YunoHost-Apps/privatebin_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/privatebin_ynh.git synced 2024-09-03 20:15:56 +02:00
Code Issues Activity Actions

Merge pull request #29 from YunoHost-Apps/package_upgrade

Browse source 
Package upgrade
This commit is contained in:
Maniack Crudelis 2019-05-12 12:05:19 +02:00 committed by GitHub
commit fd2c858243
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
10 changed files with 272 additions and 184 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

94
README.md
View file

@ -1,38 +1,12 @@
# PrivateBin package for YunoHost
# PrivateBin for YunoHost
[![Integration level](https://dash.yunohost.org/integration/zerobin.svg)](https://dash.yunohost.org/appci/app/zerobin)
[![Install PrivateBin with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=zerobin)
## PrivateBin cest quoi ?
> *This package allow you to install PrivateBin quickly and simply on a YunoHost server.
If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to know how to install and enjoy it.*
PrivateBin est un pastebin en ligne open source minimaliste où le serveur n'a aucune connaissance des données collées.
Les données sont chiffrées / déchiffrées dans le navigateur à l'aide de 256bit AES en mode Galois Counter.
C'est un fork de ZeroBin, développée à l'origine par Sébastien Sauvage. Il a été recodé pour permettre des extensions plus faciles et plus propres et a maintenant beaucoup plus de fonctionnalités que l'original. Cependant, il est encore entièrement compatible avec le système de stockage de données original ZeroBin 0.19. Par conséquent, de telles installations peuvent être mises à niveau vers ce fork sans perdre de données.
Source : [privatebin.info](https://privatebin.info)
### Installation
```bash
$ sudo yunohost app install zerobin
```
### Mise à jour
```bash
$ sudo yunohost app upgrade --verbose zerobin -u https://github.com/YunoHost-Apps/zerobin_ynh.git
```
### Recommandation
Dans la [documentation de mise à jour](https://github.com/PrivateBin/PrivateBin/wiki/Configuration#zerobincompatibility) de Parsebin, il est précisé que :
> Pour une compatibilité totale avec ZeroBin et pour pouvoir décrypter les anciennes données, vous autoriseriez cette option. Cependant, cela n'est pas recommandé pour les nouvelles installations car cela affaiblit la sécurité de votre instance PrivateBin.
Ce qui veut dire que nous avons pris le parti de supprimer le répertoire qui permet de sauvegarder les données. Vous pouvez sauvegarder le répertoire 'data', si vous souhaitez concerver vos données. Mais vous devez savoir que celà affaibli la sécurité de cette application.
---
## What is PrivateBin?
## Overview
PrivateBin is a minimalist, open source online pastebin where the server has zero knowledge of pasted data.
@ -40,22 +14,60 @@ Data is encrypted/decrypted in the browser using 256bit AES in Galois Counter mo
This is a fork of ZeroBin, originally developed by Sébastien Sauvage. It was refactored to allow easier and cleaner extensions and has now much more features than the original. It is however still fully compatible to the original ZeroBin 0.19 data storage scheme. Therefore such installations can be upgraded to this fork without loosing any data.
Source: [privatebin.info](https://privatebin.info)
**Shipped version:** 1.1.1
### Install
```bash
$ sudo yunohost app install zerobin
```
## Screenshots
### Update
```bash
$ sudo yunohost app upgrade --verbose zerobin -u https://github.com/YunoHost-Apps/zerobin_ynh.git
```
![](https://privatebin.info/img/1.0/bootstrap.png)
### Recommandation
## Demo
* [YunoHost demo](https://demo.yunohost.org/zerobin/)
* [Official demo](https://privatebin.net/)
## Configuration
## Documentation
* Official documentation: https://github.com/PrivateBin/PrivateBin/wiki
## YunoHost specific features
#### Multi-users support
#### Supported architectures
* x86-64b - [![Build Status](https://ci-apps.yunohost.org/ci/logs/zerobin%20%28Official%29.svg)](https://ci-apps.yunohost.org/ci/apps/zerobin/)
* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/zerobin%20%28Official%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/zerobin/)
* Jessie x86-64b - [![Build Status](https://ci-stretch.nohost.me/ci/logs/zerobin%20%28Official%29.svg)](https://ci-stretch.nohost.me/ci/apps/zerobin/)
## Limitations
## Additional information
In the [update documentation](https://github.com/PrivateBin/PrivateBin/wiki/Configuration#zerobincompatibility) of Parsebin, it is specified that:
For full compatibility with ZeroBin and to be able to decrypt old pastes, you would enable this option. However this is not recommend for new installations as it weakens the security of your PrivateBin instance.
This means that we have decided to delete the directory that allows us to save the data. You can save the 'data' directory, if you want to keep your data. But you should know that this weakens the security of this application.
## Links
* Report a bug: https://github.com/YunoHost-Apps/zerobin_ynh/issues
* PrivateBin website: https://privatebin.info/
* YunoHost website: https://yunohost.org/
---
Developers info
----------------
**Only if you want to use a testing branch for coding, instead of merging directly into master.**
Please do your pull request to the [testing branch](https://github.com/YunoHost-Apps/zerobin_ynh/tree/testing).
To try the testing branch, please proceed like that.
```
sudo yunohost app install https://github.com/YunoHost-Apps/zerobin_ynh/tree/testing --debug
or
sudo yunohost app upgrade zerobin -u https://github.com/YunoHost-Apps/zerobin_ynh/tree/testing --debug
```

9
check_process
View file

@ -18,16 +18,7 @@
port_already_use=0
change_url=0
;;; Levels
Level 1=auto
Level 2=auto
Level 3=auto
Level 4=na
Level 5=auto
Level 6=auto
Level 7=auto
Level 8=0
Level 9=0
Level 10=0
;;; Options
Email=
Notification=none

12
conf/nginx.conf
View file

@ -1,13 +1,21 @@
location __PATH__ {
#sub_path_only rewrite ^__PATH__$ __PATH__/ permanent;
location __PATH__/ {
# Path to source
alias __FINALPATH__/;
# Force usage of https
if ($scheme = http) {
rewrite ^ https://$server_name$request_uri? permanent;
}
index index.php;
try_files $uri $uri/ index.php;
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
fastcgi_pass unix:/var/run/php5-fpm-__NAME__.sock;
fastcgi_pass unix:/var/run/php/php7.0-fpm-__NAME__.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param REMOTE_USER $remote_user;

112
conf/php-fpm.conf
View file

@ -1,10 +1,11 @@
; Start a new pool named 'www'.
; the variable $pool can we used in any directive and will be replaced by the
; the variable $pool can be used in any directive and will be replaced by the
; pool name ('www' here)
[__NAMETOCHANGE__]
; Per pool prefix
; It only applies on the following directives:
; - 'access.log'
; - 'slowlog'
; - 'listen' (unixsocket)
; - 'chroot'
@ -24,28 +25,35 @@ group = __USER__
; The address on which to accept FastCGI requests.
; Valid syntaxes are:
; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific address on
; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on
; a specific port;
; 'port' - to listen on a TCP socket to all addresses on a
; specific port;
; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
; a specific port;
; 'port' - to listen on a TCP socket to all addresses
; (IPv6 and IPv4-mapped) on a specific port;
; '/path/to/unix/socket' - to listen on a unix socket.
; Note: This value is mandatory.
listen = /var/run/php5-fpm-__NAMETOCHANGE__.sock
listen = /var/run/php/php7.0-fpm-__NAMETOCHANGE__.sock
; Set listen(2) backlog.
; Default Value: 128 (-1 on FreeBSD and OpenBSD)
;listen.backlog = 128
; Default Value: 511 (-1 on FreeBSD and OpenBSD)
;listen.backlog = 511
; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many
; BSD-derived systems allow connections regardless of permissions.
; BSD-derived systems allow connections regardless of permissions.
; Default Values: user and group are set as the running user
; mode is set to 0660
listen.owner = www-data
listen.group = www-data
;listen.mode = 0660
; List of ipv4 addresses of FastCGI clients which are allowed to connect.
; When POSIX Access Control Lists are supported you can set them using
; these options, value is a comma separated list of user/group names.
; When set, listen.owner and listen.group are ignored
;listen.acl_users =
;listen.acl_groups =
; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect.
; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
; must be separated by a comma. If this value is left blank, connections will be
@ -59,7 +67,13 @@ listen.group = www-data
; - The pool processes will inherit the master process priority
; unless it specified otherwise
; Default Value: no set
; priority = -19
; process.priority = -19
; Set the process dumpable flag (PR_SET_DUMPABLE prctl) even if the process user
; or group is differrent than the master process user. It allows to create process
; core dump and ptrace the process for the pool user.
; Default Value: no
; process.dumpable = yes
; Choose how the process manager will control the number of child processes.
; Possible Values:
@ -96,7 +110,7 @@ pm = dynamic
; forget to tweak pm.* to fit your needs.
; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand'
; Note: This value is mandatory.
pm.max_children = 10
pm.max_children = 5
; The number of child processes created on startup.
; Note: Used only when pm is set to 'dynamic'
@ -117,12 +131,12 @@ pm.max_spare_servers = 3
; Note: Used only when pm is set to 'ondemand'
; Default Value: 10s
;pm.process_idle_timeout = 10s;
; The number of requests each child process should execute before respawning.
; This can be useful to work around memory leaks in 3rd party libraries. For
; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
; Default Value: 0
pm.max_requests = 500
;pm.max_requests = 500
; The URI to view the FPM status page. If this value is not set, no URI will be
; recognized as a status page. It shows the following informations:
@ -170,7 +184,7 @@ pm.max_requests = 500
;
; By default the status page only outputs short status. Passing 'full' in the
; query string will also return status for each pool process.
; Example:
; Example:
; http://www.foo.bar/status?full
; http://www.foo.bar/status?json&full
; http://www.foo.bar/status?html&full
@ -215,14 +229,14 @@ pm.max_requests = 500
; last request memory: 0
;
; Note: There is a real-time FPM status monitoring sample web page available
; It's available in: ${prefix}/share/fpm/status.html
; It's available in: /usr/share/php/7.0/fpm/status.html
;
; Note: The value must start with a leading slash (/). The value can be
; anything, but it may not be a good idea to use the .php extension or it
; may conflict with a real PHP file.
; Default Value: not set
; Default Value: not set
;pm.status_path = /status
; The ping URI to call the monitoring page of FPM. If this value is not set, no
; URI will be recognized as a ping page. This could be used to test from outside
; that FPM is alive and responding, or to
@ -275,7 +289,7 @@ pm.max_requests = 500
; - %{megabytes}M
; - %{mega}M
; %n: pool name
; %o: ouput header
; %o: output header
; it must be associated with embraces to specify the name of the header:
; - %{Content-Type}o
; - %{X-Powered-By}o
@ -283,7 +297,7 @@ pm.max_requests = 500
; - ....
; %p: PID of the child that serviced the request
; %P: PID of the parent of the child that serviced the request
; %q: the query string
; %q: the query string
; %Q: the '?' character if query string exists
; %r: the request URI (without the query string, see %q and %Q)
; %R: remote IP address
@ -291,72 +305,85 @@ pm.max_requests = 500
; %t: server time the request was received
; it can accept a strftime(3) format:
; %d/%b/%Y:%H:%M:%S %z (default)
; The strftime(3) format must be encapsuled in a %{<strftime_format>}t tag
; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
; %T: time the log has been written (the request has finished)
; it can accept a strftime(3) format:
; %d/%b/%Y:%H:%M:%S %z (default)
; The strftime(3) format must be encapsuled in a %{<strftime_format>}t tag
; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
; %u: remote user
;
; Default: "%R - %u %t \"%m %r\" %s"
;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"
; The log file for slow requests
; Default Value: not set
; Note: slowlog is mandatory if request_slowlog_timeout is set
slowlog = /var/log/nginx/__NAMETOCHANGE__.slow.log
;slowlog = log/$pool.log.slow
; The timeout for serving a single request after which a PHP backtrace will be
; dumped to the 'slowlog' file. A value of '0s' means 'off'.
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
; Default Value: 0
request_slowlog_timeout = 5s
;request_slowlog_timeout = 0
; The timeout for serving a single request after which the worker process will
; be killed. This option should be used when the 'max_execution_time' ini option
; does not stop script execution for some reason. A value of '0' means 'off'.
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
; Default Value: 0
request_terminate_timeout = 1d
; Set open file descriptor rlimit.
; Default Value: system defined value
;rlimit_files = 1024
; Set max core size rlimit.
; Possible Values: 'unlimited' or an integer greater or equal to 0
; Default Value: system defined value
;rlimit_core = 0
; Chroot to this directory at the start. This value must be defined as an
; absolute path. When this value is not set, chroot is not used.
; Note: you can prefix with '$prefix' to chroot to the pool prefix or one
; of its subdirectories. If the pool prefix is not set, the global prefix
; will be used instead.
; Note: chrooting is a great security feature and should be used whenever
; Note: chrooting is a great security feature and should be used whenever
; possible. However, all PHP paths will be relative to the chroot
; (error_log, sessions.save_path, ...).
; Default Value: not set
;chroot =
;chroot =
; Chdir to this directory at the start.
; Note: relative path can be used.
; Default Value: current directory or / when chroot
chdir = __FINALPATH__
; Redirect worker stdout and stderr into main error log. If not set, stdout and
; stderr will be redirected to /dev/null according to FastCGI specs.
; Note: on highloaded environement, this can cause some delay in the page
; process time (several ms).
; Default Value: no
catch_workers_output = yes
;catch_workers_output = yes
; Clear environment in FPM workers
; Prevents arbitrary environment variables from reaching FPM worker processes
; by clearing the environment in workers before env vars specified in this
; pool configuration are added.
; Setting to "no" will make all environment variables available to PHP code
; via getenv(), $_ENV and $_SERVER.
; Default Value: yes
;clear_env = no
; Limits the extensions of the main script FPM will allow to parse. This can
; prevent configuration mistakes on the web server side. You should only limit
; FPM to .php extensions to prevent malicious users to use other extensions to
; exectute php code.
; execute php code.
; Note: set an empty value to allow all extensions.
; Default Value: .php
;security.limit_extensions = .php .php3 .php4 .php5
;security.limit_extensions = .php .php3 .php4 .php5 .php7
; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
; the current environment.
; Default Value: clean env
@ -370,7 +397,7 @@ catch_workers_output = yes
; overwrite the values previously defined in the php.ini. The directives are the
; same as the PHP SAPI:
; php_value/php_flag - you can set classic ini defines which can
; be overwritten from PHP call 'ini_set'.
; be overwritten from PHP call 'ini_set'.
; php_admin_value/php_admin_flag - these directives won't be overwritten by
; PHP call 'ini_set'
; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no.
@ -391,5 +418,16 @@ catch_workers_output = yes
;php_admin_flag[log_errors] = on
;php_admin_value[memory_limit] = 32M
; Common values to change to increase file upload limit
; php_admin_value[upload_max_filesize] = 50M
; php_admin_value[post_max_size] = 50M
; php_admin_flag[mail.add_x_header] = Off
; Other common parameters
; php_admin_value[max_execution_time] = 600
; php_admin_value[max_input_time] = 300
; php_admin_value[memory_limit] = 256M
; php_admin_flag[short_open_tag] = On
php_admin_value[upload_max_filesize] = 30M
php_admin_value[post_max_size] = 30M

6
manifest.json
View file

@ -6,7 +6,7 @@
"en": "A minimalist, opensource online pastebin where the server has zero knowledge of pasted data",
"fr": "Un pastebin minimaliste, libre et où le serveur n'a aucune connaissance des données copiées"
},
"version": "1.1.1",
"version": "1.1.1~ynh2",
"url": "http://sebsauvage.net/wiki/doku.php?id=php:zerobin",
"license": "Zlib",
"maintainer": {
@ -14,7 +14,7 @@
"email": "julien.malik@paraiso.me"
},
"requirements": {
"yunohost": ">= 2.7.2"
"yunohost": ">= 3.5"
},
"multi_instance": true,
"services": [
@ -49,7 +49,7 @@
"en": "Is it a public Zerobin site ?",
"fr": "Est-ce un site public ?"
},
"default": "true"
"default": true
}
]
}

22
scripts/backup
View file

@ -2,11 +2,11 @@
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
# source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
#=================================================
@ -19,28 +19,38 @@ ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..."
app=$YNH_APP_INSTANCE_NAME
final_path=$(ynh_app_setting_get $app final_path)
domain=$(ynh_app_setting_get $app domain)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
domain=$(ynh_app_setting_get --app=$app --key=domain)
#=================================================
# STANDARD BACKUP STEPS
#=================================================
# BACKUP THE APP MAIN DIR
#=================================================
ynh_script_progression --message="Backing up the main app directory..."
ynh_backup "$final_path"
ynh_backup --src_path="$final_path"
#=================================================
# BACKUP THE NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Backing up nginx web server configuration..."
ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# BACKUP THE PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Backing up php-fpm configuration..."
ynh_backup "/etc/php5/fpm/pool.d/$app.conf"
ynh_backup --src_path="/etc/php/7.0/fpm/pool.d/$app.conf"
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." --last

43
scripts/install
View file

@ -6,6 +6,7 @@
# IMPORT GENERIC HELPERS
#=================================================
# source _common.sh
source /usr/share/yunohost/helpers
#=================================================
@ -19,7 +20,6 @@ ynh_abort_if_errors
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================
# Retrieve arguments
domain=$YNH_APP_ARG_DOMAIN
path_url=$YNH_APP_ARG_PATH
is_public=$YNH_APP_ARG_IS_PUBLIC
@ -29,39 +29,38 @@ app=$YNH_APP_INSTANCE_NAME
#=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#=================================================
ynh_script_progression --message="Validating installation parameters..."
final_path=/var/www/$app
test ! -e "$final_path" || ynh_die "This path already contains a folder"
test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
# Normalize the url path syntax
path_url=$(ynh_normalize_url_path $path_url)
# Check web path availability
ynh_webpath_available $domain $path_url
# Register (book) web path
ynh_webpath_register $app $domain $path_url
ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
ynh_script_progression --message="Storing installation settings..."
ynh_app_setting_set $app domain $domain
ynh_app_setting_set $app path $path_url
ynh_app_setting_set $app is_public $is_public
ynh_app_setting_set --app=$app --key=domain --value=$domain
ynh_app_setting_set --app=$app --key=path --value=$path_url
ynh_app_setting_set --app=$app --key=is_public --value=$is_public
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression --message="Setting up source files..." --weight=3
ynh_app_setting_set $app final_path $final_path
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source "$final_path"
ynh_setup_source --dest_dir="$final_path"
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring nginx web server..."
# Create a dedicated nginx config
ynh_add_nginx_config
@ -69,13 +68,15 @@ ynh_add_nginx_config
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Configuring system user..." --weight=3
# Create a system user
ynh_system_user_create $app
ynh_system_user_create --username=$app
#=================================================
# PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring php-fpm..." --weight=2
# Create a dedicated php-fpm config
ynh_add_fpm_config
@ -92,7 +93,7 @@ chown -R root: $final_path
find $final_path -type f | xargs chmod 644
find $final_path -type d | xargs chmod 755
# except for data and tmp subdir, where the user must have write permissions
# Except for data and tmp subdir, where the user must have write permissions
mkdir -p $final_path/{data,tmp}
chown -R $app:root $final_path/{data,tmp}
chmod 700 $final_path/{data,tmp}
@ -100,15 +101,23 @@ chmod 700 $final_path/{data,tmp}
#=================================================
# SETUP SSOWAT
#=================================================
ynh_script_progression --message="Configuring SSOwat..."
# If app is public, add url to SSOWat conf as skipped_uris
if [ $is_public -eq 1 ]; then
# unprotected_uris allows SSO credentials to be passed anyway.
ynh_app_setting_set "$app" unprotected_uris "/"
ynh_app_setting_set --app=$app --key=unprotected_uris --value="/"
fi
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading nginx web server..."
systemctl reload nginx
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Installation of $app completed" --last

22
scripts/remove
View file

@ -6,31 +6,33 @@
# IMPORT GENERIC HELPERS
#=================================================
# source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..." --weight=2
# Get multi-instances specific variables
app=$YNH_APP_INSTANCE_NAME
# Retrieve arguments
domain=$(ynh_app_setting_get "$app" domain)
final_path=$(ynh_app_setting_get $app final_path)
domain=$(ynh_app_setting_get --app=$app --key=domain)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
#=================================================
# STANDARD REMOVE
#=================================================
# REMOVE APP MAIN DIR
#=================================================
ynh_script_progression --message="Removing app main directory" --weight=2
# Remove the app directory securely
ynh_secure_remove "$final_path"
ynh_secure_remove --file="$final_path"
#=================================================
# REMOVE NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Removing nginx web server configuration" --weight=3
# Remove the dedicated nginx config
ynh_remove_nginx_config
@ -38,6 +40,7 @@ ynh_remove_nginx_config
#=================================================
# REMOVE PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Removing php-fpm configuration"
# Remove the dedicated php-fpm config
ynh_remove_fpm_config
@ -47,6 +50,13 @@ ynh_remove_fpm_config
#=================================================
# REMOVE DEDICATED USER
#=================================================
ynh_script_progression --message="Removing the dedicated system user"
# Delete a system user
ynh_system_user_delete $app
ynh_system_user_delete --username=$app
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Removal of $app completed" --last

36
scripts/restore
View file

@ -6,6 +6,7 @@
# IMPORT GENERIC HELPERS
#=================================================
# source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
#=================================================
@ -18,21 +19,23 @@ ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading settings..."
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get $app domain)
path_url=$(ynh_app_setting_get $app path)
final_path=$(ynh_app_setting_get $app final_path)
domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app=$app --key=path)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
#=================================================
# CHECK IF THE APP CAN BE RESTORED
#=================================================
ynh_script_progression --message="Validating restoration parameters..." --weight=2
ynh_webpath_available $domain $path_url \
|| ynh_die "Path not available: ${domain}${path_url}"
ynh_webpath_available --domain=$domain --path_url=$path_url \
|| ynh_die --message="Path not available: ${domain}${path_url}"
test ! -d $final_path \
|| ynh_die "There is already a directory: $final_path "
|| ynh_die --message="There is already a directory: $final_path "
#=================================================
# STANDARD RESTORATION STEPS
@ -40,20 +43,22 @@ test ! -d $final_path \
# RESTORE THE NGINX CONFIGURATION
#=================================================
ynh_restore_file "/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# RESTORE THE APP MAIN DIR
#=================================================
ynh_script_progression --message="Restoring the app main directory..."
ynh_restore_file "$final_path"
ynh_restore_file --origin_path="$final_path"
#=================================================
# RECREATE THE DEDICATED USER
#=================================================
ynh_script_progression --message="Recreating the dedicated system user..." --weight=4
# Create the dedicated user (if not existing)
ynh_system_user_create $app
ynh_system_user_create --username=$app
#=================================================
# RESTORE USER RIGHTS
@ -65,13 +70,20 @@ chown -R $app:root $final_path/{data,tmp}
# RESTORE THE PHP-FPM CONFIGURATION
#=================================================
ynh_restore_file "/etc/php5/fpm/pool.d/$app.conf"
ynh_restore_file --origin_path="/etc/php/7.0/fpm/pool.d/$app.conf"
#=================================================
# GENERIC FINALIZATION
#=================================================
# RELOAD NGINX AND PHP-FPM
#=================================================
ynh_script_progression --message="Reloading nginx web server and php-fpm..."
systemctl reload php5-fpm
systemctl reload nginx
ynh_systemd_action --service_name=php7.0-fpm --action=reload
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Restoration completed for $app" --last

100
scripts/upgrade
View file

@ -6,50 +6,61 @@
# IMPORT GENERIC HELPERS
#=================================================
# source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..."
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get $app domain)
path_url=$(ynh_app_setting_get $app path)
is_public=$(ynh_app_setting_get $app is_public)
final_path=$(ynh_app_setting_get $app final_path)
domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app=$app --key=path)
is_public=$(ynh_app_setting_get --app=$app --key=is_public)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
#=================================================
# CHECK VERSION
#=================================================
upgrade_type=$(ynh_check_app_version_changed)
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
ynh_script_progression --message="Ensuring downward compatibility..."
# Fix is_public as a boolean value
if [ "$is_public" = "Yes" ]; then
ynh_app_setting_set $app is_public 1
ynh_app_setting_set --app=$app --key=is_public --value=1
is_public=1
elif [ "$is_public" = "No" ]; then
ynh_app_setting_set $app is_public 0
ynh_app_setting_set --app=$app --key=is_public --value=0
is_public=0
elif [ -z "$is_public" ]; then
elif [ -z "$is_public" ]
then
if grep --quiet "unprotected_uris" "/etc/yunohost/apps/$app/settings.yml"
then
ynh_app_setting_set $app is_public 1
ynh_app_setting_set --app=$app --key=is_public --value=1
is_public=1
else
ynh_app_setting_set $app is_public 0
ynh_app_setting_set --app=$app --key=is_public --value=0
is_public=0
fi
fi
# If final_path doesn't exist, create it
if [ -z $final_path ]; then
if [ -z "$final_path" ]; then
final_path=/var/www/$app
ynh_app_setting_set $app final_path $final_path
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
fi
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=3
# Backup the current version of the app
ynh_backup_before_upgrade
@ -69,9 +80,22 @@ path_url=$(ynh_normalize_url_path $path_url)
#=================================================
# STANDARD UPGRADE STEPS
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
if [ "$upgrade_type" == "UPGRADE_APP" ]
then
ynh_script_progression --message="Upgrading source files..." --weight=3
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$final_path"
fi
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Upgrading nginx web server configuration..."
# Create a dedicated nginx config
ynh_add_nginx_config
@ -79,49 +103,19 @@ ynh_add_nginx_config
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Making sure dedicated system user exists..." --weight=2
# Create a system user
ynh_system_user_create $app
# Create a dedicated user (if not existing)
ynh_system_user_create --username=$app
#=================================================
# PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Upgrading php-fpm configuration..." --weight=3
# Create a dedicated php-fpm config
ynh_add_fpm_config
#=================================================
# SPECIFIC UPGRADE
#=================================================
# REMOVE OLD FILES
#=================================================
# ??? Maybe julienmalik can explain us why he would remove all this files.
# Clean all files and directory except the data directory
ynh_secure_remove $final_path/cfg
ynh_secure_remove $final_path/CREDITS.md
ynh_secure_remove $final_path/i18n
ynh_secure_remove $final_path/index.php
ynh_secure_remove $final_path/js
ynh_secure_remove $final_path/README.md
ynh_secure_remove $final_path/tmp
ynh_secure_remove $final_path/CHANGELOG.md
ynh_secure_remove $final_path/css
ynh_secure_remove $final_path/favicon.ico
ynh_secure_remove $final_path/img
ynh_secure_remove $final_path/INSTALL.md
ynh_secure_remove $final_path/lib
ynh_secure_remove $final_path/robots.txt
ynh_secure_remove $final_path/tpl
ynh_secure_remove $final_path/data
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source "$final_path"
#=================================================
# GENERIC FINALIZATION
#=================================================
@ -142,19 +136,23 @@ chmod 700 $final_path/{data,tmp}
#=================================================
# SETUP SSOWAT
#=================================================
#=================================================
# SETUP SSOWAT
#=================================================
ynh_script_progression --message="Upgrading SSOwat configuration..."
# If app is public, add url to SSOWat conf as skipped_uris
if [ $is_public -eq 1 ]; then
# unprotected_uris allows SSO credentials to be passed anyway.
ynh_app_setting_set "$app" unprotected_uris "/"
ynh_app_setting_set --app=$app --key=unprotected_uris --value="/"
fi
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading nginx web server..."
systemctl reload nginx
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Upgrade of $app completed" --last