From 73a4e69cad5f4a4491f42e99d40815d911bd2a3b Mon Sep 17 00:00:00 2001 From: yalh76 Date: Thu, 28 Jul 2022 21:27:54 +0200 Subject: [PATCH] Apply example_ynh --- .github/workflows/updater.sh | 106 ++++++++++++++++++++++++++++++++++ .github/workflows/updater.yml | 49 ++++++++++++++++ check_process | 3 +- conf/nginx.conf | 4 +- doc/DESCRIPTION.md | 1 + doc/DESCRIPTION_fr.md | 1 + doc/DISCLAIMER.md | 2 +- doc/DISCLAIMER_fr.md | 2 +- manifest.json | 4 +- scripts/_common.sh | 4 +- scripts/backup | 2 + scripts/change_url | 26 +++++---- scripts/install | 59 ++++++++++--------- scripts/remove | 10 ++-- scripts/restore | 36 ++++++------ scripts/upgrade | 61 +++++++++---------- 16 files changed, 268 insertions(+), 102 deletions(-) create mode 100644 .github/workflows/updater.sh create mode 100644 .github/workflows/updater.yml create mode 100644 doc/DESCRIPTION.md create mode 100644 doc/DESCRIPTION_fr.md diff --git a/.github/workflows/updater.sh b/.github/workflows/updater.sh new file mode 100644 index 0000000..d41ad6c --- /dev/null +++ b/.github/workflows/updater.sh @@ -0,0 +1,106 @@ +#!/bin/bash + +#================================================= +# PACKAGE UPDATING HELPER +#================================================= + +# This script is meant to be run by GitHub Actions +# The YunoHost-Apps organisation offers a template Action to run this script periodically +# Since each app is different, maintainers can adapt its contents so as to perform +# automatic actions when a new upstream release is detected. + +#================================================= +# FETCHING LATEST RELEASE AND ITS ASSETS +#================================================= + +# Fetching information +current_version=$(cat manifest.json | jq -j '.version|split("~")[0]') +repo=$(cat manifest.json | jq -j '.upstream.code|split("https://github.com/")[1]') +# Some jq magic is needed, because the latest upstream release is not always the latest version (e.g. security patches for older versions) +version=$(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '.[] | select( .prerelease != true ) | .tag_name' | sort -V | tail -1) +assets="https://github.com/PrivateBin/PrivateBin/archive/$version.tar.gz" + +# Later down the script, we assume the version has only digits and dots +# Sometimes the release name starts with a "v", so let's filter it out. +# You may need more tweaks here if the upstream repository has different naming conventions. +if [[ ${version:0:1} == "v" || ${version:0:1} == "V" ]]; then + version=${version:1} +fi + +# Setting up the environment variables +echo "Current version: $current_version" +echo "Latest release from upstream: $version" +echo "VERSION=$version" >> $GITHUB_ENV +echo "REPO=$repo" >> $GITHUB_ENV +# For the time being, let's assume the script will fail +echo "PROCEED=false" >> $GITHUB_ENV + +# Proceed only if the retrieved version is greater than the current one +if ! dpkg --compare-versions "$current_version" "lt" "$version" ; then + echo "::warning ::No new version available" + exit 0 +# Proceed only if a PR for this new version does not already exist +elif git ls-remote -q --exit-code --heads https://github.com/$GITHUB_REPOSITORY.git ci-auto-update-v$version ; then + echo "::warning ::A branch already exists for this update" + exit 0 +fi + +#================================================= +# UPDATE SOURCE FILES +#================================================= + +# Let's download source tarball +asset_url=$assets + +echo "Handling asset at $asset_url" + +src="app" + +# Create the temporary directory +tempdir="$(mktemp -d)" + +# Download sources and calculate checksum +filename=${asset_url##*/} +curl --silent -4 -L $asset_url -o "$tempdir/$filename" +checksum=$(sha256sum "$tempdir/$filename" | head -c 64) + +# Delete temporary directory +rm -rf $tempdir + +# Get extension +if [[ $filename == *.tar.gz ]]; then + extension=tar.gz +else + extension=${filename##*.} +fi + +# Rewrite source file +cat < conf/$src.src +SOURCE_URL=$asset_url +SOURCE_SUM=$checksum +SOURCE_SUM_PRG=sha256sum +SOURCE_FORMAT=$extension +SOURCE_IN_SUBDIR=true +SOURCE_FILENAME= +EOT +echo "... conf/$src.src updated" + +#================================================= +# SPECIFIC UPDATE STEPS +#================================================= + +# Any action on the app's source code can be done. +# The GitHub Action workflow takes care of committing all changes after this script ends. + +#================================================= +# GENERIC FINALIZATION +#================================================= + +# Replace new version in manifest +echo "$(jq -s --indent 4 ".[] | .version = \"$version~ynh1\"" manifest.json)" > manifest.json + +# No need to update the README, yunohost-bot takes care of it + +# The Action will proceed only if the PROCEED environment variable is set to true +echo "PROCEED=true" >> $GITHUB_ENV +exit 0 diff --git a/.github/workflows/updater.yml b/.github/workflows/updater.yml new file mode 100644 index 0000000..fb72ba0 --- /dev/null +++ b/.github/workflows/updater.yml @@ -0,0 +1,49 @@ +# This workflow allows GitHub Actions to automagically update your app whenever a new upstream release is detected. +# You need to enable Actions in your repository settings, and fetch this Action from the YunoHost-Apps organization. +# This file should be enough by itself, but feel free to tune it to your needs. +# It calls updater.sh, which is where you should put the app-specific update steps. +name: Check for new upstream releases +on: + # Allow to manually trigger the workflow + workflow_dispatch: + # Run it every day at 6:00 UTC + schedule: + - cron: '0 6 * * *' +jobs: + updater: + runs-on: ubuntu-latest + steps: + - name: Fetch the source code + uses: actions/checkout@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + - name: Run the updater script + id: run_updater + run: | + # Setting up Git user + git config --global user.name 'yunohost-bot' + git config --global user.email 'yunohost-bot@users.noreply.github.com' + # Run the updater script + /bin/bash .github/workflows/updater.sh + - name: Commit changes + id: commit + if: ${{ env.PROCEED == 'true' }} + run: | + git commit -am "Upgrade to v$VERSION" + - name: Create Pull Request + id: cpr + if: ${{ env.PROCEED == 'true' }} + uses: peter-evans/create-pull-request@v3 + with: + token: ${{ secrets.GITHUB_TOKEN }} + commit-message: Update to version ${{ env.VERSION }} + committer: 'yunohost-bot ' + author: 'yunohost-bot ' + signoff: false + base: testing + branch: ci-auto-update-v${{ env.VERSION }} + delete-branch: true + title: 'Upgrade to version ${{ env.VERSION }}' + body: | + Upgrade to v${{ env.VERSION }} + draft: false diff --git a/check_process b/check_process index 7cea352..ed2ea5a 100644 --- a/check_process +++ b/check_process @@ -8,12 +8,13 @@ setup_sub_dir=1 setup_root=1 setup_nourl=0 - setup_private=0 + setup_private=1 setup_public=1 upgrade=1 upgrade=1 from_commit=8ce6cac57048e5df294269989c2432d67bef4c5c backup_restore=1 multi_instance=1 + port_already_use=0 change_url=1 ;;; Options Email= diff --git a/conf/nginx.conf b/conf/nginx.conf index 7d5d76b..af017c4 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -13,8 +13,8 @@ location __PATH__/ { fastcgi_index index.php; include fastcgi_params; - fastcgi_param REMOTE_USER $remote_user; - fastcgi_param PATH_INFO $fastcgi_path_info; + fastcgi_param REMOTE_USER $remote_user; + fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param SCRIPT_FILENAME $request_filename; } diff --git a/doc/DESCRIPTION.md b/doc/DESCRIPTION.md new file mode 100644 index 0000000..050689a --- /dev/null +++ b/doc/DESCRIPTION.md @@ -0,0 +1 @@ +Minimalist pastebin where the server has zero knowledge of pasted data diff --git a/doc/DESCRIPTION_fr.md b/doc/DESCRIPTION_fr.md new file mode 100644 index 0000000..d9aa879 --- /dev/null +++ b/doc/DESCRIPTION_fr.md @@ -0,0 +1 @@ +Pastebin minimaliste où le serveur n'a aucune connaissance des données copiées diff --git a/doc/DISCLAIMER.md b/doc/DISCLAIMER.md index 3064cfd..04dad56 100755 --- a/doc/DISCLAIMER.md +++ b/doc/DISCLAIMER.md @@ -8,4 +8,4 @@ In the [update documentation](https://github.com/PrivateBin/PrivateBin/wiki/Conf For full compatibility with ZeroBin and to be able to decrypt old pastes, you would enable this option. However this is not recommend for new installations as it weakens the security of your PrivateBin instance. -This means that we have decided to delete the directory that allows us to save the data. You can save the 'data' directory, if you want to keep your data. But you should know that this weakens the security of this application. \ No newline at end of file +This means that we have decided to delete the directory that allows us to save the data. You can save the 'data' directory, if you want to keep your data. But you should know that this weakens the security of this application. diff --git a/doc/DISCLAIMER_fr.md b/doc/DISCLAIMER_fr.md index 3158fbb..829bc77 100755 --- a/doc/DISCLAIMER_fr.md +++ b/doc/DISCLAIMER_fr.md @@ -8,4 +8,4 @@ Dans la [documentation de mise à jour](https://github.com/PrivateBin/PrivateBin Pour une compatibilité complète avec Zerobin et le déchiffrement de tous les vieux "paste", vous devriez activer cette option. Cependant, ce n'est pas recommandé pour les nouvelles installations car cela affaiblit la sécurité de votre instance PrivateBin. -Ceci signifie que nous avons décidé de supprimer ce répertoire pour permettre la sécurisation des données. Vous pouvez sauvegarder le répertoire 'data', si vous voulez conservez vos données. Mais vous devriez savoir que cela réduit la sécurité de votre application. \ No newline at end of file +Ceci signifie que nous avons décidé de supprimer ce répertoire pour permettre la sécurisation des données. Vous pouvez sauvegarder le répertoire 'data', si vous voulez conservez vos données. Mais vous devriez savoir que cela réduit la sécurité de votre application. diff --git a/manifest.json b/manifest.json index e00ba13..66c0a4c 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "Minimalist pastebin where the server has zero knowledge of pasted data", "fr": "Pastebin minimaliste où le serveur n'a aucune connaissance des données copiées" }, - "version": "1.4.0~ynh1", + "version": "1.4.0~ynh2", "url": "https://github.com/PrivateBin/PrivateBin", "upstream": { "license": "Zlib", @@ -29,7 +29,7 @@ "php7.3-fpm" ], "arguments": { - "install" : [ + "install": [ { "name": "domain", "type": "domain" diff --git a/scripts/_common.sh b/scripts/_common.sh index a248e8a..944a65e 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -4,8 +4,6 @@ # COMMON VARIABLES #================================================= -YNH_PHP_VERSION="7.3" - #================================================= # PERSONAL HELPERS #================================================= @@ -16,4 +14,4 @@ YNH_PHP_VERSION="7.3" #================================================= # FUTURE OFFICIAL HELPERS -#================================================= \ No newline at end of file +#================================================= diff --git a/scripts/backup b/scripts/backup index ea50559..75ce3e0 100644 --- a/scripts/backup +++ b/scripts/backup @@ -6,6 +6,7 @@ # IMPORT GENERIC HELPERS #================================================= +# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers @@ -13,6 +14,7 @@ source /usr/share/yunohost/helpers # MANAGE SCRIPT FAILURE #================================================= +# Exit if an error occurs during the execution of the script ynh_abort_if_errors #================================================= diff --git a/scripts/change_url b/scripts/change_url index d7240ac..e69e0b0 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -28,10 +28,12 @@ ynh_script_progression --message="Loading installation settings..." # Needed for helper "ynh_add_nginx_config" final_path=$(ynh_app_setting_get --app=$app --key=final_path) + +# Add settings here as needed by your application is_public=$(ynh_app_setting_get --app=$app --key=is_public) #================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP #================================================= ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=1 @@ -94,6 +96,8 @@ then ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" fi +#================================================= +# SPECIFIC MODIFICATIONS #================================================= # UPDATE SSOWAT #================================================= @@ -101,15 +105,15 @@ ynh_script_progression --message="Reconfiguring permissions..." if [ $is_public -eq 0 ] then - # If the app is private, viewing images stays publicly accessible. - if [ "$new_path" == "/" ]; then - # If the path is /, clear it to prevent any error with the regex. - new_path="" - fi - # Modify the domain to be used in a regex - domain_regex=$(echo "$new_domain" | sed 's@-@.@g') - ynh_app_setting_set --app=$app --key=protected_regex --value="$domain_regex$new_path/$" - ynh_app_setting_set --app=$app --key=unprotected_regex --value="$domain_regex$new_path/.*$" + # If the app is private, viewing images stays publicly accessible. + if [ "$new_path" == "/" ]; then + # If the path is /, clear it to prevent any error with the regex. + new_path="" + fi + # Modify the domain to be used in a regex + domain_regex=$(echo "$new_domain" | sed 's@-@.@g') + ynh_app_setting_set --app=$app --key=protected_regex --value="$domain_regex$new_path/$" + ynh_app_setting_set --app=$app --key=unprotected_regex --value="$domain_regex$new_path/.*$" fi #================================================= @@ -125,4 +129,4 @@ ynh_systemd_action --service_name=nginx --action=reload # END OF SCRIPT #================================================= -ynh_script_progression --message="Change of URL completed for PrivateBin" --last +ynh_script_progression --message="Change of URL completed for $app" --last diff --git a/scripts/install b/scripts/install index 44b34de..bb9b127 100644 --- a/scripts/install +++ b/scripts/install @@ -13,6 +13,7 @@ source /usr/share/yunohost/helpers # MANAGE SCRIPT FAILURE #================================================= +# Exit if an error occurs during the execution of the script ynh_abort_if_errors #================================================= @@ -47,6 +48,14 @@ ynh_app_setting_set --app=$app --key=is_public --value=$is_public #================================================= # STANDARD MODIFICATIONS +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Configuring system user..." --weight=3 + +# Create a system user +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -56,6 +65,14 @@ ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" +#================================================= +# PHP-FPM CONFIGURATION +#================================================= +ynh_script_progression --message="Configuring PHP-FPM..." --weight=2 + +# Create a dedicated PHP-FPM config +ynh_add_fpm_config + #================================================= # NGINX CONFIGURATION #================================================= @@ -65,24 +82,7 @@ ynh_script_progression --message="Configuring NGINX web server..." --weight=1 ynh_add_nginx_config #================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." --weight=3 - -# Create a system user -ynh_system_user_create --username=$app - -#================================================= -# PHP-FPM CONFIGURATION -#================================================= -ynh_script_progression --message="Configuring PHP-FPM..." --weight=2 - -# Create a dedicated PHP-FPM config -ynh_add_fpm_config -phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) - -#================================================= -# GENERIC FINALIZATION +# SPECIFIC SETUP #================================================= # SECURE FILES AND DIRECTORIES #================================================= @@ -98,21 +98,24 @@ mkdir -p $final_path/{data,tmp} chown -R $app:root $final_path/{data,tmp} chmod 700 $final_path/{data,tmp} +#================================================= +# GENERIC FINALIZATION #================================================= # SETUP SSOWAT #================================================= -ynh_script_progression --message="Configuring permissions..." --weight=1 +ynh_script_progression --message="Configuring permissions..." --weight=1 # If app is public, add url to SSOWat conf as skipped_uris -if [ $is_public -eq 1 ]; then - # unprotected_uris allows SSO credentials to be passed anyway. - ynh_permission_update --permission="main" --add="visitors" +if [ $is_public -eq 1 ] +then + # unprotected_uris allows SSO credentials to be passed anyway. + ynh_permission_update --permission="main" --add="visitors" else - # If the app is private, viewing paste stays publicly accessible. - # Modify the domain to be used in a regex - domain_regex=$(echo "$domain" | sed 's@-@.@g') - ynh_app_setting_set --app=$app --key=protected_regex --value="$domain_regex$path_url/$" - ynh_app_setting_set --app=$app --key=unprotected_regex --value="$domain_regex$path_url/.*$" + # If the app is private, viewing paste stays publicly accessible. + # Modify the domain to be used in a regex + domain_regex=$(echo "$domain" | sed 's@-@.@g') + ynh_app_setting_set --app=$app --key=protected_regex --value="$domain_regex$path_url/$" + ynh_app_setting_set --app=$app --key=unprotected_regex --value="$domain_regex$path_url/.*$" fi #================================================= @@ -126,4 +129,4 @@ ynh_systemd_action --service_name=nginx --action=reload # END OF SCRIPT #================================================= -ynh_script_progression --message="Installation of PrivateBin completed" --last +ynh_script_progression --message="Installation of $app completed" --last diff --git a/scripts/remove b/scripts/remove index 5d1d855..5a201e7 100644 --- a/scripts/remove +++ b/scripts/remove @@ -24,7 +24,7 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path) #================================================= # REMOVE APP MAIN DIR #================================================= -ynh_script_progression --message="Removing PrivateBin main directory" --weight=2 +ynh_script_progression --message="Removing app main directory..." --weight=2 # Remove the app directory securely ynh_secure_remove --file="$final_path" @@ -32,7 +32,7 @@ ynh_secure_remove --file="$final_path" #================================================= # REMOVE NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Removing NGINX web server configuration" --weight=3 +ynh_script_progression --message="Removing NGINX web server configuration..." --weight=3 # Remove the dedicated NGINX config ynh_remove_nginx_config @@ -40,7 +40,7 @@ ynh_remove_nginx_config #================================================= # REMOVE PHP-FPM CONFIGURATION #================================================= -ynh_script_progression --message="Removing PHP-FPM configuration" --weight=1 +ynh_script_progression --message="Removing PHP-FPM configuration..." --weight=1 # Remove the dedicated PHP-FPM config ynh_remove_fpm_config @@ -50,7 +50,7 @@ ynh_remove_fpm_config #================================================= # REMOVE DEDICATED USER #================================================= -ynh_script_progression --message="Removing the dedicated system user" --weight=2 +ynh_script_progression --message="Removing the dedicated system user..." --weight=2 # Delete a system user ynh_system_user_delete --username=$app @@ -59,4 +59,4 @@ ynh_system_user_delete --username=$app # END OF SCRIPT #================================================= -ynh_script_progression --message="Removal of PrivateBin completed" --last +ynh_script_progression --message="Removal of $app completed" --last diff --git a/scripts/restore b/scripts/restore index cb8e981..43bfbed 100644 --- a/scripts/restore +++ b/scripts/restore @@ -6,6 +6,7 @@ # IMPORT GENERIC HELPERS #================================================= +# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers @@ -19,7 +20,7 @@ ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading settings..." --weight=1 +ynh_script_progression --message="Loading installation settings..." --weight=1 app=$YNH_APP_INSTANCE_NAME @@ -33,43 +34,42 @@ phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= ynh_script_progression --message="Validating restoration parameters..." --weight=2 -test ! -d $final_path || ynh_die --message="There is already a directory: $final_path " +test ! -d $final_path \ + || ynh_die --message="There is already a directory: $final_path " #================================================= # STANDARD RESTORATION STEPS -#================================================= -# RESTORE THE NGINX CONFIGURATION -#================================================= - -ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" - -#================================================= -# RESTORE THE APP MAIN DIR -#================================================= -ynh_script_progression --message="Restoring PrivateBin main directory..." --weight=6 - -ynh_restore_file --origin_path="$final_path" - #================================================= # RECREATE THE DEDICATED USER #================================================= ynh_script_progression --message="Recreating the dedicated system user..." --weight=4 # Create the dedicated user (if not existing) -ynh_system_user_create --username=$app +ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= -# RESTORE USER RIGHTS +# RESTORE THE APP MAIN DIR #================================================= +ynh_script_progression --message="Restoring the app main directory..." --weight=6 + +ynh_restore_file --origin_path="$final_path" chown -R $app:root $final_path/{data,tmp} #================================================= # RESTORE THE PHP-FPM CONFIGURATION #================================================= +ynh_script_progression --message="Restoring the PHP-FPM configuration..." ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" +#================================================= +# RESTORE THE NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Restoring the NGINX web server configuration..." + +ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" + #================================================= # GENERIC FINALIZATION #================================================= @@ -84,4 +84,4 @@ ynh_systemd_action --service_name=nginx --action=reload # END OF SCRIPT #================================================= -ynh_script_progression --message="Restoration completed for PrivateBin" --last +ynh_script_progression --message="Restoration completed for $app" --last diff --git a/scripts/upgrade b/scripts/upgrade index 0a7ec94..824af72 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -25,9 +25,26 @@ phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= # CHECK VERSION #================================================= +ynh_script_progression --message="Checking version..." upgrade_type=$(ynh_check_app_version_changed) +#================================================= +# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +#================================================= +ynh_script_progression --message="Backing up PrivateBin before upgrading (may take a while)..." --weight=3 + +# Backup the current version of the app +ynh_backup_before_upgrade +ynh_clean_setup () { + # restore it if the upgrade fails + ynh_restore_upgradebackup +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + +#================================================= +# STANDARD UPGRADE STEPS #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= @@ -59,21 +76,13 @@ if [ -z "$final_path" ]; then fi #================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +# CREATE DEDICATED USER #================================================= -ynh_script_progression --message="Backing up PrivateBin before upgrading (may take a while)..." --weight=3 +ynh_script_progression --message="Making sure dedicated system user exists..." --weight=2 -# Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { - # restore it if the upgrade fails - ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors +# Create a dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" -#================================================= -# STANDARD UPGRADE STEPS #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -86,22 +95,6 @@ then ynh_setup_source --dest_dir="$final_path" fi -#================================================= -# NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=1 - -# Create a dedicated NGINX config -ynh_add_nginx_config - -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Making sure dedicated system user exists..." --weight=2 - -# Create a dedicated user (if not existing) -ynh_system_user_create --username=$app - #================================================= # PHP-FPM CONFIGURATION #================================================= @@ -111,7 +104,13 @@ ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=3 ynh_add_fpm_config #================================================= -# GENERIC FINALIZATION +# NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=1 + +# Create a dedicated NGINX config +ynh_add_nginx_config + #================================================= # SECURE FILES AND DIRECTORIES #================================================= @@ -127,6 +126,8 @@ mkdir -p $final_path/{data,tmp} chown -R $app:root $final_path/{data,tmp} chmod 700 $final_path/{data,tmp} +#================================================= +# GENERIC FINALIZATION #================================================= # RELOAD NGINX #================================================= @@ -138,4 +139,4 @@ ynh_systemd_action --service_name=nginx --action=reload # END OF SCRIPT #================================================= -ynh_script_progression --message="Upgrade of PrivateBin completed" --last +ynh_script_progression --message="Upgrade of $app completed" --last