From a8f3fee37fca0af04434fc91608f69f4f1906db9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?F=C3=A9lix=20Pi=C3=A9dallu?= Date: Tue, 30 Jan 2024 10:51:10 +0100 Subject: [PATCH] Tentative of cleanup --- conf/cron | 1 + scripts/backup | 8 +---- scripts/install | 55 +++++++++++++---------------- scripts/remove | 16 ++------- scripts/restore | 32 +++++++---------- scripts/upgrade | 94 +++++++++++++++++++------------------------------ 6 files changed, 79 insertions(+), 127 deletions(-) create mode 100644 conf/cron diff --git a/conf/cron b/conf/cron new file mode 100644 index 0000000..2ff4082 --- /dev/null +++ b/conf/cron @@ -0,0 +1 @@ +0 0 * * 0 __APP__ cd __INSTALL_DIR__/backups && php__PHPVERSION__ script.backup.php diff --git a/scripts/backup b/scripts/backup index 4b96b92..a15f063 100644 --- a/scripts/backup +++ b/scripts/backup @@ -22,19 +22,13 @@ ynh_print_info --message="Declaring files to be backed up..." ynh_backup --src_path="$install_dir" #================================================= -# BACKUP THE NGINX CONFIGURATION +# SYSTEM CONFIGURATION #================================================= ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" -#================================================= -# BACKUP THE PHP-FPM CONFIGURATION -#================================================= - ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" -#================================================= -# SPECIFIC BACKUP #================================================= # BACKUP VARIOUS FILES #================================================= diff --git a/scripts/install b/scripts/install index 2d4f205..2d333f2 100644 --- a/scripts/install +++ b/scripts/install @@ -21,16 +21,7 @@ ynh_setup_source --dest_dir="$install_dir" ynh_secure_remove --file="$install_dir/install" chmod -R o-rwx "$install_dir" -chown -R $app:www-data "$install_dir" - -#================================================= -# PHP-FPM CONFIGURATION -#================================================= -ynh_script_progression --message="Configuring PHP-FPM..." --weight=2 - -ynh_add_fpm_config - -ynh_add_nginx_config +chown -R "$app:www-data" "$install_dir" #================================================= # SPECIFIC SETUP @@ -45,24 +36,23 @@ timezone="$(cat /etc/timezone)" time="$(date +%s)" # Remplacement des variables dans le fichier sql -if [ $(echo $LANG | cut -c1-2) == "fr" ] -then - langue=french - folders="partagés" - roles=utilisateurs +if [ "$(echo $LANG | cut -c1-2)" == "fr" ]; then + langue=french + folders="partagés" + roles=utilisateurs else - langue=english - folders=shared - roles=users + langue=english + folders=shared + roles=users fi ynh_add_config --template="../conf/populate.sql" --destination="$install_dir/populate.sql" # Enregistre les infos dans la config YunoHost -ynh_app_setting_set --app=$app --key=langue --value=$langue +ynh_app_setting_set --app="$app" --key=langue --value=$langue # Import du fichier SQL -ynh_mysql_connect_as $db_name $db_pwd $db_name < $install_dir/populate.sql +ynh_mysql_connect_as "$db_name" "$db_pwd" "$db_name" < "$install_dir/populate.sql" ynh_secure_remove --file="$install_dir/populate.sql" #================================================= @@ -77,11 +67,12 @@ ynh_add_config --template="settings.php" --destination="$install_dir/includes/co #================================================= ynh_script_progression --message="Creating tp.config.php file..." -cp $YNH_APP_BASEDIR/conf/maketpconfig.php $install_dir/ +cp "$YNH_APP_BASEDIR/conf/maketpconfig.php" "$install_dir/" + pushd $install_dir - ynh_exec_as $app php$phpversion maketpconfig.php + ynh_exec_as "$app" "php$phpversion" maketpconfig.php popd -ynh_secure_remove $install_dir/maketpconfig.php +ynh_secure_remove "$install_dir/maketpconfig.php" #================================================= # CREATE A SALTKEY @@ -128,11 +119,15 @@ ynh_replace_string "jsUrl\" => \"" "&includes/libraries/csrfp/js/csrfprotector.j # done #================================================= -# CREATE A CRON FILE FOR AN AUTOMATIC BACKUP +# SYSTEM CONFIGURATION #================================================= -ynh_script_progression --message="Creating a cron file for an automatic backup..." +ynh_script_progression --message="Adding system configurations related to $app..." --weight=1 -echo "0 0 * * 0 $app cd $install_dir/backups && php script.backup.php" > /etc/cron.d/$app +ynh_add_fpm_config + +ynh_add_nginx_config + +ynh_add_config --template="cron" --destination="/etc/cron.d/$app" #================================================= # SECURING FILES AND DIRECTORIES @@ -141,13 +136,13 @@ echo "0 0 * * 0 $app cd $install_dir/backups && php script.backup.php" > /etc/cr # Les fichiers appartiennent à root chmod 750 "$install_dir" chmod -R o-rwx "$install_dir" -chown -R $app:www-data "$install_dir" +chown -R "$app:www-data" "$install_dir" # Sauf certains dossiers includes, files et upload -chown -R $app $install_dir/{includes,files,upload} +chown -R "$app" "$install_dir"/{includes,files,upload} # Restreint l'accès au dossier de backup -mkdir -p $install_dir/backups -chmod 750 $install_dir/backups +mkdir -p "$install_dir/backups" +chmod 750 "$install_dir/backups" #================================================= # END OF SCRIPT diff --git a/scripts/remove b/scripts/remove index b7f039b..ac9d0f0 100644 --- a/scripts/remove +++ b/scripts/remove @@ -10,28 +10,16 @@ source _common.sh source /usr/share/yunohost/helpers #================================================= -# REMOVE NGINX CONFIGURATION +# REMOVE SYSTEM CONFIGURATIONS #================================================= -ynh_script_progression --message="Removing NGINX web server configuration..." --weight=1 +ynh_script_progression --message="Removing system configurations related to $app..." --weight=1 # Remove the dedicated NGINX config ynh_remove_nginx_config -#================================================= -# REMOVE PHP-FPM CONFIGURATION -#================================================= -ynh_script_progression --message="Removing PHP-FPM configuration..." --weight=1 - # Remove the dedicated PHP-FPM config ynh_remove_fpm_config -#================================================= -# SPECIFIC REMOVE -#================================================= -# REMOVE VARIOUS FILES -#================================================= -ynh_script_progression --message="Removing various files..." - # Remove a directory securely ynh_secure_remove --file="/etc/$app" diff --git a/scripts/restore b/scripts/restore index affc199..ae78062 100644 --- a/scripts/restore +++ b/scripts/restore @@ -19,24 +19,10 @@ ynh_restore_file --origin_path="$install_dir" chmod 750 "$install_dir" chmod -R o-rwx "$install_dir" -chown -R $app:www-data "$install_dir" +chown -R "$app:www-data" "$install_dir" # Sauf les dossiers includes, files et upload -chown -R $app $install_dir/{includes,files,upload} - -#================================================= -# RESTORE THE PHP-FPM CONFIGURATION -#================================================= -ynh_script_progression --message="Restoring the PHP-FPM configuration..." - -ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" - -#================================================= -# RESTORE THE NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Restoring the NGINX web server configuration..." --weight=1 - -ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" +chown -R "$app" "$install_dir"/{includes,files,upload} #================================================= # RESTORE THE MYSQL DATABASE @@ -45,15 +31,23 @@ ynh_script_progression --message="Restoring the MySQL database..." --weight=1 ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql +#================================================= +# RESTORE SYSTEM CONFIGURATIONS +#================================================= +ynh_script_progression --message="Restoring system configurations related to $app..." --weight=1 + +ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" + +ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" + #================================================= # RESTORE VARIOUS FILES #================================================= -ynh_script_progression --message="Restoring various files..." ynh_restore_file --origin_path="/etc/cron.d/$app" ynh_restore_file --origin_path="/etc/$app/sk.php" -chown -R $app "/etc/$app/sk.php" +chown -R "$app" "/etc/$app/sk.php" #================================================= # GENERIC FINALIZATION @@ -62,7 +56,7 @@ chown -R $app "/etc/$app/sk.php" #================================================= ynh_script_progression --message="Reloading NGINX web server and PHP-FPM..." --weight=1 -ynh_systemd_action --service_name=php$phpversion-fpm --action=reload +ynh_systemd_action --service_name="php$phpversion-fpm" --action=reload ynh_systemd_action --service_name=nginx --action=reload #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index bcf2652..80ec9b6 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -9,44 +9,25 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# CHECK VERSION -#================================================= - -upgrade_type=$(ynh_check_app_version_changed) - #================================================= # STANDARD UPGRADE STEPS #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= -ynh_script_progression --message="Ensuring downward compatibility..." +# ynh_script_progression --message="Ensuring downward compatibility..." #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= +ynh_script_progression --message="Upgrading source files..." -if [ "$upgrade_type" == "UPGRADE_APP" ] -then - ynh_script_progression --message="Upgrading source files..." - - # Download, check integrity, uncompress and patch the source from app.src - ynh_setup_source --dest_dir="$install_dir" - # Do not delete the install directory. Keep it for the manual upgrade process... - # ynh_secure_remove "$install_dir/install" -fi +# Download, check integrity, uncompress and patch the source from app.src +ynh_setup_source --dest_dir="$install_dir" --full_replace=1 --keep="includes/config/settings.php includes/libraries/csrfp/libs/csrfp.config.php files upload backups" +# Do not delete the install directory. Keep it for the manual upgrade process... +# ynh_secure_remove "$install_dir/install" chmod -R o-rwx "$install_dir" -chown -R $app:www-data "$install_dir" - -#================================================= -# PHP-FPM CONFIGURATION -#================================================= -ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=1 - -ynh_add_fpm_config - -ynh_add_nginx_config +chown -R "$app:www-data" "$install_dir" #================================================= # SPECIFIC UPGRADE @@ -76,39 +57,27 @@ ynh_script_progression --message="Updating a configuration file..." ynh_add_config --template="settings.php" --destination="$install_dir/includes/config/settings.php" -if [ "$upgrade_type" == "UPGRADE_APP" ] -then - # Move settings.php from old teampass version - if [ ! -e "$install_dir/includes/config/settings.php" ] - then - mv "$install_dir/includes/settings.php" "$install_dir/includes/config/settings.php" - fi - - # Create csrfp.config.php - if [ ! -e "$install_dir/includes/libraries/csrfp/libs/csrfp.config.php" ] - then - cp $install_dir/includes/libraries/csrfp/libs/csrfp.config.sample.php $install_dir/includes/libraries/csrfp/libs/csrfp.config.php # Créer le fichier de config de csrfp - ynh_replace_string "CSRFP_TOKEN\" => \"" "&$(head -n40 /dev/urandom | tr -c -d 'a-f0-9' | head -c50)" $install_dir/includes/libraries/csrfp/libs/csrfp.config.php # Renseigne un token, valide en hexadécimal - ynh_replace_string "jsUrl\" => \"" "&includes/libraries/csrfp/js/csrfprotector.js" $install_dir/includes/libraries/csrfp/libs/csrfp.config.php # Renseigne l'adresse de csrfprotector.js - fi - - # Run database upgrades - # Upgrade to 2.1.23.4 - #ynh_mysql_execute_as_root "ALTER TABLE teampass_misc ADD id INT(12) NOT NULL AUTO_INCREMENT FIRST, ADD PRIMARY KEY (id);" $app >&2 - # Upgrade to 2.1.24.4 - #ynh_mysql_execute_as_root "ALTER TABLE teampass_items CHANGE pw_len pw_len INT(5) NOT NULL DEFAULT '0';" $app >&2 - # Upgrade to 2.1.25.2 - #ynh_mysql_execute_as_root "INSERT INTO teampass_misc (id, type, intitule, valeur) VALUES (NULL, 'admin', 'encryption_protocol', 'ctr');" $app >&2 - # Upgrade to 2.1.27.x - #ynh_mysql_execute_as_root "ALTER TABLE teampass_misc CHANGE id increment_id INT(12) NOT NULL AUTO_INCREMENT;" $app >&2 +# Move settings.php from old teampass version +if [ ! -e "$install_dir/includes/config/settings.php" ]; then + mv "$install_dir/includes/settings.php" "$install_dir/includes/config/settings.php" fi -#================================================= -# CREATE A CRON FILE FOR AN AUTOMATIC BACKUP -#================================================= -ynh_script_progression --message="Creating a cron file for an automatic backup..." +# Create csrfp.config.php +if [ ! -e "$install_dir/includes/libraries/csrfp/libs/csrfp.config.php" ]; then + cp $install_dir/includes/libraries/csrfp/libs/csrfp.config.sample.php $install_dir/includes/libraries/csrfp/libs/csrfp.config.php # Créer le fichier de config de csrfp + ynh_replace_string "CSRFP_TOKEN\" => \"" "&$(head -n40 /dev/urandom | tr -c -d 'a-f0-9' | head -c50)" $install_dir/includes/libraries/csrfp/libs/csrfp.config.php # Renseigne un token, valide en hexadécimal + ynh_replace_string "jsUrl\" => \"" "&includes/libraries/csrfp/js/csrfprotector.js" $install_dir/includes/libraries/csrfp/libs/csrfp.config.php # Renseigne l'adresse de csrfprotector.js +fi -echo "0 0 * * 0 $app cd $install_dir/backups && php script.backup.php" > /etc/cron.d/$app +# Run database upgrades +# Upgrade to 2.1.23.4 +#ynh_mysql_execute_as_root "ALTER TABLE teampass_misc ADD id INT(12) NOT NULL AUTO_INCREMENT FIRST, ADD PRIMARY KEY (id);" $app >&2 +# Upgrade to 2.1.24.4 +#ynh_mysql_execute_as_root "ALTER TABLE teampass_items CHANGE pw_len pw_len INT(5) NOT NULL DEFAULT '0';" $app >&2 +# Upgrade to 2.1.25.2 +#ynh_mysql_execute_as_root "INSERT INTO teampass_misc (id, type, intitule, valeur) VALUES (NULL, 'admin', 'encryption_protocol', 'ctr');" $app >&2 +# Upgrade to 2.1.27.x +#ynh_mysql_execute_as_root "ALTER TABLE teampass_misc CHANGE id increment_id INT(12) NOT NULL AUTO_INCREMENT;" $app >&2 #================================================= # SECURING FILES AND DIRECTORIES @@ -122,13 +91,24 @@ chown -R $app:www-data "$install_dir" # Sauf certains dossiers includes, install, files et upload chown -R $app $install_dir/{includes,files,upload} if [ -d "$install_dir/install" ]; then - chown -R $app "$install_dir/install" + chown -R $app "$install_dir/install" fi # Restreint l'accès au dossier de backup mkdir -p $install_dir/backups chmod 750 $install_dir/backups +#================================================= +# PHP-FPM CONFIGURATION +#================================================= +ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=1 + +ynh_add_fpm_config + +ynh_add_nginx_config + +ynh_add_config --template="cron" --destination="/etc/cron.d/$app" + #================================================= # END OF SCRIPT #=================================================