teampass_ynh/scripts/install

#!/bin/bash

#=================================================
# GENERIC STARTING
#=================================================
# IMPORT GENERIC HELPERS
#=================================================

source _common.sh
source /usr/share/yunohost/helpers

#=================================================
# MANAGE FAILURE OF THE SCRIPT
#=================================================

ynh_abort_if_errors	# Active trap pour arrêter le script si une erreur est détectée.

#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================

domain=$YNH_APP_ARG_DOMAIN
path_url=$YNH_APP_ARG_PATH
ynh_print_OFF; password_admin=$YNH_APP_ARG_PASSWORD; ynh_print_ON

app=$YNH_APP_INSTANCE_NAME

#=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THIS ARGS
#=================================================
ynh_script_progression --message="Validating installation parameters..." --weight=1

final_path=/var/www/$app
test ! -e "$final_path" || ynh_die "This path already contains a folder"

# Register (book) web path
ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url

#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
#=================================================
ynh_script_progression --message="Storing installation settings..." --weight=1

ynh_app_setting_set --app=$app --key=domain --value=$domain
ynh_app_setting_set --app=$app --key=path --value=$path_url

#=================================================
# STANDARD MODIFICATIONS
#=================================================
# CREATE A MYSQL DATABASE
#=================================================
ynh_script_progression --message="Creating a MySQL database..." --weight=2

db_name=$(ynh_sanitize_dbid $app)
db_user=$db_name
ynh_app_setting_set --app=$app --key=db_name --value=$db_name
ynh_mysql_setup_db --db_user=$db_name --db_name=$db_name

#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Configuring system user..." --weight=2

# Create a system user
ynh_system_user_create --username=$app --home_dir="$final_path"

#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression --message="Setting up source files..." --weight=7

ynh_app_setting_set --app=$app --key=final_path --value=$final_path
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$final_path"

# Delete the install directory.
ynh_secure_remove "$final_path/install"

#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring NGINX web server..." --weight=2

# Create a dedicated NGINX config
ynh_add_nginx_config

#=================================================
# PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring PHP-FPM..." --weight=2

ynh_add_fpm_config	# Créer le fichier de configuration du pool php-fpm et le configure.
phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)

#=================================================
# SPECIFIC SETUP
#=================================================
# FILL THE DATABASE
#=================================================

version="$(sed -n 3p $final_path/changelog.txt)"
bcrypt_mdp="$(php $final_path/mdphash.php $password_admin)"
timezone="$(cat /etc/timezone)"
time="$(date +%s)"

# Remplacement des variables dans le fichier sql
if [ $(echo $LANG | cut -c1-2) == "fr" ]
then
	langue=french
	folders="partagés"
	roles=utilisateurs
else
	langue=english
	folders=shared
	roles=users
fi

ynh_add_config --template="../conf/populate.sql" --destination="$final_path/populate.sql"

# Enregistre les infos dans la config YunoHost
ynh_app_setting_set --app=$app --key=langue --value=$langue

# Import du fichier SQL
ynh_mysql_connect_as $db_name $db_pwd $db_name < $final_path/populate.sql
ynh_secure_remove --file="$final_path/populate.sql"

#=================================================
# CREATE TP.CONFIG.PHP FILE
#=================================================

# The file tp.config.php is a dump of the admin part of the database.
tp_config_file="$final_path/includes/config/tp.config.php"

echo "<?php
global \$SETTINGS;
\$SETTINGS = array (" > $tp_config_file

while read settings
do
	echo -n "    '$(echo $settings | awk '{ print $1 }')'" >> $tp_config_file
	echo " => '$(echo $settings | cut -d' ' -f2-)'," >> $tp_config_file
done <<< "$(ynh_mysql_execute_as_root "SELECT intitule, valeur FROM teampass_misc" $app)"
echo ");" >> $tp_config_file

#=================================================
# CONFIGURE TEAMPASS
#=================================================

path_sk_file=/etc/$app/
mkdir $path_sk_file

ynh_add_config --template="../conf/settings.php" --destination="$final_path/includes/config/settings.php"

#=================================================
# CREATE A SALTKEY
#=================================================

saltkey=$(ynh_string_random --length=32)
ynh_replace_string "__SALTKEY__" "$saltkey" ../conf/sk.php
ynh_add_config --template="../conf/sk.php" --destination="$path_sk_file/sk.php"

#=================================================
# COPY THE FILES
#=================================================

chown -R $app $path_sk_file
chmod 750 $path_sk_file

cp $final_path/includes/libraries/csrfp/libs/csrfp.config.sample.php $final_path/includes/libraries/csrfp/libs/csrfp.config.php	# Créer le fichier de config de csrfp
ynh_replace_string "CSRFP_TOKEN\" => \"" "&$(head -n40 /dev/urandom | tr -c -d 'a-f0-9' | head -c50)" $final_path/includes/libraries/csrfp/libs/csrfp.config.php	# Renseigne un token, valide en hexadécimal
ynh_replace_string "jsUrl\" => \"" "&includes/libraries/csrfp/js/csrfprotector.js" $final_path/includes/libraries/csrfp/libs/csrfp.config.php	# Renseigne l'adresse de csrfprotector.js

#=================================================
# CREATE THE USERS
#=================================================

# Not used anymore, because the current version support ldap.
# But still I keep that here, just in case...

# Ajout des utilisateurs actuels dans la base yunohost
# teampass_users=$(ldapsearch -h localhost -b ou=users,dc=yunohost,dc=org -x objectClass=mailAccount uid | grep uid: | sed 's/uid: //' | xargs)
# id=1
# for teampassuser in $teampass_users
# do
# 	real_password=$(ynh_string_random)	# Génère un mot de passe aléatoire
#     password=$(php $final_path/mdphash.php $real_password)
# 	mail=$(ldapsearch -h localhost -b ou=users,dc=yunohost,dc=org -x uid=$teampassuser mail | grep mail: | sed 's/mail: //' | head -n1)
	# Creation de l'utilisateur
#     ynh_mysql_execute_as_root "INSERT INTO teampass_users (id, login, pw, groupes_visibles, derniers, key_tempo, last_pw_change, last_pw, admin, fonction_id, groupes_interdits, last_connexion, gestionnaire, email, favourites, latest_items, personal_folder, can_create_root_folder) VALUES (NULL, '$teampassuser', '$password', '1', '', '', '', '', '0', '1', '', '', '0', '$mail', '', '', '1', '1');" $app
	# Creation du repertoire personnel
# 	id_user=$(ynh_mysql_execute_as_root "SELECT id from teampass_users where login='$teampassuser';" $app)
#     ynh_mysql_execute_as_root "INSERT INTO teampass_nested_tree (id, parent_id, title, nleft, nright, nlevel, bloquer_creation, bloquer_modification, personal_folder, renewal_period) VALUES (NULL, 0, '$id_user', 0, 0, 1, 0, 0, 1, 0);" $app
#
#     ((id++))
# done

#=================================================
# CREATE A CRON FILE FOR AN AUTOMATIC BACKUP
#=================================================

echo "0 0 * * 0 $app cd $final_path/backups && php script.backup.php" > /etc/cron.d/$app
# Add also a clean of old backup.

#=================================================
# GENERIC FINALISATION
#=================================================
# SECURING FILES AND DIRECTORIES
#=================================================

# Les fichiers appartiennent à root
chown -R root: $final_path
# Sauf certains dossiers includes, files et upload
chown -R $app $final_path/{includes,files,upload}
# Restreint l'accès au dossier de backup
chmod 750 $final_path/backups

#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=1

ynh_systemd_action --service_name=nginx --action=reload

#=================================================
# SEND A README FOR THE ADMIN
#=================================================

message="If you facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/teampass_ynh

!!! Be carreful when using this app, we have encountered many issues with the last upgrade. The next upgrade could be also difficult, and may need to reinstall the app and migrate manually."

ynh_send_readme_to_admin --app_message="$message" --recipients="root"

#=================================================
# END OF SCRIPT
#=================================================

ynh_script_progression --message="Installation of $app completed" --last