YunoHost-Apps/privatebin_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/privatebin_ynh.git synced 2024-09-03 20:15:56 +02:00
Code Issues Activity Actions

Apply last example_ynh

Browse source
This commit is contained in:
yalh76 2022-09-12 21:28:20 +02:00
parent 8ace1226a5
commit 633c1b27c8
11 changed files with 29 additions and 62 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
conf/app.src
View file

@ -4,3 +4,4 @@ SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true SOURCE_IN_SUBDIR=true
SOURCE_FILENAME= SOURCE_FILENAME=
SOURCE_EXTRACT=true

3
conf/nginx.conf
View file

@ -6,6 +6,9 @@ location __PATH__/ {
index index.php; index index.php;
# Common parameter to increase upload size limit in conjunction with dedicated php-fpm file
#client_max_body_size 50M;
try_files $uri $uri/ index.php; try_files $uri $uri/ index.php;
location ~ [^/]\.php(/|$) { location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$; fastcgi_split_path_info ^(.+?\.php)(/.*)$;

4
conf/php-fpm.conf
View file

@ -419,8 +419,8 @@ chdir = __FINALPATH__
;php_admin_value[memory_limit] = 32M ;php_admin_value[memory_limit] = 32M
; Common values to change to increase file upload limit ; Common values to change to increase file upload limit
php_admin_value[upload_max_filesize] = 30M php_admin_value[upload_max_filesize] = 50M
php_admin_value[post_max_size] = 30M php_admin_value[post_max_size] = 50M
; php_admin_flag[mail.add_x_header] = Off ; php_admin_flag[mail.add_x_header] = Off
; Other common parameters ; Other common parameters

4
doc/DESCRIPTION.md
View file

@ -1 +1,5 @@
Minimalist pastebin where the server has zero knowledge of pasted data Minimalist pastebin where the server has zero knowledge of pasted data
Data is encrypted/decrypted in the browser using 256bit AES in Galois Counter mode.
This is a fork of ZeroBin, originally developed by Sébastien Sauvage. It was refactored to allow easier and cleaner extensions and has now much more features than the original. It is however still fully compatible to the original ZeroBin 0.19 data storage scheme. Therefore such installations can be upgraded to this fork without loosing any data.

4
doc/DESCRIPTION_fr.md
View file

@ -1 +1,5 @@
Pastebin minimaliste où le serveur n'a aucune connaissance des données copiées Pastebin minimaliste où le serveur n'a aucune connaissance des données copiées
Les données sont chiffrées et déchiffrées dans le navigateur en utilisant la technologie AES 256bits en mode Galois Counter (GCM).
Ce projet est un fork de ZeroBin, développé à l'origine par Sébastien Sauvage. Il a été ré-écrit pour accepter plus facilement des extensions en rajoutant plus de fonctionnalités. Il reste cependant compatible avec le schéma original de stockage des données Zerobin 0.19. Ainsi toutes les installations peuvent être mises à jour vers ce projet, sans perte de données.

6
doc/DISCLAIMER.md
View file

@ -1,10 +1,6 @@
## Additional information ## Additional information
Data is encrypted/decrypted in the browser using 256bit AES in Galois Counter mode. In the [update documentation](https://github.com/PrivateBin/PrivateBin/wiki/Configuration#zerobincompatibility) of PrivateBin, it is specified that:
This is a fork of ZeroBin, originally developed by Sébastien Sauvage. It was refactored to allow easier and cleaner extensions and has now much more features than the original. It is however still fully compatible to the original ZeroBin 0.19 data storage scheme. Therefore such installations can be upgraded to this fork without loosing any data.
In the [update documentation](https://github.com/PrivateBin/PrivateBin/wiki/Configuration#zerobincompatibility) of ParsteBin, it is specified that:
For full compatibility with ZeroBin and to be able to decrypt old pastes, you would enable this option. However this is not recommend for new installations as it weakens the security of your PrivateBin instance. For full compatibility with ZeroBin and to be able to decrypt old pastes, you would enable this option. However this is not recommend for new installations as it weakens the security of your PrivateBin instance.

4
doc/DISCLAIMER_fr.md
View file

@ -1,9 +1,5 @@
## Informations additionnelles ## Informations additionnelles
Les données sont chiffrées et déchiffrées dans le navigateur en utilisant la technologie AES 256bits en mode Galois Counter (GCM).
Ce projet est un fork de ZeroBin, développé à l'origine par Sébastien Sauvage. Il a été ré-écrit pour accepter plus facilement des extensions en rajoutant plus de fonctionnalités. Il reste cependant compatible avec le schéma original de stockage des données Zerobin 0.19. Ainsi toutes les installations peuvent être mises à jour vers ce projet, sans perte de données.
Dans la [documentation de mise à jour](https://github.com/PrivateBin/PrivateBin/wiki/Configuration#zerobincompatibility) de PrivateBin, il est précisé que : Dans la [documentation de mise à jour](https://github.com/PrivateBin/PrivateBin/wiki/Configuration#zerobincompatibility) de PrivateBin, il est précisé que :
Pour une compatibilité complète avec Zerobin et le déchiffrement de tous les vieux "paste", vous devriez activer cette option. Cependant, ce n'est pas recommandé pour les nouvelles installations car cela affaiblit la sécurité de votre instance PrivateBin. Pour une compatibilité complète avec Zerobin et le déchiffrement de tous les vieux "paste", vous devriez activer cette option. Cependant, ce n'est pas recommandé pour les nouvelles installations car cela affaiblit la sécurité de votre instance PrivateBin.

27
scripts/change_url
View file

@ -24,14 +24,11 @@ app=$YNH_APP_INSTANCE_NAME
#================================================= #=================================================
# LOAD SETTINGS # LOAD SETTINGS
#================================================= #=================================================
ynh_script_progression --message="Loading installation settings..." ynh_script_progression --message="Loading installation settings..." --weight=1
# Needed for helper "ynh_add_nginx_config" # Needed for helper "ynh_add_nginx_config"
final_path=$(ynh_app_setting_get --app=$app --key=final_path) final_path=$(ynh_app_setting_get --app=$app --key=final_path)
# Add settings here as needed by your application
is_public=$(ynh_app_setting_get --app=$app --key=is_public)
#================================================= #=================================================
# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP # BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP
#================================================= #=================================================
@ -96,32 +93,12 @@ then
ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
fi fi
#=================================================
# SPECIFIC MODIFICATIONS
#=================================================
# UPDATE SSOWAT
#=================================================
ynh_script_progression --message="Reconfiguring permissions..."
if [ $is_public -eq 0 ]
then
# If the app is private, viewing images stays publicly accessible.
if [ "$new_path" == "/" ]; then
# If the path is /, clear it to prevent any error with the regex.
new_path=""
fi
# Modify the domain to be used in a regex
domain_regex=$(echo "$new_domain" | sed 's@-@.@g')
ynh_app_setting_set --app=$app --key=protected_regex --value="$domain_regex$new_path/$"
ynh_app_setting_set --app=$app --key=unprotected_regex --value="$domain_regex$new_path/.*$"
fi
#================================================= #=================================================
# GENERIC FINALISATION # GENERIC FINALISATION
#================================================= #=================================================
# RELOAD NGINX # RELOAD NGINX
#================================================= #=================================================
ynh_script_progression --message="Reloading NGINX web server..." ynh_script_progression --message="Reloading NGINX web server..." --weight=1
ynh_systemd_action --service_name=nginx --action=reload ynh_systemd_action --service_name=nginx --action=reload

7
scripts/install
View file

@ -76,6 +76,7 @@ ynh_script_progression --message="Configuring PHP-FPM..." --weight=2
# Create a dedicated PHP-FPM config # Create a dedicated PHP-FPM config
ynh_add_fpm_config ynh_add_fpm_config
phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
#================================================= #=================================================
# NGINX CONFIGURATION # NGINX CONFIGURATION
@ -98,12 +99,6 @@ then
# Everyone can access the app. # Everyone can access the app.
# The "main" permission is automatically created before the install script. # The "main" permission is automatically created before the install script.
ynh_permission_update --permission="main" --add="visitors" ynh_permission_update --permission="main" --add="visitors"
else
# If the app is private, viewing paste stays publicly accessible.
# Modify the domain to be used in a regex
domain_regex=$(echo "$domain" | sed 's@-@.@g')
ynh_app_setting_set --app=$app --key=protected_regex --value="$domain_regex$path_url/$"
ynh_app_setting_set --app=$app --key=unprotected_regex --value="$domain_regex$path_url/.*$"
fi fi
#================================================= #=================================================

8
scripts/restore
View file

@ -54,19 +54,21 @@ ynh_script_progression --message="Restoring the app main directory..." --weight=
ynh_restore_file --origin_path="$final_path" ynh_restore_file --origin_path="$final_path"
chown -R $app:root $final_path/{data,tmp} chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path"
#================================================= #=================================================
# RESTORE THE PHP-FPM CONFIGURATION # RESTORE THE PHP-FPM CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Restoring the PHP-FPM configuration..." ynh_script_progression --message="Restoring the PHP-FPM configuration..." --weight=1
ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
#================================================= #=================================================
# RESTORE THE NGINX CONFIGURATION # RESTORE THE NGINX CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Restoring the NGINX web server configuration..." ynh_script_progression --message="Restoring the NGINX web server configuration..." --weight=1
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"

23
scripts/upgrade
View file

@ -31,12 +31,12 @@ upgrade_type=$(ynh_check_app_version_changed)
#================================================= #=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#================================================= #=================================================
ynh_script_progression --message="Backing up PrivateBin before upgrading (may take a while)..." --weight=3 ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=3
# Backup the current version of the app # Backup the current version of the app
ynh_backup_before_upgrade ynh_backup_before_upgrade
ynh_clean_setup () { ynh_clean_setup () {
# restore it if the upgrade fails # Restore it if the upgrade fails
ynh_restore_upgradebackup ynh_restore_upgradebackup
} }
# Exit if an error occurs during the execution of the script # Exit if an error occurs during the execution of the script
@ -82,6 +82,10 @@ then
ynh_setup_source --dest_dir="$final_path" ynh_setup_source --dest_dir="$final_path"
fi fi
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path"
#================================================= #=================================================
# PHP-FPM CONFIGURATION # PHP-FPM CONFIGURATION
#================================================= #=================================================
@ -98,21 +102,6 @@ ynh_script_progression --message="Upgrading NGINX web server configuration..." -
# Create a dedicated NGINX config # Create a dedicated NGINX config
ynh_add_nginx_config ynh_add_nginx_config
#=================================================
# SECURE FILES AND DIRECTORIES
#=================================================
# Set permissions to app files
chown -R root: $final_path
# Files owned by user specific can just read
find $final_path -type f | xargs chmod 644
find $final_path -type d | xargs chmod 755
# except for data and tmp subdir, where the user must have write permissions
mkdir -p $final_path/{data,tmp}
chown -R $app:root $final_path/{data,tmp}
chmod 700 $final_path/{data,tmp}
#================================================= #=================================================
# GENERIC FINALIZATION # GENERIC FINALIZATION
#================================================= #=================================================