From b48ad5dc762b896567da97bdccf17a87d0efffdc Mon Sep 17 00:00:00 2001 From: NorbiPeti Date: Tue, 28 May 2024 22:18:12 +0200 Subject: [PATCH] Fix permission issues - Run composer install as user, including its hooks - Move the permission fix before configs are cached --- scripts/_common.sh | 31 +++++++++++++++++++++++++++++++ scripts/install | 32 ++++++++++++++++---------------- 2 files changed, 47 insertions(+), 16 deletions(-) diff --git a/scripts/_common.sh b/scripts/_common.sh index bb3f8d89..36cc4a08 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -184,3 +184,34 @@ ynh_supervisor_action() { ynh_clean_check_starting fi } + +# Execute a command with Composer +# +# usage: ynh_composer_exec [--phpversion=phpversion] [--workdir=$install_dir] --commands="commands" +# | arg: -v, --phpversion - PHP version to use with composer +# | arg: -w, --workdir - The directory from where the command will be executed. Default $install_dir or $final_path +# | arg: -c, --commands - Commands to execute. +# +# Requires YunoHost version 4.2 or higher. +ynh_composer_exec() { + local _globalphpversion=${phpversion-:} + # Declare an array to define the options of this helper. + local legacy_args=vwc + declare -Ar args_array=([v]=phpversion= [w]=workdir= [c]=commands=) + local phpversion + local workdir + local commands + # Manage arguments with getopts + ynh_handle_getopts_args "$@" + workdir="${workdir:-${install_dir:-$final_path}}" + + if dpkg --compare-versions ${YNH_APP_PACKAGING_FORMAT:-0} lt 2; then + phpversion="${phpversion:-$YNH_PHP_VERSION}" + else + phpversion="${phpversion:-$_globalphpversion}" + fi + + COMPOSER_HOME="$workdir/.composer" COMPOSER_MEMORY_LIMIT=-1 \ + sudo -u $app php${phpversion} "$workdir/composer.phar" $commands \ + -d "$workdir" --no-interaction --no-ansi 2>&1 +} diff --git a/scripts/install b/scripts/install index a7495b1b..16a9dd83 100644 --- a/scripts/install +++ b/scripts/install @@ -103,6 +103,22 @@ ynh_script_progression --message="Configuring a supervisor service..." --weight= # Create a dedicated supervisor config ynh_add_supervisor_config --service="${app}-horizon" --template=horizon.conf +#================================================= +# PATCH PERMISSIONS for v0.11.5 versions and higher +#================================================= +ynh_script_progression --message="Patching permissions (for version 0.11.5 and newer)..." --weight=1 + +# Default configuration doesn't work +ynh_replace_string --match_string="'private' => 0700," --replace_string="'private' => 0750," --target_file=$install_dir/config/filesystems.php + +# Repair permissions for files created after v0.11.5 and before this patch +if [ -d "$install_dir/public/storage/m/_v2/" ]; then + chmod 750 -R "$install_dir/public/storage/m/_v2/"* # all files subdirectories (picture folders) should be readable and executable. But if there is no picture, there is no /*/* + chmod 770 "$install_dir/public/storage/m/_v2/"* # users folders should be 770 + chmod 770 "$install_dir/public/storage/m/_v2/" # this should be 770 + chown -R :www-data "$install_dir/public/storage/m/_v2/" # Fix the mess following packaging v2 upgrade - and make sure proper group owner is set. +fi + #================================================= # DEPLOY #================================================= @@ -146,22 +162,6 @@ ynh_script_progression --message="Configuring log rotation..." --weight=1 ynh_use_logrotate --logfile="/var/log/$app/${app}-horizon.log" ynh_use_logrotate --logfile="/var/www/$app/storage/logs/laravel.log" --specific_user=$app/www-data -#================================================= -# PATCH PERMISSIONS for v0.11.5 versions and higher -#================================================= -ynh_script_progression --message="Patching permissions (for version 0.11.5 and newer)..." --weight=1 - -# Default configuration doesn't work -ynh_replace_string --match_string="'private' => 0700," --replace_string="'private' => 0750," --target_file=$install_dir/config/filesystems.php - -# Repair permissions for files created after v0.11.5 and before this patch -if [ -d "$install_dir/public/storage/m/_v2/" ]; then - chmod 750 -R "$install_dir/public/storage/m/_v2/"* # all files subdirectories (picture folders) should be readable and executable. But if there is no picture, there is no /*/* - chmod 770 "$install_dir/public/storage/m/_v2/"* # users folders should be 770 - chmod 770 "$install_dir/public/storage/m/_v2/" # this should be 770 - chown -R :www-data "$install_dir/public/storage/m/_v2/" # Fix the mess following packaging v2 upgrade - and make sure proper group owner is set. -fi - #================================================= # INTEGRATE SERVICE IN YUNOHOST #=================================================