From 33938d9f5f8d49ddc665d9dc7c9b99768ea4f66b Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Mon, 6 Sep 2021 07:42:50 +0200 Subject: [PATCH 01/10] Upgrade --- check_process | 5 ----- conf/app.src | 5 +++-- conf/app_addons.src | 4 ++-- conf/nginx.conf | 42 ++++++++++++++++-------------------------- conf/poller-cron | 2 +- manifest.json | 8 ++++---- scripts/install | 38 ++++++++++++++------------------------ scripts/upgrade | 12 +++--------- 8 files changed, 43 insertions(+), 73 deletions(-) diff --git a/check_process b/check_process index 219f897..34d5d00 100644 --- a/check_process +++ b/check_process @@ -1,8 +1,3 @@ -# See here for more information -# https://github.com/YunoHost/package_check#syntax-check_process-file - -# Move this file from check_process.default to check_process when you have filled it. - ;; Test complet ; Manifest domain="domain.tld" diff --git a/conf/app.src b/conf/app.src index 62ad1f9..b9fcb1f 100644 --- a/conf/app.src +++ b/conf/app.src @@ -1,5 +1,6 @@ -SOURCE_URL=https://codeberg.org/zot/zap/archive/7d77d277d90dbb0b99c3680d1dc956323120e0d5.tar.gz -SOURCE_SUM=0e3e932514c877aad5a2bbc31703143c0df22d097a01a952505bbbca3976fd50 +SOURCE_URL=https://codeberg.org/zot/zap/archive/8f08b200fd6c410c88a3f24248da55185721ccf1.tar.gz +SOURCE_SUM=82eab96306b2c4fb1d2dfcded5ccbc9adfc0f3f82695bd2459aff9b35e71ff21 SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR= SOURCE_FILENAME= + diff --git a/conf/app_addons.src b/conf/app_addons.src index 230603b..5c526c5 100644 --- a/conf/app_addons.src +++ b/conf/app_addons.src @@ -1,5 +1,5 @@ -SOURCE_URL=https://codeberg.org/zot/zap-addons/archive/096e7619f091652b3abdabd6f85141fb49c3f268.tar.gz -SOURCE_SUM=1c8c205f2811fed809bce71a97fdd8723096030473be1162766d8772c56f1511 +SOURCE_URL=https://codeberg.org/zot/zap-addons/archive/b2ddcc67735fb413f14efcc9c49780469b8b61cf.tar.gz +SOURCE_SUM=009f5047096fdbe3becaebfb7ac3ee34d7efd3f4f891e3a645484a7e406598a1 SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR= diff --git a/conf/nginx.conf b/conf/nginx.conf index 45f487b..a4c8c5f 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,16 +1,14 @@ #sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; location __PATH__/ { - alias __FINALPATH__/; - # Force https - if ($scheme = http) - { + alias __FINALPATH__/; + + # Force https + if ($scheme = http) { rewrite ^ https://$server_name$request_uri? permanent; } - if (!-e $request_filename) - - { + if (!-e $request_filename) { rewrite ^(.*)$ /index.php?req=$1; } @@ -21,24 +19,19 @@ location __PATH__/ { index index.php; charset utf-8; - - # Example PHP configuration - location ~* \.php$ - { - try_files $uri =404; - fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock; - fastcgi_index index.php; - include fastcgi_params; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + location ~* \.php$ { + try_files $uri =404; + fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; } # make sure webfinger and other well known services aren't blocked # by denying dot files and rewrite request to the front controller - location ^~ /.well-known/ - { + location ^~ /.well-known/ { allow all; - if (!-e $request_filename) - { + if (!-e $request_filename) { rewrite ^(.*)$ /index.php?req=$1; } } @@ -53,20 +46,17 @@ location __PATH__/ { # } # block these file types - location ~* \.(tpl|md|tgz|log|out)$ - { + location ~* \.(tpl|md|tgz|log|out)$ { deny all; } # deny access to all dot files - location ~ /\. - { + location ~ /\. { deny all; } #deny access to store - location ~ /store - { + location ~ /store { deny all; } diff --git a/conf/poller-cron b/conf/poller-cron index 31ba32f..f991757 100644 --- a/conf/poller-cron +++ b/conf/poller-cron @@ -1,2 +1,2 @@ # Run poller periodically to update Hubzilla -*/10 * * * * __USER__ cd YNH_WWW_PATH; /usr/bin/php__PHP_VERSION__ Zotlabs/Daemon/Master.php Cron > /dev/null 2>&1 \ No newline at end of file +*/10 * * * * __APP__ cd __FINALPATH__; /usr/bin/php__PHPVERSION__ Zotlabs/Daemon/Master.php Cron > /dev/null 2>&1 \ No newline at end of file diff --git a/manifest.json b/manifest.json index 120fc66..a4e0aac 100644 --- a/manifest.json +++ b/manifest.json @@ -3,21 +3,21 @@ "id": "zap", "packaging_format": 1, "description": { - "en": "A fediverse server." + "en": "A fediverse server" }, - "version": "21.05.21~ynh1", + "version": "21.10.21~ynh1", "url": "https://zotlabs.com/zap/", "license": "MIT", "maintainer": { "name": "" }, "requirements": { - "yunohost": ">= 4.1.0" + "yunohost": ">= 4.2.4" }, "multi_instance": true, "services": [ "nginx", - "php7.0-fpm", + "php7.3-fpm", "mysql", "postgresql" ], diff --git a/scripts/install b/scripts/install index c75e6ad..e3ec52c 100755 --- a/scripts/install +++ b/scripts/install @@ -13,10 +13,6 @@ source /usr/share/yunohost/helpers # MANAGE SCRIPT FAILURE #================================================= -ynh_clean_setup () { - ### Remove this function if there's nothing to clean before calling the remove script. - true -} # Exit if an error occurs during the execution of the script ynh_abort_if_errors @@ -27,7 +23,7 @@ ynh_abort_if_errors domain=$YNH_APP_ARG_DOMAIN path_url="/" admin=$YNH_APP_ARG_ADMIN -email=$(yunohost user info $admin | grep "mail:" | cut -d' ' -f2) +email=$(ynh_user_get_info --username=$admin --key=mail) upload="256M" database="1" random_string="$(ynh_string_random)$(ynh_string_random)$(ynh_string_random)" @@ -70,6 +66,14 @@ if [ $database -eq 2 ]; then ynh_install_app_dependencies $pkg_dependencies fi +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Configuring system user..." + +# Create a system user +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -192,14 +196,6 @@ ynh_script_progression --message="Configuring NGINX web server..." # Create a dedicated nginx config ynh_add_nginx_config -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." - -# Create a system user -ynh_system_user_create --username=$app - #================================================= # PHP-FPM CONFIGURATION #================================================= @@ -210,21 +206,15 @@ ynh_add_fpm_config --package="$extra_php_dependencies" # Set right permissions for Zap ynh_script_progression --message="Set right for Zap..." + chown -R $app: $final_path # Set up cron job ynh_script_progression --message="Setting up cron job..." -ynh_replace_string --match_string="YNH_WWW_PATH" --replace_string="$final_path" --target_file="../conf/poller-cron" -ynh_replace_string --match_string="__USER__" --replace_string="$app" --target_file="../conf/poller-cron" -ynh_replace_string --match_string="__PHP_VERSION__" --replace_string="$phpversion" --target_file="../conf/poller-cron" -cp ../conf/poller-cron /etc/cron.d/$app -#================================================= -# STORE THE CONFIG FILE CHECKSUM -#================================================= - -# Calculate and store the config file checksum into the app settings -ynh_store_file_checksum --file="$config" +ynh_add_config --template="../conf/poller-cron" --destination="/etc/cron.d/$app" +chown root: "/etc/cron.d/$app" +chmod 644 "/etc/cron.d/$app" #================================================= # SETUP LOGROTATE @@ -245,10 +235,10 @@ ynh_add_fail2ban_config --logpath="$final_path/php.log" --failregex="^.*auth\.ph # SETUP SSOWAT #================================================= ynh_script_progression --message="Configuring SSOwat..." + ynh_permission_update --permission="main" --add="visitors" # As Zap is social network and have its own permission there is no need to keep Zap behind SSO - #================================================= # RELOAD NGINX #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 8bd4596..2c6a908 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -52,6 +52,7 @@ ynh_abort_if_errors #================================================= # Migrate legacy permissions to new system #================================================= + if ynh_legacy_permissions_exists then ynh_legacy_permissions_delete_all @@ -59,7 +60,6 @@ then ynh_app_setting_delete --app=$app --key=is_public fi - #================================================= # STANDARD UPGRADE STEPS #================================================= @@ -69,8 +69,6 @@ ynh_script_progression --message="Upgrading source files..." # Create a temporary directory - - # Remove the app directory securely # ynh_secure_remove "$final_path" @@ -80,9 +78,6 @@ if [ -z "$final_path" ]; then ynh_app_setting_set --app=$app --key=final_path --value=$final_path fi - - - #================================================= # STANDARD UPGRADE STEPS #================================================= @@ -152,7 +147,6 @@ else chmod -R 777 $final_path/store mkdir $final_path/addon ynh_setup_source --dest_dir="$final_path/addon" --source_id="app_addons" - fi #================================================= @@ -198,7 +192,7 @@ ynh_use_logrotate --non-append # UPGRADE FAIL2BAN #================================================= -ynh_script_progression --message="Re-configure fail2ban..." +ynh_script_progression --message="Re-configure Fail2Ban..." ynh_add_fail2ban_config --logpath="$final_path/php.log" --failregex="^.*auth\.php.*failed login attempt.*from IP .*$" --max_retry="5" @@ -221,7 +215,7 @@ fi #================================================= # RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading nginx web server..." +ynh_script_progression --message="Reloading NGINX web server..." ynh_systemd_action --service_name=nginx --action=reload From 0b0d3abd4b1424b0eb72d7d0c74ebbbd1de83e4b Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Mon, 6 Sep 2021 08:13:52 +0200 Subject: [PATCH 02/10] Fix --- doc/DESCRIPTION.md | 13 +++++++++++++ doc/DISCLAIMER.md | 19 +++++++++++++++++++ manifest.json | 5 +++++ scripts/upgrade | 30 +++++++++++++++++------------- 4 files changed, 54 insertions(+), 13 deletions(-) create mode 100644 doc/DESCRIPTION.md create mode 100644 doc/DISCLAIMER.md diff --git a/doc/DESCRIPTION.md b/doc/DESCRIPTION.md new file mode 100644 index 0000000..e561e61 --- /dev/null +++ b/doc/DESCRIPTION.md @@ -0,0 +1,13 @@ +[Zap](https://zotlabs.com/zap/) is an an ethical alternative to Fediverse that provides powerful features for creating interconnected websites featuring a decentralized identity, communications, and permissions framework built using common webserver technology. + +Compatible with **Mastodon**, **Pleroma**, **Pixelfed**, **Friendica**, **Hubzilla**, **Funkwhale**, **Peertube**, **Plume**, **WriteFreely** and many, many more. + +## Unique Features of ZAP + +- **Groups** : public, private, and moderated. +- **Events** : Calendar and attendance; automatic birthday notifications for friends using this feature. +- **Cloud**storage : Built-in network file storage integrated with social networking access. +- **Editor** : Supports both markdown and bbcode. Use either or both - if you want. +- **Share**: Drag-and-drop a number of different things such as files, photos, webpages, maps, phone numbers to share- them. +- **Lists**: Sometimes referred to as circles or aspects, this lets you define your own groups of related friends and- communicate with them as a private group. +- **Extend** : Change or upgrade your software functionality as desired by installing additional features from addons and- the free app collection. diff --git a/doc/DISCLAIMER.md b/doc/DISCLAIMER.md new file mode 100644 index 0000000..dd90a68 --- /dev/null +++ b/doc/DISCLAIMER.md @@ -0,0 +1,19 @@ +## Installation + +Before installing, read the [Zap installation instructions](https://codeberg.org/zot/zap/src/branch/release/install/INSTALL.txt) for important information about: + +### Register a new domain and add it to YunoHost + +- Zap requires a dedicated domain, so obtain one and add it using the YunoHost admin panel. **Domains -> Add domain**. As Zap uses the full domain and is installed on the root, you can create a subdomain such as Zap.domain.tld. Don't forget to update your DNS if you manage them manually. + +## Ldap Admin user rights, logs and failed database updates + +- **For admin rights**: When installation is complete, you will need to visit your new hub's page and login with the **admin account username** which was entered at the time of installation process. You should then be able to create your first channel and have the **admin rights** for the hub. + +- **For normal YunoHost users :** Normal LDAP users can login through Ldap authentication and create there channels. + +- **Failing to get admin rights :** If the admin cannot access the admin settings at `https://zap.example.com/admin` or you want to grant admin rights to any other user(s) on the hub, then you have to **manually add 4096** to the **account_roles** under **accounts** for that user in the **database through phpMYAdmin**. + +- **For logs :** Go to **admin->logs** and enter the file name **php.log**. + +- **Failed Database after Upgrade :** Some times databse upgrade fails after version upgrade. You can go to hub eg. `https://zap.example.com/admin/dbsync/` and check the numbers of failled update. These updates will have to be ran manually by **phpMYAdmin**. diff --git a/manifest.json b/manifest.json index a4e0aac..1f48ac5 100644 --- a/manifest.json +++ b/manifest.json @@ -7,6 +7,11 @@ }, "version": "21.10.21~ynh1", "url": "https://zotlabs.com/zap/", + "upstream": { + "license": "MIT", + "website": "https://zotlabs.com/zap/", + "code": "https://codeberg.org/zot/zap" + }, "license": "MIT", "maintainer": { "name": "" diff --git a/scripts/upgrade b/scripts/upgrade index 2c6a908..b654402 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -78,6 +78,14 @@ if [ -z "$final_path" ]; then ynh_app_setting_set --app=$app --key=final_path --value=$final_path fi +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Making sure dedicated system user exists..." + +# Create a dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # STANDARD UPGRADE STEPS #================================================= @@ -157,13 +165,6 @@ ynh_script_progression --message="Upgrading NGINX web server configuration..." # Create a dedicated nginx config ynh_add_nginx_config -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Making sure dedicated system user exists..." - -# Create a dedicated user (if not existing) -ynh_system_user_create --username=$app # Set right permissions for curl install chown -R $app: $final_path @@ -190,18 +191,21 @@ ynh_script_progression --message="Upgrading logrotate configuration..." # Use logrotate to manage app-specific logfile(s) ynh_use_logrotate --non-append +#================================================= # UPGRADE FAIL2BAN #================================================= ynh_script_progression --message="Re-configure Fail2Ban..." ynh_add_fail2ban_config --logpath="$final_path/php.log" --failregex="^.*auth\.php.*failed login attempt.*from IP .*$" --max_retry="5" -# Set cron job -ynh_print_info "Setting up cron job..." -ynh_replace_string --match_string="YNH_WWW_PATH" --replace_string="$final_path" --target_file="../conf/poller-cron" -ynh_replace_string --match_string="__USER__" --replace_string="$app" --target_file="../conf/poller-cron" -ynh_replace_string --match_string="__PHP_VERSION__" --replace_string="$phpversion" --target_file="../conf/poller-cron" -cp -f ../conf/poller-cron /etc/cron.d/$app +#================================================= +# UPGRADE CRON +#================================================= +ynh_script_progression --message="Setting up cron job..." + +ynh_add_config --template="../conf/poller-cron" --destination="/etc/cron.d/$app" +chown root: "/etc/cron.d/$app" +chmod 644 "/etc/cron.d/$app" #================================================= # UPGRADE DEPENDENCIES From 37cdf8205e0d1a9fd8fb661a65592238e1e858df Mon Sep 17 00:00:00 2001 From: Yunohost-Bot <> Date: Mon, 6 Sep 2021 06:14:01 +0000 Subject: [PATCH 03/10] Auto-update README --- README.md | 47 ++++++++++++++++----------------- README_fr.md | 73 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 95 insertions(+), 25 deletions(-) create mode 100644 README_fr.md diff --git a/README.md b/README.md index 02acbfa..9573392 100644 --- a/README.md +++ b/README.md @@ -1,11 +1,17 @@ -# ZAP for YunoHost + -[![Integration level](https://dash.yunohost.org/integration/zap.svg)](https://dash.yunohost.org/appci/app/zap) ![](https://ci-apps.yunohost.org/ci/badges/zap.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/zap.maintain.svg) +# Zap for YunoHost +[![Integration level](https://dash.yunohost.org/integration/zap.svg)](https://dash.yunohost.org/appci/app/zap) ![](https://ci-apps.yunohost.org/ci/badges/zap.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/zap.maintain.svg) [![Install Zap with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=zap) -> _This package allow you to install ZAP quickly and simply on a YunoHost server. -> If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to know how to install and enjoy it._ +*[Lire ce readme en français.](./README_fr.md)* + +> *This package allows you to install Zap quickly and simply on a YunoHost server. +If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/install) to learn how to install it.* ## Overview @@ -13,8 +19,6 @@ Compatible with **Mastodon**, **Pleroma**, **Pixelfed**, **Friendica**, **Hubzilla**, **Funkwhale**, **Peertube**, **Plume**, **WriteFreely** and many, many more. -**Shipped version:** 21.05.21 - ## Unique Features of ZAP - **Groups** : public, private, and moderated. @@ -25,13 +29,12 @@ Compatible with **Mastodon**, **Pleroma**, **Pixelfed**, **Friendica**, **Hubzil - **Lists**: Sometimes referred to as circles or aspects, this lets you define your own groups of related friends and- communicate with them as a private group. - **Extend** : Change or upgrade your software functionality as desired by installing additional features from addons and- the free app collection. -## This app claims following features: -- [x] Ldap integration -- [x] Multi-instance -- [x] Adeed php.log in the root folder for debugging php, with logrotate applied on it (can be accesssed by **admin->logs** and entering the **php.log**). -- [x] Fail2ban -- [x] Option to choose between **Mysql** and **PostgreSQL**. +**Shipped version:** 21.10.21~ynh1 + + + +## Disclaimers / important information ## Installation @@ -53,28 +56,22 @@ Before installing, read the [Zap installation instructions](https://codeberg.org - **Failed Database after Upgrade :** Some times databse upgrade fails after version upgrade. You can go to hub eg. `https://zap.example.com/admin/dbsync/` and check the numbers of failled update. These updates will have to be ran manually by **phpMYAdmin**. -#### Supported architectures +## Documentation and resources -- x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/Zap%20%28Official%29.svg)](https://ci-apps.yunohost.org/ci/apps/zap/) -- ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/Zap%20%28Official%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/zap/) - -## Links - -- YunoHost project: https://yunohost.org -- Zap website: https://zotlabs.com/zap/ -- Zap code on codeberg: https://codeberg.org/zot/zap -- Zap addons on codeberg: https://codeberg.org/zot/zap-addons - ---- +* Official app website: https://zotlabs.com/zap/ +* Upstream app code repository: https://codeberg.org/zot/zap +* YunoHost documentation for this app: https://yunohost.org/app_zap +* Report a bug: https://github.com/YunoHost-Apps/zap_ynh/issues ## Developer info Please send your pull request to the [testing branch](https://github.com/YunoHost-Apps/zap_ynh/tree/testing). To try the testing branch, please proceed like that. - ``` sudo yunohost app install https://github.com/YunoHost-Apps/zap_ynh/tree/testing --debug or sudo yunohost app upgrade zap -u https://github.com/YunoHost-Apps/zap_ynh/tree/testing --debug ``` + +**More info regarding app packaging:** https://yunohost.org/packaging_apps \ No newline at end of file diff --git a/README_fr.md b/README_fr.md new file mode 100644 index 0000000..1ce8809 --- /dev/null +++ b/README_fr.md @@ -0,0 +1,73 @@ +# Zap pour YunoHost + +[![Niveau d'intégration](https://dash.yunohost.org/integration/zap.svg)](https://dash.yunohost.org/appci/app/zap) ![](https://ci-apps.yunohost.org/ci/badges/zap.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/zap.maintain.svg) +[![Installer Zap avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=zap) + +*[Read this readme in english.](./README.md)* +*[Lire ce readme en français.](./README_fr.md)* + +> *Ce package vous permet d'installer Zap rapidement et simplement sur un serveur YunoHost. +Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.* + +## Vue d'ensemble + +[Zap](https://zotlabs.com/zap/) is an an ethical alternative to Fediverse that provides powerful features for creating interconnected websites featuring a decentralized identity, communications, and permissions framework built using common webserver technology. + +Compatible with **Mastodon**, **Pleroma**, **Pixelfed**, **Friendica**, **Hubzilla**, **Funkwhale**, **Peertube**, **Plume**, **WriteFreely** and many, many more. + +## Unique Features of ZAP + +- **Groups** : public, private, and moderated. +- **Events** : Calendar and attendance; automatic birthday notifications for friends using this feature. +- **Cloud**storage : Built-in network file storage integrated with social networking access. +- **Editor** : Supports both markdown and bbcode. Use either or both - if you want. +- **Share**: Drag-and-drop a number of different things such as files, photos, webpages, maps, phone numbers to share- them. +- **Lists**: Sometimes referred to as circles or aspects, this lets you define your own groups of related friends and- communicate with them as a private group. +- **Extend** : Change or upgrade your software functionality as desired by installing additional features from addons and- the free app collection. + + +**Version incluse :** 21.10.21~ynh1 + + + +## Avertissements / informations importantes + +## Installation + +Before installing, read the [Zap installation instructions](https://codeberg.org/zot/zap/src/branch/release/install/INSTALL.txt) for important information about: + +### Register a new domain and add it to YunoHost + +- Zap requires a dedicated domain, so obtain one and add it using the YunoHost admin panel. **Domains -> Add domain**. As Zap uses the full domain and is installed on the root, you can create a subdomain such as Zap.domain.tld. Don't forget to update your DNS if you manage them manually. + +## Ldap Admin user rights, logs and failed database updates + +- **For admin rights**: When installation is complete, you will need to visit your new hub's page and login with the **admin account username** which was entered at the time of installation process. You should then be able to create your first channel and have the **admin rights** for the hub. + +- **For normal YunoHost users :** Normal LDAP users can login through Ldap authentication and create there channels. + +- **Failing to get admin rights :** If the admin cannot access the admin settings at `https://zap.example.com/admin` or you want to grant admin rights to any other user(s) on the hub, then you have to **manually add 4096** to the **account_roles** under **accounts** for that user in the **database through phpMYAdmin**. + +- **For logs :** Go to **admin->logs** and enter the file name **php.log**. + +- **Failed Database after Upgrade :** Some times databse upgrade fails after version upgrade. You can go to hub eg. `https://zap.example.com/admin/dbsync/` and check the numbers of failled update. These updates will have to be ran manually by **phpMYAdmin**. + +## Documentations et ressources + +* Site officiel de l'app : https://zotlabs.com/zap/ +* Dépôt de code officiel de l'app : https://codeberg.org/zot/zap +* Documentation YunoHost pour cette app : https://yunohost.org/app_zap +* Signaler un bug : https://github.com/YunoHost-Apps/zap_ynh/issues + +## Informations pour les développeurs + +Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/zap_ynh/tree/testing). + +Pour essayer la branche testing, procédez comme suit. +``` +sudo yunohost app install https://github.com/YunoHost-Apps/zap_ynh/tree/testing --debug +ou +sudo yunohost app upgrade zap -u https://github.com/YunoHost-Apps/zap_ynh/tree/testing --debug +``` + +**Plus d'infos sur le packaging d'applications :** https://yunohost.org/packaging_apps \ No newline at end of file From f0575102aeab419d354a4ace42b6217373e5ae5e Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Mon, 6 Sep 2021 08:16:50 +0200 Subject: [PATCH 04/10] Fix --- check_process | 1 - scripts/restore | 4 ---- 2 files changed, 5 deletions(-) diff --git a/check_process b/check_process index 34d5d00..6fca7dd 100644 --- a/check_process +++ b/check_process @@ -15,7 +15,6 @@ upgrade=1 from_commit=c8575c645eb5802cd99cf63dfede2ddba124582b backup_restore=1 multi_instance=1 - port_already_use=0 change_url=0 ;;; Options Email= diff --git a/scripts/restore b/scripts/restore index 49c0376..d565716 100755 --- a/scripts/restore +++ b/scripts/restore @@ -14,10 +14,6 @@ source /usr/share/yunohost/helpers # MANAGE SCRIPT FAILURE #================================================= -ynh_clean_setup () { - #### Remove this function if there's nothing to clean before calling the remove script. - true -} # Exit if an error occurs during the execution of the script ynh_abort_if_errors From ff8ec4b78a84162fbcf69bb5be56d8c72c52cad0 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Mon, 6 Sep 2021 13:43:03 +0200 Subject: [PATCH 05/10] Fix --- manifest.json | 5 ++++- scripts/backup | 3 +-- scripts/install | 33 ++++++++++++++++----------------- scripts/restore | 25 ++++++++++++------------- scripts/upgrade | 39 +++++++++++++-------------------------- 5 files changed, 46 insertions(+), 59 deletions(-) diff --git a/manifest.json b/manifest.json index 1f48ac5..3066134 100644 --- a/manifest.json +++ b/manifest.json @@ -31,6 +31,8 @@ { "name": "domain", "type": "domain", + "example": "/example", + "default": "/example", "help": { "en": "ZAP must run in the root of this domain. It means no other app can be accessed/run from this domain. We advise to use a dedicated subdomain such as zap.domain.tld", "fr": "ZAP doit être installé à la racine du domaine. Cela implique qu'aucune autre app ne pourra être installée ou accessible sur ce domain. Nous conseillons un sous-domaine dédié par exemple zap.domain.tld." @@ -38,7 +40,8 @@ }, { "name": "admin", - "type": "user" + "type": "user", + "example": "johndoe" }, { "name": "database", diff --git a/scripts/backup b/scripts/backup index 480e42b..d39ad02 100755 --- a/scripts/backup +++ b/scripts/backup @@ -23,6 +23,7 @@ ynh_abort_if_errors # LOAD SETTINGS #================================================= ynh_print_info --message="Loading installation settings..." + app=$YNH_APP_INSTANCE_NAME final_path=$(ynh_app_setting_get --app=$app --key=final_path) @@ -67,8 +68,6 @@ elif [ $database -eq 2 ]; then ynh_psql_dump_db --database="$db_name" > db.sql fi -#================================================= -# SPECIFIC BACKUP #================================================= # BACKUP LOGROTATE #================================================= diff --git a/scripts/install b/scripts/install index e3ec52c..ded3a26 100755 --- a/scripts/install +++ b/scripts/install @@ -26,7 +26,7 @@ admin=$YNH_APP_ARG_ADMIN email=$(ynh_user_get_info --username=$admin --key=mail) upload="256M" database="1" -random_string="$(ynh_string_random)$(ynh_string_random)$(ynh_string_random)" +random_string=$(ynh_string_random --length=48) database=`expr $YNH_APP_ARG_DATABASE` app=$YNH_APP_INSTANCE_NAME @@ -47,11 +47,11 @@ ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url #================================================= ynh_print_info "Storing installation settings..." -ynh_app_setting_set --app=$app --key=domain --value=$domain -ynh_app_setting_set --app=$app --key=path --value=$path_url -ynh_app_setting_set --app=$app --key=admin --value=$admin -ynh_app_setting_set --app=$app --key=email --value=$email -ynh_app_setting_set --app=$app --key=upload --value=$upload +ynh_app_setting_set --app=$app --key=domain --value=$domain +ynh_app_setting_set --app=$app --key=path --value=$path_url +ynh_app_setting_set --app=$app --key=admin --value=$admin +ynh_app_setting_set --app=$app --key=email --value=$email +ynh_app_setting_set --app=$app --key=upload --value=$upload ynh_app_setting_set --app=$app --key=database --value=$database ynh_app_setting_set --app=$app --key=random_string --value=$random_string @@ -83,19 +83,18 @@ ynh_script_progression --message="Setting up Zap source files..." ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src -git clone https://codeberg.org/zot/zap.git "$final_path" +git clone https://codeberg.org/zot/zap.git "$final_path" --quiet # 2 - Zap Addons # Make addon Directory and unpack the addons to this directory -ynh_script_progression --message="Create addon directory inside root folder..." ynh_script_progression --message="Setting up Zap addons source files..." pushd "$final_path" mkdir -p extend/addon/zaddons mkdir addon - git clone https://codeberg.org/zot/zap-addons.git $final_path/extend/addon/zaddons + git clone https://codeberg.org/zot/zap-addons.git $final_path/extend/addon/zaddons --quiet filelist=(`ls extend/addon/zaddons`) cd addon for a in "${filelist[@]}" ; do @@ -138,6 +137,10 @@ config="$final_path/.htconfig.php" ynh_print_info "Create php.log for the debuging..." touch "$final_path/php.log" +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + #================================================= # CREATE A DATABASE #================================================= @@ -204,12 +207,9 @@ ynh_script_progression --message="Configuring PHP-FPM..." # Create a dedicated php-fpm config ynh_add_fpm_config --package="$extra_php_dependencies" -# Set right permissions for Zap -ynh_script_progression --message="Set right for Zap..." - -chown -R $app: $final_path - -# Set up cron job +#================================================= +# CRON JOB CONFIGURATION +#================================================= ynh_script_progression --message="Setting up cron job..." ynh_add_config --template="../conf/poller-cron" --destination="/etc/cron.d/$app" @@ -234,10 +234,9 @@ ynh_add_fail2ban_config --logpath="$final_path/php.log" --failregex="^.*auth\.ph #================================================= # SETUP SSOWAT #================================================= -ynh_script_progression --message="Configuring SSOwat..." +ynh_script_progression --message="Configuring permissions..." ynh_permission_update --permission="main" --add="visitors" -# As Zap is social network and have its own permission there is no need to keep Zap behind SSO #================================================= # RELOAD NGINX diff --git a/scripts/restore b/scripts/restore index d565716..be3c019 100755 --- a/scripts/restore +++ b/scripts/restore @@ -38,8 +38,6 @@ phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= ynh_script_progression --message="Validating restoration parameters..." -ynh_webpath_available --domain=$domain --path_url=$path_url \ - || ynh_die --message="Path not available: ${domain}${path_url}" test ! -d $final_path \ || ynh_die --message="There is already a directory: $final_path " @@ -51,6 +49,14 @@ test ! -d $final_path \ ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" +#================================================= +# RECREATE THE DEDICATED USER +#================================================= +ynh_print_info "Recreating the dedicated system user..." + +# Create the dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # RESTORE THE APP MAIN DIR #================================================= @@ -58,6 +64,10 @@ ynh_script_progression --message="Restoring the app main directory..." ynh_restore_file --origin_path="$final_path" +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + #================================================= # RESTORE THE MYSQL DATABASE #================================================= @@ -80,26 +90,15 @@ elif [ $database -eq 2 ]; then ynh_psql_execute_file_as_root --file="./db.sql" --database="$db_name" fi -#================================================= -# RECREATE THE DEDICATED USER -#================================================= -ynh_print_info "Recreating the dedicated system user..." - -# Create the dedicated user (if not existing) -ynh_system_user_create $app - #================================================= # RESTORE THE PHP-FPM CONFIGURATION #================================================= ynh_script_progression --message="Restoring PHP-FPM configuration..." ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" - # Recreate a dedicated php-fpm config ynh_add_fpm_config --package="$extra_php_dependencies" -#================================================= -# SPECIFIC RESTORATION #================================================= # RESTORE THE CRON FILE #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index b654402..cdc00c2 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -52,6 +52,13 @@ ynh_abort_if_errors #================================================= # Migrate legacy permissions to new system #================================================= +ynh_script_progression --message="Ensuring downward compatibility..." + +# If final_path doesn't exist, create it +if [ -z "$final_path" ]; then + final_path=/var/www/$app + ynh_app_setting_set --app=$app --key=final_path --value=$final_path +fi if ynh_legacy_permissions_exists then @@ -60,24 +67,6 @@ then ynh_app_setting_delete --app=$app --key=is_public fi -#================================================= -# STANDARD UPGRADE STEPS -#================================================= -# REMOVE APP MAIN DIR -#================================================= -ynh_script_progression --message="Upgrading source files..." - -# Create a temporary directory - -# Remove the app directory securely -# ynh_secure_remove "$final_path" - -# If final_path doesn't exist, create it -if [ -z "$final_path" ]; then - final_path=/var/www/$app - ynh_app_setting_set --app=$app --key=final_path --value=$final_path -fi - #================================================= # CREATE DEDICATED USER #================================================= @@ -86,8 +75,6 @@ ynh_script_progression --message="Making sure dedicated system user exists..." # Create a dedicated user (if not existing) ynh_system_user_create --username=$app --home_dir="$final_path" -#================================================= -# STANDARD UPGRADE STEPS #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -98,9 +85,9 @@ ynh_script_progression --message="Upgrading source files..." if [ `cd $final_path && git rev-parse --is-inside-work-tree` ]; then pushd "$final_path" - git pull + git pull --quiet cd extend/addon/zaddons - git pull + git pull --quiet cd ../../.. filelist=(`ls extend/addon/zaddons`) cd addon @@ -157,6 +144,10 @@ else ynh_setup_source --dest_dir="$final_path/addon" --source_id="app_addons" fi +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + #================================================= # NGINX CONFIGURATION #================================================= @@ -165,10 +156,6 @@ ynh_script_progression --message="Upgrading NGINX web server configuration..." # Create a dedicated nginx config ynh_add_nginx_config - -# Set right permissions for curl install -chown -R $app: $final_path - #================================================= # PHP-FPM CONFIGURATION #================================================= From 8c7ffc5592f3ceae96654385b7bef0ad9f181388 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Mon, 6 Sep 2021 13:49:11 +0200 Subject: [PATCH 06/10] Fix --- doc/DISCLAIMER.md | 6 +++--- manifest.json | 3 ++- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/doc/DISCLAIMER.md b/doc/DISCLAIMER.md index dd90a68..c84aadc 100644 --- a/doc/DISCLAIMER.md +++ b/doc/DISCLAIMER.md @@ -6,7 +6,7 @@ Before installing, read the [Zap installation instructions](https://codeberg.org - Zap requires a dedicated domain, so obtain one and add it using the YunoHost admin panel. **Domains -> Add domain**. As Zap uses the full domain and is installed on the root, you can create a subdomain such as Zap.domain.tld. Don't forget to update your DNS if you manage them manually. -## Ldap Admin user rights, logs and failed database updates +## LDAP Admin user rights, logs and failed database updates - **For admin rights**: When installation is complete, you will need to visit your new hub's page and login with the **admin account username** which was entered at the time of installation process. You should then be able to create your first channel and have the **admin rights** for the hub. @@ -14,6 +14,6 @@ Before installing, read the [Zap installation instructions](https://codeberg.org - **Failing to get admin rights :** If the admin cannot access the admin settings at `https://zap.example.com/admin` or you want to grant admin rights to any other user(s) on the hub, then you have to **manually add 4096** to the **account_roles** under **accounts** for that user in the **database through phpMYAdmin**. -- **For logs :** Go to **admin->logs** and enter the file name **php.log**. +- **For logs:** Go to **admin->logs** and enter the file name **php.log**. -- **Failed Database after Upgrade :** Some times databse upgrade fails after version upgrade. You can go to hub eg. `https://zap.example.com/admin/dbsync/` and check the numbers of failled update. These updates will have to be ran manually by **phpMYAdmin**. +- **Failed Database after Upgrade:** Some times databse upgrade fails after version upgrade. You can go to hub eg. `https://zap.example.com/admin/dbsync/` and check the numbers of failled update. These updates will have to be ran manually by **phpMYAdmin**. diff --git a/manifest.json b/manifest.json index 3066134..6f16f65 100644 --- a/manifest.json +++ b/manifest.json @@ -3,7 +3,8 @@ "id": "zap", "packaging_format": 1, "description": { - "en": "A fediverse server" + "en": "Ethical fediverse server alternative", + "fr": "serveur fedverse éthique" }, "version": "21.10.21~ynh1", "url": "https://zotlabs.com/zap/", From cc9dd9220334d82aa2ea9449443a0e87e99049e8 Mon Sep 17 00:00:00 2001 From: Yunohost-Bot <> Date: Mon, 6 Sep 2021 11:49:17 +0000 Subject: [PATCH 07/10] Auto-update README --- README.md | 6 +++--- README_fr.md | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 9573392..0937632 100644 --- a/README.md +++ b/README.md @@ -44,7 +44,7 @@ Before installing, read the [Zap installation instructions](https://codeberg.org - Zap requires a dedicated domain, so obtain one and add it using the YunoHost admin panel. **Domains -> Add domain**. As Zap uses the full domain and is installed on the root, you can create a subdomain such as Zap.domain.tld. Don't forget to update your DNS if you manage them manually. -## Ldap Admin user rights, logs and failed database updates +## LDAP Admin user rights, logs and failed database updates - **For admin rights**: When installation is complete, you will need to visit your new hub's page and login with the **admin account username** which was entered at the time of installation process. You should then be able to create your first channel and have the **admin rights** for the hub. @@ -52,9 +52,9 @@ Before installing, read the [Zap installation instructions](https://codeberg.org - **Failing to get admin rights :** If the admin cannot access the admin settings at `https://zap.example.com/admin` or you want to grant admin rights to any other user(s) on the hub, then you have to **manually add 4096** to the **account_roles** under **accounts** for that user in the **database through phpMYAdmin**. -- **For logs :** Go to **admin->logs** and enter the file name **php.log**. +- **For logs:** Go to **admin->logs** and enter the file name **php.log**. -- **Failed Database after Upgrade :** Some times databse upgrade fails after version upgrade. You can go to hub eg. `https://zap.example.com/admin/dbsync/` and check the numbers of failled update. These updates will have to be ran manually by **phpMYAdmin**. +- **Failed Database after Upgrade:** Some times databse upgrade fails after version upgrade. You can go to hub eg. `https://zap.example.com/admin/dbsync/` and check the numbers of failled update. These updates will have to be ran manually by **phpMYAdmin**. ## Documentation and resources diff --git a/README_fr.md b/README_fr.md index 1ce8809..2f40855 100644 --- a/README_fr.md +++ b/README_fr.md @@ -40,7 +40,7 @@ Before installing, read the [Zap installation instructions](https://codeberg.org - Zap requires a dedicated domain, so obtain one and add it using the YunoHost admin panel. **Domains -> Add domain**. As Zap uses the full domain and is installed on the root, you can create a subdomain such as Zap.domain.tld. Don't forget to update your DNS if you manage them manually. -## Ldap Admin user rights, logs and failed database updates +## LDAP Admin user rights, logs and failed database updates - **For admin rights**: When installation is complete, you will need to visit your new hub's page and login with the **admin account username** which was entered at the time of installation process. You should then be able to create your first channel and have the **admin rights** for the hub. @@ -48,9 +48,9 @@ Before installing, read the [Zap installation instructions](https://codeberg.org - **Failing to get admin rights :** If the admin cannot access the admin settings at `https://zap.example.com/admin` or you want to grant admin rights to any other user(s) on the hub, then you have to **manually add 4096** to the **account_roles** under **accounts** for that user in the **database through phpMYAdmin**. -- **For logs :** Go to **admin->logs** and enter the file name **php.log**. +- **For logs:** Go to **admin->logs** and enter the file name **php.log**. -- **Failed Database after Upgrade :** Some times databse upgrade fails after version upgrade. You can go to hub eg. `https://zap.example.com/admin/dbsync/` and check the numbers of failled update. These updates will have to be ran manually by **phpMYAdmin**. +- **Failed Database after Upgrade:** Some times databse upgrade fails after version upgrade. You can go to hub eg. `https://zap.example.com/admin/dbsync/` and check the numbers of failled update. These updates will have to be ran manually by **phpMYAdmin**. ## Documentations et ressources From 8920e7d5101ae1cf620d280088c1be03d2235c35 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=89ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Sat, 25 Sep 2021 15:49:57 +0200 Subject: [PATCH 08/10] Update manifest.json Co-authored-by: Alexandre Aubin --- manifest.json | 2 -- 1 file changed, 2 deletions(-) diff --git a/manifest.json b/manifest.json index 6f16f65..2e69569 100644 --- a/manifest.json +++ b/manifest.json @@ -32,8 +32,6 @@ { "name": "domain", "type": "domain", - "example": "/example", - "default": "/example", "help": { "en": "ZAP must run in the root of this domain. It means no other app can be accessed/run from this domain. We advise to use a dedicated subdomain such as zap.domain.tld", "fr": "ZAP doit être installé à la racine du domaine. Cela implique qu'aucune autre app ne pourra être installée ou accessible sur ce domain. Nous conseillons un sous-domaine dédié par exemple zap.domain.tld." From 5878a93cb819149cff88ed0d668fce2f1aa3b2f5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=89ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Sat, 25 Sep 2021 15:50:18 +0200 Subject: [PATCH 09/10] Update manifest.json Co-authored-by: Alexandre Aubin --- manifest.json | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/manifest.json b/manifest.json index 2e69569..4b72798 100644 --- a/manifest.json +++ b/manifest.json @@ -39,8 +39,7 @@ }, { "name": "admin", - "type": "user", - "example": "johndoe" + "type": "user" }, { "name": "database", From 356886579a329beed11bc1333e5df4e45f3304a4 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Sat, 25 Sep 2021 15:52:13 +0200 Subject: [PATCH 10/10] 775 --- scripts/install | 2 +- scripts/upgrade | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/scripts/install b/scripts/install index ded3a26..8deae1c 100755 --- a/scripts/install +++ b/scripts/install @@ -126,7 +126,7 @@ ynh_script_progression --message="Creating smarty3 folder for personal data..." mkdir -p "${final_path}/store" mkdir -p "${final_path}/cache/smarty3" -chmod -R 777 $final_path/store $final_path/cache +chmod -R 775 $final_path/store $final_path/cache # Copy the template install/htconfig.sample.php to .htconfig.php config="$final_path/.htconfig.php" diff --git a/scripts/upgrade b/scripts/upgrade index cdc00c2..ebbcb46 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -117,7 +117,7 @@ if [ `cd $final_path && git rev-parse --is-inside-work-tree` ]; then fi; done popd - chmod -R 777 $final_path/store + chmod -R 775 $final_path/store else # Create a temporary directory @@ -139,7 +139,7 @@ else cp -a "$tmpdir/.htconfig.php" "${final_path}" cp -a "$tmpdir/php.log" "${final_path}" ynh_secure_remove --file="$tmpdir" - chmod -R 777 $final_path/store + chmod -R 775 $final_path/store mkdir $final_path/addon ynh_setup_source --dest_dir="$final_path/addon" --source_id="app_addons" fi