YunoHost-Apps/piwigo_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/piwigo_ynh.git synced 2024-09-03 20:06:03 +02:00
Code Issues Activity Actions 1
piwigo_ynh/scripts/install
yalh76 90bf55f3ba Upgrade to 11.5 and fix install
2021-06-16 00:09:21 +02:00

259 lines
9.4 KiB
Bash
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================
domain=$YNH_APP_ARG_DOMAIN
path_url=$YNH_APP_ARG_PATH
admin=$YNH_APP_ARG_ADMIN
is_public=$YNH_APP_ARG_IS_PUBLIC
language=$YNH_APP_ARG_LANGUAGE
app=$YNH_APP_INSTANCE_NAME
#=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#=================================================
ynh_script_progression --message="Validating installation parameters..."
final_path=/var/www/$app
test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
# Register (book) web path
ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
ynh_script_progression --message="Storing installation settings..."
ynh_app_setting_set --app=$app --key=domain --value=$domain
ynh_app_setting_set --app=$app --key=path --value=$path_url
ynh_app_setting_set --app=$app --key=admin --value=$admin
ynh_app_setting_set --app=$app --key=language --value=$language
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# INSTALL DEPENDENCIES
#=================================================
ynh_script_progression --message="Installing dependencies..." --weight=40
ynh_install_app_dependencies $pkg_dependencies
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Configuring system user..." --weight=3
# Create a system user
ynh_system_user_create --username=$app --home_dir=$final_path
#=================================================
# CREATE A MYSQL DATABASE
#=================================================
ynh_script_progression --message="Creating a MySQL database..."
db_name=$(ynh_sanitize_dbid --db_name=$app)
db_user=$db_name
ynh_app_setting_set --app=$app --key=db_name --value=$db_name
ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression --message="Setting up source files..." --weight=5
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
# Create tmp directory and fetch app inside
tmpdir="$(ynh_smart_mktemp --min_size=300)"
ynh_setup_source --dest_dir="$tmpdir"
# Fetch needed plugins
mkdir -p $tmpdir/plugins/Ldap_Login
ynh_setup_source --dest_dir="$tmpdir/plugins/Ldap_Login" --source_id=ldap_plugin
ynh_setup_source --dest_dir="$tmpdir/plugins" --source_id=log_failed_logins_plugin
# sets extended pattern matching options in the bash shell
shopt -s extglob
# Install files and set permissions
mkdir $final_path
cp -a $tmpdir/!(upload|_data|galleries) $final_path
datapath=/home/yunohost.app/$app
mkdir -p $datapath/_data
mkdir -p $datapath/upload
mkdir -p $datapath/galleries
ln -sd $datapath/_data $final_path/_data
ln -sd $datapath/upload $final_path/upload
ln -sd $datapath/galleries $final_path/galleries
cp -Rp $tmpdir/_data/. $final_path/_data
cp -Rp $tmpdir/upload/. $final_path/upload
cp -Rp $tmpdir/galleries/. $final_path/galleries
chmod 750 "$datapath"
chmod -R o-rwx "$datapath"
chown -R $app:www-data "$datapath"
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path"
ynh_app_setting_set --app=$app --key=datapath --value=$datapath
ynh_secure_remove --file="$tmpdir"
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring NGINX web server..."
# Create a dedicated NGINX config
ynh_add_nginx_config
#=================================================
# PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring PHP-FPM..." --weight=2
# Create a dedicated PHP-FPM config
ynh_add_fpm_config
phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
#=================================================
# SPECIFIC SETUP
#=================================================
# SETUP APPLICATION WITH CURL
#=================================================
ynh_script_progression --message="Setuping application with CURL..." --weight=5
# Set the app as temporarily public for curl call
ynh_script_progression --message="Configuring SSOwat..."
# Making the app public for curl
ynh_permission_update --permission="main" --add="visitors"
# Reload NGINX
ynh_systemd_action --service_name=nginx --action=reload
# Generate random password for admin
adm_pwd=$(ynh_string_random --length=24)
ynh_app_setting_set --app=$app --key=admin_pwd --value="$adm_pwd"
if [ "$language" = "fr" ]; then
applanguage="fr_FR"
else
applanguage="en_UK"
fi
# Configure Piwigo via cURL
mail="$(ynh_user_get_info --username=$admin --key=mail)"
# Installation with cURL
ynh_local_curl "/install.php?language=$applanguage" "install=true" "dbhost=127.0.0.1" "dbuser=$db_user" "dbpasswd=$db_pwd" "dbname=$db_name" "prefix=" "admin_name=$admin" "admin_pass1=$adm_pwd" "admin_pass2=$adm_pwd" "admin_mail=$mail"
#=================================================
# CONFIGURE PIWIGO
#=================================================
ynh_script_progression --message="Configuring Piwigo..."
# Change local config
ynh_add_config --template="../conf/config.inc.php" --destination="$final_path/local/config/config.inc.php"
# Setup database in local/config/database.inc.php
ynh_add_config --template="../conf/database.inc.php" --destination="$final_path/local/config/database.inc.php"
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path"
#=================================================
# ADD LDAP PLUGIN
#=================================================
ynh_script_progression --message="Configuring LDAP plugin..."
# Activate the LDAP plugin using the WS API
# Login with admin account
ynh_local_curl "/ws.php?format=json" "method=pwg.session.login" "username=$admin" "password=$adm_pwd"
# Get session token
status=$(ynh_local_curl "/ws.php?format=json" "method=pwg.session.getStatus")
pwg_token=$(jq --raw-output .result.pwg_token <<< $status)
# Install the Ldap_Login plugin
ynh_local_curl "/ws.php?format=json" "method=pwg.plugins.performAction" "action=install" "plugin=Ldap_Login" "pwg_token=$pwg_token"
# Activate the Ldap_Login plugin
ynh_local_curl "/ws.php?format=json" "method=pwg.plugins.performAction" "action=activate" "plugin=Ldap_Login" "pwg_token=$pwg_token"
# Log out
ynh_local_curl "/ws.php?format=json" "method=pwg.session.logout"
# Edit Ldap_Login plugin configuration
ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name <<< "UPDATE piwigo_ldap_login_config SET value='ou=users,dc=yunohost,dc=org' WHERE param = 'ld_basedn';
UPDATE piwigo_ldap_login_config SET value='uid' WHERE param = 'ld_user_attr';
UPDATE piwigo_ldap_login_config SET value='' WHERE param = 'ld_binddn';
UPDATE piwigo_ldap_login_config SET value='0' WHERE param = 'allow_new_users';
UPDATE piwigo_ldap_login_config SET value='0' WHERE param = 'ld_group_user_active';"
# Remove the public access
ynh_permission_update --permission="main" --remove="visitors"
#=================================================
# GENERIC FINALIZATION
#=================================================
# SETUP FAIL2BAN
#=================================================
ynh_script_progression --message="Configuring Fail2Ban..." --weight=6
# Configure and activate log_failed_logins plugin
ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name <<< "INSERT INTO plugins (id,state,version) VALUES ('log_failed_logins','active','1.2');"
ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name <<< "INSERT INTO config (param, value) VALUES ('logFailedLoginsFilename','/var/log/${app}FailedLogins.log');"
touch "/var/log/${app}FailedLogins.log"
chown $app: "/var/log/${app}FailedLogins.log"
ynh_add_fail2ban_config --logpath="/var/log/${app}FailedLogins.log" --failregex="ip=<HOST>" --max_retry=6
#=================================================
# SETUP SSOWAT
#=================================================
ynh_script_progression --message="Configuring permissions..."
# Make app public if necessary
if [ $is_public -eq 1 ]
then
# Everyone can access the app.
# The "main" permission is automatically created before the install script.
ynh_permission_update --permission="main" --add="visitors"
fi
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..."
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Installation of $app completed" --last
Reference in a new issue View git blame Copy permalink