YunoHost-Apps/privatebin_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/privatebin_ynh.git synced 2024-09-03 20:15:56 +02:00
Code Issues Activity Actions

Merge pull request #13 from YunoHost-Apps/upgrade

Browse source 
Upgrade
This commit is contained in:
yalh76 2022-08-15 15:41:06 +02:00 committed by GitHub
commit 4a2bedfdb9
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
18 changed files with 311 additions and 160 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

106
.github/workflows/updater.sh vendored Normal file
View file

@ -0,0 +1,106 @@
#!/bin/bash
#=================================================
# PACKAGE UPDATING HELPER
#=================================================
# This script is meant to be run by GitHub Actions
# The YunoHost-Apps organisation offers a template Action to run this script periodically
# Since each app is different, maintainers can adapt its contents so as to perform
# automatic actions when a new upstream release is detected.
#=================================================
# FETCHING LATEST RELEASE AND ITS ASSETS
#=================================================
# Fetching information
current_version=$(cat manifest.json | jq -j '.version|split("~")[0]')
repo=$(cat manifest.json | jq -j '.upstream.code|split("https://github.com/")[1]')
# Some jq magic is needed, because the latest upstream release is not always the latest version (e.g. security patches for older versions)
version=$(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '.[] | select( .prerelease != true ) | .tag_name' | sort -V | tail -1)
assets="https://github.com/PrivateBin/PrivateBin/archive/$version.tar.gz"
# Later down the script, we assume the version has only digits and dots
# Sometimes the release name starts with a "v", so let's filter it out.
# You may need more tweaks here if the upstream repository has different naming conventions.
if [[ ${version:0:1} == "v" || ${version:0:1} == "V" ]]; then
version=${version:1}
fi
# Setting up the environment variables
echo "Current version: $current_version"
echo "Latest release from upstream: $version"
echo "VERSION=$version" >> $GITHUB_ENV
echo "REPO=$repo" >> $GITHUB_ENV
# For the time being, let's assume the script will fail
echo "PROCEED=false" >> $GITHUB_ENV
# Proceed only if the retrieved version is greater than the current one
if ! dpkg --compare-versions "$current_version" "lt" "$version" ; then
echo "::warning ::No new version available"
exit 0
# Proceed only if a PR for this new version does not already exist
elif git ls-remote -q --exit-code --heads https://github.com/$GITHUB_REPOSITORY.git ci-auto-update-v$version ; then
echo "::warning ::A branch already exists for this update"
exit 0
fi
#=================================================
# UPDATE SOURCE FILES
#=================================================
# Let's download source tarball
asset_url=$assets
echo "Handling asset at $asset_url"
src="app"
# Create the temporary directory
tempdir="$(mktemp -d)"
# Download sources and calculate checksum
filename=${asset_url##*/}
curl --silent -4 -L $asset_url -o "$tempdir/$filename"
checksum=$(sha256sum "$tempdir/$filename" | head -c 64)
# Delete temporary directory
rm -rf $tempdir
# Get extension
if [[ $filename == *.tar.gz ]]; then
extension=tar.gz
else
extension=${filename##*.}
fi
# Rewrite source file
cat <<EOT > conf/$src.src
SOURCE_URL=$asset_url
SOURCE_SUM=$checksum
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=$extension
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=
EOT
echo "... conf/$src.src updated"
#=================================================
# SPECIFIC UPDATE STEPS
#=================================================
# Any action on the app's source code can be done.
# The GitHub Action workflow takes care of committing all changes after this script ends.
#=================================================
# GENERIC FINALIZATION
#=================================================
# Replace new version in manifest
echo "$(jq -s --indent 4 ".[] | .version = \"$version~ynh1\"" manifest.json)" > manifest.json
# No need to update the README, yunohost-bot takes care of it
# The Action will proceed only if the PROCEED environment variable is set to true
echo "PROCEED=true" >> $GITHUB_ENV
exit 0

49
.github/workflows/updater.yml vendored Normal file
View file

@ -0,0 +1,49 @@
# This workflow allows GitHub Actions to automagically update your app whenever a new upstream release is detected.
# You need to enable Actions in your repository settings, and fetch this Action from the YunoHost-Apps organization.
# This file should be enough by itself, but feel free to tune it to your needs.
# It calls updater.sh, which is where you should put the app-specific update steps.
name: Check for new upstream releases
on:
# Allow to manually trigger the workflow
workflow_dispatch:
# Run it every day at 6:00 UTC
schedule:
- cron: '0 6 * * *'
jobs:
updater:
runs-on: ubuntu-latest
steps:
- name: Fetch the source code
uses: actions/checkout@v2
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Run the updater script
id: run_updater
run: |
# Setting up Git user
git config --global user.name 'yunohost-bot'
git config --global user.email 'yunohost-bot@users.noreply.github.com'
# Run the updater script
/bin/bash .github/workflows/updater.sh
- name: Commit changes
id: commit
if: ${{ env.PROCEED == 'true' }}
run: |
git commit -am "Upgrade to v$VERSION"
- name: Create Pull Request
id: cpr
if: ${{ env.PROCEED == 'true' }}
uses: peter-evans/create-pull-request@v3
with:
token: ${{ secrets.GITHUB_TOKEN }}
commit-message: Update to version ${{ env.VERSION }}
committer: 'yunohost-bot <yunohost-bot@users.noreply.github.com>'
author: 'yunohost-bot <yunohost-bot@users.noreply.github.com>'
signoff: false
base: testing
branch: ci-auto-update-v${{ env.VERSION }}
delete-branch: true
title: 'Upgrade to version ${{ env.VERSION }}'
body: |
Upgrade to v${{ env.VERSION }}
draft: false

23
README.md
View file

@ -5,7 +5,7 @@ It shall NOT be edited by hand.
# PrivateBin for YunoHost
[![Integration level](https://dash.yunohost.org/integration/privatebin.svg)](https://dash.yunohost.org/appci/app/privatebin) ![](https://ci-apps.yunohost.org/ci/badges/privatebin.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/privatebin.maintain.svg)
[![Integration level](https://dash.yunohost.org/integration/privatebin.svg)](https://dash.yunohost.org/appci/app/privatebin) ![Working status](https://ci-apps.yunohost.org/ci/badges/privatebin.status.svg) ![Maintenance status](https://ci-apps.yunohost.org/ci/badges/privatebin.maintain.svg)
[![Install PrivateBin with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=privatebin)
*[Lire ce readme en français.](./README_fr.md)*
@ -17,13 +17,14 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in
Minimalist pastebin where the server has zero knowledge of pasted data
**Shipped version:** 1.4.0~ynh1
**Shipped version:** 1.4.0~ynh2
**Demo:** https://privatebin.net/
## Screenshots
![](./doc/screenshots/bootstrap.png)
![Screenshot of PrivateBin](./doc/screenshots/bootstrap.png)
## Disclaimers / important information
@ -38,23 +39,25 @@ In the [update documentation](https://github.com/PrivateBin/PrivateBin/wiki/Conf
For full compatibility with ZeroBin and to be able to decrypt old pastes, you would enable this option. However this is not recommend for new installations as it weakens the security of your PrivateBin instance.
This means that we have decided to delete the directory that allows us to save the data. You can save the 'data' directory, if you want to keep your data. But you should know that this weakens the security of this application.
## Documentation and resources
* Official app website: https://privatebin.info/
* Official admin documentation: https://github.com/PrivateBin/PrivateBin/wiki
* Upstream app code repository: https://github.com/PrivateBin/PrivateBin
* YunoHost documentation for this app: https://yunohost.org/app_privatebin
* Report a bug: https://github.com/YunoHost-Apps/privatebin_ynh/issues
* Official app website: <https://privatebin.info/>
* Official admin documentation: <https://github.com/PrivateBin/PrivateBin/wiki>
* Upstream app code repository: <https://github.com/PrivateBin/PrivateBin>
* YunoHost documentation for this app: <https://yunohost.org/app_privatebin>
* Report a bug: <https://github.com/YunoHost-Apps/privatebin_ynh/issues>
## Developer info
Please send your pull request to the [testing branch](https://github.com/YunoHost-Apps/privatebin_ynh/tree/testing).
To try the testing branch, please proceed like that.
```
``` bash
sudo yunohost app install https://github.com/YunoHost-Apps/privatebin_ynh/tree/testing --debug
or
sudo yunohost app upgrade privatebin -u https://github.com/YunoHost-Apps/privatebin_ynh/tree/testing --debug
```
**More info regarding app packaging:** https://yunohost.org/packaging_apps
**More info regarding app packaging:** <https://yunohost.org/packaging_apps>

29
README_fr.md
View file

@ -1,10 +1,14 @@
<!--
N.B.: This README was automatically generated by https://github.com/YunoHost/apps/tree/master/tools/README-generator
It shall NOT be edited by hand.
-->
# PrivateBin pour YunoHost
[![Niveau d'intégration](https://dash.yunohost.org/integration/privatebin.svg)](https://dash.yunohost.org/appci/app/privatebin) ![](https://ci-apps.yunohost.org/ci/badges/privatebin.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/privatebin.maintain.svg)
[![Niveau d'intégration](https://dash.yunohost.org/integration/privatebin.svg)](https://dash.yunohost.org/appci/app/privatebin) ![Statut du fonctionnement](https://ci-apps.yunohost.org/ci/badges/privatebin.status.svg) ![Statut de maintenance](https://ci-apps.yunohost.org/ci/badges/privatebin.maintain.svg)
[![Installer PrivateBin avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=privatebin)
*[Read this readme in english.](./README.md)*
*[Lire ce readme en français.](./README_fr.md)*
> *Ce package vous permet d'installer PrivateBin rapidement et simplement sur un serveur YunoHost.
Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.*
@ -13,13 +17,14 @@ Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour
Pastebin minimaliste où le serveur n'a aucune connaissance des données copiées
**Version incluse :** 1.4.0~ynh1
**Version incluse :** 1.4.0~ynh2
**Démo :** https://privatebin.net/
## Captures d'écran
![](./doc/screenshots/bootstrap.png)
![Capture d'écran de PrivateBin](./doc/screenshots/bootstrap.png)
## Avertissements / informations importantes
@ -34,23 +39,25 @@ Dans la [documentation de mise à jour](https://github.com/PrivateBin/PrivateBin
Pour une compatibilité complète avec Zerobin et le déchiffrement de tous les vieux "paste", vous devriez activer cette option. Cependant, ce n'est pas recommandé pour les nouvelles installations car cela affaiblit la sécurité de votre instance PrivateBin.
Ceci signifie que nous avons décidé de supprimer ce répertoire pour permettre la sécurisation des données. Vous pouvez sauvegarder le répertoire 'data', si vous voulez conservez vos données. Mais vous devriez savoir que cela réduit la sécurité de votre application.
## Documentations et ressources
* Site officiel de l'app : https://privatebin.info/
* Documentation officielle de l'admin : https://github.com/PrivateBin/PrivateBin/wiki
* Dépôt de code officiel de l'app : https://github.com/PrivateBin/PrivateBin
* Documentation YunoHost pour cette app : https://yunohost.org/app_privatebin
* Signaler un bug : https://github.com/YunoHost-Apps/privatebin_ynh/issues
* Site officiel de l'app : <https://privatebin.info/>
* Documentation officielle de l'admin : <https://github.com/PrivateBin/PrivateBin/wiki>
* Dépôt de code officiel de l'app : <https://github.com/PrivateBin/PrivateBin>
* Documentation YunoHost pour cette app : <https://yunohost.org/app_privatebin>
* Signaler un bug : <https://github.com/YunoHost-Apps/privatebin_ynh/issues>
## Informations pour les développeurs
Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/privatebin_ynh/tree/testing).
Pour essayer la branche testing, procédez comme suit.
```
``` bash
sudo yunohost app install https://github.com/YunoHost-Apps/privatebin_ynh/tree/testing --debug
ou
sudo yunohost app upgrade privatebin -u https://github.com/YunoHost-Apps/privatebin_ynh/tree/testing --debug
```
**Plus d'infos sur le packaging d'applications :** https://yunohost.org/packaging_apps
**Plus d'infos sur le packaging d'applications :** <https://yunohost.org/packaging_apps>

3
check_process
View file

@ -8,12 +8,13 @@
setup_sub_dir=1
setup_root=1
setup_nourl=0
setup_private=0
setup_private=1
setup_public=1
upgrade=1
upgrade=1 from_commit=8ce6cac57048e5df294269989c2432d67bef4c5c
backup_restore=1
multi_instance=1
port_already_use=0
change_url=1
;;; Options
Email=

4
conf/nginx.conf
View file

@ -13,8 +13,8 @@ location __PATH__/ {
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param REMOTE_USER $remote_user;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param REMOTE_USER $remote_user;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $request_filename;
}

1
doc/DESCRIPTION.md Normal file
View file

@ -0,0 +1 @@
Minimalist pastebin where the server has zero knowledge of pasted data

1
doc/DESCRIPTION_fr.md Normal file
View file

@ -0,0 +1 @@
Pastebin minimaliste où le serveur n'a aucune connaissance des données copiées

2
doc/DISCLAIMER.md
View file

@ -8,4 +8,4 @@ In the [update documentation](https://github.com/PrivateBin/PrivateBin/wiki/Conf
For full compatibility with ZeroBin and to be able to decrypt old pastes, you would enable this option. However this is not recommend for new installations as it weakens the security of your PrivateBin instance.
This means that we have decided to delete the directory that allows us to save the data. You can save the 'data' directory, if you want to keep your data. But you should know that this weakens the security of this application.
This means that we have decided to delete the directory that allows us to save the data. You can save the 'data' directory, if you want to keep your data. But you should know that this weakens the security of this application.

2
doc/DISCLAIMER_fr.md
View file

@ -8,4 +8,4 @@ Dans la [documentation de mise à jour](https://github.com/PrivateBin/PrivateBin
Pour une compatibilité complète avec Zerobin et le déchiffrement de tous les vieux "paste", vous devriez activer cette option. Cependant, ce n'est pas recommandé pour les nouvelles installations car cela affaiblit la sécurité de votre instance PrivateBin.
Ceci signifie que nous avons décidé de supprimer ce répertoire pour permettre la sécurisation des données. Vous pouvez sauvegarder le répertoire 'data', si vous voulez conservez vos données. Mais vous devriez savoir que cela réduit la sécurité de votre application.
Ceci signifie que nous avons décidé de supprimer ce répertoire pour permettre la sécurisation des données. Vous pouvez sauvegarder le répertoire 'data', si vous voulez conservez vos données. Mais vous devriez savoir que cela réduit la sécurité de votre application.

8
manifest.json
View file

@ -6,7 +6,7 @@
"en": "Minimalist pastebin where the server has zero knowledge of pasted data",
"fr": "Pastebin minimaliste où le serveur n'a aucune connaissance des données copiées"
},
"version": "1.4.0~ynh1",
"version": "1.4.0~ynh2",
"url": "https://github.com/PrivateBin/PrivateBin",
"upstream": {
"license": "Zlib",
@ -17,8 +17,8 @@
},
"license": "Zlib",
"maintainer": {
"name": "julien",
"email": "julien.malik@paraiso.me"
"name": "",
"email": ""
},
"requirements": {
"yunohost": ">= 4.3.0"
@ -29,7 +29,7 @@
"php7.3-fpm"
],
"arguments": {
"install" : [
"install": [
{
"name": "domain",
"type": "domain"

4
scripts/_common.sh
View file

@ -4,8 +4,6 @@
# COMMON VARIABLES
#=================================================
YNH_PHP_VERSION="7.3"
#=================================================
# PERSONAL HELPERS
#=================================================
@ -16,4 +14,4 @@ YNH_PHP_VERSION="7.3"
#=================================================
# FUTURE OFFICIAL HELPERS
#=================================================
#=================================================

2
scripts/backup
View file

@ -6,6 +6,7 @@
# IMPORT GENERIC HELPERS
#=================================================
# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts
source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
@ -13,6 +14,7 @@ source /usr/share/yunohost/helpers
# MANAGE SCRIPT FAILURE
#=================================================
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================

26
scripts/change_url
View file

@ -28,10 +28,12 @@ ynh_script_progression --message="Loading installation settings..."
# Needed for helper "ynh_add_nginx_config"
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
# Add settings here as needed by your application
is_public=$(ynh_app_setting_get --app=$app --key=is_public)
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP
#=================================================
ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=1
@ -94,6 +96,8 @@ then
ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
fi
#=================================================
# SPECIFIC MODIFICATIONS
#=================================================
# UPDATE SSOWAT
#=================================================
@ -101,15 +105,15 @@ ynh_script_progression --message="Reconfiguring permissions..."
if [ $is_public -eq 0 ]
then
# If the app is private, viewing images stays publicly accessible.
if [ "$new_path" == "/" ]; then
# If the path is /, clear it to prevent any error with the regex.
new_path=""
fi
# Modify the domain to be used in a regex
domain_regex=$(echo "$new_domain" | sed 's@-@.@g')
ynh_app_setting_set --app=$app --key=protected_regex --value="$domain_regex$new_path/$"
ynh_app_setting_set --app=$app --key=unprotected_regex --value="$domain_regex$new_path/.*$"
# If the app is private, viewing images stays publicly accessible.
if [ "$new_path" == "/" ]; then
# If the path is /, clear it to prevent any error with the regex.
new_path=""
fi
# Modify the domain to be used in a regex
domain_regex=$(echo "$new_domain" | sed 's@-@.@g')
ynh_app_setting_set --app=$app --key=protected_regex --value="$domain_regex$new_path/$"
ynh_app_setting_set --app=$app --key=unprotected_regex --value="$domain_regex$new_path/.*$"
fi
#=================================================
@ -125,4 +129,4 @@ ynh_systemd_action --service_name=nginx --action=reload
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Change of URL completed for PrivateBin" --last
ynh_script_progression --message="Change of URL completed for $app" --last

79
scripts/install
View file

@ -13,6 +13,7 @@ source /usr/share/yunohost/helpers
# MANAGE SCRIPT FAILURE
#=================================================
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
@ -43,10 +44,17 @@ ynh_script_progression --message="Storing installation settings..." --weight=1
ynh_app_setting_set --app=$app --key=domain --value=$domain
ynh_app_setting_set --app=$app --key=path --value=$path_url
ynh_app_setting_set --app=$app --key=is_public --value=$is_public
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Configuring system user..." --weight=3
# Create a system user
ynh_system_user_create --username=$app --home_dir="$final_path"
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
@ -55,6 +63,19 @@ ynh_script_progression --message="Setting up source files..." --weight=3
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$final_path"
mkdir -p $final_path/{data,tmp}
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path"
#=================================================
# PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring PHP-FPM..." --weight=2
# Create a dedicated PHP-FPM config
ynh_add_fpm_config
#=================================================
# NGINX CONFIGURATION
@ -64,55 +85,25 @@ ynh_script_progression --message="Configuring NGINX web server..." --weight=1
# Create a dedicated NGINX config
ynh_add_nginx_config
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Configuring system user..." --weight=3
# Create a system user
ynh_system_user_create --username=$app
#=================================================
# PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring PHP-FPM..." --weight=2
# Create a dedicated PHP-FPM config
ynh_add_fpm_config
phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
#=================================================
# GENERIC FINALIZATION
#=================================================
# SECURE FILES AND DIRECTORIES
#=================================================
# Set permissions to app files
chown -R root: $final_path
# Files owned by user specific can just read
find $final_path -type f | xargs chmod 644
find $final_path -type d | xargs chmod 755
# Except for data and tmp subdir, where the user must have write permissions
mkdir -p $final_path/{data,tmp}
chown -R $app:root $final_path/{data,tmp}
chmod 700 $final_path/{data,tmp}
#=================================================
# SETUP SSOWAT
#=================================================
ynh_script_progression --message="Configuring permissions..." --weight=1
ynh_script_progression --message="Configuring permissions..." --weight=1
# If app is public, add url to SSOWat conf as skipped_uris
if [ $is_public -eq 1 ]; then
# unprotected_uris allows SSO credentials to be passed anyway.
ynh_permission_update --permission="main" --add="visitors"
# Make app public if necessary
if [ $is_public -eq 1 ]
then
# Everyone can access the app.
# The "main" permission is automatically created before the install script.
ynh_permission_update --permission="main" --add="visitors"
else
# If the app is private, viewing paste stays publicly accessible.
# Modify the domain to be used in a regex
domain_regex=$(echo "$domain" | sed 's@-@.@g')
ynh_app_setting_set --app=$app --key=protected_regex --value="$domain_regex$path_url/$"
ynh_app_setting_set --app=$app --key=unprotected_regex --value="$domain_regex$path_url/.*$"
# If the app is private, viewing paste stays publicly accessible.
# Modify the domain to be used in a regex
domain_regex=$(echo "$domain" | sed 's@-@.@g')
ynh_app_setting_set --app=$app --key=protected_regex --value="$domain_regex$path_url/$"
ynh_app_setting_set --app=$app --key=unprotected_regex --value="$domain_regex$path_url/.*$"
fi
#=================================================
@ -126,4 +117,4 @@ ynh_systemd_action --service_name=nginx --action=reload
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Installation of PrivateBin completed" --last
ynh_script_progression --message="Installation of $app completed" --last

10
scripts/remove
View file

@ -24,7 +24,7 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path)
#=================================================
# REMOVE APP MAIN DIR
#=================================================
ynh_script_progression --message="Removing PrivateBin main directory" --weight=2
ynh_script_progression --message="Removing app main directory..." --weight=2
# Remove the app directory securely
ynh_secure_remove --file="$final_path"
@ -32,7 +32,7 @@ ynh_secure_remove --file="$final_path"
#=================================================
# REMOVE NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Removing NGINX web server configuration" --weight=3
ynh_script_progression --message="Removing NGINX web server configuration..." --weight=3
# Remove the dedicated NGINX config
ynh_remove_nginx_config
@ -40,7 +40,7 @@ ynh_remove_nginx_config
#=================================================
# REMOVE PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Removing PHP-FPM configuration" --weight=1
ynh_script_progression --message="Removing PHP-FPM configuration..." --weight=1
# Remove the dedicated PHP-FPM config
ynh_remove_fpm_config
@ -50,7 +50,7 @@ ynh_remove_fpm_config
#=================================================
# REMOVE DEDICATED USER
#=================================================
ynh_script_progression --message="Removing the dedicated system user" --weight=2
ynh_script_progression --message="Removing the dedicated system user..." --weight=2
# Delete a system user
ynh_system_user_delete --username=$app
@ -59,4 +59,4 @@ ynh_system_user_delete --username=$app
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Removal of PrivateBin completed" --last
ynh_script_progression --message="Removal of $app completed" --last

36
scripts/restore
View file

@ -6,6 +6,7 @@
# IMPORT GENERIC HELPERS
#=================================================
# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts
source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
@ -19,7 +20,7 @@ ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading settings..." --weight=1
ynh_script_progression --message="Loading installation settings..." --weight=1
app=$YNH_APP_INSTANCE_NAME
@ -33,43 +34,42 @@ phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
#=================================================
ynh_script_progression --message="Validating restoration parameters..." --weight=2
test ! -d $final_path || ynh_die --message="There is already a directory: $final_path "
test ! -d $final_path \
|| ynh_die --message="There is already a directory: $final_path "
#=================================================
# STANDARD RESTORATION STEPS
#=================================================
# RESTORE THE NGINX CONFIGURATION
#=================================================
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# RESTORE THE APP MAIN DIR
#=================================================
ynh_script_progression --message="Restoring PrivateBin main directory..." --weight=6
ynh_restore_file --origin_path="$final_path"
#=================================================
# RECREATE THE DEDICATED USER
#=================================================
ynh_script_progression --message="Recreating the dedicated system user..." --weight=4
# Create the dedicated user (if not existing)
ynh_system_user_create --username=$app
ynh_system_user_create --username=$app --home_dir="$final_path"
#=================================================
# RESTORE USER RIGHTS
# RESTORE THE APP MAIN DIR
#=================================================
ynh_script_progression --message="Restoring the app main directory..." --weight=6
ynh_restore_file --origin_path="$final_path"
chown -R $app:root $final_path/{data,tmp}
#=================================================
# RESTORE THE PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the PHP-FPM configuration..."
ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
#=================================================
# RESTORE THE NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the NGINX web server configuration..."
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# GENERIC FINALIZATION
#=================================================
@ -84,4 +84,4 @@ ynh_systemd_action --service_name=nginx --action=reload
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Restoration completed for PrivateBin" --last
ynh_script_progression --message="Restoration completed for $app" --last

86
scripts/upgrade
View file

@ -18,46 +18,16 @@ app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app=$app --key=path)
is_public=$(ynh_app_setting_get --app=$app --key=is_public)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
#=================================================
# CHECK VERSION
#=================================================
ynh_script_progression --message="Checking version..."
upgrade_type=$(ynh_check_app_version_changed)
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
ynh_script_progression --message="Ensuring downward compatibility..." --weight=3
# Fix is_public as a boolean value
if [ "$is_public" = "Yes" ]; then
ynh_app_setting_set --app=$app --key=is_public --value=1
is_public=1
elif [ "$is_public" = "No" ]; then
ynh_app_setting_set --app=$app --key=is_public --value=0
is_public=0
elif [ -z "$is_public" ]
then
if grep --quiet "unprotected_uris" "/etc/yunohost/apps/$app/settings.yml"
then
ynh_app_setting_set --app=$app --key=is_public --value=1
is_public=1
else
ynh_app_setting_set --app=$app --key=is_public --value=0
is_public=0
fi
fi
# If final_path doesn't exist, create it
if [ -z "$final_path" ]; then
final_path=/var/www/$app
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
fi
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
@ -74,6 +44,32 @@ ynh_abort_if_errors
#=================================================
# STANDARD UPGRADE STEPS
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
ynh_script_progression --message="Ensuring downward compatibility..." --weight=3
# Cleaning legacy permissions
if ynh_legacy_permissions_exists; then
ynh_legacy_permissions_delete_all
ynh_app_setting_delete --app=$app --key=is_public
fi
# If final_path doesn't exist, create it
if [ -z "$final_path" ]; then
final_path=/var/www/$app
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
fi
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Making sure dedicated system user exists..." --weight=2
# Create a dedicated user (if not existing)
ynh_system_user_create --username=$app --home_dir="$final_path"
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
@ -86,22 +82,6 @@ then
ynh_setup_source --dest_dir="$final_path"
fi
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=1
# Create a dedicated NGINX config
ynh_add_nginx_config
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Making sure dedicated system user exists..." --weight=2
# Create a dedicated user (if not existing)
ynh_system_user_create --username=$app
#=================================================
# PHP-FPM CONFIGURATION
#=================================================
@ -111,7 +91,13 @@ ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=3
ynh_add_fpm_config
#=================================================
# GENERIC FINALIZATION
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=1
# Create a dedicated NGINX config
ynh_add_nginx_config
#=================================================
# SECURE FILES AND DIRECTORIES
#=================================================
@ -127,6 +113,8 @@ mkdir -p $final_path/{data,tmp}
chown -R $app:root $final_path/{data,tmp}
chmod 700 $final_path/{data,tmp}
#=================================================
# GENERIC FINALIZATION
#=================================================
# RELOAD NGINX
#=================================================
@ -138,4 +126,4 @@ ynh_systemd_action --service_name=nginx --action=reload
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Upgrade of PrivateBin completed" --last
ynh_script_progression --message="Upgrade of $app completed" --last