mirror of
https://github.com/YunoHost-Apps/pixelfed_ynh.git
synced 2024-09-03 20:06:04 +02:00
153 lines
6.1 KiB
Bash
153 lines
6.1 KiB
Bash
#!/bin/bash
|
|
|
|
#=================================================
|
|
# GENERIC START
|
|
#=================================================
|
|
# IMPORT GENERIC HELPERS
|
|
#=================================================
|
|
|
|
source _common.sh
|
|
source /usr/share/yunohost/helpers
|
|
|
|
#=================================================
|
|
# RETRIEVE ARGUMENTS FROM THE MANIFEST
|
|
#=================================================
|
|
|
|
app_key="base64:$(ynh_string_random --length=32 | base64)"
|
|
|
|
fpm_footprint="low"
|
|
fpm_free_footprint=0
|
|
fpm_usage="low"
|
|
|
|
#=================================================
|
|
# STORE SETTINGS FROM MANIFEST
|
|
#=================================================
|
|
|
|
ynh_app_setting_set --app=$app --key=app_key --value=$app_key
|
|
ynh_app_setting_set --app=$app --key=fpm_footprint --value=$fpm_footprint
|
|
ynh_app_setting_set --app=$app --key=fpm_free_footprint --value=$fpm_free_footprint
|
|
ynh_app_setting_set --app=$app --key=fpm_usage --value=$fpm_usage
|
|
|
|
#=================================================
|
|
# CONFIGURE REDIS DATABASE
|
|
#=================================================
|
|
ynh_script_progression --message="Creating a Redis database..." --weight=1
|
|
|
|
redis_db=$(ynh_redis_get_free_db)
|
|
ynh_app_setting_set --app="$app" --key=redis_db --value="$redis_db"
|
|
|
|
#=================================================
|
|
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
|
#=================================================
|
|
ynh_script_progression --message="Setting up source files..." --weight=1
|
|
|
|
# Download, check integrity, uncompress and patch the source from app.src
|
|
ynh_setup_source --dest_dir="$install_dir"
|
|
|
|
chmod -R o-rwx "$install_dir"
|
|
chown -R $app:www-data "$install_dir"
|
|
|
|
#=================================================
|
|
# ADD A CONFIGURATION
|
|
#=================================================
|
|
ynh_script_progression --message="Adding a configuration file..." --weight=1
|
|
|
|
ynh_add_config --template=".env" --destination="$install_dir/.env"
|
|
|
|
# Pixelfed app should be able to edit its settings from the admin panel
|
|
chmod 600 "$install_dir/.env"
|
|
chown $app:$app "$install_dir/.env"
|
|
|
|
#=================================================
|
|
# PATCHING SOURCE
|
|
#=================================================
|
|
ynh_script_progression --message="Patching source files..." --weight=1
|
|
|
|
# Prevent privilege escalation by injecting commands in an email name
|
|
# This described in more detail on the manpage https://www.postfix.org/sendmail.1.html under security
|
|
ynh_replace_string --match_string="'/usr/sbin/sendmail -bs'" --replace_string="'/usr/sbin/sendmail -bs -- '" --target_file=$install_dir/config/mail.php
|
|
|
|
#=================================================
|
|
# SYSTEM CONFIGURATION
|
|
#=================================================
|
|
ynh_script_progression --message="Adding system configurations related to $app..." --weight=1
|
|
|
|
ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint --group=www-data
|
|
|
|
ynh_add_nginx_config
|
|
|
|
ynh_add_systemd_config
|
|
|
|
yunohost service add "$app" --description="Federated Image Sharing" --log="/var/log/$app/$app.log"
|
|
|
|
mkdir -p "/var/log/$app/"
|
|
touch "/var/log/$app/${app}-horizon.log"
|
|
chown -R $app: "/var/log/$app/"
|
|
chmod -R 600 "/var/log/$app/"
|
|
|
|
# Use logrotate to manage application logfile(s)
|
|
ynh_use_logrotate --logfile="/var/log/$app/${app}-horizon.log"
|
|
ynh_use_logrotate --logfile="/var/www/$app/storage/logs/laravel.log" --specific_user=$app/www-data
|
|
|
|
ynh_add_config --template="cron" --destination="/etc/cron.d/$app"
|
|
|
|
#=================================================
|
|
# SPECIFIC SETUP
|
|
#=================================================
|
|
# INSTALL COMPOSER DEPENDENCIES
|
|
#=================================================
|
|
ynh_script_progression --message="Installing composer dependencies..." --weight=1
|
|
|
|
ynh_exec_warn_less ynh_install_composer --phpversion="$phpversion" --composerversion="$YNH_COMPOSER_VERSION" --workdir="$install_dir"
|
|
|
|
#=================================================
|
|
# DEPLOY
|
|
#=================================================
|
|
ynh_script_progression --message="Deploying..." --weight=1
|
|
|
|
pushd "$install_dir"
|
|
php$phpversion artisan -n key:generate --force
|
|
php$phpversion artisan horizon:install
|
|
php$phpversion artisan horizon:publish
|
|
php$phpversion artisan passport:keys
|
|
php$phpversion artisan config:clear
|
|
php$phpversion artisan config:cache
|
|
php$phpversion artisan route:cache
|
|
php$phpversion artisan view:cache
|
|
php$phpversion artisan storage:link
|
|
php$phpversion artisan migrate --force
|
|
php$phpversion artisan update
|
|
php$phpversion artisan horizon:purge
|
|
php$phpversion artisan import:cities 2>/dev/null
|
|
php$phpversion artisan instance:actor
|
|
php$phpversion artisan passport:client --personal <<< "\\n"
|
|
popd
|
|
|
|
#=================================================
|
|
# PATCH PERMISSIONS for v0.11.5 versions and higher
|
|
#=================================================
|
|
ynh_script_progression --message="Patching permissions (for version 0.11.5 and newer)..." --weight=1
|
|
|
|
# Default configuration doesn't work
|
|
ynh_replace_string --match_string="'private' => 0700," --replace_string="'private' => 0750," --target_file=$install_dir/config/filesystems.php
|
|
|
|
# Repair permissions for files created after v0.11.5 and before this patch
|
|
if [ -d "$install_dir/public/storage/m/_v2/" ]; then
|
|
chmod 750 -R "$install_dir/public/storage/m/_v2/"* # all files subdirectories (picture folders) should be readable and executable. But if there is no picture, there is no /*/*
|
|
chmod 770 "$install_dir/public/storage/m/_v2/"* # users folders should be 770
|
|
chmod 770 "$install_dir/public/storage/m/_v2/" # this should be 770
|
|
chown -R :www-data "$install_dir/public/storage/m/_v2/" # Fix the mess following packaging v2 upgrade - and make sure proper group owner is set.
|
|
fi
|
|
|
|
#=================================================
|
|
# START SUPERVISOR SERVICE
|
|
#=================================================
|
|
ynh_script_progression --message="Starting $app's systemd service..." --weight=1
|
|
|
|
ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/$app.log"
|
|
|
|
#=================================================
|
|
# END OF SCRIPT
|
|
#=================================================
|
|
|
|
ynh_script_progression --message="Installation of $app completed" --last
|