Merge branch 'testing' into package_upgrade

2024-09-03 20:16:18 +02:00 · 2019-03-09 12:56:22 +01:00 · 2019-03-09 12:56:22 +01:00 · 93ac70747c
commit 93ac70747c
parent 5ccd2d13bd 6815db5cdc
12 changed files with 222 additions and 44 deletions
--- a/README.md
+++ b/README.md
@ -12,7 +12,7 @@ If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to

 Rainloop is a lightweight webmail.

-**Shipped version:** 1.11.3
+**Shipped version:** 1.12.1

 ## Screenshots

@ -29,6 +29,7 @@ Go to http://DOMAIN.TLD/rainloop/app/?admin

 - The default login is : admin
 - The default password is : Password chosen during install
+
 - If you lost the admin password, you can retrieve it using ``sudo yunohost app settings rainloop password``

 Each user can add a remote carddav server from their own parameters interface.
@ -36,6 +37,8 @@ Each user can add a remote carddav server from their own parameters interface.
 - If you use baikal, the CardDav address is: https://DOMAIN.TLD/baikal/card.php/addressbooks/USER/default/
 - If you use NextCloud, the CardDav address is: https://DOMAIN.TLD/nextcloud/remote.php/carddav/addressbooks/USER/contacts

+Rainloop saves your PGP private keys in the browser storage. This means that you will loose your private keys if you clear your browser storage (e.g., private browsing, different computer...). This packages integrates [PGPback by chtixof](https://github.com/chtixof/pgpback_ynh) so you can store your PGP private keys on the server securely. Go to **http://DOMAIN.TLD/rainloop/pgpback** to backup your PGP keys on the server or restore them.
+
 ## Documentation

 * Official documentation: https://www.rainloop.net/docs/configuration/
@ -61,6 +64,7 @@ Each user can add a remote carddav server from their own parameters interface.

 * Report a bug: https://github.com/YunoHost-Apps/rainloop_ynh/issues
 * Rainloop website: https://www.rainloop.net/
+ * Rainloop github website: https://github.com/RainLoop/rainloop-webmail
 * YunoHost website: https://yunohost.org/

 ---
--- a/README_fr.md
+++ b/README_fr.md
@ -12,7 +12,7 @@ Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour

 Rainloop est un webmail léger.

-**Version incluse:** 1.11.3
+**Version incluse:** 1.12.1

 ## Captures d'écran

@ -61,6 +61,7 @@ Chaque utilisateur peut ajouter un carnet d'adresse distant CardDav via leurs pr

 * Signaler un bug: https://github.com/YunoHost-Apps/rainloop_ynh/issues
 * Site de Rainloop: https://www.rainloop.net/
+ * Github de Rainloop: https://github.com/RainLoop/rainloop-webmail
 * Site web YunoHost: https://yunohost.org/

 ---
--- a/27
+++ b/27
@ -1,11 +1,12 @@
-;; Test Rainloop
-    ; Manifest
+;; Test complet
+	; Manifest
        domain="domain.tld"    (DOMAIN)
        path="/rainloop"    (PATH)
+        lang="fr"
        is_public=1 (PUBLIC|public=1|private=0)
-        password="password"
+		password="pass"
        ldap=1
-        lang="English"
+
    ; Checks
        pkg_linter=1
        setup_sub_dir=1
@ -19,20 +20,18 @@
        multi_instance=1
        incorrect_path=1
        port_already_use=0
-        change_url=0
+        change_url=1
 ;;; Levels
    Level 1=auto
    Level 2=auto
    Level 3=auto
-# Level 4: 
-    Level 4=1
-# Level 5:
-    Level 5=auto
-    Level 6=auto
-    Level 7=auto
-    Level 8=0
-    Level 9=0
-    Level 10=0
+	Level 4=1
+	Level 5=auto
+	Level 6=auto
+	Level 7=auto
+	Level 8=0
+	Level 9=0
+	Level 10=0
 ;;; Options
 Email=
 Notification=none
--- a/conf/app.src
+++ b/conf/app.src
@ -1,6 +1,6 @@
-SOURCE_URL=https://github.com/RainLoop/rainloop-webmail/releases/download/v1.11.3/rainloop-community-1.11.3.zip
-SOURCE_SUM=49a097151abb1b208b74e01ee1680e2d
-SOURCE_SUM_PRG=md5sum
+SOURCE_URL=https://github.com/RainLoop/rainloop-webmail/releases/download/v1.12.1/rainloop-community-1.12.1.zip
+SOURCE_SUM=5d7f99d0e145d22617de8c17e43f34842245d5570662f97f4352487671df811b
+SOURCE_SUM_PRG=sha256sum
 SOURCE_FORMAT=zip
 SOURCE_IN_SUBDIR=false
 SOURCE_FILENAME=
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@ -23,11 +23,11 @@ location __PATH__/ {
 	location ~ [^/]\.php(/|$) {
 		fastcgi_split_path_info ^(.+?\.php)(/.*)$;
 		fastcgi_pass unix:/var/run/php/php7.0-fpm-__NAME__.sock;
-			fastcgi_index index.php;
-			include fastcgi_params;
-			fastcgi_param REMOTE_USER     $remote_user;
-			fastcgi_param PATH_INFO       $fastcgi_path_info;
-			fastcgi_param SCRIPT_FILENAME $request_filename;
+		fastcgi_index index.php;
+		include fastcgi_params;
+		fastcgi_param REMOTE_USER     $remote_user;
+		fastcgi_param PATH_INFO       $fastcgi_path_info;
+		fastcgi_param SCRIPT_FILENAME $request_filename;
 	}

 	# Include SSOWAT user panel.
--- a/conf/php-fpm.conf
+++ b/conf/php-fpm.conf
@ -384,6 +384,23 @@ chdir = __FINALPATH__
 ; Default Value: .php
 ;security.limit_extensions = .php .php3 .php4 .php5 .php7

+; Clear environment in FPM workers
+; Prevents arbitrary environment variables from reaching FPM worker processes
+; by clearing the environment in workers before env vars specified in this
+; pool configuration are added.
+; Setting to "no" will make all environment variables available to PHP code
+; via getenv(), $_ENV and $_SERVER.
+; Default Value: yes
+;clear_env = no
+
+; Limits the extensions of the main script FPM will allow to parse. This can
+; prevent configuration mistakes on the web server side. You should only limit
+; FPM to .php extensions to prevent malicious users to use other extensions to
+; execute php code.
+; Note: set an empty value to allow all extensions.
+; Default Value: .php
+;security.limit_extensions = .php .php3 .php4 .php5 .php7
+
 ; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
 ; the current environment.
 ; Default Value: clean env
--- a/manifest.json
+++ b/manifest.json
@ -6,9 +6,9 @@
 		"en": "Lightweight multi-account webmail",
 		"fr": "Webmail léger multi-comptes"
 	},
-	"version": "1.11.1~ynh2",
+	"version": "1.12.1~ynh2",
 	"url": "https://www.rainloop.net/",
-	"license": "AGPL-3.0",
+	"license": "AGPL-3.0-or-later",
 	"maintainer": {
 		"name": "scith, Djip007, polytan02"
 	},
@ -27,10 +27,10 @@
 				"name": "domain",
 				"type": "domain",
 				"ask": {
-					"en": "Choose a domain for Rainloop",
-					"fr": "Choisissez un domaine pour Rainloop"
+					"en": "Choose a domain name for Rainloop",
+					"fr": "Choisissez un nom de domaine pour Rainloop"
 				},
-				"example": "domain.org"
+                "example": "example.com"
 			},
 			{
 				"name": "path",
@ -51,14 +51,19 @@
 				},
 				"default": false
 			},
-			{
-				"name": "password",
-				"type": "password",
-				"ask": {
-					"en": "Choose a strong password for the 'admin' user",
-					"fr": "Choisissez un mot de passe fort pour l'administrateur, 'admin'"
-				}
-			},
+            {
+                "name": "password",
+                "type": "password",
+                "ask": {
+                    "en": "Set the administrator password",
+                    "fr": "Définissez le mot de passe administrateur"
+                },
+                "help": {
+                    "en": "Use the help field to add an information for the admin about this question.",
+                    "fr": "Utilisez le champ aide pour ajouter une information à l'intention de l'administrateur à propos de cette question."
+                },
+                "example": "Choose a password"
+            },
 			{
 				"name": "ldap",
 				"type": "boolean",
--- a/scripts/_common.sh
+++ b/scripts/_common.sh
@ -1,2 +1,13 @@
 #!/bin/bash

+#=================================================
+# PERSONAL HELPERS
+#=================================================
+
+#=================================================
+# EXPERIMENTAL HELPERS
+#=================================================
+
+#=================================================
+# FUTURE OFFICIAL HELPERS
+#=================================================
--- a/scripts/change_url
+++ b/scripts/change_url
@ -0,0 +1,127 @@
+#!/bin/bash
+
+#=================================================
+# GENERIC STARTING
+#=================================================
+# IMPORT GENERIC HELPERS
+#=================================================
+
+source _common.sh
+source /usr/share/yunohost/helpers
+
+#=================================================
+# RETRIEVE ARGUMENTS
+#=================================================
+ynh_print_info "Retrieve arguments from the manifest"
+
+old_domain=$YNH_APP_OLD_DOMAIN
+old_path=$YNH_APP_OLD_PATH
+
+new_domain=$YNH_APP_NEW_DOMAIN
+new_path=$YNH_APP_NEW_PATH
+
+app=$YNH_APP_INSTANCE_NAME
+
+#=================================================
+# LOAD SETTINGS
+#=================================================
+ynh_print_info "Loading installation settings..."
+
+# Needed for helper "ynh_add_nginx_config"
+final_path=$(ynh_app_setting_get $app final_path)
+
+#=================================================
+# CHECK THE SYNTAX OF THE PATHS
+#=================================================
+ynh_print_info "Check the syntax of the paths"
+
+test -n "$old_path" || old_path="/"
+test -n "$new_path" || new_path="/"
+new_path=$(ynh_normalize_url_path $new_path)
+old_path=$(ynh_normalize_url_path $old_path)
+
+#=================================================
+# CHECK WHICH PARTS SHOULD BE CHANGED
+#=================================================
+
+change_domain=0
+if [ "$old_domain" != "$new_domain" ]
+then
+	change_domain=1
+fi
+
+change_path=0
+if [ "$old_path" != "$new_path" ]
+then
+	change_path=1
+fi
+
+#=================================================
+# STANDARD MODIFICATIONS
+#=================================================
+# MODIFY URL IN NGINX CONF
+#=================================================
+ynh_print_info "Updating nginx web server configuration..."
+
+nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
+
+# Change the path in the nginx config file
+if [ $change_path -eq 1 ]
+then
+	# Make a backup of the original nginx config file if modified
+	ynh_backup_if_checksum_is_different "$nginx_conf_path"
+	# Set global variables for nginx helper
+	domain="$old_domain"
+	path_url="$new_path"
+	# Create a dedicated nginx config
+	ynh_add_nginx_config
+fi
+
+# Change the domain for nginx
+if [ $change_domain -eq 1 ]
+then
+	# Delete file checksum for the old conf file location
+	ynh_delete_file_checksum "$nginx_conf_path"
+	mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf
+	# Store file checksum for the new config file location
+	ynh_store_file_checksum "/etc/nginx/conf.d/$new_domain.d/$app.conf"
+fi
+
+#=================================================
+# SPECIFIC MODIFICATIONS
+#=================================================
+# CONFIGURE
+#=================================================
+
+application_file="$final_path/app/data/_data_/_default_/configs/application.ini"
+ynh_replace_string "default_domain = .^" "default_domain = \"$new_domain\"" "$application_file"
+if [ $old_path = "/" ] && [ $new_path = "/" ]
+then
+	ynh_replace_string "$old_domain" "$new_domain" "$final_path/index.php"
+elif [ $old_path != "/" ] && [ $new_path != "/" ]
+then
+	ynh_replace_string "$old_domain$old_path" "$new_domain$new_path" "$final_path/index.php"
+elif [ $old_path != "/" ] && [ $new_path = "/" ]
+then
+	ynh_replace_string "$old_domain$old_path" "$new_domain" "$final_path/index.php"
+elif [ $old_path = "/" ] && [ $new_path != "/" ]
+then
+	ynh_replace_string "$old_domain" "$new_domain$new_path" "$final_path/index.php"
+else
+	ynh_die "Error changing the URL"
+fi
+
+#=================================================
+# GENERIC FINALISATION
+#=================================================
+# RELOAD NGINX
+#=================================================
+ynh_print_info "Reloading nginx web server..."
+
+systemctl reload nginx
+
+#=================================================
+# END OF SCRIPT
+#=================================================
+
+ynh_print_info "Change of URL completed for $app"
--- a/scripts/install
+++ b/scripts/install
@ -19,13 +19,14 @@ ynh_abort_if_errors
 #=================================================
 # RETRIEVE ARGUMENTS FROM THE MANIFEST
 #=================================================
+ynh_print_info "Retrieve arguments from the manifest ..."

 domain=$YNH_APP_ARG_DOMAIN
 path_url=$YNH_APP_ARG_PATH
 is_public=$YNH_APP_ARG_IS_PUBLIC
+lang=$YNH_APP_ARG_LANG
 password=$YNH_APP_ARG_PASSWORD
 ldap=$YNH_APP_ARG_LDAP
-lang=$YNH_APP_ARG_LANG

 app=$YNH_APP_INSTANCE_NAME

@ -51,7 +52,8 @@ ynh_print_info "Storing installation settings..."
 ynh_app_setting_set $app domain $domain
 ynh_app_setting_set $app path $path_url
 ynh_app_setting_set $app is_public $is_public
-ynh_app_setting_set $app password $password
+ynh_app_setting_set $app lang $lang
+ynh_app_setting_set $app password $password #9999 Check if it's need to save password
 ynh_app_setting_set $app ldap $ldap

 #=================================================
@ -168,12 +170,20 @@ fi
 # Install PGPback by chtixof to allow users to backup/restore their PGP private keys on the server
 cp -rf ../sources/pgpback "$final_path/"

+#=================================================
+# STORE THE CONFIG FILE CHECKSUM
+#=================================================
+
+# Calculate and store the config file checksum into the app settings
+ynh_store_file_checksum "$application_file"
+
 #=================================================
 # GENERIC FINALIZATION
 #=================================================
 # SECURE FILES AND DIRECTORIES
 #=================================================

+# Set permissions to app files
 find $final_path/. -type d -exec chmod 755 {} \;
 find $final_path/. -type f -exec chmod 644 {} \;
 chown -R $app: $final_path
@ -186,7 +196,8 @@ ynh_print_info "Configuring SSOwat..."
 # Make app public if necessary
 if [ $is_public -eq 1 ]
 then
-	ynh_app_setting_set $app skipped_uris "/"
+	# unprotected_uris allows SSO credentials to be passed anyway.
+	ynh_app_setting_set $app unprotected_uris "/"
 fi

 #=================================================
--- a/scripts/upgrade
+++ b/scripts/upgrade
@ -20,6 +20,7 @@ domain=$(ynh_app_setting_get $app domain)
 path_url=$(ynh_app_setting_get $app path)
 is_public=$(ynh_app_setting_get $app is_public)
 final_path=$(ynh_app_setting_get $app final_path)
+lang=$(ynh_app_setting_get $app lang)
 db_name=$(ynh_app_setting_get $app db_name)

 #=================================================
@ -77,7 +78,7 @@ path_url=$(ynh_normalize_url_path $path_url)
 ynh_print_info "Upgrading source files..."

 # Download, check integrity, uncompress and patch the source from app.src
-ynh_setup_source "$final_path"
+ynh_setup_source "$final_path/app"

 #=================================================
 # NGINX CONFIGURATION
@ -130,9 +131,10 @@ cp -rf ../sources/pgpback "$final_path/"
 # SECURE FILES AND DIRECTORIES
 #=================================================

+# Set permissions on app files
+chown -R $app: $final_path
 find $final_path/. -type d -exec chmod 755 {} \;
 find $final_path/. -type f -exec chmod 644 {} \;
-chown -R $app: $final_path

 #=================================================
 # SETUP SSOWAT
@ -142,7 +144,8 @@ ynh_print_info "Upgrading SSOwat configuration..."
 # Make app public if necessary
 if [ $is_public -eq 1 ]
 then
-	ynh_app_setting_set $app skipped_uris "/"
+	# unprotected_uris allows SSO credentials to be passed anyway
+	ynh_app_setting_set $app unprotected_uris "/"
 fi

 #=================================================
--- a/sources/rainloop_version
+++ b/sources/rainloop_version
@ -1 +1 @@
-1.11.3
+1.12.1
 @ -1 +1 @@
 .11.3
 .12.1