From 87e9fbc6d122126a41203472d0ec5e0db3020530 Mon Sep 17 00:00:00 2001 From: yalh76 Date: Fri, 29 Jul 2022 22:43:23 +0200 Subject: [PATCH 1/3] Apply example_ynh --- .github/workflows/updater.sh | 132 +++++++++++++++++ .github/workflows/updater.yml | 49 +++++++ conf/app.src | 2 +- conf/nginx.conf | 9 +- doc/.gitkeep | 0 doc/DESCRIPTION.md | 1 + doc/DESCRIPTION_fr.md | 1 + doc/DISCLAIMER.md | 4 + doc/DISCLAIMER_fr.md | 4 + doc/screenshots/.gitkeep | 0 .../screenshots}/install_screenshot.png | Bin manifest.json | 50 ++++--- scripts/_common.sh | 2 +- scripts/backup | 9 -- scripts/change_url | 6 +- scripts/install | 138 ++++++------------ scripts/remove | 6 - scripts/restore | 37 ++--- scripts/upgrade | 87 ++++------- sources/extra_files/app/.gitignore | 2 - sources/patches/.gitignore | 2 - 21 files changed, 311 insertions(+), 230 deletions(-) create mode 100644 .github/workflows/updater.sh create mode 100644 .github/workflows/updater.yml create mode 100644 doc/.gitkeep create mode 100644 doc/DESCRIPTION.md create mode 100644 doc/DESCRIPTION_fr.md create mode 100644 doc/DISCLAIMER.md create mode 100644 doc/DISCLAIMER_fr.md create mode 100644 doc/screenshots/.gitkeep rename {images => doc/screenshots}/install_screenshot.png (100%) delete mode 100644 sources/extra_files/app/.gitignore delete mode 100644 sources/patches/.gitignore diff --git a/.github/workflows/updater.sh b/.github/workflows/updater.sh new file mode 100644 index 0000000..3ffdb1a --- /dev/null +++ b/.github/workflows/updater.sh @@ -0,0 +1,132 @@ +#!/bin/bash + +#================================================= +# PACKAGE UPDATING HELPER +#================================================= + +# This script is meant to be run by GitHub Actions +# The YunoHost-Apps organisation offers a template Action to run this script periodically +# Since each app is different, maintainers can adapt its contents so as to perform +# automatic actions when a new upstream release is detected. + +#================================================= +# FETCHING LATEST RELEASE AND ITS ASSETS +#================================================= + +# Fetching information +current_version=$(cat manifest.json | jq -j '.version|split("~")[0]') +repo=$(cat manifest.json | jq -j '.upstream.code|split("https://github.com/")[1]') +# Some jq magic is needed, because the latest upstream release is not always the latest version (e.g. security patches for older versions) +version=$(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '.[] | select( .prerelease != true ) | .tag_name' | sort -V | tail -1) +assets=($(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '[ .[] | select(.tag_name=="'$version'").assets[].browser_download_url ] | join(" ") | @sh' | tr -d "'")) + +# Later down the script, we assume the version has only digits and dots +# Sometimes the release name starts with a "v", so let's filter it out. +# You may need more tweaks here if the upstream repository has different naming conventions. +if [[ ${version:0:1} == "v" || ${version:0:1} == "V" ]]; then + version=${version:1} +fi + +# Setting up the environment variables +echo "Current version: $current_version" +echo "Latest release from upstream: $version" +echo "VERSION=$version" >> $GITHUB_ENV +echo "REPO=$repo" >> $GITHUB_ENV +# For the time being, let's assume the script will fail +echo "PROCEED=false" >> $GITHUB_ENV + +# Proceed only if the retrieved version is greater than the current one +if ! dpkg --compare-versions "$current_version" "lt" "$version" ; then + echo "::warning ::No new version available" + exit 0 +# Proceed only if a PR for this new version does not already exist +elif git ls-remote -q --exit-code --heads https://github.com/$GITHUB_REPOSITORY.git ci-auto-update-v$version ; then + echo "::warning ::A branch already exists for this update" + exit 0 +fi + +# Each release can hold multiple assets (e.g. binaries for different architectures, source code, etc.) +echo "${#assets[@]} available asset(s)" + +#================================================= +# UPDATE SOURCE FILES +#================================================= + +# Here we use the $assets variable to get the resources published in the upstream release. +# Here is an example for Grav, it has to be adapted in accordance with how the upstream releases look like. + +# Let's loop over the array of assets URLs +for asset_url in ${assets[@]}; do + + echo "Handling asset at $asset_url" + + # Assign the asset to a source file in conf/ directory + # Here we base the source file name upon a unique keyword in the assets url (admin vs. update) + # Leave $src empty to ignore the asset + case $asset_url in + *"question2answer"*) + src="app" + ;; + *) + src="" + ;; + esac + + # If $src is not empty, let's process the asset + if [ ! -z "$src" ]; then + + # Create the temporary directory + tempdir="$(mktemp -d)" + + # Download sources and calculate checksum + filename=${asset_url##*/} + curl --silent -4 -L $asset_url -o "$tempdir/$filename" + checksum=$(sha256sum "$tempdir/$filename" | head -c 64) + + # Delete temporary directory + rm -rf $tempdir + + # Get extension + if [[ $filename == *.tar.gz ]]; then + extension=tar.gz + else + extension=${filename##*.} + fi + + # Rewrite source file + cat < conf/$src.src +SOURCE_URL=$asset_url +SOURCE_SUM=$checksum +SOURCE_SUM_PRG=sha256sum +SOURCE_FORMAT=$extension +SOURCE_IN_SUBDIR=true +SOURCE_FILENAME= +SOURCE_EXTRACT=true +EOT + echo "... conf/$src.src updated" + + else + echo "... asset ignored" + fi + +done + +#================================================= +# SPECIFIC UPDATE STEPS +#================================================= + +# Any action on the app's source code can be done. +# The GitHub Action workflow takes care of committing all changes after this script ends. + +#================================================= +# GENERIC FINALIZATION +#================================================= + +# Replace new version in manifest +echo "$(jq -s --indent 4 ".[] | .version = \"$version~ynh1\"" manifest.json)" > manifest.json + +# No need to update the README, yunohost-bot takes care of it + +# The Action will proceed only if the PROCEED environment variable is set to true +echo "PROCEED=true" >> $GITHUB_ENV +exit 0 diff --git a/.github/workflows/updater.yml b/.github/workflows/updater.yml new file mode 100644 index 0000000..fb72ba0 --- /dev/null +++ b/.github/workflows/updater.yml @@ -0,0 +1,49 @@ +# This workflow allows GitHub Actions to automagically update your app whenever a new upstream release is detected. +# You need to enable Actions in your repository settings, and fetch this Action from the YunoHost-Apps organization. +# This file should be enough by itself, but feel free to tune it to your needs. +# It calls updater.sh, which is where you should put the app-specific update steps. +name: Check for new upstream releases +on: + # Allow to manually trigger the workflow + workflow_dispatch: + # Run it every day at 6:00 UTC + schedule: + - cron: '0 6 * * *' +jobs: + updater: + runs-on: ubuntu-latest + steps: + - name: Fetch the source code + uses: actions/checkout@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + - name: Run the updater script + id: run_updater + run: | + # Setting up Git user + git config --global user.name 'yunohost-bot' + git config --global user.email 'yunohost-bot@users.noreply.github.com' + # Run the updater script + /bin/bash .github/workflows/updater.sh + - name: Commit changes + id: commit + if: ${{ env.PROCEED == 'true' }} + run: | + git commit -am "Upgrade to v$VERSION" + - name: Create Pull Request + id: cpr + if: ${{ env.PROCEED == 'true' }} + uses: peter-evans/create-pull-request@v3 + with: + token: ${{ secrets.GITHUB_TOKEN }} + commit-message: Update to version ${{ env.VERSION }} + committer: 'yunohost-bot ' + author: 'yunohost-bot ' + signoff: false + base: testing + branch: ci-auto-update-v${{ env.VERSION }} + delete-branch: true + title: 'Upgrade to version ${{ env.VERSION }}' + body: | + Upgrade to v${{ env.VERSION }} + draft: false diff --git a/conf/app.src b/conf/app.src index d68d04b..846ac96 100644 --- a/conf/app.src +++ b/conf/app.src @@ -3,5 +3,5 @@ SOURCE_SUM=9200234584f576ff6b651baa9cfa08795cfda6c303d855a1bf9df6183f25b2a9 SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=zip SOURCE_IN_SUBDIR=true -SOURCE_FILENAME=question2answer-1.8.6.zip +SOURCE_FILENAME= SOURCE_EXTRACT=true diff --git a/conf/nginx.conf b/conf/nginx.conf index 37de41d..d9fdc4e 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -2,14 +2,8 @@ location __PATH__/ { # Path to source - alias __FINALPATH__/ ; + alias __FINALPATH__/; - # Force usage of https - if ($scheme = http) { - rewrite ^ https://$server_name$request_uri? permanent; - } - -### Example PHP configuration (remove it if not used) index index.php; # Common parameter to increase upload size limit in conjunction with dedicated php-fpm file @@ -26,7 +20,6 @@ location __PATH__/ { fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param SCRIPT_FILENAME $request_filename; } -### End of PHP configuration part # Include SSOWAT user panel. include conf.d/yunohost_panel.conf.inc; diff --git a/doc/.gitkeep b/doc/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/doc/DESCRIPTION.md b/doc/DESCRIPTION.md new file mode 100644 index 0000000..d7acd61 --- /dev/null +++ b/doc/DESCRIPTION.md @@ -0,0 +1 @@ +Question2Answer (Q2A) is a popular open source Q&A platform for PHP/MySQL. diff --git a/doc/DESCRIPTION_fr.md b/doc/DESCRIPTION_fr.md new file mode 100644 index 0000000..52824dd --- /dev/null +++ b/doc/DESCRIPTION_fr.md @@ -0,0 +1 @@ +Question2Answer (Q2A) est une plateforme de Questions/Réponses pour PHP/MySQL. diff --git a/doc/DISCLAIMER.md b/doc/DISCLAIMER.md new file mode 100644 index 0000000..c4bf0e4 --- /dev/null +++ b/doc/DISCLAIMER.md @@ -0,0 +1,4 @@ +## Configuration + +This app can be configured via its admin panel, available at `https://mydomain/myquestion2answer/index.php/admin/` + diff --git a/doc/DISCLAIMER_fr.md b/doc/DISCLAIMER_fr.md new file mode 100644 index 0000000..d9f66b3 --- /dev/null +++ b/doc/DISCLAIMER_fr.md @@ -0,0 +1,4 @@ +## Configuration + +Cette application se configure via son interface administrateur, accessible sur `https://mondomaine/monquestion2answer/index.php/admin/` + diff --git a/doc/screenshots/.gitkeep b/doc/screenshots/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/images/install_screenshot.png b/doc/screenshots/install_screenshot.png similarity index 100% rename from images/install_screenshot.png rename to doc/screenshots/install_screenshot.png diff --git a/manifest.json b/manifest.json index 9d05a1e..770db76 100644 --- a/manifest.json +++ b/manifest.json @@ -6,28 +6,34 @@ "en": "Platform for Question&Answer sites.", "fr": "Plateforme de Question/Réponses." }, - "version": "1.8.6~ynh1", - "url": "https://www.question2answer.org/", + "version": "1.8.6~ynh2", + "url": "https://www.question2answer.org", + "upstream": { + "license": "GPL-2.0-or-later", + "website": "https://www.question2answer.org", + "demo": "http://demo.question2answer.org", + "admindoc": "https://docs.question2answer.org", + "code": "https://github.com/q2a/question2answer" + }, "license": "GPL-2.0-or-later", "maintainer": { "name": "Nils Van Zuijlen", "email": "nils.van-zuijlen@mailo.com" }, "requirements": { - "yunohost": ">= 4.1.3" + "yunohost": ">= 4.3.0" }, "multi_instance": true, "services": [ "nginx", - "php7.0-fpm", + "php7.3-fpm", "mysql" ], "arguments": { - "install" : [ + "install": [ { "name": "domain", - "type": "domain", - "example": "example.com" + "type": "domain" }, { "name": "path", @@ -38,21 +44,8 @@ { "name": "is_public", "type": "boolean", - "help": { - "en": "If the application is made private, only the users known to this YunoHost instance will be able to see it.", - "fr": "Si l'application est privée, seuls les utilisateurs de cette instance YunuHost pourront y accéder." - }, "default": true }, - { - "name": "q2a_name", - "type": "string", - "ask": { - "en": "Choose the site name", - "fr": "Choisissez le nom de votre Question2Answer" - }, - "default": "My Question2Answer forum" - }, { "name": "language", "type": "string", @@ -60,13 +53,24 @@ "en": "Choose the application language", "fr": "Choisissez la langue de l'application" }, - "choices": ["fr", "en"], + "choices": [ + "fr", + "en" + ], "default": "fr" }, { "name": "admin", - "type": "user", - "example": "johndoe" + "type": "user" + }, + { + "name": "q2a_name", + "type": "string", + "ask": { + "en": "Choose the site name", + "fr": "Choisissez le nom de votre Question2Answer" + }, + "default": "My Question2Answer forum" } ] } diff --git a/scripts/_common.sh b/scripts/_common.sh index 87bc987..0ca8a40 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -43,7 +43,7 @@ ynh_local_curl_csrf () { local cookiefile=/tmp/ynh-$app-cookie.txt touch $cookiefile - chown root $cookiefile + chown $app $cookiefile chmod 700 $cookiefile # Curl the URL for the CSRF token diff --git a/scripts/backup b/scripts/backup index 29d7085..99f5b6d 100755 --- a/scripts/backup +++ b/scripts/backup @@ -15,7 +15,6 @@ source /usr/share/yunohost/helpers #================================================= ynh_clean_setup () { - ### Remove this function if there's nothing to clean before calling the remove script. true } # Exit if an error occurs during the execution of the script @@ -38,11 +37,6 @@ phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= ynh_print_info --message="Declaring files to be backed up..." -### N.B. : the following 'ynh_backup' calls are only a *declaration* of what needs -### to be backuped and not an actual copy of any file. The actual backup that -### creates and fill the archive with the files happens in the core after this -### script is called. Hence ynh_backups calls takes basically 0 seconds to run. - #================================================= # BACKUP THE APP MAIN DIR #================================================= @@ -68,9 +62,6 @@ ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" #================================================= ynh_print_info --message="Backing up the MySQL database..." -### (However, things like MySQL dumps *do* take some time to run, though the -### copy of the generated dump to the archive still happens later) - ynh_mysql_dump_db --database="$db_name" > db.sql #================================================= diff --git a/scripts/change_url b/scripts/change_url index 5c151e1..594cca4 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -35,7 +35,7 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path) #db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd) #================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP #================================================= ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --time --weight=1 @@ -98,10 +98,6 @@ then ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" fi -#================================================= -# SPECIFIC MODIFICATIONS -#================================================= - #================================================= # GENERIC FINALISATION #================================================= diff --git a/scripts/install b/scripts/install index f42c748..b6c77d8 100755 --- a/scripts/install +++ b/scripts/install @@ -14,7 +14,6 @@ source /usr/share/yunohost/helpers #================================================= ynh_clean_setup () { - ### Remove this function if there's nothing to clean before calling the remove script. true } # Exit if an error occurs during the execution of the script @@ -26,39 +25,20 @@ ynh_abort_if_errors domain=$YNH_APP_ARG_DOMAIN path_url=$YNH_APP_ARG_PATH -admin=$YNH_APP_ARG_ADMIN -email=`ynh_user_get_info "$admin" 'mail'` is_public=$YNH_APP_ARG_IS_PUBLIC language=$YNH_APP_ARG_LANGUAGE +admin=$YNH_APP_ARG_ADMIN q2a_name=$YNH_APP_ARG_Q2A_NAME -### If it's a multi-instance app, meaning it can be installed several times independently -### The id of the app as stated in the manifest is available as $YNH_APP_ID -### The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2"...) -### The app instance name is available as $YNH_APP_INSTANCE_NAME -### - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample -### - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2 -### - ynhexample__{N} for the subsequent installations, with N=3,4... -### The app instance name is probably what interests you most, since this is -### guaranteed to be unique. This is a good unique identifier to define installation path, -### db names... app=$YNH_APP_INSTANCE_NAME +email=$(ynh_user_get_info --username=$admin --key=mail) + #================================================= # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS #================================================= -### About --weight and --time -### ynh_script_progression will show to your final users the progression of each scripts. -### In order to do that, --weight will represent the relative time of execution compared to the other steps in the script. -### --time is a packager option, it will show you the execution time since the previous call. -### This option should be removed before releasing your app. -### Use the execution time, given by --time, to estimate the weight of a step. -### A common way to do it is to set a weight equal to the execution time in second +1. -### The execution time is given for the duration since the previous call. So the weight should be applied to this previous call. ynh_script_progression --message="Validating installation parameters..." --weight=2 -### If the app uses NGINX as web server (written in HTML/PHP in most cases), the final path should be "/var/www/$app". -### If the app provides an internal web server (or uses another application server such as uWSGI), the final path should be "/opt/yunohost/$app" final_path=/var/www/$app test ! -e "$final_path" || ynh_die --message="This path already contains a folder" @@ -72,25 +52,24 @@ ynh_script_progression --message="Storing installation settings..." --weight=3 ynh_app_setting_set --app=$app --key=domain --value=$domain ynh_app_setting_set --app=$app --key=path --value=$path_url -ynh_app_setting_set --app=$app --key=admin --value=$admin ynh_app_setting_set --app=$app --key=language --value=$language +ynh_app_setting_set --app=$app --key=admin --value=$admin #================================================= # STANDARD MODIFICATIONS +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Configuring system user..." --weight=5 + +# Create a system user +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # CREATE A MYSQL DATABASE #================================================= ynh_script_progression --message="Creating a MySQL database..." --weight=3 -### Use these lines if you need a database for the application. -### `ynh_mysql_setup_db` will create a database, an associated user and a ramdom password. -### The password will be stored as 'mysqlpwd' into the app settings, -### and will be available as $db_pwd -### If you're not using these lines: -### - Remove the section "BACKUP THE MYSQL DATABASE" in the backup script -### - Remove also the section "REMOVE THE MYSQL DATABASE" in the remove script -### - As well as the section "RESTORE THE MYSQL DATABASE" in the restore script - db_name=$(ynh_sanitize_dbid --db_name=$app) db_user=$db_name ynh_app_setting_set --app=$app --key=db_name --value=$db_name @@ -101,14 +80,32 @@ ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name #================================================= ynh_script_progression --message="Setting up source files..." --weight=3 -### `ynh_setup_source` is used to install an app from a zip or tar.gz file, -### downloaded from an upstream source, like a git repository. -### `ynh_setup_source` use the file conf/app.src - ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + +#================================================= +# PHP-FPM CONFIGURATION +#================================================= +ynh_script_progression --message="Configuring PHP-FPM..." --weight=1 + +# Create a dedicated PHP-FPM config +ynh_add_fpm_config + +#================================================= +# NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Configuring NGINX web server..." --weight=14 + +# Create a dedicated NGINX config +ynh_add_nginx_config + +#================================================= +# SPECIFIC SETUP #================================================= # DOWNLOAD AND UNPACK LDAP PLUGIN #================================================= @@ -124,34 +121,6 @@ ynh_replace_string\ --replace_string="require_once QA_INCLUDE_DIR . 'db/selects.php';\r\n require_once QA_INCLUDE_DIR . '../qa-plugin/qa-ldap-login/qa-ldap-process.php';"\ --target_file="$final_path/qa-include/pages/login.php" -#================================================= -# NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Configuring NGINX web server..." --weight=14 - -### `ynh_add_nginx_config` will use the file conf/nginx.conf - -# Create a dedicated NGINX config -ynh_add_nginx_config - -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." --weight=5 - -# Create a system user -ynh_system_user_create --username=$app - -#================================================= -# PHP-FPM CONFIGURATION -#================================================= -ynh_script_progression --message="Configuring PHP-FPM..." --weight=1 - -### `ynh_add_fpm_config` will use the files conf/php-fpm.conf - -# Create a dedicated PHP-FPM config -ynh_add_fpm_config - #================================================= # DOWNLOAD TRANSLATIONS #================================================= @@ -164,8 +133,9 @@ if [ $language == "fr" ]; then fi #================================================= -# MODIFY A CONFIG FILE +# ADD A CONFIGURATION #================================================= +ynh_script_progression --message="Adding a configuration file..." mv $final_path/qa-config-example.php $final_path/qa-config.php mv $final_path/.htaccess-example $final_path/.htaccess @@ -177,29 +147,17 @@ ynh_replace_string --match_string="your-mysql-db-name" --replace_string=$db_name #================================================= # SETUP APPLICATION WITH CURL #================================================= - -### Use these lines only if the app installation needs to be finalized through -### web forms. We generally don't want to ask the final user, -### so we're going to use curl to automatically fill the fields and submit the -### forms. - -# Set right permissions for curl install -chown -R $app: $final_path +ynh_script_progression --message="Setuping application with CURL..." # Set the app as temporarily public for curl call ynh_script_progression --message="Configuring SSOwat..." --weight=4 # Making the app public for curl ynh_permission_update --permission="main" --add="visitors" -# Reload SSOwat config -yunohost app ssowatconf - -# Reload NGINX -ynh_systemd_action --service_name=nginx --action=reload # Installation with curl ynh_script_progression --message="Finalizing installation..." --weight=4 -admin_temp_pass=$(ynh_string_random 10) +admin_temp_pass=$(ynh_string_random --length=10) ynh_local_curl "/index.php?qa=install" "create=Set+up+the+Database+including+User+Management" ynh_local_curl "/index.php?qa=install" "handle=$admin" "password=$admin_temp_pass" "email=$email" "super=Set+up+the+Super+Administrator" @@ -222,37 +180,25 @@ mysql -u $db_user -p${db_pwd} $db_name < ../conf/ldap.sql # Remove the public access ynh_permission_update --permission="main" --remove="visitors" -#================================================= -# STORE THE CONFIG FILE CHECKSUM -#================================================= - -### `ynh_store_file_checksum` is used to store the checksum of a file. -### That way, during the upgrade script, by using `ynh_backup_if_checksum_is_different`, -### you can make a backup of this file before modifying it again if the admin had modified it. - # Calculate and store the config file checksum into the app settings ynh_store_file_checksum --file="$final_path/qa-config.php" ynh_store_file_checksum --file="$final_path/.htaccess" -#================================================= -# GENERIC FINALIZATION #================================================= # SECURE FILES AND DIRECTORIES #================================================= -### For security reason, any app should set the permissions to root: before anything else. -### Then, if write authorization is needed, any access should be given only to directories -### that really need such authorization. - # Set permissions to app files -chown -R root: $final_path +chown -R $app: $final_path chmod o-rwx $final_path chown $app:www-data $final_path # Remove database initialization file -rm $final_path/qa-include/qa-install.php +ynh_secure_remove --file="$final_path/qa-include/qa-install.php" +#================================================= +# GENERIC FINALIZATION #================================================= # SETUP SSOWAT #================================================= diff --git a/scripts/remove b/scripts/remove index 0ac7e8d..c29e0f6 100755 --- a/scripts/remove +++ b/scripts/remove @@ -56,12 +56,6 @@ ynh_script_progression --message="Removing PHP-FPM configuration..." --weight=2 # Remove the dedicated PHP-FPM config ynh_remove_fpm_config -#================================================= -# SPECIFIC REMOVE -#================================================= -# REMOVE VARIOUS FILES -#================================================= - #================================================= # GENERIC FINALIZATION #================================================= diff --git a/scripts/restore b/scripts/restore index 38593d2..aa95dfa 100755 --- a/scripts/restore +++ b/scripts/restore @@ -15,7 +15,6 @@ source /usr/share/yunohost/helpers #================================================= ynh_clean_setup () { - #### Remove this function if there's nothing to clean before calling the remove script. true } # Exit if an error occurs during the execution of the script @@ -40,18 +39,18 @@ phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= ynh_script_progression --message="Validating restoration parameters..." --time --weight=1 -ynh_webpath_available --domain=$domain --path_url=$path_url \ - || ynh_die --message="Path not available: ${domain}${path_url}" test ! -d $final_path \ || ynh_die --message="There is already a directory: $final_path " #================================================= # STANDARD RESTORATION STEPS #================================================= -# RESTORE THE NGINX CONFIGURATION +# RECREATE THE DEDICATED USER #================================================= +ynh_script_progression --message="Recreating the dedicated system user..." --time --weight=1 -ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" +# Create the dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= # RESTORE THE APP MAIN DIR @@ -60,32 +59,26 @@ ynh_script_progression --message="Restoring the app main directory..." --time -- ynh_restore_file --origin_path="$final_path" -#================================================= -# RECREATE THE DEDICATED USER -#================================================= -ynh_script_progression --message="Recreating the dedicated system user..." --time --weight=1 - -# Create the dedicated user (if not existing) -ynh_system_user_create --username=$app +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" #================================================= -# RESTORE USER RIGHTS -#================================================= - -# Restore permissions on app files -chown -R root: $final_path - -chmod o-rwx $final_path -chown $app:www-data $final_path - +# SPECIFIC RESTORATION #================================================= # RESTORE THE PHP-FPM CONFIGURATION #================================================= +ynh_script_progression --message="Restoring the PHP-FPM configuration..." ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" #================================================= -# SPECIFIC RESTORATION +# RESTORE THE NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Restoring the NGINX web server configuration..." + +ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" + #================================================= # RESTORE THE MYSQL DATABASE #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index cab6cc1..c8f4253 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -18,46 +18,18 @@ app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app=$app --key=domain) path_url=$(ynh_app_setting_get --app=$app --key=path) +language=$(ynh_app_setting_get --app=$app --key=language) admin=$(ynh_app_setting_get --app=$app --key=admin) final_path=$(ynh_app_setting_get --app=$app --key=final_path) -language=$(ynh_app_setting_get --app=$app --key=language) db_name=$(ynh_app_setting_get --app=$app --key=db_name) #================================================= # CHECK VERSION #================================================= +ynh_script_progression --message="Checking version..." -### This helper will compare the version of the currently installed app and the version of the upstream package. -### $upgrade_type can have 2 different values -### - UPGRADE_APP if the upstream app version has changed -### - UPGRADE_PACKAGE if only the YunoHost package has changed -### ynh_check_app_version_changed will stop the upgrade if the app is up to date. -### UPGRADE_APP should be used to upgrade the core app only if there's an upgrade to do. upgrade_type=$(ynh_check_app_version_changed) -#================================================= -# ENSURE DOWNWARD COMPATIBILITY -#================================================= -ynh_script_progression --message="Ensuring downward compatibility..." --time --weight=1 - -# -# N.B. : the followings setting migrations snippets are provided as *EXAMPLES* -# of what you may want to do in some cases (e.g. a setting was not defined on -# some legacy installs and you therefore want to initiaze stuff during upgrade) -# - -# If db_name doesn't exist, create it -#if [ -z "$db_name" ]; then -# db_name=$(ynh_sanitize_dbid --db_name=$app) -# ynh_app_setting_set --app=$app --key=db_name --value=$db_name -#fi - -# If final_path doesn't exist, create it -#if [ -z "$final_path" ]; then -# final_path=/var/www/$app -# ynh_app_setting_set --app=$app --key=final_path --value=$final_path -#fi - #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= @@ -74,6 +46,19 @@ ynh_abort_if_errors #================================================= # STANDARD UPGRADE STEPS +#================================================= +# ENSURE DOWNWARD COMPATIBILITY +#================================================= +ynh_script_progression --message="Ensuring downward compatibility..." --time --weight=1 + +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Making sure dedicated system user exists..." --time --weight=1 + +# Create a dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -104,21 +89,9 @@ then --target_file="$final_path/qa-include/pages/login.php" fi -#================================================= -# NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Upgrading NGINX web server configuration..." --time --weight=1 - -# Create a dedicated NGINX config -ynh_add_nginx_config - -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Making sure dedicated system user exists..." --time --weight=1 - -# Create a dedicated user (if not existing) -ynh_system_user_create --username=$app +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" #================================================= # PHP-FPM CONFIGURATION @@ -128,6 +101,16 @@ ynh_script_progression --message="Upgrading PHP-FPM configuration..." --time --w # Create a dedicated PHP-FPM config ynh_add_fpm_config +#================================================= +# NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Upgrading NGINX web server configuration..." --time --weight=1 + +# Create a dedicated NGINX config +ynh_add_nginx_config + +#================================================= +# SPECIFIC UPGRADE #================================================= # UPGRADE TRANSLATIONS #================================================= @@ -144,18 +127,12 @@ if [ $language == "fr" ]; then fi fi +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + #================================================= # GENERIC FINALIZATION -#================================================= -# SECURE FILES AND DIRECTORIES -#================================================= - -# Set permissions on app files -chown -R root: $final_path - -chmod o-rwx $final_path -chown $app:www-data $final_path - #================================================= # RELOAD NGINX #================================================= diff --git a/sources/extra_files/app/.gitignore b/sources/extra_files/app/.gitignore deleted file mode 100644 index 783a4ae..0000000 --- a/sources/extra_files/app/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -*~ -*.sw[op] diff --git a/sources/patches/.gitignore b/sources/patches/.gitignore deleted file mode 100644 index 783a4ae..0000000 --- a/sources/patches/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -*~ -*.sw[op] From 0a7cce94de4dd2a9bdc0b8b72424f60ee74ff45b Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Fri, 29 Jul 2022 20:43:28 +0000 Subject: [PATCH 2/3] Auto-update README --- README.md | 66 +++++++++++++++++++------------------------------ README_fr.md | 70 ++++++++++++++++++++-------------------------------- 2 files changed, 52 insertions(+), 84 deletions(-) diff --git a/README.md b/README.md index ecac3bd..15e233b 100644 --- a/README.md +++ b/README.md @@ -1,72 +1,56 @@ + + # Question2Answer for YunoHost -[![Integration level](https://dash.yunohost.org/integration/question2answer.svg)](https://dash.yunohost.org/appci/app/question2answer) ![](https://ci-apps.yunohost.org/ci/badges/question2answer.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/question2answer.maintain.svg) -[![Install question2answer with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=question2answer) +[![Integration level](https://dash.yunohost.org/integration/question2answer.svg)](https://dash.yunohost.org/appci/app/question2answer) ![Working status](https://ci-apps.yunohost.org/ci/badges/question2answer.status.svg) ![Maintenance status](https://ci-apps.yunohost.org/ci/badges/question2answer.maintain.svg) +[![Install Question2Answer with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=question2answer) *[Lire ce readme en français.](./README_fr.md)* -> *This package allows you to install Question2Answer quickly and simply on a YunoHost server. +> *This package allows you to install Question2Answer quickly and simply on a YunoHost server. If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/install) to learn how to install it.* ## Overview + Question2Answer (Q2A) is a popular open source Q&A platform for PHP/MySQL. -**Shipped version:** 1.8.6 + +**Shipped version:** 1.8.6~ynh2 + +**Demo:** http://demo.question2answer.org ## Screenshots -![](./images/install_screenshot.png) +![Screenshot of Question2Answer](./doc/screenshots/install_screenshot.png) -## Demo - -* [Official demo](http://demo.question2answer.org/) +## Disclaimers / important information ## Configuration This app can be configured via its admin panel, available at `https://mydomain/myquestion2answer/index.php/admin/` -## Documentation - * Official documentation: https://www.question2answer.org/ - * YunoHost documentation: If specific documentation is needed, feel free to contribute. +## Documentation and resources -## YunoHost specific features - -#### Multi-user support - -This app supports multiuser and LDAP, but is not integrated via SSO. -The admin page is protected by SSOwat. - -#### Supported architectures - -* x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/question2answer%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/question2answer/) -* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/question2answer%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/question2answer/) - -## Limitations - -* No known limitations. - -## Additional information - -**More info on the documentation page:** -https://yunohost.org/packaging_apps - -## Links - - * Report a bug: https://github.com/nils-van-zuijlen/question2answer_ynh/issues - * App website: https://www.question2answer.org - * Upstream app repository: https://github.com/q2a/question2answer - * YunoHost website: https://yunohost.org/ - ---- +* Official app website: +* Official admin documentation: +* Upstream app code repository: +* YunoHost documentation for this app: +* Report a bug: ## Developer info Please send your pull request to the [testing branch](https://github.com/YunoHost-Apps/question2answer_ynh/tree/testing). To try the testing branch, please proceed like that. -``` + +``` bash sudo yunohost app install https://github.com/YunoHost-Apps/question2answer_ynh/tree/testing --debug or sudo yunohost app upgrade question2answer -u https://github.com/YunoHost-Apps/question2answer_ynh/tree/testing --debug ``` + +**More info regarding app packaging:** diff --git a/README_fr.md b/README_fr.md index e2c20e1..441a8db 100644 --- a/README_fr.md +++ b/README_fr.md @@ -1,72 +1,56 @@ + + # Question2Answer pour YunoHost -[![Niveau d'intégration](https://dash.yunohost.org/integration/question2answer.svg)](https://dash.yunohost.org/appci/app/question2answer) ![](https://ci-apps.yunohost.org/ci/badges/question2answer.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/question2answer.maintain.svg) -[![Installer question2answer avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=question2answer) +[![Niveau d'intégration](https://dash.yunohost.org/integration/question2answer.svg)](https://dash.yunohost.org/appci/app/question2answer) ![Statut du fonctionnement](https://ci-apps.yunohost.org/ci/badges/question2answer.status.svg) ![Statut de maintenance](https://ci-apps.yunohost.org/ci/badges/question2answer.maintain.svg) +[![Installer Question2Answer avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=question2answer) -*[Read this readme in english.](./README.md)* +*[Read this readme in english.](./README.md)* -> *Ce package vous permet d'installer Question2Answer rapidement et simplement sur un serveur YunoHost. -Si vous n'avez pas YunoHost, consultez [le guide](https://yunohost.org/#/install) pour apprendre comment l'installer.* +> *Ce package vous permet d'installer Question2Answer rapidement et simplement sur un serveur YunoHost. +Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.* ## Vue d'ensemble + Question2Answer (Q2A) est une plateforme de Questions/Réponses pour PHP/MySQL. -**Version incluse :** 1.8.6 + +**Version incluse :** 1.8.6~ynh2 + +**Démo :** http://demo.question2answer.org ## Captures d'écran -![](./images/install_screenshot) +![Capture d'écran de Question2Answer](./doc/screenshots/install_screenshot.png) -## Démo - -* [Démo officielle](http://demo.question2answer.org/) +## Avertissements / informations importantes ## Configuration Cette application se configure via son interface administrateur, accessible sur `https://mondomaine/monquestion2answer/index.php/admin/` -## Documentation - * Documentation officielle : https://www.question2answer.org/ - * Documentation YunoHost : Si une documentation spécifique est nécessaire, n'hésitez pas à contribuer. +## Documentations et ressources -## Caractéristiques spécifiques YunoHost - -#### Support multi-utilisateur - -Cette application supporte le multiutilisateur et LDAP, mais n'est pas intégrée avec le SSO. -Les pages d'administration sont protégées par SSOwat. - -#### Architectures supportées - -* x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/question2answer%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/question2answer/) -* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/question2answer%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/question2answer/) - -## Limitations - -* Pas de limitations connues. - -## Informations additionnelles - -**Plus d'informations sur la page de documentation :** -https://yunohost.org/packaging_apps - -## Liens - - * Signaler un bug : https://github.com/nils-van-zuijlen/question2answer_ynh/issues - * Site de l'application : https://www.question2answer.org - * Dépôt de l'application principale : https://github.com/q2a/question2answer - * Site web YunoHost : https://yunohost.org/ - ---- +* Site officiel de l'app : +* Documentation officielle de l'admin : +* Dépôt de code officiel de l'app : +* Documentation YunoHost pour cette app : +* Signaler un bug : ## Informations pour les développeurs Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/question2answer_ynh/tree/testing). Pour essayer la branche testing, procédez comme suit. -``` + +``` bash sudo yunohost app install https://github.com/YunoHost-Apps/question2answer_ynh/tree/testing --debug ou sudo yunohost app upgrade question2answer -u https://github.com/YunoHost-Apps/question2answer_ynh/tree/testing --debug ``` + +**Plus d'infos sur le packaging d'applications :** From 57d20c34f9c009867ee74f7be001c54dbd44ad3f Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Mon, 15 Aug 2022 13:31:41 +0000 Subject: [PATCH 3/3] Auto-update README --- README.md | 1 + README_fr.md | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 15e233b..dc8d740 100644 --- a/README.md +++ b/README.md @@ -20,6 +20,7 @@ Question2Answer (Q2A) is a popular open source Q&A platform for PHP/MySQL. **Shipped version:** 1.8.6~ynh2 + **Demo:** http://demo.question2answer.org ## Screenshots diff --git a/README_fr.md b/README_fr.md index 441a8db..ed61d4e 100644 --- a/README_fr.md +++ b/README_fr.md @@ -18,7 +18,8 @@ Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour Question2Answer (Q2A) est une plateforme de Questions/Réponses pour PHP/MySQL. -**Version incluse :** 1.8.6~ynh2 +**Version incluse :** 1.8.6~ynh2 + **Démo :** http://demo.question2answer.org