From d7800d5042f4294a88683bb96d0ab45d37894144 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=89ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Wed, 31 Aug 2022 23:01:08 +0200 Subject: [PATCH 1/6] 1.17.0 --- conf/app.src | 4 ++-- manifest.json | 6 +++--- scripts/_common.sh | 2 +- scripts/install | 16 ++++++++-------- scripts/restore | 25 +++++++++++++++---------- scripts/upgrade | 20 ++++++++++---------- 6 files changed, 39 insertions(+), 34 deletions(-) diff --git a/conf/app.src b/conf/app.src index 345039c..1a0b011 100644 --- a/conf/app.src +++ b/conf/app.src @@ -1,5 +1,5 @@ -SOURCE_URL=https://github.com/RainLoop/rainloop-webmail/releases/download/v1.16.0/rainloop-community-1.16.0.zip -SOURCE_SUM=db949c4363b048a02eaa0f06a26a8386979b8734198c2939ee1e8cc54362ca67 +SOURCE_URL=https://github.com/RainLoop/rainloop-webmail/releases/download/v1.17.0/rainloop-legacy-1.17.0.zip +SOURCE_SUM=782dcabacadab5d7176f7701dd23319a040b2cfbf974fac6df068600cf69c50a SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=zip SOURCE_IN_SUBDIR=false diff --git a/manifest.json b/manifest.json index 19651f5..e6ad9a0 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "Lightweight multi-account webmail", "fr": "Webmail léger multi-comptes" }, - "version": "1.16.0~ynh4", + "version": "1.17.0~ynh1", "url": "https://www.rainloop.net/", "upstream": { "license": "AGPL-3.0-or-later", @@ -20,12 +20,12 @@ "name": "scith, Djip007, polytan02" }, "requirements": { - "yunohost": ">= 4.3.0" + "yunohost": ">= 11.0.9" }, "multi_instance": true, "services": [ "nginx", - "php7.3-fpm", + "php7.4-fpm", "mysql" ], "arguments": { diff --git a/scripts/_common.sh b/scripts/_common.sh index 1066592..a34ae03 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -4,7 +4,7 @@ # PERSONAL HELPERS #================================================= -YNH_PHP_VERSION="7.3" +YNH_PHP_VERSION="7.4" pkg_dependencies="php${YNH_PHP_VERSION}-json php${YNH_PHP_VERSION}-curl php${YNH_PHP_VERSION}-xml php${YNH_PHP_VERSION}-dom" diff --git a/scripts/install b/scripts/install index 4bba9f4..8ac2dc8 100644 --- a/scripts/install +++ b/scripts/install @@ -95,14 +95,6 @@ version=$(ynh_app_upstream_version) ynh_add_config --template="../sources/patches/app-CVE-2022-29360.patch.template" --destination="../sources/patches/FIXMEapp-CVE-2022-29360.patch" patch --silent --binary $final_path/app/rainloop/v/$version/app/libraries/MailSo/Base/HtmlUtils.php < ../sources/patches/FIXMEapp-CVE-2022-29360.patch -#================================================= -# NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Configuring NGINX web server..." --weight=2 - -# Create a dedicated NGINX config -ynh_add_nginx_config - #================================================= # PHP-FPM CONFIGURATION #================================================= @@ -112,6 +104,14 @@ ynh_script_progression --message="Configuring PHP-FPM..." --weight=2 ynh_add_fpm_config phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) +#================================================= +# NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Configuring NGINX web server..." --weight=2 + +# Create a dedicated NGINX config +ynh_add_nginx_config + #================================================= # SPECIFIC SETUP #================================================= diff --git a/scripts/restore b/scripts/restore index b4fb151..1394828 100644 --- a/scripts/restore +++ b/scripts/restore @@ -13,6 +13,10 @@ source /usr/share/yunohost/helpers # MANAGE SCRIPT FAILURE #================================================= +ynh_clean_setup () { + #### Remove this function if there's nothing to clean before calling the remove script. + true +} # Exit if an error occurs during the execution of the script ynh_abort_if_errors @@ -39,12 +43,6 @@ test ! -d $final_path || ynh_die --message="There is already a directory: $final #================================================= # STANDARD RESTORATION STEPS -#================================================= -# RESTORE THE NGINX CONFIGURATION -#================================================= - -ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" - #================================================= # RECREATE THE DEDICATED USER #================================================= @@ -73,6 +71,14 @@ db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql +#================================================= +# REINSTALL DEPENDENCIES +#================================================= +ynh_script_progression --message="Reinstalling dependencies..." --weight=1 + +# Define and install dependencies +ynh_install_app_dependencies $pkg_dependencies + #================================================= # RESTORE THE PHP-FPM CONFIGURATION #================================================= @@ -81,12 +87,11 @@ ynh_script_progression --message="Restoring the PHP-FPM configuration..." --weig ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" #================================================= -# REINSTALL DEPENDENCIES +# RESTORE THE NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Reinstalling dependencies..." --weight=1 +ynh_script_progression --message="Restoring the NGINX web server configuration..." --weight=1 -# Define and install dependencies -ynh_install_app_dependencies $pkg_dependencies +ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= # RESTORE FAIL2BAN CONFIGURATION diff --git a/scripts/upgrade b/scripts/upgrade index 4db3a40..791710c 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -121,14 +121,6 @@ version=$(ynh_app_upstream_version) ynh_add_config --template="../sources/patches/app-CVE-2022-29360.patch.template" --destination="../sources/patches/FIXMEapp-CVE-2022-29360.patch" patched="$(patch --silent --binary --forward $final_path/app/rainloop/v/$version/app/libraries/MailSo/Base/HtmlUtils.php <../sources/patches/FIXMEapp-CVE-2022-29360.patch)" || echo "${patched}" | grep "Reversed (or previously applied) patch detected! Skipping patch." -q || (echo "$patched" && false); -#================================================= -# NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=2 - -# Create a dedicated NGINX config -ynh_add_nginx_config - #================================================= # UPGRADE DEPENDENCIES #================================================= @@ -144,6 +136,14 @@ ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=2 # Create a dedicated PHP-FPM config ynh_add_fpm_config +#================================================= +# NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=2 + +# Create a dedicated NGINX config +ynh_add_nginx_config + #================================================= # SPECIFIC UPGRADE #================================================= @@ -151,8 +151,8 @@ ynh_add_fpm_config #================================================= ynh_script_progression --message="Upgrading Rainloop configuration..." --weight=2 -# Upgrade time_offset value for fail2ban -# FIXME Temporary fix for rainloop, waiting for https://github.com/YunoHost/yunohost/pull/752 to be released. +# Upgrade time_offset value for Fail2Ban +# FIXME Temporary fix for Rainloop, waiting for https://github.com/YunoHost/yunohost/pull/752 to be released. # ynh_replace_string --match_string="^time_offset = .*" --replace_string="time_offset = $(date +%:::z)" --target_file="$final_path/app/data/_data_/_default_/configs/application.ini" timezone="$(date +%:::z)" ynh_replace_string --match_string="^time_offset = .*" --replace_string="time_offset = ${timezone//-/\\-}" --target_file="$final_path/app/data/_data_/_default_/configs/application.ini" From 16060a76e51e701e53436d62e838766ca0c1fb42 Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Wed, 31 Aug 2022 21:01:16 +0000 Subject: [PATCH 2/6] Auto-update README --- README.md | 22 ++++++++++++---------- README_fr.md | 28 +++++++++++++++++----------- 2 files changed, 29 insertions(+), 21 deletions(-) diff --git a/README.md b/README.md index da7cea6..8ed6203 100644 --- a/README.md +++ b/README.md @@ -5,7 +5,7 @@ It shall NOT be edited by hand. # Rainloop for YunoHost -[![Integration level](https://dash.yunohost.org/integration/rainloop.svg)](https://dash.yunohost.org/appci/app/rainloop) ![](https://ci-apps.yunohost.org/ci/badges/rainloop.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/rainloop.maintain.svg) +[![Integration level](https://dash.yunohost.org/integration/rainloop.svg)](https://dash.yunohost.org/appci/app/rainloop) ![Working status](https://ci-apps.yunohost.org/ci/badges/rainloop.status.svg) ![Maintenance status](https://ci-apps.yunohost.org/ci/badges/rainloop.maintain.svg) [![Install Rainloop with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=rainloop) *[Lire ce readme en français.](./README_fr.md)* @@ -35,13 +35,14 @@ Lightweight multi-account webmail - Autocompletion of e-mail addresses. -**Shipped version:** 1.16.0~ynh4 +**Shipped version:** 1.17.0~ynh1 + **Demo:** https://mail.rainloop.net/ ## Screenshots -![](./doc/screenshots/screenshot.png) +![Screenshot of Rainloop](./doc/screenshots/screenshot.png) ## Disclaimers / important information @@ -54,21 +55,22 @@ For example: http://webmail.domain.com/app/?admin Default login is `admin`, the password is the one you chose during installation. ## Documentation and resources -* Official app website: https://www.rainloop.net/ -* Official admin documentation: https://www.rainloop.net/docs/configuration/ -* Upstream app code repository: https://github.com/RainLoop/rainloop-webmail -* YunoHost documentation for this app: https://yunohost.org/app_rainloop -* Report a bug: https://github.com/YunoHost-Apps/rainloop_ynh/issues +* Official app website: +* Official admin documentation: +* Upstream app code repository: +* YunoHost documentation for this app: +* Report a bug: ## Developer info Please send your pull request to the [testing branch](https://github.com/YunoHost-Apps/rainloop_ynh/tree/testing). To try the testing branch, please proceed like that. -``` + +``` bash sudo yunohost app install https://github.com/YunoHost-Apps/rainloop_ynh/tree/testing --debug or sudo yunohost app upgrade rainloop -u https://github.com/YunoHost-Apps/rainloop_ynh/tree/testing --debug ``` -**More info regarding app packaging:** https://yunohost.org/packaging_apps \ No newline at end of file +**More info regarding app packaging:** diff --git a/README_fr.md b/README_fr.md index 78589f1..da44a65 100644 --- a/README_fr.md +++ b/README_fr.md @@ -1,10 +1,14 @@ + + # Rainloop pour YunoHost -[![Niveau d'intégration](https://dash.yunohost.org/integration/rainloop.svg)](https://dash.yunohost.org/appci/app/rainloop) ![](https://ci-apps.yunohost.org/ci/badges/rainloop.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/rainloop.maintain.svg) +[![Niveau d'intégration](https://dash.yunohost.org/integration/rainloop.svg)](https://dash.yunohost.org/appci/app/rainloop) ![Statut du fonctionnement](https://ci-apps.yunohost.org/ci/badges/rainloop.status.svg) ![Statut de maintenance](https://ci-apps.yunohost.org/ci/badges/rainloop.maintain.svg) [![Installer Rainloop avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=rainloop) *[Read this readme in english.](./README.md)* -*[Lire ce readme en français.](./README_fr.md)* > *Ce package vous permet d'installer Rainloop rapidement et simplement sur un serveur YunoHost. Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.* @@ -31,13 +35,14 @@ Lightweight multi-account webmail - Autocompletion of e-mail addresses. -**Version incluse :** 1.16.0~ynh4 +**Version incluse :** 1.17.0~ynh1 + **Démo :** https://mail.rainloop.net/ ## Captures d'écran -![](./doc/screenshots/screenshot.png) +![Capture d'écran de Rainloop](./doc/screenshots/screenshot.png) ## Avertissements / informations importantes @@ -50,21 +55,22 @@ For example: http://webmail.domain.com/app/?admin Default login is `admin`, the password is the one you chose during installation. ## Documentations et ressources -* Site officiel de l'app : https://www.rainloop.net/ -* Documentation officielle de l'admin : https://www.rainloop.net/docs/configuration/ -* Dépôt de code officiel de l'app : https://github.com/RainLoop/rainloop-webmail -* Documentation YunoHost pour cette app : https://yunohost.org/app_rainloop -* Signaler un bug : https://github.com/YunoHost-Apps/rainloop_ynh/issues +* Site officiel de l'app : +* Documentation officielle de l'admin : +* Dépôt de code officiel de l'app : +* Documentation YunoHost pour cette app : +* Signaler un bug : ## Informations pour les développeurs Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/rainloop_ynh/tree/testing). Pour essayer la branche testing, procédez comme suit. -``` + +``` bash sudo yunohost app install https://github.com/YunoHost-Apps/rainloop_ynh/tree/testing --debug ou sudo yunohost app upgrade rainloop -u https://github.com/YunoHost-Apps/rainloop_ynh/tree/testing --debug ``` -**Plus d'infos sur le packaging d'applications :** https://yunohost.org/packaging_apps \ No newline at end of file +**Plus d'infos sur le packaging d'applications :** From bb9fa4bf1219d9c67c225c08dfbfc7305e607460 Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Wed, 31 Aug 2022 21:01:55 +0000 Subject: [PATCH 3/6] Auto-update README --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index bb6fadc..8ed6203 100644 --- a/README.md +++ b/README.md @@ -38,7 +38,6 @@ Lightweight multi-account webmail **Shipped version:** 1.17.0~ynh1 - **Demo:** https://mail.rainloop.net/ ## Screenshots From 12544d975a34a52d959bacc0d21c06071b8aecf1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=89ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Wed, 31 Aug 2022 23:10:43 +0200 Subject: [PATCH 4/6] Delete app-CVE-2022-29360.patch.template --- .../patches/app-CVE-2022-29360.patch.template | 23 ------------------- 1 file changed, 23 deletions(-) delete mode 100644 sources/patches/app-CVE-2022-29360.patch.template diff --git a/sources/patches/app-CVE-2022-29360.patch.template b/sources/patches/app-CVE-2022-29360.patch.template deleted file mode 100644 index 79fceee..0000000 --- a/sources/patches/app-CVE-2022-29360.patch.template +++ /dev/null @@ -1,23 +0,0 @@ -diff --git a/rainloop/v/__VERSION__/app/libraries/MailSo/Base/HtmlUtils.php b/rainloop/v/__VERSION__/app/libraries/MailSo/Base/HtmlUtils.new -index 2177627..f1e014e 100644 ---- a/rainloop/v/__VERSION__/app/libraries/MailSo/Base/HtmlUtils.php -+++ b/rainloop/v/__VERSION__/app/libraries/MailSo/Base/HtmlUtils.new -@@ -239,7 +239,8 @@ class HtmlUtils - $oWrapHtml->setAttribute($sKey, $sValue); - } - -- $oWrapDom = $oDom->createElement('div', '___xxx___'); -+ $rand_str = base64_encode(random_bytes(32)); -+ $oWrapDom = $oDom->createElement('div', $rand_str); - $oWrapDom->setAttribute('data-x-div-type', 'body'); - foreach ($aBodylAttrs as $sKey => $sValue) - { -@@ -250,7 +251,7 @@ class HtmlUtils - - $sWrp = $oDom->saveHTML($oWrapHtml); - -- $sResult = \str_replace('___xxx___', $sResult, $sWrp); -+ $sResult = \str_replace($rand_str, $sResult, $sWrp); - } - - $sResult = \str_replace(\MailSo\Base\HtmlUtils::$KOS, ':', $sResult); From 7eb893cb946eeffb5dfe37b6ead444359469b04c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=89ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Wed, 31 Aug 2022 23:21:00 +0200 Subject: [PATCH 5/6] Update install --- scripts/install | 8 -------- 1 file changed, 8 deletions(-) diff --git a/scripts/install b/scripts/install index 8ac2dc8..8ad274c 100644 --- a/scripts/install +++ b/scripts/install @@ -87,14 +87,6 @@ ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path/app" -ynh_script_progression --message="Patching CVE-2022-29360 code vulnerability..." --weight=1 -# Deploy CVE-2022-29360 patch -version=$(ynh_app_upstream_version) -# FIXME because we need to apply the patch manually with --binary flag -# while we should be able to simply use the patching feature of ynh_setup_source -ynh_add_config --template="../sources/patches/app-CVE-2022-29360.patch.template" --destination="../sources/patches/FIXMEapp-CVE-2022-29360.patch" -patch --silent --binary $final_path/app/rainloop/v/$version/app/libraries/MailSo/Base/HtmlUtils.php < ../sources/patches/FIXMEapp-CVE-2022-29360.patch - #================================================= # PHP-FPM CONFIGURATION #================================================= From 2b9e5dd8d5102ef1294266ae727b0973c60911cf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=89ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Wed, 31 Aug 2022 23:21:24 +0200 Subject: [PATCH 6/6] Update upgrade --- scripts/upgrade | 9 --------- 1 file changed, 9 deletions(-) diff --git a/scripts/upgrade b/scripts/upgrade index 791710c..ee9102c 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -112,15 +112,6 @@ then ynh_setup_source --dest_dir="$final_path/app" fi -ynh_script_progression --message="Patching CVE-2022-29360 code vulnerability..." --weight=1 -ynh_print_warn --message="You should stop using Rainloop, its upstream code is not maintained anymore" -# Deploy CVE-2022-29360 patch -version=$(ynh_app_upstream_version) -# FIXME because we need to apply the patch manually with --binary flag -# while we should be able to simply use the patching feature of ynh_setup_source -ynh_add_config --template="../sources/patches/app-CVE-2022-29360.patch.template" --destination="../sources/patches/FIXMEapp-CVE-2022-29360.patch" -patched="$(patch --silent --binary --forward $final_path/app/rainloop/v/$version/app/libraries/MailSo/Base/HtmlUtils.php <../sources/patches/FIXMEapp-CVE-2022-29360.patch)" || echo "${patched}" | grep "Reversed (or previously applied) patch detected! Skipping patch." -q || (echo "$patched" && false); - #================================================= # UPGRADE DEPENDENCIES #=================================================