#!/bin/bash shopt -s extglob # sets extended pattern matching options in the bash shell #================================================= # GENERIC STARTING #================================================= # IMPORT GENERIC HELPERS #================================================= source _common.sh source /usr/share/yunohost/helpers #================================================= # MANAGE SCRIPT FAILURE #================================================= ynh_abort_if_errors # Stop script if an error is detected #================================================= # RETRIEVE ARGUMENTS FROM THE MANIFEST #================================================= # Retrieve app id app=$YNH_APP_INSTANCE_NAME # Retrieve arguments domain=$YNH_APP_ARG_DOMAIN path_url=$YNH_APP_ARG_PATH admin=$YNH_APP_ARG_ADMIN is_public=$YNH_APP_ARG_IS_PUBLIC language=$YNH_APP_ARG_LANGUAGE if [ "$language" = "fr" ] ; then applanguage="fr_FR" else applanguage="en_UK" fi #================================================= # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS #================================================= path_url=$(ynh_normalize_url_path $path_url) # Check and normalize path final_path=/var/www/$app test ! -e "$final_path" || ynh_die "This path already contains a folder" # Check web path availability ynh_webpath_available $domain $path_url # Register (book) web path ynh_webpath_register $app $domain $path_url #================================================= # STORE SETTINGS FROM MANIFEST #================================================= ynh_app_setting_set $app domain "$domain" ynh_app_setting_set $app path_url "$path_url" ynh_app_setting_set $app admin "$admin" ynh_app_setting_set $app is_public "$is_public" ynh_app_setting_set $app language "$language" #================================================= # STANDARD MODIFICATIONS #================================================= #================================================= # CREATE A MYSQL DB #================================================= db_name=$(ynh_sanitize_dbid $app) db_user="$db_name" ynh_app_setting_set "$app" db_name "$db_name" # Initialize database ynh_mysql_setup_db "$db_user" "$db_name" #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= ynh_app_setting_set $app final_path "$final_path" # Create tmp directory and fetch app inside TMPDIR=$(mktemp -d) ynh_setup_source "$TMPDIR" # Fetch needed plugins mkdir -p $TMPDIR/plugins/Ldap_Login ynh_setup_source "$TMPDIR/plugins/Ldap_Login" ldap_plugin ynh_setup_source "$TMPDIR/plugins" log_failed_logins_plugin #================================================= # CREATE DEDICATED USER #================================================= ynh_system_user_create $app # Create a dedicated system user #================================================= # SPECIFIC SETUP #================================================= # Install files and set permissions mkdir $final_path cp -a $TMPDIR/!(upload|galleries) $final_path datapath=/home/yunohost.app/$app mkdir -p $datapath mkdir -p $datapath/galleries mkdir -p $datapath/upload ln -sd $datapath/galleries $final_path/galleries cp -a $TMPDIR/galleries/* $final_path/galleries/ ln -sd $datapath/upload $final_path/upload chown -R $app: $final_path chown -R $app: $datapath chmod 755 -R $final_path/galleries #================================================= # NGINX AND PHP-FPM CONFIGURATION #================================================= ynh_add_nginx_config ynh_store_file_checksum "/etc/nginx/conf.d/$domain.d/$app.conf" # Copy and set php-fpm configuration ynh_add_fpm_config #================================================= # CONFIGURE PIWIGO #================================================= # Set permissions and reload nginx (needed at this stage for the PHP piwigo installation process) systemctl reload nginx sleep 5s systemctl reload php5-fpm ynh_app_setting_set "$app" unprotected_uris "/" yunohost app ssowatconf # Generate random password for admin adm_pwd=$(ynh_string_random 24) ynh_app_setting_set $app admin_pwd "$adm_pwd" # Configure piwigo via curl sleep 5s mail="$(ynh_user_get_info $admin mail)" ynh_local_curl "/install.php?language=$applanguage" "install=true" "dbuser=$db_user" "dbpasswd=$db_pwd" "dbname=$db_name" "admin_name=$admin" "admin_pass1=$adm_pwd" "admin_pass2=$adm_pwd" "admin_mail=$mail" # Change local config cp ../conf/config.inc.php $final_path/local/config/ # Calculate and store the config file checksum ynh_store_file_checksum "$final_path/local/config/config.inc.php" # Setup database in local/config/database.inc.php ynh_replace_string "DBTOCHANGE" "$db_name" ../conf/database.inc.php ynh_replace_string "USERTOCHANGE" "$db_user" ../conf/database.inc.php ynh_replace_string "PASSTOCHANGE" "$db_pwd" ../conf/database.inc.php cp ../conf/database.inc.php $final_path/local/config/database.inc.php # Calculate and store the database config file checksum ynh_store_file_checksum "$final_path/local/config/database.inc.php" #================================================= # ADD LDAP & FAIL2BAN PLUGINS #================================================= # Activate LDAP plugin ynh_mysql_connect_as $db_name $db_pwd $db_user <<< "INSERT INTO plugins (id,state,version) VALUES ('Ldap_Login','active','1.1');" # Configure and activate log_failed_logins plugin ynh_mysql_connect_as $db_name $db_pwd $db_user <<< "INSERT INTO plugins (id,state,version) VALUES ('log_failed_logins','active','1.2');" ynh_mysql_connect_as $db_name $db_pwd $db_user <<< "INSERT INTO config (param, value) VALUES ('logFailedLoginsFilename','/var/log/${app}FailedLogins.log');" touch "/var/log/${app}FailedLogins.log" chown $app: "/var/log/${app}FailedLogins.log" # Set-up fail2ban ynh_add_fail2ban_config "/var/log/${app}FailedLogins.log" "ip=" 6 # Protect URIs if private if [ $is_public -eq 0 ]; then ynh_app_setting_delete "$app" unprotected_uris ynh_app_setting_set "$app" protected_uris "/" fi #================================================= # RELOAD NGINX #================================================= systemctl reload nginx