diff --git a/README.md b/README.md index 0d16df9..69a80b2 100644 --- a/README.md +++ b/README.md @@ -17,7 +17,7 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in Manage assets for IT operations -**Shipped version:** 5.3.1~ynh1 +**Shipped version:** 5.3.1~ynh2 **Demo:** https://snipeitapp.com/demo/ diff --git a/README_fr.md b/README_fr.md index a1a56d4..72f482c 100644 --- a/README_fr.md +++ b/README_fr.md @@ -13,7 +13,7 @@ Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour Gestionnaire de ressources informatiques -**Version incluse :** 5.3.1~ynh1 +**Version incluse :** 5.3.1~ynh2 **Démo :** https://snipeitapp.com/demo/ diff --git a/conf/.env b/conf/.env index 45fba08..715541e 100644 --- a/conf/.env +++ b/conf/.env @@ -3,7 +3,7 @@ # -------------------------------------------- APP_ENV=production APP_DEBUG=false -APP_KEY=ChangeMe +APP_KEY=__KEY__ APP_URL=http://__DOMAIN__ APP_TIMEZONE='UTC' APP_LOCALE=__LANGUAGE__ @@ -77,9 +77,9 @@ CACHE_PREFIX=snipeit # -------------------------------------------- # OPTIONAL: REDIS SETTINGS # -------------------------------------------- -REDIS_HOST=null +REDIS_HOST="127.0.0.1" REDIS_PASSWORD=null -REDIS_PORT=null +REDIS_PORT=__REDIS_DB__ # -------------------------------------------- # OPTIONAL: MEMCACHED SETTINGS diff --git a/conf/nginx.conf b/conf/nginx.conf index a9af33f..82991f6 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -4,11 +4,6 @@ location ^~ __PATH__/ { # Path to source alias __FINALPATH__/public/; - # Force usage of https - if ($scheme = http) { - rewrite ^ https://$server_name$request_uri? permanent; - } - index index.php; # Common parameter to increase upload size limit in conjunction with dedicated php-fpm file diff --git a/manifest.json b/manifest.json index bf748d6..ef59458 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "Manage assets for IT operations", "fr": "Gestionnaire de ressources informatiques" }, - "version": "5.3.1~ynh1", + "version": "5.3.1~ynh2", "url": "https://snipeitapp.com/", "upstream": { "license": "MIT", diff --git a/scripts/_common.sh b/scripts/_common.sh index 9e24f07..d3386d2 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -21,5 +21,43 @@ YNH_COMPOSER_VERSION=2.0.14 #================================================= #================================================= -# FUTURE OFFICIAL HELPERS +# REDIS HELPERS #================================================= + +# get the first available redis database +# +# usage: ynh_redis_get_free_db +# | returns: the database number to use +ynh_redis_get_free_db() { + local result max db + result="$(redis-cli INFO keyspace)" + + # get the num + max=$(cat /etc/redis/redis.conf | grep ^databases | grep -Eow "[0-9]+") + + db=0 + # default Debian setting is 15 databases + for i in $(seq 0 "$max") + do + if ! echo "$result" | grep -q "db$i" + then + db=$i + break 1 + fi + db=-1 + done + + test "$db" -eq -1 && ynh_die --message="No available Redis databases..." + + echo "$db" +} + +# Create a master password and set up global settings +# Please always call this script in install and restore scripts +# +# usage: ynh_redis_remove_db database +# | arg: database - the database to erase +ynh_redis_remove_db() { + local db=$1 + redis-cli -n "$db" flushall +} diff --git a/scripts/install b/scripts/install index 1e256fd..54f6d68 100755 --- a/scripts/install +++ b/scripts/install @@ -29,7 +29,8 @@ admin=$YNH_APP_ARG_ADMIN is_public=$YNH_APP_ARG_IS_PUBLIC language=$YNH_APP_ARG_LANGUAGE email=$(ynh_user_get_info --username=$admin --key=mail) -key= +key=$(ynh_string_random --length=24) +phpversion=$YNH_PHP_VERSION app=$YNH_APP_INSTANCE_NAME @@ -53,6 +54,7 @@ ynh_app_setting_set --app=$app --key=domain --value=$domain ynh_app_setting_set --app=$app --key=path --value=$path_url ynh_app_setting_set --app=$app --key=admin --value=$admin ynh_app_setting_set --app=$app --key=language --value=$language +ynh_app_setting_set --app=$app --key=phpversion --value=$phpversion #================================================= # STANDARD MODIFICATIONS @@ -73,6 +75,14 @@ db_user=$db_name ynh_app_setting_set --app=$app --key=db_name --value=$db_name ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Configuring system user..." --weight=3 + +# Create a system user +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -90,14 +100,6 @@ ynh_script_progression --message="Configuring NGINX web server..." --weight=5 # Create a dedicated NGINX config ynh_add_nginx_config -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." --weight=3 - -# Create a system user -ynh_system_user_create --username=$app - #================================================= # PHP-FPM CONFIGURATION #================================================= @@ -105,7 +107,6 @@ ynh_script_progression --message="Configuring PHP-FPM..." --weight=2 # Create a dedicated PHP-FPM config ynh_add_fpm_config --usage=low --footprint=low -phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= # SPECIFIC SETUP @@ -122,6 +123,10 @@ ynh_install_composer #================================================= ynh_script_progression --message="Building..." +# Configure redis +redis_db=$(ynh_redis_get_free_db) +ynh_app_setting_set --app="$app" --key=redis_db --value="$redis_db" + ynh_add_config --template="../conf/.env" --destination="$final_path/.env" chmod 600 "$final_path/.env" @@ -143,7 +148,7 @@ popd ynh_script_progression --message="Securing files and directories..." --weight=1 # Set permissions to app files -chown -R $app: $final_path +chown -R $app:www-data $final_path chmod -R o-rwx $final_path chmod -R 755 $final_path/storage chmod -R 755 $final_path/public/uploads @@ -151,7 +156,7 @@ chmod -R 755 $final_path/public/uploads #================================================= # SETUP SSOWAT #================================================= -ynh_script_progression --message="Configuring SSOwat..." --weight=3 +ynh_script_progression --message="Configuring permissions..." --weight=3 # Make app public if necessary or protect it if [ $is_public -eq 1 ] diff --git a/scripts/remove b/scripts/remove index dff964c..ae5943e 100755 --- a/scripts/remove +++ b/scripts/remove @@ -20,6 +20,7 @@ domain=$(ynh_app_setting_get --app=$app --key=domain) db_name=$(ynh_app_setting_get --app=$app --key=db_name) db_user=$db_name final_path=$(ynh_app_setting_get --app=$app --key=final_path) +redis_db=$(ynh_app_setting_get --app=$app --key=redis_db) #================================================= # STANDARD REMOVE @@ -31,6 +32,13 @@ ynh_script_progression --message="Removing the MySQL database" --weight=1 # Remove a database if it exists, along with the associated user ynh_mysql_remove_db --db_user=$db_user --db_name=$db_name +#================================================= +# REMOVE THE REDIS DATABASE +#================================================= +ynh_script_progression --message="Removing the redis database..." + +ynh_redis_remove_db "$redis_db" + #================================================= # REMOVE DEPENDENCIES #================================================= diff --git a/scripts/restore b/scripts/restore index c509ffe..9f8a139 100755 --- a/scripts/restore +++ b/scripts/restore @@ -50,6 +50,14 @@ ynh_script_progression --message="Restoring the nginx configuration..." ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" +#================================================= +# RECREATE THE DEDICATED USER +#================================================= +ynh_script_progression --message="Recreating the dedicated system user..." --weight=2 + +# Create the dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # RESTORE THE APP MAIN DIR #================================================= @@ -57,22 +65,9 @@ ynh_script_progression --message="Restoring Snipe-IT main directory..." --weight ynh_restore_file --origin_path="$final_path" -#================================================= -# RECREATE THE DEDICATED USER -#================================================= -ynh_script_progression --message="Recreating the dedicated system user..." --weight=2 - -# Create the dedicated user (if not existing) -ynh_system_user_create --username=$app - -#================================================= -# RESTORE USER RIGHTS -#================================================= -ynh_script_progression --message="Restoring user rights..." - -# Restore permissions on app files -chown -R $app: $final_path -chmod -R o-rwx $final_path +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" #================================================= # RESTORE THE PHP-FPM CONFIGURATION diff --git a/scripts/upgrade b/scripts/upgrade index ee22f88..aca058f 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -68,6 +68,14 @@ if ynh_legacy_permissions_exists; then ynh_app_setting_delete --app=$app --key=is_public fi +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 + +# Create a dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # STANDARD UPGRADE STEPS #================================================= @@ -97,14 +105,6 @@ ynh_script_progression --message="Upgrading dependencies..." --weight=3 ynh_install_app_dependencies $pkg_dependencies -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 - -# Create a dedicated user (if not existing) -ynh_system_user_create --username=$app - #================================================= # PHP-FPM CONFIGURATION #================================================= @@ -143,7 +143,7 @@ ynh_store_file_checksum --file="$final_path/.env" ynh_script_progression --message="Securing files and directories..." --weight=1 # Set permissions on app files -chown -R $app: $final_path +chown -R $app:www-data $final_path chmod -R o-rwx $final_path chmod -R 755 $final_path/storage chmod -R 755 $final_path/public/uploads