From 733cfdc207c54f8bacce5f22e29ddcc3b3d9a642 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Tue, 1 Dec 2020 12:03:07 +0100 Subject: [PATCH] Fix --- scripts/install | 9 +++------ scripts/remove | 2 +- scripts/restore | 4 +++- scripts/upgrade | 52 ++++++++++++++++++++----------------------------- 4 files changed, 28 insertions(+), 39 deletions(-) diff --git a/scripts/install b/scripts/install index 32bdd0c..a27e4c7 100644 --- a/scripts/install +++ b/scripts/install @@ -133,14 +133,11 @@ ynh_add_config --template="../conf/config.json.php" --destination="$final_path/d # SECURE FILES AND DIRECTORIES #================================================= # set proper permissions -ynh_script_progression --message="Set permissions..." +ynh_script_progression --message="Securing files and directories..." -find $final_path -type f | xargs chmod 644 -find $final_path -type d | xargs chmod 755 - -# Set right permissions for curl install -ynh_script_progression --message="Set rights..." chown -R $app: $final_path +chmod -R g+rX $final_path +chmod -R g+rwX $final_path/{cache/,data/,pagecache/,tmp/} #================================================= # SETUP FAIL2BAN diff --git a/scripts/remove b/scripts/remove index 7e5cbaa..31a0cd0 100644 --- a/scripts/remove +++ b/scripts/remove @@ -16,7 +16,7 @@ ynh_script_progression --message="Loading installation settings..." app=$YNH_APP_INSTANCE_NAME -domain=$(ynh_app_setting_get --app=$app --key=domain) +domain=$(ynh_app_setting_get --app=$app --key=domain) final_path=$(ynh_app_setting_get --app=$app --key=final_path) #================================================= diff --git a/scripts/restore b/scripts/restore index 6ecd4dd..5dace33 100644 --- a/scripts/restore +++ b/scripts/restore @@ -69,9 +69,11 @@ ynh_system_user_create --username=$app #================================================= # RESTORE USER RIGHTS #================================================= +ynh_script_progression --message="Restoring user rights..." -# Restore permissions on app files chown -R $app: $final_path +chmod -R g+rX $final_path +chmod -R g+rwX $final_path/{cache/,data/,pagecache/,tmp/} #================================================= # RESTORE THE PHP-FPM CONFIGURATION diff --git a/scripts/upgrade b/scripts/upgrade index 0a0c127..31c2220 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -72,34 +72,27 @@ if [ "$upgrade_type" == "UPGRADE_APP" ] then ynh_script_progression --message="Upgrading source files..." + # Create a temporary directory + tmpdir="$(mktemp -d)" + + # Backup the config file in the temp dir + cp -a "$final_path/data" "$tmpdir/data" + cp -a "$final_path/tpl" "$tmpdir/tpl" + + # Remove the app directory securely + ynh_secure_remove "$final_path" + # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" + + cp -a "$tmpdir/data" "$final_path/" + cp -a "$tmpdir/tpl" "$final_path/" + + # Remove the tmp directory securely + ynh_secure_remove --file="$tmpdir" + fi -#================================================= -# REMOVE APP MAIN DIR -#================================================= - -# Create a temporary directory -tmpdir="$(ynh_smart_mktemp 600)" -# Backup the config file in the temp dir -cp -a "$final_path/data" "$tmpdir/" -# Backup the theme file in the temp dir -cp -a "$final_path/tpl" "$tmpdir/" - -# Remove the app directory securely -ynh_secure_remove "$final_path" - -#================================================= -# DOWNLOAD, CHECK AND UNPACK SOURCE -#================================================= -ynh_print_info "Upgrading source files..." -# Download, check integrity, uncompress and patch the source from app.src -ynh_setup_source "$final_path" -cp -a "$tmpdir/data" "${final_path}/" -cp -a "$tmpdir/tpl" "${final_path}/" -ynh_secure_remove "$tmpdir" - #================================================= # NGINX CONFIGURATION #================================================= @@ -143,20 +136,17 @@ then ynh_secure_remove "$final_path/data/log.txt" touch "$final_path/data/log.txt" fi + ynh_use_logrotate --non-append #================================================= # SECURE FILES AND DIRECTORIES #================================================= -# set proper permissions -ynh_script_progression --message="Set permissions..." +ynh_script_progression --message="Securing files and directories..." -find $final_path -type f | xargs chmod 644 -find $final_path -type d | xargs chmod 755 - -# Set right permissions for curl install -ynh_script_progression --message="Set rights..." chown -R $app: $final_path +chmod -R g+rX $final_path +chmod -R g+rwX $final_path/{cache/,data/,pagecache/,tmp/} #================================================= # UPGRADE FAIL2BAN