diff --git a/conf/config.php b/conf/config.php index f5a61c7..a3b1f53 100644 --- a/conf/config.php +++ b/conf/config.php @@ -1,9 +1,27 @@ SetPassword('ADMINPASSWORD'); +$oConfig->SetPassword($args['password']); echo $oConfig->Save() ? 'Admin password updated' : 'Admin password not updated'; ?> \ No newline at end of file diff --git a/conf/data/configs/application.ini b/conf/data/configs/application.ini index 5416626..e533665 100644 --- a/conf/data/configs/application.ini +++ b/conf/data/configs/application.ini @@ -135,10 +135,10 @@ sign_me_auto = "DefaultOff" [plugins] ; Enable plugin support -enable = Off +enable = On ; List of enabled plugins -enabled_list = "" +enabled_list = "ynh-login-mapping" [defaults] ; Editor mode used by default (Plain, Html, HtmlForced or PlainForced) diff --git a/conf/data/domains/disabled b/conf/data/domains/disabled index e8cf773..6389b9e 100644 --- a/conf/data/domains/disabled +++ b/conf/data/domains/disabled @@ -1 +1 @@ -gmail.com,outlook.com,qq.com,yahoo.com +gmail.com,outlook.com,qq.com,yahoo.com, diff --git a/scripts/install b/scripts/install index 3f956ab..c5ce308 100644 --- a/scripts/install +++ b/scripts/install @@ -42,66 +42,81 @@ sudo yunohost app setting rainloop mysqlpwd -v $db_pwd # Copy files to the right place final_path=/var/www/$app rainloop_path=${final_path}/app +#rainloop_path=${final_path} sudo rm -rf $final_path sudo mkdir -p $final_path sudo mkdir -p $rainloop_path # Use of latest community edition -sudo wget http://repository.rainloop.net/v2/webmail/rainloop-community-latest.zip -O $rainloop_path/rainloop.zip -sudo unzip $rainloop_path/rainloop.zip -d $rainloop_path/ -sudo rm $rainloop_path/rainloop.zip +sudo unzip ../sources/rainloop-community.zip -d $rainloop_path/ # Autoconfig sudo mkdir -p $rainloop_path/data/_data_/_default_/configs/ -sed -i "s@domain.tld@$domain@g" ../conf/data/configs/application.ini -sed -i "s@MYSQLUSER@db_user@g" ../conf/data/configs/application.ini -sed -i "s@MYSQLPASSWORD@$db_pwd@g" ../conf/data/configs/application.ini +application_file=$rainloop_path/data/_data_/_default_/configs/application.ini if [ $(echo $LANG | cut -c1-2) == "fr" ] then lang=fr else lang=en fi -sed -i "s@LANGTOCHANGE@$lang@g" ../conf/data/configs/application.ini -sudo cp ../conf/data/configs/application.ini $rainloop_path/data/_data_/_default_/configs/application.ini +sudo cp ../conf/data/configs/application.ini $application_file +sudo sed -i "s@domain.tld@$domain@g" $application_file +sudo sed -i "s@MYSQLUSER@$db_user@g" $application_file +sudo sed -i "s@MYSQLPASSWORD@$db_pwd@g" $application_file +sudo sed -i "s@LANGTOCHANGE@$lang@g" $application_file # Set admin password -sed -i "s@ADMINPASSWORD@$password@g" ../conf/config.php -sudo php ../conf/config.php +sudo php ../conf/config.php --index="$rainloop_path/index.php" --password="$password" # Add default domain configs by looping through all the domains already added sudo mkdir -p $rainloop_path/data/_data_/_default_/domains/ -sudo yunohost domain list | sed -e '1d' | while read -r line ; do - domain=${line//- } - sed -i "s@domain.tld@$domain@g" ../conf/data/domains/domain.tld.ini + +# get list of ldap domaine +domains=`ldapsearch -LLL -x -b ou=domains,dc=yunohost,dc=org -s one "objectclass=top" virtualdomain | grep -v "dn:" | sed "s/virtualdomain://" ` +for domain in $domains ; do sudo cp ../conf/data/domains/domain.tld.ini $rainloop_path/data/_data_/_default_/domains/$domain.ini - sed -i "s@$domain@domain.tld@g" ../conf/data/domains/domain.tld.ini + sudo sed -i "s@domain.tld@$domain@g" $rainloop_path/data/_data_/_default_/domains/$domain.ini done sudo cp ../conf/data/domains/disabled $rainloop_path/data/_data_/_default_/domains/disabled +# now install ynh plugins: +sudo mkdir -p $rainloop_path/data/_data_/_default_/plugins +sudo cp -rf ../sources/plugins/ynh-login-mapping $rainloop_path/data/_data_/_default_/plugins/. + + # Hooks for domains are not implemented yet, so new domains will not be added automatically -# SSO -sed -i "s@domain.tld@$domain@g" ../conf/sso.php -sed -i "s@PATHTOCHANGE@$path@g" ../conf/sso.php -sudo cp ../conf/sso.php $final_path/index.php +# install SSO and auto version +if [ $final_path == $rainloop_path ] +then + # use modified version of master index.php that implement sso + sudo cp ../sources/sso/index.php $final_path/index.php +else + # use only sso on master + sudo cp ../sources/sso/sso.php $final_path/index.php + sudo cp ../sources/patch/index_auto_version.php $rainloop_path/index.php +fi +sudo sed -i "s@domain.tld@$domain@g" $final_path/index.php +sudo sed -i "s@PATHTOCHANGE@$path@g" $final_path/index.php # Set permissions to rainloop directory -# sudo mkdir -p $final_path/logs sudo chown -R www-data:www-data $final_path -# Modify Nginx configuration file and copy it to Nginx conf directory -sed -i "s@PATHTOCHANGE@$path@g" ../conf/nginx.conf -sed -i "s@ALIASTOCHANGE@$final_path/@g" ../conf/nginx.conf -sed -i "s@NAMETOCHANGE@$app@g" ../conf/nginx.conf -sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf +# Install Nginx configuration file +nginx_conf_file=/etc/nginx/conf.d/$domain.d/$app.conf +sudo cp ../conf/nginx.conf $nginx_conf_file +sudo sed -i "s@PATHTOCHANGE@$path@g" $nginx_conf_file +sudo sed -i "s@ALIASTOCHANGE@$final_path/@g" $nginx_conf_file +sudo sed -i "s@NAMETOCHANGE@$app@g" $nginx_conf_file +sudo chown root: $nginx_conf_file +sudo chmod 644 $nginx_conf_file -sed -i "s@NAMETOCHANGE@$app@g" ../conf/php-fpm.conf finalphpconf=/etc/php5/fpm/pool.d/$app.conf -sudo cp ../conf/php-fpm.conf $finalphpconf -sudo chown root: $finalphpconf -sudo chmod 644 $finalphpconf +sudo cp ../conf/php-fpm.conf $finalphpconf +sudo sed -i "s@NAMETOCHANGE@$app@g" $finalphpconf +sudo chown root: $finalphpconf +sudo chmod 644 $finalphpconf # Make app public if necessary sudo yunohost app setting $app is_public -v "$is_public" diff --git a/scripts/upgrade b/scripts/upgrade index 0d5f237..d62d07b 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -6,56 +6,64 @@ app=rainloop domain=$(sudo yunohost app setting $app domain) path=$(sudo yunohost app setting $app path) is_public=$(sudo yunohost app setting $app is_public) -dp_pwd=$(sudo yunohost app setting rainloop mysqlpwd) +dp_pwd=$(sudo yunohost app setting $app mysqlpwd) db_user=$app -# Initialize database and store mysql password for upgrade -root_pwd=$(sudo cat /etc/yunohost/mysql) -mysql -u root -p$root_pwd -e "DROP DATABASE $db_name ; DROP USER $db_user@localhost ;" -sudo yunohost app initdb $db_user -p $db_pwd +# no update for db now... +#root_pwd=$(sudo cat /etc/yunohost/mysql) +#mysql -u root -p$root_pwd -e "DROP DATABASE $db_name ; DROP USER $db_user@localhost ;" +#sudo yunohost app initdb $db_user -p $db_pwd # Copy files to the right place final_path=/var/www/$app rainloop_path=${final_path}/app +#rainloop_path=${final_path} -sudo rm -rf $final_path -sudo mkdir -p $final_path -sudo mkdir -p $rainloop_path +# no delete... we keep old install, the new is in a new path +#sudo rm -rf $final_path +#sudo mkdir -p $final_path +#sudo mkdir -p $rainloop_path # Use of latest community edition -sudo wget http://repository.rainloop.net/v2/webmail/rainloop-community-latest.zip -O $rainloop_path/rainloop.zip -sudo unzip $rainloop_path/rainloop.zip -d $rainloop_path/ -sudo rm $rainloop_path/rainloop.zip +sudo unzip ../sources/rainloop-community.zip -d $rainloop_path/ +# update patch to auto load version. +sudo cp ../sources/patch/index_auto_version.php $rainloop_path/index.php +# update ynh plugins: +sudo mkdir -p $rainloop_path/data/_data_/_default_/plugins +sudo cp -rf ../sources/plugins/ynh-login-mapping $rainloop_path/data/_data_/_default_/plugins/. -# Modify Nginx configuration file and copy it to Nginx conf directory -sed -i "s@PATHTOCHANGE@$path@g" ../conf/nginx.conf -sed -i "s@ALIASTOCHANGE@$final_path/@g" ../conf/nginx.conf -sed -i "s@NAMETOCHANGE@$app@g" ../conf/nginx.conf -sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf - -sed -i "s@NAMETOCHANGE@$app@g" ../conf/php-fpm.conf -finalphpconf=/etc/php5/fpm/pool.d/$app.conf -sudo cp ../conf/php-fpm.conf $finalphpconf -sudo chown root: $finalphpconf -sudo chmod 644 $finalphpconf - -# SSO -sed -i "s@domain.tld@$domain@g" ../conf/sso.php -sed -i "s@PATHTOCHANGE@$path@g" ../conf/sso.php -sudo cp ../conf/sso.php $final_path/index.php +# update SSO and auto version +if [ $final_path == $rainloop_path ] +then + # use modified version of master index.php that implement sso + sudo cp ../sources/sso/index.php $final_path/index.php +else + # use only sso on master + sudo cp ../sources/sso/sso.php $final_path/index.php + sudo cp ../sources/patch/index_auto_version.php $rainloop_path/index.php +fi +sudo sed -i "s@domain.tld@$domain@g" $final_path/index.php +sudo sed -i "s@PATHTOCHANGE@$path@g" $final_path/index.php # Set permissions to rainloop directory sudo chown -R www-data:www-data $final_path -# Make app public if necessary -sudo yunohost app setting $app is_public -v "$is_public" -if [ "$is_public" = "Yes" ]; -then - sudo yunohost app setting $app skipped_uris -v "/" -fi +# Update Nginx configuration file +nginx_conf_file=/etc/nginx/conf.d/$domain.d/$app.conf +sudo cp ../conf/nginx.conf $nginx_conf_file +sudo sed -i "s@PATHTOCHANGE@$path@g" $nginx_conf_file +sudo sed -i "s@ALIASTOCHANGE@$final_path/@g" $nginx_conf_file +sudo sed -i "s@NAMETOCHANGE@$app@g" $nginx_conf_file +sudo chown root: $nginx_conf_file +sudo chmod 644 $nginx_conf_file +finalphpconf=/etc/php5/fpm/pool.d/$app.conf +sudo cp ../conf/php-fpm.conf $finalphpconf +sudo sed -i "s@NAMETOCHANGE@$app@g" $finalphpconf +sudo chown root: $finalphpconf +sudo chmod 644 $finalphpconf # Reload Nginx and regenerate SSOwat conf sudo service php5-fpm reload diff --git a/sources/patch/index_auto_version.php b/sources/patch/index_auto_version.php new file mode 100644 index 0000000..887a5fa --- /dev/null +++ b/sources/patch/index_auto_version.php @@ -0,0 +1,18 @@ + diff --git a/sources/plugins/ynh-login-mapping/README b/sources/plugins/ynh-login-mapping/README new file mode 100644 index 0000000..a1fc054 --- /dev/null +++ b/sources/plugins/ynh-login-mapping/README @@ -0,0 +1 @@ +Plugin which allows you to get username from ynh ldap by email address diff --git a/sources/plugins/ynh-login-mapping/VERSION b/sources/plugins/ynh-login-mapping/VERSION new file mode 100644 index 0000000..49d5957 --- /dev/null +++ b/sources/plugins/ynh-login-mapping/VERSION @@ -0,0 +1 @@ +0.1 diff --git a/sources/plugins/ynh-login-mapping/index.php b/sources/plugins/ynh-login-mapping/index.php new file mode 100644 index 0000000..d22ec61 --- /dev/null +++ b/sources/plugins/ynh-login-mapping/index.php @@ -0,0 +1,82 @@ +addHook('filter.login-credentials.step-1', 'FilterLoginСredentials1'); + // $this->addHook('filter.login-credentials.step-2', 'FilterLoginСredentials2'); + $this->addHook ( 'filter.login-credentials', 'FilterLoginСredentials' ); + } + + /* // ca ne semble pas marcher... + * public function FilterLoginCredentials1(&$sEmail, &$sPassword) { + * $this->Manager()->Actions()->Logger()->Write('LdapLoginMappingPlugin::FilterLoginСredentials_S1:'); + * } + */ + + /* // ca non plus... + * public function FilterLoginCredentials2(&$sEmail, &$sPassword) { + * $this->Manager()->Actions()->Logger()->Write('LdapLoginMappingPlugin::FilterLoginСredentials_S2:'); + * } + */ + + /** + * + * @param string $sEmail + * @param string $sLogin + * @param string $sPassword + * + * @throws \RainLoop\Exceptions\ClientException + */ + public function FilterLoginСredentials(&$sEmail, &$sLogin, &$sPassword) { + $this->Manager()->Actions()->Logger()->Write('LdapLoginMappingPlugin::FilterLoginСredentials IN => '.$sEmail.'/'.$sLogin, \MailSo\Log\Enumerations\Type::INFO); + + // connection au ldap ynh... en local + $cnx = ldap_connect (); // single connection + + if (! $cnx) { + $this->Manager()->Actions()->Logger()->Write('LdapLoginMappingPlugin: Could not connect to LDAP server', \MailSo\Log\Enumerations\Type::ERROR ); + return; + } + + if (! ldap_bind ( $cnx )) { + // bizard... ca renvoie false.... mais ca marche.... + // $this->Manager()->Actions()->Logger()->Write('LdapLoginMappingPlugin: Could not bind to LDAP server', \MailSo\Log\Enumerations\Type::ERROR); + // return; + } + + $dn = "dc=yunohost,dc=org"; + + // on veut mail et uid... pour un mail donné + $filter = "(&(objectClass=inetOrgPerson)(mail=$sEmail))"; + $justthese = array ( 'uid', 'mail' ); + + // OK un petit recherche + $sr = ldap_search ( $cnx, $dn, $filter, $justthese ); + if (!$sr) { + $this->Manager()->Actions()->Logger()->Write('LdapLoginMappingPlugin: search on LDAP server', \MailSo\Log\Enumerations\Type::ERROR ); + return; + } + $result = ldap_get_entries ( $cnx, $sr ); + + // OK si on a un resultat on recupere l'identifiant de l'utilisateur... + if (($result['count'] > 0) && ($result[0]['uid']['count'] > 0)) { + $sLogin = $result[0]['uid'][0]; + } else { + $this->Manager()->Actions()->Logger()->Write('LdapLoginMappingPlugin: user not found', \MailSo\Log\Enumerations\Type::ERROR ); + } + + $this->Manager()->Actions()->Logger()->Write('LdapLoginMappingPlugin::FilterLoginСredentials OUT => '. $sEmail.'/'.$sLogin, \MailSo\Log\Enumerations\Type::INFO ); + } + + /* + * // pas encore de configuration... + * public function configMapping() + * { + * return array( + * \RainLoop\Plugins\Property::NewInstance('mapping')->SetLabel('Mapping') + * ->SetType(\RainLoop\Enumerations\PluginPropertyType::STRING_TEXT) + * ->SetDescription('email:login mapping') + * ->SetDefaultValue("user@domain.com:user.bob\nadmin@domain.com:user.john2") + * ); + * } + */ +} diff --git a/sources/rainloop-community.zip b/sources/rainloop-community.zip new file mode 100644 index 0000000..584c784 Binary files /dev/null and b/sources/rainloop-community.zip differ diff --git a/sources/sso/index.php b/sources/sso/index.php new file mode 100644 index 0000000..f89e738 --- /dev/null +++ b/sources/sso/index.php @@ -0,0 +1,35 @@ + diff --git a/conf/sso.php b/sources/sso/sso.php similarity index 100% rename from conf/sso.php rename to sources/sso/sso.php