YunoHost-Apps/rainloop_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/rainloop_ynh.git synced 2024-09-03 20:16:18 +02:00
Code Issues Activity Actions

Merge pull request #50 from YunoHost-Apps/testing

Browse source 
Testing
This commit is contained in:
Kayou 2019-06-02 00:33:52 +02:00 committed by GitHub
commit fbed6495f7
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
30 changed files with 1328 additions and 786 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

74
README.md
View file

@ -1,14 +1,35 @@
# Rainloop for YunoHost
* [rainloop](http://rainloop.net/ ): 1.11.3
[![Integration level](https://dash.yunohost.org/integration/rainloop.svg)](https://dash.yunohost.org/appci/app/rainloop)
[![Install Rainloop with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=rainloop)
*[Lire ce readme en français.](./README_fr.md)*
> *This package allow you to install Rainloop quickly and simply on a YunoHost server.
If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to know how to install and enjoy it.*
## Overview
## English
Rainloop is a lightweight webmail.
To configure it, go to http://DOMAIN.TLD/rainloop/app/?admin
**Shipped version:** 1.12.1
## Screenshots
![](https://www.rainloop.net/static/media/screenshots/v2/12.png)
## Demo
* [YunoHost demo](https://demo.yunohost.org/rainloop/app/)
* [Official demo](https://mail.rainloop.net/)
## Configuration
Go to http://DOMAIN.TLD/rainloop/app/?admin
- The default login is : admin
- The default password is : Password chosen during install
- If you lost the admin password, you can retrieve it using ``sudo yunohost app settings rainloop password``
Each user can add a remote carddav server from their own parameters interface.
@ -16,28 +37,45 @@ Each user can add a remote carddav server from their own parameters interface.
- If you use baikal, the CardDav address is: https://DOMAIN.TLD/baikal/card.php/addressbooks/USER/default/
- If you use NextCloud, the CardDav address is: https://DOMAIN.TLD/nextcloud/remote.php/carddav/addressbooks/USER/contacts
Rainloop saves your PGP private keys in the browser storage. This means that you will loose your private keys if you clear your browser storage (e.g., private browsing, different computer...). This packages integrates [PGPback by chtixof](https://github.com/chtixof/pgpback_ynh) so you can store your PGP private keys on the server securely. Go to **http://DOMAIN.TLD/rainloop/pgpback** to backup your PGP keys on the server or restore them.
## Documentation
To upgrade the app once a new rainloop version is available, simply run in a local shell via ssh or otherwise :
``sudo yunohost app upgrade -u https://github.com/YunoHost-Apps/rainloop_ynh rainloop``
* Official documentation: https://www.rainloop.net/docs/configuration/
* YunoHost documentation: https://yunohost.org/#/app_rainloop
## YunoHost specific features
## Français
Rainloop est un webmail simple et léger.
#### Multi-users support
Pour le configurer après l'installation, veuillez vous rendre sur http://DOMAIN.TLD/rainloop/app/?admin
#### Supported architectures
- Le nom d'utilisateur admin par défaut est : admin
- Le mot de passe admin par défaut est : Mot de passe choisi lors de l'installation
- Si vous avez oublié votre mot de passe, vous pouvez le retrouver avec ``sudo yunohost app settings rainloop password``
* x86-64b - [![Build Status](https://ci-apps.yunohost.org/ci/logs/rainloop%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/rainloop/)
* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/rainloop%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/rainloop/)
* Jessie x86-64b - [![Build Status](https://ci-stretch.nohost.me/ci/logs/rainloop%20%28Apps%29.svg)](https://ci-stretch.nohost.me/ci/apps/rainloop/)
Chaque utilisateur peut ajouter un carnet d'adresse distant CardDav via leurs propres paramètres.
## Limitations
- Si vous utilisez Baikal, l'adresse à renseigner est du type : https://DOMAIN.TLD/baikal/card.php/addressbooks/UTILISATEUR/default/
- Si vous utilisez NextCloud, l'adresse à renseigner est du type : https://DOMAIN.TLD/nextcloud/remote.php/carddav/addressbooks/USER/contacts
## Additional information
Rainloop stocke les clés PGP privées dans le stockage de navigateur. Cela implique que vos clés seront perdues quand vous videz le stockage de navigateur (navigation incognito, changement d'ordinateur, ...). Ce paquet intègre [PGPback de chtixof](https://github.com/chtixof/pgpback_ynh) pour que vous puissiez stocker vos clés privées PGP de manière sécurisée sur le serveur. Rendez-vous **http://DOMAIN.TLD/rainloop/pgpback** pour stocker vos clés privées PGP sur le serveur ou les restaurer dans un nouveau navigateur.
* Rainloop saves your PGP private keys in the browser storage. This means that you will loose your private keys if you clear your browser storage (e.g., private browsing, different computer...). This packages integrates [PGPback by chtixof](https://github.com/chtixof/pgpback_ynh) so you can store your PGP private keys on the server securely. Go to **http://DOMAIN.TLD/rainloop/pgpback** to backup your PGP keys on the server or restore them.
Pour mettre à jour rainloop lorsqu'une nouvelle version est disponible, lancez en console locale (ssh ou autre) :
``sudo yunohost app upgrade -u https://github.com/YunoHost-Apps/rainloop_ynh rainloop``
## Links
* Report a bug: https://github.com/YunoHost-Apps/rainloop_ynh/issues
* Rainloop website: https://www.rainloop.net/
* Rainloop github website: https://github.com/RainLoop/rainloop-webmail
* YunoHost website: https://yunohost.org/
---
Developers info
----------------
**Only if you want to use a testing branch for coding, instead of merging directly into master.**
Please do your pull request to the [testing branch](https://github.com/YunoHost-Apps/rainloop_ynh/tree/testing).
To try the testing branch, please proceed like that.
```
sudo yunohost app install https://github.com/YunoHost-Apps/rainloop_ynh/tree/testing --debug
or
sudo yunohost app upgrade rainloop -u https://github.com/YunoHost-Apps/rainloop_ynh/tree/testing --debug
```

80
README_fr.md Normal file
View file

@ -0,0 +1,80 @@
# Rainloop pour YunoHost
[![Integration level](https://dash.yunohost.org/integration/rainloop.svg)](https://dash.yunohost.org/appci/app/rainloop)
[![Install Rainloop with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=rainloop)
*[Read this readme in english.](./README.md)*
> *Ce package vous permet d'installer Rainloop rapidement et simplement sur un serveur Yunohost.
Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.*
## Vue d'ensemble
Rainloop est un webmail léger.
**Version incluse:** 1.12.1
## Captures d'écran
![](https://www.rainloop.net/static/media/screenshots/v2/12.png)
## Démo
* [Démo YunoHost](https://demo.yunohost.org/rainloop/app/)
* [Démo officielle](https://mail.rainloop.net/)
## Configuration
Veuillez vous rendre sur http://DOMAIN.TLD/rainloop/app/?admin
- Le nom d'utilisateur admin par défaut est : admin
- Le mot de passe admin par défaut est : Mot de passe choisi lors de l'installation
- Si vous avez oublié votre mot de passe, vous pouvez le retrouver avec ``sudo yunohost app settings rainloop password``
Chaque utilisateur peut ajouter un carnet d'adresse distant CardDav via leurs propres paramètres.
- Si vous utilisez Baikal, l'adresse à renseigner est du type : https://DOMAIN.TLD/baikal/card.php/addressbooks/UTILISATEUR/default
- Si vous utilisez NextCloud, l'adresse à renseigner est du type : https://DOMAIN.TLD/nextcloud/remote.php/carddav/addressbooks/USER/contacts
## Documentation
* Documentation officielle: https://www.rainloop.net/docs/configuration/
* Documentation YunoHost: https://yunohost.org/#/app_rainloop_fr
## Caractéristiques spécifiques YunoHost
#### Support multi-utilisateurs
#### Supported architectures
* x86-64b - [![Build Status](https://ci-apps.yunohost.org/ci/logs/rainloop%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/rainloop/)
* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/rainloop%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/rainloop/)
* Jessie x86-64b - [![Build Status](https://ci-stretch.nohost.me/ci/logs/rainloop%20%28Apps%29.svg)](https://ci-stretch.nohost.me/ci/apps/rainloop/)
## Limitations
## Informations additionnelles
* Rainloop stocke les clés PGP privées dans le stockage de navigateur. Cela implique que vos clés seront perdues quand vous videz le stockage de navigateur (navigation incognito, changement d'ordinateur, ...). Ce paquet intègre [PGPback de chtixof](https://github.com/chtixof/pgpback_ynh) pour que vous puissiez stocker vos clés privées PGP de manière sécurisée sur le serveur. Rendez-vous **http://DOMAIN.TLD/rainloop/pgpback** pour stocker vos clés privées PGP sur le serveur ou les restaurer dans un nouveau navigateur.
## Links
* Signaler un bug: https://github.com/YunoHost-Apps/rainloop_ynh/issues
* Site de Rainloop: https://www.rainloop.net/
* Github de Rainloop: https://github.com/RainLoop/rainloop-webmail
* Site web YunoHost: https://yunohost.org/
---
Informations pour les développeurs
----------------
**Seulement si vous voulez utiliser une branche de test pour le codage, au lieu de fusionner directement dans la banche principale.**
Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/rainloop_ynh/tree/testing).
Pour essayer la branche testing, procédez comme suit.
```
sudo yunohost app install https://github.com/YunoHost-Apps/rainloop_ynh/tree/testing --debug
ou
sudo yunohost app upgrade rainloop -u https://github.com/YunoHost-Apps/rainloop_ynh/tree/testing --debug
```

35
check_process
View file

@ -1,12 +1,12 @@
;; Test Rainloop
auto_remove=1
;; Test complet
; Manifest
domain="domain.tld" (DOMAIN)
path="/rainloop" (PATH)
is_public="No" (PUBLIC|public=Yes|private=No)
password="password" (PASSWORD)
ldap="Yes"
lang="English"
is_public=1 (PUBLIC|public=1|private=0)
password="pass"
ldap=1
; Checks
pkg_linter=1
setup_sub_dir=1
@ -15,23 +15,18 @@
setup_private=1
setup_public=1
upgrade=1
upgrade=1 from_commit=e26b7e5823858ea5f526659f320692a2768786b5
backup_restore=1
multi_instance=1
wrong_user=0
wrong_path=1
incorrect_path=1
corrupt_source=0
fail_download_source=0
port_already_use=0
final_path_already_use=0
change_url=1
;;; Levels
Level 1=auto
Level 2=auto
Level 3=auto
Level 4=1
Level 5=1
Level 6=auto
Level 7=auto
Level 8=0
Level 9=0
Level 10=0
Level 5=auto
;;; Options
Email=
Notification=none
;;; Upgrade options
; commit=e26b7e5823858ea5f526659f320692a2768786b5
name=Define ereg() if it does not exists
manifest_arg=domain=DOMAIN&path=PATH&is_public=Yes&password=password&ldap=Yes&lang=English&

6
conf/app.src Normal file
View file

@ -0,0 +1,6 @@
SOURCE_URL=https://github.com/RainLoop/rainloop-webmail/releases/download/v1.12.1/rainloop-community-1.12.1.zip
SOURCE_SUM=5d7f99d0e145d22617de8c17e43f34842245d5570662f97f4352487671df811b
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=zip
SOURCE_IN_SUBDIR=false
SOURCE_FILENAME=

22
conf/data/configs/application.ini
View file

@ -17,10 +17,10 @@ allow_themes = On
allow_user_background = Off
; Language used by default
language = "LANGTOCHANGE"
language = "__LANGTOCHANGE__"
; Admin Panel interface language
language_admin = "LANGTOCHANGE"
language_admin = "__LANGTOCHANGE__"
; Allow language selection on settings screen
allow_languages_on_settings = On
@ -58,9 +58,9 @@ allow_sharing = On
allow_sync = On
sync_interval = 20
type = "mysql"
pdo_dsn = "mysql:host=127.0.0.1;port=3306;dbname=MYSQLUSER"
pdo_user = "MYSQLUSER"
pdo_password = "MYSQLPASSWORD"
pdo_dsn = "mysql:host=127.0.0.1;port=3306;dbname=__MYSQLUSER__"
pdo_user = "__MYSQLUSER__"
pdo_password = "__MYSQLPASSWORD__"
suggestions_limit = 30
[security]
@ -114,7 +114,7 @@ messagelist_actions = On
attachments_actions = On
[login]
default_domain = "domain.tld"
default_domain = "__DOMAIN__"
; Allow language selection on webmail login screen
allow_languages_on_login = On
@ -138,7 +138,7 @@ sign_me_auto = "DefaultOff"
enable = On
; List of enabled plugins
enabled_list = "PLUGINSTOENABLE"
enabled_list = "__PLUGINSTOENABLE__"
[defaults]
; Editor mode used by default (Plain, Html, HtmlForced or PlainForced)
@ -169,7 +169,7 @@ write_on_timeout_only = 0
; Required for development purposes only.
; Disabling this option is not recommended.
hide_passwords = On
time_offset = 0
time_offset = __TIME_ZONE__
session_filter = ""
; Log filename.
@ -201,9 +201,9 @@ session_filter = ""
filename = "log-{date:Y-m-d}.txt"
; Enable auth logging in a separate file (for fail2ban)
auth_logging = Off
auth_logging_filename = "fail2ban/auth-{date:Y-m-d}.txt"
auth_logging_format = "[{date:Y-m-d H:i:s}] Auth failed: ip={request:ip} user={imap:login} host={imap:host} port={imap:port}"
auth_logging = On
auth_logging_filename = "fail2ban/auth-fail.log"
auth_logging_format = "[{date:Y-m-d H:i:s T}] Auth failed: ip={request:ip} user={imap:login} host={imap:host} port={imap:port}"
[debug]
; Special option required for development purposes

16
conf/nginx.conf
View file

@ -1,15 +1,19 @@
location PATHTOCHANGE {
alias ALIASTOCHANGE;
#sub_path_only rewrite ^__PATH__$ __PATH__/ permanent;
location __PATH__/ {
# Path to source
alias __FINALPATH__/;
# Force usage of https
if ($scheme = http) {
rewrite ^ https://$server_name$request_uri? permanent;
}
location ^~ ROOTTOCHANGE/app/data {
location ^~ __PATH__/app/data {
deny all;
}
location ^~ ROOTTOCHANGE/pgpback/keys {
location ^~ __PATH__/pgpback/keys {
deny all;
}
@ -18,7 +22,7 @@ location PATHTOCHANGE {
try_files $uri $uri/ index.php;
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
fastcgi_pass unix:/var/run/php5-fpm-NAMETOCHANGE.sock;
fastcgi_pass unix:/var/run/php/php7.0-fpm-__NAME__.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param REMOTE_USER $remote_user;
@ -26,6 +30,6 @@ location PATHTOCHANGE {
fastcgi_param SCRIPT_FILENAME $request_filename;
}
# Include SSOWAT user panel.
include conf.d/yunohost_panel.conf.inc;
}

336
conf/php-fpm.conf
View file

@ -1,10 +1,11 @@
; Start a new pool named 'www'.
; the variable $pool can we used in any directive and will be replaced by the
; the variable $pool can be used in any directive and will be replaced by the
; pool name ('www' here)
[NAMETOCHANGE]
[__NAMETOCHANGE__]
; Per pool prefix
; It only applies on the following directives:
; - 'access.log'
; - 'slowlog'
; - 'listen' (unixsocket)
; - 'chroot'
@ -16,21 +17,43 @@
; Default Value: none
;prefix = /path/to/pools/$pool
; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
; will be used.
user = __USER__
group = __USER__
; The address on which to accept FastCGI requests.
; Valid syntaxes are:
; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific address on
; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on
; a specific port;
; 'port' - to listen on a TCP socket to all addresses on a
; specific port;
; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
; a specific port;
; 'port' - to listen on a TCP socket to all addresses
; (IPv6 and IPv4-mapped) on a specific port;
; '/path/to/unix/socket' - to listen on a unix socket.
; Note: This value is mandatory.
listen = /var/run/php5-fpm-NAMETOCHANGE.sock
listen = /var/run/php/php7.0-fpm-__NAMETOCHANGE__.sock
; Set listen(2) backlog. A value of '-1' means unlimited.
; Default Value: 128 (-1 on FreeBSD and OpenBSD)
;listen.backlog = -1
; Set listen(2) backlog.
; Default Value: 511 (-1 on FreeBSD and OpenBSD)
;listen.backlog = 511
; List of ipv4 addresses of FastCGI clients which are allowed to connect.
; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many
; BSD-derived systems allow connections regardless of permissions.
; Default Values: user and group are set as the running user
; mode is set to 0660
listen.owner = www-data
listen.group = www-data
;listen.mode = 0660
; When POSIX Access Control Lists are supported you can set them using
; these options, value is a comma separated list of user/group names.
; When set, listen.owner and listen.group are ignored
;listen.acl_users =
;listen.acl_groups =
; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect.
; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
; must be separated by a comma. If this value is left blank, connections will be
@ -38,26 +61,26 @@ listen = /var/run/php5-fpm-NAMETOCHANGE.sock
; Default Value: any
;listen.allowed_clients = 127.0.0.1
; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many
; BSD-derived systems allow connections regardless of permissions.
; Default Values: user and group are set as the running user
; mode is set to 0666
listen.owner = www-data
listen.group = www-data
listen.mode = 0600
; Specify the nice(2) priority to apply to the pool processes (only if set)
; The value can vary from -19 (highest priority) to 20 (lower priority)
; Note: - It will only work if the FPM master process is launched as root
; - The pool processes will inherit the master process priority
; unless it specified otherwise
; Default Value: no set
; process.priority = -19
; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
; will be used.
user = www-data
group = www-data
; Set the process dumpable flag (PR_SET_DUMPABLE prctl) even if the process user
; or group is differrent than the master process user. It allows to create process
; core dump and ptrace the process for the pool user.
; Default Value: no
; process.dumpable = yes
; Choose how the process manager will control the number of child processes.
; Possible Values:
; static - a fixed number (pm.max_children) of child processes;
; dynamic - the number of child processes are set dynamically based on the
; following directives:
; following directives. With this process management, there will be
; always at least 1 children.
; pm.max_children - the maximum number of children that can
; be alive at the same time.
; pm.start_servers - the number of children created on startup.
@ -69,73 +92,150 @@ group = www-data
; state (waiting to process). If the number
; of 'idle' processes is greater than this
; number then some children will be killed.
; ondemand - no children are created at startup. Children will be forked when
; new requests will connect. The following parameter are used:
; pm.max_children - the maximum number of children that
; can be alive at the same time.
; pm.process_idle_timeout - The number of seconds after which
; an idle process will be killed.
; Note: This value is mandatory.
pm = dynamic
; The number of child processes to be created when pm is set to 'static' and the
; maximum number of child processes to be created when pm is set to 'dynamic'.
; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'.
; This value sets the limit on the number of simultaneous requests that will be
; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
; CGI.
; Note: Used when pm is set to either 'static' or 'dynamic'
; CGI. The below defaults are based on a server without much resources. Don't
; forget to tweak pm.* to fit your needs.
; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand'
; Note: This value is mandatory.
pm.max_children = 6
pm.max_children = 5
; The number of child processes created on startup.
; Note: Used only when pm is set to 'dynamic'
; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2
pm.start_servers = 3
pm.start_servers = 2
; The desired minimum number of idle server processes.
; Note: Used only when pm is set to 'dynamic'
; Note: Mandatory when pm is set to 'dynamic'
pm.min_spare_servers = 3
pm.min_spare_servers = 1
; The desired maximum number of idle server processes.
; Note: Used only when pm is set to 'dynamic'
; Note: Mandatory when pm is set to 'dynamic'
pm.max_spare_servers = 5
pm.max_spare_servers = 3
; The number of seconds after which an idle process will be killed.
; Note: Used only when pm is set to 'ondemand'
; Default Value: 10s
;pm.process_idle_timeout = 10s;
; The number of requests each child process should execute before respawning.
; This can be useful to work around memory leaks in 3rd party libraries. For
; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
; Default Value: 0
pm.max_requests = 500
;pm.max_requests = 500
; The URI to view the FPM status page. If this value is not set, no URI will be
; recognized as a status page. By default, the status page shows the following
; information:
; accepted conn - the number of request accepted by the pool;
; recognized as a status page. It shows the following informations:
; pool - the name of the pool;
; process manager - static or dynamic;
; process manager - static, dynamic or ondemand;
; start time - the date and time FPM has started;
; start since - number of seconds since FPM has started;
; accepted conn - the number of request accepted by the pool;
; listen queue - the number of request in the queue of pending
; connections (see backlog in listen(2));
; max listen queue - the maximum number of requests in the queue
; of pending connections since FPM has started;
; listen queue len - the size of the socket queue of pending connections;
; idle processes - the number of idle processes;
; active processes - the number of active processes;
; total processes - the number of idle + active processes.
; total processes - the number of idle + active processes;
; max active processes - the maximum number of active processes since FPM
; has started;
; max children reached - number of times, the process limit has been reached,
; when pm tries to start more children (works only for
; pm 'dynamic')
; The values of 'idle processes', 'active processes' and 'total processes' are
; updated each second. The value of 'accepted conn' is updated in real time.
; pm 'dynamic' and 'ondemand');
; Value are updated in real time.
; Example output:
; accepted conn: 12073
; pool: www
; process manager: static
; idle processes: 35
; active processes: 65
; total processes: 100
; max children reached: 1
; start time: 01/Jul/2011:17:53:49 +0200
; start since: 62636
; accepted conn: 190460
; listen queue: 0
; max listen queue: 1
; listen queue len: 42
; idle processes: 4
; active processes: 11
; total processes: 15
; max active processes: 12
; max children reached: 0
;
; By default the status page output is formatted as text/plain. Passing either
; 'html' or 'json' as a query string will return the corresponding output
; syntax. Example:
; 'html', 'xml' or 'json' in the query string will return the corresponding
; output syntax. Example:
; http://www.foo.bar/status
; http://www.foo.bar/status?json
; http://www.foo.bar/status?html
; http://www.foo.bar/status?xml
;
; By default the status page only outputs short status. Passing 'full' in the
; query string will also return status for each pool process.
; Example:
; http://www.foo.bar/status?full
; http://www.foo.bar/status?json&full
; http://www.foo.bar/status?html&full
; http://www.foo.bar/status?xml&full
; The Full status returns for each process:
; pid - the PID of the process;
; state - the state of the process (Idle, Running, ...);
; start time - the date and time the process has started;
; start since - the number of seconds since the process has started;
; requests - the number of requests the process has served;
; request duration - the duration in µs of the requests;
; request method - the request method (GET, POST, ...);
; request URI - the request URI with the query string;
; content length - the content length of the request (only with POST);
; user - the user (PHP_AUTH_USER) (or '-' if not set);
; script - the main script called (or '-' if not set);
; last request cpu - the %cpu the last request consumed
; it's always 0 if the process is not in Idle state
; because CPU calculation is done when the request
; processing has terminated;
; last request memory - the max amount of memory the last request consumed
; it's always 0 if the process is not in Idle state
; because memory calculation is done when the request
; processing has terminated;
; If the process is in Idle state, then informations are related to the
; last request the process has served. Otherwise informations are related to
; the current request being served.
; Example output:
; ************************
; pid: 31330
; state: Running
; start time: 01/Jul/2011:17:53:49 +0200
; start since: 63087
; requests: 12808
; request duration: 1250261
; request method: GET
; request URI: /test_mem.php?N=10000
; content length: 0
; user: -
; script: /home/fat/web/docs/php/test_mem.php
; last request cpu: 0.00
; last request memory: 0
;
; Note: There is a real-time FPM status monitoring sample web page available
; It's available in: /usr/share/php/7.0/fpm/status.html
;
; Note: The value must start with a leading slash (/). The value can be
; anything, but it may not be a good idea to use the .php extension or it
; may conflict with a real PHP file.
; Default Value: not set
pm.status_path = /fpm-status
;pm.status_path = /status
; The ping URI to call the monitoring page of FPM. If this value is not set, no
; URI will be recognized as a ping page. This could be used to test from outside
@ -147,39 +247,102 @@ pm.status_path = /fpm-status
; anything, but it may not be a good idea to use the .php extension or it
; may conflict with a real PHP file.
; Default Value: not set
ping.path = /ping
;ping.path = /ping
; This directive may be used to customize the response of a ping request. The
; response is formatted as text/plain with a 200 response code.
; Default Value: pong
;ping.response = pong
; The timeout for serving a single request after which the worker process will
; be killed. This option should be used when the 'max_execution_time' ini option
; does not stop script execution for some reason. A value of '0' means 'off'.
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
; Default Value: 0
request_terminate_timeout = 120s
; The access log file
; Default: not set
;access.log = log/$pool.access.log
; The access log format.
; The following syntax is allowed
; %%: the '%' character
; %C: %CPU used by the request
; it can accept the following format:
; - %{user}C for user CPU only
; - %{system}C for system CPU only
; - %{total}C for user + system CPU (default)
; %d: time taken to serve the request
; it can accept the following format:
; - %{seconds}d (default)
; - %{miliseconds}d
; - %{mili}d
; - %{microseconds}d
; - %{micro}d
; %e: an environment variable (same as $_ENV or $_SERVER)
; it must be associated with embraces to specify the name of the env
; variable. Some exemples:
; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e
; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e
; %f: script filename
; %l: content-length of the request (for POST request only)
; %m: request method
; %M: peak of memory allocated by PHP
; it can accept the following format:
; - %{bytes}M (default)
; - %{kilobytes}M
; - %{kilo}M
; - %{megabytes}M
; - %{mega}M
; %n: pool name
; %o: output header
; it must be associated with embraces to specify the name of the header:
; - %{Content-Type}o
; - %{X-Powered-By}o
; - %{Transfert-Encoding}o
; - ....
; %p: PID of the child that serviced the request
; %P: PID of the parent of the child that serviced the request
; %q: the query string
; %Q: the '?' character if query string exists
; %r: the request URI (without the query string, see %q and %Q)
; %R: remote IP address
; %s: status (response code)
; %t: server time the request was received
; it can accept a strftime(3) format:
; %d/%b/%Y:%H:%M:%S %z (default)
; The strftime(3) format must be encapsuled in a %{<strftime_format>}t tag
; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
; %T: time the log has been written (the request has finished)
; it can accept a strftime(3) format:
; %d/%b/%Y:%H:%M:%S %z (default)
; The strftime(3) format must be encapsuled in a %{<strftime_format>}t tag
; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
; %u: remote user
;
; Default: "%R - %u %t \"%m %r\" %s"
;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"
; The log file for slow requests
; Default Value: not set
; Note: slowlog is mandatory if request_slowlog_timeout is set
;slowlog = log/$pool.log.slow
; The timeout for serving a single request after which a PHP backtrace will be
; dumped to the 'slowlog' file. A value of '0s' means 'off'.
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
; Default Value: 0
request_slowlog_timeout = 5s
;request_slowlog_timeout = 0
; The log file for slow requests
; Default Value: not set
; Note: slowlog is mandatory if request_slowlog_timeout is set
slowlog = /var/log/nginx/NAMETOCHANGE.slow.log
; The timeout for serving a single request after which the worker process will
; be killed. This option should be used when the 'max_execution_time' ini option
; does not stop script execution for some reason. A value of '0' means 'off'.
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
; Default Value: 0
request_terminate_timeout = 1d
; Set open file descriptor rlimit.
; Default Value: system defined value
rlimit_files = 4096
;rlimit_files = 1024
; Set max core size rlimit.
; Possible Values: 'unlimited' or an integer greater or equal to 0
; Default Value: system defined value
rlimit_core = 0
;rlimit_core = 0
; Chroot to this directory at the start. This value must be defined as an
; absolute path. When this value is not set, chroot is not used.
@ -195,14 +358,48 @@ rlimit_core = 0
; Chdir to this directory at the start.
; Note: relative path can be used.
; Default Value: current directory or / when chroot
chdir = /var/www/NAMETOCHANGE
chdir = __FINALPATH__
; Redirect worker stdout and stderr into main error log. If not set, stdout and
; stderr will be redirected to /dev/null according to FastCGI specs.
; Note: on highloaded environement, this can cause some delay in the page
; process time (several ms).
; Default Value: no
catch_workers_output = yes
;catch_workers_output = yes
; Clear environment in FPM workers
; Prevents arbitrary environment variables from reaching FPM worker processes
; by clearing the environment in workers before env vars specified in this
; pool configuration are added.
; Setting to "no" will make all environment variables available to PHP code
; via getenv(), $_ENV and $_SERVER.
; Default Value: yes
;clear_env = no
; Limits the extensions of the main script FPM will allow to parse. This can
; prevent configuration mistakes on the web server side. You should only limit
; FPM to .php extensions to prevent malicious users to use other extensions to
; execute php code.
; Note: set an empty value to allow all extensions.
; Default Value: .php
;security.limit_extensions = .php .php3 .php4 .php5 .php7
; Clear environment in FPM workers
; Prevents arbitrary environment variables from reaching FPM worker processes
; by clearing the environment in workers before env vars specified in this
; pool configuration are added.
; Setting to "no" will make all environment variables available to PHP code
; via getenv(), $_ENV and $_SERVER.
; Default Value: yes
;clear_env = no
; Limits the extensions of the main script FPM will allow to parse. This can
; prevent configuration mistakes on the web server side. You should only limit
; FPM to .php extensions to prevent malicious users to use other extensions to
; execute php code.
; Note: set an empty value to allow all extensions.
; Default Value: .php
;security.limit_extensions = .php .php3 .php4 .php5 .php7
; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
; the current environment.
@ -238,6 +435,17 @@ catch_workers_output = yes
;php_admin_flag[log_errors] = on
;php_admin_value[memory_limit] = 32M
; Common values to change to increase file upload limit
; php_admin_value[upload_max_filesize] = 50M
; php_admin_value[post_max_size] = 50M
; php_admin_flag[mail.add_x_header] = Off
; Other common parameters
; php_admin_value[max_execution_time] = 600
; php_admin_value[max_input_time] = 300
; php_admin_value[memory_limit] = 256M
; php_admin_flag[short_open_tag] = On
php_value[upload_max_filesize] = 10G
php_value[post_max_size] = 10G
php_value[mail.add_x_header] = Off

43
manifest.json
View file

@ -1,35 +1,36 @@
{
"packaging_format": 1,
"name": "Rainloop",
"id": "rainloop",
"packaging_format": 1,
"description": {
"en": "Lightweight multi-account webmail",
"fr": "Webmail léger multi-comptes"
},
"url": "http://rainloop.net/",
"license": "AGPL-3.0",
"version": "1.12.1~ynh2",
"url": "https://www.rainloop.net/",
"license": "AGPL-3.0-or-later",
"maintainer": {
"name": "scith, Djip007, polytan02"
},
"requirements": {
"yunohost": ">= 3.5.0"
},
"multi_instance": true,
"services": [
"nginx",
"php5-fpm",
"php7.0-fpm",
"mysql"
],
"requirements": {
"yunohost": ">= 2.4.0"
},
"arguments": {
"install" : [
{
"name": "domain",
"type": "domain",
"ask": {
"en": "Choose a domain for Rainloop",
"fr": "Choisissez un domaine pour Rainloop"
"en": "Choose a domain name for Rainloop",
"fr": "Choisissez un nom de domaine pour Rainloop"
},
"example": "domain.org"
"example": "example.com"
},
{
"name": "path",
@ -43,32 +44,38 @@
},
{
"name": "is_public",
"type": "boolean",
"ask": {
"en": "Is it a public application?",
"fr": "Est-ce une page publique ?"
"fr": "Est-ce une application publique ?"
},
"choices": ["Yes", "No"],
"default": "No"
"default": false
},
{
"name": "password",
"type": "password",
"ask": {
"en": "Choose a strong password for the 'admin' user",
"fr": "Choisissez un mot de passe fort pour l'administrateur 'admin'"
}
"en": "Set the administrator password",
"fr": "Définissez le mot de passe administrateur"
},
"help": {
"en": "Use the help field to add an information for the admin about this question.",
"fr": "Utilisez le champ aide pour ajouter une information à l'intention de l'administrateur à propos de cette question."
},
"example": "Choose a password"
},
{
"name": "ldap",
"type": "boolean",
"ask": {
"en": "Do you want to add YunoHost users to the recipients suggestions?",
"fr": "Souhaitez-vous ajouter les utilisateurs YunoHost dans les suggestions de destinataires ?"
},
"choices": ["Yes", "No"],
"default": "Yes"
"default": true
},
{
"name": "lang",
"type": "string",
"ask": {
"en": "Select default language",
"fr": "Definir la langue par defaut"

24
pull_request_template.md Normal file
View file

@ -0,0 +1,24 @@
## Problem
- *Description of why you made this PR*
## Solution
- *And how you fix that*
## PR Status
- [ ] Code finished.
- [ ] Tested with Package_check.
- [ ] Fix or enhancement tested.
- [ ] Upgrade from last version tested.
- [ ] Can be reviewed and tested.
## Validation
---
*Minor decision*
- **Upgrade previous version** :
- [ ] **Code review** :
- [ ] **Approval (LGTM)** :
- [ ] **Approval (LGTM)** :
- **CI succeeded** :
[![Build Status](https://ci-apps-hq.yunohost.org/jenkins/job/rainloop_ynh%20PR-NUM-/badge/icon)](https://ci-apps-hq.yunohost.org/jenkins/job/rainloop_ynh%20PR-NUM-/)
*Please replace '-NUM-' in this link by the PR number.*
When the PR is marked as ready to merge, you have to wait for 3 days before really merging it.

213
scripts/.fonctions
View file

@ -1,213 +0,0 @@
#!/bin/bash
CHECK_VAR () { # Vérifie que la variable n'est pas vide.
# $1 = Variable à vérifier
# $2 = Texte à afficher en cas d'erreur
test -n "$1" || (echo "$2" >&2 && false)
}
EXIT_PROPERLY () { # Provoque l'arrêt du script en cas d'erreur. Et nettoye les résidus.
exit_code=$?
if [ "$exit_code" -eq 0 ]; then
exit 0 # Quitte sans erreur si le script se termine correctement.
fi
trap '' EXIT
set +eu
echo -e "\e[91m \e[1m" # Shell in light red bold
echo -e "!!\n $app install's script has encountered an error. Installation was cancelled.\n!!" >&2
if type -t CLEAN_SETUP > /dev/null; then # Vérifie l'existance de la fonction avant de l'exécuter.
CLEAN_SETUP # Appel la fonction de nettoyage spécifique du script install.
fi
# Compense le bug de ssowat qui ne supprime pas l'entrée de l'app en cas d'erreur d'installation.
sudo sed -i "\@\"$domain$path/\":@d" /etc/ssowat/conf.json
ynh_die
}
TRAP_ON () { # Activate signal capture
set -eu # Exit if a command fail, and if a variable is used unset.
trap EXIT_PROPERLY EXIT # Capturing exit signals on shell script
}
CHECK_USER () { # Vérifie la validité de l'user admin
# $1 = Variable de l'user admin.
ynh_user_exists "$1" || (echo "Wrong admin" >&2 && false)
}
CHECK_PATH () { # Vérifie la présence du / en début de path. Et son absence à la fin.
if [ "${path:0:1}" != "/" ]; then # Si le premier caractère n'est pas un /
path="/$path" # Ajoute un / en début de path
fi
if [ "${path:${#path}-1}" == "/" ] && [ ${#path} -gt 1 ]; then # Si le dernier caractère est un / et que ce n'est pas le seul caractère.
path="${path:0:${#path}-1}" # Supprime le dernier caractère
fi
}
CHECK_DOMAINPATH () { # Vérifie la disponibilité du path et du domaine.
sudo yunohost app checkurl $domain$path -a $app || ynh_die "Path not available: ${domain}${path}"
}
CHECK_FINALPATH () { # Vérifie que le dossier de destination n'est pas déjà utilisé.
final_path=/var/www/$app
if [ -e "$final_path" ]
then
echo "This path already contains a folder" >&2
false
fi
}
GENERATE_DB () { # Créer une base de données et un utilisateur dédié au nom de l'app.
# $1 = Nom de la base de donnée
db_user=$1
db_user=${db_user//-/_} # mariadb ne supporte pas les - dans les noms de base de données. Ils sont donc remplacé par des _
# Génère un mot de passe aléatoire.
# db_pwd=$(head -n20 /dev/urandom | tr -c -d 'A-Za-z0-9' | head -c20)
db_pwd=$(ynh_string_random)
CHECK_VAR "$db_pwd" "db_pwd empty"
# Utilise '$app' comme nom d'utilisateur et de base de donnée
# Initialise la base de donnée et stocke le mot de passe mysql.
ynh_mysql_create_db "$db_user" "$db_user" $db_pwd
ynh_app_setting_set $app mysqlpwd $db_pwd
}
SETUP_SOURCE () { # Télécharge la source, décompresse et copie dans $final_path
# $1 = Nom de l'archive téléchargée.
wget -nv -i ../sources/source_url -O $1
# Vérifie la somme de contrôle de la source téléchargée.
md5sum -c ../sources/source_md5 --status || (echo "Corrupt source" >&2 && false)
# Décompresse la source
if [ "$(echo ${1##*.})" == "gz" ]; then
tar -x -f $1
elif [ "$(echo ${1##*.})" == "zip" ]; then
unzip -q $1
else
false # Format d'archive non pris en charge.
fi
# Copie les fichiers sources
sudo cp -a $(cat ../sources/source_dir)/. "$final_path"
# Copie les fichiers additionnels ou modifiés.
if test -e "../sources/ajouts"; then
sudo cp -a ../sources/ajouts/. "$final_path"
fi
}
ADD_SYS_USER () { # Créer un utilisateur système dédié à l'app
if ! ynh_system_user_exists "$app" # Test l'existence de l'utilisateur
then
sudo useradd -d /var/www/$app --system --user-group $app --shell /usr/sbin/nologin || (echo "Unable to create $app system account" >&2 && false)
fi
}
POOL_FPM () { # Créer le fichier de configuration du pool php-fpm et le configure.
sed -i "s@__NAMETOCHANGE__@$app@g" ../conf/php-fpm.conf
sed -i "s@__FINALPATH__@$final_path@g" ../conf/php-fpm.conf
sed -i "s@__USER__@$app@g" ../conf/php-fpm.conf
finalphpconf=/etc/php5/fpm/pool.d/$app.conf
sudo cp ../conf/php-fpm.conf $finalphpconf
sudo chown root: $finalphpconf
finalphpini=/etc/php5/fpm/conf.d/20-$app.ini
sudo cp ../conf/php-fpm.ini $finalphpini
sudo chown root: $finalphpini
sudo service php5-fpm reload
}
STORE_MD5_CONFIG () { # Enregistre la somme de contrôle du fichier de config
# $1 = Nom du fichier de conf pour le stockage dans settings.yml
# $2 = Nom complet et chemin du fichier de conf.
ynh_app_setting_set $app $1_file_md5 $(sudo md5sum "$2" | cut -d' ' -f1)
}
CHECK_MD5_CONFIG () { # Créé un backup du fichier de config si il a été modifié.
# $1 = Nom du fichier de conf pour le stockage dans settings.yml
# $2 = Nom complet et chemin du fichier de conf.
if [ "$(ynh_app_setting_get $app $1_file_md5)" != $(sudo md5sum "$2" | cut -d' ' -f1) ]; then
sudo cp -a "$2" "$2.backup.$(date '+%d.%m.%y_%Hh%M,%Ss')" # Si le fichier de config a été modifié, créer un backup.
fi
}
FIND_PORT () { # Cherche un port libre.
# $1 = Numéro de port pour débuter la recherche.
port=$1
while ! sudo yunohost app checkport $port ; do
port=$((port+1))
done
CHECK_VAR "$port" "port empty"
}
### REMOVE SCRIPT
REMOVE_NGINX_CONF () { # Suppression de la configuration nginx
if [ -e "/etc/nginx/conf.d/$domain.d/$app.conf" ]; then # Delete nginx config
echo "Delete nginx config"
sudo rm "/etc/nginx/conf.d/$domain.d/$app.conf"
sudo service nginx reload
fi
}
REMOVE_FPM_CONF () { # Suppression de la configuration du pool php-fpm
if [ -e "/etc/php5/fpm/pool.d/$app.conf" ]; then # Delete fpm config
echo "Delete fpm config"
sudo rm "/etc/php5/fpm/pool.d/$app.conf"
fi
if [ -e "/etc/php5/fpm/conf.d/20-$app.ini" ]; then # Delete php config
echo "Delete php config"
sudo rm "/etc/php5/fpm/conf.d/20-$app.ini"
fi
sudo service php5-fpm reload
}
REMOVE_LOGROTATE_CONF () { # Suppression de la configuration de logrotate
if [ -e "/etc/logrotate.d/$app" ]; then
echo "Delete logrotate config"
sudo rm "/etc/logrotate.d/$app"
fi
}
SECURE_REMOVE () { # Suppression de dossier avec vérification des variables
chaine="$1" # L'argument doit être donné entre quotes simple '', pour éviter d'interpréter les variables.
no_var=0
while (echo "$chaine" | grep -q '\$') # Boucle tant qu'il y a des $ dans la chaine
do
no_var=1
global_var=$(echo "$chaine" | cut -d '$' -f 2) # Isole la première variable trouvée.
only_var=\$$(expr "$global_var" : '\([A-Za-z0-9_]*\)') # Isole complètement la variable en ajoutant le $ au début et en gardant uniquement le nom de la variable. Se débarrasse surtout du / et d'un éventuel chemin derrière.
real_var=$(eval "echo ${only_var}") # `eval "echo ${var}` permet d'interpréter une variable contenue dans une variable.
if test -z "$real_var" || [ "$real_var" = "/" ]; then
echo "Variable $only_var is empty, suppression of $chaine cancelled." >&2
return 1
fi
chaine=$(echo "$chaine" | sed "s@$only_var@$real_var@") # remplace la variable par sa valeur dans la chaine.
done
if [ "$no_var" -eq 1 ]
then
if [ -e "$chaine" ]; then
echo "Delete directory $chaine"
sudo rm -r "$chaine"
fi
return 0
else
echo "No detected variable." >&2
return 1
fi
}
REMOVE_BDD () { # Suppression de la base de donnée et de l'utilisateur associé.
# $1 = Nom de la base de donnée
# Utilise '$app' comme nom d'utilisateur et de base de donnée
db_user=$1
if mysqlshow -u root -p$(sudo cat $MYSQL_ROOT_PWD_FILE) | grep -q "^| $db_user"; then
echo "Delete db"
ynh_mysql_drop_db $db_user
ynh_mysql_drop_user $db_user
fi
}
REMOVE_SYS_USER () { # Supprime l'utilisateur système dédié à l'app
if ynh_system_user_exists "$app" # Test l'existence de l'utilisateur
then
sudo userdel $app
fi
}

13
scripts/_common.sh Normal file
View file

@ -0,0 +1,13 @@
#!/bin/bash
#=================================================
# PERSONAL HELPERS
#=================================================
#=================================================
# EXPERIMENTAL HELPERS
#=================================================
#=================================================
# FUTURE OFFICIAL HELPERS
#=================================================

94
scripts/backup
View file

@ -1,31 +1,81 @@
#!/bin/bash
# Exit on command errors and treat unset variables as an error
set -eu
app=$YNH_APP_INSTANCE_NAME
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
# Source app helpers
source /usr/share/yunohost/helpers
source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
# Retrieve app settings
domain=$(ynh_app_setting_get "$app" domain)
path=$(ynh_app_setting_get "$app" path)
dbpass=$(ynh_app_setting_get "$app" mysqlpwd)
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
# Copy the app files
DESTDIR="/var/www/$app"
ynh_backup "$DESTDIR" "sources"
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
# Copy the conf files
ynh_backup "/etc/nginx/conf.d/${domain}.d/${app}.conf" "nginx.conf"
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..."
# Copy dedicated php-fpm process to backup folder
ynh_backup "/etc/php5/fpm/pool.d/${app}.conf" "php-fpm.conf"
app=$YNH_APP_INSTANCE_NAME
# Set app specific variables
dbname=$app
dbuser=$app
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
domain=$(ynh_app_setting_get --app=$app --key=domain)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
# Dump the database
mysqldump -u "$dbuser" -p"$dbpass" --no-create-db "$dbname" > ./db.sql
ynh_backup "db.sql" "dump.sql"
#=================================================
# STANDARD BACKUP STEPS
#=================================================
# BACKUP THE APP MAIN DIR
#=================================================
ynh_script_progression --message="Backing up the main app directory..."
ynh_backup --src_path="$final_path"
#=================================================
# BACKUP THE NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Backing up nginx web server configuration..."
ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# BACKUP THE PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Backing up php-fpm configuration..."
ynh_backup --src_path="/etc/php/7.0/fpm/pool.d/$app.conf"
#=================================================
# BACKUP THE MYSQL DATABASE
#=================================================
ynh_script_progression --message="Backing up the MySQL database..."
ynh_mysql_dump_db --database="$db_name" > db.sql
#=================================================
# BACKUP FAIL2BAN CONFIGURATION
#=================================================
ynh_script_progression --message="Backing up fail2ban configuration..."
ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf"
ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf"
#=================================================
# SPECIFIC BACKUP
#=================================================
# BACKUP LOGROTATE
#=================================================
ynh_script_progression --message="Backing up logrotate configuration..."
ynh_backup --src_path="/etc/logrotate.d/$app"
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." --last

104
scripts/change_url Normal file
View file

@ -0,0 +1,104 @@
#!/bin/bash
#=================================================
# GENERIC STARTING
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# RETRIEVE ARGUMENTS
#=================================================
old_domain=$YNH_APP_OLD_DOMAIN
old_path=$YNH_APP_OLD_PATH
new_domain=$YNH_APP_NEW_DOMAIN
new_path=$YNH_APP_NEW_PATH
app=$YNH_APP_INSTANCE_NAME
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..."
# Needed for helper "ynh_add_nginx_config"
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
#=================================================
# CHECK WHICH PARTS SHOULD BE CHANGED
#=================================================
change_domain=0
if [ "$old_domain" != "$new_domain" ]
then
change_domain=1
fi
change_path=0
if [ "$old_path" != "$new_path" ]
then
change_path=1
fi
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# MODIFY URL IN NGINX CONF
#=================================================
ynh_script_progression --message="Updating nginx web server configuration..." --weight=2
nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
# Change the path in the nginx config file
if [ $change_path -eq 1 ]
then
# Make a backup of the original nginx config file if modified
ynh_backup_if_checksum_is_different --file="$nginx_conf_path"
# Set global variables for nginx helper
domain="$old_domain"
path_url="$new_path"
# Create a dedicated nginx config
ynh_add_nginx_config
fi
# Change the domain for nginx
if [ $change_domain -eq 1 ]
then
# Delete file checksum for the old conf file location
ynh_delete_file_checksum --file="$nginx_conf_path"
mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf
# Store file checksum for the new config file location
ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
fi
#=================================================
# SPECIFIC MODIFICATIONS
#=================================================
# CONFIGURE
#=================================================
ynh_script_progression --message="Reconfiguring rainloop..." --weight=2
application_file="$final_path/app/data/_data_/_default_/configs/application.ini"
ynh_replace_string --match_string="default_domain = .^" --replace_string="default_domain = \"$new_domain\"" --target_file="$application_file"
ynh_replace_string --match_string="$old_domain${old_path%/}" --replace_string="$new_domain${new_path%/}" --target_file="$final_path/index.php"
#=================================================
# GENERIC FINALISATION
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading nginx web server..."
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Change of URL completed for $app" --last

304
scripts/install
View file

@ -1,73 +1,110 @@
#!/bin/bash
# Exit on command errors and treat unset variables as an error
# It also activate set -eu
source .fonctions
TRAP_ON
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
# Initial data
app=$YNH_APP_INSTANCE_NAME
rainloop_version=$(cat ../sources/rainloop_version)
source _common.sh
source /usr/share/yunohost/helpers
# Source app helpers
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
# Retrieve arguments
domain=$YNH_APP_ARG_DOMAIN
path=$YNH_APP_ARG_PATH
is_public=$YNH_APP_ARG_IS_PUBLIC
password=$YNH_APP_ARG_PASSWORD
ldap=$YNH_APP_ARG_LDAP
lang=$YNH_APP_ARG_LANG
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
# Correct path using .fonctions
CHECK_PATH
#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================
# Check domain/path availability using .fonctions
CHECK_DOMAINPATH
domain=$YNH_APP_ARG_DOMAIN
path_url=$YNH_APP_ARG_PATH
is_public=$YNH_APP_ARG_IS_PUBLIC
lang=$YNH_APP_ARG_LANG
password=$YNH_APP_ARG_PASSWORD
ldap=$YNH_APP_ARG_LDAP
# Use 'rainloop' as database name and user
dbuser=$app
dbname=$app
dbpass=$(ynh_string_random)
app=$YNH_APP_INSTANCE_NAME
# Initialize database and store mysql password for upgrade
ynh_mysql_create_db "$dbname" "$dbuser" "$dbpass"
ynh_app_setting_set "$app" mysqlpwd "$dbpass"
#=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#=================================================
ynh_script_progression --message="Validating installation parameters..." --weight=2
# Create the final path and copy sources
CHECK_FINALPATH
final_path=/var/www/$app
final_path=/var/www/$app
test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
rainloop_path=${final_path}/app
# Register (book) web path
ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
sudo rm -rf $final_path
sudo mkdir -p $final_path
sudo mkdir -p $rainloop_path
#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
ynh_script_progression --message="Storing installation settings..."
# Download sources and keys
sudo wget -q https://github.com/RainLoop/rainloop-webmail/releases/download/v${rainloop_version}/rainloop-community-${rainloop_version}.zip
sudo wget -q https://github.com/RainLoop/rainloop-webmail/releases/download/v${rainloop_version}/rainloop-community-${rainloop_version}.zip.asc
sudo wget -q https://repository.rainloop.net/RainLoop.asc
# Verify the integrity of sources
sudo gpg --import --quiet RainLoop.asc
sudo gpg --verify --quiet rainloop-community-${rainloop_version}.zip.asc rainloop-community-${rainloop_version}.zip || ynh_die "Download failed"
sudo gpg --batch --delete-key --yes Rainloop
# Unzip
sudo unzip -qq rainloop-community-${rainloop_version}.zip -d $rainloop_path/
ynh_app_setting_set --app=$app --key=domain --value=$domain
ynh_app_setting_set --app=$app --key=path --value=$path_url
ynh_app_setting_set --app=$app --key=is_public --value=$is_public
ynh_app_setting_set --app=$app --key=lang --value=$lang
ynh_app_setting_set --app=$app --key=password --value=$password
ynh_app_setting_set --app=$app --key=ldap --value=$ldap
# Install plugins
sudo mkdir -p $rainloop_path/data/_data_/_default_/plugins
sudo cp -rf ../sources/plugins/auto-domain-grab $rainloop_path/data/_data_/_default_/plugins/.
sudo cp -rf ../sources/plugins/ynh-login-mapping $rainloop_path/data/_data_/_default_/plugins/.
sudo cp -rf ../sources/plugins/ynh-ldap-suggestions $rainloop_path/data/_data_/_default_/plugins/.
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# CREATE A MYSQL DATABASE
#=================================================
ynh_script_progression --message="Creating a MySQL database..." --weight=2
# Autoconfig
sudo mkdir -p $rainloop_path/data/_data_/_default_/configs/
application_file=$rainloop_path/data/_data_/_default_/configs/application.ini
db_name=$(ynh_sanitize_dbid --db_name=$app)
ynh_app_setting_set --app=$app --key=db_name --value=$db_name
ynh_mysql_setup_db --db_user=$db_name --db_name=$db_name
# Set lang => define from install manifest
case "$lang" in
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression --message="Setting up source files..." --weight=3
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$final_path/app"
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring nginx web server..."
# Create a dedicated nginx config
ynh_add_nginx_config
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Configuring system user..." --weight=2
# Create a system user
ynh_system_user_create --username=$app
#=================================================
# PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring php-fpm..." --weight=2
# Create a dedicated php-fpm config
ynh_add_fpm_config
#=================================================
# SPECIFIC SETUP
#=================================================
# AUTOCONFIG
#=================================================
ynh_script_progression --message= "Configuring rainloop..." --weight=3
# Set lang => define from install manifest
case "$lang" in
Francais)
lang="fr"
;;
@ -76,84 +113,113 @@ CHECK_DOMAINPATH
;;
*)
lang="en"
esac
ynh_app_setting_set "$app" lang "$lang"
esac
ynh_app_setting_set --app=$app --key=lang --value=$lang
# Set plugins
plugins="ynh-login-mapping,auto-domain-grab" # This plugin is trying to automatically grab unknown domains if users want to add external email accounts
if [ "$ldap" = "Yes" ];
then
plugins="$plugins,ynh-ldap-suggestions" # This plugin is to suggest YunoHost users in recipients list
fi
ynh_app_setting_set "$app" ldap "$ldap"
ynh_app_setting_set "$app" plugins "$plugins"
# Set plugins
# This plugin is trying to automatically grab unknown domains if users want to add external email accounts
plugins="ynh-login-mapping,auto-domain-grab"
if [ $ldap -eq 1 ]
then
# This plugin is to suggest YunoHost users in recipients list
plugins="$plugins,ynh-ldap-suggestions"
fi
ynh_app_setting_set --app=$app --key=plugins --value="$plugins"
mkdir -p "$final_path/app/data/_data_/_default_/configs/"
application_file="$final_path/app/data/_data_/_default_/configs/application.ini"
cp ../conf/data/configs/application.ini "$application_file"
ynh_replace_string --match_string="__DOMAIN__" --replace_string=$domain --target_file="$application_file"
ynh_replace_string --match_string="__MYSQLUSER__" --replace_string=$db_name --target_file="$application_file"
ynh_replace_string --match_string="__MYSQLPASSWORD__" --replace_string="$db_pwd" --target_file="$application_file"
ynh_replace_string --match_string="__LANGTOCHANGE__" --replace_string=$lang --target_file="$application_file"
ynh_replace_string --match_string="__PLUGINSTOENABLE__" --replace_string="$plugins" --target_file="$application_file"
ynh_replace_string --match_string="__TIME_ZONE__" --replace_string="$(date +%:::z)" --target_file="$application_file"
sudo cp ../conf/data/configs/application.ini $application_file
sudo sed -i "s@domain.tld@$domain@g" $application_file
sudo sed -i "s@MYSQLUSER@$dbuser@g" $application_file
sudo sed -i "s@MYSQLPASSWORD@$dbpass@g" $application_file
sudo sed -i "s@LANGTOCHANGE@$lang@g" $application_file
sudo sed -i "s@PLUGINSTOENABLE@$plugins@g" $application_file
# Set admin password
sudo php ../conf/config.php --index="$rainloop_path/index.php" --password="$password"
ynh_app_setting_set "$app" password "$password"
php ../conf/config.php --index="$final_path/app/index.php" --password="$password"
# Add default domain configs by looping through all the domains already added
sudo mkdir -p $rainloop_path/data/_data_/_default_/domains/
# get list of ldap domains
alldomains=`ldapsearch -LLL -x -b ou=domains,dc=yunohost,dc=org -s one "objectclass=top" virtualdomain | grep -v "dn:" | sed "s/virtualdomain://" `
for ldomain in $alldomains ; do
sudo cp ../conf/data/domains/domain.tld.ini $rainloop_path/data/_data_/_default_/domains/$ldomain.ini
done
# Add wildcard domain for auto-grab
sudo cp ../conf/data/domains/default.ini $rainloop_path/data/_data_/_default_/domains/default.ini
mkdir -p "$final_path/app/data/_data_/_default_/domains/"
# get list of ldap domains
alldomains=$(ldapsearch -LLL -x -b ou=domains,dc=yunohost,dc=org -s one "objectclass=top" virtualdomain | grep -v "dn:" | sed "s/virtualdomain://")
for ldomain in $alldomains; do
cp ../conf/data/domains/domain.tld.ini "$final_path/app/data/_data_/_default_/domains/$ldomain.ini"
done
# Add wildcard domain for auto-grab
cp ../conf/data/domains/default.ini "$final_path/app/data/_data_/_default_/domains/default.ini"
# install SSO - at the moment the index is the SSO and rainloop is installed in /app
sudo cp ../sources/sso/sso.php $final_path/index.php
sudo sed -i "s@domain.tld@$domain@g" $final_path/index.php
sudo sed -i "s@ALIASTOCHANGE@$final_path@g" $final_path/index.php
if [ $path = "/" ]; then
sudo sed -i "s@ROOTTOCHANGE@@g" $final_path/index.php
else
sudo sed -i "s@ROOTTOCHANGE@$path@g" $final_path/index.php
fi
cp ../sources/sso/sso.php "$final_path/index.php"
ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$final_path/index.php"
ynh_replace_string --match_string="__ALIASTOCHANGE__" --replace_string="$final_path" --target_file="$final_path/index.php"
ynh_replace_string --match_string="__ROOTTOCHANGE__" --replace_string="${path_url%/}" --target_file="$final_path/index.php"
# Install PGPback by chtixof to allow users to backup/restore their PGP private keys on the server
sudo cp -rf ../sources/pgpback $final_path/.
cp -rf ../sources/pgpback "$final_path/"
# Set permissions to rainloop directory
sudo find $final_path/. -type d -exec chmod 755 {} \;
sudo find $final_path/. -type f -exec chmod 644 {} \;
sudo chown -R www-data:www-data $final_path
#=================================================
# STORE THE CONFIG FILE CHECKSUM
#=================================================
# Install Nginx configuration file
nginx_conf_file=/etc/nginx/conf.d/$domain.d/$app.conf
sudo cp ../conf/nginx.conf $nginx_conf_file
if [ $path = "/" ]; then
sudo sed -i "s@ROOTTOCHANGE@@g" $nginx_conf_file
else
sudo sed -i "s@ROOTTOCHANGE@$path@g" $nginx_conf_file
fi
sudo sed -i "s@PATHTOCHANGE@$path@g" $nginx_conf_file
sudo sed -i "s@ALIASTOCHANGE@$final_path/@g" $nginx_conf_file
sudo sed -i "s@NAMETOCHANGE@$app@g" $nginx_conf_file
sudo chown root: $nginx_conf_file
sudo chmod 644 $nginx_conf_file
# Calculate and store the config file checksum into the app settings
ynh_store_file_checksum --file="$application_file"
finalphpconf=/etc/php5/fpm/pool.d/$app.conf
sudo cp ../conf/php-fpm.conf $finalphpconf
sudo sed -i "s@NAMETOCHANGE@$app@g" $finalphpconf
sudo chown root: $finalphpconf
sudo chmod 644 $finalphpconf
#=================================================
# GENERIC FINALIZATION
#=================================================
# SETUP LOGROTATE
#=================================================
ynh_script_progression --message="Configuring log rotation..."
mkdir -p $final_path/app/data/_data_/_default_/logs/fail2ban
touch $final_path/app/data/_data_/_default_/logs/fail2ban/auth-fail.log
# Use logrotate to manage application logfile(s)
ynh_use_logrotate --logfile=$final_path/app/data/_data_/_default_/logs/fail2ban/auth-fail.log
#=================================================
# SECURE FILES AND DIRECTORIES
#=================================================
# Set permissions to app files
find $final_path/. -type d -exec chmod 755 {} \;
find $final_path/. -type f -exec chmod 644 {} \;
chown -R $app: $final_path
#=================================================
# SETUP FAIL2BAN
#=================================================
ynh_script_progression --message="Configuring fail2ban..." --weight=8
# Create a dedicated fail2ban config
ynh_add_fail2ban_config --logpath="$final_path/app/data/_data_/_default_/logs/fail2ban/auth-fail.log" --failregex="Auth failed: ip=<HOST>.*$"
#=================================================
# SETUP SSOWAT
#=================================================
ynh_script_progression --message="Configuring SSOwat..."
# Make app public if necessary
ynh_app_setting_set "$app" is_public "$is_public"
if [ "$is_public" = "Yes" ];
then
ynh_app_setting_set "$app" skipped_uris "/"
fi
if [ $is_public -eq 1 ]
then
# unprotected_uris allows SSO credentials to be passed anyway.
ynh_app_setting_set --app=$app --key=unprotected_uris --value="/"
fi
# Reload services
sudo service php5-fpm reload
sudo service nginx reload
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading nginx web server..."
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Installation of $app completed" --last

151
scripts/remove
View file

@ -1,79 +1,96 @@
#!/bin/bash
set -u
# Exit on command errors and treat unset variables as an error
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
# Source app helpers
source /usr/share/yunohost/helpers
source _common.sh
source /usr/share/yunohost/helpers
REMOVE_NGINX_CONF () { # Suppression de la configuration nginx
if [ -e "/etc/nginx/conf.d/$domain.d/$app.conf" ]; then # Delete nginx config
echo "Delete nginx config"
sudo rm "/etc/nginx/conf.d/$domain.d/$app.conf"
fi
}
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..."
REMOVE_FPM_CONF () { # Suppression de la configuration du pool php-fpm
if [ -e "/etc/php5/fpm/pool.d/$app.conf" ]; then # Delete fpm config
echo "Delete fpm config"
sudo rm "/etc/php5/fpm/pool.d/$app.conf"
fi
}
app=$YNH_APP_INSTANCE_NAME
SECURE_REMOVE () { # Suppression de dossier avec vérification des variables
chaine="$1" # L'argument doit être donné entre quotes simple '', pour éviter d'interpréter les variables.
no_var=0
while (echo "$chaine" | grep -q '\$') # Boucle tant qu'il y a des $ dans la chaine
do
no_var=1
global_var=$(echo "$chaine" | cut -d '$' -f 2) # Isole la première variable trouvée.
only_var=\$$(expr "$global_var" : '\([A-Za-z0-9_]*\)') # Isole complètement la variable en ajoutant le $ au début et en gardant uniquement le nom de la variable. Se débarrasse$
real_var=$(eval "echo ${only_var}") # `eval "echo ${var}` permet d'interpréter une variable contenue dans une variable.
if test -z "$real_var" || [ "$real_var" = "/" ]; then
echo "Variable $only_var is empty, suppression of $chaine cancelled." >&2
return 1
fi
chaine=$(echo "$chaine" | sed "s@$only_var@$real_var@") # remplace la variable par sa valeur dans la chaine.
done
if [ "$no_var" -eq 1 ]
then
if [ -e "$chaine" ]; then
echo "Delete directory $chaine"
sudo rm -r "$chaine"
fi
return 0
else
echo "No detected variable." >&2
return 1
fi
}
domain=$(ynh_app_setting_get --app=$app --key=domain)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
REMOVE_BDD () { # Suppression de la base de donnée et de l'utilisateur associé.
# $1 = Nom de la base de donnée
# Utilise '$app' comme nom d'utilisateur et de base de donnée
db_user=$1
if mysqlshow -u root -p$(sudo cat $MYSQL_ROOT_PWD_FILE) | grep -q "^| $db_user"; then
echo "Delete db"
ynh_mysql_drop_db $db_user
ynh_mysql_drop_user $db_user
fi
}
#=================================================
# STANDARD REMOVE
#=================================================
# REMOVE THE MYSQL DATABASE
#=================================================
ynh_script_progression --message="Removing the MySQL database..." --weight=2
# Retrieve parameters
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get "$app" domain)
# Remove a database if it exists, along with the associated user
ynh_mysql_remove_db --db_user=$db_name --db_name=$db_name
# Drop MySQL database and user
REMOVE_BDD "$app"
#=================================================
# REMOVE APP MAIN DIR
#=================================================
ynh_script_progression --message="Removing app main directory..."
# Delete app directory and configurations using secure remove
SECURE_REMOVE '/var/www/$app'
REMOVE_NGINX_CONF
REMOVE_FPM_CONF
# Remove the app directory securely
ynh_secure_remove --file="$final_path"
# Remove GPG key
sudo gpg --batch --delete-key --yes Rainloop
#=================================================
# REMOVE NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Removing nginx web server configuration..."
# Reload services
sudo service php5-fpm reload
sudo service nginx reload
# Remove the dedicated nginx config
ynh_remove_nginx_config
#=================================================
# REMOVE PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Removing php-fpm configuration..." --weight=2
# Remove the dedicated php-fpm config
ynh_remove_fpm_config
#=================================================
# REMOVE LOGROTATE CONFIGURATION
#=================================================
ynh_script_progression --message="Removing logrotate configuration..."
# Remove the app-specific logrotate config
ynh_remove_logrotate
#=================================================
# REMOVE FAIL2BAN CONFIGURATION
#=================================================
ynh_script_progression --message="Removing fail2ban configuration..." --weight=8
# Remove the dedicated fail2ban config
ynh_remove_fail2ban_config
#=================================================
# SPECIFIC REMOVE
#=================================================
# REMOVE GPG KEY
#=================================================
ynh_script_progression --message="Removing GPG key"
gpg --batch --delete-key --yes Rainloop
#=================================================
# GENERIC FINALIZATION
#=================================================
# REMOVE DEDICATED USER
#=================================================
ynh_script_progression --message="Removing the dedicated system user..." --weight=2
# Delete a system user
ynh_system_user_delete --username=$app
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Removal of $app completed" --last

145
scripts/restore
View file

@ -1,56 +1,115 @@
#!/bin/bash
# Exit on command errors and treat unset variables as an error
set -eu
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
# Get multi-instances specific variables
app=$YNH_APP_INSTANCE_NAME
source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
# Source app helpers
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
# Retrieve old app settings
domain=$(ynh_app_setting_get "$app" domain)
path=$(ynh_app_setting_get "$app" path)
dbname=$app
dbuser=$app
dbpass=$(ynh_app_setting_get "$app" mysqlpwd)
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
# Check domain/path availability
sudo yunohost app checkurl "${domain}${path}" -a "$app" \
|| ynh_die
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading settings..." --time --weight=2
# Check destination directory
DESTDIR="/var/www/$app"
[[ -d $DESTDIR ]] && ynh_die \
"The destination directory '$DESTDIR' already exists.\
You should safely delete it before restoring this app."
app=$YNH_APP_INSTANCE_NAME
# Check configuration files
nginx_conf="/etc/nginx/conf.d/${domain}.d/${app}.conf"
[[ -f $nginx_conf ]] && ynh_die \
"The NGINX configuration already exists at '${nginx_conf}'.
You should safely delete it before restoring this app."
phpfpm_conf="/etc/php5/fpm/pool.d/${app}.conf"
[[ -f $phpfpm_conf ]] && ynh_die \
"The PHP FPM configuration already exists at '${phpfpm_conf}'.
You should safely delete it before restoring this app."
domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app=$app --key=path)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
# Restore the app files
sudo cp -a ./sources "$DESTDIR"
#=================================================
# CHECK IF THE APP CAN BE RESTORED
#=================================================
ynh_script_progression --message="Validating restoration parameters..." --time --weight=1
# Create and restore the database
ynh_mysql_create_db $dbname $dbuser $dbpass
ynh_mysql_connect_as $dbuser $dbpass $dbname < ./dump.sql
ynh_webpath_available --domain=$domain --path_url=$path_url \
|| ynh_die --message="Path not available: ${domain}${path_url}"
test ! -d $final_path \
|| ynh_die --message="There is already a directory: $final_path "
# Fix installation directories and permissions
sudo mkdir -p "${DESTDIR}/logs" "${DESTDIR}/temp"
sudo chown -R www-data: "$DESTDIR"
#=================================================
# STANDARD RESTORATION STEPS
#=================================================
# RESTORE THE NGINX CONFIGURATION
#=================================================
# Restore configuration files
sudo cp -a ./nginx.conf "$nginx_conf"
sudo cp -a ./php-fpm.conf "$phpfpm_conf"
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
# Reload services
sudo service php5-fpm reload
sudo service nginx reload
#=================================================
# RESTORE THE APP MAIN DIR
#=================================================
ynh_script_progression --message="Restoring the app main directory..." --time --weight=1
ynh_restore_file --origin_path="$final_path"
#=================================================
# RESTORE THE MYSQL DATABASE
#=================================================
ynh_script_progression --message="Restoring the MySQL database..." --time --weight=2
db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd)
ynh_mysql_setup_db --db_user=$db_name --db_name=$db_name --db_pwd=$db_pwd
ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name < ./db.sql
#=================================================
# RECREATE THE DEDICATED USER
#=================================================
ynh_script_progression --message="Recreating the dedicated system user..." --time --weight=2
# Create the dedicated user (if not existing)
ynh_system_user_create --username=$app
#=================================================
# RESTORE USER RIGHTS
#=================================================
# Restore permissions on app files
chown -R $app: $final_path
#=================================================
# RESTORE THE PHP-FPM CONFIGURATION
#=================================================
ynh_restore_file --origin_path="/etc/php/7.0/fpm/pool.d/$app.conf"
#=================================================
# RESTORE FAIL2BAN CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the fail2ban configuration..." --time --weight=6
ynh_restore_file "/etc/fail2ban/jail.d/$app.conf"
ynh_restore_file "/etc/fail2ban/filter.d/$app.conf"
ynh_systemd_action --action=restart --service_name=fail2ban
#=================================================
# RESTORE THE LOGROTATE CONFIGURATION
#=================================================
ynh_restore_file --origin_path="/etc/logrotate.d/$app"
#=================================================
# GENERIC FINALIZATION
#=================================================
# RELOAD NGINX AND PHP-FPM
#=================================================
ynh_script_progression --message="Reloading nginx web server and php-fpm..." --time --weight=1
ynh_systemd_action --service_name=php7.0-fpm --action=reload
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Restoration completed for $app" --time --last

258
scripts/upgrade
View file

@ -1,105 +1,189 @@
#!/bin/bash
app=$YNH_APP_INSTANCE_NAME
rainloop_version=$(cat ../sources/rainloop_version)
# Source app helpers
source /usr/share/yunohost/helpers
source .fonctions
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
# Backup the current version of the app, restore it if the upgrade fails
# Check if old backup exists
if sudo yunohost backup list | grep -q $app-before-upgrade > /dev/null 2>&1;
then
sudo yunohost backup delete $app-before-upgrade
else
echo "no old backup to delete"
fi
sudo yunohost backup create --ignore-hooks --apps $app --name $app-before-upgrade --quiet
EXIT_PROPERLY () {
trap '' ERR
set +eu
sudo yunohost backup restore --ignore-hooks $app-before-upgrade --apps $app --force --quiet # Restore the backup if upgrade failed
ynh_die "Upgrade failed. The app was restored to the way it was before the failed upgrade."
}
set -eu
trap EXIT_PROPERLY ERR
source _common.sh
source /usr/share/yunohost/helpers
# Retrieve arguments
domain=$(ynh_app_setting_get "$app" domain)
path=$(ynh_app_setting_get "$app" path)
is_public=$(ynh_app_setting_get "$app" is_public)
password=$(ynh_app_setting_get "$app" password)
ldap=$(ynh_app_setting_get "$app" ldap)
lang=$(ynh_app_setting_get "$app" lang)
dp_pwd=$(ynh_app_setting_get "$app" mysqlpwd)
db_user=$app
plugins=$(ynh_app_setting_get "$app" plugins)
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..." --weight=2
# Correct path using .fonctions
CHECK_PATH
app=$YNH_APP_INSTANCE_NAME
# no update for db now...
domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app=$app --key=path)
is_public=$(ynh_app_setting_get --app=$app --key=is_public)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
lang=$(ynh_app_setting_get --app=$app --key=lang)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
# Copy the new sources
#=================================================
# CHECK VERSION
#=================================================
upgrade_type=$(ynh_check_app_version_changed)
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
ynh_script_progression --message="Ensuring downward compatibility..."
# Fix is_public as a boolean value
if [ "$is_public" = "Yes" ]; then
ynh_app_setting_set --app=$app --key=is_public --value=1
is_public=1
elif [ "$is_public" = "No" ]; then
ynh_app_setting_set --app=$app --key=is_public --value=0
is_public=0
fi
# If db_name doesn't exist, create it
if [ -z "$db_name" ]; then
db_name=$(ynh_sanitize_dbid --db_name=$app)
ynh_app_setting_set --app=$app --key=db_name --value=$db_name
fi
# If final_path doesn't exist, create it
if [ -z "$final_path" ]; then
final_path=/var/www/$app
rainloop_path=${final_path}/app
sudo rm -rf $rainloop_path/rainloop # Remove the previous Rainloop files except data
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
fi
# Download sources and keys
sudo wget -q https://github.com/RainLoop/rainloop-webmail/releases/download/v${rainloop_version}/rainloop-community-${rainloop_version}.zip
sudo wget -q https://github.com/RainLoop/rainloop-webmail/releases/download/v${rainloop_version}/rainloop-community-${rainloop_version}.zip.asc
sudo wget -q https://repository.rainloop.net/RainLoop.asc
# Verify the integrity of sources
sudo gpg --import --quiet RainLoop.asc
sudo gpg --verify --quiet rainloop-community-${rainloop_version}.zip.asc rainloop-community-${rainloop_version}.zip
sudo gpg --batch --delete-key --yes Rainloop
# Unzip and overwrite
sudo unzip -qq -o rainloop-community-${rainloop_version}.zip -d $rainloop_path/
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=4
# Update ynh plugins:
sudo mkdir -p $rainloop_path/data/_data_/_default_/plugins
sudo cp -rf ../sources/plugins/auto-domain-grab $rainloop_path/data/_data_/_default_/plugins/.
sudo cp -rf ../sources/plugins/ynh-login-mapping $rainloop_path/data/_data_/_default_/plugins/.
sudo cp -rf ../sources/plugins/ynh-ldap-suggestions $rainloop_path/data/_data_/_default_/plugins/.
# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
# restore it if the upgrade fails
ynh_restore_upgradebackup
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# CHECK THE PATH
#=================================================
# Normalize the URL path syntax
path_url=$(ynh_normalize_url_path --path_url=$path_url)
#=================================================
# STANDARD UPGRADE STEPS
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
if [ "$upgrade_type" == "UPGRADE_APP" ]
then
ynh_script_progression --message="Upgrading source files..." --weight=8
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$final_path/app"
fi
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Upgrading nginx web server configuration..." --weight=2
# Create a dedicated nginx config
ynh_add_nginx_config
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Making sure dedicated system user exists..."
# Create a dedicated user (if not existing)
ynh_system_user_create --username=$app
#=================================================
# PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Upgrading php-fpm configuration..." --weight=2
# Create a dedicated php-fpm config
ynh_add_fpm_config
#=================================================
# SPECIFIC UPGRADE
#=================================================
# UPDATE SSO AND PGP
#=================================================
ynh_script_progression --message="Upgrading rainloop configuration..."
# Upgrade time_offset value for fail2ban
ynh_replace_string --match_string="^time_offset = .*" --replace_string="time_offset = $(date +%:::z)" --target_file="$final_path/app/data/_data_/_default_/configs/application.ini"
# update SSO
sudo cp ../sources/sso/sso.php $final_path/index.php
sudo sed -i "s@domain.tld@$domain@g" $final_path/index.php
sudo sed -i "s@ALIASTOCHANGE@$final_path@g" $final_path/index.php
if [ $path = "/" ]; then
sudo sed -i "s@ROOTTOCHANGE@@g" $final_path/index.php
else
sudo sed -i "s@ROOTTOCHANGE@$path@g" $final_path/index.php
fi
cp ../sources/sso/sso.php "$final_path/index.php"
ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$final_path/index.php"
ynh_replace_string --match_string="__ALIASTOCHANGE__" --replace_string="$final_path" --target_file="$final_path/index.php"
ynh_replace_string --match_string="__ROOTTOCHANGE__" --replace_string="${path_url%/}" --target_file="$final_path/index.php"
# Install PGPback by chtixof to allow users to backup/restore their PGP private keys on the server
sudo cp -rf ../sources/pgpback $final_path/.
cp -rf ../sources/pgpback "$final_path/"
# Set permissions to rainloop directory
sudo find $final_path/. -type d -exec chmod 755 {} \;
sudo find $final_path/. -type f -exec chmod 644 {} \;
sudo chown -R www-data:www-data $final_path
#=================================================
# SETUP LOGROTATE
#=================================================
ynh_script_progression --message="Upgrading logrotate configuration..." --weight=2
# Update Nginx configuration file
nginx_conf_file=/etc/nginx/conf.d/$domain.d/$app.conf
sudo cp ../conf/nginx.conf $nginx_conf_file
if [ $path = "/" ]; then
sudo sed -i "s@ROOTTOCHANGE@@g" $nginx_conf_file
else
sudo sed -i "s@ROOTTOCHANGE@$path@g" $nginx_conf_file
fi
sudo sed -i "s@PATHTOCHANGE@$path@g" $nginx_conf_file
sudo sed -i "s@ALIASTOCHANGE@$final_path/@g" $nginx_conf_file
sudo sed -i "s@NAMETOCHANGE@$app@g" $nginx_conf_file
sudo chown root: $nginx_conf_file
sudo chmod 644 $nginx_conf_file
mkdir -p $final_path/app/data/_data_/_default_/logs/fail2ban
touch $final_path/app/data/_data_/_default_/logs/fail2ban/auth-fail.log
finalphpconf=/etc/php5/fpm/pool.d/$app.conf
sudo cp ../conf/php-fpm.conf $finalphpconf
sudo sed -i "s@NAMETOCHANGE@$app@g" $finalphpconf
sudo chown root: $finalphpconf
sudo chmod 644 $finalphpconf
# Use logrotate to manage app-specific logfile(s)
ynh_use_logrotate --logfile=$final_path/app/data/_data_/_default_/logs/fail2ban/auth-fail.log --non-append
# Reload services
sudo service php5-fpm reload
sudo service nginx reload
#=================================================
# GENERIC FINALIZATION
#=================================================
# SECURE FILES AND DIRECTORIES
#=================================================
# Set permissions on app files
chown -R $app: $final_path
find $final_path/. -type d -exec chmod 755 {} \;
find $final_path/. -type f -exec chmod 644 {} \;
#=================================================
# UPGRADE FAIL2BAN
#=================================================
ynh_script_progression --message="Reconfiguring fail2ban..." --weight=9
# Create a dedicated fail2ban config
ynh_add_fail2ban_config --logpath="$final_path/app/data/_data_/_default_/logs/fail2ban/auth-fail.log" --failregex="Auth failed: ip=<HOST>.*$"
#=================================================
# SETUP SSOWAT
#=================================================
ynh_script_progression --message="Upgrading SSOwat configuration..."
# Make app public if necessary
if [ $is_public -eq 1 ]
then
# unprotected_uris allows SSO credentials to be passed anyway
ynh_app_setting_set --app=$app --key=unprotected_uris --value="/"
fi
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading nginx web server..."
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Upgrade of $app completed" --last

0
sources/plugins/auto-domain-grab/LICENSE → sources/extra_files/app/data/_data_/_default_/plugins/auto-domain-grab/LICENSE
View file

0
sources/plugins/auto-domain-grab/README → sources/extra_files/app/data/_data_/_default_/plugins/auto-domain-grab/README
View file

0
sources/plugins/auto-domain-grab/VERSION → sources/extra_files/app/data/_data_/_default_/plugins/auto-domain-grab/VERSION
View file

0
sources/plugins/auto-domain-grab/index.php → sources/extra_files/app/data/_data_/_default_/plugins/auto-domain-grab/index.php
View file

0
sources/plugins/ynh-ldap-suggestions/README → sources/extra_files/app/data/_data_/_default_/plugins/ynh-ldap-suggestions/README
View file

0
sources/plugins/ynh-ldap-suggestions/VERSION → sources/extra_files/app/data/_data_/_default_/plugins/ynh-ldap-suggestions/VERSION
View file

0
sources/plugins/ynh-ldap-suggestions/YnhLdapSuggestions.php → sources/extra_files/app/data/_data_/_default_/plugins/ynh-ldap-suggestions/YnhLdapSuggestions.php
View file

0
sources/plugins/ynh-ldap-suggestions/index.php → sources/extra_files/app/data/_data_/_default_/plugins/ynh-ldap-suggestions/index.php
View file

0
sources/plugins/ynh-login-mapping/README → sources/extra_files/app/data/_data_/_default_/plugins/ynh-login-mapping/README
View file

0
sources/plugins/ynh-login-mapping/VERSION → sources/extra_files/app/data/_data_/_default_/plugins/ynh-login-mapping/VERSION
View file

0
sources/plugins/ynh-login-mapping/index.php → sources/extra_files/app/data/_data_/_default_/plugins/ynh-login-mapping/index.php
View file

2
sources/rainloop_version
View file

@ -1 +1 @@
1.11.3
1.12.1

6
sources/sso/sso.php
View file

@ -2,7 +2,7 @@
// Enable RainLoop Api and include index file
$_ENV['RAINLOOP_INCLUDE_AS_API'] = true;
include 'ALIASTOCHANGE/app/index.php';
include '__ALIASTOCHANGE__/app/index.php';
// Retrieve email and password
if (isset($_SERVER['HTTP_EMAIL']) && isset($_SERVER['PHP_AUTH_PW'])) {
@ -11,8 +11,8 @@ if (isset($_SERVER['HTTP_EMAIL']) && isset($_SERVER['PHP_AUTH_PW'])) {
$ssoHash = \RainLoop\Api::GetUserSsoHash($email, $password);
// redirect to webmail sso url
\header('Location: https://domain.tldROOTTOCHANGE/app/index.php?sso&hash='.$ssoHash);
\header('Location: https://__DOMAIN____ROOTTOCHANGE__/app/index.php?sso&hash='.$ssoHash);
}
else {
\header('Location: https://domain.tldROOTTOCHANGE/app/index.php');
\header('Location: https://__DOMAIN____ROOTTOCHANGE__/app/index.php');
}