diff --git a/README.md b/README.md index 8f56a24..7aeb532 100644 --- a/README.md +++ b/README.md @@ -12,7 +12,7 @@ If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to Rainloop is a lightweight webmail. -**Shipped version:** 1.11.3 +**Shipped version:** 1.12.1 ## Screenshots @@ -29,6 +29,7 @@ Go to http://DOMAIN.TLD/rainloop/app/?admin - The default login is : admin - The default password is : Password chosen during install + - If you lost the admin password, you can retrieve it using ``sudo yunohost app settings rainloop password`` Each user can add a remote carddav server from their own parameters interface. @@ -36,6 +37,8 @@ Each user can add a remote carddav server from their own parameters interface. - If you use baikal, the CardDav address is: https://DOMAIN.TLD/baikal/card.php/addressbooks/USER/default/ - If you use NextCloud, the CardDav address is: https://DOMAIN.TLD/nextcloud/remote.php/carddav/addressbooks/USER/contacts +Rainloop saves your PGP private keys in the browser storage. This means that you will loose your private keys if you clear your browser storage (e.g., private browsing, different computer...). This packages integrates [PGPback by chtixof](https://github.com/chtixof/pgpback_ynh) so you can store your PGP private keys on the server securely. Go to **http://DOMAIN.TLD/rainloop/pgpback** to backup your PGP keys on the server or restore them. + ## Documentation * Official documentation: https://www.rainloop.net/docs/configuration/ @@ -61,6 +64,7 @@ Each user can add a remote carddav server from their own parameters interface. * Report a bug: https://github.com/YunoHost-Apps/rainloop_ynh/issues * Rainloop website: https://www.rainloop.net/ + * Rainloop github website: https://github.com/RainLoop/rainloop-webmail * YunoHost website: https://yunohost.org/ --- diff --git a/README_fr.md b/README_fr.md index 0a3aba6..2f7543f 100644 --- a/README_fr.md +++ b/README_fr.md @@ -12,7 +12,7 @@ Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour Rainloop est un webmail léger. -**Version incluse:** 1.11.3 +**Version incluse:** 1.12.1 ## Captures d'écran @@ -61,6 +61,7 @@ Chaque utilisateur peut ajouter un carnet d'adresse distant CardDav via leurs pr * Signaler un bug: https://github.com/YunoHost-Apps/rainloop_ynh/issues * Site de Rainloop: https://www.rainloop.net/ + * Github de Rainloop: https://github.com/RainLoop/rainloop-webmail * Site web YunoHost: https://yunohost.org/ --- diff --git a/check_process b/check_process index 2dcc5da..f8eeef1 100644 --- a/check_process +++ b/check_process @@ -1,11 +1,12 @@ -;; Test Rainloop - ; Manifest +;; Test complet + ; Manifest domain="domain.tld" (DOMAIN) path="/rainloop" (PATH) + lang="fr" is_public=1 (PUBLIC|public=1|private=0) - password="password" + password="pass" ldap=1 - lang="English" + ; Checks pkg_linter=1 setup_sub_dir=1 @@ -19,20 +20,18 @@ multi_instance=1 incorrect_path=1 port_already_use=0 - change_url=0 + change_url=1 ;;; Levels Level 1=auto Level 2=auto Level 3=auto -# Level 4: - Level 4=1 -# Level 5: - Level 5=auto - Level 6=auto - Level 7=auto - Level 8=0 - Level 9=0 - Level 10=0 + Level 4=1 + Level 5=auto + Level 6=auto + Level 7=auto + Level 8=0 + Level 9=0 + Level 10=0 ;;; Options Email= Notification=none diff --git a/conf/app.src b/conf/app.src index 8b3d7fc..d886508 100644 --- a/conf/app.src +++ b/conf/app.src @@ -1,6 +1,6 @@ -SOURCE_URL=https://github.com/RainLoop/rainloop-webmail/releases/download/v1.11.3/rainloop-community-1.11.3.zip -SOURCE_SUM=49a097151abb1b208b74e01ee1680e2d -SOURCE_SUM_PRG=md5sum +SOURCE_URL=https://github.com/RainLoop/rainloop-webmail/releases/download/v1.12.1/rainloop-community-1.12.1.zip +SOURCE_SUM=5d7f99d0e145d22617de8c17e43f34842245d5570662f97f4352487671df811b +SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=zip SOURCE_IN_SUBDIR=false SOURCE_FILENAME= diff --git a/conf/nginx.conf b/conf/nginx.conf index d96b561..8f3144d 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -23,11 +23,11 @@ location __PATH__/ { location ~ [^/]\.php(/|$) { fastcgi_split_path_info ^(.+?\.php)(/.*)$; fastcgi_pass unix:/var/run/php/php7.0-fpm-__NAME__.sock; - fastcgi_index index.php; - include fastcgi_params; - fastcgi_param REMOTE_USER $remote_user; - fastcgi_param PATH_INFO $fastcgi_path_info; - fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param REMOTE_USER $remote_user; + fastcgi_param PATH_INFO $fastcgi_path_info; + fastcgi_param SCRIPT_FILENAME $request_filename; } # Include SSOWAT user panel. diff --git a/conf/php-fpm.conf b/conf/php-fpm.conf index 59e6c01..7f15f79 100644 --- a/conf/php-fpm.conf +++ b/conf/php-fpm.conf @@ -384,6 +384,23 @@ chdir = __FINALPATH__ ; Default Value: .php ;security.limit_extensions = .php .php3 .php4 .php5 .php7 +; Clear environment in FPM workers +; Prevents arbitrary environment variables from reaching FPM worker processes +; by clearing the environment in workers before env vars specified in this +; pool configuration are added. +; Setting to "no" will make all environment variables available to PHP code +; via getenv(), $_ENV and $_SERVER. +; Default Value: yes +;clear_env = no + +; Limits the extensions of the main script FPM will allow to parse. This can +; prevent configuration mistakes on the web server side. You should only limit +; FPM to .php extensions to prevent malicious users to use other extensions to +; execute php code. +; Note: set an empty value to allow all extensions. +; Default Value: .php +;security.limit_extensions = .php .php3 .php4 .php5 .php7 + ; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from ; the current environment. ; Default Value: clean env diff --git a/manifest.json b/manifest.json index b0df892..e47b5fc 100644 --- a/manifest.json +++ b/manifest.json @@ -6,9 +6,9 @@ "en": "Lightweight multi-account webmail", "fr": "Webmail léger multi-comptes" }, - "version": "1.11.1~ynh2", + "version": "1.12.1~ynh2", "url": "https://www.rainloop.net/", - "license": "AGPL-3.0", + "license": "AGPL-3.0-or-later", "maintainer": { "name": "scith, Djip007, polytan02" }, @@ -27,10 +27,10 @@ "name": "domain", "type": "domain", "ask": { - "en": "Choose a domain for Rainloop", - "fr": "Choisissez un domaine pour Rainloop" + "en": "Choose a domain name for Rainloop", + "fr": "Choisissez un nom de domaine pour Rainloop" }, - "example": "domain.org" + "example": "example.com" }, { "name": "path", @@ -51,14 +51,19 @@ }, "default": false }, - { - "name": "password", - "type": "password", - "ask": { - "en": "Choose a strong password for the 'admin' user", - "fr": "Choisissez un mot de passe fort pour l'administrateur, 'admin'" - } - }, + { + "name": "password", + "type": "password", + "ask": { + "en": "Set the administrator password", + "fr": "Définissez le mot de passe administrateur" + }, + "help": { + "en": "Use the help field to add an information for the admin about this question.", + "fr": "Utilisez le champ aide pour ajouter une information à l'intention de l'administrateur à propos de cette question." + }, + "example": "Choose a password" + }, { "name": "ldap", "type": "boolean", diff --git a/scripts/_common.sh b/scripts/_common.sh index 05a7907..b905339 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -1,2 +1,13 @@ #!/bin/bash +#================================================= +# PERSONAL HELPERS +#================================================= + +#================================================= +# EXPERIMENTAL HELPERS +#================================================= + +#================================================= +# FUTURE OFFICIAL HELPERS +#================================================= diff --git a/scripts/change_url b/scripts/change_url new file mode 100644 index 0000000..d279118 --- /dev/null +++ b/scripts/change_url @@ -0,0 +1,127 @@ +#!/bin/bash + +#================================================= +# GENERIC STARTING +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +source _common.sh +source /usr/share/yunohost/helpers + +#================================================= +# RETRIEVE ARGUMENTS +#================================================= +ynh_print_info "Retrieve arguments from the manifest" + +old_domain=$YNH_APP_OLD_DOMAIN +old_path=$YNH_APP_OLD_PATH + +new_domain=$YNH_APP_NEW_DOMAIN +new_path=$YNH_APP_NEW_PATH + +app=$YNH_APP_INSTANCE_NAME + +#================================================= +# LOAD SETTINGS +#================================================= +ynh_print_info "Loading installation settings..." + +# Needed for helper "ynh_add_nginx_config" +final_path=$(ynh_app_setting_get $app final_path) + +#================================================= +# CHECK THE SYNTAX OF THE PATHS +#================================================= +ynh_print_info "Check the syntax of the paths" + +test -n "$old_path" || old_path="/" +test -n "$new_path" || new_path="/" +new_path=$(ynh_normalize_url_path $new_path) +old_path=$(ynh_normalize_url_path $old_path) + +#================================================= +# CHECK WHICH PARTS SHOULD BE CHANGED +#================================================= + +change_domain=0 +if [ "$old_domain" != "$new_domain" ] +then + change_domain=1 +fi + +change_path=0 +if [ "$old_path" != "$new_path" ] +then + change_path=1 +fi + +#================================================= +# STANDARD MODIFICATIONS +#================================================= +# MODIFY URL IN NGINX CONF +#================================================= +ynh_print_info "Updating nginx web server configuration..." + +nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf + +# Change the path in the nginx config file +if [ $change_path -eq 1 ] +then + # Make a backup of the original nginx config file if modified + ynh_backup_if_checksum_is_different "$nginx_conf_path" + # Set global variables for nginx helper + domain="$old_domain" + path_url="$new_path" + # Create a dedicated nginx config + ynh_add_nginx_config +fi + +# Change the domain for nginx +if [ $change_domain -eq 1 ] +then + # Delete file checksum for the old conf file location + ynh_delete_file_checksum "$nginx_conf_path" + mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf + # Store file checksum for the new config file location + ynh_store_file_checksum "/etc/nginx/conf.d/$new_domain.d/$app.conf" +fi + +#================================================= +# SPECIFIC MODIFICATIONS +#================================================= +# CONFIGURE +#================================================= + +application_file="$final_path/app/data/_data_/_default_/configs/application.ini" +ynh_replace_string "default_domain = .^" "default_domain = \"$new_domain\"" "$application_file" +if [ $old_path = "/" ] && [ $new_path = "/" ] +then + ynh_replace_string "$old_domain" "$new_domain" "$final_path/index.php" +elif [ $old_path != "/" ] && [ $new_path != "/" ] +then + ynh_replace_string "$old_domain$old_path" "$new_domain$new_path" "$final_path/index.php" +elif [ $old_path != "/" ] && [ $new_path = "/" ] +then + ynh_replace_string "$old_domain$old_path" "$new_domain" "$final_path/index.php" +elif [ $old_path = "/" ] && [ $new_path != "/" ] +then + ynh_replace_string "$old_domain" "$new_domain$new_path" "$final_path/index.php" +else + ynh_die "Error changing the URL" +fi + +#================================================= +# GENERIC FINALISATION +#================================================= +# RELOAD NGINX +#================================================= +ynh_print_info "Reloading nginx web server..." + +systemctl reload nginx + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_print_info "Change of URL completed for $app" diff --git a/scripts/install b/scripts/install index 1f4b167..9fe7f63 100644 --- a/scripts/install +++ b/scripts/install @@ -19,13 +19,14 @@ ynh_abort_if_errors #================================================= # RETRIEVE ARGUMENTS FROM THE MANIFEST #================================================= +ynh_print_info "Retrieve arguments from the manifest ..." domain=$YNH_APP_ARG_DOMAIN path_url=$YNH_APP_ARG_PATH is_public=$YNH_APP_ARG_IS_PUBLIC +lang=$YNH_APP_ARG_LANG password=$YNH_APP_ARG_PASSWORD ldap=$YNH_APP_ARG_LDAP -lang=$YNH_APP_ARG_LANG app=$YNH_APP_INSTANCE_NAME @@ -51,7 +52,8 @@ ynh_print_info "Storing installation settings..." ynh_app_setting_set $app domain $domain ynh_app_setting_set $app path $path_url ynh_app_setting_set $app is_public $is_public -ynh_app_setting_set $app password $password +ynh_app_setting_set $app lang $lang +ynh_app_setting_set $app password $password #9999 Check if it's need to save password ynh_app_setting_set $app ldap $ldap #================================================= @@ -168,12 +170,20 @@ fi # Install PGPback by chtixof to allow users to backup/restore their PGP private keys on the server cp -rf ../sources/pgpback "$final_path/" +#================================================= +# STORE THE CONFIG FILE CHECKSUM +#================================================= + +# Calculate and store the config file checksum into the app settings +ynh_store_file_checksum "$application_file" + #================================================= # GENERIC FINALIZATION #================================================= # SECURE FILES AND DIRECTORIES #================================================= +# Set permissions to app files find $final_path/. -type d -exec chmod 755 {} \; find $final_path/. -type f -exec chmod 644 {} \; chown -R $app: $final_path @@ -186,7 +196,8 @@ ynh_print_info "Configuring SSOwat..." # Make app public if necessary if [ $is_public -eq 1 ] then - ynh_app_setting_set $app skipped_uris "/" + # unprotected_uris allows SSO credentials to be passed anyway. + ynh_app_setting_set $app unprotected_uris "/" fi #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 48915ea..b441b6a 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -20,6 +20,7 @@ domain=$(ynh_app_setting_get $app domain) path_url=$(ynh_app_setting_get $app path) is_public=$(ynh_app_setting_get $app is_public) final_path=$(ynh_app_setting_get $app final_path) +lang=$(ynh_app_setting_get $app lang) db_name=$(ynh_app_setting_get $app db_name) #================================================= @@ -77,7 +78,7 @@ path_url=$(ynh_normalize_url_path $path_url) ynh_print_info "Upgrading source files..." # Download, check integrity, uncompress and patch the source from app.src -ynh_setup_source "$final_path" +ynh_setup_source "$final_path/app" #================================================= # NGINX CONFIGURATION @@ -130,9 +131,10 @@ cp -rf ../sources/pgpback "$final_path/" # SECURE FILES AND DIRECTORIES #================================================= +# Set permissions on app files +chown -R $app: $final_path find $final_path/. -type d -exec chmod 755 {} \; find $final_path/. -type f -exec chmod 644 {} \; -chown -R $app: $final_path #================================================= # SETUP SSOWAT @@ -142,7 +144,8 @@ ynh_print_info "Upgrading SSOwat configuration..." # Make app public if necessary if [ $is_public -eq 1 ] then - ynh_app_setting_set $app skipped_uris "/" + # unprotected_uris allows SSO credentials to be passed anyway + ynh_app_setting_set $app unprotected_uris "/" fi #================================================= diff --git a/sources/rainloop_version b/sources/rainloop_version index 0a5af26..f8f4f03 100644 --- a/sources/rainloop_version +++ b/sources/rainloop_version @@ -1 +1 @@ -1.11.3 +1.12.1