Fix

2024-09-03 20:26:21 +02:00 · 2021-07-23 21:03:39 +02:00 · 2021-07-23 21:03:39 +02:00 · 85a31775cc
commit 85a31775cc
parent 123c1f674f
5 changed files with 33 additions and 92 deletions
--- a/conf/app.src
+++ b/conf/app.src
@ -1,5 +1,5 @@
-SOURCE_URL=https://github.com/charlesabarnes/SPFtoolbox/archive/876d0f19e4f7b19072c258164be33a5496a101a6.tar.gz
-SOURCE_SUM=05f0780a7a0c19cce6a5537f47d8fc35ea9c73d2d43a5b9308e853675af07017
+SOURCE_URL=https://github.com/charlesabarnes/SPFtoolbox/archive/9306bf871c5dbc6115b75551396e90357b2b6106.tar.gz
+SOURCE_SUM=7730309c43b8517d89dc0c0799b96bb595164f958417159dfeefa0e0036df7f5
 SOURCE_SUM_PRG=sha256sum
 SOURCE_FORMAT=tar.gz
 SOURCE_IN_SUBDIR=true
--- a/manifest.json
+++ b/manifest.json
@ -15,12 +15,12 @@
        "url": "https://www.abld.info"
    },
    "requirements": {
-        "yunohost": ">= 3.5"
+        "yunohost": ">= 4.2.4"
    },
    "multi_instance": true,
    "services": [
        "nginx",
-        "php7.0-fpm",
+        "php7.3-fpm",
        "mysql"
    ],
    "arguments": {
@ -28,29 +28,17 @@
            {
                "name": "domain",
                "type": "domain",
-                "ask": {
-                    "en": "Choose a domain name for SPFToolBox",
-                    "fr": "Choisissez un nom de domaine pour SPFToolBox"
-                },
                "example": "example.com"
            },
            {
                "name": "path",
                "type": "path",
-                "ask": {
-                    "en": "Choose a path for SPFToolBox",
-                    "fr": "Choisissez un chemin pour SPFToolBox"
-                },
                "example": "/example",
                "default": "/example"
            },
            {
                "name": "is_public",
                "type": "boolean",
-                "ask": {
-                    "en": "Is it a public application?",
-                    "fr": "Est-ce une application publique ?"
-                },
                "default": true
            }
        ]
--- a/scripts/_common.sh
+++ b/scripts/_common.sh
@ -4,6 +4,8 @@
 # COMMON VARIABLES
 #=================================================

+YNH_PHP_VERSION="7.3"
+
 # dependencies used by the app
 pkg_dependencies="whois"

--- a/scripts/install
+++ b/scripts/install
@ -55,6 +55,14 @@ ynh_script_progression --message="Installing dependencies..."

 ynh_install_app_dependencies $pkg_dependencies

+#=================================================
+# CREATE DEDICATED USER
+#=================================================
+ynh_script_progression --message="Configuring system user..."
+
+# Create a system user
+ynh_system_user_create --username=$app --home_dir="$final_path"
+
 #=================================================
 # DOWNLOAD, CHECK AND UNPACK SOURCE
 #=================================================
@ -64,6 +72,10 @@ ynh_app_setting_set --app=$app --key=final_path --value=$final_path
 # Download, check integrity, uncompress and patch the source from app.src
 ynh_setup_source --dest_dir="$final_path"

+chmod 750 "$final_path"
+chmod -R o-rwx "$final_path"
+chown -R $app:www-data "$final_path"
+
 #=================================================
 # NGINX CONFIGURATION
 #=================================================
@ -72,14 +84,6 @@ ynh_script_progression --message="Configuring nginx web server..."
 # Create a dedicated nginx config
 ynh_add_nginx_config

-#=================================================
-# CREATE DEDICATED USER
-#=================================================
-ynh_script_progression --message="Configuring system user..."
-
-# Create a system user
-ynh_system_user_create --username=$app
-
 #=================================================
 # PHP-FPM CONFIGURATION
 #=================================================
@ -88,16 +92,6 @@ ynh_script_progression --message="Configuring php-fpm..."
 # Create a dedicated php-fpm config
 ynh_add_fpm_config

-#=================================================
-# GENERIC FINALIZATION
-#=================================================
-# SECURE FILES AND DIRECTORIES
-#=================================================
-ynh_script_progression --message="Securing files and directories..."
-
-# Set permissions to app files
-chown -R root: $final_path
-
 #=================================================
 # SETUP LOGROTATE
 #=================================================
@ -109,23 +103,17 @@ ynh_use_logrotate
 #=================================================
 # SETUP SSOWAT
 #=================================================
-ynh_script_progression --message="Configuring SSOwat..."
+ynh_script_progression --message="Configuring permissions..."

-if [ $is_public -eq 0 ]
-then	# Remove the public access
-	ynh_app_setting_delete $app skipped_uris
-fi
 # Make app public if necessary
 if [ $is_public -eq 1 ]
 then
-	# unprotected_uris allows SSO credentials to be passed anyway.
-	ynh_app_setting_set --app=$app --key=unprotected_uris --value="/"
+	ynh_permission_update --permission="main" --add="visitors"
 fi
-
 #=================================================
 # RELOAD NGINX
 #=================================================
-ynh_script_progression --message="Reloading nginx web server..."
+ynh_script_progression --message="Reloading NGINX web server..."

 ynh_systemd_action --service_name=nginx --action=reload

--- a/scripts/upgrade
+++ b/scripts/upgrade
@ -18,13 +18,11 @@ app=$YNH_APP_INSTANCE_NAME

 domain=$(ynh_app_setting_get --app=$app --key=domain)
 path_url=$(ynh_app_setting_get --app=$app --key=path)
-is_public=$(ynh_app_setting_get --app=$app --key=is_public)
 final_path=$(ynh_app_setting_get --app=$app --key=final_path)

 #=================================================
 # CHECK VERSION
 #=================================================
-ynh_script_progression --message="Checking version..."

 upgrade_type=$(ynh_check_app_version_changed)

@ -33,21 +31,19 @@ upgrade_type=$(ynh_check_app_version_changed)
 #=================================================
 ynh_script_progression --message="Ensuring downward compatibility..."

-# Fix is_public as a boolean value
-if [ "$is_public" = "Yes" ]; then
-	ynh_app_setting_set --app=$app --key=is_public --value=1
-	is_public=1
-elif [ "$is_public" = "No" ]; then
-	ynh_app_setting_set --app=$app --key=is_public --value=0
-	is_public=0
-fi
-
 # If final_path doesn't exist, create it
 if [ -z "$final_path" ]; then
 	final_path=/var/www/$app
 	ynh_app_setting_set --app=$app --key=final_path --value=$final_path
 fi

+# Cleaning legacy permissions
+if ynh_legacy_permissions_exists; then
+	ynh_legacy_permissions_delete_all
+
+	ynh_app_setting_delete --app=$app --key=is_public
+fi
+
 #=================================================
 # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
 #=================================================
@ -63,11 +59,12 @@ ynh_clean_setup () {
 ynh_abort_if_errors

 #=================================================
-# CHECK THE PATH
+# CREATE DEDICATED USER
 #=================================================
+ynh_script_progression --message="Making sure dedicated system user exists..."

-# Normalize the URL path syntax
-path_url=$(ynh_normalize_url_path --path_url=$path_url)
+# Create a dedicated user (if not existing)
+ynh_system_user_create --username=$app --home_dir="$final_path"

 #=================================================
 # STANDARD UPGRADE STEPS
@ -86,7 +83,7 @@ fi
 #=================================================
 # NGINX CONFIGURATION
 #=================================================
-ynh_script_progression --message="Upgrading nginx web server configuration..."
+ynh_script_progression --message="Upgrading NGINX web server configuration..."

 # Create a dedicated nginx config
 ynh_add_nginx_config
@ -98,14 +95,6 @@ ynh_script_progression --message="Upgrading dependencies..."

 ynh_install_app_dependencies $pkg_dependencies

-#=================================================
-# CREATE DEDICATED USER
-#=================================================
-ynh_script_progression --message="Making sure dedicated system user exists..."
-
-# Create a dedicated user (if not existing)
-ynh_system_user_create --username=$app
-
 #=================================================
 # PHP-FPM CONFIGURATION
 #=================================================
@ -124,32 +113,6 @@ ynh_script_progression --message="Upgrading logrotate configuration..."
 # Use logrotate to manage app-specific logfile(s)
 ynh_use_logrotate --non-append

-#=================================================
-# GENERIC FINALIZATION
-#=================================================
-# SECURE FILES AND DIRECTORIES
-#=================================================
-ynh_script_progression --message="Securing files and directories..."
-
-# Set permissions on app files
-chown -R root: $final_path
-
-#=================================================
-# SETUP SSOWAT
-#=================================================
-ynh_script_progression --message="Upgrading SSOwat configuration..."
-
-if [ $is_public -eq 0 ]
-then	# Remove the public access
-	ynh_app_setting_delete $app skipped_uris
-fi
-# Make app public if necessary
-if [ $is_public -eq 1 ]
-then
-	# unprotected_uris allows SSO credentials to be passed anyway
-	ynh_app_setting_set --app=$app --key=unprotected_uris --value="/"
-fi
-
 #=================================================
 # RELOAD NGINX
 #=================================================