mirror of
https://github.com/YunoHost-Apps/pufferpanel_ynh.git
synced 2024-09-03 20:16:03 +02:00
244 lines
10 KiB
Bash
244 lines
10 KiB
Bash
#!/bin/bash
|
|
|
|
#=================================================
|
|
# GENERIC START
|
|
#=================================================
|
|
# IMPORT GENERIC HELPERS
|
|
#=================================================
|
|
|
|
source _common.sh
|
|
source /usr/share/yunohost/helpers
|
|
|
|
#=================================================
|
|
# MANAGE SCRIPT FAILURE
|
|
#=================================================
|
|
|
|
ynh_clean_setup () {
|
|
### Remove this function if there's nothing to clean before calling the remove script.
|
|
true
|
|
}
|
|
# Exit if an error occurs during the execution of the script
|
|
ynh_abort_if_errors
|
|
|
|
#=================================================
|
|
# RETRIEVE ARGUMENTS FROM THE MANIFEST
|
|
#=================================================
|
|
|
|
# Retrieve arguments
|
|
domain=$YNH_APP_ARG_DOMAIN
|
|
path_url=$YNH_APP_ARG_PATH
|
|
is_public=$YNH_APP_ARG_IS_PUBLIC
|
|
email=$YNH_APP_ARG_EMAIL
|
|
password=$YNH_APP_ARG_PASSWORD
|
|
uuid=$(cat /proc/sys/kernel/random/uuid)
|
|
time=$(php -r 'echo time();')
|
|
nodeSecret=$(cat /proc/sys/kernel/random/uuid)
|
|
nodeSecret=${nodeSecret^^}
|
|
#pufferdVersion=$(cat src/versions/pufferd)
|
|
|
|
### If it's a multi-instance app, meaning it can be installed several times independently
|
|
### The id of the app as stated in the manifest is available as $YNH_APP_ID
|
|
### The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2", ...)
|
|
### The app instance name is available as $YNH_APP_INSTANCE_NAME
|
|
### - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample
|
|
### - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2
|
|
### - ynhexample__{N} for the subsequent installations, with N=3,4, ...
|
|
### The app instance name is probably what interests you most, since this is
|
|
### guaranteed to be unique. This is a good unique identifier to define installation path,
|
|
### db names, ...
|
|
app=$YNH_APP_INSTANCE_NAME
|
|
|
|
#=================================================
|
|
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
|
|
#=================================================
|
|
|
|
### If the app uses nginx as web server (written in HTML/PHP in most cases), the final path should be "/var/www/$app".
|
|
### If the app provides an internal web server (or uses another application server such as uwsgi), the final path should be "/opt/yunohost/$app"
|
|
final_path=/srv/$app
|
|
test ! -e "$final_path" || ynh_die "This path already contains a folder"
|
|
|
|
# Normalize the url path syntax
|
|
path_url=$(ynh_normalize_url_path $path_url)
|
|
|
|
# Check web path availability
|
|
ynh_webpath_available $domain $path_url
|
|
# Register (book) web path
|
|
ynh_webpath_register $app $domain $path_url
|
|
|
|
#=================================================
|
|
# STORE SETTINGS FROM MANIFEST
|
|
#=================================================
|
|
|
|
ynh_app_setting_set $app domain $domain
|
|
ynh_app_setting_set $app path $path_url
|
|
ynh_app_setting_set $app is_public $is_public
|
|
|
|
#=================================================
|
|
# FIND AND OPEN A PORT
|
|
#=================================================
|
|
|
|
### Use these lines if you have to open a port for the application
|
|
### `ynh_find_port` will find the first available port starting from the given port.
|
|
### If you're not using these lines:
|
|
### - Remove the section "CLOSE A PORT" in the remove script
|
|
|
|
# Find a free port
|
|
port=$(ynh_find_port 5657)
|
|
# Open this port
|
|
yunohost firewall allow --no-upnp TCP $port 2>&1
|
|
ynh_app_setting_set $app port $port
|
|
|
|
#==============================================
|
|
# INSTALL DEPS
|
|
#==============================================
|
|
|
|
## Install the PHP 7.2 repo for debian
|
|
ynh_package_install ca-certificates apt-transport-https
|
|
wget -q https://packages.sury.org/php/apt.gpg -O- | apt-key add -
|
|
echo "deb https://packages.sury.org/php/ stretch main" | tee /etc/apt/sources.list.d/php.list
|
|
dpkg --add-architecture i386
|
|
|
|
ynh_package_update
|
|
ynh_package_install openssl curl mysql-client mysql-server php7.2-fpm php7.2-cli php7.2-curl php7.2-mysql openjdk-8-jdk-headless git tar lib32gcc1 lib32tinfo5 lib32z1 lib32stdc++6 libcurl3-gnutls:i386
|
|
|
|
#sudo echo "deb http://http.debian.net/debian stretch-backports main" > /etc/apt/sources.list.d/backports.list
|
|
#dpkg --add-architecture i386
|
|
#apt-get update
|
|
#apt-get install -y -t stretch-backports openjdk-8-jdk-headless
|
|
#ynh_package_install debian-archive-keyring apt-transport-https openssl curl mysql-client mysql-server php-fpm php-cli php-curl php-mysql openjdk-8-jdk-headless git tar lib32gcc1 lib32tinfo5 lib32z1 lib32stdc++6 libcurl3-gnutls:i386
|
|
|
|
#apt-key add - https://packagecloud.io/pufferpanel/pufferd/gpgkey
|
|
#echo "deb https://packagecloud.io/pufferpanel/pufferd/debian/ stretch main" >> /etc/apt/sources.list.d/pufferpanel_pufferd.list
|
|
#echo "deb-src https://packagecloud.io/pufferpanel/pufferd/debian/ stretch main" >> /etc/apt/sources.list.d/pufferpanel_pufferd.list
|
|
#apt-get update
|
|
|
|
#=================================================
|
|
# CREATE A MYSQL DATABASE
|
|
#=================================================
|
|
# If your app uses a MySQL database, you can use these lines to bootstrap
|
|
# a database, an associated user and save the password in app settings
|
|
|
|
db_name=$(ynh_sanitize_dbid $app)
|
|
ynh_app_setting_set $app db_name $db_name
|
|
ynh_mysql_setup_db $db_name $db_name <<< "flush privileges;"
|
|
|
|
db_user=$db_name
|
|
|
|
echo "Creating pufferpanel account and installing database..."
|
|
#mysql -D $db_name -h localhost -P 3306 -u $db_name --password="$db_pwd" < ../conf/install.sql
|
|
#ynh_mysql_execute_as_root -D $db_name <<< "flush privileges;"
|
|
ynh_mysql_execute_file_as_root ../conf/install.sql $db_name
|
|
|
|
#mysql -D $db_name -h localhost -P 3306 -u $db_name --password="$db_pwd" -e "SET GLOBAL event_scheduler = ON;"
|
|
#ynh_mysql_connect_as $db_user $db_pwd <<< "SET GLOBAL event_scheduler = ON;"
|
|
ynh_mysql_execute_as_root "SET GLOBAL event_scheduler = ON;" $db_name
|
|
|
|
echo "Installing user..."
|
|
#mysql -D $db_name -h localhost -P 3306 -D $db_name -u $db_name --password="$db_pwd" -e "
|
|
#INSERT INTO users VALUES (NULL, '${uuid}', '${username}', '${email}', '${password}', 'en_US', ${time}, NULL, NULL, 1, 0, 1, 0, NULL) ON DUPLICATE KEY UPDATE password='${password}'"
|
|
#ynh_mysql_connect_as $db_user $db_pwd <<< "INSERT INTO users VALUES (NULL, '${uuid}', '$db_user', '${email}', '${password}', 'en_US', ${time}, NULL, NULL, 1, 0, 1, 0, NULL) ON DUPLICATE KEY UPDATE password='${password}'"
|
|
ynh_mysql_execute_as_root "INSERT INTO users VALUES (NULL, '${uuid}', '$db_user', '${email}', '${password}', 'en_US', ${time}, NULL, NULL, 1, 0, 1, 0, NULL) ON DUPLICATE KEY UPDATE password='${password}'" $db_name
|
|
|
|
ynh_mysql_execute_as_root "
|
|
INSERT INTO nodes (name, location, fqdn, ip, daemon_secret,daemon_listen,daemon_sftp, allocate_memory, allocate_disk, ips, ports, public, docker)
|
|
VALUES('LocalNode', (SELECT id FROM locations WHERE short = 'Localhost'), 'https://$domain$path_url', '127.0.0.1', '${nodeSecret}', 5656, 5657, 0, 0, '{}', '{}', 1, 0)" $db_name
|
|
#mysql -h ${mysqlHost} -P ${mysqlPort} -D ${mysqlDb} -u ${mysqlUser} --password="${mysqlPass}" -e "
|
|
#INSERT INTO nodes (name, location, fqdn, ip, daemon_secret,daemon_listen,daemon_sftp, allocate_memory, allocate_disk, ips, ports, public, docker)
|
|
#VALUES('LocalNode', (SELECT id FROM locations WHERE short = 'Localhost'), '${siteUrl}', '127.0.0.1', '${nodeSecret}', 5656, 5657, 0, 0, '{}', '{}', 1, 0)"
|
|
|
|
#=================================================
|
|
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
|
#=================================================
|
|
|
|
ynh_app_setting_set $app final_path $final_path
|
|
# Download, check integrity, uncompress and patch the source from app.src
|
|
ynh_setup_source "$final_path"
|
|
|
|
#=================================================
|
|
# SPECIFIC SETUP
|
|
#=================================================
|
|
|
|
# create a user
|
|
#email=$(ynh_user_get_info $admin 'mail')
|
|
|
|
mkdir -p /var/lib/pufferd /var/log/pufferd /etc/pufferd
|
|
|
|
# setup application config
|
|
cp -a ../conf/config.json /etc/pufferd/config.json
|
|
|
|
#=================================================
|
|
# MODIFY A CONFIG FILE
|
|
#=================================================
|
|
|
|
ynh_replace_string "yunouser" "$db_name" "/etc/pufferd/config.json"
|
|
ynh_replace_string "yunopass" "$db_pwd" "/etc/pufferd/config.json"
|
|
ynh_replace_string "yunobase" "$db_name" "/etc/pufferd/config.json"
|
|
#ynh_replace_string "yunomail" "$email" "$final_path/config.json"
|
|
#ynh_replace_string "yunodomain" "$domain" "$final_path/.env"
|
|
|
|
#==============================================
|
|
# INSTALL DAEMON Pufferd
|
|
#==============================================
|
|
|
|
wget https://github.com/YunoHost-Apps/pufferpanel_ynh/releases/download/1.2.5/pufferd_1.2.5_amd64.deb
|
|
dpkg --install pufferd_1.2.5_amd64.deb
|
|
pufferd --install --auth https://$domain$path_url --token ${nodeSecret} --config /etc/pufferd/config.json
|
|
|
|
#=================================================
|
|
# NGINX CONFIGURATION
|
|
#=================================================
|
|
|
|
# Create a dedicated nginx config
|
|
ynh_add_nginx_config
|
|
|
|
#=================================================
|
|
# CREATE DEDICATED USER
|
|
#=================================================
|
|
|
|
# Create a system user
|
|
ynh_system_user_create $app
|
|
|
|
#=================================================
|
|
# STORE THE CONFIG FILE CHECKSUM
|
|
#=================================================
|
|
|
|
### `ynh_store_file_checksum` is used to store the checksum of a file.
|
|
### That way, during the upgrade script, by using `ynh_backup_if_checksum_is_different`,
|
|
### you can make a backup of this file before modifying it again if the admin had modified it.
|
|
|
|
# Calculate and store the config file checksum into the app settings
|
|
ynh_store_file_checksum "/etc/pufferd/config.json"
|
|
|
|
#=================================================
|
|
# GENERIC FINALIZATION
|
|
#=================================================
|
|
# SECURE FILES AND DIRECTORIES
|
|
#=================================================
|
|
|
|
### For security reason, any app should set the permissions to root: before anything else.
|
|
### Then, if write authorization is needed, any access should be given only to directories
|
|
### that really need such authorization.
|
|
|
|
# Set permissions to app files
|
|
#useradd --system --home /var/lib/pufferd --user-group pufferd
|
|
#chown -R $app:$app /srv/pufferpanel/logs
|
|
chown -R pufferd:pufferd /var/lib/pufferd /etc/pufferd /var/log/pufferd
|
|
|
|
echo "Preparing for docker containers if enabled"
|
|
groupadd --force --system docker
|
|
usermod -a -G docker pufferd
|
|
|
|
#=================================================
|
|
# SETUP SSOWAT
|
|
#=================================================
|
|
|
|
# If app is public, add url to SSOWat conf as skipped_uris
|
|
if [ $is_public -eq 1 ]; then
|
|
# unprotected_uris allows SSO credentials to be passed anyway.
|
|
ynh_app_setting_set "$app" unprotected_uris "/"
|
|
fi
|
|
|
|
# Reload services
|
|
systemctl reload nginx
|
|
systemctl start pufferd
|
|
systemctl enable pufferd
|