2BAN CONFIGURATION +#================================================= +ynh_script_progression --message="Restoring the fail2ban configuration..." --time --weight=1 + +ynh_restore_file "/etc/fail2ban/jail.d/$app.conf" +ynh_restore_file "/etc/fail2ban/filter.d/$app.conf" +ynh_systemd_action --action=restart --service_name=fail2ban + #================================================= # GENERIC FINALIZATION #================================================= # RELOAD NGINX AND PHP-FPM #================================================= -ynh_script_progression --message="Reloading nginx web server and php-fpm..." +ynh_script_progression --message="Reloading nginx web server and php-fpm..." --time --weight=1 ynh_systemd_action --service_name=php7.0-fpm --action=reload ynh_systemd_action --service_name=nginx --action=reload @@ -81,4 +101,4 @@ ynh_systemd_action --service_name=nginx --action=reload # END OF SCRIPT #================================================= -ynh_script_progression --message="Restoration completed for $app" --last \ No newline at end of file +ynh_script_progression --message="Restoration completed for $app" --time --last \ No newline at end of file diff --git a/scripts/upgrade b/scripts/upgrade index 1f4a986..7c4d209 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -12,12 +12,13 @@ source /usr/share/yunohost/helpers #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading installation settings..." --weight=2 +ynh_script_progression --message="Loading installation settings..." --time --weight=1 app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app=$app --key=domain) path_url=$(ynh_app_setting_get --app=$app --key=path) +admin=$(ynh_app_setting_get --app=$app --key=admin) is_public=$(ynh_app_setting_get --app=$app --key=is_public) final_path=$(ynh_app_setting_get --app=$app --key=final_path) language=$(ynh_app_setting_get --app=$app --key=language) @@ -26,12 +27,19 @@ display_mode=$(ynh_app_setting_get --app=$app --key=display_mode) #================================================= # CHECK VERSION #================================================= + +### This helper will compare the version of the currently installed app and the version of the upstream package. +### $upgrade_type can have 2 different values +### - UPGRADE_APP if the upstream app version has changed +### - UPGRADE_PACKAGE if only the YunoHost package has changed +### ynh_check_app_version_changed will stop the upgrade if the app is up to date. +### UPGRADE_APP should be used to upgrade the core app only if there's an upgrade to do. upgrade_type=$(ynh_check_app_version_changed) #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= -ynh_script_progression --message="Ensuring downward compatibility..." +ynh_script_progression --message="Ensuring downward compatibility..." --time --weight=1 # Fix is_public as a boolean value if [ "$is_public" = "Yes" ]; then @@ -51,7 +59,7 @@ fi #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= -ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=3 +ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --time --weight=1 # Backup the current version of the app ynh_backup_before_upgrade @@ -67,6 +75,11 @@ ynh_abort_if_errors #================================================= # Normalize the URL path syntax +# N.B. : this is for app installations before YunoHost 2.7 +# where this value might be something like /foo/ or foo/ +# instead of /foo .... +# If nobody installed your app before 2.7, then you may +# safely remove this line path_url=$(ynh_normalize_url_path --path_url=$path_url) #================================================= @@ -77,29 +90,19 @@ path_url=$(ynh_normalize_url_path --path_url=$path_url) if [ "$upgrade_type" == "UPGRADE_APP" ] then - ynh_script_progression --message="Upgrading source files..." --weight=6 + ynh_script_progression --message="Upgrading source files..." --time --weight=1 # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" - - # Clear cache - ynh_secure_remove --file="$final_path/var/cache" - mkdir "$final_path/var/cache" fi #================================================= # NGINX CONFIGURATION #================================================= +ynh_script_progression --message="Upgrading nginx web server configuration..." --time --weight=1 -modified_config=$(ynh_backup_if_checksum_is_different --file="/etc/nginx/conf.d/$domain.d/$app.conf") -# Replace nginx config only if it wasn't modified. -if [ -z "$modified_config" ] -then - ynh_script_progression --message="Upgrading nginx web server configuration..." --weight=2 - - # Create a dedicated nginx config - ynh_add_nginx_config -fi +# Create a dedicated nginx config +ynh_add_nginx_config #================================================= # CREATE DEDICATED USER @@ -112,20 +115,23 @@ ynh_system_user_create --username=$app #================================================= # PHP-FPM CONFIGURATION #================================================= +ynh_script_progression --message="Upgrading php-fpm configuration..." --time --weight=1 -modified_config=$(ynh_backup_if_checksum_is_different --file="/etc/php/7.0/fpm/pool.d/$app.conf") -# Replace nginx config only if it wasn't modified. -if [ -z "$modified_config" ] -then - ynh_script_progression --message="Upgrading php-fpm configuration..." --weight=2 - - # Create a dedicated php-fpm config - ynh_replace_string --match_string="__USER__" --replace_string="$user" --target_file="../conf/php-fpm.conf" - ynh_add_fpm_config -fi +# Create a dedicated php-fpm config +ynh_add_fpm_config #================================================= # SPECIFIC UPGRADE +#================================================= +# STORE THE CONFIG FILE CHECKSUM +#================================================= + +### Verify the checksum of a file, stored by `ynh_store_file_checksum` in the install script. +### And create a backup of this file if the checksum is different. So the file will be backed up if the admin had modified it. +ynh_backup_if_checksum_is_different --file="$final_path/phpsysinfo.ini" +# Recalculate and store the checksum of the file for the next upgrade. +ynh_store_file_checksum --file="$final_path/phpsysinfo.ini" + #================================================= # CONFIGURE PHPSYSINFO #================================================= @@ -140,24 +146,39 @@ then cp -r ../conf/phpsysinfo.ini "$final_path" fi - #================================================= # GENERIC FINALIZATION +#================================================= +# UPGRADE FAIL2BAN +#================================================= +ynh_script_progression --message="Reconfiguring fail2ban..." --time --weight=1 + +# Create a dedicated fail2ban config +ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login" + +#================================================= +# SECURE FILES AND DIRECTORIES +#================================================= + +# Set permissions on app files +chown -R root: $final_path + #================================================= # SETUP SSOWAT #================================================= -ynh_script_progression --message="Upgrading SSOwat configuration..." +ynh_script_progression --message="Upgrading SSOwat configuration..." --time --weight=1 # Make app public if necessary if [ $is_public -eq 1 ] then - ynh_app_setting_set --app=$app --key=skipped_uris --value="/" + # unprotected_uris allows SSO credentials to be passed anyway + ynh_app_setting_set --app=$app --key=unprotected_uris --value="/" fi #================================================= # RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading nginx web server..." +ynh_script_progression --message="Reloading nginx web server..." --time --weight=1 ynh_systemd_action --service_name=nginx --action=reload @@ -165,4 +186,4 @@ ynh_systemd_action --service_name=nginx --action=reload # END OF SCRIPT #================================================= -ynh_script_progression --message="Upgrade of $app completed" --last \ No newline at end of file +ynh_script_progression --message="Upgrade of $app completed" --time --last \ No newline at end of file From d86cf30028dcbe99f6a6429782b84bd7ec5a5619 Mon Sep 17 00:00:00 2001 From: Inrepublica Date: Thu, 26 Mar 2020 11:28:17 +0100 Subject: [PATCH 08/12] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index ed728b3..968c255 100644 --- a/README.md +++ b/README.md @@ -19,7 +19,7 @@ A customizable PHP script that displays information about your system nicely. [Demo on NAS Synology](http://phpsysinfo.sourceforge.net/multi/index.php?disp=bootstrap&xml=synology) ## Configuration -Edit `phpsysinfo.ini` in `/var/www/phpsysinfo/phpsysinfo.ini`. +Edit `phpsysinfo.ini` in `/var/www/YOURPATH/phpsysinfo.ini`. ## Documentation From 73082f82c0c7871feec7769a10d2ddb8cb9e7219 Mon Sep 17 00:00:00 2001 From: Inrepublica Date: Thu, 26 Mar 2020 11:58:40 +0100 Subject: [PATCH 09/12] Modify directly config Modify phpsysinfo.ini.new directly in the final_path --- conf/phpsysinfo.ini | 823 -------------------------------------------- scripts/install | 20 +- scripts/upgrade | 8 +- 3 files changed, 20 insertions(+), 831 deletions(-) delete mode 100644 conf/phpsysinfo.ini diff --git a/conf/phpsysinfo.ini b/conf/phpsysinfo.ini deleted file mode 100644 index 851cf54..0000000 --- a/conf/phpsysinfo.ini +++ /dev/null @@ -1,823 +0,0 @@ -; PSI Config File -; -; @category PHP -; @package PSI -; @author Michael Cramer -; @copyright 2009 phpSysInfo -; @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License version 2, or (at your option) any later version -; @version SVN: $Id: phpsysinfo.ini.new 705 2012-11-11 00:33:29Z namiltd $ -; @link http://phpsysinfo.sourceforge.net - -[main] -; ******************************** -; MAIN PARAMETERS -; ******************************** - -; Turn on debugging of some functions and include errors and warnings in xml and provide a popup for displaying errors -; - false : no debug information are stored in xml or displayed -; - true : debug information stored in xml and displayed *be careful if set this to true, may include sensitive information from your pc* -; -DEBUG=false - -; Turn on logging/unlogging of functions executeProgram() and rfts() -; example : executeProgram () and rfts () record the results to the "/tmp/phpsysinfo.log" file -; LOG="/tmp/phpsysinfo.log" -; example : executeProgram () and rfts () read the results from the "/tmp/phpsysinfo.log" file -; LOG="-/tmp/phpsysinfo.log" -; example : executeProgram () and rfts () read the results from the "/tmp/phpsysinfo.log" file -; LOG="+/tmp/phpsysinfo.log", if lack in the log file it runs normally -; -LOG=false - -; Turn on/off compression for JavaScript file -; - JS_COMPRESSION=false //no compression (recommended with slow processor) -; - JS_COMPRESSION="None" //code minimizing -; - JS_COMPRESSION="Normal" //code packing -; -JS_COMPRESSION="Normal" - -; Additional paths where to look for installed programs -; Example : ADD_PATHS="/opt/bin,/opt/sbin" -; -ADD_PATHS=false - -; List of IP addresses of clients authorized to run -; Example : ALLOWED="127.0.0.1,192.168.1.48" //allowed IP 127.0.0.1 and 192.168.1.48 -; ALLOWED=false //no IP checking -; -ALLOWED=false - -; List of sudo commands -; Example : SUDO_COMMANDS="iptables-save" //execute "sudo iptables-save" instead "iptables-save" -; SUDO_COMMANDS=false //no sudo commands -; -SUDO_COMMANDS=false - -; Order of data blocks -; Example : BLOCKS="vitals,hardware,memory,filesystem,network,voltage,current,temperature,fans,power,other,ups" or BLOCKS=true //default order -; BLOCKS=false //hide all blocks -; -BLOCKS=true - - -; Plugins that should be included in xml and output -; List of plugins should look like "plugin,plugin,plugin". See /plugins directory -; - PLUGINS="MDStatus,PS" //list of plugins -; - PLUGINS=false //no plugins -; included plugins: -; - Raid - show the software, fake, zpool or megaraid RAID status -; - PS - show a process tree of all running processes -; - PSStatus - show a graphical representation if a process is running or not -; - Quotas - show a table with all quotas that are active and there current state -; - SMART - show S.M.A.R.T. information from drives that support it -; - BAT - show battery state on a laptop, tablet or phone -; - UpdateNotifier - show update notifications (only for Ubuntu server) -; - SNMPPInfo - show printers info via SNMP -; - Uprecords - show uprecords info -; - Iptables - show iptables rules list -; - PingTest - show Ping Test info -; - StableBit - show StableBit Scanner info (WinNT) -; - HyperV - show Hyper-V info (WinNT) -; - Docker - show docker stats -; -PLUGINS=false - - -; ******************************** -; DISPLAY PARAMETERS -; ******************************** - - -; Define the default display mode -; auto: let user browser choose the mode -; dynamic: use javascript to refresh data -; static: static page (use metatag to reload page) -; bootstrap: use twitter bootstrap template -; -DEFAULT_DISPLAY_MODE="__DISPLAY_MODE__" - - -; Define the default language -; -DEFAULT_LANG="__LANGUAGE__" - - -; Define the default template -; -DEFAULT_TEMPLATE="phpsysinfo" - - -; Define the default template for frontend "bootstrap" -; -DEFAULT_BOOTSTRAP_TEMPLATE="phpsysinfo" - - -; Show or hide language picklist -; -SHOW_PICKLIST_LANG=true - - -; Show or hide template picklist -; -SHOW_PICKLIST_TEMPLATE=true - - -; Show CPU list expanded -; -SHOW_CPULIST_EXPANDED=true - - -; Show CPU info expanded -; -SHOW_CPUINFO_EXPANDED=false - - -; Show memory infos expanded -; -SHOW_MEMORY_INFOS_EXPANDED=false - - -; Hide loader for frontend "bootstrap" -; -HIDE_BOOTSTRAP_LOADER=false - - -; Define the interval for refreshing data in ms -; - 0 : disabled -; - 1000 : 1 second -; Default is 60 seconds -; -REFRESH=60000 - - -; Show a graph for current cpuload -; - true : displayed, but it's a performance hit (because we have to wait to get a value, 1 second) -; - "compact" : displayed like above but in compact mode -; - false : will not be displayed -; -LOAD_BAR=true - - -; Display the virtual host name and address -; - Default is canonical host name and address -; - Use USE_VHOST=true to display virtual host name. -; -USE_VHOST=false - - -; Controls the units & format for network, memory and filesystem -; - 1 KiB = 2^10 bytes = 1,024 bytes -; - 1 KB = 10^3 bytes = 1,000 bytes -; - "B" everything is in Byte -; - "PiB" everything is in PeBiByte -; - "TiB" everything is in TeBiByte -; - "GiB" everything is in GiBiByte -; - "MiB" everything is in MeBiByte -; - "KiB" everything is in KiBiByte -; - "auto_binary" everything is automatic done if value is to big for, e.g MiB then it will be in GiB -; - "PB" everything is in PetaByte -; - "TB" everything is in TeraByte -; - "GB" everything is in GigaByte -; - "MB" everything is in MegaByte -; - "KB" everything is in KiloByte -; - "auto_decimal" everything is automatic done if value is to big for, e.g MB then it will be in GB -; -BYTE_FORMAT="auto_binary" - - -; Format in which temperature is displayed -; - "c" shown in celsius -; - "f" shown in fahrenheit -; - "c-f" both shown first celsius and fahrenheit in braces -; - "f-c" both shown first fahrenheit and celsius in braces -; -TEMP_FORMAT="c" - - -; Show devices infos -; Example : SHOW_DEVICES_INFOS=true -; -SHOW_DEVICES_INFOS=true - - -; Show devices serial number -; Example : SHOW_DEVICES_SERIAL=true -; -SHOW_DEVICES_SERIAL=false - - -; Format in which datetime is displayed -; - "UTC" shown as UTC string -; - "locale" shown as Locale string -; -DATETIME_FORMAT="UTC" - - -; ******************************** -; SENSORS PARAMETERS -; ******************************** - - -; Define the motherboard monitoring program -; We support the following programs so far -; - HDDtemp http://www.guzu.net/linux/hddtemp.php (Linux) -; - LMSensors http://www.lm-sensors.org/ (Linux) -; - Healthd http://healthd.thehousleys.net/ (FreeBSD) -; - HWSensors http://www.openbsd.org/ (OpenBSD) -; - MBMon http://www.nt.phys.kyushu-u.ac.jp/shimizu/download/download.html (FreeBSD/Linux/NetBSD/OpenBSD) -; - MBM5 http://mbm.livewiredev.com/ (data from file data/MBM5.csv - WinNT) -; - Coretemp No addon tool neded (FreeBSD/Linux) -; - IPMItool http://ipmitool.sourceforge.net/ (Linux) -; - FreeIPMI http://www.gnu.org/software/freeipmi/ (FreeBSD/Linux/OpenBSD/SunOS) -; - IPMIutil http://ipmiutil.sourceforge.net/ (Darwin/FreeBSD/Linux/SunOS/WinNT) -; - K8Temp http://hur.st/k8temp/ (DragonFly/FreeBSD/NetBSD/OpenBSD) -; - PiTemp No addon tool neded (Raspberry Pi and Banana Pi - Linux) -; - OHM http://openhardwaremonitor.org/ (WinNT) -; - ThermalZone No addon tool neded (WinNT/Linux/Android) -; - QTSsnmp SNMP service enabled and snmp-utils package installed: opkg install snmp-utils (QNAP - QTS Linux) -; - Hwmon No addon tool neded (Linux) -; - SpeedFan http://www.almico.com/speedfan.php (required tool packaged in: tools/speedfan/SpeedFanGet_bin.zip) (WinNT) -; - Thinkpad No addon tool neded (Lenovo Thinkpad - Linux) -; -; Example: If you want to use lmsensors : SENSOR_PROGRAM="LMSensors" -; If you want to use lmsensors and IPMItool: SENSOR_PROGRAM="LMSensors,IPMItool" -; -SENSOR_PROGRAM=false - - -; Show events of sensors -; - true : show events -; - false : do not show events -; -SENSOR_EVENTS=true - - -; Sort sensors list -; -SORT_SENSORS_LIST=false - - -; Some sensors programs contain an additional configuration in the relevant sections [sensor_...] - - -; ******************************** -; FILESYSTEM PARAMETERS -; ******************************** - - -; Show mount point -; - true : show mount point -; - false : do not show mount point -; -SHOW_MOUNT_POINT=true - - -; Show mount option -; - true : show mount option -; - false : do not show mount option -; -SHOW_MOUNT_OPTION=true - - -; Show mount credentials -; - true : show mount credentials -; - false : do not show mount credentials -; -SHOW_MOUNT_CREDENTIALS=false - - -; Show inode usage -; - true : display used inodes in percent -; - false : hide them -; -SHOW_INODES=true - - -; Hide mounts -; Example : HIDE_MOUNTS="/home,/usr" -; -HIDE_MOUNTS="" - - -; Filesystem usage warning threshold in percent -; - 0 : disabled -; - 90 : 90% -; Default is 90% -; -FS_USAGE_THRESHOLD=90 - - -; Ignore usage and usage threshold for filesystem types -; Example : IGNORE_THRESHOLD_FS_TYPES="iso9660, squashfs, devfs, devtmpfs, lxfs, udf, UDF, CDFS" -; -IGNORE_THRESHOLD_FS_TYPES="iso9660, squashfs, devfs, devtmpfs, lxfs, udf, UDF, CDFS" - - -; Ignore usage of mounts -; Example : IGNORE_USAGE="/root,/mnt/c" -; -IGNORE_USAGE="" - - -; Ignore free space size of mounts -; Example : IGNORE_FREE="/zfs/space,/zfs/data" -; -IGNORE_FREE="" - - -; Hide filesystem types -; Example : HIDE_FS_TYPES="tmpfs,devtmpfs,usbfs,bstfolder" -; -HIDE_FS_TYPES="" - - -; Hide partitions -; Example : HIDE_DISKS="rootfs,/dev/sda1" -; HIDE_DISKS=true //hide all partitions -; -HIDE_DISKS="" - - -; ******************************** -; NETWORK PARAMETERS -; ******************************** - - -; Hide network interfaces -; Example : HIDE_NETWORK_INTERFACE="eth0,sit0" -; HIDE_NETWORK_INTERFACE=true //hide all network interfaces -; -HIDE_NETWORK_INTERFACE="" - - -; Show network interfaces infos for Linux, Android, FreeBSD, NetBSD, OpenBSD, Haiku, Darwin, SunOS, Minix, QNX and WinNT -; Example : SHOW_NETWORK_INFOS=true -; -SHOW_NETWORK_INFOS=true - - -; Hide MAC address in the infos -; -HIDE_NETWORK_MACADDR=false - - -; Sort network interfaces list -; -SORT_NETWORK_INTERFACES_LIST=false - - -; Show network infos expanded -; -SHOW_NETWORK_INFOS_EXPANDED=false - - -; Show network active speed -; - true : display network active speed -; - "bps" : display network active speed in bits per second (b/s, Kb/s, etc...) -; - false : hide them -; -SHOW_NETWORK_ACTIVE_SPEED=false - - -; ******************************** -; UPS PARAMETERS -; ******************************** - - -; Define the ups monitoring program -; We support the following programs so far -; - Apcupsd http://www.apcupsd.com/ -; - Nut http://www.networkupstools.org/ -; - PowerSoftPlus http://ever.eu/ -; - pmset based on the result of the command "pmset -g batt" on Darwin system -; - SNMPups monitoring via Simple Network Management Protocol (SNMP) -; -; Example: If you want to use Apcupsd : UPS_PROGRAM="Apcupsd" -; If you want to use Apcupsd and Nut : UPS_PROGRAM="Apcupsd,Nut" -; -UPS_PROGRAM=false - - -; Apcupsd supports multiple UPSes -; You can specify comma delimited list in the form : or :. The defaults are: 127.0.0.1:3551 -; See the following parameters in apcupsd.conf: NETSERVER, NISIP, NISPORT -; It uses the defaults if not specified. -; -UPS_APCUPSD_LIST=false - - -; Apcupsd has a CGI monitoring utility called apcupsd-cgi -; You can set the parameter below to true if you have it installed - this will add apcupsd-cgi links to the UPS tree -; -UPS_APCUPSD_CGI_ENABLE=false - - -; Nut supports multiple UPSes -; You can specify comma delimited list in the form : or :. The defaults are: 127.0.0.1:3493 -; See the following parameters in upsd.conf: LISTEN -; It uses the defaults if not specified. -; -UPS_NUT_LIST=false - - -; SNMPups supports multiple UPSes -; You can specify comma delimited list in the form : or :. The default port is 161 -; List must be specified. -; -UPS_SNMPUPS_LIST=false - - -; define how to access the SNMP data -; - "php-snmp" execute php snmprealwalk function (php-snmp module must be installed) -; - "command" execute snmpwalk command -; -UPS_SNMPUPS_ACCESS="php-snmp" - - -; ******************************** -; SENSORS PROGRAMS PARAMETERS -; ******************************** - - -[sensor_hddtemp] -; Hddtemp motherboard monitoring program configuration -; -; If the hddtemp program is available we can read the temperature, if hdd is smart capable -; !!ATTENTION!! hddtemp might be a security issue -; - ACCESS="command" //read data from 'hddtemp' command (must be set suid) -; - ACCESS="tcp" //read data from hddtemp deamon (localhost:7634) -; -ACCESS="command" - -[sensor_lmsensors] -; LMSensors motherboard monitoring program configuration -; -; - ACCESS="command" //read data from 'sensors' command -; - ACCESS="data" //read data from file data/lmsensors.txt -; -ACCESS="command" - -[sensor_healthd] -; Healthd motherboard monitoring program configuration -; -; - ACCESS="command" //read data from 'healthdc' command -; - ACCESS="data" //read data from file data/healthd.txt -; -ACCESS="command" - -[sensor_mbmon] -; MBMon motherboard monitoring program configuration -; -; - ACCESS="command" //read data from 'mbmon -c 1 -r' command -; - ACCESS="data" //read data from file data/mbmon.txt -; - ACCESS="tcp" //read data from mbmon deamon (localhost:411) -; -ACCESS="command" - -[sensor_ipmitool] -; IPMItool motherboard monitoring program configuration -; -; - ACCESS="command" //read data from 'ipmitool sensor -v' command -; //if access error execute first: chmod 666 /dev/ipmi0 -; - ACCESS="data" //read data from file data/ipmitool.txt -; -ACCESS="command" - -[sensor_freeipmi] -; FreeIPMI motherboard monitoring program configuration -; -; - ACCESS="command" //read data from 'ipmi-sensors --output-sensor-thresholds' program -; - ACCESS="data" //read data from file data/freeipmi.txt -; -ACCESS="command" - -[sensor_ipmiutil] -; IPMIutil motherboard monitoring program configuration -; -; - ACCESS="command" //read data from 'ipmiutil sensor -stw' command -; //if access error execute first: chmod 666 /dev/ipmi0 -; - ACCESS="data" //read data from file data/ipmiutil.txt -; -ACCESS="command" - -[sensor_k8temp] -; K8Temp motherboard monitoring program configuration -; -; - ACCESS="command" //read data from 'k8temp' command -; - ACCESS="data" //read data from file data/k8temp.txt -; -ACCESS="command" - -[sensor_speedfan] -; SpeedFan motherboard monitoring program configuration -; -; - ACCESS="command" //read data from 'speedfanget' command -; - ACCESS="data" //read data from file data/speedfan.txt -; -ACCESS="command" - - -; ******************************** -; PLUGINS PARAMETERS -; ******************************** - - -[bat] -; BAT Plugin configuration - -; define how to access the battery statistic data -; - "command" on Linux and Android read data from /proc/acpi/battery/BAT0/info and /proc/acpi/battery/BAT0/state -; or on newer kernel from /sys/class/power_supply/ -; or from 'upower -d' command (if UPOWER is true) -; on Android read data from /sys/class/power_supply/ -; on Darwin read data from 'ioreg -w0 -l -n AppleSmartBattery -r' command -; on FreeBSD read data from 'acpiconf -i batt' command -; on OpenBSD read data from 'sysctl hw.sensors.acpibat0' command -; - "data" (a file must be available in the data directory of the phpsysinfo installation -; with the filename "bat_info.txt" and "bat_state.txt"; content is the output -; from "cat /proc/acpi/battery/BAT0/info" and "cat /proc/acpi/battery/BAT0/state") -; -ACCESS="command" - -; on Lunux try executing 'upower -d' command -; -UPOWER=false - -; Show battery serial number -; -SHOW_SERIAL=false - - -[raid] -; Raid Plugin configuration - -; define how to access the raid statistic data -; - "command" - mdstat: file "/proc/mdstat" is read (on Linux only) -; - dmraid: command "dmraid -s -vv 2>&1" is run (on Linux only) -; If access error try execute first: chmod 4755 /sbin/dmraid -; This method is not recommended for safety reasons! -; - megactl: command "megactl" (on Linux only) -; downloaded from http://sourceforge.net/projects/megactl/ or http://github.com/hmage/megactl -; If permission error try execute first: chmod 4755 /usr/sbin/megactl -; - megasasctl: command "megasasctl" (on Linux only) -; downloaded from http://sourceforge.net/projects/megactl/ or http://github.com/hmage/megactl -; If permission error try execute first: chmod 4755 /usr/sbin/megasasctl -; - graid: command "graid list" is run (on FreeBSD only) -; - zpool: command "zpool status" is run -; - idrac: command "snmpwalk -Ona -c public -v 1 -r 0 -t 3 {device} .1.3.6.1.4.1.674.10892.5.5.1.20" is run -; - "php-snmp"- idrac: execute php snmprealwalk function (php-snmp module must be installed) -; - for others the option is inactive (uses "command" instead) -; - "data" (a file must be available in the data directory of the phpsysinfo installation -; with the filename "raidmdstat.txt" or "raiddmraid.txt" or "raidmegactl.txt" -; or "raidmegasasctl.txt" or "raidgraid.txt" or "raidzpool.txt" or "raididrac{device_number}.txt") -; -ACCESS="command" - -; define possible programs -PROGRAM="mdstat,dmraid,megactl,megasasctl,graid,zpool,idrac" - -; Hide RAID devices -; Example : HIDE_DEVICES="md127" -; -HIDE_DEVICES="" - -; -; string contains a list of IDRAC devices that are checked -; Example : IDRAC_DEVICES="192.168.0.120" -; -IDRAC_DEVICES="" - -[ps] -; PS Plugin configuration - -; define how to access the ps statistic data -; - "command" ps command is run everytime the block gets refreshed or build / on WINNT -; information is retrieved everytime through WMI -; - "data" (a file must be available in the data directory of the phpsysinfo installation -; with the filename "ps.txt"; content is the output from "ps -axo pid,ppid,pmem,args") -; -ACCESS="command" - -; Memory Usage info -; -MEMORY_USAGE=true - -; CPU Usage info -; -CPU_USAGE=true - -; Show kthreadd child list expanded -; -SHOW_KTHREADD_EXPANDED=false - -; Show PID 1 child list expanded -; -SHOW_PID1CHILD_EXPANDED=false - - -[psstatus] -; PSStatus Plugin configuration - -; define how to access the psstatus statistic data -; - "command" pidof command is run everytime the block gets refreshed or build / on WINNT -; information is retrieved everytime through WMI -; - "data" a file must be available in the data directory of the phpsysinfo installation -; with the filename "psstatus.txt"; content is the output from -; for ps in "apache2" "mysqld" "sshd"; do echo $ps "|" `pidof -s -x "$ps"`; done -; -ACCESS="command" - -; Regular expression search in the process name (e.g. "ddclient.*") -; - true : Regular expression search (used pgrep command) -; - false : Normal search (used pidof command) -; -USE_REGEX=false - -; controls which processes are checked if they are running -; -; string contains a list of process names that are checked, names are seperated by a comma (on WINNT names must end with '.exe') -; -PROCESSES="mysqld, sshd, explorer.exe" - - -[quotas] -; Quotas Plugin configuration - -; define how to access the repquota statistic data -; - "command" repquota command is run everytime the block gets refreshed or build -; - "data" (a file must be available in the data directory of the phpsysinfo installation with the filename "quotas.txt"; content is the output from "repquota -au") -; -ACCESS="command" - - -[smart] -; SMART Plugin configuration - -; Smartctl program -; If the smartctl program is available we can read S.M.A.R.T informations -; - "command" smartctl command is run everytime the block gets refreshed or build -; if error: Smartctl open device: /dev/sda failed: Permission denied -; Not recommended method: -; execute: chmod 4755 /usr/sbin/smartctl -; Second method: -; try to set: SUDO_COMMANDS="smartctl" and add to file /etc/sudoers line: apache ALL = (ALL) NOPASSWD: /usr/sbin/smartctl -; - "data" (a file must be available in the data directory of the -; phpsysinfo installation with the filename "smart{disk_number}.txt"; -; content is the output from "smartctl --all device") -; - "wmi" information is retrieved everytime through WMI (WinNT only) -; -ACCESS="command" - -; Smartctl devices to monitor -; If the smartctl support is enabled, those disks information will be displayed -; - DEVICES="/dev/hda,/dev/hdb" //Will display those two disks informations -; You also can specify --device option value for smartctl command surrounded by parentheses eg: -; - DEVICES="(marvell)/dev/sda" -; or -; - DEVICES="(megaraid.0)/dev/sda" //comma in --device option value is replaced by a dot -; -DEVICES="/dev/sda, /dev/sdb" - -; Smartctl ID# and column name from "Vendor Specific SMART Attributes with Thresholds" table -; If the smartctl support is enabled, enter the ID#-COLUMN_NAME from "Vendor Specific SMART Attributes with Thresholds" table from smartctl output. -; or for no SCSI devices: ID#-COLUMN_NAME-REPLACEMENT_ID# where REPLACEMENT_ID# is an alternative ID number. -; COLUMN_NAME of this ID# will be displayed in the phpsysinfo S.M.A.R.T table. If you want RAW_VALUE to be displayed for the temperature (ID# 194) enter 194-RAW_VALUE -; - IDS="194-VALUE,4-VALUE,009-RAW_VALUE" //ID#-COLUMN_NAME, ID#-COLUMN_NAME, etc... -; -IDS="005-RAW_VALUE,194-RAW_VALUE,4-RAW_VALUE,009-RAW_VALUE,012-RAW_VALUE,193-RAW_VALUE-225,001-RAW_VALUE,007-RAW_VALUE,200-RAW_VALUE,197-RAW_VALUE,198-RAW_VALUE" - - -[snmppinfo] -; SNMPPInfo Plugin configuration - -; define how to access the SNMP Printer Info statistic data -; - "php-snmp" execute php snmprealwalk function (php-snmp module must be installed) -; - "command" execute snmpwalk command -; - "data" a file must be available in the data directory of the -; phpsysinfo installation with the filename "snmppinfo{printer_number}.txt"; -; content is the output from: -; LANG=C LC_ALL=C snmpwalk -On -c public -v 1 -r 0 -t 3 {printer_address} .1.3.6.1.2.1.1.5 > snmppinfo{printer_number}.txt -; LANG=C LC_ALL=C snmpwalk -On -c public -v 1 -r 0 -t 3 {printer_address} .1.3.6.1.4.1.367.3.2.1.2.24.1.1 >> snmppinfo{printer_number}.txt -; LANG=C LC_ALL=C snmpwalk -On -c public -v 1 -r 0 -t 3 {printer_address} .1.3.6.1.2.1.43.11.1.1 >> snmppinfo{printer_number}.txt -; LANG=C LC_ALL=C snmpwalk -On -c public -v 1 -r 0 -t 3 {printer_address} .1.3.6.1.2.1.43.18.1.1 >> snmppinfo{printer_number}.txt -; -ACCESS="php-snmp" - -;define the Printer devices -; -; string contains a list of printer addresses that are checked -; -DEVICES="192.168.0.5, 192.168.0.9" - - -[updatenotifier] -; Update Notifier Plugin configuration - -; define how to access the updatenotifier statistic data -; - "command" execute command /usr/lib/update-notifier/apt-check -; - "data" reads data from file defined in FILE parameter -; -ACCESS="data" - -; define the update info file format -; - true: Ubuntu Landscape format (file: /var/lib/update-notifier/updates-available) -; - false: universal format (format: A;B) -; A: total packages to update -; B: security packages to update -; -UBUNTU_LANDSCAPE_FORMAT=true - -; define the update info file. The default is: /var/lib/update-notifier/updates-available -; -FILE="/var/lib/update-notifier/updates-available" - - -[uprecords] -; Uprecords Plugin configuration - -; define how to access the uprecords statistic data -; - "command" uprecords command is run everytime the block gets refreshed or build -; if access error try execute first: chmod 4755 /usr/bin/uprecords -; This method is not recommended for safety reasons! -; - "data" (a file must be available in the data directory of the phpsysinfo installation -; with the filename "uprecords.txt"; content is the output from "TZ=GMT uprecords -a -w") -; -ACCESS="command" - -; define the maximum number of entries to show (for command access) -; default is 10 -; -MAX_ENTRIES = 10 - -; define the short mode (do not print extra statistics) -; default is false -; -SHORT_MODE = false - -; denote current system session by asterisk (* at the end) instead by the arrow (-> at the beginning) -; default is false -; -DENOTE_BY_ASTERISK = false - - -[iptables] -; Iptables Plugin configuration - -; define how to access the iptables rules data -; - "command" iptables-save command is run everytime the block gets refreshed or build -; if access error try to set: SUDO_COMMANDS="iptables-save" and add to file /etc/sudoers line: apache ALL = (ALL) NOPASSWD: /sbin/iptables-save -; - "data" (a file must be available in the data directory of the phpsysinfo installation with the filename "iptables.txt"; content is the output from "iptables-save") -; -ACCESS="command" - - -[pingtest] -; PingTest Plugin configuration - -; define how to access the psstatus statistic data -; - "command" ping command is run everytime the block gets refreshed or build -; - "data" (a file must be available in the data directory of the phpsysinfo installation -; with the filename "pingtest.txt") -; -ACCESS="command" - -;define the Addresses -; -; string contains a list of addresses that are checked -; Example : ADDRESSES="127.0.0.1,8.8.8.8" -; -ADDRESSES="" - -; Define ping timeout in seconds -; - 0 : default ping command timeout -; - 3 : 3 seconds -; Default is 2 seconds -; -TIMEOUT=2 - -[stablebit] -; StableBit Plugin configuration - -; Show or hide disks serial number -; -SHOW_SERIAL=false - -[hyperv] -; HyperV Plugin configuration - -; define how to access the ps statistic data -; - "command" information is retrieved through WMI -; - "data" (a file must be available in the data directory of the phpsysinfo installation -; with the filename "hyperv.txt") -; -ACCESS="command" - -[docker] -; Docker Plugin configuration - -; define how to access the docker statistic data -; - "command" docker command is run everytime the block gets refreshed or build -; - "data" (a file must be available in the data directory of the phpsysinfo installation -; with the filename "docker.txt"; content is the output from "docker stats --no-stream --format 'table {{.Name}}\t{{.CPUPerc}}\t{{.MemUsage}}\t{{.MemPerc}}\t{{.NetIO}}\t{{.BlockIO}}\t{{.PIDs}}'") -; -ACCESS="command" diff --git a/scripts/install b/scripts/install index a9a8574..2532fac 100644 --- a/scripts/install +++ b/scripts/install @@ -31,6 +31,18 @@ is_public=$YNH_APP_ARG_IS_PUBLIC language=$YNH_APP_ARG_LANGUAGE display_mode=$YNH_APP_ARG_DISPLAY_MODE +### If it's a multi-instance app, meaning it can be installed several times independently +### The id of the app as stated in the manifest is available as $YNH_APP_ID +### The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2", ...) +### The app instance name is available as $YNH_APP_INSTANCE_NAME +### - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample +### - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2 +### - ynhexample__{N} for the subsequent installations, with N=3,4, ... +### The app instance name is probably what interests you most, since this is +### guaranteed to be unique. This is a good unique identifier to define installation path, +### db names, ... +app=$YNH_APP_INSTANCE_NAME + #================================================= # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS #================================================= @@ -125,11 +137,11 @@ ynh_add_fpm_config ### `ynh_replace_string` is used to replace a string in a file. ### (It's compatible with sed regular expressions syntax) -ynh_replace_string --match_string="__DISPLAY_MODE__" --replace_string="$display_mode" --target_file=../conf/phpsysinfo.ini -ynh_replace_string --match_string="__LANGUAGE__" --replace_string="$language" --target_file=../conf/phpsysinfo.ini +ynh_replace_string --match_string="DEFAULT_LANG=\"en\"" --replace_string="DEFAULT_LANG=\"$language\"" --target_file="$final_path/phpsysinfo.ini.new" +ynh_replace_string --match_string="DEFAULT_DISPLAY_MODE=\"auto\"" --replace_string="DEFAULT_DISPLAY_MODE=\"$display_mode\"" --target_file="$final_path/phpsysinfo.ini.new" -# Copy files to the right place -cp -r ../conf/phpsysinfo.ini "$final_path" +### Rename phpsysinfo.ini.new in phpsysinfo.ini +mv "$final_path"/phpsysinfo.ini.new "$final_path"/phpsysinfo.ini #================================================= # STORE THE CONFIG FILE CHECKSUM diff --git a/scripts/upgrade b/scripts/upgrade index 7c4d209..1fdb0d6 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -139,11 +139,11 @@ if [ "$upgrade_type" == "UPGRADE_APP" ] then ynh_script_progression --message="Reconfiguring Phpsysinfo..." --weight=11 - ynh_replace_string --match_string="__DISPLAY_MODE__" --replace_string="$display_mode" --target_file=../conf/phpsysinfo.ini - ynh_replace_string --match_string="__LANGUAGE__" --replace_string="$language" --target_file=../conf/phpsysinfo.ini + ynh_replace_string --match_string="DEFAULT_LANG=\"en\"" --replace_string="DEFAULT_LANG=\"$language\"" --target_file="$final_path/phpsysinfo.ini.new" + ynh_replace_string --match_string="DEFAULT_DISPLAY_MODE=\"auto\"" --replace_string="DEFAULT_DISPLAY_MODE=\"$display_mode\"" --target_file="$final_path/phpsysinfo.ini.new" - # Copy files to the right place - cp -r ../conf/phpsysinfo.ini "$final_path" + ### Rename phpsysinfo.ini.new in phpsysinfo.ini + mv "$final_path"/phpsysinfo.ini.new "$final_path"/phpsysinfo.ini fi #================================================= From a87e3285e16bb35d6892cd5ffde4592a8293d865 Mon Sep 17 00:00:00 2001 From: Inrepublica Date: Thu, 26 Mar 2020 12:11:48 +0100 Subject: [PATCH 10/12] Add multi instance add multi instance --- README.md | 2 +- check_process | 2 ++ manifest.json | 2 +- 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 968c255..9869946 100644 --- a/README.md +++ b/README.md @@ -26,7 +26,7 @@ Edit `phpsysinfo.ini` in `/var/www/YOURPATH/phpsysinfo.ini`. ## YunoHost specific features #### Multi-users support -No support for multi-users. +Yes. #### Supported architectures diff --git a/check_process b/check_process index 2eedf38..992f239 100644 --- a/check_process +++ b/check_process @@ -10,10 +10,12 @@ pkg_linter=1 setup_sub_dir=1 setup_root=1 + setup_nourl=0 setup_private=1 setup_public=1 upgrade=1 backup_restore=1 + multi_instance=1 port_already_use=0 change_url=1 ;;; Levels diff --git a/manifest.json b/manifest.json index cfab75c..d55e139 100644 --- a/manifest.json +++ b/manifest.json @@ -16,7 +16,7 @@ "requirements": { "yunohost": ">= 3.6.5" }, - "multi_instance": false, + "multi_instance": true, "services": [ "nginx", "php7.0-fpm" From 35bc199796e2e6aae8a42319b99292883d5084c0 Mon Sep 17 00:00:00 2001 From: Inrepublica Date: Thu, 26 Mar 2020 12:32:25 +0100 Subject: [PATCH 11/12] Remove Fail2Ban Remove Fail2Ban configuration --- scripts/backup | 8 -------- scripts/install | 8 -------- scripts/remove | 8 -------- scripts/restore | 9 --------- scripts/upgrade | 8 -------- 5 files changed, 41 deletions(-) diff --git a/scripts/backup b/scripts/backup index 58cfde0..e71ce89 100644 --- a/scripts/backup +++ b/scripts/backup @@ -54,14 +54,6 @@ ynh_script_progression --message="Backing up php-fpm configuration..." --time -- ynh_backup --src_path="/etc/php/7.0/fpm/pool.d/$app.conf" -#================================================= -# BACKUP FAIL2BAN CONFIGURATION -#================================================= -ynh_script_progression --message="Backing up fail2ban configuration..." --time --weight=1 - -ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf" -ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf" - #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/install b/scripts/install index 2532fac..60bc7a2 100644 --- a/scripts/install +++ b/scripts/install @@ -167,14 +167,6 @@ ynh_store_file_checksum --file="$final_path/phpsysinfo.ini" # Set permissions to app files chown -R root: $final_path -#================================================= -# SETUP FAIL2BAN -#================================================= -ynh_script_progression --message="Configuring fail2ban..." --time --weight=1 - -# Create a dedicated fail2ban config -ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login" - #================================================= # SETUP SSOWAT #================================================= diff --git a/scripts/remove b/scripts/remove index 7737ea8..47fdff5 100644 --- a/scripts/remove +++ b/scripts/remove @@ -45,14 +45,6 @@ ynh_script_progression --message="Removing php-fpm configuration..." --time --we # Remove the dedicated php-fpm config ynh_remove_fpm_config -#================================================= -# REMOVE FAIL2BAN CONFIGURATION -#================================================= -ynh_script_progression --message="Removing fail2ban configuration..." --time --weight=1 - -# Remove the dedicated fail2ban config -ynh_remove_fail2ban_config - #================================================= # GENERIC FINALIZATION #================================================= diff --git a/scripts/restore b/scripts/restore index 286aa90..899b6b1 100644 --- a/scripts/restore +++ b/scripts/restore @@ -78,15 +78,6 @@ chown -R root: $final_path ynh_restore_file --origin_path="/etc/php/7.0/fpm/pool.d/$app.conf" -#================================================= -# RESTORE FAIL2BAN CONFIGURATION -#================================================= -ynh_script_progression --message="Restoring the fail2ban configuration..." --time --weight=1 - -ynh_restore_file "/etc/fail2ban/jail.d/$app.conf" -ynh_restore_file "/etc/fail2ban/filter.d/$app.conf" -ynh_systemd_action --action=restart --service_name=fail2ban - #================================================= # GENERIC FINALIZATION #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 1fdb0d6..ab909e3 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -148,14 +148,6 @@ fi #================================================= # GENERIC FINALIZATION -#================================================= -# UPGRADE FAIL2BAN -#================================================= -ynh_script_progression --message="Reconfiguring fail2ban..." --time --weight=1 - -# Create a dedicated fail2ban config -ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login" - #================================================= # SECURE FILES AND DIRECTORIES #================================================= From 665591f36cd0e874f5fd6c64af4d2acb46996e69 Mon Sep 17 00:00:00 2001 From: Inrepublica Date: Sat, 28 Mar 2020 19:22:48 +0100 Subject: [PATCH 12/12] Update README.md --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 9869946..3cbe4ed 100644 --- a/README.md +++ b/README.md @@ -26,7 +26,7 @@ Edit `phpsysinfo.ini` in `/var/www/YOURPATH/phpsysinfo.ini`. ## YunoHost specific features #### Multi-users support -Yes. +No multi-users in this app. Simply a web page. #### Supported architectures @@ -39,7 +39,7 @@ Yes. ## Additional information ## Links - +* PHPSysInfo website: https://phpsysinfo.github.io/phpsysinfo/ --- Developers info