YunoHost-Apps/teampass_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/teampass_ynh.git synced 2024-09-03 20:26:37 +02:00
Code Issues Activity Actions

Merge pull request #10 from YunoHost-Apps/upgrade

Browse source 
Apply example_ynh
This commit is contained in:
yalh76 2022-07-05 00:45:16 +02:00 committed by GitHub
commit d8ca931dd7
25 changed files with 305 additions and 1064 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

106
.github/workflows/updater.sh vendored Normal file
View file

@ -0,0 +1,106 @@
#!/bin/bash
#=================================================
# PACKAGE UPDATING HELPER
#=================================================
# This script is meant to be run by GitHub Actions
# The YunoHost-Apps organisation offers a template Action to run this script periodically
# Since each app is different, maintainers can adapt its contents so as to perform
# automatic actions when a new upstream release is detected.
#=================================================
# FETCHING LATEST RELEASE AND ITS ASSETS
#=================================================
# Fetching information
current_version=$(cat manifest.json | jq -j '.version|split("~")[0]')
repo=$(cat manifest.json | jq -j '.upstream.code|split("https://github.com/")[1]')
# Some jq magic is needed, because the latest upstream release is not always the latest version (e.g. security patches for older versions)
version=$(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '.[] | select( .prerelease != true ) | .tag_name' | sort -V | tail -1)
assets="https://github.com/nilsteampassnet/TeamPass/archive/refs/tags/$version.tar.gz"
# Later down the script, we assume the version has only digits and dots
# Sometimes the release name starts with a "v", so let's filter it out.
# You may need more tweaks here if the upstream repository has different naming conventions.
if [[ ${version:0:1} == "v" || ${version:0:1} == "V" ]]; then
version=${version:1}
fi
# Setting up the environment variables
echo "Current version: $current_version"
echo "Latest release from upstream: $version"
echo "VERSION=$version" >> $GITHUB_ENV
echo "REPO=$repo" >> $GITHUB_ENV
# For the time being, let's assume the script will fail
echo "PROCEED=false" >> $GITHUB_ENV
# Proceed only if the retrieved version is greater than the current one
if ! dpkg --compare-versions "$current_version" "lt" "$version" ; then
echo "::warning ::No new version available"
exit 0
# Proceed only if a PR for this new version does not already exist
elif git ls-remote -q --exit-code --heads https://github.com/$GITHUB_REPOSITORY.git ci-auto-update-v$version ; then
echo "::warning ::A branch already exists for this update"
exit 0
fi
#=================================================
# UPDATE SOURCE FILES
#=================================================
# Let's download source tarball
asset_url=$assets
echo "Handling asset at $asset_url"
src="app"
# Create the temporary directory
tempdir="$(mktemp -d)"
# Download sources and calculate checksum
filename=${asset_url##*/}
curl --silent -4 -L $asset_url -o "$tempdir/$filename"
checksum=$(sha256sum "$tempdir/$filename" | head -c 64)
# Delete temporary directory
rm -rf $tempdir
# Get extension
if [[ $filename == *.tar.gz ]]; then
extension=tar.gz
else
extension=${filename##*.}
fi
# Rewrite source file
cat <<EOT > conf/$src.src
SOURCE_URL=$asset_url
SOURCE_SUM=$checksum
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=$extension
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=
EOT
echo "... conf/$src.src updated"
#=================================================
# SPECIFIC UPDATE STEPS
#=================================================
# Any action on the app's source code can be done.
# The GitHub Action workflow takes care of committing all changes after this script ends.
#=================================================
# GENERIC FINALIZATION
#=================================================
# Replace new version in manifest
echo "$(jq -s --indent 4 ".[] | .version = \"$version~ynh1\"" manifest.json)" > manifest.json
# No need to update the README, yunohost-bot takes care of it
# The Action will proceed only if the PROCEED environment variable is set to true
echo "PROCEED=true" >> $GITHUB_ENV
exit 0

49
.github/workflows/updater.yml vendored Normal file
View file

@ -0,0 +1,49 @@
# This workflow allows GitHub Actions to automagically update your app whenever a new upstream release is detected.
# You need to enable Actions in your repository settings, and fetch this Action from the YunoHost-Apps organization.
# This file should be enough by itself, but feel free to tune it to your needs.
# It calls updater.sh, which is where you should put the app-specific update steps.
name: Check for new upstream releases
on:
# Allow to manually trigger the workflow
workflow_dispatch:
# Run it every day at 6:00 UTC
schedule:
- cron: '0 6 * * *'
jobs:
updater:
runs-on: ubuntu-latest
steps:
- name: Fetch the source code
uses: actions/checkout@v2
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Run the updater script
id: run_updater
run: |
# Setting up Git user
git config --global user.name 'yunohost-bot'
git config --global user.email 'yunohost-bot@users.noreply.github.com'
# Run the updater script
/bin/bash .github/workflows/updater.sh
- name: Commit changes
id: commit
if: ${{ env.PROCEED == 'true' }}
run: |
git commit -am "Upgrade to v$VERSION"
- name: Create Pull Request
id: cpr
if: ${{ env.PROCEED == 'true' }}
uses: peter-evans/create-pull-request@v3
with:
token: ${{ secrets.GITHUB_TOKEN }}
commit-message: Update to version ${{ env.VERSION }}
committer: 'yunohost-bot <yunohost-bot@users.noreply.github.com>'
author: 'yunohost-bot <yunohost-bot@users.noreply.github.com>'
signoff: false
base: testing
branch: ci-auto-update-v${{ env.VERSION }}
delete-branch: true
title: 'Upgrade to version ${{ env.VERSION }}'
body: |
Upgrade to v${{ env.VERSION }}
draft: false

24
README.md
View file

@ -5,7 +5,7 @@ It shall NOT be edited by hand.
# Teampass for YunoHost
[![Integration level](https://dash.yunohost.org/integration/teampass.svg)](https://dash.yunohost.org/appci/app/teampass) ![](https://ci-apps.yunohost.org/ci/badges/teampass.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/teampass.maintain.svg)
[![Integration level](https://dash.yunohost.org/integration/teampass.svg)](https://dash.yunohost.org/appci/app/teampass) ![Working status](https://ci-apps.yunohost.org/ci/badges/teampass.status.svg) ![Maintenance status](https://ci-apps.yunohost.org/ci/badges/teampass.maintain.svg)
[![Install Teampass with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=teampass)
*[Lire ce readme en français.](./README_fr.md)*
@ -19,13 +19,11 @@ TeamPass is a Passwords Manager dedicated for managing passwords in a collaborat
Teampass offers a large set of features permitting to manage your passwords and related data in an organized way in respect to the access rights defined for each users.
**Shipped version:** 2.1.27.15~ynh2
**Shipped version:** 2.1.27.15~ynh3
## Screenshots
![](./doc/screenshots/screenshot.png)
![Screenshot of Teampass](./doc/screenshots/screenshot.png)
## Disclaimers / important information
@ -33,23 +31,25 @@ Teampass offers a large set of features permitting to manage your passwords and
Use the admin panel of your teampass to configure this app.
To find the admin panel, use the login 'admin' and the password choose during the installation.
## Documentation and resources
* Official app website: http://www.teampass.net
* Official admin documentation: https://teampass.readthedocs.io/en/latest/
* Upstream app code repository: https://github.com/nilsteampassnet/TeamPass
* YunoHost documentation for this app: https://yunohost.org/app_teampass
* Report a bug: https://github.com/YunoHost-Apps/teampass_ynh/issues
* Official app website: <http://www.teampass.net>
* Official admin documentation: <https://teampass.readthedocs.io/en/latest/>
* Upstream app code repository: <https://github.com/nilsteampassnet/TeamPass>
* YunoHost documentation for this app: <https://yunohost.org/app_teampass>
* Report a bug: <https://github.com/YunoHost-Apps/teampass_ynh/issues>
## Developer info
Please send your pull request to the [testing branch](https://github.com/YunoHost-Apps/teampass_ynh/tree/testing).
To try the testing branch, please proceed like that.
```
``` bash
sudo yunohost app install https://github.com/YunoHost-Apps/teampass_ynh/tree/testing --debug
or
sudo yunohost app upgrade teampass -u https://github.com/YunoHost-Apps/teampass_ynh/tree/testing --debug
```
**More info regarding app packaging:** https://yunohost.org/packaging_apps
**More info regarding app packaging:** <https://yunohost.org/packaging_apps>

33
README_fr.md
View file

@ -1,27 +1,29 @@
<!--
N.B.: This README was automatically generated by https://github.com/YunoHost/apps/tree/master/tools/README-generator
It shall NOT be edited by hand.
-->
# Teampass pour YunoHost
[![Niveau d'intégration](https://dash.yunohost.org/integration/teampass.svg)](https://dash.yunohost.org/appci/app/teampass) ![](https://ci-apps.yunohost.org/ci/badges/teampass.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/teampass.maintain.svg)
[![Niveau d'intégration](https://dash.yunohost.org/integration/teampass.svg)](https://dash.yunohost.org/appci/app/teampass) ![Statut du fonctionnement](https://ci-apps.yunohost.org/ci/badges/teampass.status.svg) ![Statut de maintenance](https://ci-apps.yunohost.org/ci/badges/teampass.maintain.svg)
[![Installer Teampass avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=teampass)
*[Read this readme in english.](./README.md)*
*[Lire ce readme en français.](./README_fr.md)*
> *Ce package vous permet d'installer Teampass rapidement et simplement sur un serveur YunoHost.
Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.*
## Vue d'ensemble
TeamPass is a Passwords Manager dedicated for managing passwords in a collaborative way by sharing them among team members.
Teampass offers a large set of features permitting to manage your passwords and related data in an organized way in respect to the access rights defined for each users.
**Version incluse :** 2.1.27.15~ynh2
TeamPass est un gestionnaire de mots de passe dédié à la gestion des mots de passe de manière collaborative en les partageant entre les membres d'une équipe.
Teampass offre un large ensemble de fonctionnalités permettant de gérer vos mots de passe et les données associées de manière organisée dans le respect des droits d'accès définis pour chaque utilisateur.
**Version incluse :** 2.1.27.15~ynh3
## Captures d'écran
![](./doc/screenshots/screenshot.png)
![Capture d'écran de Teampass](./doc/screenshots/screenshot.png)
## Avertissements / informations importantes
@ -32,21 +34,22 @@ Pour trouver le panel admin, utiliser le login 'admin' et le mot de passe choisi
## Documentations et ressources
* Site officiel de l'app : http://www.teampass.net
* Documentation officielle de l'admin : https://teampass.readthedocs.io/en/latest/
* Dépôt de code officiel de l'app : https://github.com/nilsteampassnet/TeamPass
* Documentation YunoHost pour cette app : https://yunohost.org/app_teampass
* Signaler un bug : https://github.com/YunoHost-Apps/teampass_ynh/issues
* Site officiel de l'app : <http://www.teampass.net>
* Documentation officielle de l'admin : <https://teampass.readthedocs.io/en/latest/>
* Dépôt de code officiel de l'app : <https://github.com/nilsteampassnet/TeamPass>
* Documentation YunoHost pour cette app : <https://yunohost.org/app_teampass>
* Signaler un bug : <https://github.com/YunoHost-Apps/teampass_ynh/issues>
## Informations pour les développeurs
Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/teampass_ynh/tree/testing).
Pour essayer la branche testing, procédez comme suit.
```
``` bash
sudo yunohost app install https://github.com/YunoHost-Apps/teampass_ynh/tree/testing --debug
ou
sudo yunohost app upgrade teampass -u https://github.com/YunoHost-Apps/teampass_ynh/tree/testing --debug
```
**Plus d'infos sur le packaging d'applications :** https://yunohost.org/packaging_apps
**Plus d'infos sur le packaging d'applications :** <https://yunohost.org/packaging_apps>

6
check_process
View file

@ -11,12 +11,16 @@
setup_private=0
setup_public=0
upgrade=1
# 2.1.27.15~ynh1
upgrade=1 from_commit=bec20d59ede778464ae6515fe886e79843f73710
# 2.1.27.15~ynh2
upgrade=1 from_commit=46eea6cdc73937d99862fd4b5a0d991e2c4a5af2
# 2.1.27.15~ynh2
upgrade=1 from_commit=54f3fca9b2aa0df87a35e59d41be01b09a7d3cae
backup_restore=1
multi_instance=1
port_already_use=0
change_url=1
;;; Options
Email=
Notification=down
Notification=none

6
conf/nginx.conf
View file

@ -2,7 +2,7 @@
location __PATH__/ {
# Path to source
alias __FINALPATH__/ ;
alias __FINALPATH__/;
index index.php;
@ -13,8 +13,8 @@ location __PATH__/ {
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param REMOTE_USER $remote_user;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param REMOTE_USER $remote_user;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $request_filename;
}

8
conf/settings.php
View file

@ -4,7 +4,7 @@ global $server, $user, $pass, $database, $pre, $db, $port, $encoding;
### DATABASE connexion parameters ###
$server = "localhost";
$user = "__DB_NAME__";
$user = "__DB_USER__";
$pass = "__DB_PWD__";
$database = "__DB_NAME__";
$pre = "teampass_";
@ -12,7 +12,7 @@ $port = 3306;
$encoding = "utf8";
@date_default_timezone_set($_SESSION['settings']['timezone']);
@define('SECUREPATH', '__PATH_SK_FILE__');
if (file_exists("__PATH_SK_FILE__sk.php")) {
require_once "__PATH_SK_FILE__sk.php";
@define('SECUREPATH', '/etc/__APP__/');
if (file_exists("/etc/__APP__/sk.php")) {
require_once "/etc/__APP__/sk.php";
}

1
conf/teampass_pre_upgrade_ynh/README.md
View file

@ -1 +0,0 @@
This small package is only a partial install script for teampass, in order to quickly try a new version and be able to compare the new files and directories.

6
conf/teampass_pre_upgrade_ynh/conf/app.src
View file

@ -1,6 +0,0 @@
SOURCE_URL=https://github.com/nilsteampassnet/TeamPass/archive/2.1.27.11.tar.gz
SOURCE_SUM=b1dd6cad9d470cb298b9b3e9a5f0df43
SOURCE_SUM_PRG=md5sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=

38
conf/teampass_pre_upgrade_ynh/conf/diff_populate_sql.sh
View file

@ -1,38 +0,0 @@
#!/bin/bash
# This small script is design to perform a diff between the previous and the new install.queries.php file, which contains all the database requests needed for populate.sql
# Get the script's directory
script_dir="$(dirname $(realpath $0))"
# Grep versions of teampass to compare
new_version="$(grep SOURCE_URL= "./app.src" | cut -d'=' -f2)"
old_version="$(grep SOURCE_URL= "../../app.src" | cut -d'=' -f2)"
get_and_extract () {
local version="$1"
# Download the release
wget -nv "$version"
local archive="$(basename "$version")"
local dir="$(basename -s .tar.gz "$version")"
mkdir "$dir"
# Extract
tar -xf "$archive" -C "$dir" --strip-components 1
# Then cherry pick the file to compare
cp "$dir/install/install.queries.php" ./install.queries.php
# Remove previous useless archive and directory
rm -r "$dir" "$archive"
}
echo "new_version=$new_version"
get_and_extract $new_version
mv install.queries.php install.queries.php.new
echo "old_version=$old_version"
get_and_extract $old_version
mv install.queries.php install.queries.php.old
# Make a colored diff of the 2 files.
git diff --no-index install.queries.php.old install.queries.php.new
# Then remove these files
rm install.queries.php.{old,new}

22
conf/teampass_pre_upgrade_ynh/conf/nginx.conf
View file

@ -1,22 +0,0 @@
#sub_path_only rewrite ^__PATH__$ __PATH__/ permanent;
location __PATH__/ {
alias __FINALPATH__/;
if ($scheme = http) {
rewrite ^ https://$server_name$request_uri? permanent;
}
index index.html index.php ;
try_files $uri $uri/ index.php;
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
fastcgi_pass unix:/var/run/php5-fpm-__NAME__.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param REMOTE_USER $remote_user;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $request_filename;
}
# Include SSOWAT user panel.
include conf.d/yunohost_panel.conf.inc;
}

392
conf/teampass_pre_upgrade_ynh/conf/php-fpm.conf
View file

@ -1,392 +0,0 @@
; Start a new pool named 'www'.
; the variable $pool can we used in any directive and will be replaced by the
; pool name ('www' here)
[__NAMETOCHANGE__]
; Per pool prefix
; It only applies on the following directives:
; - 'slowlog'
; - 'listen' (unixsocket)
; - 'chroot'
; - 'chdir'
; - 'php_values'
; - 'php_admin_values'
; When not set, the global prefix (or /usr) applies instead.
; Note: This directive can also be relative to the global prefix.
; Default Value: none
;prefix = /path/to/pools/$pool
; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
; will be used.
user = __USER__
group = __USER__
; The address on which to accept FastCGI requests.
; Valid syntaxes are:
; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific address on
; a specific port;
; 'port' - to listen on a TCP socket to all addresses on a
; specific port;
; '/path/to/unix/socket' - to listen on a unix socket.
; Note: This value is mandatory.
listen = /var/run/php5-fpm-__NAMETOCHANGE__.sock
; Set listen(2) backlog.
; Default Value: 128 (-1 on FreeBSD and OpenBSD)
;listen.backlog = 128
; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many
; BSD-derived systems allow connections regardless of permissions.
; Default Values: user and group are set as the running user
; mode is set to 0660
listen.owner = www-data
listen.group = www-data
;listen.mode = 0660
; List of ipv4 addresses of FastCGI clients which are allowed to connect.
; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
; must be separated by a comma. If this value is left blank, connections will be
; accepted from any ip address.
; Default Value: any
;listen.allowed_clients = 127.0.0.1
; Specify the nice(2) priority to apply to the pool processes (only if set)
; The value can vary from -19 (highest priority) to 20 (lower priority)
; Note: - It will only work if the FPM master process is launched as root
; - The pool processes will inherit the master process priority
; unless it specified otherwise
; Default Value: no set
; priority = -19
; Choose how the process manager will control the number of child processes.
; Possible Values:
; static - a fixed number (pm.max_children) of child processes;
; dynamic - the number of child processes are set dynamically based on the
; following directives. With this process management, there will be
; always at least 1 children.
; pm.max_children - the maximum number of children that can
; be alive at the same time.
; pm.start_servers - the number of children created on startup.
; pm.min_spare_servers - the minimum number of children in 'idle'
; state (waiting to process). If the number
; of 'idle' processes is less than this
; number then some children will be created.
; pm.max_spare_servers - the maximum number of children in 'idle'
; state (waiting to process). If the number
; of 'idle' processes is greater than this
; number then some children will be killed.
; ondemand - no children are created at startup. Children will be forked when
; new requests will connect. The following parameter are used:
; pm.max_children - the maximum number of children that
; can be alive at the same time.
; pm.process_idle_timeout - The number of seconds after which
; an idle process will be killed.
; Note: This value is mandatory.
pm = dynamic
; The number of child processes to be created when pm is set to 'static' and the
; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'.
; This value sets the limit on the number of simultaneous requests that will be
; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
; CGI. The below defaults are based on a server without much resources. Don't
; forget to tweak pm.* to fit your needs.
; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand'
; Note: This value is mandatory.
pm.max_children = 10
; The number of child processes created on startup.
; Note: Used only when pm is set to 'dynamic'
; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2
pm.start_servers = 2
; The desired minimum number of idle server processes.
; Note: Used only when pm is set to 'dynamic'
; Note: Mandatory when pm is set to 'dynamic'
pm.min_spare_servers = 1
; The desired maximum number of idle server processes.
; Note: Used only when pm is set to 'dynamic'
; Note: Mandatory when pm is set to 'dynamic'
pm.max_spare_servers = 3
; The number of seconds after which an idle process will be killed.
; Note: Used only when pm is set to 'ondemand'
; Default Value: 10s
;pm.process_idle_timeout = 10s;
; The number of requests each child process should execute before respawning.
; This can be useful to work around memory leaks in 3rd party libraries. For
; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
; Default Value: 0
pm.max_requests = 500
; The URI to view the FPM status page. If this value is not set, no URI will be
; recognized as a status page. It shows the following informations:
; pool - the name of the pool;
; process manager - static, dynamic or ondemand;
; start time - the date and time FPM has started;
; start since - number of seconds since FPM has started;
; accepted conn - the number of request accepted by the pool;
; listen queue - the number of request in the queue of pending
; connections (see backlog in listen(2));
; max listen queue - the maximum number of requests in the queue
; of pending connections since FPM has started;
; listen queue len - the size of the socket queue of pending connections;
; idle processes - the number of idle processes;
; active processes - the number of active processes;
; total processes - the number of idle + active processes;
; max active processes - the maximum number of active processes since FPM
; has started;
; max children reached - number of times, the process limit has been reached,
; when pm tries to start more children (works only for
; pm 'dynamic' and 'ondemand');
; Value are updated in real time.
; Example output:
; pool: www
; process manager: static
; start time: 01/Jul/2011:17:53:49 +0200
; start since: 62636
; accepted conn: 190460
; listen queue: 0
; max listen queue: 1
; listen queue len: 42
; idle processes: 4
; active processes: 11
; total processes: 15
; max active processes: 12
; max children reached: 0
;
; By default the status page output is formatted as text/plain. Passing either
; 'html', 'xml' or 'json' in the query string will return the corresponding
; output syntax. Example:
; http://www.foo.bar/status
; http://www.foo.bar/status?json
; http://www.foo.bar/status?html
; http://www.foo.bar/status?xml
;
; By default the status page only outputs short status. Passing 'full' in the
; query string will also return status for each pool process.
; Example:
; http://www.foo.bar/status?full
; http://www.foo.bar/status?json&full
; http://www.foo.bar/status?html&full
; http://www.foo.bar/status?xml&full
; The Full status returns for each process:
; pid - the PID of the process;
; state - the state of the process (Idle, Running, ...);
; start time - the date and time the process has started;
; start since - the number of seconds since the process has started;
; requests - the number of requests the process has served;
; request duration - the duration in µs of the requests;
; request method - the request method (GET, POST, ...);
; request URI - the request URI with the query string;
; content length - the content length of the request (only with POST);
; user - the user (PHP_AUTH_USER) (or '-' if not set);
; script - the main script called (or '-' if not set);
; last request cpu - the %cpu the last request consumed
; it's always 0 if the process is not in Idle state
; because CPU calculation is done when the request
; processing has terminated;
; last request memory - the max amount of memory the last request consumed
; it's always 0 if the process is not in Idle state
; because memory calculation is done when the request
; processing has terminated;
; If the process is in Idle state, then informations are related to the
; last request the process has served. Otherwise informations are related to
; the current request being served.
; Example output:
; ************************
; pid: 31330
; state: Running
; start time: 01/Jul/2011:17:53:49 +0200
; start since: 63087
; requests: 12808
; request duration: 1250261
; request method: GET
; request URI: /test_mem.php?N=10000
; content length: 0
; user: -
; script: /home/fat/web/docs/php/test_mem.php
; last request cpu: 0.00
; last request memory: 0
;
; Note: There is a real-time FPM status monitoring sample web page available
; It's available in: ${prefix}/share/fpm/status.html
;
; Note: The value must start with a leading slash (/). The value can be
; anything, but it may not be a good idea to use the .php extension or it
; may conflict with a real PHP file.
; Default Value: not set
;pm.status_path = /status
; The ping URI to call the monitoring page of FPM. If this value is not set, no
; URI will be recognized as a ping page. This could be used to test from outside
; that FPM is alive and responding, or to
; - create a graph of FPM availability (rrd or such);
; - remove a server from a group if it is not responding (load balancing);
; - trigger alerts for the operating team (24/7).
; Note: The value must start with a leading slash (/). The value can be
; anything, but it may not be a good idea to use the .php extension or it
; may conflict with a real PHP file.
; Default Value: not set
;ping.path = /ping
; This directive may be used to customize the response of a ping request. The
; response is formatted as text/plain with a 200 response code.
; Default Value: pong
;ping.response = pong
; The access log file
; Default: not set
;access.log = log/$pool.access.log
; The access log format.
; The following syntax is allowed
; %%: the '%' character
; %C: %CPU used by the request
; it can accept the following format:
; - %{user}C for user CPU only
; - %{system}C for system CPU only
; - %{total}C for user + system CPU (default)
; %d: time taken to serve the request
; it can accept the following format:
; - %{seconds}d (default)
; - %{miliseconds}d
; - %{mili}d
; - %{microseconds}d
; - %{micro}d
; %e: an environment variable (same as $_ENV or $_SERVER)
; it must be associated with embraces to specify the name of the env
; variable. Some exemples:
; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e
; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e
; %f: script filename
; %l: content-length of the request (for POST request only)
; %m: request method
; %M: peak of memory allocated by PHP
; it can accept the following format:
; - %{bytes}M (default)
; - %{kilobytes}M
; - %{kilo}M
; - %{megabytes}M
; - %{mega}M
; %n: pool name
; %o: ouput header
; it must be associated with embraces to specify the name of the header:
; - %{Content-Type}o
; - %{X-Powered-By}o
; - %{Transfert-Encoding}o
; - ....
; %p: PID of the child that serviced the request
; %P: PID of the parent of the child that serviced the request
; %q: the query string
; %Q: the '?' character if query string exists
; %r: the request URI (without the query string, see %q and %Q)
; %R: remote IP address
; %s: status (response code)
; %t: server time the request was received
; it can accept a strftime(3) format:
; %d/%b/%Y:%H:%M:%S %z (default)
; %T: time the log has been written (the request has finished)
; it can accept a strftime(3) format:
; %d/%b/%Y:%H:%M:%S %z (default)
; %u: remote user
;
; Default: "%R - %u %t \"%m %r\" %s"
;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"
; The log file for slow requests
; Default Value: not set
; Note: slowlog is mandatory if request_slowlog_timeout is set
slowlog = /var/log/nginx/__NAMETOCHANGE__.slow.log
; The timeout for serving a single request after which a PHP backtrace will be
; dumped to the 'slowlog' file. A value of '0s' means 'off'.
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
; Default Value: 0
request_slowlog_timeout = 5s
; The timeout for serving a single request after which the worker process will
; be killed. This option should be used when the 'max_execution_time' ini option
; does not stop script execution for some reason. A value of '0' means 'off'.
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
; Default Value: 0
request_terminate_timeout = 1d
; Set open file descriptor rlimit.
; Default Value: system defined value
;rlimit_files = 1024
; Set max core size rlimit.
; Possible Values: 'unlimited' or an integer greater or equal to 0
; Default Value: system defined value
;rlimit_core = 0
; Chroot to this directory at the start. This value must be defined as an
; absolute path. When this value is not set, chroot is not used.
; Note: you can prefix with '$prefix' to chroot to the pool prefix or one
; of its subdirectories. If the pool prefix is not set, the global prefix
; will be used instead.
; Note: chrooting is a great security feature and should be used whenever
; possible. However, all PHP paths will be relative to the chroot
; (error_log, sessions.save_path, ...).
; Default Value: not set
;chroot =
; Chdir to this directory at the start.
; Note: relative path can be used.
; Default Value: current directory or / when chroot
chdir = __FINALPATH__
; Redirect worker stdout and stderr into main error log. If not set, stdout and
; stderr will be redirected to /dev/null according to FastCGI specs.
; Note: on highloaded environement, this can cause some delay in the page
; process time (several ms).
; Default Value: no
catch_workers_output = yes
; Limits the extensions of the main script FPM will allow to parse. This can
; prevent configuration mistakes on the web server side. You should only limit
; FPM to .php extensions to prevent malicious users to use other extensions to
; exectute php code.
; Note: set an empty value to allow all extensions.
; Default Value: .php
;security.limit_extensions = .php .php3 .php4 .php5
; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
; the current environment.
; Default Value: clean env
;env[HOSTNAME] = $HOSTNAME
;env[PATH] = /usr/local/bin:/usr/bin:/bin
;env[TMP] = /tmp
;env[TMPDIR] = /tmp
;env[TEMP] = /tmp
; Additional php.ini defines, specific to this pool of workers. These settings
; overwrite the values previously defined in the php.ini. The directives are the
; same as the PHP SAPI:
; php_value/php_flag - you can set classic ini defines which can
; be overwritten from PHP call 'ini_set'.
; php_admin_value/php_admin_flag - these directives won't be overwritten by
; PHP call 'ini_set'
; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no.
; Defining 'extension' will load the corresponding shared extension from
; extension_dir. Defining 'disable_functions' or 'disable_classes' will not
; overwrite previously defined php.ini values, but will append the new value
; instead.
; Note: path INI options can be relative and will be expanded with the prefix
; (pool, global or /usr)
; Default Value: nothing is defined by default except the values in php.ini and
; specified at startup with the -d argument
;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com
;php_flag[display_errors] = off
;php_admin_value[error_log] = /var/log/fpm-php.www.log
;php_admin_flag[log_errors] = on
;php_admin_value[memory_limit] = 32M

1
conf/teampass_pre_upgrade_ynh/conf/php-fpm.ini
View file

@ -1 +0,0 @@
max_execution_time=60

17
conf/teampass_pre_upgrade_ynh/hooks/post_user_create
View file

@ -1,17 +0,0 @@
#!/bin/bash
user=$1
root_pwd=$(sudo cat /etc/yunohost/mysql)
db_user=root
db_name=teampass
real_password=$(ynh_string_random) # Génère un mot de passe aléatoire
password=$(sudo php /var/www/teampass/mdphash.php $real_password)
mail=$(sudo ldapsearch -h localhost -b ou=users,dc=yunohost,dc=org -x uid=$user mail | grep mail: | sed 's/mail: //' | head -n1)
# Creation de l'utilisateur
mysql -u $db_user -p$root_pwd $db_name -e "INSERT INTO teampass_users (id, login, pw, groupes_visibles, derniers, key_tempo, last_pw_change, last_pw, admin, fonction_id, groupes_interdits, last_connexion, gestionnaire, email, favourites, latest_items, personal_folder, can_create_root_folder) VALUES (NULL, '$user', '$password', '1', '', '', '', '', '0', '1', '', '', '0', '$mail', '', '', '1', '1');"
# Creation du répertoire personnel
id=$(mysql -u $db_user -p$root_pwd $db_name -se "SELECT id from teampass_users where login='$user';")
mysql -u $db_user -p$root_pwd $db_name -e "INSERT INTO teampass_nested_tree (id, parent_id, title, nleft, nright, nlevel, bloquer_creation, bloquer_modification, personal_folder, renewal_period) VALUES (NULL, 0, '$id', 0, 0, 1, 0, 0, 1, 0);"

58
conf/teampass_pre_upgrade_ynh/manifest.json
View file

@ -1,58 +0,0 @@
{
"name": "Teampass",
"id": "teampass",
"packaging_format": 1,
"description": {
"en": "Passwords Manager",
"fr": "Gestionnaire de mots de passes."
},
"version": "2.1.26-final-3~ynh1",
"url": "http://www.teampass.net",
"license": "AGPL-3.0",
"maintainer": {
"name": "Maniack Crudelis",
"email": "maniackc_dev@crudelis.fr"
},
"requirements": {
"yunohost": ">= 2.7.2"
},
"multi_instance": false,
"services": [
"nginx",
"php5-fpm",
"mysql"
],
"arguments": {
"install" : [
{
"name": "domain",
"type": "domain",
"ask": {
"en": "Choose a domain for Teampass",
"fr": "Choisissez un domaine pour Teampass"
},
"example": "domain.org"
},
{
"name": "path",
"type": "path",
"ask": {
"en": "Choose a path for Teampass",
"fr": "Choisissez un chemin pour Teampass"
},
"example": "/teampass",
"default": "/teampass"
},
{
"name": "password",
"type": "password",
"ask": {
"en": "Choose a password for the admin",
"fr": "Choisissez un mot de passe pour l'administrateur"
},
"example": "Choose a password",
"default": "admin"
}
]
}
}

111
conf/teampass_pre_upgrade_ynh/scripts/install
View file

@ -1,111 +0,0 @@
#!/bin/bash
#=================================================
# GENERIC STARTING
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source /usr/share/yunohost/helpers
#=================================================
# MANAGE FAILURE OF THE SCRIPT
#=================================================
ynh_abort_if_errors # Active trap pour arrêter le script si une erreur est détectée.
#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================
domain=$YNH_APP_ARG_DOMAIN
path_url=$YNH_APP_ARG_PATH
password_admin=$YNH_APP_ARG_PASSWORD
app=$YNH_APP_INSTANCE_NAME
#=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THIS ARGS
#=================================================
final_path=/var/www/$app
test ! -e "$final_path" || ynh_die "This path already contains a folder"
# Normalize the url path syntax
path_url=$(ynh_normalize_url_path $path_url)
# Check web path availability
ynh_webpath_available $domain $path_url
# Register (book) web path
ynh_webpath_register $app $domain $path_url
#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
ynh_app_setting_set $app domain $domain
ynh_app_setting_set $app path $path_url
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# CREATE A SQL BDD
#=================================================
db_name=$(ynh_sanitize_dbid $app)
ynh_app_setting_set $app db_name $db_name
ynh_mysql_setup_db $db_name $db_name
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_app_setting_set $app final_path $final_path
ynh_setup_source "$final_path" # Télécharge la source, décompresse et copie dans $final_path
#=================================================
# NGINX CONFIGURATION
#=================================================
if [ "$path_url" != "/" ]
then
ynh_replace_string "^#sub_path_only" "" "../conf/nginx.conf"
fi
ynh_add_nginx_config
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_system_user_create $app # Créer un utilisateur système dédié à l'app
#=================================================
# PHP-FPM CONFIGURATION
#=================================================
ynh_add_fpm_config # Créer le fichier de configuration du pool php-fpm et le configure.
#=================================================
# GENERIC FINALISATION
#=================================================
# SECURING FILES AND DIRECTORIES
#=================================================
# Les fichiers appartiennent à $app
chown -R $app: $final_path
#=================================================
# RELOAD NGINX
#=================================================
systemctl reload nginx
#=================================================
# DISCLAIMER
#=================================================
echo "Database informations:
db_name= $db_name
db_pwd= $db_pwd
Connect to https://$domain$path_url to continue" >&2

60
conf/teampass_pre_upgrade_ynh/scripts/remove
View file

@ -1,60 +0,0 @@
#!/bin/bash
#=================================================
# GENERIC STARTING
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
#=================================================
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get $app domain)
db_name=$(ynh_app_setting_get $app db_name)
#=================================================
# STANDARD REMOVE
#=================================================
# REMOVE THE SQL BDD
#=================================================
ynh_mysql_remove_db $db_name $db_name # Suppression de la base de donnée et de l'utilisateur associé.
#=================================================
# REMOVE THE MAIN DIR OF THE APP
#=================================================
ynh_secure_remove "/var/www/$app" # Suppression du dossier de l'application
#=================================================
# REMOVE THE NGINX CONFIGURATION
#=================================================
ynh_remove_nginx_config # Suppression de la configuration nginx
#=================================================
# REMOVE THE PHP-FPM CONFIGURATION
#=================================================
ynh_remove_fpm_config # Suppression de la configuration du pool php-fpm
#=================================================
# SPECIFIC REMOVE
#=================================================
# REMOVE THE SK.PHP FILE
#=================================================
ynh_secure_remove "/etc/teampass"
#=================================================
# GENERIC FINALISATION
#=================================================
# REMOVE DEDICATED USER
#=================================================
ynh_system_user_delete $app

2
doc/DESCRIPTION_fr.md Normal file
View file

@ -0,0 +1,2 @@
TeamPass est un gestionnaire de mots de passe dédié à la gestion des mots de passe de manière collaborative en les partageant entre les membres d'une équipe.
Teampass offre un large ensemble de fonctionnalités permettant de gérer vos mots de passe et les données associées de manière organisée dans le respect des droits d'accès définis pour chaque utilisateur.

2
doc/DISCLAIMER.md
View file

@ -1,4 +1,4 @@
## Configuration
Use the admin panel of your teampass to configure this app.
To find the admin panel, use the login 'admin' and the password choose during the installation.
To find the admin panel, use the login 'admin' and the password choose during the installation.

90
manifest.json
View file

@ -1,53 +1,53 @@
{
"name": "Teampass",
"id": "teampass",
"packaging_format": 1,
"description": {
"en": "Passwords Manager",
"fr": "Gestionnaire de mots de passes."
},
"version": "2.1.27.15~ynh2",
"url": "http://www.teampass.net",
"upstream": {
"name": "Teampass",
"id": "teampass",
"packaging_format": 1,
"description": {
"en": "Passwords Manager",
"fr": "Gestionnaire de mots de passes."
},
"version": "2.1.27.15~ynh3",
"url": "http://www.teampass.net",
"upstream": {
"license": "AGPL-3.0",
"website": "http://www.teampass.net",
"admindoc": "https://teampass.readthedocs.io/en/latest/",
"code": "https://github.com/nilsteampassnet/TeamPass"
},
"license": "AGPL-3.0",
"maintainer": {
"name": "",
"email": ""
},
"previous_maintainers": [{
"name": "Maniack Crudelis",
"email": "maniackc_dev@crudelis.fr"
}],
"requirements": {
"license": "AGPL-3.0",
"maintainer": {
"name": "",
"email": ""
},
"previous_maintainers": [{
"name": "Maniack Crudelis",
"email": "maniackc_dev@crudelis.fr"
}],
"requirements": {
"yunohost": ">= 4.3.0"
},
"multi_instance": true,
"services": [
"nginx",
"php7.3-fpm",
"mysql"
],
"arguments": {
"install" : [
{
"name": "domain",
"type": "domain"
},
{
"name": "path",
"type": "path",
"example": "/teampass",
"default": "/teampass"
},
{
"name": "password",
"type": "password"
}
]
}
},
"multi_instance": true,
"services": [
"nginx",
"php7.3-fpm",
"mysql"
],
"arguments": {
"install": [
{
"name": "domain",
"type": "domain"
},
{
"name": "path",
"type": "path",
"example": "/teampass",
"default": "/teampass"
},
{
"name": "password",
"type": "password"
}
]
}
}

173
scripts/_common.sh
View file

@ -1,174 +1,15 @@
#!/bin/bash
#=================================================
# COMMON VARIABLES
#=================================================
YNH_PHP_VERSION="7.3"
#=================================================
# PERSONAL HELPERS
#=================================================
#=================================================
# EXPERIMENTAL HELPERS
#=================================================
# Send an email to inform the administrator
#
# usage: ynh_send_readme_to_admin app_message [recipients]
# | arg: -m --app_message= - The message to send to the administrator.
# | arg: -r, --recipients= - The recipients of this email. Use spaces to separate multiples recipients. - default: root
# example: "root admin@domain"
# If you give the name of a YunoHost user, ynh_send_readme_to_admin will find its email adress for you
# example: "root admin@domain user1 user2"
ynh_send_readme_to_admin() {
# Declare an array to define the options of this helper.
declare -Ar args_array=( [m]=app_message= [r]=recipients= )
local app_message
local recipients
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
local app_message="${app_message:-...No specific information...}"
local recipients="${recipients:-root}"
# Retrieve the email of users
find_mails () {
local list_mails="$1"
local mail
local recipients=" "
# Read each mail in argument
for mail in $list_mails
do
# Keep root or a real email address as it is
if [ "$mail" = "root" ] || echo "$mail" | grep --quiet "@"
then
recipients="$recipients $mail"
else
# But replace an user name without a domain after by its email
if mail=$(ynh_user_get_info "$mail" "mail" 2> /dev/null)
then
recipients="$recipients $mail"
fi
fi
done
echo "$recipients"
}
recipients=$(find_mails "$recipients")
local mail_subject="☁️🆈🅽🅷☁️: \`$app\` was just installed!"
local mail_message="This is an automated message from your beloved YunoHost server.
Specific information for the application $app.
$app_message
---
Automatic diagnosis data from YunoHost
$(yunohost tools diagnosis | grep -B 100 "services:" | sed '/services:/d')"
# Define binary to use for mail command
if [ -e /usr/bin/bsd-mailx ]
then
local mail_bin=/usr/bin/bsd-mailx
else
local mail_bin=/usr/bin/mail.mailutils
fi
# Send the email to the recipients
echo "$mail_message" | $mail_bin -a "Content-Type: text/plain; charset=UTF-8" -s "$mail_subject" "$recipients"
}
#=================================================
# Reload (or other actions) a service and print a log in case of failure.
#
# usage: ynh_system_reload service_name [action]
# | arg: -n, --service_name= - Name of the service to reload
# | arg: -a, --action= - Action to perform with systemctl. Default: reload
ynh_system_reload () {
# Declare an array to define the options of this helper.
declare -Ar args_array=( [n]=service_name= [a]=action= )
local service_name
local action
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
local action=${action:-reload}
# Reload, restart or start and print the log if the service fail to start or reload
systemctl $action $service_name || ( journalctl --lines=20 -u $service_name >&2 && false)
}
#=================================================
ynh_maintenance_mode_ON () {
# Load value of $path_url and $domain from the config if their not set
if [ -z $path_url ]; then
path_url=$(ynh_app_setting_get $app path)
fi
if [ -z $domain ]; then
domain=$(ynh_app_setting_get $app domain)
fi
# Create an html to serve as maintenance notice
echo "<!DOCTYPE html>
<html>
<head>
<meta http-equiv="refresh" content="3">
<title>Your app $app is currently under maintenance!</title>
<style>
body {
width: 70em;
margin: 0 auto;
}
</style>
</head>
<body>
<h1>Your app $app is currently under maintenance!</h1>
<p>This app has been put under maintenance by your administrator at $(date)</p>
<p>Please wait until the maintenance operation is done. This page will be reloaded as soon as your app will be back.</p>
</body>
</html>" > "/var/www/html/maintenance.$app.html"
# Create a new nginx config file to redirect all access to the app to the maintenance notice instead.
echo "# All request to the app will be redirected to ${path_url}_maintenance and fall on the maintenance notice
rewrite ^${path_url}/(.*)$ ${path_url}_maintenance/? redirect;
# Use another location, to not be in conflict with the original config file
location ${path_url}_maintenance/ {
alias /var/www/html/ ;
try_files maintenance.$app.html =503;
# Include SSOWAT user panel.
include conf.d/yunohost_panel.conf.inc;
}" > "/etc/nginx/conf.d/$domain.d/maintenance.$app.conf"
# The current config file will redirect all requests to the root of the app.
# To keep the full path, we can use the following rewrite rule:
# rewrite ^${path_url}/(.*)$ ${path_url}_maintenance/\$1? redirect;
# The difference will be in the $1 at the end, which keep the following queries.
# But, if it works perfectly for a html request, there's an issue with any php files.
# This files are treated as simple files, and will be downloaded by the browser.
# Would be really be nice to be able to fix that issue. So that, when the page is reloaded after the maintenance, the user will be redirected to the real page he was.
systemctl reload nginx
}
ynh_maintenance_mode_OFF () {
# Load value of $path_url and $domain from the config if their not set
if [ -z $path_url ]; then
path_url=$(ynh_app_setting_get $app path)
fi
if [ -z $domain ]; then
domain=$(ynh_app_setting_get $app domain)
fi
# Rewrite the nginx config file to redirect from ${path_url}_maintenance to the real url of the app.
echo "rewrite ^${path_url}_maintenance/(.*)$ ${path_url}/\$1 redirect;" > "/etc/nginx/conf.d/$domain.d/maintenance.$app.conf"
systemctl reload nginx
# Sleep 4 seconds to let the browser reload the pages and redirect the user to the app.
sleep 4
# Then remove the temporary files used for the maintenance.
rm "/var/www/html/maintenance.$app.html"
rm "/etc/nginx/conf.d/$domain.d/maintenance.$app.conf"
systemctl reload nginx
}

16
scripts/change_url
View file

@ -46,14 +46,6 @@ ynh_clean_setup () {
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# ACTIVATE MAINTENANCE MODE
#=================================================
path_url=$old_path
domain=$old_domain
ynh_maintenance_mode_ON
#=================================================
# CHECK WHICH PARTS SHOULD BE CHANGED
#=================================================
@ -128,14 +120,6 @@ ynh_script_progression --message="Reloading NGINX web server..."
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# DEACTIVE MAINTENANCE MODE
#=================================================
path_url=$old_path
domain=$old_domain
ynh_maintenance_mode_OFF
#=================================================
# END OF SCRIPT
#=================================================

54
scripts/install
View file

@ -25,7 +25,7 @@ ynh_abort_if_errors
domain=$YNH_APP_ARG_DOMAIN
path_url=$YNH_APP_ARG_PATH
ynh_print_OFF; password_admin=$YNH_APP_ARG_PASSWORD; ynh_print_ON
password=$YNH_APP_ARG_PASSWORD
app=$YNH_APP_INSTANCE_NAME
@ -84,14 +84,6 @@ chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path"
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring NGINX web server..." --weight=2
# Create a dedicated NGINX config
ynh_add_nginx_config
#=================================================
# PHP-FPM CONFIGURATION
#=================================================
@ -101,14 +93,23 @@ ynh_script_progression --message="Configuring PHP-FPM..." --weight=2
ynh_add_fpm_config
phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring NGINX web server..." --weight=2
# Create a dedicated NGINX config
ynh_add_nginx_config
#=================================================
# SPECIFIC SETUP
#=================================================
# FILL THE DATABASE
#=================================================
ynh_script_progression --message="Filling the database..."
version="$(sed -n 3p $final_path/changelog.txt)"
bcrypt_mdp="$(php $final_path/mdphash.php $password_admin)"
bcrypt_mdp="$(php $final_path/mdphash.php $password)"
timezone="$(cat /etc/timezone)"
time="$(date +%s)"
@ -136,6 +137,7 @@ ynh_secure_remove --file="$final_path/populate.sql"
#=================================================
# CREATE TP.CONFIG.PHP FILE
#=================================================
ynh_script_progression --message="Creating tp.config.php file..."
# The file tp.config.php is a dump of the admin part of the database.
tp_config_file="$final_path/includes/config/tp.config.php"
@ -152,28 +154,27 @@ done <<< "$(ynh_mysql_execute_as_root "SELECT intitule, valeur FROM teampass_mis
echo ");" >> $tp_config_file
#=================================================
# CONFIGURE TEAMPASS
# ADD A CONFIGURATION
#=================================================
path_sk_file=/etc/$app/
mkdir $path_sk_file
ynh_script_progression --message="Adding a configuration file..."
ynh_add_config --template="../conf/settings.php" --destination="$final_path/includes/config/settings.php"
#=================================================
# CREATE A SALTKEY
#=================================================
ynh_script_progression --message="Creating a saltkey..."
saltkey=$(ynh_string_random --length=32)
ynh_replace_string "__SALTKEY__" "$saltkey" ../conf/sk.php
ynh_add_config --template="../conf/sk.php" --destination="$path_sk_file/sk.php"
mkdir /etc/$app/
ynh_add_config --template="../conf/sk.php" --destination="/etc/$app/sk.php"
chown -R $app /etc/$app/
chmod 750 /etc/$app/
#=================================================
# COPY THE FILES
# CREATE CSRFP
#=================================================
chown -R $app $path_sk_file
chmod 750 $path_sk_file
ynh_script_progression --message="Creating a csrfp..."
cp $final_path/includes/libraries/csrfp/libs/csrfp.config.sample.php $final_path/includes/libraries/csrfp/libs/csrfp.config.php # Créer le fichier de config de csrfp
ynh_replace_string "CSRFP_TOKEN\" => \"" "&$(head -n40 /dev/urandom | tr -c -d 'a-f0-9' | head -c50)" $final_path/includes/libraries/csrfp/libs/csrfp.config.php # Renseigne un token, valide en hexadécimal
@ -206,9 +207,9 @@ ynh_replace_string "jsUrl\" => \"" "&includes/libraries/csrfp/js/csrfprotector.j
#=================================================
# CREATE A CRON FILE FOR AN AUTOMATIC BACKUP
#=================================================
ynh_script_progression --message="Creating a cron file for an automatic backup..."
echo "0 0 * * 0 $app cd $final_path/backups && php script.backup.php" > /etc/cron.d/$app
# Add also a clean of old backup.
#=================================================
# SECURING FILES AND DIRECTORIES
@ -233,19 +234,8 @@ ynh_script_progression --message="Reloading NGINX web server..." --weight=1
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# SEND A README FOR THE ADMIN
#=================================================
message="If you facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/teampass_ynh
!!! Be carreful when using this app, we have encountered many issues with the last upgrade. The next upgrade could be also difficult, and may need to reinstall the app and migrate manually."
ynh_send_readme_to_admin --app_message="$message" --recipients="root"
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Installation of $app completed" --last

36
scripts/restore
View file

@ -39,21 +39,8 @@ ynh_script_progression --message="Validating restoration parameters..." --weight
test ! -d $final_path \
|| ynh_die --message="There is already a directory: $final_path "
#=================================================
# ACTIVATE MAINTENANCE MODE
#=================================================
ynh_maintenance_mode_ON
#=================================================
# STANDARD RESTORATION STEPS
#=================================================
# RESTORE THE NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the NGINX configuration..." --weight=1
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# RECREATE THE DEDICATED USER
#=================================================
@ -89,7 +76,12 @@ ynh_script_progression --message="Restoring the PHP-FPM configuration..."
ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
#=================================================
# SPECIFIC RESTORE
# RESTORE THE NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the NGINX web server configuration..." --weight=1
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# RESTORE THE MYSQL DATABASE
#=================================================
@ -110,7 +102,7 @@ ynh_restore_file --origin_path="/etc/$app/sk.php"
chown -R $app "/etc/$app/sk.php"
#=================================================
# GENERIC FINALISATION
# GENERIC FINALIZATION
#=================================================
# RELOAD NGINX AND PHP-FPM
#=================================================
@ -119,20 +111,6 @@ ynh_script_progression --message="Reloading NGINX web server and PHP-FPM..." --w
ynh_systemd_action --service_name=php$phpversion-fpm --action=reload
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# DEACTIVE MAINTENANCE MODE
#=================================================
ynh_maintenance_mode_OFF
#=================================================
# SEND A README FOR THE ADMIN
#=================================================
message="If you facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/teampass_ynh"
ynh_send_readme_to_admin --app_message="$message" --recipients="root"
#=================================================
# END OF SCRIPT
#=================================================

58
scripts/upgrade
View file

@ -45,17 +45,12 @@ ynh_clean_setup () {
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# ACTIVATE MAINTENANCE MODE
#=================================================
ynh_maintenance_mode_ON
#=================================================
# STANDARD UPGRADE STEPS
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
ynh_script_progression --message="Ensuring downward compatibility..."
if [ -z "$final_path" ]; then # Si final_path n'est pas renseigné dans app setting
final_path=/var/www/$app
@ -92,15 +87,23 @@ then
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$final_path"
# Delete the install directory.
# Keep it for the manual upgrade process...
# ynh_secure_remove "$final_path/install"
# Do not delete the install directory. Keep it for the manual upgrade process...
# ynh_secure_remove "$final_path/install"
fi
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path"
#=================================================
# PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=1
# Create a dedicated PHP-FPM config
ynh_add_fpm_config
phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
#=================================================
# NGINX CONFIGURATION
#=================================================
@ -109,19 +112,12 @@ ynh_script_progression --message="Upgrading NGINX web server configuration..." -
# Create a dedicated NGINX config
ynh_add_nginx_config
#=================================================
# PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=1
# Create a dedicated PHP-FPM config
ynh_add_fpm_config
#=================================================
# SPECIFIC UPGRADE
#=================================================
# UPDATE TP.CONFIG.PHP FILE
#=================================================
ynh_script_progression --message="Updating tp.config.php file..."
# The file tp.config.php is a dump of the admin part of the database.
tp_config_file="$final_path/includes/config/tp.config.php"
@ -138,14 +134,11 @@ done <<< "$(ynh_mysql_execute_as_root "SELECT intitule, valeur FROM teampass_mis
echo ");" >> $tp_config_file
#=================================================
# CREATE A CRON FILE FOR AUTOMATIC BACKUP
# UPDATE A CONFIG FILE
#=================================================
ynh_script_progression --message="Updating a configuration file..."
echo "0 0 * * 0 $app cd $final_path/backups && php script.backup.php" > /etc/cron.d/$app
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
ynh_add_config --template="../conf/settings.php" --destination="$final_path/includes/config/settings.php"
if [ "$upgrade_type" == "UPGRADE_APP" ]
then
@ -175,12 +168,11 @@ then
fi
#=================================================
# UPDATE SETTINGS.PHP
# CREATE A CRON FILE FOR AN AUTOMATIC BACKUP
#=================================================
ynh_script_progression --message="Creating a cron file for an automatic backup..."
path_sk_file="/etc/$app/"
ynh_add_config --template="../conf/settings.php" --destination="$final_path/includes/config/settings.php"
echo "0 0 * * 0 $app cd $final_path/backups && php script.backup.php" > /etc/cron.d/$app
#=================================================
# SECURING FILES AND DIRECTORIES
@ -192,7 +184,11 @@ chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path"
# Sauf certains dossiers includes, install, files et upload
chown -R $app $final_path/{includes,install,files,upload}
chown -R $app $final_path/{includes,files,upload}
if [ -d "$final_path/install" ]; then
chown -R $app "$final_path/install"
fi
# Restreint l'accès au dossier de backup
chmod 750 $final_path/backups
@ -205,12 +201,6 @@ ynh_script_progression --message="Reloading NGINX web server..." --weight=1
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# DEACTIVE MAINTENANCE MODE
#=================================================
ynh_maintenance_mode_OFF
#=================================================
# END OF SCRIPT
#=================================================