diff --git a/manifest.json b/manifest.json index 5d10325..a76854c 100644 --- a/manifest.json +++ b/manifest.json @@ -14,7 +14,7 @@ "email": "cyp@rouquin.me" }, "requirements": { - "yunohost": ">= 3.8.1" + "yunohost": ">= 4.1.0" }, "multi_instance": true, "services": [ @@ -23,49 +23,30 @@ ], "arguments": { "install" : [ - { - "name": "domain", - "type": "domain", - "ask": { - "en": "Choose a domain name for SPIP", - "fr": "Choisissez un nom de domaine pour SPIP" - }, - "example": "example.org" - }, + { + "name": "domain", + "type": "domain", + "example": "example.com" + }, { "name": "path", "type": "path", - "ask": { - "en": "Choose a path for SPIP", - "fr": "Choisissez un chemin pour SPIP" - }, "example": "/spip", "default": "/spip" }, { "name": "admin", "type": "user", - "ask": { - "en": "Choose the SPIP administrator (must be an existing YunoHost user)", - "fr": "Administrateur du site (doit ĂȘtre un utilisateur YunoHost existant)" - }, "example": "johndoe" }, { "name": "password", "type": "password", - "ask": { - "en": "Choose the SPIP password for the administrator", - "fr": "Choisissez un mot de passe pour l'administrateur" - } + "example": "Choose a password" }, { "name": "is_public", "type": "boolean", - "ask": { - "en": "Is it a public SPIP site?", - "fr": "Est-ce un site public ?" - }, "default": true }, { diff --git a/scripts/backup b/scripts/backup index d564f61..86cad22 100644 --- a/scripts/backup +++ b/scripts/backup @@ -6,7 +6,7 @@ # IMPORT GENERIC HELPERS #================================================= -#Keep this path for calling _common.sh inside the execution's context of backup and restore scripts +# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers @@ -15,7 +15,6 @@ source /usr/share/yunohost/helpers #================================================= ynh_clean_setup () { - ### Remove this function if there's nothing to clean before calling the remove script. true } # Exit if an error occurs during the execution of the script @@ -59,6 +58,7 @@ ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" #================================================= # BACKUP THE MYSQL DATABASE #================================================= +ynh_print_info --message="Backing up the MySQL database..." ynh_mysql_dump_db --database="$db_name" > db.sql diff --git a/scripts/change_url b/scripts/change_url index 9413e4d..7b8d1cb 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -8,7 +8,6 @@ source _common.sh source /usr/share/yunohost/helpers -ynh_abort_if_errors #================================================= # RETRIEVE ARGUMENTS @@ -28,16 +27,24 @@ app=$YNH_APP_INSTANCE_NAME ynh_script_progression --message="Loading installation settings..." # Needed for helper "ynh_add_nginx_config" -final_path=$(ynh_app_setting_get $app final_path) +final_path=$(ynh_app_setting_get --app=$app --key=final_path) #================================================= -# CHECK THE SYNTAX OF THE PATHS +# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP #================================================= +ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." -test -n "$old_path" || old_path="/" -test -n "$new_path" || new_path="/" -new_path=$(ynh_normalize_url_path $new_path) -old_path=$(ynh_normalize_url_path $old_path) +# Backup the current version of the app +ynh_backup_before_upgrade +ynh_clean_setup () { + # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location. + ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" + + # Restore it if the upgrade fails + ynh_restore_upgradebackup +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors #================================================= # CHECK WHICH PARTS SHOULD BE CHANGED @@ -64,19 +71,19 @@ ynh_script_progression --message="Updating NGINX web server configuration..." nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf -# Change the path in the nginx config file +# Change the path in the NGINX config file if [ $change_path -eq 1 ] then - # Make a backup of the original nginx config file if modified + # Make a backup of the original NGINX config file if modified ynh_backup_if_checksum_is_different --file="$nginx_conf_path" - # Set global variables for nginx helper + # Set global variables for NGINX helper domain="$old_domain" path_url="$new_path" - # Create a dedicated nginx config + # Create a dedicated NGINX config ynh_add_nginx_config fi -# Change the domain for nginx +# Change the domain for NGINX if [ $change_domain -eq 1 ] then # Delete file checksum for the old conf file location diff --git a/scripts/install b/scripts/install index 4c32eac..e699a88 100644 --- a/scripts/install +++ b/scripts/install @@ -14,7 +14,6 @@ source /usr/share/yunohost/helpers #================================================= ynh_clean_setup() { - ### Remove this function if there's nothing to clean before calling the remove script. true } # Exit if an error occurs during the execution of the script @@ -27,8 +26,8 @@ ynh_abort_if_errors domain=$YNH_APP_ARG_DOMAIN path_url=$YNH_APP_ARG_PATH admin=$YNH_APP_ARG_ADMIN -password=$YNH_APP_ARG_PASSWORD is_public=$YNH_APP_ARG_IS_PUBLIC +password=$YNH_APP_ARG_PASSWORD users_status=$YNH_APP_ARG_USERS_STATUS app=$YNH_APP_INSTANCE_NAME @@ -55,14 +54,23 @@ ynh_app_setting_set --app=$app --key=admin --value=$admin ynh_app_setting_set --app=$app --key=password --value=$password ynh_app_setting_set --app=$app --key=users_status --value=$users_status +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Configuring system user..." + +# Create a system user +ynh_system_user_create --home_dir=$final_path + #================================================= # CREATE A MYSQL DATABASE #================================================= ynh_script_progression --message="Creating a MySQL database..." db_name=$(ynh_sanitize_dbid --db_name=$app) +db_user=$db_name ynh_app_setting_set --app=$app --key=db_name --value=$db_name -ynh_mysql_setup_db --db_user=$db_name --db_name=$db_name +ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) #================================================= @@ -74,22 +82,18 @@ ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + #================================================= # NGINX CONFIGURATION #================================================= ynh_script_progression --message="Configuring NGINX web server..." -# Create a dedicated nginx config +# Create a dedicated NGINX config ynh_add_nginx_config -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." - -# Create a system user -ynh_system_user_create --username=$app - #================================================= # PHP-FPM CONFIGURATION #================================================= @@ -103,18 +107,16 @@ ynh_add_fpm_config --package="$extra_php_dependencies" #================================================= # SETUP APPLICATION WITH CURL #================================================= +ynh_script_progression --message="Setuping application with CURL..." # Set right permissions for curl install mkdir -p $final_path/plugins/auto -chown -R $app: $final_path +chown -R $app:www-data "$final_path" # Set the app as temporarily public for curl call - -# Reload SSOwat config -yunohost app ssowatconf - -# Reload Nginx -ynh_systemd_action --service_name=nginx --action=reload +ynh_script_progression --message="Configuring SSOwat..." +# Making the app public for curl +ynh_permission_update --permission="main" --add="visitors" ynh_script_progression --message="Finalizing installation..." ynh_local_curl "/ecrire/?suivant" "exec=install" "etape=chmod" @@ -144,7 +146,8 @@ email=$(yunohost user info $admin | grep mail: | cut -d' ' -f2 | tr -d '\n') ynh_local_curl "/ecrire/?suivant" "exec=install" "etape=3b" "adresse_db=localhost" "login_db=$db_name" "pass_db=$db_pwd" "server_db=mysql" "sel_db=$db_name" "nom=$admin" "email=$email" "login=$admin" "pass=$password" "pass_verif=$password" ynh_local_curl "/ecrire/?suivant" "exec=install" "etape=fin" - +# Remove the public access +ynh_permission_update --permission="main" --remove="visitors" #================================================= # MODIFY A CONFIG FILE @@ -161,20 +164,16 @@ ynh_store_file_checksum --file="$final_path/config/connect.php" #================================================= # GENERIC FINALIZATION -#================================================= -# ADVERTISE SERVICE IN ADMIN PANEL -#================================================= - #================================================= # SETUP SSOWAT #================================================= -ynh_script_progression --message="Configuring SSOwat..." - - +ynh_script_progression --message="Configuring permissions..." # Make app public if necessary -if [ "$is_public" -eq 1 ] +if [ $is_public -eq 1 ] then + # Everyone can access the app. + # The "main" permission is automatically created before the install script. ynh_permission_update --permission="main" --add="visitors" fi diff --git a/scripts/remove b/scripts/remove index 62ea710..ed976e5 100644 --- a/scripts/remove +++ b/scripts/remove @@ -26,7 +26,7 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path) #================================================= # STOP AND REMOVE SERVICE #================================================= -ynh_script_progression --message="Stopping and removing the systemd service" +ynh_script_progression --message="Stopping and removing the systemd service..." # Remove the dedicated systemd config ynh_remove_systemd_config @@ -34,10 +34,10 @@ ynh_remove_systemd_config #================================================= # REMOVE THE MYSQL DATABASE #================================================= -ynh_script_progression --message="Stopping and removing the systemd service" +ynh_script_progression --message="Removing the MySQL database..." # Remove a database if it exists, along with the associated user -ynh_mysql_remove_db --db_user=$db_name --db_name=$db_name +ynh_mysql_remove_db --db_user=$db_user --db_name=$db_name #================================================= # REMOVE APP MAIN DIR @@ -52,7 +52,7 @@ ynh_secure_remove --file="$final_path" #================================================= ynh_script_progression --message="Removing NGINX web server configuration..." -# Remove the dedicated nginx config +# Remove the dedicated NGINX config ynh_remove_nginx_config #================================================= @@ -60,7 +60,7 @@ ynh_remove_nginx_config #================================================= ynh_script_progression --message="Removing PHP-FPM configuration..." -# Remove the dedicated php-fpm config +# Remove the dedicated PHP-FPM config ynh_remove_fpm_config #================================================= diff --git a/scripts/restore b/scripts/restore index 08afe94..dce1c2c 100644 --- a/scripts/restore +++ b/scripts/restore @@ -6,7 +6,7 @@ # IMPORT GENERIC HELPERS #================================================= -#Keep this path for calling _common.sh inside the execution's context of backup and restore scripts +# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers @@ -15,7 +15,6 @@ source /usr/share/yunohost/helpers #================================================= ynh_clean_setup () { - #### Remove this function if there's nothing to clean before calling the remove script. true } # Exit if an error occurs during the execution of the script @@ -24,7 +23,7 @@ ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading settings..." +ynh_script_progression --message="Loading installation settings..." app=$YNH_APP_INSTANCE_NAME @@ -32,6 +31,7 @@ domain=$(ynh_app_setting_get --app=$app --key=domain) path_url=$(ynh_app_setting_get --app=$app --key=path) final_path=$(ynh_app_setting_get --app=$app --key=final_path) db_name=$(ynh_app_setting_get --app=$app --key=db_name) +db_user=$db_name phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= @@ -49,9 +49,18 @@ test ! -d $final_path \ #================================================= # RESTORE THE NGINX CONFIGURATION #================================================= +ynh_script_progression --message="Restoring the NGINX configuration..." ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" +#================================================= +# RECREATE THE DEDICATED USER +#================================================= +ynh_script_progression --message="Recreating the dedicated system user..." + +# Create the dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir=$final_path + #================================================= # RESTORE THE APP MAIN DIR #================================================= @@ -59,24 +68,14 @@ ynh_script_progression --message="Restoring the app main directory..." ynh_restore_file --origin_path="$final_path" -#================================================= -# RECREATE THE DEDICATED USER -#================================================= -ynh_script_progression --message="Recreating the dedicated system user..." - -# Create the dedicated user (if not existing) -ynh_system_user_create --username=$app - -#================================================= -# RESTORE USER RIGHTS -#================================================= - -# Restore permissions on app files -chown -R $app: $final_path +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" #================================================= # RESTORE THE PHP-FPM CONFIGURATION #================================================= +ynh_script_progression --message="Restoring the PHP-FPM configuration..." # Restore the file first, so it can have a backup if different ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" @@ -93,8 +92,8 @@ ynh_add_fpm_config --phpversion=$phpversion --package="$extra_php_dependencies" ynh_script_progression --message="Restoring the MySQL database..." db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) -ynh_mysql_setup_db --db_user=$db_name --db_name=$db_name --db_pwd=$db_pwd -ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name < ./db.sql +ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd +ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql #================================================= # GENERIC FINALIZATION @@ -103,11 +102,11 @@ ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name < ./ #================================================= ynh_script_progression --message="Reloading NGINX web server and PHP-FPM..." -ynh_systemd_action --service_name=php${phpversion}-fpm --action=reload +ynh_systemd_action --service_name=php$phpversion-fpm --action=reload ynh_systemd_action --service_name=nginx --action=reload #================================================= # END OF SCRIPT #================================================= -ynh_print_info "Restoration completed for $app" +ynh_script_progression --message="Restoration completed for $app" diff --git a/scripts/upgrade b/scripts/upgrade index d55d165..3c2ba5e 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -26,6 +26,34 @@ users_status=$(ynh_app_setting_get --app=$app --key=users_status) db_name=$(ynh_app_setting_get --app=$app --key=db_name) db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) +#================================================= +# CHECK VERSION +#================================================= +ynh_script_progression --message="Checking version..." + +upgrade_type=$(ynh_check_app_version_changed) + +#================================================= +# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +#================================================= +ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." + +# Backup the current version of the app +ynh_backup_before_upgrade +ynh_clean_setup () { + if [ $migration_process -eq 1 ]; then + yunohost app remove $app + # Reload some values changed by the migration process + app=$YNH_APP_INSTANCE_NAME + fi + # Restore it if the upgrade fails + ynh_restore_upgradebackup +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + +#================================================= +# STANDARD UPGRADE STEPS #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= @@ -71,28 +99,6 @@ if [ -z $password ]; then ynh_app_setting_set --app=$app --key=password --value=$password fi -#================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP -#================================================= -ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." - -# Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { - if [ $migration_process -eq 1 ]; then - yunohost app remove $app - # Reload some values changed by the migration process - app=$YNH_APP_INSTANCE_NAME - fi - # restore it if the upgrade fails - ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# Migrate legacy permissions to new system -#================================================= if ynh_legacy_permissions_exists then ynh_legacy_permissions_delete_all @@ -113,37 +119,43 @@ if [ $migration_process -eq 1 ]; then fi #================================================= -# STANDARD UPGRADE STEPS +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Making sure dedicated system user exists..." + +# Create a dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir=$final_path + #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= -ynh_script_progression --message="Upgrading source files..." -# Download, check integrity, uncompress and patch the source from app.src -ynh_setup_source --dest_dir="$final_path" +if [ "$upgrade_type" == "UPGRADE_APP" ] +then + ynh_script_progression --message="Upgrading source files..." + + # Download, check integrity, uncompress and patch the source from app.src + ynh_setup_source --dest_dir="$final_path" +fi + +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" #================================================= # NGINX CONFIGURATION #================================================= ynh_script_progression --message="Upgrading NGINX web server configuration..." -# Create a dedicated nginx config +# Create a dedicated NGINX config ynh_add_nginx_config -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Making sure dedicated system user exists..." - -# Create a dedicated user (if not existing) -ynh_system_user_create --username=$app - #================================================= # PHP-FPM CONFIGURATION #================================================= ynh_script_progression --message="Upgrading PHP-FPM configuration..." -# Create a dedicated php-fpm config +# Create a dedicated PHP-FPM config ynh_add_fpm_config --package="$extra_php_dependencies" #================================================= @@ -157,9 +169,9 @@ mkdir -p $final_path/plugins/auto chown -R $app: $final_path # Set the app as temporarily public for curl call -ynh_app_setting_set --app=$app --key=skipped_uris --value="/" -# Reload SSOwat config -yunohost app ssowatconf +ynh_script_progression --message="Configuring SSOwat..." +# Making the app public for curl +ynh_permission_update --permission="main" --add="visitors" ynh_backup_if_checksum_is_different --file="$final_path/config/connect.php" @@ -192,19 +204,16 @@ email=$(yunohost user info $admin | grep mail: | cut -d' ' -f2 | tr -d '\n') ynh_local_curl "/ecrire/?suivant" "exec=install" "etape=3b" "adresse_db=localhost" "login_db=$db_name" "pass_db=$db_pwd" "server_db=mysql" "sel_db=$db_name" "nom=$admin" "email=$email" "login=$admin" "pass=$password" "pass_verif=$password" ynh_local_curl "/ecrire/?suivant" "exec=install" "etape=fin" -ynh_app_setting_delete --app=$app --key=skipped_uris +# Remove the public access +ynh_permission_update --permission="main" --remove="visitors" #================================================= -# MODIFY A CONFIG FILE +# UPDATE A CONFIG FILE #================================================= - +ynh_script_progression --message="Updating a configuration file..." #ynh_replace_string --match_string="'','utf8');" --replace_string="'ldap.php','utf8');" --target_file=$final_path/config/connect.php cp ../conf/mes_options.php $final_path/config/mes_options.php -#================================================= -# STORE THE CONFIG FILE CHECKSUM -#================================================= - ynh_store_file_checksum --file="$final_path/config/connect.php" #================================================= @@ -212,13 +221,14 @@ ynh_store_file_checksum --file="$final_path/config/connect.php" #================================================= # SETUP SSOWAT #================================================= -ynh_script_progression --message="Upgrading SSOwat configuration..." +ynh_script_progression --message="Configuring permissions..." # Make app public if necessary if [ $is_public -eq 1 ] then - # unprotected_uris allows SSO credentials to be passed anyway - ynh_app_setting_set --app=$app --key=unprotected_uris --value="/" + # Everyone can access the app. + # The "main" permission is automatically created before the install script. + ynh_permission_update --permission="main" --add="visitors" fi #=================================================