mirror of
https://github.com/YunoHost-Apps/piwigo_ynh.git
synced 2024-09-03 20:06:03 +02:00
115 lines
4.8 KiB
Bash
115 lines
4.8 KiB
Bash
#!/bin/bash
|
|
|
|
source _common.sh
|
|
source /usr/share/yunohost/helpers
|
|
|
|
#=================================================
|
|
# INITIALIZE AND STORE SETTINGS
|
|
#=================================================
|
|
|
|
mail="$(ynh_user_get_info --username=$admin --key=mail)"
|
|
|
|
# Gotta save the stupid password because we need it during upgrade because there's no way to trigger the upgrade.php script from command line ...
|
|
ynh_app_setting_set --app=$app --key=password --value="$password"
|
|
|
|
#=================================================
|
|
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
|
#=================================================
|
|
ynh_script_progression --message="Setting up source files..." --weight=5
|
|
|
|
ynh_setup_source --dest_dir="$install_dir"
|
|
ynh_setup_source --dest_dir="$install_dir/plugins/Ldap_Login" --source_id=ldap_plugin
|
|
ynh_setup_source --dest_dir="$install_dir/plugins" --source_id=log_failed_logins_plugin
|
|
|
|
_create_data_dirs_if_required
|
|
|
|
chmod -R o-rwx "$install_dir"
|
|
chown -R "$app:www-data" "$install_dir"
|
|
|
|
chmod -R o-rwx "$data_dir"
|
|
chown -R "$app:www-data" "$data_dir"
|
|
|
|
#=================================================
|
|
# SYSTEM CONFIGURATIONS
|
|
#=================================================
|
|
ynh_script_progression --message="Adding system configurations related to $app..." --weight=1
|
|
|
|
ynh_add_fpm_config
|
|
|
|
ynh_add_nginx_config
|
|
|
|
#=================================================
|
|
# SETUP APPLICATION WITH CURL
|
|
#=================================================
|
|
ynh_script_progression --message="Setuping application with CURL..." --weight=5
|
|
|
|
# Installation with cURL
|
|
ynh_local_curl "/install.php?language=$language" \
|
|
"install=true" "dbhost=127.0.0.1" "dbuser=$db_user" "dbpasswd=$db_pwd" "dbname=$db_name" \
|
|
"prefix=" "admin_name=$admin" "admin_pass1=$password" "admin_pass2=$password" "admin_mail=$mail"
|
|
|
|
#=================================================
|
|
# CONFIGURE PIWIGO
|
|
#=================================================
|
|
ynh_script_progression --message="Configuring $app..." --weight=2
|
|
|
|
# Change local config
|
|
ynh_add_config --template="config.inc.php" --destination="$install_dir/local/config/config.inc.php"
|
|
|
|
# Setup database in local/config/database.inc.php
|
|
ynh_add_config --template="database.inc.php" --destination="$install_dir/local/config/database.inc.php"
|
|
|
|
chmod -R o-rwx "$install_dir"
|
|
chown -R "$app:www-data" "$install_dir"
|
|
|
|
#=================================================
|
|
# ADD LDAP PLUGIN
|
|
#=================================================
|
|
ynh_script_progression --message="Configuring LDAP plugin..." --weight=2
|
|
|
|
# Activate the LDAP plugin using the WS API
|
|
|
|
# Login with admin account
|
|
ynh_local_curl "/ws.php?format=json" "method=pwg.session.login" "username=$admin" "password=$password"
|
|
|
|
# Get session token
|
|
status=$(ynh_local_curl "/ws.php?format=json" "method=pwg.session.getStatus")
|
|
pwg_token=$(jq --raw-output .result.pwg_token <<< "$status")
|
|
|
|
# Install the Ldap_Login plugin
|
|
ynh_local_curl "/ws.php?format=json" "method=pwg.plugins.performAction" "action=install" "plugin=Ldap_Login" "pwg_token=$pwg_token"
|
|
|
|
# Activate the Ldap_Login plugin
|
|
ynh_local_curl "/ws.php?format=json" "method=pwg.plugins.performAction" "action=activate" "plugin=Ldap_Login" "pwg_token=$pwg_token"
|
|
|
|
# Log out
|
|
ynh_local_curl "/ws.php?format=json" "method=pwg.session.logout"
|
|
|
|
# Edit Ldap_Login plugin configuration
|
|
ynh_mysql_connect_as --user="$db_name" --password="$db_pwd" --database="$db_name" <<< "UPDATE piwigo_ldap_login_config SET value='ou=users,dc=yunohost,dc=org' WHERE param = 'ld_basedn';
|
|
UPDATE piwigo_ldap_login_config SET value='uid' WHERE param = 'ld_user_attr';
|
|
UPDATE piwigo_ldap_login_config SET value='' WHERE param = 'ld_binddn';
|
|
UPDATE piwigo_ldap_login_config SET value='0' WHERE param = 'allow_new_users';
|
|
UPDATE piwigo_ldap_login_config SET value='0' WHERE param = 'ld_group_user_active';"
|
|
|
|
#=================================================
|
|
# GENERIC FINALIZATION
|
|
#=================================================
|
|
# SETUP FAIL2BAN
|
|
#=================================================
|
|
ynh_script_progression --message="Configuring Fail2Ban..." --weight=6
|
|
|
|
# Configure and activate log_failed_logins plugin
|
|
ynh_mysql_connect_as --user="$db_name" --password="$db_pwd" --database="$db_name" <<< "INSERT INTO plugins (id,state,version) VALUES ('log_failed_logins','active','1.2');"
|
|
ynh_mysql_connect_as --user="$db_name" --password="$db_pwd" --database="$db_name" <<< "INSERT INTO config (param, value) VALUES ('logFailedLoginsFilename','/var/log/${app}FailedLogins.log');"
|
|
|
|
touch "/var/log/${app}FailedLogins.log"
|
|
chown "$app:" "/var/log/${app}FailedLogins.log"
|
|
|
|
ynh_add_fail2ban_config --logpath="/var/log/${app}FailedLogins.log" --failregex="ip=<HOST>" --max_retry=6
|
|
|
|
#=================================================
|
|
# END OF SCRIPT
|
|
#=================================================
|
|
|
|
ynh_script_progression --message="Installation of $app completed" --last
|