mirror of
https://github.com/YunoHost-Apps/wallabag2_ynh.git
synced 2024-10-01 13:35:06 +02:00
7f96f52076
Previously this sensitive file (database credentials, ...) was readable by anyone (rights value was 644)
149 lines
4.6 KiB
Bash
149 lines
4.6 KiB
Bash
#!/bin/bash
|
|
|
|
#=================================================
|
|
# GENERIC STARTING
|
|
#=================================================
|
|
# IMPORT GENERIC HELPERS
|
|
#=================================================
|
|
|
|
source _common.sh
|
|
source /usr/share/yunohost/helpers
|
|
|
|
#=================================================
|
|
# MANAGE SCRIPT FAILURE
|
|
#=================================================
|
|
|
|
ynh_abort_if_errors # Stop script if an error is detected
|
|
|
|
#=================================================
|
|
# RETRIEVE ARGUMENTS FROM THE MANIFEST
|
|
#=================================================
|
|
|
|
# Retrieve app id
|
|
app=$YNH_APP_INSTANCE_NAME
|
|
|
|
# Retrieve arguments
|
|
domain=$YNH_APP_ARG_DOMAIN
|
|
path_url=$YNH_APP_ARG_PATH
|
|
admin=$YNH_APP_ARG_ADMIN
|
|
|
|
#=================================================
|
|
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
|
|
#=================================================
|
|
|
|
path_url=$(ynh_normalize_url_path $path_url) # Check and normalize path
|
|
CHECK_DOMAINPATH # Check domain and path availability
|
|
CHECK_FINALPATH # Check if destination directory is not already in use
|
|
|
|
#=================================================
|
|
# STORE SETTINGS FROM MANIFEST
|
|
#=================================================
|
|
|
|
ynh_app_setting_set $app domain "$domain"
|
|
ynh_app_setting_set $app path_url "$path_url"
|
|
ynh_app_setting_set $app admin "$admin"
|
|
|
|
#=================================================
|
|
# STANDARD MODIFICATIONS
|
|
#=================================================
|
|
# INSTALL DEPENDENCIES
|
|
#=================================================
|
|
|
|
ynh_install_app_dependencies "$PKG_DEPENDENCIES"
|
|
|
|
#=================================================
|
|
# CREATE A MYSQL DB
|
|
#=================================================
|
|
|
|
db_name=$(ynh_sanitize_dbid $app)
|
|
db_user="$db_name"
|
|
|
|
# Generate random DES key & password
|
|
deskey=$(ynh_string_random 24)
|
|
ynh_app_setting_set "$app" deskey "$deskey"
|
|
ynh_app_setting_set "$app" db_name "$db_name"
|
|
|
|
# Initialize database
|
|
ynh_mysql_setup_db "$db_user" "$db_name"
|
|
#=================================================
|
|
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
|
#=================================================
|
|
|
|
ynh_app_setting_set $app final_path "$final_path"
|
|
# Create tmp directory and fetch app inside
|
|
TMPDIR=$(mktemp -d)
|
|
ynh_setup_source "$TMPDIR"
|
|
|
|
#=================================================
|
|
# CREATE DEDICATED USER
|
|
#=================================================
|
|
|
|
ynh_system_user_create $app # Create a dedicated system user
|
|
|
|
#=================================================
|
|
# SPECIFIC SETUP
|
|
#=================================================
|
|
|
|
# Copy and set Wallabag dist configuration
|
|
wb_conf="${TMPDIR}/app/config/parameters.yml"
|
|
cp ../conf/parameters.yml "$wb_conf"
|
|
ynh_replace_string "{DBNAME}" "${db_name}" "$wb_conf"
|
|
ynh_replace_string "{DBUSER}" "${db_user}" "$wb_conf"
|
|
ynh_replace_string "{DBPASS}" "${db_pwd}" "$wb_conf"
|
|
ynh_replace_string "{DESKEY}" "${deskey}" "$wb_conf"
|
|
# Restrict rights to Wallabag user only
|
|
chmod 600 ../conf/parameters.yml
|
|
|
|
# Install files and set permissions
|
|
sudo mv "$TMPDIR" "$final_path"
|
|
|
|
# Set rights on directory
|
|
sudo chown -R $app: $final_path
|
|
sudo chmod 755 $final_path
|
|
|
|
# Install dependencies and Wallabag
|
|
exec_console $app "$final_path" wallabag:install
|
|
|
|
# Add users to Wallabag
|
|
for username in $(ynh_user_list); do
|
|
user_email=$(sudo yunohost user info "$username" --output-as plain \
|
|
| ynh_get_plain_key mail)
|
|
user_pass=$(ynh_string_random)
|
|
exec_console $app "$final_path" fos:user:create \
|
|
"$username" "$user_email" "$user_pass"
|
|
done
|
|
|
|
# Set admin user
|
|
exec_console $app "$final_path" fos:user:promote --super "$admin"
|
|
|
|
# Configure Wallabag instance URL
|
|
ynh_mysql_connect_as "$db_name" "$db_pwd" "$db_user" <<< "UPDATE craue_config_setting SET value = 'https://$domain$path_url' WHERE name = 'wallabag_url'"
|
|
|
|
#=================================================
|
|
# NGINX CONFIGURATION
|
|
#=================================================
|
|
|
|
ynh_add_nginx_config
|
|
if [ "$path_url" = "/" ]
|
|
then
|
|
# Remove prefix on #noroot lines
|
|
sudo sed --in-place '/#noroot*/d' /etc/nginx/conf.d/$domain.d/$app.conf
|
|
# Replace "//" location (due to nginx template)
|
|
ynh_replace_string " // " " / " /etc/nginx/conf.d/$domain.d/$app.conf
|
|
else
|
|
# Remove #noroot lines
|
|
ynh_replace_string "#noroot" "" /etc/nginx/conf.d/$domain.d/$app.conf
|
|
fi
|
|
ynh_store_file_checksum "/etc/nginx/conf.d/$domain.d/$app.conf"
|
|
|
|
# Copy and set php-fpm configuration
|
|
ynh_add_fpm_config
|
|
|
|
# Set SSOwat rules
|
|
ynh_app_setting_set "$app" unprotected_uris "/"
|
|
|
|
#=================================================
|
|
# RELOAD NGINX
|
|
#=================================================
|
|
sudo systemctl restart php5-fpm
|
|
sudo systemctl reload nginx
|