diff --git a/conf/ldap_plugin.src b/conf/ldap_plugin.src index 6802bd1..bf7697f 100644 --- a/conf/ldap_plugin.src +++ b/conf/ldap_plugin.src @@ -1,5 +1,5 @@ -SOURCE_URL=https://gitlab.lindenaar.net/piwigo/Ldap_Login/repository/archive.zip?ref=master -SOURCE_SUM=e33b35deb7fc2f23a185fc278c7f2208dedde2153d23f710579c4bdd23ef1b36 +SOURCE_URL=http://piwigo.org/ext/download.php?rid=4849 +SOURCE_SUM=523c532b9fec1328510bdb12f6ffd2af4f134a33b86b22cf6fc4c7eaebb6e954 SOURCE_FORMAT=zip SOURCE_IN_SUBDIR=true diff --git a/conf/nginx.conf b/conf/nginx.conf index f997658..eef6ba5 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,6 +1,6 @@ location __PATH__ { alias __FINALPATH__/; - client_max_body_size 1G; + client_max_body_size 100M; index index.php; default_type text/html; location ~ [^/]\.php(/|$) { diff --git a/conf/php-fpm.ini b/conf/php-fpm.ini index c3d888a..3fbeb35 100644 --- a/conf/php-fpm.ini +++ b/conf/php-fpm.ini @@ -1,7 +1,7 @@ ; Common values to change to increase file upload limit -upload_max_filesize = 1G -post_max_size = 1G +upload_max_filesize = 100M +post_max_size = 100M ; Other common parameters -max_execution_time = 600 -max_input_time = 300 +max_execution_time = 3600 +max_input_time = 3600 diff --git a/scripts/_common.sh b/scripts/_common.sh index beef539..2a3b1f5 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -3,6 +3,8 @@ # Common variables # +pkg_dependencies="php5-gd" + # ============= FUTURE YUNOHOST HELPERS ============= # Create a dedicated fail2ban config (jail and filter conf files) diff --git a/scripts/backup b/scripts/backup index b675bb8..f5b753c 100644 --- a/scripts/backup +++ b/scripts/backup @@ -22,7 +22,7 @@ source /usr/share/yunohost/helpers app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get $app domain) -final_path="/var/www/${app}" +final_path=$(ynh_app_setting_get "$app" final_path) db_name=$(ynh_app_setting_get $app db_name) #================================================= diff --git a/scripts/install b/scripts/install index 5f37f17..a84bb03 100644 --- a/scripts/install +++ b/scripts/install @@ -63,6 +63,10 @@ ynh_app_setting_set $app language "$language" #================================================= # STANDARD MODIFICATIONS #================================================= +# INSTALL DEPENDENCIES +#================================================= + +ynh_install_app_dependencies "$pkg_dependencies" #================================================= # CREATE A MYSQL DB @@ -100,23 +104,21 @@ ynh_system_user_create $app # Create a dedicated system user # Install files and set permissions mkdir $final_path -cp -a $TMPDIR/!(upload|galleries) $final_path +cp -a $TMPDIR/!(upload|_data) $final_path datapath=/home/yunohost.app/$app -mkdir -p $datapath -mkdir -p $datapath/galleries +mkdir -p $datapath/_data mkdir -p $datapath/upload -ln -sd $datapath/galleries $final_path/galleries -cp -a $TMPDIR/galleries/* $final_path/galleries/ +ln -sd $datapath/_data $final_path/_data ln -sd $datapath/upload $final_path/upload chown -R $app: $final_path chown -R $app: $datapath -chmod 755 -R $final_path/galleries +chmod 755 -R $final_path/_data #================================================= -# NGINX CONFIGURATION +# NGINX AND PHP-FPM CONFIGURATION #================================================= ynh_add_nginx_config @@ -125,10 +127,10 @@ ynh_store_file_checksum "/etc/nginx/conf.d/$domain.d/$app.conf" # Copy and set php-fpm configuration ynh_add_fpm_config -# Set permissions and reload nginx (needed at this stage for the PHP piwigo installation process) -systemctl reload nginx -sleep 5s -systemctl reload php5-fpm +#================================================= +# CONFIGURE PIWIGO +#================================================= + ynh_app_setting_set "$app" unprotected_uris "/" yunohost app ssowatconf @@ -138,7 +140,6 @@ adm_pwd=$(ynh_string_random 24) ynh_app_setting_set $app admin_pwd "$adm_pwd" # Configure piwigo via curl -sleep 5s mail="$(ynh_user_get_info $admin mail)" ynh_local_curl "/install.php?language=$applanguage" "install=true" "dbuser=$db_user" "dbpasswd=$db_pwd" "dbname=$db_name" "admin_name=$admin" "admin_pass1=$adm_pwd" "admin_pass2=$adm_pwd" "admin_mail=$mail" @@ -155,6 +156,10 @@ cp ../conf/database.inc.php $final_path/local/config/database.inc.php # Calculate and store the database config file checksum ynh_store_file_checksum "$final_path/local/config/database.inc.php" +#================================================= +# ADD LDAP & FAIL2BAN PLUGINS +#================================================= + # Activate LDAP plugin ynh_mysql_connect_as $db_name $db_pwd $db_user <<< "INSERT INTO plugins (id,state,version) VALUES ('Ldap_Login','active','1.1');" diff --git a/scripts/remove b/scripts/remove index c9d0b71..b9cb134 100644 --- a/scripts/remove +++ b/scripts/remove @@ -1,7 +1,5 @@ #!/bin/bash -# Treat unset variables as an error -set -u #================================================= # GENERIC STARTING #================================================= @@ -24,6 +22,11 @@ domain=$(ynh_app_setting_get "$app" domain) #================================================= # STANDARD REMOVE #================================================= +# REMOVE DEPENDENCIES +#================================================= + +# Remove metapackage and its dependencies +ynh_remove_app_dependencies #================================================= # REMOVE THE MYSQL DB @@ -36,7 +39,6 @@ ynh_mysql_remove_db "$app" "$db_name" #================================================= ynh_secure_remove "/var/www/$app" -ynh_secure_remove "/home/yunohost.app/$app" #================================================= # REMOVE FAIL2BAN CONFIGURATION @@ -51,10 +53,6 @@ ynh_remove_fail2ban_config ynh_remove_fpm_config ynh_remove_nginx_config -# Reload services -systemctl restart php5-fpm -systemctl reload nginx - #================================================= # REMOVE DEDICATED USER #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index af83a4a..62b0424 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -26,6 +26,7 @@ DESTDIR="/var/www/$app" # Retrieve arguments domain=$(ynh_app_setting_get "$app" domain) + path_url=$(ynh_app_setting_get "$app" path_url) # Compatibility with previous version if [ -z "$path_url" ] ; then @@ -33,34 +34,43 @@ if [ -z "$path_url" ] ; then ynh_app_setting_set $app path_url "$path_url" fi path_url=$(ynh_normalize_url_path $path_url) + final_path=$(ynh_app_setting_get "$app" final_path) # Compatibility with previous version if [ -z "$final_path" ] ; then final_path="/var/www/$app" ynh_app_setting_set $app final_path "$final_path" fi + db_name=$(ynh_app_setting_get "$app" db_name) # Compatibility with previous version if [ -z "$db_name" ] ; then db_name=$app ynh_app_setting_set "$app" db_name "$db_name" fi + db_user="$db_name" db_pwd=$(ynh_app_setting_get "$app" mysqlpwd) admin=$(ynh_app_setting_get "$app" admin) + admin_pwd=$(ynh_app_setting_get "$app" admin_pwd) -# Compatibility with previous version; password not set +# Compatibility with previous version; password was not set if [ -z "$admin_pwd" ] ; then # Generate a new password - admin_pwd=$(dd if=/dev/urandom bs=1 count=200 2> /dev/null | tr -c -d 'A-Za-z0-9' | sed -n 's/\(.\{24\}\).*/\1/p') + admin_pwd=$(ynh_string_random 24) + # Compute password hash with the Piwigo function cp ../conf/hash_password.php $final_path hashed_password=$(cd $final_path ; php hash_password.php $admin_pwd) + # Update password hash in database ynh_mysql_connect_as $db_name $db_pwd $db_user <<< "UPDATE users SET password='$hashed_password' WHERE username='$admin';" ynh_app_setting_set $app admin_pwd "$admin_pwd" + + # Remove the temporary hash generation script ynh_secure_remove "$final_path/hash_password.php" fi + language=$(ynh_app_setting_get "$app" language) if [ "$language" = "fr" ] ; then applanguage="fr_FR" @@ -68,9 +78,8 @@ else applanguage="en_UK" fi - - is_public=$(ynh_app_setting_get "$app" is_public) + #================================================= # MANAGE SCRIPT FAILURE #================================================= @@ -80,11 +89,17 @@ is_public=$(ynh_app_setting_get "$app" is_public) if [ -f "/etc/yunohost/apps/$app/scripts/backup" ] ; then ynh_backup_before_upgrade # Backup the current version of the app ynh_clean_setup () { - ynh_backup_after_failed_upgrade + ynh_restore_upgradebackup } ynh_abort_if_errors # Stop script if an error is detected fi +#================================================= +# INSTALL DEPENDENCIES +#================================================= + +ynh_install_app_dependencies "$pkg_dependencies" + #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -107,17 +122,37 @@ ynh_system_user_create $app # Create dedicated user if not existing # SPECIFIC SETUP #================================================= -# Install files and set permissions -cp -a $TMPDIR/!(upload|galleries) $final_path +# We store photos (potentially large data) on /home/yunohost.app +datapath=/home/yunohost.app/$app + +# Backward compatibility: +# If the galleries subdirectory was moved, +# remove the link and overwrite it +# (this directory always includes only a single index.php file...) +if [ -h $final_path/galleries ] ; then + rm -f $final_path/galleries # only a symbolic link, ynh_secure_remove can't handle that + ynh_secure_remove $datapath/galleries +fi + +# Install files and set permissions +cp -a $TMPDIR/!(upload|_data) $final_path + + +# Backward compatibility: +# If the _data subdirectory wasn't already moved to /home/yunohost.app/$app, +# then move it there +if [ ! -h $final_path/_data ] ; then + mv $final_path/_data $datapath + ln -sd $datapath/_data $final_path/_data +fi -cp -a $TMPDIR/galleries/* $final_path/galleries/ chown -R $app: $final_path -chown -R $app: /home/yunohost.app/$app -chmod 755 -R $final_path/galleries +chown -R $app: $datapath +chmod 755 -R $final_path/_data #================================================= -# NGINX CONFIGURATION +# NGINX AND PHP-FPM CONFIGURATION #================================================= ynh_add_nginx_config @@ -126,15 +161,14 @@ ynh_store_file_checksum "/etc/nginx/conf.d/$domain.d/$app.conf" # Copy and set php-fpm configuration ynh_add_fpm_config -# Set permissions and reload nginx (needed at this stage for the PHP piwigo installation process) -systemctl reload nginx -sleep 5s -systemctl reload php5-fpm +#================================================= +# CONFIGURE PIWIGO +#================================================= + ynh_app_setting_set "$app" unprotected_uris "/" yunohost app ssowatconf # Configure piwigo via curl -sleep 5s ynh_local_curl "/upgrade.php?language=$applanguage&now=true" "language=$applanguage" "username=$admin" "password=$admin_pwd" # Make a backup of the original config file if modified @@ -154,6 +188,10 @@ cp ../conf/database.inc.php $final_path/local/config/database.inc.php # Calculate and store the database config file checksum ynh_store_file_checksum "$final_path/local/config/database.inc.php" +#================================================= +# ADD LDAP & FAIL2BAN PLUGINS +#================================================= + # Activate ldap plugin ynh_mysql_connect_as $db_name $db_pwd $db_user <<< "UPDATE plugins SET state='active' WHERE id='Ldap_Login';"