#!/bin/bash shopt -s extglob # sets extended pattern matching options in the bash shell #================================================= # GENERIC STARTING #================================================= # IMPORT GENERIC HELPERS #================================================= source _common.sh source /usr/share/yunohost/helpers #================================================= # MANAGE SCRIPT FAILURE #================================================= ynh_abort_if_errors # Stop script if an error is detected #================================================= # RETRIEVE ARGUMENTS FROM THE MANIFEST #================================================= # Retrieve app id app=$YNH_APP_INSTANCE_NAME # Retrieve arguments domain=$YNH_APP_ARG_DOMAIN path_url=$YNH_APP_ARG_PATH admin=$YNH_APP_ARG_ADMIN is_public=$YNH_APP_ARG_IS_PUBLIC language=$YNH_APP_ARG_LANGUAGE if [ "$language" = "fr" ] ; then applanguage="fr_FR" else applanguage="en_UK" fi #================================================= # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS #================================================= path_url=$(ynh_normalize_url_path $path_url) # Check and normalize path CHECK_DOMAINPATH # Check domain and path availability CHECK_FINALPATH # Check if destination directory is not already in use #================================================= # STORE SETTINGS FROM MANIFEST #================================================= ynh_app_setting_set $app domain "$domain" ynh_app_setting_set $app path_url "$path_url" ynh_app_setting_set $app admin "$admin" ynh_app_setting_set $app is_public "$is_public" ynh_app_setting_set $app language "$language" #================================================= # STANDARD MODIFICATIONS #================================================= #================================================= # CREATE A MYSQL DB #================================================= db_name=$(ynh_sanitize_dbid $app) db_user="$db_name" ynh_app_setting_set "$app" db_name "$db_name" # Initialize database ynh_mysql_setup_db "$db_user" "$db_name" #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= ynh_app_setting_set $app final_path "$final_path" # Create tmp directory and fetch app inside TMPDIR=$(mktemp -d) ynh_setup_source "$TMPDIR" # Fetch needed plugins ynh_setup_source "$TMPDIR/plugins" log_failed_logins_plugin #================================================= # CREATE DEDICATED USER #================================================= ynh_system_user_create $app # Create a dedicated system user #================================================= # SPECIFIC SETUP #================================================= # Install files and set permissions sudo mkdir $final_path sudo cp -a $TMPDIR/!(upload|galleries) $final_path datapath=/home/yunohost.app/$app sudo mkdir -p $datapath sudo mkdir -p $datapath/galleries sudo mkdir -p $datapath/upload sudo ln -sd $datapath/galleries $final_path/galleries sudo cp -a $TMPDIR/galleries/* $final_path/galleries/ sudo ln -sd $datapath/upload $final_path/upload sudo chown -R $app: $final_path sudo chown -R $app: $datapath sudo chmod 755 -R $final_path/galleries #================================================= # NGINX CONFIGURATION #================================================= ynh_add_nginx_config ynh_store_file_checksum "/etc/nginx/conf.d/$domain.d/$app.conf" # Copy and set php-fpm configuration ynh_add_fpm_config # Set permissions and reload nginx (needed at this stage for the PHP piwigo installation process) sudo systemctl reload nginx sleep 5s sudo systemctl reload php5-fpm ynh_app_setting_set "$app" unprotected_uris "/" sudo yunohost app ssowatconf # Generate random password for admin adm_pwd=$(dd if=/dev/urandom bs=1 count=200 2> /dev/null | tr -c -d 'A-Za-z0-9' | sed -n 's/\(.\{24\}\).*/\1/p') ynh_app_setting_set $app admin_pwd "$adm_pwd" # Configure piwigo via curl sleep 5s mail="$(ynh_user_get_info $admin mail)" ynh_local_curl "/install.php?language=$applanguage" "install=true" "dbuser=$db_user" "dbpasswd=$db_pwd" "dbname=$db_name" "admin_name=$admin" "admin_pass1=$adm_pwd" "admin_pass2=$adm_pwd" "admin_mail=$mail" # Change local config sudo cp ../conf/config.inc.php $final_path/local/config/ # Setup database in local/config/database.inc.php ynh_replace_string "DBTOCHANGE" "$db_name" ../conf/database.inc.php ynh_replace_string "USERTOCHANGE" "$db_user" ../conf/database.inc.php ynh_replace_string "PASSTOCHANGE" "$db_pwd" ../conf/database.inc.php sudo cp ../conf/database.inc.php $final_path/local/config/database.inc.php # Activate LDAP plugin ynh_mysql_connect_as $db_name $db_pwd $db_user <<< "INSERT INTO plugins (id,state,version) VALUES ('Ldap_Login','active','1.1');" # Configure and activate log_failed_logins plugin ynh_mysql_connect_as $db_name $db_pwd $db_user <<< "INSERT INTO plugins (id,state,version) VALUES ('log_failed_logins','active','1.2');" ynh_mysql_connect_as $db_name $db_pwd $db_user <<< "INSERT INTO config (param, value) VALUES ('logFailedLoginsFilename','/var/log/${app}FailedLogins.log');" sudo touch "/var/log/${app}FailedLogins.log" sudo chown $app: "/var/log/${app}FailedLogins.log" # Set-up fail2ban ynh_add_fail2ban_config "/var/log/${app}FailedLogins.log" "ip=" 6 # Protect URIs if private if [ $is_public -eq 0 ]; then ynh_app_setting_delete "$app" unprotected_uris ynh_app_setting_set "$app" protected_uris "/" fi #================================================= # RELOAD NGINX #================================================= sudo systemctl restart php5-fpm sudo systemctl reload nginx