2016-06-20 23:43:51 +02:00
|
|
|
|
#!/bin/bash
|
|
|
|
|
|
|
2018-05-26 10:27:01 +02:00
|
|
|
|
#=================================================
|
|
|
|
|
|
# GENERIC START
|
|
|
|
|
|
#=================================================
|
|
|
|
|
|
# IMPORT GENERIC HELPERS
|
|
|
|
|
|
#=================================================
|
2016-06-20 23:43:51 +02:00
|
|
|
|
|
2018-05-26 10:27:01 +02:00
|
|
|
|
source /usr/share/yunohost/helpers
|
|
|
|
|
|
|
|
|
|
|
|
#=================================================
|
|
|
|
|
|
# MANAGE SCRIPT FAILURE
|
|
|
|
|
|
#=================================================
|
|
|
|
|
|
|
|
|
|
|
|
# Exit if an error occurs during the execution of the script
|
|
|
|
|
|
ynh_abort_if_errors
|
|
|
|
|
|
|
|
|
|
|
|
#=================================================
|
|
|
|
|
|
# RETRIEVE ARGUMENTS FROM THE MANIFEST
|
|
|
|
|
|
#=================================================
|
2016-06-20 23:43:51 +02:00
|
|
|
|
|
|
|
|
|
|
# Retrieve arguments
|
2019-05-15 18:42:44 +02:00
|
|
|
|
app=$YNH_APP_INSTANCE_NAME
|
2016-06-20 23:43:51 +02:00
|
|
|
|
domain=$YNH_APP_ARG_DOMAIN
|
2019-05-09 19:57:27 +02:00
|
|
|
|
path_url=$YNH_APP_ARG_PATH
|
2016-06-20 23:43:51 +02:00
|
|
|
|
redirect_type=$YNH_APP_ARG_REDIRECT_TYPE
|
|
|
|
|
|
redirect_path=$YNH_APP_ARG_REDIRECT_PATH
|
2022-06-11 14:55:12 +02:00
|
|
|
|
is_public=${YNH_APP_ARG_IS_PUBLIC:-1}
|
2022-06-11 14:18:45 +02:00
|
|
|
|
propagate_subpath=$(echo $YNH_APP_ARG_REDIRECT_TYPE | grep -q subpath && echo 1 || echo 0)
|
|
|
|
|
|
frame_ancestors="'none'"
|
|
|
|
|
|
client_max_body_size="1m"
|
2016-06-20 23:43:51 +02:00
|
|
|
|
|
2022-06-11 14:18:45 +02:00
|
|
|
|
#=================================================
|
|
|
|
|
|
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
|
|
|
|
|
|
#=================================================
|
|
|
|
|
|
ynh_script_progression --message="Validating installation parameters..." --weight=1
|
2016-06-20 23:43:51 +02:00
|
|
|
|
|
|
|
|
|
|
# Validate redirect path
|
|
|
|
|
|
url_regex='(https?|ftp|file)://[-A-Za-z0-9\+&@#/%?=~_|!:,.;]*[-A-Za-z0-9\+&@#/%=~_|]'
|
2019-04-29 20:49:40 +02:00
|
|
|
|
[[ ! $redirect_path =~ $url_regex ]] && ynh_die "Invalid destination: $redirect_path" 1
|
2016-06-20 23:43:51 +02:00
|
|
|
|
|
2019-09-14 19:58:58 +02:00
|
|
|
|
# Avoid uncrypted remote destination with reverse proxy mode
|
|
|
|
|
|
# Indeed the SSO send the password in all requests in HTTP headers
|
2019-09-16 22:46:52 +02:00
|
|
|
|
url_regex='^(http://(127\.[0-9]+\.[0-9]+\.[0-9]+|localhost)|https://.*)(:[0-9]+)?(/.*)?$'
|
2019-09-14 19:58:58 +02:00
|
|
|
|
[[ "$redirect_type" = "proxy" ]] && [[ ! $redirect_path =~ $url_regex ]] && ynh_die \
|
|
|
|
|
|
"For secure reason, you can't use an unencrypted http remote destination couple with ssowat for your reverse proxy: $redirect_path" 1
|
|
|
|
|
|
|
2022-06-11 14:18:45 +02:00
|
|
|
|
if [ $is_public -eq 0 ] && [[ $redirect_type != "proxy" ]]
|
|
|
|
|
|
then
|
|
|
|
|
|
is_public=1
|
|
|
|
|
|
YNH_APP_ARG_IS_PUBLIC=1
|
|
|
|
|
|
ynh_warn "HTTP private redirection are not supported. Your redirection has been reflagged as public."
|
|
|
|
|
|
fi
|
|
|
|
|
|
# Register (book) web path
|
|
|
|
|
|
ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
|
|
|
|
|
|
|
|
|
|
|
|
#=================================================
|
|
|
|
|
|
# STORE SETTINGS FROM MANIFEST
|
|
|
|
|
|
#=================================================
|
|
|
|
|
|
ynh_script_progression --message="Storing installation settings..." --weight=1
|
|
|
|
|
|
|
2016-06-20 23:43:51 +02:00
|
|
|
|
# Save extra settings
|
2021-01-23 15:21:17 +01:00
|
|
|
|
ynh_app_setting_set --app=$app --key=redirect_type --value=$redirect_type
|
|
|
|
|
|
ynh_app_setting_set --app=$app --key=redirect_path --value=$redirect_path
|
2022-06-11 14:18:45 +02:00
|
|
|
|
ynh_app_setting_set --app=$app --key=frame_ancestors --value="'none'"
|
|
|
|
|
|
ynh_app_setting_set --app=$app --key=client_max_body_size --value="1m"
|
2016-06-20 23:43:51 +02:00
|
|
|
|
|
2019-05-15 18:42:44 +02:00
|
|
|
|
#=================================================
|
2022-06-11 14:18:45 +02:00
|
|
|
|
# SPECIFIC SETUP
|
|
|
|
|
|
#=================================================
|
|
|
|
|
|
ynh_script_progression --message="Preparing NGINX web server configuration..." --weight=1
|
|
|
|
|
|
|
|
|
|
|
|
cp ../conf/nginx-$redirect_type.conf ../conf/nginx.conf
|
|
|
|
|
|
|
|
|
|
|
|
#=================================================
|
|
|
|
|
|
|
|
|
|
|
|
#=================================================
|
|
|
|
|
|
# NGINX CONFIGURATION
|
2019-05-15 18:42:44 +02:00
|
|
|
|
#=================================================
|
2021-01-23 15:21:17 +01:00
|
|
|
|
ynh_script_progression --message="Configuring NGINX web server..." --weight=1
|
2019-05-15 18:42:44 +02:00
|
|
|
|
|
2022-06-11 14:18:45 +02:00
|
|
|
|
# Create a dedicated NGINX config
|
|
|
|
|
|
ynh_add_nginx_config
|
2016-06-20 23:43:51 +02:00
|
|
|
|
|
2018-05-26 10:27:01 +02:00
|
|
|
|
#=================================================
|
2022-06-11 14:18:45 +02:00
|
|
|
|
# SETUP SSOWAT
|
2018-05-26 10:27:01 +02:00
|
|
|
|
#=================================================
|
2022-06-11 14:18:45 +02:00
|
|
|
|
ynh_script_progression --message="Configuring permissions..." --weight=1
|
2018-05-26 10:27:01 +02:00
|
|
|
|
|
2016-06-20 23:43:51 +02:00
|
|
|
|
# Make app public if necessary
|
2022-06-11 14:18:45 +02:00
|
|
|
|
if [ $is_public -eq 1 ]
|
2016-06-20 23:43:51 +02:00
|
|
|
|
then
|
2022-06-11 14:18:45 +02:00
|
|
|
|
# Everyone can access the app.
|
|
|
|
|
|
# The "main" permission is automatically created before the install script.
|
|
|
|
|
|
if [[ $redirect_type != "proxy" ]]
|
|
|
|
|
|
then
|
|
|
|
|
|
ynh_permission_update --permission="main" --add="visitors" --protected=1
|
|
|
|
|
|
else
|
|
|
|
|
|
ynh_permission_update --permission="main" --add="visitors"
|
|
|
|
|
|
fi
|
2016-06-20 23:43:51 +02:00
|
|
|
|
fi
|
|
|
|
|
|
|
2021-01-23 15:21:17 +01:00
|
|
|
|
#=================================================
|
|
|
|
|
|
# RELOAD NGINX
|
|
|
|
|
|
#=================================================
|
|
|
|
|
|
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
|
|
|
|
|
|
|
|
|
|
|
|
ynh_systemd_action --service_name=nginx --action=reload
|
|
|
|
|
|
|
|
|
|
|
|
#=================================================
|
|
|
|
|
|
# END OF SCRIPT
|
|
|
|
|
|
#=================================================
|
|
|
|
|
|
|
|
|
|
|
|
ynh_script_progression --message="Installation of $app completed" --last
|
