#!/bin/bash #================================================= # GENERIC STARTING #================================================= # IMPORT GENERIC HELPERS #================================================= source _common.sh source /usr/share/yunohost/helpers #================================================= # MANAGE SCRIPT FAILURE #================================================= # Exit if an error occurs during the execution of the script ynh_abort_if_errors #================================================= # RETRIEVE ARGUMENTS FROM THE MANIFEST #================================================= # Retrieve app id app=$YNH_APP_INSTANCE_NAME # Retrieve arguments domain=$YNH_APP_ARG_DOMAIN path_url=$YNH_APP_ARG_PATH admin=$YNH_APP_ARG_ADMIN language=$YNH_APP_ARG_LANGUAGE #================================================= # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS #================================================= ynh_script_progression --message="Validating installation parameters..." --weight=2 final_path=/var/www/$app test ! -e "$final_path" || ynh_die "This path already contains a folder" # Register (book) web path ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url #================================================= # STORE SETTINGS FROM MANIFEST #================================================= ynh_app_setting_set --app=$app --key=domain --value=$domain ynh_app_setting_set --app=$app --key=path --value=$path_url ynh_app_setting_set --app=$app --key=admin --value=$admin ynh_app_setting_set --app=$app --key=language --value=$language #================================================= # INSTALL DEPENDENCIES #================================================= ynh_script_progression --message="Installing dependencies..." --weight=1 ynh_install_app_dependencies $pkg_dependencies #================================================= # CREATE A MYSQL DATABASE #================================================= ynh_script_progression --message="Creating a MySQL database..." db_name=$(ynh_sanitize_dbid $app) db_user=$db_name ynh_app_setting_set --app=$app --key=db_name --value=$db_name ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name #================================================= # CREATE DEDICATED USER #================================================= ynh_script_progression --message="Configuring system user..." --weight=2 # Create a system user ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= ynh_script_progression --message="Setting up source files..." --weight=6 ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" #================================================= # NGINX CONFIGURATION #================================================= ynh_script_progression --message="Configuring NGINX web server..." --weight=2 # Create a dedicated NGINX config ynh_add_nginx_config #================================================= # PHP-FPM CONFIGURATION #================================================= ynh_script_progression --message="Configuring PHP-FPM..." --weight=2 # Create a dedicated php-fpm config ynh_add_fpm_config --package="$extra_php_dependencies" phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= # SPECIFIC SETUP #================================================= # CONFIGURE WALLABAG #================================================= ynh_script_progression --message="Configuring Wallabag..." --weight=35 # Generate random DES key & password deskey=$(ynh_string_random --length=24) ynh_app_setting_set --app=$app --key=deskey --value=$deskey ynh_add_config --template="../conf/parameters.yml.dist" --destination="$final_path/app/config/parameters.yml" # Alias for php-cli execution command php_exec="ynh_exec_as $app php "$final_path/bin/console" --no-interaction --env=prod" # Set permissions to app files chown -R $app: $final_path # Install dependencies and Wallabag $php_exec wallabag:install # Add users to Wallabag for username in $(ynh_user_list) do user_email=$(ynh_user_get_info --username="$username" --key=mail) user_pass=$(ynh_string_random) $php_exec fos:user:create "$username" "$user_email" "$user_pass" done # Set admin user $php_exec fos:user:promote --super "$admin" # Configure Wallabag instance URL ynh_mysql_connect_as --user=$db_user --password="$db_pwd" --database=$db_name <<< "UPDATE craue_config_setting SET value = 'https://$domain$path_url' WHERE name = 'wallabag_url'" #================================================= # CONFIGURE LOG #================================================= # Create the log file is not already existing during install mkdir -p "$final_path/var/logs/" touch "$final_path/var/logs/prod.log" chown $app: "$final_path/var/logs/prod.log" #================================================= # CONFIGURE FAIL2BAN #================================================= # Add fail2ban config ynh_add_fail2ban_config --logpath="$final_path/var/logs/prod.log" --failregex='app.ERROR: Authentication failure for user "([\w]+)?", from IP ""' --max_retry=5 #================================================= # GENERIC FINALIZATION #================================================= # SECURE FILES AND DIRECTORIES #================================================= # Set permissions to app files chown -R $app:www-data $final_path chmod -R g=u,g-w,o-rwx $final_path # Restrict rights to Wallabag user only chmod 600 $final_path/app/config/parameters.yml if [ -e $final_path/var/cache/prod/appProdProjectContainer.php ]; then chmod 700 $final_path/var/cache/prod/appProdProjectContainer.php fi #================================================= # SETUP HOOKS #================================================= ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="../hooks/post_user_create" ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="../hooks/post_user_delete" #================================================= # RELOAD NGINX #================================================= ynh_script_progression --message="Reloading NGINX web server..." --weight=1 ynh_systemd_action --service_name=nginx --action=reload #================================================= # END OF SCRIPT #================================================= ynh_script_progression --message="Installation of $app completed" --last