diff --git a/hooks/post_user_create b/hooks/post_user_create index cc96b81..44fba5b 100644 --- a/hooks/post_user_create +++ b/hooks/post_user_create @@ -2,8 +2,8 @@ app="__APP__" user="__APP__" -install_dir=$(ynh_app_setting_get --app=$app --key=install_dir) -phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) +install_dir=$(ynh_app_setting_get --app="$app" --key=install_dir) +phpversion=$(ynh_app_setting_get --app="$app" --key=phpversion) # Retrieve arguments username=$1 @@ -16,6 +16,7 @@ source /usr/share/yunohost/helpers user_pass=$(ynh_string_random) # Create the new user in Wallabag -(cd "$install_dir" && \ - sudo -u "$user" php${phpversion} "bin/console" --no-interaction --env=prod \ - fos:user:create "$username" "$user_email" "$user_pass") +pushd "$install_dir" || ynh_die + sudo -u "$user" "php$phpversion" "bin/console" --no-interaction --env=prod \ + fos:user:create "$username" "$user_email" "$user_pass" +popd || ynh_die diff --git a/hooks/post_user_delete b/hooks/post_user_delete index b0cd5cf..ebf27c4 100644 --- a/hooks/post_user_delete +++ b/hooks/post_user_delete @@ -2,14 +2,15 @@ app="__APP__" user="__APP__" -install_dir=$(ynh_app_setting_get --app=$app --key=install_dir) -phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) +install_dir=$(ynh_app_setting_get --app="$app" --key=install_dir) +phpversion=$(ynh_app_setting_get --app="$app" --key=phpversion) # Retrieve arguments username=$1 purge=$2 -# Deactivate the user from Wallabg -(cd "$install_dir" && \ - sudo -u "$user" php${phpversion} "bin/console" --no-interaction --env=prod \ - fos:user:deactivate "$username") +# Deactivate the user from Wallabag +pushd "$install_dir" || ynh_die + sudo -u "$user" "php$phpversion" "bin/console" --no-interaction --env=prod \ + fos:user:deactivate "$username" +popd || ynh_die diff --git a/scripts/_common.sh b/scripts/_common.sh index 599c71e..944a65e 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -11,3 +11,7 @@ #================================================= # EXPERIMENTAL HELPERS #================================================= + +#================================================= +# FUTURE OFFICIAL HELPERS +#================================================= diff --git a/scripts/backup b/scripts/backup index 225322e..5fb5b0d 100644 --- a/scripts/backup +++ b/scripts/backup @@ -1,7 +1,5 @@ #!/bin/bash -#================================================= -# GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= @@ -25,27 +23,15 @@ ynh_secure_remove --file=$install_dir/var/cache/prod ynh_backup --src_path="$install_dir" #================================================= -# BACKUP THE NGINX CONFIGURATION +# BACKUP THE SYSTEM CONFIGURATION #================================================= ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" -#================================================= -# BACKUP THE PHP-FPM CONFIGURATION -#================================================= - ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" -#================================================= -# BACKUP LOGROTATE -#================================================= - ynh_backup --src_path="/etc/logrotate.d/$app" -#================================================= -# BACKUP FAIL2BAN CONFIGURATION -#================================================= - ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf" ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf" diff --git a/scripts/change_url b/scripts/change_url index f1f1074..1646978 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -1,7 +1,5 @@ #!/bin/bash -#================================================= -# GENERIC STARTING #================================================= # IMPORT GENERIC HELPERS #================================================= @@ -9,8 +7,6 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# STANDARD MODIFICATIONS #================================================= # MODIFY URL IN NGINX CONF #================================================= @@ -18,30 +14,31 @@ ynh_script_progression --message="Updating NGINX web server configuration..." -- ynh_change_url_nginx_config -#================================================= -# SPECIFIC MODIFICATIONS #================================================= # UPDATE CONFIGURATION #================================================= ynh_script_progression --message="Updating wallabag configuration..." # Configure Wallabag instance URL -ynh_mysql_connect_as --user=$db_user --password="$db_pwd" --database=$db_name <<< "UPDATE internal_setting SET value = 'https://$new_domain$new_path' WHERE name = 'wallabag_url'" +ynh_mysql_connect_as --user="$db_user" --password="$db_pwd" --database="$db_name" \ + <<< "UPDATE internal_setting SET value = 'https://$new_domain$new_path' WHERE name = 'wallabag_url'" # Change domain name in parameters.yml ynh_replace_string --match_string="domain_name: .*" --replace_string="domain_name: https://$new_domain$new_path" --target_file=$install_dir/app/config/parameters.yml # If "Download images locally" option has been enabled in Internal Settings -download_images_enabled=$(ynh_mysql_connect_as --user=$db_user --password="$db_pwd" --database=$db_name <<< "SELECT value from internal_setting WHERE name='download_images_enabled '" | tail -n 1) -if [ "$download_images_enabled" = "1" ] -then - ynh_print_info --message="Updating images URL; this operation may take a while..." - # Query/replace the domain/path in every entry.content in mysql database - ynh_mysql_connect_as --user=$db_user --password="$db_pwd" --database=$db_name <<< "UPDATE entry SET content = REPLACE(content, '$old_domain$old_path', '$new_domain$new_path');" +download_images_enabled=$(ynh_mysql_connect_as --user="$db_user" --password="$db_pwd" --database="$db_name" \ + <<< "SELECT value from internal_setting WHERE name='download_images_enabled '" | tail -n 1) + +if [ "$download_images_enabled" = "1" ]; then + ynh_print_info --message="Updating images URL; this operation may take a while..." + # Query/replace the domain/path in every entry.content in mysql database + ynh_mysql_connect_as --user="$db_user" --password="$db_pwd" --database="$db_name" \ + <<< "UPDATE entry SET content = REPLACE(content, '$old_domain$old_path', '$new_domain$new_path');" fi # Clear assets cache -ynh_secure_remove --file=$install_dir/var/cache +ynh_secure_remove --file="$install_dir/var/cache" #================================================= # END OF SCRIPT diff --git a/scripts/install b/scripts/install index 58aea9b..2d66e67 100644 --- a/scripts/install +++ b/scripts/install @@ -1,7 +1,5 @@ #!/bin/bash -#================================================= -# GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= @@ -9,9 +7,12 @@ source _common.sh source /usr/share/yunohost/helpers +#================================================= +# INITIALIZE AND STORE SETTINGS +#================================================= deskey=$(ynh_string_random --length=24) -ynh_app_setting_set --app=$app --key=deskey --value=$deskey +ynh_app_setting_set --app="$app" --key=deskey --value="$deskey" #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE @@ -21,6 +22,52 @@ ynh_script_progression --message="Setting up source files..." --weight=6 # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$install_dir" +mkdir -p "$install_dir/var/logs/" +touch "$install_dir/var/logs/prod.log" + +# Set permissions to app files +chown -R "$app:www-data" "$install_dir" + +# Restrict rights to Wallabag user only +if [ -e "$install_dir/var/cache/prod/appProdProjectContainer.php" ]; then + chmod 700 "$install_dir/var/cache/prod/appProdProjectContainer.php" +fi + +#================================================= +# APP INITIAL CONFIGURATION +#================================================= +ynh_script_progression --message="Adding $app's configuration files..." --weight=1 + +ynh_add_config --template="parameters.yml" --destination="$install_dir/app/config/parameters.yml" +chmod 600 "$install_dir/app/config/parameters.yml" + +# Alias for php-cli execution command +php_exec=(ynh_exec_as "$app" "php$phpversion" "$install_dir/bin/console" --no-interaction --env=prod) + +# Install dependencies and Wallabag +ynh_exec_warn_less "${php_exec[@]}" wallabag:install + +# Add users to Wallabag +for username in $(ynh_user_list); do + user_email=$(ynh_user_get_info --username="$username" --key=mail) + user_pass=$(ynh_string_random) + "${php_exec[@]}" fos:user:create "$username" "$user_email" "$user_pass" +done + +# Set admin user +"${php_exec[@]}" fos:user:promote --super "$admin" + +# Configure Wallabag instance URL +ynh_mysql_connect_as --user="$db_user" --password="$db_pwd" --database="$db_name" \ + <<< "UPDATE internal_setting SET value = 'https://$domain$path' WHERE name = 'wallabag_url'" + +#================================================= +# SETUP HOOKS +#================================================= + +ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="../hooks/post_user_create" +ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="../hooks/post_user_delete" + #================================================= # NGINX CONFIGURATION #================================================= @@ -32,80 +79,8 @@ ynh_add_nginx_config # Create a dedicated PHP-FPM config ynh_add_fpm_config -#================================================= -# SPECIFIC SETUP -#================================================= -# CONFIGURE WALLABAG -#================================================= -ynh_script_progression --message="Configuring $app..." --weight=25 - -ynh_add_config --template="parameters.yml" --destination="$install_dir/app/config/parameters.yml" - -# Alias for php-cli execution command -php_exec="ynh_exec_as $app php$phpversion "$install_dir/bin/console" --no-interaction --env=prod" - -# Set permissions to app files -chown -R $app: $install_dir - -# Install dependencies and Wallabag -ynh_exec_warn_less $php_exec wallabag:install - -# Add users to Wallabag -for username in $(ynh_user_list) -do - user_email=$(ynh_user_get_info --username="$username" --key=mail) - user_pass=$(ynh_string_random) - $php_exec fos:user:create "$username" "$user_email" "$user_pass" -done - -# Set admin user -$php_exec fos:user:promote --super "$admin" - -# Configure Wallabag instance URL -ynh_mysql_connect_as --user=$db_user --password="$db_pwd" --database=$db_name <<< "UPDATE internal_setting SET value = 'https://$domain$path' WHERE name = 'wallabag_url'" - -#================================================= -# SETUP HOOKS -#================================================= - -ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="../hooks/post_user_create" -ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="../hooks/post_user_delete" - -#================================================= -# GENERIC FINALIZATION -#================================================= -# SECURE FILES AND DIRECTORIES -#================================================= - -# Set permissions to app files -chown -R $app:www-data $install_dir -chmod -R g=u,g-w,o-rwx $install_dir - -# Restrict rights to Wallabag user only -chmod 600 $install_dir/app/config/parameters.yml -if [ -e $install_dir/var/cache/prod/appProdProjectContainer.php ]; then - chmod 700 $install_dir/var/cache/prod/appProdProjectContainer.php -fi - -#================================================= -# SETUP LOGROTATE -#================================================= -ynh_script_progression --message="Configuring log rotation..." --weight=1 - # Use logrotate to manage application logfile(s) -touch "$install_dir/var/logs/prod.log" ynh_use_logrotate "$install_dir/var/logs/prod.log" -chown $app:www-data "$install_dir/var/logs/prod.log" - -#================================================= -# SETUP FAIL2BAN -#================================================= -ynh_script_progression --message="Configuring Fail2Ban..." - -# Create the log file is not already existing during install -mkdir -p "$install_dir/var/logs/" -touch "$install_dir/var/logs/prod.log" -chown $app: "$install_dir/var/logs/prod.log" # Create a dedicated Fail2Ban config ynh_add_fail2ban_config --logpath="$install_dir/var/logs/prod.log" --failregex='app.ERROR: Authentication failure for user "([\w]+)?", from IP ""' --max_retry=5 diff --git a/scripts/remove b/scripts/remove index e8afc43..f9af69f 100644 --- a/scripts/remove +++ b/scripts/remove @@ -1,7 +1,5 @@ #!/bin/bash -#================================================= -# GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= @@ -10,7 +8,7 @@ source _common.sh source /usr/share/yunohost/helpers #================================================= -# REMOVE SYSTEMD SERVICE +# REMOVE SYSTEMD SERVICE #================================================= ynh_script_progression --message="Removing system configurations related to $app..." --weight=1 diff --git a/scripts/restore b/scripts/restore index 2bb80a9..42d7b87 100644 --- a/scripts/restore +++ b/scripts/restore @@ -1,7 +1,5 @@ #!/bin/bash -#================================================= -# GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= @@ -17,29 +15,25 @@ ynh_script_progression --message="Restoring the app main directory..." ynh_restore_file --origin_path="$install_dir" -#================================================= -# RESTORE USER RIGHTS -#================================================= - # Set permissions to app files -chown -R $app:www-data $install_dir -chmod -R g=u,g-w,o-rwx $install_dir +chown -R "$app:www-data" "$install_dir" # Restrict rights to Wallabag user only -chmod 600 $install_dir/app/config/parameters.yml -if [ -e $install_dir/var/cache/prod/appProdProjectContainer.php ]; then - chmod 700 $install_dir/var/cache/prod/appProdProjectContainer.php +if [ -e "$install_dir/var/cache/prod/appProdProjectContainer.php" ]; then + chmod 700 "$install_dir/var/cache/prod/appProdProjectContainer.php" fi +chmod 600 "$install_dir/app/config/parameters.yml" + #================================================= # RESTORE THE MYSQL DATABASE #================================================= ynh_script_progression --message="Restoring the MySQL database..." --weight=3 -ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql +ynh_mysql_connect_as --user="$db_user" --password="$db_pwd" --database="$db_name" < ./db.sql #================================================= -# RESTORE THE PHP-FPM CONFIGURATION +# RESTORE THE SYSTEM CONFIGURATION #================================================= ynh_script_progression --message="Restoring system configurations related to $app..." --weight=1 @@ -53,14 +47,12 @@ ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf" ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf" ynh_systemd_action --action=restart --service_name=fail2ban -#================================================= -# GENERIC FINALIZATION #================================================= # RELOAD NGINX AND PHP-FPM OR THE APP SERVICE #================================================= ynh_script_progression --message="Reloading NGINX web server and $app's service..." --weight=1 -ynh_systemd_action --service_name=php$phpversion-fpm --action=reload +ynh_systemd_action --service_name="php$phpversion-fpm" --action=reload ynh_systemd_action --service_name=nginx --action=reload #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 32a366c..d6dce0a 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -1,7 +1,5 @@ #!/bin/bash -#================================================= -# GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= @@ -9,83 +7,44 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# CHECK VERSION -#================================================= - -upgrade_type=$(ynh_check_app_version_changed) - #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= +ynh_script_progression --message="Upgrading source files..." --weight=6 -if [ "$upgrade_type" == "UPGRADE_APP" ] -then - ynh_script_progression --message="Upgrading source files..." --weight=6 +# Download, check integrity, uncompress and patch the source from app.src +ynh_setup_source --dest_dir="$install_dir" --keep="app/config/parameters.yml" --full_replace=1 - # Download, check integrity, uncompress and patch the source from app.src - ynh_setup_source --dest_dir="$install_dir" --keep="app/config/parameters.yml" --full_replace=1 +mkdir -p "$install_dir/var/logs/" +touch "$install_dir/var/logs/prod.log" - # Clear cache - ynh_secure_remove --file="$install_dir/var/cache" - mkdir "$install_dir/var/cache" +# Set permissions to app files +chown -R "$app:www-data" "$install_dir" + +# Restrict rights to Wallabag user only +if [ -e "$install_dir/var/cache/prod/appProdProjectContainer.php" ]; then + chmod 700 "$install_dir/var/cache/prod/appProdProjectContainer.php" fi #================================================= -# REAPPLY SYSTEM CONFIGURATIONS +# UPDATE A CONFIG FILE #================================================= -ynh_script_progression --message="Upgrading system configurations related to $app..." --weight=1 +ynh_script_progression --message="Reconfiguring $app..." --weight=1 -# Create a dedicated PHP-FPM config -ynh_add_fpm_config +# Copy and set Wallabag dist configuration +# ynh_add_config --template="parameters.yml" --destination="$install_dir/app/config/parameters.yml" +chmod 600 "$install_dir/app/config/parameters.yml" -# Create a dedicated NGINX config -ynh_add_nginx_config +# Alias for php-cli execution command +php_exec=(ynh_exec_as "$app" "php$phpversion" "$install_dir/bin/console" --no-interaction --env=prod) -# Set-up Fail2Ban -# Create the log file is not already existing -if [ ! -f "$install_dir/var/logs/prod.log" ] -then - mkdir -p "$install_dir/var/logs/" - touch "$install_dir/var/logs/prod.log" - chown $app: "$install_dir/var/logs/prod.log" -fi +# Upgrade database and clear the cache +"${php_exec[@]}" doctrine:migrations:migrate +"${php_exec[@]}" cache:clear -# Add Fail2Ban config -ynh_add_fail2ban_config --logpath="$install_dir/var/logs/prod.log" --failregex='app.ERROR: Authentication failure for user "([\w]+)?", from IP ""' --max_retry=5 # same as install config - -ynh_use_logrotate --non-append - -#================================================= -# SPECIFIC UPGRADE -#================================================= -# CONFIGURE WALLABAG -#================================================= - -if [ "$upgrade_type" == "UPGRADE_APP" ] -then - ynh_script_progression --message="Reconfiguring $app..." --weight=1 - - # Copy and set Wallabag dist configuration - #ynh_add_config --template="parameters.yml" --destination="$install_dir/app/config/parameters.yml" - - #================================================= - # UPGRADE WALLABAG - #================================================= - - # Alias for php-cli execution command - php_exec="ynh_exec_as $app php$phpversion "$install_dir/bin/console" --no-interaction --env=prod" - - # Set permissions to app files - chown -R $app: $install_dir - - # Upgrade database and clear the cache - $php_exec doctrine:migrations:migrate - $php_exec cache:clear - - # Configure Wallabag instance URL - ynh_mysql_connect_as --user=$db_user --password="$db_pwd" --database=$db_name <<< "UPDATE internal_setting SET value = 'https://$domain$path' WHERE name = 'wallabag_url'" -fi +# Configure Wallabag instance URL +ynh_mysql_connect_as --user="$db_user" --password="$db_pwd" --database="$db_name" \ + <<< "UPDATE internal_setting SET value = 'https://$domain$path' WHERE name = 'wallabag_url'" #================================================= # SETUP HOOKS @@ -95,18 +54,21 @@ ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_fil ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="../hooks/post_user_delete" #================================================= -# SECURE FILES AND DIRECTORIES +# REAPPLY SYSTEM CONFIGURATIONS #================================================= +ynh_script_progression --message="Upgrading system configurations related to $app..." --weight=1 -# Set permissions to app files -chown -R $app:www-data $install_dir -chmod -R g=u,g-w,o-rwx $install_dir +# Create a dedicated NGINX config +ynh_add_nginx_config -# Restrict rights to Wallabag user only -chmod 600 $install_dir/app/config/parameters.yml -if [ -e $install_dir/var/cache/prod/appProdProjectContainer.php ]; then - chmod 700 $install_dir/var/cache/prod/appProdProjectContainer.php -fi +# Create a dedicated PHP-FPM config +ynh_add_fpm_config + +# Use logrotate to manage application logfile(s) +ynh_use_logrotate "$install_dir/var/logs/prod.log" + +# Create a dedicated Fail2Ban config +ynh_add_fail2ban_config --logpath="$install_dir/var/logs/prod.log" --failregex='app.ERROR: Authentication failure for user "([\w]+)?", from IP ""' --max_retry=5 #================================================= # END OF SCRIPT