diff --git a/manifest.json b/manifest.json index a570eb3..50d0c92 100644 --- a/manifest.json +++ b/manifest.json @@ -15,7 +15,7 @@ "url": "" }, "requirements": { - "yunohost": ">> 2.4.0" + "yunohost": ">= 2.7.2" }, "multi_instance": true, "services": [ diff --git a/scripts/_common.sh b/scripts/_common.sh index aaf61da..beef539 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -3,578 +3,6 @@ # Common variables # -WARNING () { # Print on error output - $@ >&2 -} - -QUIET () { # redirect standard output to /dev/null - $@ > /dev/null -} - -HUMAN_SIZE () { # Transforms a Kb-based size to a human-readable size - human=$(numfmt --to=iec --from-unit=1K $1) - echo $human -} - -CHECK_SIZE () { # Check if enough disk space available on backup storage - file_to_analyse=$1 - backup_size=$(sudo du --summarize "$file_to_analyse" | cut -f1) - free_space=$(sudo df --output=avail "/home/yunohost.backup" | sed 1d) - - if [ $free_space -le $backup_size ] - then - WARNING echo "Not enough backup disk space for: $file_to_analyse." - WARNING echo "Space available: $(HUMAN_SIZE $free_space)" - ynh_die "Space needed: $(HUMAN_SIZE $backup_size)" - fi -} - -CHECK_DOMAINPATH () { # Check domain/path availability - sudo yunohost app checkurl $domain$path_url -a $app -} - -CHECK_FINALPATH () { # Check if destination directory already exists - final_path="/var/www/$app" - test ! -e "$final_path" || ynh_die "This path already contains a folder" -} - -#================================================= -# FUTURE YUNOHOST HELPERS - TO BE REMOVED LATER -#================================================= - -# Normalize the url path syntax -# Handle the slash at the beginning of path and its absence at ending -# Return a normalized url path -# -# example: url_path=$(ynh_normalize_url_path $url_path) -# ynh_normalize_url_path example -> /example -# ynh_normalize_url_path /example -> /example -# ynh_normalize_url_path /example/ -> /example -# ynh_normalize_url_path / -> / -# -# usage: ynh_normalize_url_path path_to_normalize -# | arg: url_path_to_normalize - URL path to normalize before using it -ynh_normalize_url_path () { - path_url=$1 - test -n "$path_url" || ynh_die "ynh_normalize_url_path expect a URL path as first argument and received nothing." - if [ "${path_url:0:1}" != "/" ]; then # If the first character is not a / - path_url="/$path_url" # Add / at begin of path variable - fi - if [ "${path_url:${#path_url}-1}" == "/" ] && [ ${#path_url} -gt 1 ]; then # If the last character is a / and that not the only character. - path_url="${path_url:0:${#path_url}-1}" # Delete the last character - fi - echo $path_url -} - -# Manage a fail of the script -# -# Print a warning to inform that the script was failed -# Execute the ynh_clean_setup function if used in the app script -# -# usage of ynh_clean_setup function -# This function provide a way to clean some residual of installation that not managed by remove script. -# To use it, simply add in your script: -# ynh_clean_setup () { -# instructions... -# } -# This function is optionnal. -# -# Usage: ynh_exit_properly is used only by the helper ynh_abort_if_errors. -# You must not use it directly. -ynh_exit_properly () { - exit_code=$? - if [ "$exit_code" -eq 0 ]; then - exit 0 # Exit without error if the script ended correctly - fi - - trap '' EXIT # Ignore new exit signals - set +eu # Do not exit anymore if a command fail or if a variable is empty - - echo -e "!!\n $app's script has encountered an error. Its execution was cancelled.\n!!" >&2 - - if type -t ynh_clean_setup > /dev/null; then # Check if the function exist in the app script. - ynh_clean_setup # Call the function to do specific cleaning for the app. - fi - - ynh_die # Exit with error status -} - -# Exit if an error occurs during the execution of the script. -# -# Stop immediatly the execution if an error occured or if a empty variable is used. -# The execution of the script is derivate to ynh_exit_properly function before exit. -# -# Usage: ynh_abort_if_errors -ynh_abort_if_errors () { - set -eu # Exit if a command fail, and if a variable is used unset. - trap ynh_exit_properly EXIT # Capturing exit signals on shell script -} - -# Check if a mysql user exists -# -# usage: ynh_mysql_user_exists user -# | arg: user - the user for which to check existence -function ynh_mysql_user_exists() -{ - local user=$1 - if [[ -z $(ynh_mysql_execute_as_root "SELECT User from mysql.user WHERE User = '$user';") ]] - then - return 1 - else - return 0 - fi -} - -# Create a database, an user and its password. Then store the password in the app's config -# -# After executing this helper, the password of the created database will be available in $db_pwd -# It will also be stored as "mysqlpwd" into the app settings. -# -# usage: ynh_mysql_setup_db user name -# | arg: user - Owner of the database -# | arg: name - Name of the database -ynh_mysql_setup_db () { - local db_user="$1" - local db_name="$2" - db_pwd=$(ynh_string_random) # Generate a random password - ynh_mysql_create_db "$db_name" "$db_user" "$db_pwd" # Create the database - ynh_app_setting_set $app mysqlpwd $db_pwd # Store the password in the app's config -} - -# Remove a database if it exists, and the associated user -# -# usage: ynh_mysql_remove_db user name -# | arg: user - Owner of the database -# | arg: name - Name of the database -ynh_mysql_remove_db () { - local db_user="$1" - local db_name="$2" - local mysql_root_password=$(sudo cat $MYSQL_ROOT_PWD_FILE) - if mysqlshow -u root -p$mysql_root_password | grep -q "^| $db_name"; then # Check if the database exists - echo "Removing database $db_name" >&2 - ynh_mysql_drop_db $db_name # Remove the database - else - echo "Database $db_name not found" >&2 - fi - - # Remove mysql user if it exists - if $(ynh_mysql_user_exists $db_user); then - ynh_mysql_drop_user $db_user - fi -} - -# Sanitize a string intended to be the name of a database -# (More specifically : replace - and . by _) -# -# Exemple: dbname=$(ynh_sanitize_dbid $app) -# -# usage: ynh_sanitize_dbid name -# | arg: name - name to correct/sanitize -# | ret: the corrected name -ynh_sanitize_dbid () { - dbid=${1//[-.]/_} # We should avoid having - and . in the name of databases. They are replaced by _ - echo $dbid -} - -# Substitute/replace a string by another in a file -# -# usage: ynh_replace_string match_string replace_string target_file -# | arg: match_string - String to be searched and replaced in the file -# | arg: replace_string - String that will replace matches -# | arg: target_file - File in which the string will be replaced. -ynh_replace_string () { - delimit=@ - match_string=${1//${delimit}/"\\${delimit}"} # Escape the delimiter if it's in the string. - replace_string=${2//${delimit}/"\\${delimit}"} - workfile=$3 - - sudo sed --in-place "s${delimit}${match_string}${delimit}${replace_string}${delimit}g" "$workfile" -} - -# Remove a file or a directory securely -# -# usage: ynh_secure_remove path_to_remove -# | arg: path_to_remove - File or directory to remove -ynh_secure_remove () { - path_to_remove=$1 - forbidden_path=" \ - /var/www \ - /home/yunohost.app" - - if [[ "$forbidden_path" =~ "$path_to_remove" \ - # Match all paths or subpaths in $forbidden_path - || "$path_to_remove" =~ ^/[[:alnum:]]+$ \ - # Match all first level paths from / (Like /var, /root, etc...) - || "${path_to_remove:${#path_to_remove}-1}" = "/" ]] - # Match if the path finishes by /. Because it seems there is an empty variable - then - echo "Avoid deleting $path_to_remove." >&2 - else - if [ -e "$path_to_remove" ] - then - sudo rm -R "$path_to_remove" - else - echo "$path_to_remove wasn't deleted because it doesn't exist." >&2 - fi - fi -} - -# Create a system user -# -# usage: ynh_system_user_create user_name [home_dir] -# | arg: user_name - Name of the system user that will be create -# | arg: home_dir - Path of the home dir for the user. Usually the final path of the app. If this argument is omitted, the user will be created without home -ynh_system_user_create () { - if ! ynh_system_user_exists "$1" # Check if the user exists on the system - then # If the user doesn't exist - if [ $# -ge 2 ]; then # If a home dir is mentioned - user_home_dir="-d $2" - else - user_home_dir="--no-create-home" - fi - sudo useradd $user_home_dir --system --user-group $1 --shell /usr/sbin/nologin || ynh_die "Unable to create $1 system account" - fi -} - -# Delete a system user -# -# usage: ynh_system_user_delete user_name -# | arg: user_name - Name of the system user that will be create -ynh_system_user_delete () { - if ynh_system_user_exists "$1" # Check if the user exists on the system - then - echo "Remove the user $1" >&2 - sudo userdel $1 - else - echo "The user $1 was not found" >&2 - fi -} - -# Restore a previous backup if the upgrade process failed -# -# usage: -# ynh_backup_before_upgrade -# ynh_clean_setup () { -# ynh_backup_after_failed_upgrade -# } -# ynh_abort_if_errors -# -ynh_backup_after_failed_upgrade () { - echo "Upgrade failed." >&2 - app_bck=${app//_/-} # Replace all '_' by '-' - # Check if a existing backup can be found before remove and restore the application. - if sudo yunohost backup list | grep -q $app_bck-pre-upgrade$backup_number - then - # Remove the application then restore it - sudo yunohost app remove $app - # Restore the backup if the upgrade failed - sudo yunohost backup restore --ignore-hooks $app_bck-pre-upgrade$backup_number --apps $app --force - ynh_die "The app was restored to the way it was before the failed upgrade." - fi -} - -# Make a backup in case of failed upgrade -# -# usage: -# ynh_backup_before_upgrade -# ynh_clean_setup () { -# ynh_backup_after_failed_upgrade -# } -# ynh_abort_if_errors -# -ynh_backup_before_upgrade () { - backup_number=1 - old_backup_number=2 - app_bck=${app//_/-} # Replace all '_' by '-' - # Check if a backup already exist with the prefix 1. - if sudo yunohost backup list | grep -q $app_bck-pre-upgrade1 - then - # Prefix become 2 to preserve the previous backup - backup_number=2 - old_backup_number=1 - fi - - # Create another backup - sudo yunohost backup create --ignore-hooks --apps $app --name $app_bck-pre-upgrade$backup_number - if [ "$?" -eq 0 ] - then - # If the backup succedded, remove the previous backup - if sudo yunohost backup list | grep -q $app_bck-pre-upgrade$old_backup_number - then - # Remove the previous backup only if it exists - sudo yunohost backup delete $app_bck-pre-upgrade$old_backup_number > /dev/null - fi - else - ynh_die "Backup failed, the upgrade process was aborted." - fi -} - -# Create a dedicated nginx config -# -# usage: ynh_add_nginx_config -ynh_add_nginx_config () { - finalnginxconf="/etc/nginx/conf.d/$domain.d/$app.conf" - ynh_backup_if_checksum_is_different "$finalnginxconf" 1 - sudo cp ../conf/nginx.conf "$finalnginxconf" - - # To avoid a break by set -u, use a void substitution ${var:-}. If the variable is not set, it's simply set with an empty variable. - # Substitute in a nginx config file only if the variable is not empty - if test -n "${path_url:-}"; then - ynh_replace_string "__PATH__" "$path_url" "$finalnginxconf" - fi - if test -n "${domain:-}"; then - ynh_replace_string "__DOMAIN__" "$domain" "$finalnginxconf" - fi - if test -n "${port:-}"; then - ynh_replace_string "__PORT__" "$port" "$finalnginxconf" - fi - if test -n "${app:-}"; then - ynh_replace_string "__NAME__" "$app" "$finalnginxconf" - fi - if test -n "${final_path:-}"; then - ynh_replace_string "__FINALPATH__" "$final_path" "$finalnginxconf" - fi - ynh_store_file_checksum "$finalnginxconf" - - sudo systemctl reload nginx -} - -# Remove the dedicated nginx config -# -# usage: ynh_remove_nginx_config -ynh_remove_nginx_config () { - ynh_secure_remove "/etc/nginx/conf.d/$domain.d/$app.conf" - sudo systemctl reload nginx -} - -# Create a dedicated php-fpm config -# -# usage: ynh_add_fpm_config -ynh_add_fpm_config () { - finalphpconf="/etc/php5/fpm/pool.d/$app.conf" - ynh_backup_if_checksum_is_different "$finalphpconf" 1 - sudo cp ../conf/php-fpm.conf "$finalphpconf" - ynh_replace_string "__NAMETOCHANGE__" "$app" "$finalphpconf" - ynh_replace_string "__FINALPATH__" "$final_path" "$finalphpconf" - ynh_replace_string "__USER__" "$app" "$finalphpconf" - sudo chown root: "$finalphpconf" - ynh_store_file_checksum "$finalphpconf" - - if [ -e "../conf/php-fpm.ini" ] - then - finalphpini="/etc/php5/fpm/conf.d/20-$app.ini" - ynh_backup_if_checksum_is_different "$finalphpini" 1 - sudo cp ../conf/php-fpm.ini "$finalphpini" - sudo chown root: "$finalphpini" - ynh_store_file_checksum "$finalphpini" - fi - - sudo systemctl reload php5-fpm -} - -# Remove the dedicated php-fpm config -# -# usage: ynh_remove_fpm_config -ynh_remove_fpm_config () { - ynh_secure_remove "/etc/php5/fpm/pool.d/$app.conf" - ynh_secure_remove "/etc/php5/fpm/conf.d/20-$app.ini" 2>&1 - sudo systemctl reload php5-fpm -} - -# Calculate and store a file checksum into the app settings -# -# $app should be defined when calling this helper -# -# usage: ynh_store_file_checksum file -# | arg: file - The file on which the checksum will performed, then stored. -ynh_store_file_checksum () { - local checksum_setting_name=checksum_${1//[\/ ]/_} # Replace all '/' and ' ' by '_' - ynh_app_setting_set $app $checksum_setting_name $(sudo md5sum "$1" | cut -d' ' -f1) -} - -# Verify the checksum and backup the file if it's different -# This helper is primarily meant to allow to easily backup personalised/manually -# modified config files. -# -# $app should be defined when calling this helper -# -# usage: ynh_backup_if_checksum_is_different file [compress] -# | arg: file - The file on which the checksum test will be perfomed. -# | arg: compress - 1 to compress the backup instead of a simple copy -# A compression is needed for a file which will be analyzed even if its name is different. -# -# | ret: Return the name a the backup file, or nothing -ynh_backup_if_checksum_is_different () { - local file=$1 - local compress_backup=${2:-0} # If $2 is empty, compress_backup will set at 0 - local checksum_setting_name=checksum_${file//[\/ ]/_} # Replace all '/' and ' ' by '_' - local checksum_value=$(ynh_app_setting_get $app $checksum_setting_name) - if [ -n "$checksum_value" ] - then # Proceed only if a value was stored into the app settings - if ! echo "$checksum_value $file" | sudo md5sum -c --status - then # If the checksum is now different - backup_file="$file.backup.$(date '+%d.%m.%y_%Hh%M,%Ss')" - if [ $compress_backup -eq 1 ] - then - sudo tar --create --gzip --file "$backup_file.tar.gz" "$file" # Backup the current file and compress - backup_file="$backup_file.tar.gz" - else - sudo cp -a "$file" "$backup_file" # Backup the current file - fi - echo "File $file has been manually modified since the installation or last upgrade. So it has been duplicated in $backup_file" >&2 - echo "$backup_file" # Return the name of the backup file - fi - fi -} - -YNH_EXECUTION_DIR=$(pwd) -# Download, check integrity, uncompress and patch the source from app.src -# -# The file conf/app.src need to contains: -# -# SOURCE_URL=Address to download the app archive -# SOURCE_SUM=Control sum -# # (Optional) Programm to check the integrity (sha256sum, md5sum$YNH_EXECUTION_DIR/...) -# # default: sha256 -# SOURCE_SUM_PRG=sha256 -# # (Optional) Archive format -# # default: tar.gz -# SOURCE_FORMAT=tar.gz -# # (Optional) Put false if source are directly in the archive root -# # default: true -# SOURCE_IN_SUBDIR=false -# # (Optionnal) Name of the local archive (offline setup support) -# # default: ${src_id}.${src_format} -# SOURCE_FILENAME=example.tar.gz -# -# Details: -# This helper download sources from SOURCE_URL if there is no local source -# archive in /opt/yunohost-apps-src/APP_ID/SOURCE_FILENAME -# -# Next, it check the integrity with "SOURCE_SUM_PRG -c --status" command. -# -# If it's ok, the source archive will be uncompress in $dest_dir. If the -# SOURCE_IN_SUBDIR is true, the first level directory of the archive will be -# removed. -# -# Finally, patches named sources/patches/${src_id}-*.patch and extra files in -# sources/extra_files/$src_id will be applyed to dest_dir -# -# -# usage: ynh_setup_source dest_dir [source_id] -# | arg: dest_dir - Directory where to setup sources -# | arg: source_id - Name of the app, if the package contains more than one app -ynh_setup_source () { - local dest_dir=$1 - local src_id=${2:-app} # If the argument is not given, source_id equal "app" - - # Load value from configuration file (see above for a small doc about this file - # format) - local src_url=$(grep 'SOURCE_URL=' "$YNH_EXECUTION_DIR/../conf/${src_id}.src" | cut -d= -f2-) - local src_sum=$(grep 'SOURCE_SUM=' "$YNH_EXECUTION_DIR/../conf/${src_id}.src" | cut -d= -f2-) - local src_sumprg=$(grep 'SOURCE_SUM_PRG=' "$YNH_EXECUTION_DIR/../conf/${src_id}.src" | cut -d= -f2-) - local src_format=$(grep 'SOURCE_FORMAT=' "$YNH_EXECUTION_DIR/../conf/${src_id}.src" | cut -d= -f2-) - local src_in_subdir=$(grep 'SOURCE_IN_SUBDIR=' "$YNH_EXECUTION_DIR/../conf/${src_id}.src" | cut -d= -f2-) - local src_filename=$(grep 'SOURCE_FILENAME=' "$YNH_EXECUTION_DIR/../conf/${src_id}.src" | cut -d= -f2-) - - # Default value - src_sumprg=${src_sumprg:-sha256sum} - src_in_subdir=${src_in_subdir:-true} - src_format=${src_format:-tar.gz} - src_format=$(echo "$src_format" | tr '[:upper:]' '[:lower:]') - if [ "$src_filename" = "" ] ; then - src_filename="${src_id}.${src_format}" - fi - local local_src="/opt/yunohost-apps-src/${YNH_APP_ID}/${src_filename}" - - if test -e "$local_src" - then # Use the local source file if it is present - cp $local_src $src_filename - else # If not, download the source - wget -nv -O $src_filename $src_url - fi - - # Check the control sum - echo "${src_sum} ${src_filename}" | ${src_sumprg} -c --status \ - || ynh_die "Corrupt source" - - # Extract source into the app dir - mkdir -p "$dest_dir" - if [ "$src_format" = "zip" ] - then - # Zip format - # Using of a temp directory, because unzip doesn't manage --strip-components - if $src_in_subdir ; then - local tmp_dir=$(mktemp -d) - unzip -quo $src_filename -d "$tmp_dir" - cp -a $tmp_dir/*/. "$dest_dir" - ynh_secure_remove "$tmp_dir" - else - unzip -quo $src_filename -d "$dest_dir" - fi - else - local strip="" - if $src_in_subdir ; then - strip="--strip-components 1" - fi - if [[ "$src_format" =~ ^tar.gz|tar.bz2|tar.xz$ ]] ; then - tar -xf $src_filename -C "$dest_dir" $strip - else - ynh_die "Archive format unrecognized." - fi - fi - - # Apply patches - if (( $(find $YNH_EXECUTION_DIR/../sources/patches/ -type f -name "${src_id}-*.patch" 2> /dev/null | wc -l) > "0" )); then - local old_dir=$(pwd) - (cd "$dest_dir" \ - && for p in $YNH_EXECUTION_DIR/../sources/patches/${src_id}-*.patch; do \ - patch -p1 < $p; done) \ - || ynh_die "Unable to apply patches" - cd $old_dir - fi - - # Add supplementary files - if test -e "$YNH_EXECUTION_DIR/../sources/extra_files/${src_id}"; then - cp -a $YNH_EXECUTION_DIR/../sources/extra_files/$src_id/. "$dest_dir" - fi - -} - -# Curl abstraction to help with POST requests to local pages (such as installation forms) -# -# $domain and $path_url should be defined externally (and correspond to the domain.tld and the /path (of the app?)) -# -# example: ynh_local_curl "/install.php?installButton" "foo=$var1" "bar=$var2" -# -# usage: ynh_local_curl "page_uri" "key1=value1" "key2=value2" ... -# | arg: page_uri - Path (relative to $path_url) of the page where POST data will be sent -# | arg: key1=value1 - (Optionnal) POST key and corresponding value -# | arg: key2=value2 - (Optionnal) Another POST key and corresponding value -# | arg: ... - (Optionnal) More POST keys and values -ynh_local_curl () { - # Define url of page to curl -# if [ "$path_url" != "/" ]; then - full_page_url=https://localhost$path_url$1 -# else -# full_page_url=https://localhost$1 -# fi - # Concatenate all other arguments with '&' to prepare POST data - POST_data="" - for arg in "${@:2}" - do - POST_data="${POST_data}${arg}&" - done - if [ -n "$POST_data" ] - then - # Add --data arg and remove the last character, which is an unecessary '&' - POST_data="--data ${POST_data::-1}" - fi - - # Curl the URL - curl --silent --show-error -kL -H "Host: $domain" -X POST --resolve $domain:443:127.0.0.1 $POST_data "$full_page_url" -} - # ============= FUTURE YUNOHOST HELPERS ============= # Create a dedicated fail2ban config (jail and filter conf files) @@ -599,7 +27,7 @@ ynh_add_fail2ban_config () { ynh_backup_if_checksum_is_different "$finalfail2banjailconf" 1 ynh_backup_if_checksum_is_different "$finalfail2banfilterconf" 1 - sudo tee $finalfail2banjailconf < $finalfail2banjailconf < $finalfail2banfilterconf <&2 fi @@ -50,25 +46,23 @@ fi #================================================= # BACKUP FAIL2BAN CONFIGURATION #================================================= -ynh_backup "/etc/fail2ban/jail.d/$app.conf" "jaild.conf" -ynh_backup "/etc/fail2ban/filter.d/$app.conf" "filterd.conf" +ynh_backup "/etc/fail2ban/jail.d/$app.conf" +ynh_backup "/etc/fail2ban/filter.d/$app.conf" #================================================= # BACKUP NGINX CONFIGURATION #================================================= -ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf" "nginx.conf" +ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= # BACKUP PHP-FPM CONFIGURATION #================================================= -ynh_backup "/etc/php5/fpm/pool.d/$app.conf" "php-fpm.conf" +ynh_backup "/etc/php5/fpm/pool.d/$app.conf" #================================================= # BACKUP MYSQL DB #================================================= -ynh_mysql_dump_db "$db_name" > dump.sql -CHECK_SIZE "dump.sql" -ynh_backup "dump.sql" "db.sql" \ No newline at end of file +ynh_mysql_dump_db "$db_name" > db.sql diff --git a/scripts/change_url b/scripts/change_url index ddf3e4f..5ca358b 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -83,4 +83,4 @@ fi # RELOAD NGINX #================================================= -sudo systemctl reload nginx +systemctl reload nginx diff --git a/scripts/install b/scripts/install index 5e34e2d..4998136 100644 --- a/scripts/install +++ b/scripts/install @@ -41,8 +41,14 @@ fi #================================================= path_url=$(ynh_normalize_url_path $path_url) # Check and normalize path -CHECK_DOMAINPATH # Check domain and path availability -CHECK_FINALPATH # Check if destination directory is not already in use + +final_path=/var/www/$app +test ! -e "$final_path" || ynh_die "This path already contains a folder" + +# Check web path availability +ynh_webpath_available $domain $path_url +# Register (book) web path +ynh_webpath_register $app $domain $path_url #================================================= # STORE SETTINGS FROM MANIFEST @@ -91,21 +97,21 @@ ynh_system_user_create $app # Create a dedicated system user #================================================= # Install files and set permissions -sudo mkdir $final_path -sudo cp -a $TMPDIR/!(upload|galleries) $final_path +mkdir $final_path +cp -a $TMPDIR/!(upload|galleries) $final_path datapath=/home/yunohost.app/$app -sudo mkdir -p $datapath -sudo mkdir -p $datapath/galleries -sudo mkdir -p $datapath/upload +mkdir -p $datapath +mkdir -p $datapath/galleries +mkdir -p $datapath/upload -sudo ln -sd $datapath/galleries $final_path/galleries -sudo cp -a $TMPDIR/galleries/* $final_path/galleries/ -sudo ln -sd $datapath/upload $final_path/upload +ln -sd $datapath/galleries $final_path/galleries +cp -a $TMPDIR/galleries/* $final_path/galleries/ +ln -sd $datapath/upload $final_path/upload -sudo chown -R $app: $final_path -sudo chown -R $app: $datapath -sudo chmod 755 -R $final_path/galleries +chown -R $app: $final_path +chown -R $app: $datapath +chmod 755 -R $final_path/galleries #================================================= # NGINX CONFIGURATION @@ -118,11 +124,11 @@ ynh_store_file_checksum "/etc/nginx/conf.d/$domain.d/$app.conf" ynh_add_fpm_config # Set permissions and reload nginx (needed at this stage for the PHP piwigo installation process) -sudo systemctl reload nginx +systemctl reload nginx sleep 5s -sudo systemctl reload php5-fpm +systemctl reload php5-fpm ynh_app_setting_set "$app" unprotected_uris "/" -sudo yunohost app ssowatconf +yunohost app ssowatconf # Generate random password for admin @@ -135,13 +141,17 @@ mail="$(ynh_user_get_info $admin mail)" ynh_local_curl "/install.php?language=$applanguage" "install=true" "dbuser=$db_user" "dbpasswd=$db_pwd" "dbname=$db_name" "admin_name=$admin" "admin_pass1=$adm_pwd" "admin_pass2=$adm_pwd" "admin_mail=$mail" # Change local config -sudo cp ../conf/config.inc.php $final_path/local/config/ +cp ../conf/config.inc.php $final_path/local/config/ +# Calculate and store the config file checksum +ynh_store_file_checksum "$final_path/local/config/config.inc.php" # Setup database in local/config/database.inc.php ynh_replace_string "DBTOCHANGE" "$db_name" ../conf/database.inc.php ynh_replace_string "USERTOCHANGE" "$db_user" ../conf/database.inc.php ynh_replace_string "PASSTOCHANGE" "$db_pwd" ../conf/database.inc.php -sudo cp ../conf/database.inc.php $final_path/local/config/database.inc.php +cp ../conf/database.inc.php $final_path/local/config/database.inc.php +# Calculate and store the database config file checksum +ynh_store_file_checksum "$final_path/local/config/database.inc.php" # Activate LDAP plugin ynh_mysql_connect_as $db_name $db_pwd $db_user <<< "INSERT INTO plugins (id,state,version) VALUES ('Ldap_Login','active','1.1');" @@ -149,8 +159,8 @@ ynh_mysql_connect_as $db_name $db_pwd $db_user <<< "INSERT INTO plugins (id,stat # Configure and activate log_failed_logins plugin ynh_mysql_connect_as $db_name $db_pwd $db_user <<< "INSERT INTO plugins (id,state,version) VALUES ('log_failed_logins','active','1.2');" ynh_mysql_connect_as $db_name $db_pwd $db_user <<< "INSERT INTO config (param, value) VALUES ('logFailedLoginsFilename','/var/log/${app}FailedLogins.log');" -sudo touch "/var/log/${app}FailedLogins.log" -sudo chown $app: "/var/log/${app}FailedLogins.log" +touch "/var/log/${app}FailedLogins.log" +chown $app: "/var/log/${app}FailedLogins.log" # Set-up fail2ban ynh_add_fail2ban_config "/var/log/${app}FailedLogins.log" "ip=" 6 @@ -165,5 +175,4 @@ fi #================================================= # RELOAD NGINX #================================================= -sudo systemctl restart php5-fpm -sudo systemctl reload nginx +systemctl reload nginx diff --git a/scripts/remove b/scripts/remove index bdccf72..c9d0b71 100644 --- a/scripts/remove +++ b/scripts/remove @@ -52,8 +52,8 @@ ynh_remove_fpm_config ynh_remove_nginx_config # Reload services -sudo systemctl restart php5-fpm -sudo systemctl reload nginx +systemctl restart php5-fpm +systemctl reload nginx #================================================= # REMOVE DEDICATED USER diff --git a/scripts/restore b/scripts/restore index 97bb703..699cab0 100644 --- a/scripts/restore +++ b/scripts/restore @@ -9,8 +9,8 @@ set -eu if [ ! -e _common.sh ]; then # Fetch helpers file if not in current directory - sudo cp ../settings/scripts/_common.sh ./_common.sh - sudo chmod a+rx _common.sh + cp ../settings/scripts/_common.sh ./_common.sh + chmod a+rx _common.sh fi source _common.sh source /usr/share/yunohost/helpers @@ -31,8 +31,10 @@ db_name=$(ynh_app_setting_get $app db_name) # CHECK IF THE APP CAN BE RESTORED #================================================= -CHECK_DOMAINPATH # Check domain and path availability -CHECK_FINALPATH # Check if destination directory is not already in use +ynh_webpath_available $domain $path_url \ + || ynh_die "Path not available: ${domain}${path_url}" +test ! -d $final_path \ + || ynh_die "There is already a directory: $final_path " #================================================= # STANDARD RESTORE STEPS @@ -40,16 +42,16 @@ CHECK_FINALPATH # Check if destination directory is not already in use # RESTORE NGINX CONFIGURATION #================================================= -sudo cp -a ./nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf +ynh_restore_file "/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= # RESTORE APP MAIN DIR #================================================= -sudo cp -a ./sources/. $final_path +ynh_restore_file "$final_path" # Restore data directory if backed-up -if [ -d ./data ] ; then - sudo cp -a ./data/. "/home/yunohost.app/${app}" +if [ -d "$YNH_BACKUP_DIR/data" ] ; then + ynh_restore_file "/home/yunohost.app/${app}" fi #================================================= # RESTORE MYSQL DB @@ -69,20 +71,20 @@ ynh_system_user_create $app # Recreate the dedicated user, if not existing # RESTORE USER RIGHTS #================================================= -sudo chown -R $app: $final_path +chown -R $app: $final_path #================================================= # RESTORE FAIL2BAN CONFIGURATION #================================================= -sudo cp -a ./jaild.conf "/etc/fail2ban/jail.d/$app.conf" -sudo cp -a ./filterd.conf "/etc/fail2ban/filter.d/$app.conf" -sudo systemctl restart fail2ban +ynh_restore_file "/etc/fail2ban/jail.d/$app.conf" +ynh_restore_file "/etc/fail2ban/filter.d/$app.conf" +systemctl restart fail2ban #================================================= # RESTORE PHP-FPM CONFIGURATION #================================================= -sudo cp -a ./php-fpm.conf /etc/php5/fpm/pool.d/$app.conf +ynh_restore_file /etc/php5/fpm/pool.d/$app.conf #================================================= # GENERIC FINALIZATION @@ -90,5 +92,5 @@ sudo cp -a ./php-fpm.conf /etc/php5/fpm/pool.d/$app.conf # RELOAD NGINX AND PHP-FPM #================================================= -sudo systemctl reload php5-fpm -sudo systemctl reload nginx +systemctl reload php5-fpm +systemctl reload nginx diff --git a/scripts/upgrade b/scripts/upgrade index cdf42d7..fdd1688 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -54,7 +54,7 @@ if [ -z "$admin_pwd" ] ; then # Generate a new password admin_pwd=$(dd if=/dev/urandom bs=1 count=200 2> /dev/null | tr -c -d 'A-Za-z0-9' | sed -n 's/\(.\{24\}\).*/\1/p') # Compute password hash with the Piwigo function - sudo cp ../conf/hash_password.php $final_path + cp ../conf/hash_password.php $final_path hashed_password=$(cd $final_path ; php hash_password.php $admin_pwd) # Update password hash in database ynh_mysql_connect_as $db_name $db_pwd $db_user <<< "UPDATE users SET password='$hashed_password' WHERE username='$admin';" @@ -106,13 +106,13 @@ ynh_system_user_create $app # Create dedicated user if not existing #================================================= # Install files and set permissions -sudo cp -a $TMPDIR/!(upload|galleries) $final_path +cp -a $TMPDIR/!(upload|galleries) $final_path -sudo cp -a $TMPDIR/galleries/* $final_path/galleries/ +cp -a $TMPDIR/galleries/* $final_path/galleries/ -sudo chown -R $app: $final_path -sudo chown -R $app: /home/yunohost.app/$app -sudo chmod 755 -R $final_path/galleries +chown -R $app: $final_path +chown -R $app: /home/yunohost.app/$app +chmod 755 -R $final_path/galleries #================================================= # NGINX CONFIGURATION @@ -125,24 +125,32 @@ ynh_store_file_checksum "/etc/nginx/conf.d/$domain.d/$app.conf" ynh_add_fpm_config # Set permissions and reload nginx (needed at this stage for the PHP piwigo installation process) -sudo systemctl reload nginx +systemctl reload nginx sleep 5s -sudo systemctl reload php5-fpm +systemctl reload php5-fpm ynh_app_setting_set "$app" unprotected_uris "/" -sudo yunohost app ssowatconf +yunohost app ssowatconf # Configure piwigo via curl sleep 5s ynh_local_curl "/upgrade.php?language=$applanguage&now=true" "language=$applanguage" "username=$admin" "password=$admin_pwd" +# Make a backup of the original config file if modified +ynh_backup_if_checksum_is_different "$final_path/local/config/config.inc.php" # Change local config -sudo cp ../conf/config.inc.php $final_path/local/config/ +cp ../conf/config.inc.php $final_path/local/config/ +# Calculate and store the config file checksum +ynh_store_file_checksum "$final_path/local/config/config.inc.php" +# Make a backup of the original database config file if modified +ynh_backup_if_checksum_is_different "$final_path/local/config/database.inc.php" # Setup database in local/config/database.inc.php ynh_replace_string "DBTOCHANGE" "$db_name" ../conf/database.inc.php ynh_replace_string "USERTOCHANGE" "$db_user" ../conf/database.inc.php ynh_replace_string "PASSTOCHANGE" "$db_pwd" ../conf/database.inc.php -sudo cp ../conf/database.inc.php $final_path/local/config/database.inc.php +cp ../conf/database.inc.php $final_path/local/config/database.inc.php +# Calculate and store the database config file checksum +ynh_store_file_checksum "$final_path/local/config/database.inc.php" # Activate ldap plugin ynh_mysql_connect_as $db_name $db_pwd $db_user <<< "UPDATE plugins SET state='active' WHERE id='Ldap_Login';" @@ -150,8 +158,8 @@ ynh_mysql_connect_as $db_name $db_pwd $db_user <<< "UPDATE plugins SET state='ac # Configure and activate log_failed_logins plugin ynh_mysql_connect_as $db_name $db_pwd $db_user <<< "INSERT INTO plugins (id,state,version) VALUES ('log_failed_logins','active','1.2');" 2>&1 > /dev/null ||ynh_mysql_connect_as $db_name $db_pwd $db_user <<< "UPDATE plugins SET state='active' WHERE id='log_failed_logins';" ynh_mysql_connect_as $db_name $db_pwd $db_user <<< "INSERT INTO config (param, value) VALUES ('logFailedLoginsFilename','/var/log/${app}FailedLogins.log');" 2>&1 > /dev/null || ynh_mysql_connect_as $db_name $db_pwd $db_user <<< "UPDATE config SET value='/var/log/${app}FailedLogins.log' WHERE param='logFailedLoginsFilename';" -sudo touch "/var/log/${app}FailedLogins.log" -sudo chown $app: "/var/log/${app}FailedLogins.log" +touch "/var/log/${app}FailedLogins.log" +chown $app: "/var/log/${app}FailedLogins.log" # Set-up fail2ban ynh_add_fail2ban_config "/var/log/${app}FailedLogins.log" "ip=" 6 @@ -166,5 +174,5 @@ fi #================================================= # RELOAD NGINX #================================================= -sudo systemctl restart php5-fpm -sudo systemctl reload nginx \ No newline at end of file +systemctl restart php5-fpm +systemctl reload nginx \ No newline at end of file