YunoHost-Apps/piwigo_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/piwigo_ynh.git synced 2024-09-03 20:06:03 +02:00
Code Issues Activity Actions 1

Merge pull request #7 from YunoHost-Apps/refactoring

Browse source 
Major refactoring & upgrade to version 2.9.0
This commit is contained in:
JimboJoe 2017-06-05 17:14:45 +02:00 committed by GitHub
commit 8c1d8803c8
13 changed files with 1445 additions and 537 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

68
README.md
View file

@ -1,34 +1,34 @@
Piwigo for YunoHost
---------------------
[Piwigo](http://piwigo.org) is a photo gallery software for the web, built by an active community of users and developers.
Extensions make Piwigo easily customizable. Icing on the cake, Piwigo is free and opensource.
**Shipped version:** 2.8.6
![](http://piwigo.org/screenshots/homepage/piwigo-batch-manager.png)
## Features
In addition to Piwigo core features, the following are made available with
this package:
* Integrate with YunoHost users and SSO:
* private mode: limit access to Yunohost users
* public mode:
* SSO for YunoHost users
* allow other users management, and guest mode
* Allow one YunoHost user to be the administrator (set at the installation)
## Limitations
No limitation known.
Upgrade scripts to be designed/updated when a new Piwigo release comes up.
## Links
* Report a bug: https://github.com/YunoHost-Apps/piwigo_ynh/issues
* Piwigo website: http://piwigo.org/
* YunoHost website: https://yunohost.org/
Piwigo for YunoHost
---------------------
[Piwigo](http://piwigo.org) is a photo gallery software for the web, built by an active community of users and developers.
Extensions make Piwigo easily customizable. Icing on the cake, Piwigo is free and opensource.
**Shipped version:** 2.9.0
![](http://piwigo.org/screenshots/homepage/piwigo-batch-manager.png)
## Features
In addition to Piwigo core features, the following are made available with
this package:
* Integrate with YunoHost users and SSO:
* private mode: limit access to Yunohost users
* public mode:
* SSO for YunoHost users
* allow other users management, and guest mode
* Allow one YunoHost user to be the administrator (set at the installation)
## Limitations
No limitation known.
It has been tested on x86_64 and ARM.
## Links
* Report a bug: https://github.com/YunoHost-Apps/piwigo_ynh/issues
* Piwigo website: http://piwigo.org/
* YunoHost website: https://yunohost.org/

13
check_process
View file

@ -1,5 +1,4 @@
;; Test complet
auto_remove=1
; Manifest
domain="domain.tld" (DOMAIN)
path="/path" (PATH)
@ -15,14 +14,9 @@
setup_public=1
upgrade=1
backup_restore=1
multi_instance=1
wrong_user=1
wrong_path=1
incorrect_path=1
corrupt_source=0
fail_download_source=0
multi_instance=0
incorrect_path=0
port_already_use=0
final_path_already_use=0
;;; Levels
Level 1=auto
Level 2=auto
@ -36,3 +30,6 @@
Level 8=0
Level 9=0
Level 10=0
;;; Options
Email=
Notification=none

4
conf/app.src Normal file
View file

@ -0,0 +1,4 @@
SOURCE_URL=http://piwigo.org/download/dlcounter.php?code=2.9.0
SOURCE_SUM=5301b8bf83aaa6542430a701ed814e316f13878593e525be4d5730c9caf36f6f
SOURCE_FORMAT=zip

9
conf/hash_password.php Normal file
View file

@ -0,0 +1,9 @@
<?php
define('PHPWG_ROOT_PATH','./');
include(PHPWG_ROOT_PATH . 'include/config_default.inc.php');
@include(PHPWG_ROOT_PATH. 'local/config/config.inc.php');
include(PHPWG_ROOT_PATH . 'include/functions.inc.php');
print $conf['password_hash']($argv[1]);
?>

38
conf/nginx.conf
View file

@ -1,19 +1,19 @@
location YNH_WWW_PATH {
alias YNH_WWW_ALIAS;
client_max_body_size 10G;
index index.php;
default_type text/html;
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param REMOTE_USER $remote_user if_not_empty;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $request_filename;
}
# Include SSOWAT user panel.
include conf.d/yunohost_panel.conf.inc;
}
location __PATH__ {
alias __FINALPATH__/;
client_max_body_size 10G;
index index.php;
default_type text/html;
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
fastcgi_pass unix:/var/run/php5-fpm-__NAME__.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param REMOTE_USER $remote_user if_not_empty;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $request_filename;
}
# Include SSOWAT user panel.
include conf.d/yunohost_panel.conf.inc;
}

643
conf/php-fpm.conf
View file

@ -1,251 +1,392 @@
; Start a new pool named 'www'.
; the variable $pool can we used in any directive and will be replaced by the
; pool name ('www' here)
[YNH_WWW_APP]
; Per pool prefix
; It only applies on the following directives:
; - 'slowlog'
; - 'listen' (unixsocket)
; - 'chroot'
; - 'chdir'
; - 'php_values'
; - 'php_admin_values'
; When not set, the global prefix (or /usr) applies instead.
; Note: This directive can also be relative to the global prefix.
; Default Value: none
;prefix = /path/to/pools/$pool
; The address on which to accept FastCGI requests.
; Valid syntaxes are:
; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific address on
; a specific port;
; 'port' - to listen on a TCP socket to all addresses on a
; specific port;
; '/path/to/unix/socket' - to listen on a unix socket.
; Note: This value is mandatory.
listen = /var/run/php5-fpm-YNH_WWW_APP.sock
; Set listen(2) backlog. A value of '-1' means unlimited.
; Default Value: 128 (-1 on FreeBSD and OpenBSD)
;listen.backlog = -1
; List of ipv4 addresses of FastCGI clients which are allowed to connect.
; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
; must be separated by a comma. If this value is left blank, connections will be
; accepted from any ip address.
; Default Value: any
;listen.allowed_clients = 127.0.0.1
; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many
; BSD-derived systems allow connections regardless of permissions.
; Default Values: user and group are set as the running user
; mode is set to 0666
listen.owner = www-data
listen.group = www-data
listen.mode = 0600
; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
; will be used.
user = www-data
group = www-data
; Choose how the process manager will control the number of child processes.
; Possible Values:
; static - a fixed number (pm.max_children) of child processes;
; dynamic - the number of child processes are set dynamically based on the
; following directives:
; pm.max_children - the maximum number of children that can
; be alive at the same time.
; pm.start_servers - the number of children created on startup.
; pm.min_spare_servers - the minimum number of children in 'idle'
; state (waiting to process). If the number
; of 'idle' processes is less than this
; number then some children will be created.
; pm.max_spare_servers - the maximum number of children in 'idle'
; state (waiting to process). If the number
; of 'idle' processes is greater than this
; number then some children will be killed.
; Note: This value is mandatory.
pm = dynamic
; The number of child processes to be created when pm is set to 'static' and the
; maximum number of child processes to be created when pm is set to 'dynamic'.
; This value sets the limit on the number of simultaneous requests that will be
; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
; CGI.
; Note: Used when pm is set to either 'static' or 'dynamic'
; Note: This value is mandatory.
pm.max_children = 6
; The number of child processes created on startup.
; Note: Used only when pm is set to 'dynamic'
; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2
pm.start_servers = 3
; The desired minimum number of idle server processes.
; Note: Used only when pm is set to 'dynamic'
; Note: Mandatory when pm is set to 'dynamic'
pm.min_spare_servers = 3
; The desired maximum number of idle server processes.
; Note: Used only when pm is set to 'dynamic'
; Note: Mandatory when pm is set to 'dynamic'
pm.max_spare_servers = 5
; The number of requests each child process should execute before respawning.
; This can be useful to work around memory leaks in 3rd party libraries. For
; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
; Default Value: 0
pm.max_requests = 500
; The URI to view the FPM status page. If this value is not set, no URI will be
; recognized as a status page. By default, the status page shows the following
; information:
; accepted conn - the number of request accepted by the pool;
; pool - the name of the pool;
; process manager - static or dynamic;
; idle processes - the number of idle processes;
; active processes - the number of active processes;
; total processes - the number of idle + active processes.
; max children reached - number of times, the process limit has been reached,
; when pm tries to start more children (works only for
; pm 'dynamic')
; The values of 'idle processes', 'active processes' and 'total processes' are
; updated each second. The value of 'accepted conn' is updated in real time.
; Example output:
; accepted conn: 12073
; pool: www
; process manager: static
; idle processes: 35
; active processes: 65
; total processes: 100
; max children reached: 1
; By default the status page output is formatted as text/plain. Passing either
; 'html' or 'json' as a query string will return the corresponding output
; syntax. Example:
; http://www.foo.bar/status
; http://www.foo.bar/status?json
; http://www.foo.bar/status?html
; Note: The value must start with a leading slash (/). The value can be
; anything, but it may not be a good idea to use the .php extension or it
; may conflict with a real PHP file.
; Default Value: not set
pm.status_path = /fpm-status
; The ping URI to call the monitoring page of FPM. If this value is not set, no
; URI will be recognized as a ping page. This could be used to test from outside
; that FPM is alive and responding, or to
; - create a graph of FPM availability (rrd or such);
; - remove a server from a group if it is not responding (load balancing);
; - trigger alerts for the operating team (24/7).
; Note: The value must start with a leading slash (/). The value can be
; anything, but it may not be a good idea to use the .php extension or it
; may conflict with a real PHP file.
; Default Value: not set
ping.path = /ping
; This directive may be used to customize the response of a ping request. The
; response is formatted as text/plain with a 200 response code.
; Default Value: pong
;ping.response = pong
; The timeout for serving a single request after which the worker process will
; be killed. This option should be used when the 'max_execution_time' ini option
; does not stop script execution for some reason. A value of '0' means 'off'.
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
; Default Value: 0
request_terminate_timeout = 120s
; The timeout for serving a single request after which a PHP backtrace will be
; dumped to the 'slowlog' file. A value of '0s' means 'off'.
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
; Default Value: 0
request_slowlog_timeout = 5s
; The log file for slow requests
; Default Value: not set
; Note: slowlog is mandatory if request_slowlog_timeout is set
slowlog = /var/log/nginx/YNH_WWW_APP.slow.log
; Set open file descriptor rlimit.
; Default Value: system defined value
rlimit_files = 4096
; Set max core size rlimit.
; Possible Values: 'unlimited' or an integer greater or equal to 0
; Default Value: system defined value
rlimit_core = 0
; Chroot to this directory at the start. This value must be defined as an
; absolute path. When this value is not set, chroot is not used.
; Note: you can prefix with '$prefix' to chroot to the pool prefix or one
; of its subdirectories. If the pool prefix is not set, the global prefix
; will be used instead.
; Note: chrooting is a great security feature and should be used whenever
; possible. However, all PHP paths will be relative to the chroot
; (error_log, sessions.save_path, ...).
; Default Value: not set
;chroot =
; Chdir to this directory at the start.
; Note: relative path can be used.
; Default Value: current directory or / when chroot
chdir = YNH_WWW_ALIAS
; Redirect worker stdout and stderr into main error log. If not set, stdout and
; stderr will be redirected to /dev/null according to FastCGI specs.
; Note: on highloaded environement, this can cause some delay in the page
; process time (several ms).
; Default Value: no
catch_workers_output = yes
; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
; the current environment.
; Default Value: clean env
;env[HOSTNAME] = $HOSTNAME
;env[PATH] = /usr/local/bin:/usr/bin:/bin
;env[TMP] = /tmp
;env[TMPDIR] = /tmp
;env[TEMP] = /tmp
; Additional php.ini defines, specific to this pool of workers. These settings
; overwrite the values previously defined in the php.ini. The directives are the
; same as the PHP SAPI:
; php_value/php_flag - you can set classic ini defines which can
; be overwritten from PHP call 'ini_set'.
; php_admin_value/php_admin_flag - these directives won't be overwritten by
; PHP call 'ini_set'
; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no.
; Defining 'extension' will load the corresponding shared extension from
; extension_dir. Defining 'disable_functions' or 'disable_classes' will not
; overwrite previously defined php.ini values, but will append the new value
; instead.
; Note: path INI options can be relative and will be expanded with the prefix
; (pool, global or /usr)
; Default Value: nothing is defined by default except the values in php.ini and
; specified at startup with the -d argument
;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com
;php_flag[display_errors] = off
;php_admin_value[error_log] = /var/log/fpm-php.www.log
;php_admin_flag[log_errors] = on
;php_admin_value[memory_limit] = 32M
# Common values to change to increase file upload limit
;php_value[upload_max_filesize] = 50M
;php_value[post_max_size] = 50M
;php_value[mail.add_x_header] = Off
# Other common parameters
;php_value[max_execution_time] = 600
;php_value[max_input_time] = 300
;php_value[memory_limit] = 256M
;php_value[short_open_tag] = On
; Start a new pool named 'www'.
; the variable $pool can we used in any directive and will be replaced by the
; pool name ('www' here)
[__NAMETOCHANGE__]
; Per pool prefix
; It only applies on the following directives:
; - 'slowlog'
; - 'listen' (unixsocket)
; - 'chroot'
; - 'chdir'
; - 'php_values'
; - 'php_admin_values'
; When not set, the global prefix (or /usr) applies instead.
; Note: This directive can also be relative to the global prefix.
; Default Value: none
;prefix = /path/to/pools/$pool
; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
; will be used.
user = __USER__
group = __USER__
; The address on which to accept FastCGI requests.
; Valid syntaxes are:
; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific address on
; a specific port;
; 'port' - to listen on a TCP socket to all addresses on a
; specific port;
; '/path/to/unix/socket' - to listen on a unix socket.
; Note: This value is mandatory.
listen = /var/run/php5-fpm-__NAMETOCHANGE__.sock
; Set listen(2) backlog.
; Default Value: 128 (-1 on FreeBSD and OpenBSD)
;listen.backlog = 128
; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many
; BSD-derived systems allow connections regardless of permissions.
; Default Values: user and group are set as the running user
; mode is set to 0660
listen.owner = www-data
listen.group = www-data
;listen.mode = 0660
; List of ipv4 addresses of FastCGI clients which are allowed to connect.
; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
; must be separated by a comma. If this value is left blank, connections will be
; accepted from any ip address.
; Default Value: any
;listen.allowed_clients = 127.0.0.1
; Specify the nice(2) priority to apply to the pool processes (only if set)
; The value can vary from -19 (highest priority) to 20 (lower priority)
; Note: - It will only work if the FPM master process is launched as root
; - The pool processes will inherit the master process priority
; unless it specified otherwise
; Default Value: no set
; priority = -19
; Choose how the process manager will control the number of child processes.
; Possible Values:
; static - a fixed number (pm.max_children) of child processes;
; dynamic - the number of child processes are set dynamically based on the
; following directives. With this process management, there will be
; always at least 1 children.
; pm.max_children - the maximum number of children that can
; be alive at the same time.
; pm.start_servers - the number of children created on startup.
; pm.min_spare_servers - the minimum number of children in 'idle'
; state (waiting to process). If the number
; of 'idle' processes is less than this
; number then some children will be created.
; pm.max_spare_servers - the maximum number of children in 'idle'
; state (waiting to process). If the number
; of 'idle' processes is greater than this
; number then some children will be killed.
; ondemand - no children are created at startup. Children will be forked when
; new requests will connect. The following parameter are used:
; pm.max_children - the maximum number of children that
; can be alive at the same time.
; pm.process_idle_timeout - The number of seconds after which
; an idle process will be killed.
; Note: This value is mandatory.
pm = dynamic
; The number of child processes to be created when pm is set to 'static' and the
; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'.
; This value sets the limit on the number of simultaneous requests that will be
; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
; CGI. The below defaults are based on a server without much resources. Don't
; forget to tweak pm.* to fit your needs.
; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand'
; Note: This value is mandatory.
pm.max_children = 10
; The number of child processes created on startup.
; Note: Used only when pm is set to 'dynamic'
; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2
pm.start_servers = 2
; The desired minimum number of idle server processes.
; Note: Used only when pm is set to 'dynamic'
; Note: Mandatory when pm is set to 'dynamic'
pm.min_spare_servers = 1
; The desired maximum number of idle server processes.
; Note: Used only when pm is set to 'dynamic'
; Note: Mandatory when pm is set to 'dynamic'
pm.max_spare_servers = 3
; The number of seconds after which an idle process will be killed.
; Note: Used only when pm is set to 'ondemand'
; Default Value: 10s
;pm.process_idle_timeout = 10s;
; The number of requests each child process should execute before respawning.
; This can be useful to work around memory leaks in 3rd party libraries. For
; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
; Default Value: 0
pm.max_requests = 500
; The URI to view the FPM status page. If this value is not set, no URI will be
; recognized as a status page. It shows the following informations:
; pool - the name of the pool;
; process manager - static, dynamic or ondemand;
; start time - the date and time FPM has started;
; start since - number of seconds since FPM has started;
; accepted conn - the number of request accepted by the pool;
; listen queue - the number of request in the queue of pending
; connections (see backlog in listen(2));
; max listen queue - the maximum number of requests in the queue
; of pending connections since FPM has started;
; listen queue len - the size of the socket queue of pending connections;
; idle processes - the number of idle processes;
; active processes - the number of active processes;
; total processes - the number of idle + active processes;
; max active processes - the maximum number of active processes since FPM
; has started;
; max children reached - number of times, the process limit has been reached,
; when pm tries to start more children (works only for
; pm 'dynamic' and 'ondemand');
; Value are updated in real time.
; Example output:
; pool: www
; process manager: static
; start time: 01/Jul/2011:17:53:49 +0200
; start since: 62636
; accepted conn: 190460
; listen queue: 0
; max listen queue: 1
; listen queue len: 42
; idle processes: 4
; active processes: 11
; total processes: 15
; max active processes: 12
; max children reached: 0
;
; By default the status page output is formatted as text/plain. Passing either
; 'html', 'xml' or 'json' in the query string will return the corresponding
; output syntax. Example:
; http://www.foo.bar/status
; http://www.foo.bar/status?json
; http://www.foo.bar/status?html
; http://www.foo.bar/status?xml
;
; By default the status page only outputs short status. Passing 'full' in the
; query string will also return status for each pool process.
; Example:
; http://www.foo.bar/status?full
; http://www.foo.bar/status?json&full
; http://www.foo.bar/status?html&full
; http://www.foo.bar/status?xml&full
; The Full status returns for each process:
; pid - the PID of the process;
; state - the state of the process (Idle, Running, ...);
; start time - the date and time the process has started;
; start since - the number of seconds since the process has started;
; requests - the number of requests the process has served;
; request duration - the duration in µs of the requests;
; request method - the request method (GET, POST, ...);
; request URI - the request URI with the query string;
; content length - the content length of the request (only with POST);
; user - the user (PHP_AUTH_USER) (or '-' if not set);
; script - the main script called (or '-' if not set);
; last request cpu - the %cpu the last request consumed
; it's always 0 if the process is not in Idle state
; because CPU calculation is done when the request
; processing has terminated;
; last request memory - the max amount of memory the last request consumed
; it's always 0 if the process is not in Idle state
; because memory calculation is done when the request
; processing has terminated;
; If the process is in Idle state, then informations are related to the
; last request the process has served. Otherwise informations are related to
; the current request being served.
; Example output:
; ************************
; pid: 31330
; state: Running
; start time: 01/Jul/2011:17:53:49 +0200
; start since: 63087
; requests: 12808
; request duration: 1250261
; request method: GET
; request URI: /test_mem.php?N=10000
; content length: 0
; user: -
; script: /home/fat/web/docs/php/test_mem.php
; last request cpu: 0.00
; last request memory: 0
;
; Note: There is a real-time FPM status monitoring sample web page available
; It's available in: ${prefix}/share/fpm/status.html
;
; Note: The value must start with a leading slash (/). The value can be
; anything, but it may not be a good idea to use the .php extension or it
; may conflict with a real PHP file.
; Default Value: not set
;pm.status_path = /status
; The ping URI to call the monitoring page of FPM. If this value is not set, no
; URI will be recognized as a ping page. This could be used to test from outside
; that FPM is alive and responding, or to
; - create a graph of FPM availability (rrd or such);
; - remove a server from a group if it is not responding (load balancing);
; - trigger alerts for the operating team (24/7).
; Note: The value must start with a leading slash (/). The value can be
; anything, but it may not be a good idea to use the .php extension or it
; may conflict with a real PHP file.
; Default Value: not set
;ping.path = /ping
; This directive may be used to customize the response of a ping request. The
; response is formatted as text/plain with a 200 response code.
; Default Value: pong
;ping.response = pong
; The access log file
; Default: not set
;access.log = log/$pool.access.log
; The access log format.
; The following syntax is allowed
; %%: the '%' character
; %C: %CPU used by the request
; it can accept the following format:
; - %{user}C for user CPU only
; - %{system}C for system CPU only
; - %{total}C for user + system CPU (default)
; %d: time taken to serve the request
; it can accept the following format:
; - %{seconds}d (default)
; - %{miliseconds}d
; - %{mili}d
; - %{microseconds}d
; - %{micro}d
; %e: an environment variable (same as $_ENV or $_SERVER)
; it must be associated with embraces to specify the name of the env
; variable. Some exemples:
; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e
; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e
; %f: script filename
; %l: content-length of the request (for POST request only)
; %m: request method
; %M: peak of memory allocated by PHP
; it can accept the following format:
; - %{bytes}M (default)
; - %{kilobytes}M
; - %{kilo}M
; - %{megabytes}M
; - %{mega}M
; %n: pool name
; %o: ouput header
; it must be associated with embraces to specify the name of the header:
; - %{Content-Type}o
; - %{X-Powered-By}o
; - %{Transfert-Encoding}o
; - ....
; %p: PID of the child that serviced the request
; %P: PID of the parent of the child that serviced the request
; %q: the query string
; %Q: the '?' character if query string exists
; %r: the request URI (without the query string, see %q and %Q)
; %R: remote IP address
; %s: status (response code)
; %t: server time the request was received
; it can accept a strftime(3) format:
; %d/%b/%Y:%H:%M:%S %z (default)
; %T: time the log has been written (the request has finished)
; it can accept a strftime(3) format:
; %d/%b/%Y:%H:%M:%S %z (default)
; %u: remote user
;
; Default: "%R - %u %t \"%m %r\" %s"
;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"
; The log file for slow requests
; Default Value: not set
; Note: slowlog is mandatory if request_slowlog_timeout is set
slowlog = /var/log/nginx/{POOLNAME}.slow.log
; The timeout for serving a single request after which a PHP backtrace will be
; dumped to the 'slowlog' file. A value of '0s' means 'off'.
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
; Default Value: 0
request_slowlog_timeout = 5s
; The timeout for serving a single request after which the worker process will
; be killed. This option should be used when the 'max_execution_time' ini option
; does not stop script execution for some reason. A value of '0' means 'off'.
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
; Default Value: 0
request_terminate_timeout = 1d
; Set open file descriptor rlimit.
; Default Value: system defined value
;rlimit_files = 1024
; Set max core size rlimit.
; Possible Values: 'unlimited' or an integer greater or equal to 0
; Default Value: system defined value
;rlimit_core = 0
; Chroot to this directory at the start. This value must be defined as an
; absolute path. When this value is not set, chroot is not used.
; Note: you can prefix with '$prefix' to chroot to the pool prefix or one
; of its subdirectories. If the pool prefix is not set, the global prefix
; will be used instead.
; Note: chrooting is a great security feature and should be used whenever
; possible. However, all PHP paths will be relative to the chroot
; (error_log, sessions.save_path, ...).
; Default Value: not set
;chroot =
; Chdir to this directory at the start.
; Note: relative path can be used.
; Default Value: current directory or / when chroot
chdir = __FINALPATH__
; Redirect worker stdout and stderr into main error log. If not set, stdout and
; stderr will be redirected to /dev/null according to FastCGI specs.
; Note: on highloaded environement, this can cause some delay in the page
; process time (several ms).
; Default Value: no
catch_workers_output = yes
; Limits the extensions of the main script FPM will allow to parse. This can
; prevent configuration mistakes on the web server side. You should only limit
; FPM to .php extensions to prevent malicious users to use other extensions to
; exectute php code.
; Note: set an empty value to allow all extensions.
; Default Value: .php
;security.limit_extensions = .php .php3 .php4 .php5
; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
; the current environment.
; Default Value: clean env
;env[HOSTNAME] = $HOSTNAME
;env[PATH] = /usr/local/bin:/usr/bin:/bin
;env[TMP] = /tmp
;env[TMPDIR] = /tmp
;env[TEMP] = /tmp
; Additional php.ini defines, specific to this pool of workers. These settings
; overwrite the values previously defined in the php.ini. The directives are the
; same as the PHP SAPI:
; php_value/php_flag - you can set classic ini defines which can
; be overwritten from PHP call 'ini_set'.
; php_admin_value/php_admin_flag - these directives won't be overwritten by
; PHP call 'ini_set'
; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no.
; Defining 'extension' will load the corresponding shared extension from
; extension_dir. Defining 'disable_functions' or 'disable_classes' will not
; overwrite previously defined php.ini values, but will append the new value
; instead.
; Note: path INI options can be relative and will be expanded with the prefix
; (pool, global or /usr)
; Default Value: nothing is defined by default except the values in php.ini and
; specified at startup with the -d argument
;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com
;php_flag[display_errors] = off
;php_admin_value[error_log] = /var/log/fpm-php.www.log
;php_admin_flag[log_errors] = on
;php_admin_value[memory_limit] = 32M

3
manifest.json
View file

@ -6,12 +6,13 @@
"en": "photo gallery",
"fr": "Galerie photo"
},
"version": "2.9.0",
"url": "http://piwigo.org",
"license": "GPL-2.0",
"maintainer": {
"name": "JimboJoe",
"email": "jimmy@monin.net",
"url": "http://piwigo.org"
"url": ""
},
"requirements": {
"yunohost": ">> 2.4.0"

602
scripts/_common.sh
View file

@ -3,40 +3,574 @@
# Common variables
#
# Application version
VERSION="2.8.6"
# Remote URL to fetch application source archive
APPLICATION_SOURCE_URL="http://piwigo.org/download/dlcounter.php?code=${VERSION}"
#
# Common helpers
#
# Download and extract application sources to the given directory
# usage: extract_application_to DESTDIR
extract_application() {
local DESTDIR=$1
TMPDIR=$(mktemp -d)
chmod 755 $TMPDIR
archive="${TMPDIR}/application.zip"
wget -q -O "$archive" "$APPLICATION_SOURCE_URL" \
|| ynh_die "Unable to download application archive"
unzip -qq "$archive" -d "$TMPDIR" \
|| ynh_die "Unable to extract application archive"
rm "$archive"
sudo rsync -a "$TMPDIR"/*/* "$DESTDIR"
WARNING () { # Print on error output
$@ >&2
}
# Fix path if needed
# usage: fix_patch PATH_TO_FIX
fix_path() {
local path=$1
if [ "${path:0:1}" != "/" ] && [ ${#path} -gt 0 ]; then
path="/$path"
fi
if [ "${path:${#path}-1}" == "/" ] && [ ${#path} -gt 1 ]; then
path="${path:0:${#path}-1}"
fi
echo "$path"
QUIET () { # redirect standard output to /dev/null
$@ > /dev/null
}
HUMAN_SIZE () { # Transforms a Kb-based size to a human-readable size
human=$(numfmt --to=iec --from-unit=1K $1)
echo $human
}
CHECK_SIZE () { # Check if enough disk space available on backup storage
file_to_analyse=$1
backup_size=$(sudo du --summarize "$file_to_analyse" | cut -f1)
free_space=$(sudo df --output=avail "/home/yunohost.backup" | sed 1d)
if [ $free_space -le $backup_size ]
then
WARNING echo "Not enough backup disk space for: $file_to_analyse."
WARNING echo "Space available: $(HUMAN_SIZE $free_space)"
ynh_die "Space needed: $(HUMAN_SIZE $backup_size)"
fi
}
CHECK_DOMAINPATH () { # Check domain/path availability
sudo yunohost app checkurl $domain$path_url -a $app
}
CHECK_FINALPATH () { # Check if destination directory already exists
final_path="/var/www/$app"
test ! -e "$final_path" || ynh_die "This path already contains a folder"
}
#=================================================
# FUTURE YUNOHOST HELPERS - TO BE REMOVED LATER
#=================================================
# Normalize the url path syntax
# Handle the slash at the beginning of path and its absence at ending
# Return a normalized url path
#
# example: url_path=$(ynh_normalize_url_path $url_path)
# ynh_normalize_url_path example -> /example
# ynh_normalize_url_path /example -> /example
# ynh_normalize_url_path /example/ -> /example
# ynh_normalize_url_path / -> /
#
# usage: ynh_normalize_url_path path_to_normalize
# | arg: url_path_to_normalize - URL path to normalize before using it
ynh_normalize_url_path () {
path_url=$1
test -n "$path_url" || ynh_die "ynh_normalize_url_path expect a URL path as first argument and received nothing."
if [ "${path_url:0:1}" != "/" ]; then # If the first character is not a /
path_url="/$path_url" # Add / at begin of path variable
fi
if [ "${path_url:${#path_url}-1}" == "/" ] && [ ${#path_url} -gt 1 ]; then # If the last character is a / and that not the only character.
path_url="${path_url:0:${#path_url}-1}" # Delete the last character
fi
echo $path_url
}
# Manage a fail of the script
#
# Print a warning to inform that the script was failed
# Execute the ynh_clean_setup function if used in the app script
#
# usage of ynh_clean_setup function
# This function provide a way to clean some residual of installation that not managed by remove script.
# To use it, simply add in your script:
# ynh_clean_setup () {
# instructions...
# }
# This function is optionnal.
#
# Usage: ynh_exit_properly is used only by the helper ynh_abort_if_errors.
# You must not use it directly.
ynh_exit_properly () {
exit_code=$?
if [ "$exit_code" -eq 0 ]; then
exit 0 # Exit without error if the script ended correctly
fi
trap '' EXIT # Ignore new exit signals
set +eu # Do not exit anymore if a command fail or if a variable is empty
echo -e "!!\n $app's script has encountered an error. Its execution was cancelled.\n!!" >&2
if type -t ynh_clean_setup > /dev/null; then # Check if the function exist in the app script.
ynh_clean_setup # Call the function to do specific cleaning for the app.
fi
ynh_die # Exit with error status
}
# Exit if an error occurs during the execution of the script.
#
# Stop immediatly the execution if an error occured or if a empty variable is used.
# The execution of the script is derivate to ynh_exit_properly function before exit.
#
# Usage: ynh_abort_if_errors
ynh_abort_if_errors () {
set -eu # Exit if a command fail, and if a variable is used unset.
trap ynh_exit_properly EXIT # Capturing exit signals on shell script
}
# Check if a mysql user exists
#
# usage: ynh_mysql_user_exists user
# | arg: user - the user for which to check existence
function ynh_mysql_user_exists()
{
local user=$1
if [[ -z $(ynh_mysql_execute_as_root "SELECT User from mysql.user WHERE User = '$user';") ]]
then
return 1
else
return 0
fi
}
# Create a database, an user and its password. Then store the password in the app's config
#
# After executing this helper, the password of the created database will be available in $db_pwd
# It will also be stored as "mysqlpwd" into the app settings.
#
# usage: ynh_mysql_setup_db user name
# | arg: user - Owner of the database
# | arg: name - Name of the database
ynh_mysql_setup_db () {
local db_user="$1"
local db_name="$2"
db_pwd=$(ynh_string_random) # Generate a random password
ynh_mysql_create_db "$db_name" "$db_user" "$db_pwd" # Create the database
ynh_app_setting_set $app mysqlpwd $db_pwd # Store the password in the app's config
}
# Remove a database if it exists, and the associated user
#
# usage: ynh_mysql_remove_db user name
# | arg: user - Owner of the database
# | arg: name - Name of the database
ynh_mysql_remove_db () {
local db_user="$1"
local db_name="$2"
local mysql_root_password=$(sudo cat $MYSQL_ROOT_PWD_FILE)
if mysqlshow -u root -p$mysql_root_password | grep -q "^| $db_name"; then # Check if the database exists
echo "Removing database $db_name" >&2
ynh_mysql_drop_db $db_name # Remove the database
else
echo "Database $db_name not found" >&2
fi
# Remove mysql user if it exists
if $(ynh_mysql_user_exists $db_user); then
ynh_mysql_drop_user $db_user
fi
}
# Sanitize a string intended to be the name of a database
# (More specifically : replace - and . by _)
#
# Exemple: dbname=$(ynh_sanitize_dbid $app)
#
# usage: ynh_sanitize_dbid name
# | arg: name - name to correct/sanitize
# | ret: the corrected name
ynh_sanitize_dbid () {
dbid=${1//[-.]/_} # We should avoid having - and . in the name of databases. They are replaced by _
echo $dbid
}
# Substitute/replace a string by another in a file
#
# usage: ynh_replace_string match_string replace_string target_file
# | arg: match_string - String to be searched and replaced in the file
# | arg: replace_string - String that will replace matches
# | arg: target_file - File in which the string will be replaced.
ynh_replace_string () {
delimit=@
match_string=${1//${delimit}/"\\${delimit}"} # Escape the delimiter if it's in the string.
replace_string=${2//${delimit}/"\\${delimit}"}
workfile=$3
sudo sed --in-place "s${delimit}${match_string}${delimit}${replace_string}${delimit}g" "$workfile"
}
# Remove a file or a directory securely
#
# usage: ynh_secure_remove path_to_remove
# | arg: path_to_remove - File or directory to remove
ynh_secure_remove () {
path_to_remove=$1
forbidden_path=" \
/var/www \
/home/yunohost.app"
if [[ "$forbidden_path" =~ "$path_to_remove" \
# Match all paths or subpaths in $forbidden_path
|| "$path_to_remove" =~ ^/[[:alnum:]]+$ \
# Match all first level paths from / (Like /var, /root, etc...)
|| "${path_to_remove:${#path_to_remove}-1}" = "/" ]]
# Match if the path finishes by /. Because it seems there is an empty variable
then
echo "Avoid deleting $path_to_remove." >&2
else
if [ -e "$path_to_remove" ]
then
sudo rm -R "$path_to_remove"
else
echo "$path_to_remove wasn't deleted because it doesn't exist." >&2
fi
fi
}
# Create a system user
#
# usage: ynh_system_user_create user_name [home_dir]
# | arg: user_name - Name of the system user that will be create
# | arg: home_dir - Path of the home dir for the user. Usually the final path of the app. If this argument is omitted, the user will be created without home
ynh_system_user_create () {
if ! ynh_system_user_exists "$1" # Check if the user exists on the system
then # If the user doesn't exist
if [ $# -ge 2 ]; then # If a home dir is mentioned
user_home_dir="-d $2"
else
user_home_dir="--no-create-home"
fi
sudo useradd $user_home_dir --system --user-group $1 --shell /usr/sbin/nologin || ynh_die "Unable to create $1 system account"
fi
}
# Delete a system user
#
# usage: ynh_system_user_delete user_name
# | arg: user_name - Name of the system user that will be create
ynh_system_user_delete () {
if ynh_system_user_exists "$1" # Check if the user exists on the system
then
echo "Remove the user $1" >&2
sudo userdel $1
else
echo "The user $1 was not found" >&2
fi
}
# Restore a previous backup if the upgrade process failed
#
# usage:
# ynh_backup_before_upgrade
# ynh_clean_setup () {
# ynh_backup_after_failed_upgrade
# }
# ynh_abort_if_errors
#
ynh_backup_after_failed_upgrade () {
echo "Upgrade failed." >&2
app_bck=${app//_/-} # Replace all '_' by '-'
# Check if a existing backup can be found before remove and restore the application.
if sudo yunohost backup list | grep -q $app_bck-pre-upgrade$backup_number
then
# Remove the application then restore it
sudo yunohost app remove $app
# Restore the backup if the upgrade failed
sudo yunohost backup restore --ignore-hooks $app_bck-pre-upgrade$backup_number --apps $app --force
ynh_die "The app was restored to the way it was before the failed upgrade."
fi
}
# Make a backup in case of failed upgrade
#
# usage:
# ynh_backup_before_upgrade
# ynh_clean_setup () {
# ynh_backup_after_failed_upgrade
# }
# ynh_abort_if_errors
#
ynh_backup_before_upgrade () {
backup_number=1
old_backup_number=2
app_bck=${app//_/-} # Replace all '_' by '-'
# Check if a backup already exist with the prefix 1.
if sudo yunohost backup list | grep -q $app_bck-pre-upgrade1
then
# Prefix become 2 to preserve the previous backup
backup_number=2
old_backup_number=1
fi
# Create another backup
sudo yunohost backup create --ignore-hooks --apps $app --name $app_bck-pre-upgrade$backup_number
if [ "$?" -eq 0 ]
then
# If the backup succedded, remove the previous backup
if sudo yunohost backup list | grep -q $app_bck-pre-upgrade$old_backup_number
then
# Remove the previous backup only if it exists
sudo yunohost backup delete $app_bck-pre-upgrade$old_backup_number > /dev/null
fi
else
ynh_die "Backup failed, the upgrade process was aborted."
fi
}
# Create a dedicated nginx config
#
# usage: ynh_add_nginx_config
ynh_add_nginx_config () {
finalnginxconf="/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_backup_if_checksum_is_different "$finalnginxconf" 1
sudo cp ../conf/nginx.conf "$finalnginxconf"
# To avoid a break by set -u, use a void substitution ${var:-}. If the variable is not set, it's simply set with an empty variable.
# Substitute in a nginx config file only if the variable is not empty
if test -n "${path_url:-}"; then
ynh_replace_string "__PATH__" "$path_url" "$finalnginxconf"
fi
if test -n "${domain:-}"; then
ynh_replace_string "__DOMAIN__" "$domain" "$finalnginxconf"
fi
if test -n "${port:-}"; then
ynh_replace_string "__PORT__" "$port" "$finalnginxconf"
fi
if test -n "${app:-}"; then
ynh_replace_string "__NAME__" "$app" "$finalnginxconf"
fi
if test -n "${final_path:-}"; then
ynh_replace_string "__FINALPATH__" "$final_path" "$finalnginxconf"
fi
ynh_store_file_checksum "$finalnginxconf"
sudo systemctl reload nginx
}
# Remove the dedicated nginx config
#
# usage: ynh_remove_nginx_config
ynh_remove_nginx_config () {
ynh_secure_remove "/etc/nginx/conf.d/$domain.d/$app.conf"
sudo systemctl reload nginx
}
# Create a dedicated php-fpm config
#
# usage: ynh_add_fpm_config
ynh_add_fpm_config () {
finalphpconf="/etc/php5/fpm/pool.d/$app.conf"
ynh_backup_if_checksum_is_different "$finalphpconf" 1
sudo cp ../conf/php-fpm.conf "$finalphpconf"
ynh_replace_string "__NAMETOCHANGE__" "$app" "$finalphpconf"
ynh_replace_string "__FINALPATH__" "$final_path" "$finalphpconf"
ynh_replace_string "__USER__" "$app" "$finalphpconf"
sudo chown root: "$finalphpconf"
ynh_store_file_checksum "$finalphpconf"
if [ -e "../conf/php-fpm.ini" ]
then
finalphpini="/etc/php5/fpm/conf.d/20-$app.ini"
ynh_backup_if_checksum_is_different "$finalphpini" 1
sudo cp ../conf/php-fpm.ini "$finalphpini"
sudo chown root: "$finalphpini"
ynh_store_file_checksum "$finalphpini"
fi
sudo systemctl reload php5-fpm
}
# Remove the dedicated php-fpm config
#
# usage: ynh_remove_fpm_config
ynh_remove_fpm_config () {
ynh_secure_remove "/etc/php5/fpm/pool.d/$app.conf"
ynh_secure_remove "/etc/php5/fpm/conf.d/20-$app.ini" 2>&1
sudo systemctl reload php5-fpm
}
# Calculate and store a file checksum into the app settings
#
# $app should be defined when calling this helper
#
# usage: ynh_store_file_checksum file
# | arg: file - The file on which the checksum will performed, then stored.
ynh_store_file_checksum () {
local checksum_setting_name=checksum_${1//[\/ ]/_} # Replace all '/' and ' ' by '_'
ynh_app_setting_set $app $checksum_setting_name $(sudo md5sum "$1" | cut -d' ' -f1)
}
# Verify the checksum and backup the file if it's different
# This helper is primarily meant to allow to easily backup personalised/manually
# modified config files.
#
# $app should be defined when calling this helper
#
# usage: ynh_backup_if_checksum_is_different file [compress]
# | arg: file - The file on which the checksum test will be perfomed.
# | arg: compress - 1 to compress the backup instead of a simple copy
# A compression is needed for a file which will be analyzed even if its name is different.
#
# | ret: Return the name a the backup file, or nothing
ynh_backup_if_checksum_is_different () {
local file=$1
local compress_backup=${2:-0} # If $2 is empty, compress_backup will set at 0
local checksum_setting_name=checksum_${file//[\/ ]/_} # Replace all '/' and ' ' by '_'
local checksum_value=$(ynh_app_setting_get $app $checksum_setting_name)
if [ -n "$checksum_value" ]
then # Proceed only if a value was stored into the app settings
if ! echo "$checksum_value $file" | sudo md5sum -c --status
then # If the checksum is now different
backup_file="$file.backup.$(date '+%d.%m.%y_%Hh%M,%Ss')"
if [ $compress_backup -eq 1 ]
then
sudo tar --create --gzip --file "$backup_file.tar.gz" "$file" # Backup the current file and compress
backup_file="$backup_file.tar.gz"
else
sudo cp -a "$file" "$backup_file" # Backup the current file
fi
echo "File $file has been manually modified since the installation or last upgrade. So it has been duplicated in $backup_file" >&2
echo "$backup_file" # Return the name of the backup file
fi
fi
}
YNH_EXECUTION_DIR=$(pwd)
# Download, check integrity, uncompress and patch the source from app.src
#
# The file conf/app.src need to contains:
#
# SOURCE_URL=Address to download the app archive
# SOURCE_SUM=Control sum
# # (Optional) Programm to check the integrity (sha256sum, md5sum$YNH_EXECUTION_DIR/...)
# # default: sha256
# SOURCE_SUM_PRG=sha256
# # (Optional) Archive format
# # default: tar.gz
# SOURCE_FORMAT=tar.gz
# # (Optional) Put false if source are directly in the archive root
# # default: true
# SOURCE_IN_SUBDIR=false
# # (Optionnal) Name of the local archive (offline setup support)
# # default: ${src_id}.${src_format}
# SOURCE_FILENAME=example.tar.gz
#
# Details:
# This helper download sources from SOURCE_URL if there is no local source
# archive in /opt/yunohost-apps-src/APP_ID/SOURCE_FILENAME
#
# Next, it check the integrity with "SOURCE_SUM_PRG -c --status" command.
#
# If it's ok, the source archive will be uncompress in $dest_dir. If the
# SOURCE_IN_SUBDIR is true, the first level directory of the archive will be
# removed.
#
# Finally, patches named sources/patches/${src_id}-*.patch and extra files in
# sources/extra_files/$src_id will be applyed to dest_dir
#
#
# usage: ynh_setup_source dest_dir [source_id]
# | arg: dest_dir - Directory where to setup sources
# | arg: source_id - Name of the app, if the package contains more than one app
ynh_setup_source () {
local dest_dir=$1
local src_id=${2:-app} # If the argument is not given, source_id equal "app"
# Load value from configuration file (see above for a small doc about this file
# format)
local src_url=$(grep 'SOURCE_URL=' "$YNH_EXECUTION_DIR/../conf/${src_id}.src" | cut -d= -f2-)
local src_sum=$(grep 'SOURCE_SUM=' "$YNH_EXECUTION_DIR/../conf/${src_id}.src" | cut -d= -f2-)
local src_sumprg=$(grep 'SOURCE_SUM_PRG=' "$YNH_EXECUTION_DIR/../conf/${src_id}.src" | cut -d= -f2-)
local src_format=$(grep 'SOURCE_FORMAT=' "$YNH_EXECUTION_DIR/../conf/${src_id}.src" | cut -d= -f2-)
local src_in_subdir=$(grep 'SOURCE_IN_SUBDIR=' "$YNH_EXECUTION_DIR/../conf/${src_id}.src" | cut -d= -f2-)
local src_filename=$(grep 'SOURCE_FILENAME=' "$YNH_EXECUTION_DIR/../conf/${src_id}.src" | cut -d= -f2-)
# Default value
src_sumprg=${src_sumprg:-sha256sum}
src_in_subdir=${src_in_subdir:-true}
src_format=${src_format:-tar.gz}
src_format=$(echo "$src_format" | tr '[:upper:]' '[:lower:]')
if [ "$src_filename" = "" ] ; then
src_filename="${src_id}.${src_format}"
fi
local local_src="/opt/yunohost-apps-src/${YNH_APP_ID}/${src_filename}"
if test -e "$local_src"
then # Use the local source file if it is present
cp $local_src $src_filename
else # If not, download the source
wget -nv -O $src_filename $src_url
fi
# Check the control sum
echo "${src_sum} ${src_filename}" | ${src_sumprg} -c --status \
|| ynh_die "Corrupt source"
# Extract source into the app dir
mkdir -p "$dest_dir"
if [ "$src_format" = "zip" ]
then
# Zip format
# Using of a temp directory, because unzip doesn't manage --strip-components
if $src_in_subdir ; then
local tmp_dir=$(mktemp -d)
unzip -quo $src_filename -d "$tmp_dir"
cp -a $tmp_dir/*/. "$dest_dir"
ynh_secure_remove "$tmp_dir"
else
unzip -quo $src_filename -d "$dest_dir"
fi
else
local strip=""
if $src_in_subdir ; then
strip="--strip-components 1"
fi
if [[ "$src_format" =~ ^tar.gz|tar.bz2|tar.xz$ ]] ; then
tar -xf $src_filename -C "$dest_dir" $strip
else
ynh_die "Archive format unrecognized."
fi
fi
# Apply patches
if (( $(find $YNH_EXECUTION_DIR/../sources/patches/ -type f -name "${src_id}-*.patch" 2> /dev/null | wc -l) > "0" )); then
local old_dir=$(pwd)
(cd "$dest_dir" \
&& for p in $YNH_EXECUTION_DIR/../sources/patches/${src_id}-*.patch; do \
patch -p1 < $p; done) \
|| ynh_die "Unable to apply patches"
cd $old_dir
fi
# Add supplementary files
if test -e "$YNH_EXECUTION_DIR/../sources/extra_files/${src_id}"; then
cp -a $YNH_EXECUTION_DIR/../sources/extra_files/$src_id/. "$dest_dir"
fi
}
# Curl abstraction to help with POST requests to local pages (such as installation forms)
#
# $domain and $path_url should be defined externally (and correspond to the domain.tld and the /path (of the app?))
#
# example: ynh_local_curl "/install.php?installButton" "foo=$var1" "bar=$var2"
#
# usage: ynh_local_curl "page_uri" "key1=value1" "key2=value2" ...
# | arg: page_uri - Path (relative to $path_url) of the page where POST data will be sent
# | arg: key1=value1 - (Optionnal) POST key and corresponding value
# | arg: key2=value2 - (Optionnal) Another POST key and corresponding value
# | arg: ... - (Optionnal) More POST keys and values
ynh_local_curl () {
# Define url of page to curl
# if [ "$path_url" != "/" ]; then
full_page_url=https://localhost$path_url$1
# else
# full_page_url=https://localhost$1
# fi
# Concatenate all other arguments with '&' to prepare POST data
POST_data=""
for arg in "${@:2}"
do
POST_data="${POST_data}${arg}&"
done
if [ -n "$POST_data" ]
then
# Add --data arg and remove the last character, which is an unecessary '&'
POST_data="--data ${POST_data::-1}"
fi
# Curl the URL
curl --silent --show-error -kL -H "Host: $domain" -X POST --resolve $domain:443:127.0.0.1 $POST_data "$full_page_url"
}

72
scripts/backup
View file

@ -3,28 +3,66 @@
# Exit on command errors and treat unset variables as an error
set -eu
app=$YNH_APP_INSTANCE_NAME
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
# Source YunoHost helpers
if [ ! -e _common.sh ]; then
# Fetch helpers file if not in current directory
sudo cp ../settings/scripts/_common.sh ./_common.sh
sudo chmod a+rx _common.sh
fi
source _common.sh
source /usr/share/yunohost/helpers
# Backup sources & data
# Note: the last argument is where to save this path, see the restore script.
ynh_backup "/var/www/${app}" "sources"
#=================================================
# LOAD SETTINGS
#=================================================
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get $app domain)
final_path="/var/www/${app}"
db_name=$(ynh_app_setting_get $app db_name)
#=================================================
# STANDARD BACKUP STEPS
#=================================================
# BACKUP APP MAIN DIR
#=================================================
CHECK_SIZE "$final_path"
ynh_backup "$final_path" "sources"
# Copy the data directory
DATADIR="/home/yunohost.app/${app}"
ynh_backup "$DATADIR" "data"
backup_core_only=$(ynh_app_setting_get "$app" backup_core_only)
if [ -z $backup_core_only ] # If backup_core_only setting set, don't backup data directory
then
DATADIR="/home/yunohost.app/${app}"
CHECK_SIZE "$DATADIR"
ynh_backup "$DATADIR" "data" 1
else
echo "Data dir won't be saved, because backup_core_only is set." >&2
fi
# Dump the database
dbname=$app
dbuser=$app
dbpass=$(ynh_app_setting_get "$app" mysqlpwd)
mysqldump -u "$dbuser" -p"$dbpass" --no-create-db "$dbname" > ./dump.sql
#=================================================
# BACKUP NGINX CONFIGURATION
#=================================================
# Copy NGINX configuration
domain=$(ynh_app_setting_get "$app" domain)
ynh_backup "/etc/nginx/conf.d/${domain}.d/${app}.conf" "nginx.conf"
ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf" "nginx.conf"
# Copy PHP-FPM pool configuration
ynh_backup "/etc/php5/fpm/pool.d/${app}.conf" "php-fpm.conf"
#=================================================
# BACKUP PHP-FPM CONFIGURATION
#=================================================
ynh_backup "/etc/php5/fpm/pool.d/$app.conf" "php-fpm.conf"
#=================================================
# BACKUP MYSQL DB
#=================================================
ynh_mysql_dump_db "$db_name" > dump.sql
CHECK_SIZE "dump.sql"
ynh_backup "dump.sql" "db.sql"

183
scripts/install
View file

@ -1,18 +1,36 @@
#!/bin/bash
# Exit on command errors and treat unset variables as an error
set -eu
shopt -s extglob # sets extended pattern matching options in the bash shell
app=$YNH_APP_INSTANCE_NAME
#=================================================
# GENERIC STARTING
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
# Source local helpers
source ./_common.sh
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
ynh_abort_if_errors # Stop script if an error is detected
ynh_clean_setup () { # <============================================= TODO
log=$(sudo cat /var/log/nginx/$domain-error.log)
echo $log
}
#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================
# Retrieve app id
app=$YNH_APP_INSTANCE_NAME
# Retrieve arguments
domain=$YNH_APP_ARG_DOMAIN
path=$YNH_APP_ARG_PATH
path_url=$YNH_APP_ARG_PATH
admin=$YNH_APP_ARG_ADMIN
is_public=$YNH_APP_ARG_IS_PUBLIC
language=$YNH_APP_ARG_LANGUAGE
@ -23,99 +41,124 @@ else
applanguage="en_UK"
fi
# Source YunoHost helpers
source /usr/share/yunohost/helpers
#=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#=================================================
# Save app settings
ynh_app_setting_set "$app" admin "$admin"
ynh_app_setting_set "$app" is_public "$is_public"
ynh_app_setting_set "$app" language "$language"
path_url=$(ynh_normalize_url_path $path_url) # Check and normalize path
CHECK_DOMAINPATH # Check domain and path availability
CHECK_FINALPATH # Check if destination directory is not already in use
# Fix path if needed
path=$(fix_path $path)
#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
# Check domain/path availability
sudo yunohost app checkurl "${domain}${path}" -a "$app" \
|| ynh_die "Path not available: ${domain}${path}"
ynh_app_setting_set $app domain "$domain"
ynh_app_setting_set $app path_url "$path_url"
ynh_app_setting_set $app admin "$admin"
ynh_app_setting_set $app is_public "$is_public"
ynh_app_setting_set $app language "$language"
# Download and extract application
extract_application ..
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# Copy source files
src_path=/var/www/$app
sudo mkdir $src_path
sudo cp -a ../!(upload|galleries) $src_path
#=================================================
# CREATE A MYSQL DB
#=================================================
db_name=$(ynh_sanitize_dbid $app)
db_user="$db_name"
ynh_app_setting_set "$app" db_name "$db_name"
# Initialize database
ynh_mysql_setup_db "$db_user" "$db_name"
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_app_setting_set $app final_path "$final_path"
# Create tmp directory and fetch app inside
TMPDIR=$(mktemp -d)
ynh_setup_source "$TMPDIR"
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_system_user_create $app # Create a dedicated system user
#=================================================
# SPECIFIC SETUP
#=================================================
# Install files and set permissions
sudo mkdir $final_path
sudo cp -a $TMPDIR/!(upload|galleries) $final_path
datapath=/home/yunohost.app/$app
sudo mkdir -p $datapath
sudo mkdir -p $datapath/galleries
sudo mkdir -p $datapath/upload
sudo ln -sd $datapath/galleries $src_path/galleries
sudo cp -a ../galleries/* $src_path/galleries/
sudo ln -sd $datapath/upload $src_path/upload
sudo ln -sd $datapath/galleries $final_path/galleries
sudo cp -a $TMPDIR/galleries/* $final_path/galleries/
sudo ln -sd $datapath/upload $final_path/upload
sudo cp -R ../plugins/Ldap_Login $src_path/plugins/Ldap_Login
sudo cp -R ../plugins/Ldap_Login $final_path/plugins/Ldap_Login
sudo chown -R www-data:www-data $src_path
sudo chown -R www-data:www-data $datapath
sudo chmod 777 $src_path/_data
sudo chmod 777 $src_path/upload
sudo chmod 755 -R $src_path/galleries
sudo chown -R $app: $final_path
sudo chown -R $app: $datapath
sudo chmod 755 -R $final_path/galleries
# Generate MySQL password and create database
dbuser=$app
dbname=$app
dbpass=$(ynh_string_random 12)
ynh_app_setting_set "$app" mysqlpwd "$dbpass"
ynh_mysql_create_db "$dbname" "$dbuser" "$dbpass"
#=================================================
# NGINX CONFIGURATION
#=================================================
# Modify Nginx configuration file and copy it to Nginx conf directory
nginx_conf=../conf/nginx.conf
sed -i "s@YNH_WWW_PATH@$path@g" $nginx_conf
sed -i "s@YNH_WWW_ALIAS@$src_path/@g" $nginx_conf
sudo cp $nginx_conf /etc/nginx/conf.d/$domain.d/$app.conf
ynh_add_nginx_config
ynh_store_file_checksum "/etc/nginx/conf.d/$domain.d/$app.conf"
# Modify PHP-FPM pool configuration and copy it to the pool directory
sed -i "s@YNH_WWW_APP@$app@g" ../conf/php-fpm.conf
sed -i "s@YNH_WWW_ALIAS@$src_path/@g" ../conf/php-fpm.conf
finalphpconf=/etc/php5/fpm/pool.d/$app.conf
sudo cp ../conf/php-fpm.conf $finalphpconf
sudo chown root: $finalphpconf
sudo chmod 644 $finalphpconf
sudo service php5-fpm reload
# Copy and set php-fpm configuration
ynh_add_fpm_config
# Set permissions and reload nginx (needed at this stage for the PHP piwigo installation process)
sudo service nginx reload
sudo systemctl reload nginx
sleep 5s
sudo systemctl reload php5-fpm
ynh_app_setting_set "$app" unprotected_uris "/"
sudo yunohost app ssowatconf
# Generate random password for admin
adm_pwd=$(dd if=/dev/urandom bs=1 count=200 2> /dev/null | tr -c -d 'A-Za-z0-9' | sed -n 's/\(.\{24\}\).*/\1/p')
ynh_app_setting_set $app admin_pwd "$adm_pwd"
#configure piwigo via curl
sleep 2
curl --resolve $domain:443:127.0.0.1 -kL -X POST https://$domain$path/install.php?language=$applanguage --data "install=true&dbuser=$dbuser&dbpasswd=$dbpass&dbname=$dbname&admin_name=$admin&admin_pass1=$adm_pwd&admin_pass2=$adm_pwd&admin_mail=$admin@$domain" > /tmp/piwigo-install.log 2>&1
# Configure piwigo via curl
sleep 5s
ynh_local_curl "/install.php?language=$applanguage" "install=true" "dbuser=$db_user" "dbpasswd=$db_pwd" "dbname=$db_name" "admin_name=$admin" "admin_pass1=$adm_pwd" "admin_pass2=$adm_pwd" "admin_mail=$admin@$domain"
#Change local config
sudo cp ../conf/config.inc.php $src_path/local/config/
# Change local config
sudo cp ../conf/config.inc.php $final_path/local/config/
#change variable in local/config/database.inc.php
# Setup database in local/config/database.inc.php
ynh_replace_string "DBTOCHANGE" "$db_name" ../conf/database.inc.php
ynh_replace_string "USERTOCHANGE" "$db_user" ../conf/database.inc.php
ynh_replace_string "PASSTOCHANGE" "$db_pwd" ../conf/database.inc.php
sudo cp ../conf/database.inc.php $final_path/local/config/database.inc.php
sudo sed -i "s@DBTOCHANGE@$dbname@g" ../conf/database.inc.php
sudo sed -i "s@USERTOCHANGE@$dbuser@g" ../conf/database.inc.php
sudo sed -i "s@PASSTOCHANGE@$dbpass@g" ../conf/database.inc.php
# Activate ldap plugin
ynh_mysql_connect_as $db_name $db_pwd $db_user <<< "INSERT INTO plugins (id,state,version) VALUES ('Ldap_Login','active','1.1');"
sudo cp ../conf/database.inc.php $src_path/local/config/database.inc.php
#activate ldap plugin
mysql -u $dbuser -p$dbpass $dbname -e "INSERT INTO plugins (id,state,version) VALUES ('Ldap_Login','active','1.1');"
#protect URIs if private
# Protect URIs if private
if [ $is_public -eq 0 ];
then
ynh_app_setting_delete "$app" unprotected_uris
ynh_app_setting_set "$app" protected_uris "/"
fi
#=================================================
# RELOAD NGINX
#=================================================
sudo systemctl restart php5-fpm
sudo systemctl reload nginx

60
scripts/remove
View file

@ -2,33 +2,55 @@
# Treat unset variables as an error
set -u
#=================================================
# GENERIC STARTING
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
# See comments in install script
app=$YNH_APP_INSTANCE_NAME
# Source YunoHost helpers
source _common.sh
source /usr/share/yunohost/helpers
# Retrieve app settings
#=================================================
# LOAD SETTINGS
#=================================================
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get $app domain)
db_name=$(ynh_app_setting_get $app db_name)
domain=$(ynh_app_setting_get "$app" domain)
# Remove sources
sudo rm -rf /var/www/$app
#=================================================
# STANDARD REMOVE
#=================================================
# Remove nginx configuration file
sudo rm -f /etc/nginx/conf.d/$domain.d/$app.conf
sudo rm -rf /home/yunohost.app/$app
#=================================================
# REMOVE THE MYSQL DB
#=================================================
sudo rm -f /etc/php5/fpm/pool.d/$app.conf
sudo service php5-fpm reload
ynh_mysql_remove_db "$app" "$db_name"
# Drop MySQL database and user
dbname=$app
dbuser=$app
ynh_mysql_drop_db "$dbname" || true
ynh_mysql_drop_user "$dbuser" || true
#=================================================
# REMOVE APP MAIN DIR
#=================================================
# Reload nginx service
sudo service nginx reload
ynh_secure_remove "/var/www/$app"
ynh_secure_remove "/home/yunohost.app/$app"
#=================================================
# REMOVE NGINX AND PHP-FPM CONFIGURATION
#=================================================
ynh_remove_fpm_config
ynh_remove_nginx_config
# Reload services
sudo systemctl restart php5-fpm
sudo systemctl reload nginx
#=================================================
# REMOVE DEDICATED USER
#=================================================
ynh_system_user_delete $app

109
scripts/restore
View file

@ -1,58 +1,87 @@
#!/bin/bash
# Note: each files and directories you've saved using the ynh_backup helper
# will be located in the current directory, regarding the last argument.
# Exit on command errors and treat unset variables as an error
set -eu
app=$YNH_APP_INSTANCE_NAME
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
# Source YunoHost helpers
if [ ! -e _common.sh ]; then
# Fetch helpers file if not in current directory
sudo cp ../settings/scripts/_common.sh ./_common.sh
sudo chmod a+rx _common.sh
fi
source _common.sh
source /usr/share/yunohost/helpers
# Retrieve old app settings
domain=$(ynh_app_setting_get "$app" domain)
path=$(ynh_app_setting_get "$app" path)
#=================================================
# LOAD SETTINGS
#=================================================
# Check domain/path availability
sudo yunohost app checkurl "${domain}${path}" -a "$app" \
|| ynh_die "Path not available: ${domain}${path}"
app=$YNH_APP_INSTANCE_NAME
# Restore sources & data
src_path="/var/www/${app}"
sudo cp -a ./sources "$src_path"
domain=$(ynh_app_setting_get $app domain)
path_url=$(ynh_app_setting_get $app path)
is_public=$(ynh_app_setting_get $app is_public)
final_path=$(ynh_app_setting_get $app final_path)
db_name=$(ynh_app_setting_get $app db_name)
# Restore permissions to app files
# you may need to make some file and/or directory writeable by www-data (nginx user)
sudo chown -R root: "$src_path"
#=================================================
# CHECK IF THE APP CAN BE RESTORED
#=================================================
# Copy the data directory
DATADIR="/home/yunohost.app/${app}"
sudo mkdir -p "$DATADIR"
sudo cp -a ./data/. "$DATADIR"
CHECK_DOMAINPATH # Check domain and path availability
CHECK_FINALPATH # Check if destination directory is not already in use
# Fix permissions
sudo chown -R www-data:www-data $src_path
sudo chown -R www-data:www-data $DATADIR
sudo chmod 777 $src_path/_data
sudo chmod 777 $src_path/upload
sudo chmod 755 -R $src_path/galleries
#=================================================
# STANDARD RESTORE STEPS
#=================================================
# RESTORE NGINX CONFIGURATION
#=================================================
# Create and restore the database
dbname=$app
dbuser=$app
dbpass=$(ynh_app_setting_get "$app" mysqlpwd)
ynh_mysql_create_db "$dbname" "$dbuser" "$dbpass"
ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ./dump.sql
sudo cp -a ./nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf
#=================================================
# RESTORE APP MAIN DIR
#=================================================
# Restore NGINX configuration
sudo cp -a ./nginx.conf "/etc/nginx/conf.d/${domain}.d/${app}.conf"
sudo cp -a ./sources/. $final_path
# Restore data directory if backed-up
if [ -d ./data ] ; then
sudo cp -a ./data/. "/home/yunohost.app/${app}"
fi
#=================================================
# RESTORE MYSQL DB
#=================================================
# Copy PHP-FPM pool configuration and reload the service
sudo cp -a ./php-fpm.conf "/etc/php5/fpm/pool.d/${app}.conf"
sudo service php5-fpm reload
db_pwd=$(ynh_app_setting_get $app mysqlpwd)
ynh_mysql_create_db $db_name $db_name $db_pwd
ynh_mysql_connect_as $db_name $db_pwd $db_name < ./db.sql
# Restart webserver
sudo service nginx reload
#=================================================
# RECREATE OF THE DEDICATED USER
#=================================================
ynh_system_user_create $app # Recreate the dedicated user, if not existing
#=================================================
# RESTORE USER RIGHTS
#=================================================
sudo chown -R $app: $final_path
#=================================================
# RESTORE PHP-FPM CONFIGURATION
#=================================================
sudo cp -a ./php-fpm.conf /etc/php5/fpm/pool.d/$app.conf
#=================================================
# GENERIC FINALIZATION
#=================================================
# RELOAD NGINX AND PHP-FPM
#=================================================
sudo systemctl reload php5-fpm
sudo systemctl reload nginx

178
scripts/upgrade
View file

@ -1,71 +1,161 @@
#!/bin/bash
shopt -s extglob # sets extended pattern matching options in the bash shell
# Exit on command errors and treat unset variables as an error
set -eu
#=================================================
# GENERIC STARTING
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
shopt -s extglob # sets extended pattern matching options in the bash shell
app=$YNH_APP_INSTANCE_NAME
# Source local helpers
source ./_common.sh
# Source YunoHost helpers
source _common.sh
source /usr/share/yunohost/helpers
# Retrieve app settings
#=================================================
# LOAD SETTINGS
#=================================================
# Set app specific variables
app=$YNH_APP_INSTANCE_NAME
# Check destination directory
DESTDIR="/var/www/$app"
[[ ! -d $DESTDIR ]] && ynh_die \
"The destination directory '$DESTDIR' does not exist.\
The app is not correctly installed, you should remove it first."
# Retrieve arguments
domain=$(ynh_app_setting_get "$app" domain)
path=$(ynh_app_setting_get "$app" path)
path_url=$(ynh_app_setting_get "$app" path_url)
# Compatibility with previous version
if [ -z "$path_url" ] ; then
path_url=$(ynh_app_setting_get "$app" path)
ynh_app_setting_set $app path_url "$path_url"
fi
path_url=$(ynh_normalize_url_path $path_url)
final_path=$(ynh_app_setting_get "$app" final_path)
# Compatibility with previous version
if [ -z "$final_path" ] ; then
final_path="/var/www/$app"
ynh_app_setting_set $app final_path "$final_path"
fi
db_name=$(ynh_app_setting_get "$app" db_name)
# Compatibility with previous version
if [ -z "$db_name" ] ; then
db_name=$app
ynh_app_setting_set "$app" db_name "$db_name"
fi
db_user="$db_name"
db_pwd=$(ynh_app_setting_get "$app" mysqlpwd)
admin=$(ynh_app_setting_get "$app" admin)
is_public=$(ynh_app_setting_get "$app" is_public)
admin_pwd=$(ynh_app_setting_get "$app" admin_pwd)
# Compatibility with previous version; password not set
if [ -z "$admin_pwd" ] ; then
# Generate a new password
admin_pwd=$(dd if=/dev/urandom bs=1 count=200 2> /dev/null | tr -c -d 'A-Za-z0-9' | sed -n 's/\(.\{24\}\).*/\1/p')
# Compute password hash with the Piwigo function
sudo cp ../conf/hash_password.php $final_path
hashed_password=$(cd $final_path ; php hash_password.php $admin_pwd)
# Update password hash in database
ynh_mysql_connect_as $db_name $db_pwd $db_user <<< "UPDATE users SET password='$hashed_password' WHERE username='$admin';"
ynh_app_setting_set $app admin_pwd "$admin_pwd"
ynh_secure_remove "$final_path/hash_password.php"
fi
language=$(ynh_app_setting_get "$app" language)
if [ "$language" = "fr" ] ; then
applanguage="fr_FR"
else
applanguage="en_UK"
fi
# Fix path if needed
path=$(fix_path $path)
# Download and extract application
extract_application ..
# Copy source files
src_path=/var/www/$app
sudo mkdir -p $src_path
sudo cp -Raf ../!(upload|galleries) $src_path
sudo cp -Rap ../galleries/* $src_path/galleries/
is_public=$(ynh_app_setting_get "$app" is_public)
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
datapath=/home/yunohost.app/$app
# Use prior backup and restore on error only if backup feature
# exists on installed instance
if [ -f "/etc/yunohost/apps/$app/scripts/backup" ] ; then
ynh_backup_before_upgrade # Backup the current version of the app
ynh_clean_setup () {
ynh_backup_after_failed_upgrade
}
ynh_abort_if_errors # Stop script if an error is detected
fi
sudo chown -R www-data:www-data $src_path
sudo chown -R www-data:www-data $datapath
sudo chmod 777 $src_path/_data
sudo chmod 777 $src_path/upload
sudo chmod 755 -R $src_path/galleries
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
# Modify Nginx configuration file and copy it to Nginx conf directory
nginx_conf=../conf/nginx.conf
sed -i "s@YNH_WWW_PATH@${path}@g" $nginx_conf
sed -i "s@YNH_WWW_ALIAS@$src_path/@g" $nginx_conf
sudo cp $nginx_conf /etc/nginx/conf.d/$domain.d/$app.conf
# Create tmp directory and fetch app inside
TMPDIR=$(ynh_mkdir_tmp)
ynh_setup_source "$TMPDIR"
# Modify PHP-FPM pool configuration and copy it to the pool directory
sed -i "s@YNH_WWW_APP@$app@g" ../conf/php-fpm.conf
sed -i "s@YNH_WWW_ALIAS@$src_path/@g" ../conf/php-fpm.conf
finalphpconf=/etc/php5/fpm/pool.d/$app.conf
sudo cp ../conf/php-fpm.conf $finalphpconf
sudo chown root: $finalphpconf
sudo chmod 644 $finalphpconf
sudo service php5-fpm reload
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_system_user_create $app # Create dedicated user if not existing
#=================================================
# SPECIFIC SETUP
#=================================================
# Install files and set permissions
sudo cp -a $TMPDIR/!(upload|galleries) $final_path
sudo cp -a $TMPDIR/galleries/* $final_path/galleries/
sudo cp -R ../plugins/Ldap_Login/* $final_path/plugins/Ldap_Login
sudo chown -R $app: $final_path
sudo chown -R $app: /home/yunohost.app/$app
sudo chmod 755 -R $final_path/galleries
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_add_nginx_config
ynh_store_file_checksum "/etc/nginx/conf.d/$domain.d/$app.conf"
# Copy and set php-fpm configuration
ynh_add_fpm_config
# Set permissions and reload nginx (needed at this stage for the PHP piwigo installation process)
sudo service nginx reload
sudo systemctl reload nginx
sleep 5s
sudo systemctl reload php5-fpm
ynh_app_setting_set "$app" unprotected_uris "/"
sudo yunohost app ssowatconf
#activate ldap plugin
#mysql -u $dbuser -p$dbpass $dbname -e "INSERT INTO plugins (id,state,version) VALUES ('Ldap_Login','active','1.1');"
# Configure piwigo via curl
sleep 5s
ynh_local_curl "/upgrade.php?language=$applanguage&now=true" "language=$applanguage" "username=$admin" "password=$admin_pwd"
#protect URIs if private
# Change local config
sudo cp ../conf/config.inc.php $final_path/local/config/
# Setup database in local/config/database.inc.php
ynh_replace_string "DBTOCHANGE" "$db_name" ../conf/database.inc.php
ynh_replace_string "USERTOCHANGE" "$db_user" ../conf/database.inc.php
ynh_replace_string "PASSTOCHANGE" "$db_pwd" ../conf/database.inc.php
sudo cp ../conf/database.inc.php $final_path/local/config/database.inc.php
# Activate ldap plugin
ynh_mysql_connect_as $db_name $db_pwd $db_user <<< "UPDATE plugins SET state='active' WHERE id='Ldap_Login';"
# Protect URIs if private
if [ $is_public -eq 0 ];
then
ynh_app_setting_delete "$app" unprotected_uris
ynh_app_setting_set "$app" protected_uris "/"
fi
fi
#=================================================
# RELOAD NGINX
#=================================================
sudo systemctl restart php5-fpm
sudo systemctl reload nginx