From ff8ec4b78a84162fbcf69bb5be56d8c72c52cad0 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Mon, 6 Sep 2021 13:43:03 +0200 Subject: [PATCH] Fix --- manifest.json | 5 ++++- scripts/backup | 3 +-- scripts/install | 33 ++++++++++++++++----------------- scripts/restore | 25 ++++++++++++------------- scripts/upgrade | 39 +++++++++++++-------------------------- 5 files changed, 46 insertions(+), 59 deletions(-) diff --git a/manifest.json b/manifest.json index 1f48ac5..3066134 100644 --- a/manifest.json +++ b/manifest.json @@ -31,6 +31,8 @@ { "name": "domain", "type": "domain", + "example": "/example", + "default": "/example", "help": { "en": "ZAP must run in the root of this domain. It means no other app can be accessed/run from this domain. We advise to use a dedicated subdomain such as zap.domain.tld", "fr": "ZAP doit être installé à la racine du domaine. Cela implique qu'aucune autre app ne pourra être installée ou accessible sur ce domain. Nous conseillons un sous-domaine dédié par exemple zap.domain.tld." @@ -38,7 +40,8 @@ }, { "name": "admin", - "type": "user" + "type": "user", + "example": "johndoe" }, { "name": "database", diff --git a/scripts/backup b/scripts/backup index 480e42b..d39ad02 100755 --- a/scripts/backup +++ b/scripts/backup @@ -23,6 +23,7 @@ ynh_abort_if_errors # LOAD SETTINGS #================================================= ynh_print_info --message="Loading installation settings..." + app=$YNH_APP_INSTANCE_NAME final_path=$(ynh_app_setting_get --app=$app --key=final_path) @@ -67,8 +68,6 @@ elif [ $database -eq 2 ]; then ynh_psql_dump_db --database="$db_name" > db.sql fi -#================================================= -# SPECIFIC BACKUP #================================================= # BACKUP LOGROTATE #================================================= diff --git a/scripts/install b/scripts/install index e3ec52c..ded3a26 100755 --- a/scripts/install +++ b/scripts/install @@ -26,7 +26,7 @@ admin=$YNH_APP_ARG_ADMIN email=$(ynh_user_get_info --username=$admin --key=mail) upload="256M" database="1" -random_string="$(ynh_string_random)$(ynh_string_random)$(ynh_string_random)" +random_string=$(ynh_string_random --length=48) database=`expr $YNH_APP_ARG_DATABASE` app=$YNH_APP_INSTANCE_NAME @@ -47,11 +47,11 @@ ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url #================================================= ynh_print_info "Storing installation settings..." -ynh_app_setting_set --app=$app --key=domain --value=$domain -ynh_app_setting_set --app=$app --key=path --value=$path_url -ynh_app_setting_set --app=$app --key=admin --value=$admin -ynh_app_setting_set --app=$app --key=email --value=$email -ynh_app_setting_set --app=$app --key=upload --value=$upload +ynh_app_setting_set --app=$app --key=domain --value=$domain +ynh_app_setting_set --app=$app --key=path --value=$path_url +ynh_app_setting_set --app=$app --key=admin --value=$admin +ynh_app_setting_set --app=$app --key=email --value=$email +ynh_app_setting_set --app=$app --key=upload --value=$upload ynh_app_setting_set --app=$app --key=database --value=$database ynh_app_setting_set --app=$app --key=random_string --value=$random_string @@ -83,19 +83,18 @@ ynh_script_progression --message="Setting up Zap source files..." ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src -git clone https://codeberg.org/zot/zap.git "$final_path" +git clone https://codeberg.org/zot/zap.git "$final_path" --quiet # 2 - Zap Addons # Make addon Directory and unpack the addons to this directory -ynh_script_progression --message="Create addon directory inside root folder..." ynh_script_progression --message="Setting up Zap addons source files..." pushd "$final_path" mkdir -p extend/addon/zaddons mkdir addon - git clone https://codeberg.org/zot/zap-addons.git $final_path/extend/addon/zaddons + git clone https://codeberg.org/zot/zap-addons.git $final_path/extend/addon/zaddons --quiet filelist=(`ls extend/addon/zaddons`) cd addon for a in "${filelist[@]}" ; do @@ -138,6 +137,10 @@ config="$final_path/.htconfig.php" ynh_print_info "Create php.log for the debuging..." touch "$final_path/php.log" +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + #================================================= # CREATE A DATABASE #================================================= @@ -204,12 +207,9 @@ ynh_script_progression --message="Configuring PHP-FPM..." # Create a dedicated php-fpm config ynh_add_fpm_config --package="$extra_php_dependencies" -# Set right permissions for Zap -ynh_script_progression --message="Set right for Zap..." - -chown -R $app: $final_path - -# Set up cron job +#================================================= +# CRON JOB CONFIGURATION +#================================================= ynh_script_progression --message="Setting up cron job..." ynh_add_config --template="../conf/poller-cron" --destination="/etc/cron.d/$app" @@ -234,10 +234,9 @@ ynh_add_fail2ban_config --logpath="$final_path/php.log" --failregex="^.*auth\.ph #================================================= # SETUP SSOWAT #================================================= -ynh_script_progression --message="Configuring SSOwat..." +ynh_script_progression --message="Configuring permissions..." ynh_permission_update --permission="main" --add="visitors" -# As Zap is social network and have its own permission there is no need to keep Zap behind SSO #================================================= # RELOAD NGINX diff --git a/scripts/restore b/scripts/restore index d565716..be3c019 100755 --- a/scripts/restore +++ b/scripts/restore @@ -38,8 +38,6 @@ phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= ynh_script_progression --message="Validating restoration parameters..." -ynh_webpath_available --domain=$domain --path_url=$path_url \ - || ynh_die --message="Path not available: ${domain}${path_url}" test ! -d $final_path \ || ynh_die --message="There is already a directory: $final_path " @@ -51,6 +49,14 @@ test ! -d $final_path \ ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" +#================================================= +# RECREATE THE DEDICATED USER +#================================================= +ynh_print_info "Recreating the dedicated system user..." + +# Create the dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # RESTORE THE APP MAIN DIR #================================================= @@ -58,6 +64,10 @@ ynh_script_progression --message="Restoring the app main directory..." ynh_restore_file --origin_path="$final_path" +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + #================================================= # RESTORE THE MYSQL DATABASE #================================================= @@ -80,26 +90,15 @@ elif [ $database -eq 2 ]; then ynh_psql_execute_file_as_root --file="./db.sql" --database="$db_name" fi -#================================================= -# RECREATE THE DEDICATED USER -#================================================= -ynh_print_info "Recreating the dedicated system user..." - -# Create the dedicated user (if not existing) -ynh_system_user_create $app - #================================================= # RESTORE THE PHP-FPM CONFIGURATION #================================================= ynh_script_progression --message="Restoring PHP-FPM configuration..." ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" - # Recreate a dedicated php-fpm config ynh_add_fpm_config --package="$extra_php_dependencies" -#================================================= -# SPECIFIC RESTORATION #================================================= # RESTORE THE CRON FILE #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index b654402..cdc00c2 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -52,6 +52,13 @@ ynh_abort_if_errors #================================================= # Migrate legacy permissions to new system #================================================= +ynh_script_progression --message="Ensuring downward compatibility..." + +# If final_path doesn't exist, create it +if [ -z "$final_path" ]; then + final_path=/var/www/$app + ynh_app_setting_set --app=$app --key=final_path --value=$final_path +fi if ynh_legacy_permissions_exists then @@ -60,24 +67,6 @@ then ynh_app_setting_delete --app=$app --key=is_public fi -#================================================= -# STANDARD UPGRADE STEPS -#================================================= -# REMOVE APP MAIN DIR -#================================================= -ynh_script_progression --message="Upgrading source files..." - -# Create a temporary directory - -# Remove the app directory securely -# ynh_secure_remove "$final_path" - -# If final_path doesn't exist, create it -if [ -z "$final_path" ]; then - final_path=/var/www/$app - ynh_app_setting_set --app=$app --key=final_path --value=$final_path -fi - #================================================= # CREATE DEDICATED USER #================================================= @@ -86,8 +75,6 @@ ynh_script_progression --message="Making sure dedicated system user exists..." # Create a dedicated user (if not existing) ynh_system_user_create --username=$app --home_dir="$final_path" -#================================================= -# STANDARD UPGRADE STEPS #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -98,9 +85,9 @@ ynh_script_progression --message="Upgrading source files..." if [ `cd $final_path && git rev-parse --is-inside-work-tree` ]; then pushd "$final_path" - git pull + git pull --quiet cd extend/addon/zaddons - git pull + git pull --quiet cd ../../.. filelist=(`ls extend/addon/zaddons`) cd addon @@ -157,6 +144,10 @@ else ynh_setup_source --dest_dir="$final_path/addon" --source_id="app_addons" fi +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + #================================================= # NGINX CONFIGURATION #================================================= @@ -165,10 +156,6 @@ ynh_script_progression --message="Upgrading NGINX web server configuration..." # Create a dedicated nginx config ynh_add_nginx_config - -# Set right permissions for curl install -chown -R $app: $final_path - #================================================= # PHP-FPM CONFIGURATION #=================================================