diff --git a/README.md b/README.md index a7cd47e..2caec99 100644 --- a/README.md +++ b/README.md @@ -1,37 +1,31 @@ + + # Wallabag for YunoHost [![Integration level](https://dash.yunohost.org/integration/wallabag2.svg)](https://dash.yunohost.org/appci/app/wallabag2) ![](https://ci-apps.yunohost.org/ci/badges/wallabag2.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/wallabag2.maintain.svg) -[![Install Wallabag with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=wallabag2) +[![Install Wallabag with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=wallabag2) *[Lire ce readme en français.](./README_fr.md)* -> *This package allow you to install Wallabag quickly and simply on a YunoHost server. -If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to know how to install and enjoy it.* +> *This package allows you to install Wallabag quickly and simply on a YunoHost server. +If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/install) to learn how to install it.* ## Overview -[Wallabag](https://www.wallabag.org/) is a self hostable Read-It-Later application allowing you to not miss any content anymore. Click, save, read it when you can. -It extracts content so that you can read it when you have time. +Self hostable read-it-later app -It provides a web interface, browser (Firefox / Chrome / Opera) add-ons, mobile apps (Android / iOS / Windows Phone) and even on e-reader (PocketBook / Kobo). +**Shipped version:** 2.4.2~ynh3 -**Shipped version:** 2.4.2 +**Demo:** https://demo.yunohost.org/wallabag/ ## Screenshots -![](https://www.linuxbabe.com/wp-content/uploads/2016/10/wallabag-quick-start-page.png) +![](./doc/screenshots/wallabag-quick-start-page.png) -## Demo - -* [YunoHost demo](https://demo.yunohost.org/wallabag/) -* [Video demo](https://player.vimeo.com/video/167435064) - -## Configuration - -## Documentation - - * Official documentation: https://doc.wallabag.org/en/ - * YunoHost documentation: https://yunohost.org/#/app_wallabag2 +## Disclaimers / important information ## YunoHost specific features @@ -39,48 +33,38 @@ In addition to Wallabag core features, the following are made available with thi * Integrate with YunoHost users and SSO - i.e. logout button * Allow one user to be the administrator (set at the installation) - * Asynchronous import using Redis (need to be enabled in the *Internal Settings*). RabbitMQ import not supported (yet ?) - -#### Multi-users support - -#### Supported architectures - -* x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/wallabag2%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/wallabag2/) -* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/wallabag2%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/wallabag2/) + * Asynchronous import using *Redis* (need to be enabled in the *Internal Settings*). *RabbitMQ* import not supported (yet?). ## Limitations * Removing a Yunohost's user won't delete the related wallabag user, but only desactivate it. You need to manualy remove it from wallabag before. See: https://github.com/YunoHost-Apps/wallabag2_ynh/issues/39 +* Upgrade from the YunoHost [Wallabag v1](https://github.com/YunoHost-Apps/wallabag_ynh) app requires a manual operation. That's why it's provided as a new package. For the migration process, please refer to the [Wallabag official documentation](https://doc.wallabag.org/en/user/import/wallabagv1.html). -## Additional information +## (Beta) Testing branch +*Please be aware that the testing branch (or any PR branch)* might *contains some bugs and is not recommended if you need a stable app.* -**NB: Since @jeromelebleu is no longer maintaining this package, I (@lapineige) take over this repository. But I have limited time and experience, so feel free to help !** +(Beta) Testers are welcome to try new upgrades (such as a new version), as listed in the [Pull Requests section](https://github.com/YunoHost-Apps/wallabag2_ynh/pulls). More testing will allow us to provide upgrades faster 🙂. In order to try the testing branch, use `sudo yunohost app upgrade wallabag2 -u https://github.com/YunoHost-Apps/wallabag2_ynh/tree/testing`. -#### Upgrade from v1 +Warning : Doing a normal upgrade of the package with the web admin or `sudo yunohost app upgrade wallabag2` (without any URL specified) will revert you app to the master branch. *This may break you wallabag* if it goes to a previous version (if the newest is not retrocompatible). -The upgrade from the YunoHost [Wallabag v1](https://github.com/YunoHost-Apps/wallabag_ynh) -app requires a manual operation, that's why it's provided as a new package. -For the migration process, please refer to the -[Wallabag official documentation](https://doc.wallabag.org/en/user/import/wallabagv1.html). +## Documentation and resources -## Links +* Official app website: https://www.wallabag.org +* Official user documentation: https://yunohost.org/#/app_wallabag2 +* Official admin documentation: https://doc.wallabag.org/en/ +* Upstream app code repository: https://github.com/wallabag/wallabag +* YunoHost documentation for this app: https://yunohost.org/app_wallabag2 +* Report a bug: https://github.com/YunoHost-Apps/wallabag2_ynh/issues - * Report a bug: https://github.com/YunoHost-Apps/wallabag2_ynh/issues - * App website: https://www.wallabag.org/ - * Upstream app repository: https://github.com/wallabag/wallabag - * YunoHost website: https://yunohost.org/ +## Developer info ---- +Please send your pull request to the [testing branch](https://github.com/YunoHost-Apps/wallabag2_ynh/tree/testing). -## Developers and testers info - -Please do your pull request to the [testing branch](https://github.com/YunoHost-Apps/wallabag2_ynh/tree/testing). - -To try the testing branch, please proceed like that: +To try the testing branch, please proceed like that. ``` sudo yunohost app install https://github.com/YunoHost-Apps/wallabag2_ynh/tree/testing --debug or sudo yunohost app upgrade wallabag2 -u https://github.com/YunoHost-Apps/wallabag2_ynh/tree/testing --debug ``` -Please be aware that the testing branch *might* contains some bugs and is not recommended if you need a stable app. -Doing a normal upgrade of the package avec `sudo yunohost app upgrade wallabag2` (without any URL specified) will revert you app to the master branch. + +**More info regarding app packaging:** https://yunohost.org/packaging_apps \ No newline at end of file diff --git a/README_fr.md b/README_fr.md index 00b0cb0..2401661 100644 --- a/README_fr.md +++ b/README_fr.md @@ -1,36 +1,27 @@ # Wallabag pour YunoHost -[![Integration level](https://dash.yunohost.org/integration/wallabag2.svg)](https://dash.yunohost.org/appci/app/wallabag2) ![](https://ci-apps.yunohost.org/ci/badges/wallabag2.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/wallabag2.maintain.svg) -[![Install Wallabag with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=wallabag2) +[![Niveau d'intégration](https://dash.yunohost.org/integration/wallabag2.svg)](https://dash.yunohost.org/appci/app/wallabag2) ![](https://ci-apps.yunohost.org/ci/badges/wallabag2.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/wallabag2.maintain.svg) +[![Installer Wallabag avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=wallabag2) -*[Read this readme in english.](./README.md)* +*[Read this readme in english.](./README.md)* +*[Lire ce readme en français.](./README_fr.md)* -> *Ce package vous permet d'installer Wallabag rapidement et simplement sur un serveur YunoHost. +> *Ce package vous permet d'installer Wallabag rapidement et simplement sur un serveur YunoHost. Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.* ## Vue d'ensemble -[Wallabag](https://www.wallabag.org/) est une application de lecture différée : elle permet simplement d’archiver une page web en ne conservant que le contenu. Les éléments superflus (menus, publicités, etc.) sont supprimés. +Application de lecture-plus-tard auto-hébergeable -Sont disponibles une interface web, des add-ons pour navigateurs (Firefox / Chrome / Opera), des applications pour mobile (Android / iOS / Windows Phone) et même sur liseuse (PocketBook / Kobo). +**Version incluse :** 2.4.2~ynh3 -**Version incluse:** 2.4.2 +**Démo :** https://demo.yunohost.org/wallabag/ ## Captures d'écran -![](https://www.linuxbabe.com/wp-content/uploads/2016/10/wallabag-quick-start-page.png) +![](./doc/screenshots/wallabag-quick-start-page.png) -## Démo - -* [Démo YunoHost](https://demo.yunohost.org/wallabag/) -* [Démo video](https://player.vimeo.com/video/167435064) - -## Configuration - -## Documentation - - * Documentation officielle : https://doc.wallabag.org/fr/ - * Documentation YunoHost : https://yunohost.org/#/app_wallabag2 +## Avertissements / informations importantes ## Caractéristiques spécifiques YunoHost @@ -40,45 +31,38 @@ En plus des fonctionnalités principales de Wallabag, ce paquet propose égaleme * De permettre à un utilisateur d'être administrateur (réglage lors de l'installation) * Un import asynchrone utilisant Redis (à activer dans les *Paramètres Internes*). L'import via RabbitMQ n'est pas (encore ?) supporté. -#### Support multi-utilisateurs - -#### Supported architectures - -* x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/wallabag2%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/wallabag2/) -* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/wallabag2%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/wallabag2/) - ## Limitations * Supprimer un utilisateur YunoHost ne supprimera pas l'utilisateur Wallabag lié, il sera seulement désactivé. Vous devez le supprimer manuellement avant. Voir : https://github.com/YunoHost-Apps/wallabag2_ynh/issues/39 -## Informations additionnelles - -**NB: Depuis que @jeromelebleu ne maintient plus ce paquet, je (@lapineige) reprends la charge de ce dépôt. Mais j'ai un temps et une expérience limitées, donc n'hésitez pas à donner un coup de main :) !** +* La mise à niveau depuis le paquet YunoHost de [Wallabag v1](https://github.com/YunoHost-Apps/wallabag_ynh) demande une opération manuelle, c'est pourquoi un nouveau paquet est fournit. Pour le processus de migration, merci de vous référer à [la documentation officiel de Wallabag](https://doc.wallabag.org/fr/user/import/wallabagv1.html). -#### Mettre à niveau depuis la v1 +## Branche de test (*Testing*) +*Soyez concient que la branche testing* pourrait *contenir des bugs et n'est pas recommandée si vous recherchez la stabilité de votre application.* -La mise à niveau depuis le paquet YunoHost de [Wallabag v1](https://github.com/YunoHost-Apps/wallabag_ynh) demande une opération manuelle, c'est pourquoi un nouveau paquet est fournit. -Pour le processus de migration, merci de vous référer à [la documentation officiel de Wallabag](https://doc.wallabag.org/fr/user/import/wallabagv1.html). +Les personnes souhaitant (bêta) tester de nouvelles mises à jour (ex: une nouvelle version), listée dans la [section des Pull Requests](https://github.com/YunoHost-Apps/wallabag2_ynh/pulls), sont les bienvenues. Plus de tests nous permettrons de sortir des mises à jour plus vite 🙂. Pour tester la branche *testing*, utilisez `sudo yunohost app upgrade wallabag2 -u https://github.com/YunoHost-Apps/wallabag2_ynh/tree/testing`. -## Links +Attention : Une mise à jour classique avec l'interface d'administration ou avec `sudo yunohost app upgrade wallabag2` (sans préciser l'URL) fera retourner votre application au niveau de la branche master. *Ceci pourrait casser votre wallabag* si vous revenez à une version précédente (et si la nouvelle n'est pas rétrocompatible). - * Signaler un bug : https://github.com/YunoHost-Apps/wallabag2_ynh/issues - * Site de l'application : https://www.wallabag.org/ - * Dépôt de l'application principale : https://github.com/wallabag/wallabag - * Site web YunoHost : https://yunohost.org/ +## Documentations et ressources ---- +* Site officiel de l'app : https://www.wallabag.org +* Documentation officielle utilisateur : https://yunohost.org/#/app_wallabag2 +* Documentation officielle de l'admin : https://doc.wallabag.org/en/ +* Dépôt de code officiel de l'app : https://github.com/wallabag/wallabag +* Documentation YunoHost pour cette app : https://yunohost.org/app_wallabag2 +* Signaler un bug : https://github.com/YunoHost-Apps/wallabag2_ynh/issues ## Informations pour les développeurs Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/wallabag2_ynh/tree/testing). -Pour essayer la branche testing, procédez comme ceci : +Pour essayer la branche testing, procédez comme suit. ``` sudo yunohost app install https://github.com/YunoHost-Apps/wallabag2_ynh/tree/testing --debug ou sudo yunohost app upgrade wallabag2 -u https://github.com/YunoHost-Apps/wallabag2_ynh/tree/testing --debug ``` -Soyez concient que la branche testing *pourrait* contenir des bugs et n'est pas recommandée si vous recherchez la stabilité de votre application. -Une mise à jour classique avec `sudo yunohost app upgrade wallabag2` (sans préciser l'URL) fera retourner votre application au niveau de la branche master. + +**Plus d'infos sur le packaging d'applications :** https://yunohost.org/packaging_apps \ No newline at end of file diff --git a/check_process b/check_process index 692db47..f850dbc 100644 --- a/check_process +++ b/check_process @@ -1,8 +1,9 @@ ;; Complete test ; Manifest - domain="domain.tld" (DOMAIN) - path="/path" (PATH) - admin="john" (USER) + domain="domain.tld" + path="/path" + admin="john" + language="fr" ; Checks pkg_linter=1 setup_sub_dir=1 @@ -11,18 +12,14 @@ setup_private=0 setup_public=0 upgrade=1 - upgrade=1 from_commit=f75d58cb32c51a0981333ea88974dc3199324e65 + upgrade=1 from_commit=afdd82cbed98b66ff2bf31c30f86ea8f704154f7 backup_restore=1 multi_instance=1 - incorrect_path=1 - port_already_use=0 change_url=1 -;;; Levels - Level 5=auto ;;; Options Email= Notification=none ;;; Upgrade options - ; commit=f75d58cb32c51a0981333ea88974dc3199324e65 - name= Previous package version + ; commit=afdd82cbed98b66ff2bf31c30f86ea8f704154f7 + name= version 4.1.0 manifest_arg=domain=DOMAIN&path=PATH&admin=USER& diff --git a/conf/app.src b/conf/app.src index 41bda61..ceaa0db 100644 --- a/conf/app.src +++ b/conf/app.src @@ -1,4 +1,4 @@ -SOURCE_URL=https://static.wallabag.org/releases/wallabag-release-2.4.2.tar.gz +SOURCE_URL=https://github.com/wallabag/wallabag/releases/download/2.4.2/wallabag-2.4.2.tar.gz SOURCE_SUM=da56ec37ed3d78a4b4132e8a248ac4997442eefaad6f831805304a8c317569d8 SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz diff --git a/conf/nginx.conf b/conf/nginx.conf index dabfbf9..bf94072 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -22,7 +22,7 @@ location __PATH__/ { fastcgi_param SCRIPT_FILENAME $request_filename; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param REMOTE_USER $remote_user; - fastcgi_pass unix:/var/run/php5-fpm-__NAME__.sock; + fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock; fastcgi_intercept_errors on; } diff --git a/conf/parameters.yml.dist b/conf/parameters.yml.dist new file mode 100644 index 0000000..0ef1789 --- /dev/null +++ b/conf/parameters.yml.dist @@ -0,0 +1,74 @@ +# This file is a "template" of what your parameters.yml file should look like +parameters: + # Uncomment these settings or manually update your parameters.yml + # to use docker-compose + # + # database_driver: %env.database_driver% + # database_host: %env.database_host% + # database_port: %env.database_port% + # database_name: %env.database_name% + # database_user: %env.database_user% + # database_password: %env.database_password% + + database_driver: pdo_mysql + database_host: 127.0.0.1 + database_port: 3306 + database_name: __DB_NAME__ + database_user: __DB_NAME__ + database_password: __DB_PWD__ + # For SQLite, database_path should be "%kernel.project_dir%/data/db/wallabag.sqlite" + database_path: null + database_table_prefix: null + database_socket: null + # with PostgreSQL and SQLite, you must set "utf8" + database_charset: utf8mb4 + + domain_name: https://__DOMAIN____PATH__ + server_name: "Your wallabag instance" + + mailer_transport: smtp + mailer_user: ~ + mailer_password: ~ + mailer_host: 127.0.0.1 + mailer_port: false + mailer_encryption: ~ + mailer_auth_mode: ~ + + locale: __LANGUAGE__ + + # A secret key that's used to generate certain security-related tokens + secret: __DESKEY__ + + # two factor stuff + twofactor_auth: true + twofactor_sender: no-reply@wallabag.org + + # fosuser stuff + fosuser_registration: false + fosuser_confirmation: true + + # how long the access token should live in seconds for the API + fos_oauth_server_access_token_lifetime: 3600 + # how long the refresh token should life in seconds for the API + fos_oauth_server_refresh_token_lifetime: 1209600 + + from_email: no-reply@wallabag.org + + rss_limit: 50 + + # RabbitMQ processing + rabbitmq_host: localhost + rabbitmq_port: 5672 + rabbitmq_user: guest + rabbitmq_password: guest + rabbitmq_prefetch_count: 10 + + # Redis processing + redis_scheme: tcp + redis_host: 127.0.0.1 + redis_port: 6379 + redis_path: null + redis_password: null + + # sentry logging + sentry_dsn: ~ diff --git a/conf/php-fpm.conf b/conf/php-fpm.conf index 6505dc6..1e379e7 100644 --- a/conf/php-fpm.conf +++ b/conf/php-fpm.conf @@ -33,7 +33,7 @@ group = __USER__ ; (IPv6 and IPv4-mapped) on a specific port; ; '/path/to/unix/socket' - to listen on a unix socket. ; Note: This value is mandatory. -listen = /var/run/php/php7.0-fpm-__NAMETOCHANGE__.sock +listen = /var/run/php/php__PHPVERSION__-fpm-__NAMETOCHANGE__.sock ; Set listen(2) backlog. ; Default Value: 511 (-1 on FreeBSD and OpenBSD) @@ -419,16 +419,12 @@ chdir = __FINALPATH__ ;php_admin_value[memory_limit] = 32M ; Common values to change to increase file upload limit -; php_admin_value[upload_max_filesize] = 50M -; php_admin_value[post_max_size] = 50M +php_admin_value[upload_max_filesize] = 50M +php_admin_value[post_max_size] = 50M ; php_admin_flag[mail.add_x_header] = Off ; Other common parameters -; php_admin_value[max_execution_time] = 600 +php_admin_value[max_execution_time] = 3600 ; php_admin_value[max_input_time] = 300 ; php_admin_value[memory_limit] = 256M ; php_admin_flag[short_open_tag] = On - -php_admin_value[max_execution_time] = 3600 -php_admin_value[upload_max_filesize] = 50M -php_admin_value[post_max_size] = 50M diff --git a/doc/DISCLAIMER.md b/doc/DISCLAIMER.md new file mode 100644 index 0000000..610e5e2 --- /dev/null +++ b/doc/DISCLAIMER.md @@ -0,0 +1,19 @@ +## YunoHost specific features + +In addition to Wallabag core features, the following are made available with this package: + + * Integrate with YunoHost users and SSO - i.e. logout button + * Allow one user to be the administrator (set at the installation) + * Asynchronous import using *Redis* (need to be enabled in the *Internal Settings*). *RabbitMQ* import not supported (yet?). + +## Limitations + +* Removing a Yunohost's user won't delete the related wallabag user, but only desactivate it. You need to manualy remove it from wallabag before. See: https://github.com/YunoHost-Apps/wallabag2_ynh/issues/39 +* Upgrade from the YunoHost [Wallabag v1](https://github.com/YunoHost-Apps/wallabag_ynh) app requires a manual operation. That's why it's provided as a new package. For the migration process, please refer to the [Wallabag official documentation](https://doc.wallabag.org/en/user/import/wallabagv1.html). + +## (Beta) Testing branch +*Please be aware that the testing branch (or any PR branch)* might *contains some bugs and is not recommended if you need a stable app.* + +(Beta) Testers are welcome to try new upgrades (such as a new version), as listed in the [Pull Requests section](https://github.com/YunoHost-Apps/wallabag2_ynh/pulls). More testing will allow us to provide upgrades faster 🙂. In order to try the testing branch, use `sudo yunohost app upgrade wallabag2 -u https://github.com/YunoHost-Apps/wallabag2_ynh/tree/testing`. + +Warning : Doing a normal upgrade of the package with the web admin or `sudo yunohost app upgrade wallabag2` (without any URL specified) will revert you app to the master branch. *This may break you wallabag* if it goes to a previous version (if the newest is not retrocompatible). diff --git a/doc/DISCLAIMER_fr.md b/doc/DISCLAIMER_fr.md new file mode 100644 index 0000000..7fdb901 --- /dev/null +++ b/doc/DISCLAIMER_fr.md @@ -0,0 +1,21 @@ +## Caractéristiques spécifiques YunoHost + +En plus des fonctionnalités principales de Wallabag, ce paquet propose également : + + * Une intégration avec le système de gestion des utilisateurs et le SSO de YunoHost - e.g. un bouton de déconnexion + * De permettre à un utilisateur d'être administrateur (réglage lors de l'installation) + * Un import asynchrone utilisant Redis (à activer dans les *Paramètres Internes*). L'import via RabbitMQ n'est pas (encore ?) supporté. + +## Limitations + +* Supprimer un utilisateur YunoHost ne supprimera pas l'utilisateur Wallabag lié, il sera seulement désactivé. Vous devez le supprimer manuellement avant. Voir : https://github.com/YunoHost-Apps/wallabag2_ynh/issues/39 + +* La mise à niveau depuis le paquet YunoHost de [Wallabag v1](https://github.com/YunoHost-Apps/wallabag_ynh) demande une opération manuelle, c'est pourquoi un nouveau paquet est fournit. Pour le processus de migration, merci de vous référer à [la documentation officiel de Wallabag](https://doc.wallabag.org/fr/user/import/wallabagv1.html). + + +## Branche de test (*Testing*) +*Soyez concient que la branche testing* pourrait *contenir des bugs et n'est pas recommandée si vous recherchez la stabilité de votre application.* + +Les personnes souhaitant (bêta) tester de nouvelles mises à jour (ex: une nouvelle version), listée dans la [section des Pull Requests](https://github.com/YunoHost-Apps/wallabag2_ynh/pulls), sont les bienvenues. Plus de tests nous permettrons de sortir des mises à jour plus vite 🙂. Pour tester la branche *testing*, utilisez `sudo yunohost app upgrade wallabag2 -u https://github.com/YunoHost-Apps/wallabag2_ynh/tree/testing`. + +Attention : Une mise à jour classique avec l'interface d'administration ou avec `sudo yunohost app upgrade wallabag2` (sans préciser l'URL) fera retourner votre application au niveau de la branche master. *Ceci pourrait casser votre wallabag* si vous revenez à une version précédente (et si la nouvelle n'est pas rétrocompatible). diff --git a/doc/screenshots/wallabag-quick-start-page.png b/doc/screenshots/wallabag-quick-start-page.png new file mode 100644 index 0000000..d8c25f5 Binary files /dev/null and b/doc/screenshots/wallabag-quick-start-page.png differ diff --git a/manifest.json b/manifest.json index b41b677..53c46ef 100644 --- a/manifest.json +++ b/manifest.json @@ -3,23 +3,31 @@ "id": "wallabag2", "packaging_format": 1, "description": { - "en": "A self hostable read-it-later app", - "fr": "Une application de lecture-plus-tard auto-hébergeable" + "en": "Self hostable read-it-later app", + "fr": "Application de lecture-plus-tard auto-hébergeable" }, - "version": "2.4.2~ynh1", + "version": "2.4.2~ynh3", "url": "https://www.wallabag.org", + "upstream": { + "license": "MIT", + "website": "https://www.wallabag.org", + "demo": "https://demo.yunohost.org/wallabag/", + "admindoc": "https://doc.wallabag.org/en/", + "userdoc": "https://yunohost.org/#/app_wallabag2", + "code": "https://github.com/wallabag/wallabag" + }, "license": "MIT", "maintainer": { "name": "lapineige", "email": "" }, "requirements": { - "yunohost": ">= 4.1.0" + "yunohost": ">= 4.2.4" }, "multi_instance": true, "services": [ "nginx", - "php5-fpm", + "php7.3-fpm", "mysql" ], "arguments": { @@ -27,30 +35,28 @@ { "name": "domain", "type": "domain", - "ask": { - "en": "Choose a domain for Wallabag", - "fr": "Choisissez un domaine pour Wallabag" - }, - "example": "domain.org" + "example": "example.com" }, { "name": "path", "type": "path", - "ask": { - "en": "Choose a path for Wallabag", - "fr": "Choisissez un chemin pour Wallabag" - }, "example": "/wallabag", "default": "/wallabag" }, { "name": "admin", "type": "user", + "example": "johndoe" + }, + { + "name": "language", + "type": "string", "ask": { - "en": "Choose the Wallabag administrator", - "fr": "Choisissez l'administrateur de Wallabag" + "en": "Choose the application language", + "fr": "Choisissez la langue de l'application" }, - "example": "homer" + "choices": ["de", "en", "fr", "it", "pt"], + "default": "en" } ] } diff --git a/scripts/_common.sh b/scripts/_common.sh index f58d4bf..9ba6dbc 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -4,38 +4,21 @@ # COMMON VARIABLES #================================================= +YNH_PHP_VERSION="7.3" + # dependencies used by the app -pkg_dependencies="php$YNH_DEFAULT_PHP_VERSION-cli php$YNH_DEFAULT_PHP_VERSION-mysql php$YNH_DEFAULT_PHP_VERSION-json php$YNH_DEFAULT_PHP_VERSION-gd php$YNH_DEFAULT_PHP_VERSION-tidy php$YNH_DEFAULT_PHP_VERSION-curl php$YNH_DEFAULT_PHP_VERSION-gettext php$YNH_DEFAULT_PHP_VERSION-redis" +extra_php_dependencies="php${YNH_PHP_VERSION}-cli php${YNH_PHP_VERSION}-mysql php${YNH_PHP_VERSION}-json php${YNH_PHP_VERSION}-gd php${YNH_PHP_VERSION}-tidy php${YNH_PHP_VERSION}-curl php${YNH_PHP_VERSION}-gettext php${YNH_PHP_VERSION}-redis" + +pkg_dependencies="redis-server redis-tools" #================================================= # PERSONAL HELPERS #================================================= -function set_permissions { - # Set permissions to app files - chown -R $app:www-data $final_path - chmod -R g=u,g-w,o-rwx $final_path - - # Restrict rights to Wallabag user only - chmod 600 $wb_conf - if [ -e $final_path/var/cache/prod/appProdProjectContainer.php ]; then - chmod 700 $final_path/var/cache/prod/appProdProjectContainer.php - fi -} - #================================================= # EXPERIMENTAL HELPERS #================================================= -# Execute a command as another user -# usage: exec_as USER COMMAND [ARG ...] -ynh_exec_as() { - local USER=$1 - shift 1 - - if [[ $USER = $(whoami) ]]; then - eval "$@" - else - sudo -u "$USER" "$@" - fi -} +#================================================= +# FUTURE OFFICIAL HELPERS +#================================================= diff --git a/scripts/backup b/scripts/backup index f55f3f3..c1b9d28 100644 --- a/scripts/backup +++ b/scripts/backup @@ -19,13 +19,14 @@ ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading installation settings..." +ynh_print_info --message="Loading installation settings..." app=$YNH_APP_INSTANCE_NAME final_path=$(ynh_app_setting_get --app=$app --key=final_path) domain=$(ynh_app_setting_get --app=$app --key=domain) db_name=$(ynh_app_setting_get --app=$app --key=db_name) +phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= # STANDARD BACKUP STEPS @@ -36,37 +37,35 @@ db_name=$(ynh_app_setting_get --app=$app --key=db_name) # Clean cache files before backup (saved some disk space) ynh_secure_remove --file=$final_path/var/cache/prod -ynh_script_progression --message="Backing up the main app directory..." ynh_backup --src_path="$final_path" #================================================= # BACKUP NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Backing up nginx web server configuration..." ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= # BACKUP PHP-FPM CONFIGURATION #================================================= -ynh_script_progression --message="Backing up php-fpm configuration..." -ynh_backup --src_path="/etc/php/7.0/fpm/pool.d/$app.conf" +ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" #================================================= # BACKUP MYSQL DB #================================================= -ynh_script_progression --message="Backing up the MySQL database..." ynh_mysql_dump_db --database="$db_name" > db.sql #================================================= # BACKUP FAIL2BAN CONFIGURATION #================================================= + ynh_backup "/etc/fail2ban/jail.d/$app.conf" ynh_backup "/etc/fail2ban/filter.d/$app.conf" #================================================= # END OF SCRIPT #================================================= -ynh_script_progression --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." --last + +ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." diff --git a/scripts/change_url b/scripts/change_url index b49b957..f968cd2 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -8,7 +8,6 @@ source _common.sh source /usr/share/yunohost/helpers -ynh_abort_if_errors #================================================= # RETRIEVE ARGUMENTS @@ -32,6 +31,23 @@ db_user=$db_name db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) final_path=$(ynh_app_setting_get --app=$app --key=final_path) +#================================================= +# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP +#================================================= +ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=1 + +# Backup the current version of the app +ynh_backup_before_upgrade +ynh_clean_setup () { + # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location. + ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" + + # Restore it if the upgrade fails + ynh_restore_upgradebackup +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + #================================================= # CHECK WHICH PARTS SHOULD BE CHANGED #================================================= @@ -53,7 +69,7 @@ fi #================================================= # MODIFY URL IN NGINX CONF FILE #================================================= -ynh_script_progression --message="Updating nginx web server configuration..." --weight=2 +ynh_script_progression --message="Updating NGINX web server configuration..." --weight=2 nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf @@ -82,7 +98,7 @@ fi #================================================= # SPECIFIC MODIFICATIONS #================================================= -ynh_script_progression --message="Updating wallabag configuration..." +ynh_script_progression --message="Updating wallabag configuration..." --weight=3 # Change domain name in parameters.yml ynh_replace_string --match_string="domain_name: .*" --replace_string="domain_name: https://$new_domain$new_path" --target_file=$final_path/app/config/parameters.yml @@ -104,7 +120,7 @@ ynh_secure_remove --file=$final_path/var/cache #================================================= # RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading nginx web server..." +ynh_script_progression --message="Reloading NGINX web server..." --weight=1 ynh_systemd_action --service_name=nginx --action=reload diff --git a/scripts/install b/scripts/install index ab4ea3c..c30b392 100644 --- a/scripts/install +++ b/scripts/install @@ -27,6 +27,7 @@ app=$YNH_APP_INSTANCE_NAME domain=$YNH_APP_ARG_DOMAIN path_url=$YNH_APP_ARG_PATH admin=$YNH_APP_ARG_ADMIN +language=$YNH_APP_ARG_LANGUAGE #================================================= # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS @@ -46,13 +47,12 @@ ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url ynh_app_setting_set --app=$app --key=domain --value=$domain ynh_app_setting_set --app=$app --key=path --value=$path_url ynh_app_setting_set --app=$app --key=admin --value=$admin +ynh_app_setting_set --app=$app --key=language --value=$language -#================================================= -# STANDARD MODIFICATIONS #================================================= # INSTALL DEPENDENCIES #================================================= -ynh_script_progression --message="Installing dependencies..." --weight=12 +ynh_script_progression --message="Installing dependencies..." --weight=1 ynh_install_app_dependencies $pkg_dependencies @@ -66,6 +66,14 @@ db_user=$db_name ynh_app_setting_set --app=$app --key=db_name --value=$db_name ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Configuring system user..." --weight=2 + +# Create a system user +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -78,48 +86,32 @@ ynh_setup_source --dest_dir="$final_path" #================================================= # NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Configuring nginx web server..." --weight=2 +ynh_script_progression --message="Configuring NGINX web server..." --weight=2 -# Create a dedicated nginx config +# Create a dedicated NGINX config ynh_add_nginx_config -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." --weight=2 - -# Create a system user -ynh_system_user_create --username=$app - #================================================= # PHP-FPM CONFIGURATION #================================================= -ynh_script_progression --message="Configuring php-fpm..." --weight=2 +ynh_script_progression --message="Configuring PHP-FPM..." --weight=2 # Create a dedicated php-fpm config -ynh_add_fpm_config +ynh_add_fpm_config --package="$extra_php_dependencies" +phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= # SPECIFIC SETUP #================================================= # CONFIGURE WALLABAG #================================================= -ynh_script_progression --message="Configuring wallabag..." --weight=35 +ynh_script_progression --message="Configuring Wallabag..." --weight=35 -# Copy and set Wallabag dist configuration -wb_conf=$final_path/app/config/parameters.yml -cp $final_path/app/config/parameters.yml.dist $wb_conf - -ynh_replace_string --match_string="fosuser_registration: true" --replace_string="fosuser_registration: false" --target_file=$wb_conf -ynh_replace_string --match_string="database_name: wallabag" --replace_string="database_name: $db_name" --target_file=$wb_conf -ynh_replace_string --match_string="database_user: root" --replace_string="database_user: $db_user" --target_file=$wb_conf -ynh_replace_string --match_string="database_password: ~" --replace_string="database_password: $db_pwd" --target_file=$wb_conf -ynh_replace_string --match_string="database_table_prefix: wallabag_" --replace_string="database_table_prefix: null" --target_file=$wb_conf # Generate random DES key & password deskey=$(ynh_string_random --length=24) ynh_app_setting_set --app=$app --key=deskey --value=$deskey -ynh_replace_string --match_string="secret: ovmpmAWXRCabNlMgzlzFXDYmCFfzGv" --replace_string="secret: $deskey" --target_file=$wb_conf -ynh_replace_string --match_string="domain_name: https://your-wallabag-url-instance.com" --replace_string="domain_name: https://$domain$path_url" --target_file=$wb_conf + +ynh_add_config --template="../conf/parameters.yml.dist" --destination="$final_path/app/config/parameters.yml" # Alias for php-cli execution command php_exec="ynh_exec_as $app php "$final_path/bin/console" --no-interaction --env=prod" @@ -141,15 +133,21 @@ done # Set admin user $php_exec fos:user:promote --super "$admin" +#================================================= +# CONFIGURE LOG +#================================================= + +# Create the log file is not already existing during install +mkdir -p "$final_path/var/logs/" +touch "$final_path/var/logs/prod.log" +chown $app: "$final_path/var/logs/prod.log" + #================================================= # CONFIGURE FAIL2BAN #================================================= -# Create the log file is not already existing during install -mkdir -p "/var/www/$app/var/logs/" -touch "/var/www/$app/var/logs/prod.log" -chown $app: "/var/www/$app/var/logs/prod.log" + # Add fail2ban config -ynh_add_fail2ban_config --logpath="/var/www/$app/var/logs/prod.log" --failregex='app.ERROR: Authentication failure for user "([\w]+)?", from IP ""' --max_retry=5 +ynh_add_fail2ban_config --logpath="$final_path/var/logs/prod.log" --failregex='app.ERROR: Authentication failure for user "([\w]+)?", from IP ""' --max_retry=5 #================================================= # GENERIC FINALIZATION @@ -157,7 +155,15 @@ ynh_add_fail2ban_config --logpath="/var/www/$app/var/logs/prod.log" --failregex= # SECURE FILES AND DIRECTORIES #================================================= -set_permissions +# Set permissions to app files +chown -R $app:www-data $final_path +chmod -R g=u,g-w,o-rwx $final_path + +# Restrict rights to Wallabag user only +chmod 600 $final_path/app/config/parameters.yml +if [ -e $final_path/var/cache/prod/appProdProjectContainer.php ]; then + chmod 700 $final_path/var/cache/prod/appProdProjectContainer.php +fi #================================================= # SETUP HOOKS @@ -166,16 +172,10 @@ set_permissions ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="../hooks/post_user_create" ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="../hooks/post_user_delete" -#================================================= -# SETUP SSOWAT -#================================================= -ynh_script_progression --message="Configuring SSOwat..." -ynh_permission_update --permission="main" --add="visitors" - #================================================= # RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading nginx web server..." +ynh_script_progression --message="Reloading NGINX web server..." --weight=1 ynh_systemd_action --service_name=nginx --action=reload diff --git a/scripts/remove b/scripts/remove index 70f90cf..5ff1af7 100644 --- a/scripts/remove +++ b/scripts/remove @@ -12,7 +12,7 @@ source /usr/share/yunohost/helpers #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading installation settings..." +ynh_script_progression --message="Loading installation settings..." --weight=1 app=$YNH_APP_INSTANCE_NAME @@ -34,7 +34,7 @@ ynh_mysql_remove_db --db_user=$db_user --db_name=$db_name #================================================= # REMOVE DEPENDENCIES #================================================= -ynh_script_progression --message="Removing dependencies" --weight=9 +ynh_script_progression --message="Removing dependencies..." --weight=1 # Remove metapackage and its dependencies ynh_remove_app_dependencies @@ -50,7 +50,7 @@ ynh_secure_remove --file="$final_path" #================================================= # REMOVE NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Removing nginx web server configuration" +ynh_script_progression --message="Removing NGINX web server configuration" --weight=1 # Remove the dedicated nginx config ynh_remove_nginx_config @@ -58,7 +58,7 @@ ynh_remove_nginx_config #================================================= # REMOVE PHP-FPM CONFIGURATION #================================================= -ynh_script_progression --message="Removing php-fpm configuration" +ynh_script_progression --message="Removing PHP-FPM configuration" --weight=3 # Remove the dedicated php-fpm config ynh_remove_fpm_config @@ -66,6 +66,8 @@ ynh_remove_fpm_config #================================================= # REMOVE FAIL2BAN CONFIGURATION #================================================= +ynh_script_progression --message="Removing Fail2ban configuration..." --weight=1 + ynh_remove_fail2ban_config #================================================= @@ -73,7 +75,7 @@ ynh_remove_fail2ban_config #================================================= # REMOVE DEDICATED USER #================================================= -ynh_script_progression --message="Removing the dedicated system user" +ynh_script_progression --message="Removing the dedicated system user" --weight=1 # Delete a system user ynh_system_user_delete --username=$app diff --git a/scripts/restore b/scripts/restore index 1654db7..b0845a9 100644 --- a/scripts/restore +++ b/scripts/restore @@ -26,13 +26,15 @@ app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app=$app --key=domain) path_url=$(ynh_app_setting_get --app=$app --key=path) final_path=$(ynh_app_setting_get --app=$app --key=final_path) +phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) db_name=$(ynh_app_setting_get --app=$app --key=db_name) db_user=$db_name +phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= # CHECK IF THE APP CAN BE RESTORED #================================================= -ynh_script_progression --message="Validating restoration parameters..." +ynh_script_progression --message="Validating restoration parameters..." --weight=1 ynh_webpath_available --domain=$domain --path_url=$path_url \ || ynh_die --message="Path not available: ${domain}${path_url}" @@ -47,53 +49,61 @@ test ! -d $final_path \ ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" -#================================================= -# RESTORE THE APP MAIN DIR -#================================================= -ynh_script_progression --message="Restoring the app main directory..." - -ynh_restore_file --origin_path="$final_path" - #================================================= # RECREATE THE DEDICATED USER #================================================= ynh_script_progression --message="Recreating the dedicated system user..." --weight=2 # Create the dedicated user (if not existing) -ynh_system_user_create --username=$app +ynh_system_user_create --username=$app --home_dir="$final_path" + +#================================================= +# RESTORE THE APP MAIN DIR +#================================================= +ynh_script_progression --message="Restoring the app main directory..." --weight=2 + +ynh_restore_file --origin_path="$final_path" #================================================= # RESTORE USER RIGHTS #================================================= -wb_conf=$final_path/app/config/parameters.yml +# Set permissions to app files +chown -R $app:www-data $final_path +chmod -R g=u,g-w,o-rwx $final_path -set_permissions +# Restrict rights to Wallabag user only +chmod 600 $final_path/app/config/parameters.yml +if [ -e $final_path/var/cache/prod/appProdProjectContainer.php ]; then + chmod 700 $final_path/var/cache/prod/appProdProjectContainer.php +fi #================================================= # RESTORE THE PHP-FPM CONFIGURATION #================================================= +ynh_script_progression --message="Restoring the PHP-FPM configuration..." --weight=1 -ynh_restore_file --origin_path="/etc/php/7.0/fpm/pool.d/$app.conf" +ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" -#================================================= -# SPECIFIC RESTORATION -#================================================= -# REINSTALL DEPENDENCIES -#================================================= -ynh_script_progression --message="Reinstalling dependencies..." --weight=15 - -# Define and install dependencies -ynh_install_app_dependencies $pkg_dependencies +ynh_add_fpm_config --package="$extra_php_dependencies" #================================================= # RESTORE FAIL2BAN CONFIGURATION #================================================= + ynh_restore_file "/etc/fail2ban/jail.d/$app.conf" ynh_restore_file "/etc/fail2ban/filter.d/$app.conf" ynh_systemd_action --action=reload --service_name=fail2ban # Reload instead of restart for better performance +#================================================= +# REINSTALL DEPENDENCIES +#================================================= +ynh_script_progression --message="Reinstalling dependencies..." --weight=1 + +# Define and install dependencies +ynh_install_app_dependencies $pkg_dependencies + #================================================= # RESTORE THE MYSQL DATABASE #================================================= @@ -108,9 +118,9 @@ ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./ #================================================= # RELOAD NGINX AND PHP-FPM #================================================= -ynh_script_progression --message="Reloading nginx web server and php-fpm..." +ynh_script_progression --message="Reloading NGINX web server and PHP-FPM..." --weight=3 -ynh_systemd_action --service_name=php7.0-fpm --action=reload +ynh_systemd_action --service_name=php$phpversion-fpm --action=reload ynh_systemd_action --service_name=nginx --action=reload #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 779a2dc..881aece 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -24,6 +24,7 @@ db_name=$(ynh_app_setting_get --app=$app --key=db_name) db_user=$db_name db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) deskey=$(ynh_app_setting_get --app=$app --key=deskey) +language=$(ynh_app_setting_get --app=$app --key=language) #================================================= # CHECK VERSION @@ -31,10 +32,24 @@ deskey=$(ynh_app_setting_get --app=$app --key=deskey) upgrade_type=$(ynh_check_app_version_changed) +#================================================= +# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +#================================================= +ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=5 + +# Backup the current version of the app +ynh_backup_before_upgrade +ynh_clean_setup () { + # restore it if the upgrade fails + ynh_restore_upgradebackup +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= -ynh_script_progression --message="Ensuring downward compatibility..." +ynh_script_progression --message="Ensuring downward compatibility..." --weight=2 # If db_name doesn't exist, create it if [ -z "$db_name" ]; then @@ -54,23 +69,20 @@ if [ -z "$path_url" ]; then ynh_app_setting_set --app=$app --key=path --value=$path_url fi -#================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP -#================================================= -ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=30 +# If language doesn't exist, create it +if [ -z "$language" ]; then + language="en" + ynh_app_setting_set --app=$app --key=language --value=$language +fi -# Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { - # restore it if the upgrade fails - ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors +# Create the log file is not already existing +if [ ! -f "$final_path/var/logs/prod.log" ] +then + mkdir -p "$final_path/var/logs/" + touch "$final_path/var/logs/prod.log" + chown $app: "$final_path/var/logs/prod.log" +fi -#================================================= -# Migrate legacy permissions to new system -#================================================= if ynh_legacy_permissions_exists then ynh_legacy_permissions_delete_all @@ -79,10 +91,12 @@ then fi #================================================= -# CHECK THE PATH +# CREATE DEDICATED USER #================================================= +ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 -path_url=$(ynh_normalize_url_path --path_url=$path_url) +# Create a dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= # STANDARD UPGRADE STEPS @@ -95,7 +109,7 @@ then ynh_script_progression --message="Upgrading source files..." --weight=6 # Download, check integrity, uncompress and patch the source from app.src - ynh_setup_source --dest_dir="$final_path" + ynh_setup_source --dest_dir="$final_path" #--keep="$final_path/app/config/parameters.yml" # Clear cache ynh_secure_remove --file="$final_path/var/cache" @@ -105,7 +119,7 @@ fi #================================================= # NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Upgrading nginx web server configuration..." +ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=3 # Create a dedicated nginx config ynh_add_nginx_config @@ -113,35 +127,22 @@ ynh_add_nginx_config #================================================= # UPGRADE DEPENDENCIES #================================================= -ynh_script_progression --message="Upgrading dependencies..." --weight=7 +ynh_script_progression --message="Upgrading dependencies..." --weight=1 ynh_install_app_dependencies $pkg_dependencies -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Making sure dedicated system user exists..." - -# Create a dedicated user (if not existing) -ynh_system_user_create --username=$app - #================================================= # PHP-FPM CONFIGURATION #================================================= -ynh_script_progression --message="Upgrading php-fpm configuration..." +ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=1 # Create a dedicated php-fpm config -ynh_add_fpm_config +ynh_add_fpm_config --package="$extra_php_dependencies" + +#================================================= +# CONFIGURE FAIL2BAN +#================================================= -# Set-up fail2ban -# Create the log file is not already existing -if [ ! -f "$final_path/var/logs/prod.log" ] -then - mkdir -p "$final_path/var/logs/" - touch "$final_path/var/logs/prod.log" - chown $app: "$final_path/var/logs/prod.log" -fi -# Add fail2ban config ynh_add_fail2ban_config --logpath="$final_path/var/logs/prod.log" --failregex='app.ERROR: Authentication failure for user "([\w]+)?", from IP ""' --max_retry=5 # same as install config #================================================= @@ -150,22 +151,11 @@ ynh_add_fail2ban_config --logpath="$final_path/var/logs/prod.log" --failregex='a # CONFIGURE WALLABAG #================================================= -wb_conf=$final_path/app/config/parameters.yml - if [ "$upgrade_type" == "UPGRADE_APP" ] then ynh_script_progression --message="Reconfiguring wallabag..." --weight=11 - # Copy and set Wallabag dist configuration - cp $final_path/app/config/parameters.yml.dist $wb_conf - - ynh_replace_string --match_string="fosuser_registration: true" --replace_string="fosuser_registration: false" --target_file=$wb_conf - ynh_replace_string --match_string="database_name: wallabag" --replace_string="database_name: $db_name" --target_file=$wb_conf - ynh_replace_string --match_string="database_user: root" --replace_string="database_user: $db_user" --target_file=$wb_conf - ynh_replace_string --match_string="database_password: ~" --replace_string="database_password: $db_pwd" --target_file=$wb_conf - ynh_replace_string --match_string="database_table_prefix: wallabag_" --replace_string="database_table_prefix: null" --target_file=$wb_conf - ynh_replace_string --match_string="secret: ovmpmAWXRCabNlMgzlzFXDYmCFfzGv" --replace_string="secret: $deskey" --target_file=$wb_conf - ynh_replace_string --match_string="domain_name: https://your-wallabag-url-instance.com" --replace_string="domain_name: https://$domain$path_url" --target_file=$wb_conf + ynh_add_config --template="../conf/parameters.yml.dist" --destination="$final_path/app/config/parameters.yml" #================================================= # UPGRADE WALLABAG @@ -197,7 +187,15 @@ fi # SECURE FILES AND DIRECTORIES #================================================= -set_permissions +# Set permissions to app files +chown -R $app:www-data $final_path +chmod -R g=u,g-w,o-rwx $final_path + +# Restrict rights to Wallabag user only +chmod 600 $final_path/app/config/parameters.yml +if [ -e $final_path/var/cache/prod/appProdProjectContainer.php ]; then + chmod 700 $final_path/var/cache/prod/appProdProjectContainer.php +fi #================================================= # SETUP HOOKS @@ -206,17 +204,10 @@ set_permissions ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="../hooks/post_user_create" ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="../hooks/post_user_delete" -#================================================= -# SETUP SSOWAT -#================================================= -ynh_script_progression --message="Upgrading SSOwat configuration..." - -ynh_app_setting_set "$app" unprotected_uris "/" - #================================================= # RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading nginx web server..." +ynh_script_progression --message="Reloading NGINX web server..." --weight=1 ynh_systemd_action --service_name=nginx --action=reload