diff --git a/.gitignore b/.gitignore index f0ff6f7..6929c0c 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,5 @@ *.swp *~ Notes +*.sw[op] +.DS_Store diff --git a/conf/cron b/conf/cron index 2ff4082..8e77e91 100644 --- a/conf/cron +++ b/conf/cron @@ -1 +1 @@ -0 0 * * 0 __APP__ cd __INSTALL_DIR__/backups && php__PHPVERSION__ script.backup.php +0 0 * * 0 __APP__ cd __INSTALL_DIR__/backups && php__PHP_VERSION__ script.backup.php diff --git a/conf/extra_php-fpm.conf b/conf/extra_php-fpm.conf deleted file mode 100644 index 700c37c..0000000 --- a/conf/extra_php-fpm.conf +++ /dev/null @@ -1,4 +0,0 @@ -; Additional php.ini defines, specific to this pool of workers. - -php_admin_value[upload_max_filesize] = 50M -php_admin_value[post_max_size] = 50M diff --git a/conf/nginx.conf b/conf/nginx.conf index f69c9ef..19c4269 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -9,7 +9,7 @@ location __PATH__/ { try_files $uri $uri/ index.php; location ~ [^/]\.php(/|$) { fastcgi_split_path_info ^(.+?\.php)(/.*)$; - fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock; + fastcgi_pass unix:/var/run/php/php__PHP_VERSION__-fpm-__APP__.sock; fastcgi_index index.php; include fastcgi_params; diff --git a/conf/teampass_pre_upgrade_ynh/conf/nginx.conf b/conf/teampass_pre_upgrade_ynh/conf/nginx.conf index 6a9eab5..f815aa0 100644 --- a/conf/teampass_pre_upgrade_ynh/conf/nginx.conf +++ b/conf/teampass_pre_upgrade_ynh/conf/nginx.conf @@ -9,7 +9,7 @@ location __PATH__/ { try_files $uri $uri/ index.php; location ~ [^/]\.php(/|$) { fastcgi_split_path_info ^(.+?\.php)(/.*)$; - fastcgi_pass unix:/var/run/php5-fpm-__NAME__.sock; + fastcgi_pass unix:/var/run/php5-fpm-__APP__.sock; fastcgi_index index.php; include fastcgi_params; fastcgi_param REMOTE_USER $remote_user; diff --git a/conf/teampass_pre_upgrade_ynh/conf/php-fpm.conf b/conf/teampass_pre_upgrade_ynh/conf/php-fpm.conf index 6c69660..ff84663 100644 --- a/conf/teampass_pre_upgrade_ynh/conf/php-fpm.conf +++ b/conf/teampass_pre_upgrade_ynh/conf/php-fpm.conf @@ -1,7 +1,7 @@ ; Start a new pool named 'www'. ; the variable $pool can we used in any directive and will be replaced by the ; pool name ('www' here) -[__NAMETOCHANGE__] +[__APP__] ; Per pool prefix ; It only applies on the following directives: @@ -19,8 +19,8 @@ ; Unix user/group of processes ; Note: The user is mandatory. If the group is not set, the default user's group ; will be used. -user = __USER__ -group = __USER__ +user = __APP__ +group = __APP__ ; The address on which to accept FastCGI requests. ; Valid syntaxes are: @@ -30,7 +30,7 @@ group = __USER__ ; specific port; ; '/path/to/unix/socket' - to listen on a unix socket. ; Note: This value is mandatory. -listen = /var/run/php5-fpm-__NAMETOCHANGE__.sock +listen = /var/run/php5-fpm-__APP__.sock ; Set listen(2) backlog. ; Default Value: 128 (-1 on FreeBSD and OpenBSD) @@ -302,7 +302,7 @@ pm.max_requests = 500 ; The log file for slow requests ; Default Value: not set ; Note: slowlog is mandatory if request_slowlog_timeout is set -slowlog = /var/log/nginx/__NAMETOCHANGE__.slow.log +slowlog = /var/log/nginx/__APP__.slow.log ; The timeout for serving a single request after which a PHP backtrace will be ; dumped to the 'slowlog' file. A value of '0s' means 'off'. diff --git a/manifest.toml b/manifest.toml index 27c6e44..cf03675 100644 --- a/manifest.toml +++ b/manifest.toml @@ -18,7 +18,8 @@ admindoc = "https://teampass.readthedocs.io/en/latest/" code = "https://github.com/nilsteampassnet/TeamPass" [integration] -yunohost = ">= 11.2" +yunohost = ">= 11.2.18" +helpers_version = "2.1" architectures = "all" multi_instance = true @@ -55,6 +56,7 @@ ram.runtime = "50M" [resources.system_user] [resources.install_dir] + group = "www-data:r-x" [resources.permissions] main.url = "/" diff --git a/scripts/_common.sh b/scripts/_common.sh index 944a65e..3d7f008 100755 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -1,17 +1,5 @@ #!/bin/bash #================================================= -# COMMON VARIABLES -#================================================= - -#================================================= -# PERSONAL HELPERS -#================================================= - -#================================================= -# EXPERIMENTAL HELPERS -#================================================= - -#================================================= -# FUTURE OFFICIAL HELPERS +# COMMON VARIABLES AND CUSTOM HELPERS #================================================= diff --git a/scripts/backup b/scripts/backup index a15f063..3c8d58a 100644 --- a/scripts/backup +++ b/scripts/backup @@ -1,51 +1,42 @@ #!/bin/bash -#================================================= -# GENERIC START -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - # Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers -#================================================= -# DECLARE DATA AND CONF FILES TO BACKUP -#================================================= -ynh_print_info --message="Declaring files to be backed up..." +ynh_print_info "Declaring files to be backed up..." #================================================= # BACKUP THE APP MAIN DIR #================================================= -ynh_backup --src_path="$install_dir" +ynh_backup "$install_dir" #================================================= # SYSTEM CONFIGURATION #================================================= -ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" +ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf" -ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" +ynh_backup "/etc/php/$php_version/fpm/pool.d/$app.conf" #================================================= # BACKUP VARIOUS FILES #================================================= -ynh_backup --src_path="/etc/cron.d/$app" +ynh_backup "/etc/cron.d/$app" -ynh_backup --src_path="/etc/$app/sk.php" +ynh_backup "/etc/$app/sk.php" #================================================= # BACKUP THE MYSQL DATABASE #================================================= -ynh_print_info --message="Backing up the MySQL database..." +ynh_print_info "Backing up the MySQL database..." -ynh_mysql_dump_db --database="$db_name" > db.sql +ynh_mysql_dump_db > db.sql #================================================= # END OF SCRIPT #================================================= -ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." +ynh_print_info "Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." diff --git a/scripts/change_url b/scripts/change_url index 3f7b1ee..b0b99bc 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -1,22 +1,14 @@ #!/bin/bash -#================================================= -# GENERIC STARTING -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - source _common.sh source /usr/share/yunohost/helpers -#================================================= -# STANDARD MODIFICATIONS #================================================= # MODIFY URL IN NGINX CONF #================================================= -ynh_script_progression --message="Updating NGINX web server configuration..." +ynh_script_progression "Updating NGINX web server configuration..." -ynh_change_url_nginx_config +ynh_config_change_url_nginx #================================================= # SPECIFIC MODIFICATIONS @@ -24,20 +16,21 @@ ynh_change_url_nginx_config # UPDATE THE DATABASE #================================================= -ynh_mysql_execute_as_root "UPDATE ${app}_misc SET valeur='https://$new_domain$new_path' WHERE intitule='cpassman_url'" $app -ynh_mysql_execute_as_root "UPDATE ${app}_misc SET valeur='https://$new_domain$new_path/favico.ico' WHERE intitule='favicon'" $app -ynh_mysql_execute_as_root "UPDATE ${app}_misc SET valeur='https://$new_domain$new_path/upload' WHERE intitule='url_to_upload_folder'" $app -ynh_mysql_execute_as_root "UPDATE ${app}_misc SET valeur='https://$new_domain$new_path/files' WHERE intitule='url_to_files_folder'" $app -ynh_mysql_execute_as_root "UPDATE ${app}_misc SET valeur='https://$new_domain$new_path' WHERE intitule='email_server_url'" $app +ynh_mysql_db_shell <<< "UPDATE ${app}_misc SET valeur='https://$new_domain$new_path' WHERE intitule='cpassman_url'" $app +ynh_mysql_db_shell <<< "UPDATE ${app}_misc SET valeur='https://$new_domain$new_path/favico.ico' WHERE intitule='favicon'" $app +ynh_mysql_db_shell <<< "UPDATE ${app}_misc SET valeur='https://$new_domain$new_path/upload' WHERE intitule='url_to_upload_folder'" $app +ynh_mysql_db_shell <<< "UPDATE ${app}_misc SET valeur='https://$new_domain$new_path/files' WHERE intitule='url_to_files_folder'" $app +ynh_mysql_db_shell <<< "UPDATE ${app}_misc SET valeur='https://$new_domain$new_path' WHERE intitule='email_server_url'" $app #================================================= # UPDATE TP.CONFIG.PHP FILE #================================================= -ynh_replace_string "https://$old_domain$old_path" "https://$new_domain$new_path" "$install_dir/includes/config/tp.config.php" +# FIXMEhelpers2.1: ynh_replace used with positional args. Please add the keywords: --match=, --replace=, --file= +ynh_replace "https://$old_domain$old_path" "https://$new_domain$new_path" "$install_dir/includes/config/tp.config.php" #================================================= # END OF SCRIPT #================================================= -ynh_script_progression --message="Change of URL completed for $app" --last +ynh_script_progression "Change of URL completed for $app" diff --git a/scripts/install b/scripts/install index 2d333f2..d818b26 100644 --- a/scripts/install +++ b/scripts/install @@ -1,34 +1,27 @@ #!/bin/bash -#================================================= -# GENERIC START -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - source _common.sh source /usr/share/yunohost/helpers #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= -ynh_script_progression --message="Setting up source files..." --weight=7 +ynh_script_progression "Setting up source files..." # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$install_dir" # Delete the install directory. -ynh_secure_remove --file="$install_dir/install" - -chmod -R o-rwx "$install_dir" -chown -R "$app:www-data" "$install_dir" +ynh_safe_rm "$install_dir/install" +#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod -R o-rwx "$install_dir" +#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R "$app:www-data" "$install_dir" #================================================= # SPECIFIC SETUP #================================================= # FILL THE DATABASE #================================================= -ynh_script_progression --message="Filling the database..." +ynh_script_progression "Filling the database..." version=$(ynh_app_upstream_version) bcrypt_mdp=$(python3 -c 'import bcrypt, sys; print(bcrypt.hashpw(sys.stdin.read().strip().encode(), bcrypt.gensalt(rounds=10)).decode())' <<< "$password") @@ -46,53 +39,55 @@ else roles=users fi -ynh_add_config --template="../conf/populate.sql" --destination="$install_dir/populate.sql" +ynh_config_add --template="populate.sql" --destination="$install_dir/populate.sql" # Enregistre les infos dans la config YunoHost -ynh_app_setting_set --app="$app" --key=langue --value=$langue +ynh_app_setting_set --key=langue --value=$langue # Import du fichier SQL -ynh_mysql_connect_as "$db_name" "$db_pwd" "$db_name" < "$install_dir/populate.sql" -ynh_secure_remove --file="$install_dir/populate.sql" +ynh_mysql_db_shell < "$install_dir/populate.sql" +ynh_safe_rm "$install_dir/populate.sql" #================================================= # ADD A CONFIGURATION #================================================= -ynh_script_progression --message="Adding a configuration file..." +ynh_script_progression "Adding $app's configuration..." -ynh_add_config --template="settings.php" --destination="$install_dir/includes/config/settings.php" +ynh_config_add --template="settings.php" --destination="$install_dir/includes/config/settings.php" #================================================= # CREATE TP.CONFIG.PHP FILE #================================================= -ynh_script_progression --message="Creating tp.config.php file..." +ynh_script_progression "Creating tp.config.php file..." cp "$YNH_APP_BASEDIR/conf/maketpconfig.php" "$install_dir/" pushd $install_dir - ynh_exec_as "$app" "php$phpversion" maketpconfig.php + ynh_exec_as_app "php$php_version" maketpconfig.php popd -ynh_secure_remove "$install_dir/maketpconfig.php" +ynh_safe_rm "$install_dir/maketpconfig.php" #================================================= # CREATE A SALTKEY #================================================= -ynh_script_progression --message="Creating a saltkey..." +ynh_script_progression "Creating a saltkey..." saltkey=$(ynh_string_random --length=32) mkdir /etc/$app/ -ynh_add_config --template="sk.php" --destination="/etc/$app/sk.php" +ynh_config_add --template="sk.php" --destination="/etc/$app/sk.php" chown -R $app /etc/$app/ chmod 750 /etc/$app/ #================================================= # CREATE CSRFP #================================================= -ynh_script_progression --message="Creating a csrfp..." +ynh_script_progression "Creating a csrfp..." cp $install_dir/includes/libraries/csrfp/libs/csrfp.config.sample.php $install_dir/includes/libraries/csrfp/libs/csrfp.config.php # Créer le fichier de config de csrfp -ynh_replace_string "CSRFP_TOKEN\" => \"" "&$(head -n40 /dev/urandom | tr -c -d 'a-f0-9' | head -c50)" $install_dir/includes/libraries/csrfp/libs/csrfp.config.php # Renseigne un token, valide en hexadécimal -ynh_replace_string "jsUrl\" => \"" "&includes/libraries/csrfp/js/csrfprotector.js" $install_dir/includes/libraries/csrfp/libs/csrfp.config.php # Renseigne l'adresse de csrfprotector.js +# FIXMEhelpers2.1: ynh_replace used with positional args. Please add the keywords: --match=, --replace=, --file= +ynh_replace "CSRFP_TOKEN\" => \"" "&$(head -n40 /dev/urandom | tr -c -d 'a-f0-9' | head -c50)" $install_dir/includes/libraries/csrfp/libs/csrfp.config.php # Renseigne un token, valide en hexadécimal +# FIXMEhelpers2.1: ynh_replace used with positional args. Please add the keywords: --match=, --replace=, --file= +ynh_replace "jsUrl\" => \"" "&includes/libraries/csrfp/js/csrfprotector.js" $install_dir/includes/libraries/csrfp/libs/csrfp.config.php # Renseigne l'adresse de csrfprotector.js #================================================= # CREATE THE USERS @@ -110,10 +105,10 @@ ynh_replace_string "jsUrl\" => \"" "&includes/libraries/csrfp/js/csrfprotector.j # password=$(php $install_dir/mdphash.php $real_password) # mail=$(ldapsearch -h localhost -b ou=users,dc=yunohost,dc=org -x uid=$teampassuser mail | grep mail: | sed 's/mail: //' | head -n1) # Creation de l'utilisateur -# ynh_mysql_execute_as_root "INSERT INTO teampass_users (id, login, pw, groupes_visibles, derniers, key_tempo, last_pw_change, last_pw, admin, fonction_id, groupes_interdits, last_connexion, gestionnaire, email, favourites, latest_items, personal_folder, can_create_root_folder) VALUES (NULL, '$teampassuser', '$password', '1', '', '', '', '', '0', '1', '', '', '0', '$mail', '', '', '1', '1');" $app +# ynh_mysql_db_shell <<< "INSERT INTO teampass_users (id, login, pw, groupes_visibles, derniers, key_tempo, last_pw_change, last_pw, admin, fonction_id, groupes_interdits, last_connexion, gestionnaire, email, favourites, latest_items, personal_folder, can_create_root_folder) VALUES (NULL, '$teampassuser', '$password', '1', '', '', '', '', '0', '1', '', '', '0', '$mail', '', '', '1', '1');" $app # Creation du repertoire personnel -# id_user=$(ynh_mysql_execute_as_root "SELECT id from teampass_users where login='$teampassuser';" $app) -# ynh_mysql_execute_as_root "INSERT INTO teampass_nested_tree (id, parent_id, title, nleft, nright, nlevel, bloquer_creation, bloquer_modification, personal_folder, renewal_period) VALUES (NULL, 0, '$id_user', 0, 0, 1, 0, 0, 1, 0);" $app +# id_user=$(ynh_mysql_db_shell <<< "SELECT id from teampass_users where login='$teampassuser';" $app) +# ynh_mysql_db_shell <<< "INSERT INTO teampass_nested_tree (id, parent_id, title, nleft, nright, nlevel, bloquer_creation, bloquer_modification, personal_folder, renewal_period) VALUES (NULL, 0, '$id_user', 0, 0, 1, 0, 0, 1, 0);" $app # # ((id++)) # done @@ -121,23 +116,22 @@ ynh_replace_string "jsUrl\" => \"" "&includes/libraries/csrfp/js/csrfprotector.j #================================================= # SYSTEM CONFIGURATION #================================================= -ynh_script_progression --message="Adding system configurations related to $app..." --weight=1 +ynh_script_progression "Adding system configurations related to $app..." -ynh_add_fpm_config +ynh_config_add_phpfpm -ynh_add_nginx_config +ynh_config_add_nginx -ynh_add_config --template="cron" --destination="/etc/cron.d/$app" +ynh_config_add --template="cron" --destination="/etc/cron.d/$app" #================================================= # SECURING FILES AND DIRECTORIES #================================================= # Les fichiers appartiennent à root -chmod 750 "$install_dir" -chmod -R o-rwx "$install_dir" -chown -R "$app:www-data" "$install_dir" - +#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 750 "$install_dir" +#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod -R o-rwx "$install_dir" +#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R "$app:www-data" "$install_dir" # Sauf certains dossiers includes, files et upload chown -R "$app" "$install_dir"/{includes,files,upload} # Restreint l'accès au dossier de backup @@ -148,4 +142,4 @@ chmod 750 "$install_dir/backups" # END OF SCRIPT #================================================= -ynh_script_progression --message="Installation of $app completed" --last +ynh_script_progression "Installation of $app completed" diff --git a/scripts/remove b/scripts/remove index ac9d0f0..86b555a 100644 --- a/scripts/remove +++ b/scripts/remove @@ -1,30 +1,24 @@ #!/bin/bash -#================================================= -# GENERIC START -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - source _common.sh source /usr/share/yunohost/helpers #================================================= # REMOVE SYSTEM CONFIGURATIONS #================================================= -ynh_script_progression --message="Removing system configurations related to $app..." --weight=1 +ynh_script_progression "Removing system configurations related to $app..." # Remove the dedicated NGINX config -ynh_remove_nginx_config +ynh_config_remove_nginx # Remove the dedicated PHP-FPM config -ynh_remove_fpm_config +ynh_config_remove_phpfpm # Remove a directory securely -ynh_secure_remove --file="/etc/$app" +ynh_safe_rm "/etc/$app" #================================================= # END OF SCRIPT #================================================= -ynh_script_progression --message="Removal of $app completed" --last +ynh_script_progression "Removal of $app completed" diff --git a/scripts/restore b/scripts/restore index ae78062..c9fb002 100644 --- a/scripts/restore +++ b/scripts/restore @@ -1,11 +1,5 @@ #!/bin/bash -#================================================= -# GENERIC START -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - # Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers @@ -13,54 +7,51 @@ source /usr/share/yunohost/helpers #================================================= # RESTORE THE APP MAIN DIR #================================================= -ynh_script_progression --message="Restoring the app main directory..." --weight=1 +ynh_script_progression "Restoring the app main directory..." -ynh_restore_file --origin_path="$install_dir" - -chmod 750 "$install_dir" -chmod -R o-rwx "$install_dir" -chown -R "$app:www-data" "$install_dir" +ynh_restore "$install_dir" +#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 750 "$install_dir" +#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod -R o-rwx "$install_dir" +#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R "$app:www-data" "$install_dir" # Sauf les dossiers includes, files et upload chown -R "$app" "$install_dir"/{includes,files,upload} #================================================= # RESTORE THE MYSQL DATABASE #================================================= -ynh_script_progression --message="Restoring the MySQL database..." --weight=1 +ynh_script_progression "Restoring the MySQL database..." -ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql +ynh_mysql_db_shell < ./db.sql #================================================= # RESTORE SYSTEM CONFIGURATIONS #================================================= -ynh_script_progression --message="Restoring system configurations related to $app..." --weight=1 +ynh_script_progression "Restoring system configurations related to $app..." -ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" +ynh_restore "/etc/php/$php_version/fpm/pool.d/$app.conf" -ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" +ynh_restore "/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= # RESTORE VARIOUS FILES #================================================= -ynh_restore_file --origin_path="/etc/cron.d/$app" +ynh_restore "/etc/cron.d/$app" -ynh_restore_file --origin_path="/etc/$app/sk.php" +ynh_restore "/etc/$app/sk.php" chown -R "$app" "/etc/$app/sk.php" -#================================================= -# GENERIC FINALIZATION #================================================= # RELOAD NGINX AND PHP-FPM #================================================= -ynh_script_progression --message="Reloading NGINX web server and PHP-FPM..." --weight=1 +ynh_script_progression "Reloading NGINX web server and PHP-FPM..." -ynh_systemd_action --service_name="php$phpversion-fpm" --action=reload -ynh_systemd_action --service_name=nginx --action=reload +ynh_systemctl --service="php$php_version-fpm" --action=reload +ynh_systemctl --service=nginx --action=reload #================================================= # END OF SCRIPT #================================================= -ynh_script_progression --message="Restoration completed for $app" --last +ynh_script_progression "Restoration completed for $app" diff --git a/scripts/upgrade b/scripts/upgrade index 80ec9b6..1d46d3b 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -1,40 +1,29 @@ #!/bin/bash -#================================================= -# GENERIC START -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - source _common.sh source /usr/share/yunohost/helpers -#================================================= -# STANDARD UPGRADE STEPS #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= -# ynh_script_progression --message="Ensuring downward compatibility..." +# ynh_script_progression "Ensuring downward compatibility..." #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= -ynh_script_progression --message="Upgrading source files..." +ynh_script_progression "Upgrading source files..." # Download, check integrity, uncompress and patch the source from app.src -ynh_setup_source --dest_dir="$install_dir" --full_replace=1 --keep="includes/config/settings.php includes/libraries/csrfp/libs/csrfp.config.php files upload backups" +ynh_setup_source --dest_dir="$install_dir" --full_replace --keep="includes/config/settings.php includes/libraries/csrfp/libs/csrfp.config.php files upload backups" # Do not delete the install directory. Keep it for the manual upgrade process... -# ynh_secure_remove "$install_dir/install" +# ynh_safe_rm "$install_dir/install" -chmod -R o-rwx "$install_dir" -chown -R "$app:www-data" "$install_dir" - -#================================================= -# SPECIFIC UPGRADE +#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod -R o-rwx "$install_dir" +#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R "$app:www-data" "$install_dir" #================================================= # UPDATE TP.CONFIG.PHP FILE #================================================= -ynh_script_progression --message="Updating tp.config.php file..." +ynh_script_progression "Updating tp.config.php file..." # The file tp.config.php is a dump of the admin part of the database. tp_config_file="$install_dir/includes/config/tp.config.php" @@ -47,15 +36,15 @@ while read settings do echo -n " '$(echo $settings | awk '{ print $1 }')'" >> $tp_config_file echo " => '$(echo $settings | cut -d' ' -f2-)'," >> $tp_config_file -done <<< "$(ynh_mysql_execute_as_root "SELECT intitule, valeur FROM teampass_misc" $app)" +done <<< "$(ynh_mysql_db_shell <<< "SELECT intitule, valeur FROM teampass_misc" $app)" echo ");" >> $tp_config_file #================================================= # UPDATE A CONFIG FILE #================================================= -ynh_script_progression --message="Updating a configuration file..." +ynh_script_progression "Updating configuration..." -ynh_add_config --template="settings.php" --destination="$install_dir/includes/config/settings.php" +ynh_config_add --template="settings.php" --destination="$install_dir/includes/config/settings.php" # Move settings.php from old teampass version if [ ! -e "$install_dir/includes/config/settings.php" ]; then @@ -65,29 +54,30 @@ fi # Create csrfp.config.php if [ ! -e "$install_dir/includes/libraries/csrfp/libs/csrfp.config.php" ]; then cp $install_dir/includes/libraries/csrfp/libs/csrfp.config.sample.php $install_dir/includes/libraries/csrfp/libs/csrfp.config.php # Créer le fichier de config de csrfp - ynh_replace_string "CSRFP_TOKEN\" => \"" "&$(head -n40 /dev/urandom | tr -c -d 'a-f0-9' | head -c50)" $install_dir/includes/libraries/csrfp/libs/csrfp.config.php # Renseigne un token, valide en hexadécimal - ynh_replace_string "jsUrl\" => \"" "&includes/libraries/csrfp/js/csrfprotector.js" $install_dir/includes/libraries/csrfp/libs/csrfp.config.php # Renseigne l'adresse de csrfprotector.js + # FIXMEhelpers2.1: ynh_replace used with positional args. Please add the keywords: --match=, --replace=, --file= +ynh_replace "CSRFP_TOKEN\" => \"" "&$(head -n40 /dev/urandom | tr -c -d 'a-f0-9' | head -c50)" $install_dir/includes/libraries/csrfp/libs/csrfp.config.php # Renseigne un token, valide en hexadécimal + # FIXMEhelpers2.1: ynh_replace used with positional args. Please add the keywords: --match=, --replace=, --file= +ynh_replace "jsUrl\" => \"" "&includes/libraries/csrfp/js/csrfprotector.js" $install_dir/includes/libraries/csrfp/libs/csrfp.config.php # Renseigne l'adresse de csrfprotector.js fi # Run database upgrades # Upgrade to 2.1.23.4 -#ynh_mysql_execute_as_root "ALTER TABLE teampass_misc ADD id INT(12) NOT NULL AUTO_INCREMENT FIRST, ADD PRIMARY KEY (id);" $app >&2 +#ynh_mysql_db_shell <<< "ALTER TABLE teampass_misc ADD id INT(12) NOT NULL AUTO_INCREMENT FIRST, ADD PRIMARY KEY (id);" $app >&2 # Upgrade to 2.1.24.4 -#ynh_mysql_execute_as_root "ALTER TABLE teampass_items CHANGE pw_len pw_len INT(5) NOT NULL DEFAULT '0';" $app >&2 +#ynh_mysql_db_shell <<< "ALTER TABLE teampass_items CHANGE pw_len pw_len INT(5) NOT NULL DEFAULT '0';" $app >&2 # Upgrade to 2.1.25.2 -#ynh_mysql_execute_as_root "INSERT INTO teampass_misc (id, type, intitule, valeur) VALUES (NULL, 'admin', 'encryption_protocol', 'ctr');" $app >&2 +#ynh_mysql_db_shell <<< "INSERT INTO teampass_misc (id, type, intitule, valeur) VALUES (NULL, 'admin', 'encryption_protocol', 'ctr');" $app >&2 # Upgrade to 2.1.27.x -#ynh_mysql_execute_as_root "ALTER TABLE teampass_misc CHANGE id increment_id INT(12) NOT NULL AUTO_INCREMENT;" $app >&2 +#ynh_mysql_db_shell <<< "ALTER TABLE teampass_misc CHANGE id increment_id INT(12) NOT NULL AUTO_INCREMENT;" $app >&2 #================================================= # SECURING FILES AND DIRECTORIES #================================================= # Les fichiers appartiennent à root -chmod 750 "$install_dir" -chmod -R o-rwx "$install_dir" -chown -R $app:www-data "$install_dir" - +#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 750 "$install_dir" +#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod -R o-rwx "$install_dir" +#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R $app:www-data "$install_dir" # Sauf certains dossiers includes, install, files et upload chown -R $app $install_dir/{includes,files,upload} if [ -d "$install_dir/install" ]; then @@ -101,16 +91,16 @@ chmod 750 $install_dir/backups #================================================= # PHP-FPM CONFIGURATION #================================================= -ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=1 +ynh_script_progression "Upgrading PHP-FPM configuration..." -ynh_add_fpm_config +ynh_config_add_phpfpm -ynh_add_nginx_config +ynh_config_add_nginx -ynh_add_config --template="cron" --destination="/etc/cron.d/$app" +ynh_config_add --template="cron" --destination="/etc/cron.d/$app" #================================================= # END OF SCRIPT #================================================= -ynh_script_progression --message="Upgrade of $app completed" --last +ynh_script_progression "Upgrade of $app completed"