From a3ef01d764258217416eb861bba684e23b7e530b Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Fri, 18 Dec 2015 14:11:35 +0100 Subject: [PATCH] =?UTF-8?q?Mise=20=C3=A0=20jour?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- manifest.json | 1 + scripts/backup | 19 ++++++-- scripts/install | 120 ++++++++++++++++++++++++++++++++---------------- scripts/remove | 33 +++++++------ scripts/restore | 18 ++++++-- scripts/upgrade | 53 +++++++++++++++------ 6 files changed, 168 insertions(+), 76 deletions(-) diff --git a/manifest.json b/manifest.json index 7c0f20b..3cde640 100644 --- a/manifest.json +++ b/manifest.json @@ -7,6 +7,7 @@ }, "version": "2.1.24.4", "url": "http://www.teampass.net", + "licence": "free", "maintainer": { "name": "Ackak, Maniack Crudelis et matlink", "email": "ackak_ynh@ackak.net maniackc_dev@crudelis.fr matlink@matlink.fr" diff --git a/scripts/backup b/scripts/backup index 804ad82..b8469b0 100644 --- a/scripts/backup +++ b/scripts/backup @@ -1,15 +1,26 @@ #!/bin/bash -app=teampass + +# Récupère les infos de l'application. +app=app_name +final_path=$(sudo yunohost app setting $app final_path) +domain=$(sudo yunohost app setting $app domain) + # The parameter $1 is the backup directory location # which will be compressed afterward backup_dir=$1/apps/$app -mkdir -p $backup_dir +sudo mkdir -p "$backup_dir" # Backup sources & data -sudo cp -a /var/www/$app/. $backup_dir/sources +sudo cp -a $final_path/. $backup_dir/sources # Copy Nginx and YunoHost parameters to make the script "standalone" sudo cp -a /etc/yunohost/apps/$app/. $backup_dir/yunohost -domain=$(sudo yunohost app setting $app domain) sudo cp -a /etc/nginx/conf.d/$domain.d/$app.conf $backup_dir/nginx.conf + +# Copy dedicated php-fpm process to backup folder +sudo cp -a /etc/php5/fpm/pool.d/$app.conf $backup_dir/php-fpm.conf +sudo cp -a /etc/php5/fpm/conf.d/20-$app.ini $backup_dir/php-fpm.ini + +# Copie du fichier sk.php +sudo cp -a /etc/teampass/sk.php $backup_dir/sk.php diff --git a/scripts/install b/scripts/install index 208625b..0a4247d 100644 --- a/scripts/install +++ b/scripts/install @@ -1,44 +1,72 @@ #!/bin/bash -app=teampass -# Retrieve arguments +# Renseigne les variables à partir des arguments. domain=$1 path=$2 password_admin=$3 +app=teampass -# Check domain/path availability + +# Vérifie la présence du / en début de path +if [ $(echo $path | cut -c1) != "/" ]; then + path="/$path" +fi + +# Vérifie la disponibilité du path et du domaine. sudo yunohost app checkurl $domain$path -a $app - if [[ ! $? -eq 0 ]]; then exit 1 fi -# Generate random password -db_pwd=$(dd if=/dev/urandom bs=1 count=200 2> /dev/null | tr -c -d '[A-Za-z0-9]' | sed -n 's/\(.\{24\}\).*/\1/p') +# Vérifie que le mot de passe n'est pas vide. +if [[ -z $password_admin ]]; then + echo "Mot de passe incorrect" + exit 1 +fi -# Use 'teampass' as database name and user +# Vérifie que le dossier de destination n'est pas déjà utilisé. +final_path=/var/www/$app +if [ -e "$final_path" ] +then + echo "This path already contains a folder" + exit 1 +fi + + +# Enregistre les infos dans la config YunoHost +sudo yunohost app setting $app domain -v $domain +sudo yunohost app setting $app path -v $path + + +# Génère un mot de passe aléatoire. +db_pwd=$(dd if=/dev/urandom bs=1 count=200 2> /dev/null | tr -c -d 'A-Za-z0-9' | sed -n 's/\(.\{24\}\).*/\1/p') +# Utilise '$app' comme nom d'utilisateur et de base de donnée db_user=$app - -# Initialize database and store mysql password for upgrade +# Initialise la base de donnée et stocke le mot de passe mysql. sudo yunohost app initdb $db_user -p $db_pwd sudo yunohost app setting $app mysqlpwd -v $db_pwd -# Installation php5-mysqlnd -sudo apt-get update -sudo apt-get -y install php5-cli -# Le paquetage php5-mysqlnd est demandé lors de l'installation de teampass, mais qui semble être non utilisé -#sudo apt-get -y install php5-mysqlnd -# Copy source files -final_path=/var/www/$app -sudo mkdir -p $final_path -tar -xf ../sources/teampass.tar.gz -sudo cp -a teampass/.* $final_path -sudo cp -a ../sources/ajouts/.* $final_path -sudo cp ../conf/mdphash.php $final_path -sudo chown -R www-data: $final_path +# Crée le repertoire de destination et stocke son emplacement. +sudo mkdir "$final_path" +sudo yunohost app setting $app final_path -v $final_path -# Modify php-fpm pool configuration and copy it to php-fpm pool directory for teampass +# Décompresse la source +tar -x -f ../sources/teampass.tar.gz +# Copie les fichiers sources +sudo cp -a teampass/. "$final_path" +# Copie les fichiers additionnels ou modifiés. +sudo cp -a ../sources/ajouts/. "$final_path" +# Et copie le fichier de config nginx +sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf + + +# Modifie les variables dans le fichier de configuration nginx +sudo sed -i "s@__PATHTOCHANGE__@$path@g" /etc/nginx/conf.d/$domain.d/$app.conf +sudo sed -i "s@__FINALPATH__@$final_path@g" /etc/nginx/conf.d/$domain.d/$app.conf +sudo sed -i "s@__NAMETOCHANGE__@$app@g" /etc/nginx/conf.d/$domain.d/$app.conf + +# Créer le fichier de configuration du pool php-fpm et le configure. sed -i "s@__NAMETOCHANGE__@$app@g" ../conf/php-fpm.conf sed -i "s@__FINALPATH__@$final_path@g" ../conf/php-fpm.conf finalphpconf=/etc/php5/fpm/pool.d/$app.conf @@ -49,6 +77,14 @@ sudo cp ../conf/php-fpm.ini $finalphpini sudo chown root: $finalphpini sudo service php5-fpm reload + +# Installation php5-mysqlnd +sudo apt-get update +sudo apt-get -y install php5-cli + +# Copie du script contenant la fonction bCrypt +sudo cp ../conf/mdphash.php $final_path + # Remplacement des variables dans le fichier sql if [ $(echo $LANG | cut -c1-2) == "fr" ] then @@ -70,10 +106,7 @@ sed -i "s@__TIMEZONE__@$(cat /etc/timezone)@g" ../conf/populate.sql sed -i "s@__BCRYPT_MDP__@$(php ../conf/mdphash.php $password_admin)@g" ../conf/populate.sql sed -i "s@__LANG__@$langue@g" ../conf/populate.sql -# Add settings to YunoHost -sudo yunohost app setting $app domain -v $domain -sudo yunohost app setting $app path -v $path -sudo yunohost app setting $app final_path -v $final_path +# Enregistre les infos dans la config YunoHost sudo yunohost app setting $app langue -v $langue # Import du fichier SQL @@ -96,21 +129,10 @@ sudo chown -R www-data:www-data $path_sk_file sudo chmod 770 $path_sk_file sudo cp ../conf/settings.php $final_path/includes/settings.php -sudo chown www-data: -R $final_path -sudo chmod 770 -R $final_path -sudo find $final_path -type f -print0 | xargs -0 sudo chmod 740 # Applique les permissions sur les fichiers seulement (rwxr-----) -sudo chmod 770 -R $final_path/files $final_path/upload -sudo chmod a+x $final_path/CsvToXml_For_Teampass.sh # Delete the install directory. Si cette méthode d'install est validée, le dossier install devrait être retiré de l'archive initiale. sudo rm -r $final_path/install -# Modify Nginx configuration file and copy it to Nginx conf directory -sed -i "s@__PATHTOCHANGE__@$path@g" ../conf/nginx.conf -sed -i "s@__WWWPATH__@$final_path@g" ../conf/nginx.conf -sed -i "s@__NAMETOCHANGE__@$app@g" ../conf/nginx.conf - -sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf # Ajout des utilisateurs actuels dans la base yunohost teampass_users=$(ldapsearch -h localhost -b ou=users,dc=yunohost,dc=org -x objectClass=mailAccount uid | grep uid: | sed 's/uid: //' | xargs) @@ -128,6 +150,26 @@ do ((id++)) done -# Restart services + +# sudo chown www-data: -R $final_path +# sudo chmod 770 -R $final_path +# sudo find $final_path -type f -print0 | xargs -0 sudo chmod 740 # Applique les permissions sur les fichiers seulement (rwxr-----) +# sudo chmod 770 -R $final_path/files $final_path/upload +# sudo chmod a+x $final_path/CsvToXml_For_Teampass.sh + +# Configure les droits d'accès au fichiers +# -rw-r----- sur les fichiers +sudo find $final_path -type f -print0 | xargs -0 sudo chmod 640 +# drwxr-x--- sur les dossiers +sudo find $final_path -type d -print0 | xargs -0 sudo chmod 750 +# Les dossiers files et upload ont besoin d'un droit d'écriture. +sudo chmod 770 -R $final_path/files $final_path/upload +# Le script de conversion csv xml doit être exécutable, au moins par root. +sudo chmod 740 $final_path/CsvToXml_For_Teampass.sh +# Les fichiers appartiennent à root et sont lisibles par www-data +sudo chown -R root:www-data $final_path + +# Recharge la configuration Nginx sudo service nginx reload +# Régénère la configuration de SSOwat sudo yunohost app ssowatconf diff --git a/scripts/remove b/scripts/remove index e85a138..d741fd3 100644 --- a/scripts/remove +++ b/scripts/remove @@ -1,30 +1,33 @@ #!/bin/bash + app=teampass -# Retrieve arguments +# Récupère les infos de l'application. +root_pwd=$(sudo cat /etc/yunohost/mysql) domain=$(sudo yunohost app setting $app domain) -path=$(sudo yunohost app setting $app path) -# Remove sources +# Utilise '$app' comme nom d'utilisateur et de base de donnée +db_user=$app +mysql -u root -p$root_pwd -e "DROP DATABASE $db_user ; DROP USER $db_user@localhost ;" + +# Suppression du dossier de l'application sudo rm -rf /var/www/$app -# Remove configuration files -sudo rm -f /etc/nginx/conf.d/$domain.d/$app.conf - #Remove the sk.php sudo rm -rf /etc/teampass/ -# Suppression de la config php-fpm +# Suppression de la configuration nginx +sudo rm -f /etc/nginx/conf.d/$domain.d/$app.conf + +# Suppression des log +sudo rm -r /var/log/$app/ + +# Suppression de la configuration du pool php-fpm sudo rm -f /etc/php5/fpm/pool.d/$app.conf sudo rm -f /etc/php5/fpm/conf.d/20-$app.ini -db_user=$app -db_name=$app -root_pwd=$(sudo cat /etc/yunohost/mysql) -mysql -u root -p$root_pwd -e "DROP DATABASE $db_name ; DROP USER $db_user@localhost ;" - -# Restart services +# Recharge la configuration Nginx et php5-fpm sudo service nginx reload -sudo yunohost app ssowatconf sudo service php5-fpm reload - +# Régénère la configuration de SSOwat +sudo yunohost app ssowatconf diff --git a/scripts/restore b/scripts/restore index a1c69e0..55b7eae 100644 --- a/scripts/restore +++ b/scripts/restore @@ -1,16 +1,28 @@ #!/bin/bash -app=teampass + +# Récupère les infos de l'application. +app=app_name +final_path=$(sudo yunohost app setting $app final_path) +domain=$(sudo yunohost app setting $app domain) # The parameter $1 is the uncompressed restore directory location backup_dir=$1/apps/$app # Restore sources & data -sudo cp -a $backup_dir/sources/. /var/www/$app +sudo cp -a $backup_dir/sources/. $final_path # Restore Nginx and YunoHost parameters sudo cp -a $backup_dir/yunohost/. /etc/yunohost/apps/$app -domain=$(sudo yunohost app setting $app domain) sudo cp -a $backup_dir/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf +# Copy dedicated php-fpm process from backup folder to the right location +sudo cp -a $backup_dir/php-fpm.conf /etc/php5/fpm/pool.d/$app.conf +sudo cp -a $backup_dir/php-fpm.ini /etc/php5/fpm/conf.d/20-$app.ini +# And restart service +sudo service php5-fpm reload + +# Copie du fichier sk.php +sudo cp -a $backup_dir/sk.php /etc/teampass/sk.php + # Restart webserver sudo service nginx reload diff --git a/scripts/upgrade b/scripts/upgrade index ebf36e0..096b708 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -1,20 +1,30 @@ #!/bin/bash -app=teampass -# Retrieve arguments +# Récupère les infos de l'application. +app=teampass domain=$(sudo yunohost app setting $app domain) path=$(sudo yunohost app setting $app path) final_path=$(sudo yunohost app setting $app final_path) -# Remove trailing "/" for next commands -path=${path%/} -# Copy source files -sudo mkdir -p $final_path -sudo cp -a ../sources/* $final_path -sudo cp -a ../sources/ajouts/.* $final_path +# Décompresse la source +tar -x -f ../sources/teampass.tar.gz +# Copie les fichiers sources +sudo cp -a teampass/. "$final_path" +# Copie les fichiers additionnels ou modifiés. +sudo cp -a ../sources/ajouts/. "$final_path" +# Et copie le fichier de config nginx +sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf -# Modify php-fpm pool configuration and copy it to php-fpm pool directory for teampass +# Delete the install directory. +sudo rm -r $final_path/install + +# Modifie les variables dans le fichier de configuration nginx +sudo sed -i "s@__PATH__@$path@g" /etc/nginx/conf.d/$domain.d/$app.conf +sudo sed -i "s@NAMETOCHANGE@$app@g" /etc/nginx/conf.d/$domain.d/$app.conf +sudo sed -i "s@__PORT__@$port@g" /etc/nginx/conf.d/$domain.d/$app.conf + +# Créer le fichier de configuration du pool php-fpm et le configure. sed -i "s@__NAMETOCHANGE__@$app@g" ../conf/php-fpm.conf sed -i "s@__FINALPATH__@$final_path@g" ../conf/php-fpm.conf finalphpconf=/etc/php5/fpm/pool.d/$app.conf @@ -25,11 +35,24 @@ sudo cp ../conf/php-fpm.ini $finalphpini sudo chown root: $finalphpini sudo service php5-fpm reload -# Modify Nginx configuration file and copy it to Nginx conf directory -sed -i "s@YNH_WWW_PATH@$path@g" ../conf/nginx.conf -sed -i "s@YNH_WWW_ALIAS@$final_path/@g" ../conf/nginx.conf -sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf +# sudo chown www-data: -R $final_path +# sudo chmod 770 -R $final_path +# sudo find $final_path -type f -print0 | xargs -0 sudo chmod 740 # Applique les permissions sur les fichiers seulement (rwxr-----) +# sudo chmod 770 -R $final_path/files $final_path/upload +# sudo chmod a+x $final_path/CsvToXml_For_Teampass.sh -# Restart services +sudo find $final_path -type f -print0 | xargs -0 sudo chmod 640 +# drwxr-x--- sur les dossiers +sudo find $final_path -type d -print0 | xargs -0 sudo chmod 750 +# Les dossiers files et upload ont besoin d'un droit d'écriture. +sudo chmod 770 -R $final_path/files $final_path/upload +# Le script de conversion csv xml doit être exécutable, au moins par root. +sudo chmod 740 $final_path/CsvToXml_For_Teampass.sh +# Les fichiers appartiennent à root et sont lisibles par www-data +sudo chown -R root:www-data $final_path + + +# Recharge la configuration Nginx sudo service nginx reload -sudo yunohost app ssowatconf +# Régénère la configuration de SSOwat +sudo yunohost app ssowatconf \ No newline at end of file