Refactoriser upgrade/restore

2024-09-03 20:06:39 +02:00 · 2017-03-10 16:23:28 +01:00 · 2017-03-10 16:23:28 +01:00 · 2316d91531
commit 2316d91531
parent 53f26cbea7
3 changed files with 138 additions and 93 deletions
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@ -4,47 +4,98 @@
 #--MULTISITE--}

 location __PATHTOCHANGE__ {
-    alias __FINALPATH__/;
-    index index.php;
+	alias __FINALPATH__;
+	index index.php;

-    # if (!-e $request_filename)
-    # {
-    #  rewrite ^(.+)$ __PATHTOCHANGE__/index.php?q=$1 last;
-    # }
-    if ($scheme = http) {
-      rewrite ^ https://$server_name$request_uri? permanent;
-    }
-    client_max_body_size 30m;
+	if (!-e $request_filename)
+	{
+		# /prestashop/index.php?id_category=5&controller=category
+		rewrite ^/([^/]*)/recherche/(.*)$  __PATHTOCHANGE__/index.php?id_categorie$1&controller$2 last;
+		# rewrite "^__PATHTOCHANGE__/([a-zA-Z]+)/([a-zA-Z]+)$" /index.php?id_category=$1&controller=$2 last;
+		rewrite ^(.+)$ __PATHTOCHANGE__/index.php?q=$1 last;
+		rewrite ^/.*$ __PATHTOCHANGE__/index.php last;
+	}

-    # Add headers to serve security related headers
-    add_header Strict-Transport-Security "max-age=15768000;";
-    add_header X-Content-Type-Options nosniff;
-    add_header X-Frame-Options "SAMEORIGIN";
-    add_header X-XSS-Protection "1; mode=block";
-    add_header X-Robots-Tag none;
-    add_header X-Download-Options noopen;
-    add_header X-Permitted-Cross-Domain-Policies none;

-    location ~^/(\.ht)/{
-      deny all;
-    }
-    location ~* \.(jpg|jpeg|gif|css|png|js|ico|swf|mp3|pdf)$ {
-      # Le contenu statique, est signalé au navigateur comme étant
-      # à garder en cache une semaine. Si il y a un proxy sur la
-      # route, celui-ci est autorisé à faire une copie et à la
-      # cacher.
-      expires        1w; 
-      add_header  Cache-Control public;
-    }
-    location ~ [^/]\.php(/|$) {
-      fastcgi_split_path_info ^(.+?\.php)(/.*)$;
-      fastcgi_pass unix:/var/run/php5-fpm-__NAMETOCHANGE__.sock;
-      fastcgi_index index.php;
-      include fastcgi_params;
-      fastcgi_param REMOTE_USER $remote_user;
-      fastcgi_param PATH_INFO $fastcgi_path_info;
-      fastcgi_param SCRIPT_FILENAME $request_filename;
-    }
+	if ($scheme = http) {
+	  rewrite ^ https://$server_name$request_uri? permanent;
+	}
+
+	client_max_body_size 30m;
+
+	# Add headers to serve security related headers
+	add_header Strict-Transport-Security "max-age=15768000;";
+	add_header X-Content-Type-Options nosniff;
+	add_header X-Frame-Options "SAMEORIGIN";
+	add_header X-XSS-Protection "1; mode=block";
+	add_header X-Robots-Tag none;
+	add_header X-Download-Options noopen;
+	add_header X-Permitted-Cross-Domain-Policies none;
+
+	try_files $uri $uri/  /__PATHTOCHANGE__/index.php?q=$uri&$args;
+
+	# Old image system ?
+	rewrite ^/([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$1$2$3.jpg last;
+	rewrite ^/([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$1$2$3$4.jpg last;
+	rewrite ^/([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$1$2$3$4$5.jpg last;
+	rewrite ^/([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$4/$1$2$3$4$5$6.jpg last;
+	rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$4/$5/$1$2$3$4$5$6$7.jpg last;
+	rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$1$2$3$4$5$6$7$8.jpg last;
+	rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$7/$1$2$3$4$5$6$7$8$9.jpg last;
+	rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$7/$8/$1$2$3$4$5$6$7$8$9$10.jpg last;
+	rewrite ^/c/([0-9]+)(-[.*_a-zA-Z0-9-]*)(-[0-9]+)?/.+.jpg$ /img/c/$1$2$3.jpg last;
+	rewrite ^/c/([a-zA-Z_-]+)(-[0-9]+)?/.+.jpg$ /img/c/$1$2.jpg last;
+	
+	# Symfony controllers
+	location ~ /(international|_profiler|module|product|combination|specific-price)/(.*)$ {
+		try_files $uri $uri/ /index.php?q=$uri&$args $admin_dir/index.php$is_args$args;    	
+	}
+
+	# Redirect needed to "hide" index.php
+	# location / {
+	# 	try_files $uri $uri/ /index.php$uri&$args;
+	# }
+	
+	error_page 404 /index.php?controller=404;
+
+	# Deny access to .htaccess .DS_Store .htpasswd etc
+	location ~ /\. {
+		deny all;
+	}
+
+	# Deny access file theme
+	location ~ \.tpl {
+		deny all;
+	}
+
+	location ~* \.(css|js|docx|zip|pptx|swf|txt|jpg|jpeg|png|gif|swf|webp|flv|ico|pdf|avi|mov|ppt|doc|mp3|wmv|wav|mp4|m4v|ogg|webm|aac)$ {
+		expires max;
+		log_not_found off;
+		add_header Pragma public;
+		add_header Cache-Control "public, must-revalidate, proxy-revalidate";
+	}
+
+	location ~ [^/]\.php(/|$) {
+		fastcgi_split_path_info ^(.+?\.php)(/.*)$;
+		fastcgi_pass unix:/var/run/php5-fpm-__NAMETOCHANGE__.sock;
+		fastcgi_index index.php;
+		include fastcgi_params;
+		fastcgi_param REMOTE_USER $remote_user;
+		fastcgi_param PATH_INFO $fastcgi_path_info;
+		fastcgi_param SCRIPT_FILENAME $request_filename;
+
+		fastcgi_keep_conn on;
+		fastcgi_intercept_errors on;
+		fastcgi_max_temp_file_size 0;
+		fastcgi_temp_file_write_size 256k;
+		fastcgi_buffer_size 8k;
+		fastcgi_buffers 64 8k;
+		fastcgi_busy_buffers_size 8k;
+		fastcgi_connect_timeout 30;
+		fastcgi_read_timeout 30s;
+		fastcgi_send_timeout 30s;
+		client_max_body_size 10m;
+	}

  #--PRIVATE--# Include SSOWAT user panel.
  #--PRIVATE--include conf.d/yunohost_panel.conf.inc;
--- a/scripts/restore
+++ b/scripts/restore
@ -4,11 +4,8 @@
 # Exit on command errors and treat unset variables as an error
 set -eu

-# The parameter $1 is the backup directory location dedicated to the app
-backup_dir=$1
-
 # The parameter $2 is the id of the app instance ex: ynhexample__2
-app=$2
+app=$YNH_APP_INSTANCE_NAME

 # Source app helpers
 source /usr/share/yunohost/helpers
@ -17,47 +14,55 @@ source /usr/share/yunohost/helpers
 domain=$(ynh_app_setting_get $app domain)
 path=$(ynh_app_setting_get $app path)
 is_public=$(ynh_app_setting_get $app is_public)
-final_path=$(ynh_app_setting_get $app final_path)
+with_mysql=$(ynh_app_setting_get "$app" with_mysql)

+# Check domain/path availability
+sudo yunohost app checkurl "${domain}${path}" -a "$app" \
+    || ynh_die "Path not available: ${domain}${path}"
+
+# Check $final_path
+final_path="/var/www/${app}"
 if [ -d $final_path ]; then
-    ynh_die "There is already a directory: $final_path"
+	ynh_die "There is already a directory: $final_path"
 fi

-conf=/etc/nginx/conf.d/$domain.d/$app.conf
-if [ -f $conf ]; then
-    ynh_die "There is already a nginx conf file at this path: $conf"
+# Check configuration files nginx
+nginx_conf="/etc/nginx/conf.d/${domain}.d/${app}.conf"
+if [ -f $nginx_conf ]; then
+	ynh_die "The NGINX configuration already exists at '${nginx_conf}'. You should safely delete it before restoring this app."
+
+# Check configuration files php-fpm
+phpfpm_conf="/etc/php5/fpm/pool.d/${app}.conf"
+if [ -f $phpfpm_conf ]; then 
+	ynh_die "The PHP FPM configuration already exists at '${phpfpm_conf}'. You should safely delete it before restoring this app."
 fi
-# Restore conf files
-sudo cp -a "${backup_dir}/conf/nginx.conf" $conf

-# Reload Nginx
-sudo service nginx reload
+phpfpm_ini="/etc/php5/fpm/conf.d/20-${app}.ini"
+if [ -f $phpfpm_ini ]; then
+	ynh_die "The PHP FPM INI configuration already exists at '${phpfpm_ini}'. You should safely delete it before restoring this app."
+fi

-sudo cp -a "${backup_dir}/var/www/$app" $final_path
-
-db_pwd=$(ynh_app_setting_get $app mysqlpwd)
-db_user=$app
-ynh_mysql_create_db $db_user $db_user $db_pwd
-sudo su -c "mysql -u $db_user -p$db_pwd $app < ${backup_dir}/db.sql"
-sudo rm -f "${backup_dir}/db.sql"
-sudo sed -i -e "s/'DB_USER', *'[^']*'/'DB_USER', '$app'/g" $final_path/config/connect.php
-sudo sed -i -e "s/'DB_NAME', *'[^']*'/'DB_NAME', '$app'/g" $final_path/config/connect.php
+ # Restore sources & data
+sudo cp -a ./sources "$final_path"

 # Set permissions
-# Les fichiers appartiennent à www-data, pour permettre les mises à jour.
 sudo chown -R www-data: $final_path
-# Sauf le fichier de config connect.php qui appartient à root
-sudo chown root: $final_path/config/connect.php

-# Copy dedicated php-fpm process from backup folder to the right location
-sudo cp -a $backup_dir/conf/php-fpm.conf /etc/php5/fpm/pool.d/$app.conf
-sudo cp -a $backup_dir/conf/php-fpm.ini /etc/php5/fpm/conf.d/20-$app.ini
-# And restart service
-sudo service php5-fpm reload
-
-# Set ssowat config
-if [ "$is_public" = "No" ];
-then
-	ynh_app_setting_delete $app skipped_uris
+# Restore db
+if [[ $with_mysql -eq 1 ]]; then
+	db_pwd=$(ynh_app_setting_get $app mysqlpwd)
+	db_user=$app
+	ynh_mysql_create_db $db_user $db_user $db_pwd
+	sudo su -c "mysql -u $db_user -p$db_pwd $app < ./db.sql"
+	sudo rm -f "./db.sql"
 fi
-sudo yunohost app ssowatconf
+
+# Restore nginx configuration files
+sudo cp -a ./nginx.conf   "$nginx_conf"
+# Restore php-fpm configuration files
+sudo cp -a ./php-fpm.conf "$phpfpm_conf"
+sudo cp -a ./php-fpm.ini "$phpfpm_ini"
+
+# Reload services
+sudo service php5-fpm reload || true
+sudo service nginx reload || true
--- a/scripts/upgrade
+++ b/scripts/upgrade
@ -3,14 +3,12 @@
 # Exit on command errors and treat unset variables as an error
 set -eu

-source .fonctions	# Charge les fonctions génériques habituellement utilisées dans le script
+source .fonctions	# Loads the generic functions usually used in the script
+source /usr/share/yunohost/helpers # Source YunoHost helpers

 # See comments in install script
 app=$YNH_APP_INSTANCE_NAME

-# Source YunoHost helpers
-source /usr/share/yunohost/helpers
-
 # Retrieve app settings
 domain=$(ynh_app_setting_get "$app" domain)
 path=$(ynh_app_setting_get "$app" path)
@ -18,7 +16,7 @@ admin=$(ynh_app_setting_get "$app" admin)
 is_public=$(ynh_app_setting_get "$app" is_public)
 language=$(ynh_app_setting_get "$app" language)

-CHECK_PATH	# Vérifie et corrige la syntaxe du path.
+CHECK_PATH	# Checks and corrects the syntax of the path.

 # Check if admin is not null
 if [[ "$admin" = "" || "$is_public" = "" || "$language" = "" ]]; then
@ -32,24 +30,15 @@ final_path=/var/www/$app

 db_name=$app

-CHECK_MD5_CONFIG "connect.php" "$final_path/config/connect.php"	# Créé un backup du fichier de config si il a été modifié.
-
 # Modify Nginx configuration file and copy it to Nginx conf directory
-sed -i "s@PATHTOCHANGE@$path@g" ../conf/nginx.conf*
-sed -i "s@ALIASTOCHANGE@$final_path/@g" ../conf/nginx.conf*
-
-if [ $is_public = "Yes" ];
-then
-	sudo cp ../conf/nginx.conf-public /etc/nginx/conf.d/$domain.d/$app.conf
-else
-	sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf
-fi
+sed -i "s@__PATHTOCHANGE__@$app@g" ../conf/nginx.conf*
+sed -i "s@__FINALPATH__@$final_path/@g" ../conf/nginx.conf*

 # If app is public, add url to SSOWat conf as skipped_uris
-if [[ $is_public -eq 1 ]]; then
-	# See install script
+if [ $is_public = "Yes" ];
+then
 	ynh_app_setting_set "$app" unprotected_uris "/"
-	sudo cp ../conf/nginx.conf-public /etc/nginx/conf.d/$domain.d/$app.conf
+	sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf
 else
 	sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf
 fi