#!/bin/bash #================================================= # GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= source _common.sh source /usr/share/yunohost/helpers #================================================= # MANAGE SCRIPT FAILURE #================================================= ynh_clean_setup () { ynh_clean_check_starting } # Exit if an error occurs during the execution of the script ynh_abort_if_errors #================================================= # RETRIEVE ARGUMENTS FROM THE MANIFEST #================================================= domain=$YNH_APP_ARG_DOMAIN path_url=$YNH_APP_ARG_PATH ynh_print_OFF; password_admin=$YNH_APP_ARG_PASSWORD; ynh_print_ON app=$YNH_APP_INSTANCE_NAME #================================================= # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS #================================================= ynh_script_progression --message="Validating installation parameters..." --weight=1 final_path=/var/www/$app test ! -e "$final_path" || ynh_die --message="This path already contains a folder" # Register (book) web path ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url #================================================= # STORE SETTINGS FROM MANIFEST #================================================= ynh_script_progression --message="Storing installation settings..." --weight=1 ynh_app_setting_set --app=$app --key=domain --value=$domain ynh_app_setting_set --app=$app --key=path --value=$path_url #================================================= # STANDARD MODIFICATIONS #================================================= # CREATE DEDICATED USER #================================================= ynh_script_progression --message="Configuring system user..." --weight=2 # Create a system user ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= # CREATE A MYSQL DATABASE #================================================= ynh_script_progression --message="Creating a MySQL database..." --weight=2 db_name=$(ynh_sanitize_dbid --db_name=$app) db_user=$db_name ynh_app_setting_set --app=$app --key=db_name --value=$db_name ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= ynh_script_progression --message="Setting up source files..." --weight=7 ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" # Delete the install directory. ynh_secure_remove "$final_path/install" #================================================= # NGINX CONFIGURATION #================================================= ynh_script_progression --message="Configuring NGINX web server..." --weight=2 # Create a dedicated NGINX config ynh_add_nginx_config #================================================= # PHP-FPM CONFIGURATION #================================================= ynh_script_progression --message="Configuring PHP-FPM..." --weight=2 # Create a dedicated PHP-FPM config ynh_add_fpm_config phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= # SPECIFIC SETUP #================================================= # FILL THE DATABASE #================================================= version="$(sed -n 3p $final_path/changelog.txt)" bcrypt_mdp="$(php $final_path/mdphash.php $password_admin)" timezone="$(cat /etc/timezone)" time="$(date +%s)" # Remplacement des variables dans le fichier sql if [ $(echo $LANG | cut -c1-2) == "fr" ] then langue=french folders="partagés" roles=utilisateurs else langue=english folders=shared roles=users fi ynh_add_config --template="../conf/populate.sql" --destination="$final_path/populate.sql" # Enregistre les infos dans la config YunoHost ynh_app_setting_set --app=$app --key=langue --value=$langue # Import du fichier SQL ynh_mysql_connect_as $db_name $db_pwd $db_name < $final_path/populate.sql ynh_secure_remove --file="$final_path/populate.sql" #================================================= # CREATE TP.CONFIG.PHP FILE #================================================= # The file tp.config.php is a dump of the admin part of the database. tp_config_file="$final_path/includes/config/tp.config.php" echo " $tp_config_file while read settings do echo -n " '$(echo $settings | awk '{ print $1 }')'" >> $tp_config_file echo " => '$(echo $settings | cut -d' ' -f2-)'," >> $tp_config_file done <<< "$(ynh_mysql_execute_as_root "SELECT intitule, valeur FROM teampass_misc" $app)" echo ");" >> $tp_config_file #================================================= # CONFIGURE TEAMPASS #================================================= path_sk_file=/etc/$app/ mkdir $path_sk_file ynh_add_config --template="../conf/settings.php" --destination="$final_path/includes/config/settings.php" #================================================= # CREATE A SALTKEY #================================================= saltkey=$(ynh_string_random --length=32) ynh_replace_string "__SALTKEY__" "$saltkey" ../conf/sk.php ynh_add_config --template="../conf/sk.php" --destination="$path_sk_file/sk.php" #================================================= # COPY THE FILES #================================================= chown -R $app $path_sk_file chmod 750 $path_sk_file cp $final_path/includes/libraries/csrfp/libs/csrfp.config.sample.php $final_path/includes/libraries/csrfp/libs/csrfp.config.php # Créer le fichier de config de csrfp ynh_replace_string "CSRFP_TOKEN\" => \"" "&$(head -n40 /dev/urandom | tr -c -d 'a-f0-9' | head -c50)" $final_path/includes/libraries/csrfp/libs/csrfp.config.php # Renseigne un token, valide en hexadécimal ynh_replace_string "jsUrl\" => \"" "&includes/libraries/csrfp/js/csrfprotector.js" $final_path/includes/libraries/csrfp/libs/csrfp.config.php # Renseigne l'adresse de csrfprotector.js #================================================= # CREATE THE USERS #================================================= # Not used anymore, because the current version support ldap. # But still I keep that here, just in case... # Ajout des utilisateurs actuels dans la base yunohost # teampass_users=$(ldapsearch -h localhost -b ou=users,dc=yunohost,dc=org -x objectClass=mailAccount uid | grep uid: | sed 's/uid: //' | xargs) # id=1 # for teampassuser in $teampass_users # do # real_password=$(ynh_string_random) # Génère un mot de passe aléatoire # password=$(php $final_path/mdphash.php $real_password) # mail=$(ldapsearch -h localhost -b ou=users,dc=yunohost,dc=org -x uid=$teampassuser mail | grep mail: | sed 's/mail: //' | head -n1) # Creation de l'utilisateur # ynh_mysql_execute_as_root "INSERT INTO teampass_users (id, login, pw, groupes_visibles, derniers, key_tempo, last_pw_change, last_pw, admin, fonction_id, groupes_interdits, last_connexion, gestionnaire, email, favourites, latest_items, personal_folder, can_create_root_folder) VALUES (NULL, '$teampassuser', '$password', '1', '', '', '', '', '0', '1', '', '', '0', '$mail', '', '', '1', '1');" $app # Creation du repertoire personnel # id_user=$(ynh_mysql_execute_as_root "SELECT id from teampass_users where login='$teampassuser';" $app) # ynh_mysql_execute_as_root "INSERT INTO teampass_nested_tree (id, parent_id, title, nleft, nright, nlevel, bloquer_creation, bloquer_modification, personal_folder, renewal_period) VALUES (NULL, 0, '$id_user', 0, 0, 1, 0, 0, 1, 0);" $app # # ((id++)) # done #================================================= # CREATE A CRON FILE FOR AN AUTOMATIC BACKUP #================================================= echo "0 0 * * 0 $app cd $final_path/backups && php script.backup.php" > /etc/cron.d/$app # Add also a clean of old backup. #================================================= # SECURING FILES AND DIRECTORIES #================================================= # Les fichiers appartiennent à root chown -R root: $final_path # Sauf certains dossiers includes, files et upload chown -R $app $final_path/{includes,files,upload} # Restreint l'accès au dossier de backup chmod 750 $final_path/backups #================================================= # GENERIC FINALISATION #================================================= # RELOAD NGINX #================================================= ynh_script_progression --message="Reloading NGINX web server..." --weight=1 ynh_systemd_action --service_name=nginx --action=reload #================================================= # SEND A README FOR THE ADMIN #================================================= message="If you facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/teampass_ynh !!! Be carreful when using this app, we have encountered many issues with the last upgrade. The next upgrade could be also difficult, and may need to reinstall the app and migrate manually." ynh_send_readme_to_admin --app_message="$message" --recipients="root" #================================================= # END OF SCRIPT #================================================= ynh_script_progression --message="Installation of $app completed" --last