YunoHost-Apps/wordpress_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/wordpress_ynh.git synced 2024-09-03 20:36:10 +02:00
Code Issues Activity Actions

Merge e050e10f93 into 45d7371ac2

Browse source
This commit is contained in:
YunoHost Bot 2024-08-31 13:32:59 +02:00 committed by GitHub
commit 3b4a6a6861
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
11 changed files with 240 additions and 290 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
conf/extra_php-fpm.conf
View file

@ -1,7 +1,4 @@
; Additional php.ini defines, specific to this pool of workers.
php_admin_value[upload_max_filesize] = 50M
php_admin_value[memory_limit] = 64M
php_admin_value[post_max_size] = 50M
php_admin_value[upload_tmp_dir] = __INSTALL_DIR__/wp-content/temp/

2
conf/nginx.conf
View file

@ -19,7 +19,7 @@ location __PATH__/ {
client_max_body_size 50m;
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock;
fastcgi_pass unix:/var/run/php/php__PHP_VERSION__-fpm-__APP__.sock;
fastcgi_index index.php;
include fastcgi_params;

192
conf/wp-config.php
View file

@ -1,96 +1,96 @@
<?php
/**
* The base configuration for WordPress
*
* The wp-config.php creation script uses this file during the installation.
* You don't have to use the web site, you can copy this file to "wp-config.php"
* and fill in the values.
*
* This file contains the following configurations:
*
* * Database settings
* * Secret keys
* * Database table prefix
* * ABSPATH
*
* @link https://wordpress.org/support/article/editing-wp-config-php/
*
* @package WordPress
*/
// ** Database settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define( 'DB_NAME', '__DB_NAME__' );
/** Database username */
define( 'DB_USER', '__DB_USER__' );
/** Database password */
define( 'DB_PASSWORD', '__DB_PWD__' );
/** Database hostname */
define( 'DB_HOST', 'localhost' );
/** Database charset to use in creating database tables. */
define( 'DB_CHARSET', 'utf8' );
/** The database collate type. Don't change this if in doubt. */
define( 'DB_COLLATE', '' );
/**#@+
* Authentication unique keys and salts.
*
* Change these to different unique phrases! You can generate these using
* the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}.
*
* You can change these at any point in time to invalidate all existing cookies.
* This will force all users to have to log in again.
*
* @since 2.6.0
*/
define( 'AUTH_KEY', 'KEY1' );
define( 'SECURE_AUTH_KEY', 'KEY2' );
define( 'LOGGED_IN_KEY', 'KEY3' );
define( 'NONCE_KEY', 'KEY4' );
define( 'AUTH_SALT', 'KEY5' );
define( 'SECURE_AUTH_SALT', 'KEY6' );
define( 'LOGGED_IN_SALT', 'KEY7' );
define( 'NONCE_SALT', 'KEY8' );
/**#@-*/
/**
* WordPress database table prefix.
*
* You can have multiple installations in one database if you give each
* a unique prefix. Only numbers, letters, and underscores please!
*/
$table_prefix = 'wp_';
/**
* For developers: WordPress debugging mode.
*
* Change this to true to enable the display of notices during development.
* It is strongly recommended that plugin and theme developers use WP_DEBUG
* in their development environments.
*
* For information on other constants that can be used for debugging,
* visit the documentation.
*
* @link https://wordpress.org/support/article/debugging-in-wordpress/
*/
define( 'WP_DEBUG', false );
/* Add any custom values between this line and the "stop editing" line. */
/* That's all, stop editing! Happy publishing. */
/** Absolute path to the WordPress directory. */
if ( ! defined( 'ABSPATH' ) ) {
define( 'ABSPATH', __DIR__ . '/' );
}
/** Sets up WordPress vars and included files. */
require_once ABSPATH . 'wp-settings.php';
<?php
/**
* The base configuration for WordPress
*
* The wp-config.php creation script uses this file during the installation.
* You don't have to use the web site, you can copy this file to "wp-config.php"
* and fill in the values.
*
* This file contains the following configurations:
*
* * Database settings
* * Secret keys
* * Database table prefix
* * ABSPATH
*
* @link https://wordpress.org/support/article/editing-wp-config-php/
*
* @package WordPress
*/
// ** Database settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define( 'DB_NAME', '__DB_NAME__' );
/** Database username */
define( 'DB_USER', '__DB_USER__' );
/** Database password */
define( 'DB_PASSWORD', '__DB_PWD__' );
/** Database hostname */
define( 'DB_HOST', 'localhost' );
/** Database charset to use in creating database tables. */
define( 'DB_CHARSET', 'utf8' );
/** The database collate type. Don't change this if in doubt. */
define( 'DB_COLLATE', '' );
/**#@+
* Authentication unique keys and salts.
*
* Change these to different unique phrases! You can generate these using
* the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}.
*
* You can change these at any point in time to invalidate all existing cookies.
* This will force all users to have to log in again.
*
* @since 2.6.0
*/
define( 'AUTH_KEY', 'KEY1' );
define( 'SECURE_AUTH_KEY', 'KEY2' );
define( 'LOGGED_IN_KEY', 'KEY3' );
define( 'NONCE_KEY', 'KEY4' );
define( 'AUTH_SALT', 'KEY5' );
define( 'SECURE_AUTH_SALT', 'KEY6' );
define( 'LOGGED_IN_SALT', 'KEY7' );
define( 'NONCE_SALT', 'KEY8' );
/**#@-*/
/**
* WordPress database table prefix.
*
* You can have multiple installations in one database if you give each
* a unique prefix. Only numbers, letters, and underscores please!
*/
$table_prefix = 'wp_';
/**
* For developers: WordPress debugging mode.
*
* Change this to true to enable the display of notices during development.
* It is strongly recommended that plugin and theme developers use WP_DEBUG
* in their development environments.
*
* For information on other constants that can be used for debugging,
* visit the documentation.
*
* @link https://wordpress.org/support/article/debugging-in-wordpress/
*/
define( 'WP_DEBUG', false );
/* Add any custom values between this line and the "stop editing" line. */
/* That's all, stop editing! Happy publishing. */
/** Absolute path to the WordPress directory. */
if ( ! defined( 'ABSPATH' ) ) {
define( 'ABSPATH', __DIR__ . '/' );
}
/** Sets up WordPress vars and included files. */
require_once ABSPATH . 'wp-settings.php';

4
manifest.toml
View file

@ -16,7 +16,8 @@ admindoc = "https://codex.wordpress.org/"
code = "https://core.trac.wordpress.org/browser"
[integration]
yunohost = ">= 11.2"
yunohost = ">= 11.2.18"
helpers_version = "2.1"
architectures = "all"
multi_instance = true
@ -64,6 +65,7 @@ ram.runtime = "50M"
[resources.system_user]
[resources.install_dir]
group = "www-data:r-x"
[resources.permissions]
main.url = "/"

13
scripts/_common.sh
View file

@ -1,11 +1,7 @@
#!/bin/bash
#=================================================
# COMMON VARIABLES
#=================================================
#=================================================
# EXPERIMENTAL HELPERS
# COMMON VARIABLES AND CUSTOM HELPERS
#=================================================
ynh_maintenance_mode_ON () {
@ -18,7 +14,7 @@ ynh_maintenance_mode_ON () {
fi
mkdir -p /var/www/html/
# Create an html to serve as maintenance notice
echo "<!DOCTYPE html>
<html>
@ -87,16 +83,15 @@ ynh_maintenance_mode_OFF () {
systemctl reload nginx
}
#=================================================
# Check the amount of available RAM
#
# usage: ynh_check_ram [--required=RAM required in Mb] [--no_swap|--only_swap] [--free_ram]
# usage: ynh_check_ram [--required=RAM required in Mb] [--no_swap|#REMOVEME? --only_swap] [--free_ram]
# | arg: -r, --required= - Amount of RAM required in Mb. The helper will return 0 is there's enough RAM, or 1 otherwise.
# If --required isn't set, the helper will print the amount of RAM, in Mb.
# | arg: -s, --no_swap - Ignore swap
# | arg: -o, --only_swap - Ignore real RAM, consider only swap.
# | arg: -o, #REMOVEME? --only_swap - Ignore real RAM, consider only swap.
# | arg: -f, --free_ram - Count only free RAM, not the total amount of RAM available.
ynh_check_ram () {
# Declare an array to define the options of this helper.

29
scripts/backup
View file

@ -1,60 +1,51 @@
#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts
source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
#=================================================
# DECLARE DATA AND CONF FILES TO BACKUP
#=================================================
ynh_print_info --message="Declaring files to be backed up..."
ynh_print_info "Declaring files to be backed up..."
#=================================================
# BACKUP THE APP MAIN DIR
#=================================================
ynh_backup --src_path="$install_dir"
ynh_backup "$install_dir"
#=================================================
# BACKUP THE NGINX CONFIGURATION
#=================================================
ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# BACKUP THE PHP-FPM CONFIGURATION
#=================================================
ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
ynh_backup "/etc/php/$php_version/fpm/pool.d/$app.conf"
#=================================================
# BACKUP FAIL2BAN CONFIGURATION
#=================================================
ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf"
ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf"
ynh_backup "/etc/fail2ban/jail.d/$app.conf"
ynh_backup "/etc/fail2ban/filter.d/$app.conf"
#=================================================
# BACKUP VARIOUS FILES
#=================================================
ynh_backup --src_path="/etc/cron.d/$app"
ynh_backup "/etc/cron.d/$app"
#=================================================
# BACKUP THE MYSQL DATABASE
#=================================================
ynh_print_info --message="Backing up the MySQL database..."
ynh_print_info "Backing up the MySQL database..."
ynh_mysql_dump_db --database="$db_name" > db.sql
ynh_mysql_dump_db > db.sql
#=================================================
# END OF SCRIPT
#=================================================
ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)."
ynh_print_info "Backup script completed for $app. (YunoHost will then actually copy those files to the archive)."

13
scripts/change_url
View file

@ -10,12 +10,12 @@ source /usr/share/yunohost/helpers
if [ $multisite -eq 1 ]
then
echo "A multisite installation of WordPress can't be moved easily. Please have a look at the WordPress codex to learn more about that." >&2
ynh_die --message="https://codex.wordpress.org/Moving_WordPress#Moving_WordPress_Multisite"
ynh_die "https://codex.wordpress.org/Moving_WordPress#Moving_WordPress_Multisite"
fi
ynh_script_progression --message="Updating NGINX web server configuration..." --weight=3
ynh_script_progression "Updating NGINX web server configuration..."
ynh_change_url_nginx_config
ynh_config_change_url_nginx
#=================================================
# UPDATE THE DATABASE
@ -24,11 +24,12 @@ ynh_change_url_nginx_config
# Get the database table prefix
db_prefix=$(grep '^$table_prefix' "$install_dir/wp-config.php" | sed "s/.*'\(.*\)'.*/\1/" )
ynh_mysql_execute_as_root --sql="UPDATE ${db_prefix}options SET option_value='https://$new_domain$new_path' WHERE option_name='siteurl'" --database=$app
ynh_mysql_execute_as_root --sql="UPDATE ${db_prefix}options SET option_value='https://$new_domain$new_path' WHERE option_name='home'" --database=$app
ynh_mysql_db_shell <<< "UPDATE ${db_prefix}options SET option_value='https://$new_domain$new_path' WHERE option_name='siteurl'"
ynh_mysql_db_shell <<< "UPDATE ${db_prefix}options SET option_value='https://$new_domain$new_path' WHERE option_name='home'"
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Change of URL completed for $app" --last
ynh_script_progression "Change of URL completed for $app"

105
scripts/install
View file

@ -1,26 +1,22 @@
#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
ynh_app_setting_set --key=php_memory_limit --value=64M
#=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#=================================================
if [ "$path" == "/" ] && [ $multisite -eq 1 ]; then
ynh_die --message="Multisite option of WordPress doesn't work at the root of a domain."
ynh_die "Multisite option of WordPress doesn't work at the root of a domain."
fi
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression --message="Setting up source files..." --weight=4
ynh_script_progression "Setting up source files..."
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$install_dir"
@ -28,67 +24,66 @@ ynh_setup_source --dest_dir="$install_dir"
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring NGINX web server..." --weight=3
ynh_script_progression "Configuring NGINX web server..."
# Create a dedicated NGINX config
ynh_add_nginx_config
ynh_config_add_nginx
#=================================================
# PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring PHP-FPM..." --weight=2
ynh_script_progression "Configuring PHP-FPM..."
fpm_footprint="medium"
fpm_free_footprint=0
fpm_usage="low"
#REMOVEME? Everything about fpm_footprint is removed in helpers2.1... | fpm_footprint="medium"
#REMOVEME? Everything about fpm_free_footprint is removed in helpers2.1... | fpm_free_footprint=0
#REMOVEME? Everything about fpm_usage is removed in helpers2.1... | fpm_usage="low"
ynh_app_setting_set --app=$app --key=fpm_footprint --value=$fpm_footprint
ynh_app_setting_set --app=$app --key=fpm_free_footprint --value=$fpm_free_footprint
ynh_app_setting_set --app=$app --key=fpm_usage --value=$fpm_usage
#REMOVEME? Everything about fpm_footprint is removed in helpers2.1... | ynh_app_setting_set --key=fpm_footprint --value=$fpm_footprint
#REMOVEME? Everything about fpm_free_footprint is removed in helpers2.1... | ynh_app_setting_set --key=fpm_free_footprint --value=$fpm_free_footprint
#REMOVEME? Everything about fpm_usage is removed in helpers2.1... | ynh_app_setting_set --key=fpm_usage --value=$fpm_usage
# Create a dedicated PHP-FPM config
ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint
ynh_config_add_phpfpm
#=================================================
# SPECIFIC SETUP
#=================================================
# CONFIGURE WP-CONFIG
#=================================================
ynh_script_progression --message="Configuring WordPress..." --weight=1
ynh_script_progression "Configuring WordPress..."
# Change variables in Wordpress configuration
dir=__DIR__
ynh_add_config --template="../conf/wp-config.php" --destination="$install_dir/wp-config.php"
ynh_config_add --template="wp-config.php" --destination="$install_dir/wp-config.php"
for i in 1 2 3 4 5 6 7 8
do
j=$(ynh_string_random --length=40)
ynh_replace_string --match_string="KEY$i" --replace_string="$j" --target_file=$install_dir/wp-config.php
ynh_replace --match="KEY$i" --replace="$j" --file=$install_dir/wp-config.php
sleep 0.5
done
#=================================================
# SETTING UP WITH CURL
#=================================================
ynh_script_progression --message="Installing wordpress with cURL..." --weight=10
ynh_script_progression "Installing wordpress with cURL..."
# Set right permissions for cURL install
chown -R $app: $install_dir
#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R $app: $install_dir
# Regen SSOwat configuration
yunohost app ssowatconf
# Reload NGINX
ynh_systemd_action --service_name=nginx --action=reload
ynh_systemctl --service=nginx --action=reload
# Wordpress installation
ynh_local_curl "/wp-admin/install.php?step=2" "&weblog_title=YunoBlog" "user_name=$admin" "admin_password=$db_pwd" "admin_password2=$db_pwd" "admin_email=$admin@$domain" "Submit=Install+WordPress"
ynh_print_info --message="Please wait during Wordpress installation..."
ynh_print_info "Please wait during Wordpress installation..."
for i in `seq 1 300`
do
# The loop waits for WordPress to be installed, or 5 minutes.
if ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name <<< "show tables" | grep --quiet "wp_options"; then
if ynh_mysql_db_shell <<< "show tables" | grep --quiet "wp_options"; then
# If the table wp_options is found, WordPress has finished its installation.
break
fi
@ -98,10 +93,10 @@ done
#=================================================
# INSTALL WORDPRESS PLUGINS
#=================================================
ynh_script_progression --message="Installing WordPress plugins..." --weight=20
ynh_script_progression "Installing WordPress plugins..."
ynh_exec_warn_less wget --no-verbose https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar --output-document=$install_dir/wp-cli.phar
wpcli_alias="php$phpversion $install_dir/wp-cli.phar --allow-root --path=$install_dir"
ynh_hide_warnings wget --no-verbose https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar --output-document=$install_dir/wp-cli.phar
wpcli_alias="php$php_version $install_dir/wp-cli.phar --allow-root --path=$install_dir"
$wpcli_alias plugin install authldap
$wpcli_alias plugin install http-authentication
@ -111,7 +106,7 @@ $wpcli_alias plugin install wp-fail2ban-redux
#=================================================
# SET LANGUAGE
#=================================================
ynh_script_progression --message="Configuring language..." --weight=3
ynh_script_progression "Configuring language..."
$wpcli_alias core language install $language
$wpcli_alias site switch-language $language
@ -122,39 +117,39 @@ $wpcli_alias site switch-language $language
if [ $multisite -eq 1 ]
then
ynh_script_progression --message="Configuring multisite..." --weight=2
ynh_script_progression "Configuring multisite..."
ynh_replace_string --match_string="#--MULTISITE--" --replace_string="" --target_file=/etc/nginx/conf.d/$domain.d/$app.conf
ynh_replace --match="#--MULTISITE--" --replace="" --file=/etc/nginx/conf.d/$domain.d/$app.conf
# Allow multisite
ynh_replace_string --match_string="//--MULTISITE1--define" --replace_string="define " --target_file=$install_dir/wp-config.php
ynh_replace --match="//--MULTISITE1--define" --replace="define " --file=$install_dir/wp-config.php
# Activate multisite via wp-cli
ynh_exec_fully_quiet $wpcli_alias core multisite-convert --base=$path/
$wpcli_alias core multisite-convert --base=$path/
# Activate multisite in wordpress config
ynh_replace_string --match_string="//--MULTISITE2--define" --replace_string="define" --target_file=$install_dir/wp-config.php
ynh_replace --match="//--MULTISITE2--define" --replace="define" --file=$install_dir/wp-config.php
db_prefix="wp_"
ynh_replace_string --match_string="__DB_PREFIX__" --replace_string="$db_prefix" --target_file=../conf/sql/multisite.sql
ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file=../conf/sql/multisite.sql
ynh_replace_string --match_string="__LENGTH__" --replace_string="$((${#app} + 108))" --target_file=../conf/sql/multisite.sql
ynh_replace --match="__DB_PREFIX__" --replace="$db_prefix" --file=../conf/sql/multisite.sql
ynh_replace --match="__APP__" --replace="$app" --file=../conf/sql/multisite.sql
ynh_replace --match="__LENGTH__" --replace="$((${#app} + 108))" --file=../conf/sql/multisite.sql
ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name < ../conf/sql/multisite.sql
ynh_mysql_db_shell < ../conf/sql/multisite.sql
plugin_network="--network"
else
db_prefix="wp_"
ynh_replace_string --match_string="__DB_PREFIX__" --replace_string="$db_prefix" --target_file=../conf/sql/single.sql
ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file=../conf/sql/single.sql
ynh_replace_string --match_string="__LENGTH__" --replace_string="$((${#app} + 108))" --target_file=../conf/sql/single.sql
ynh_replace --match="__DB_PREFIX__" --replace="$db_prefix" --file=../conf/sql/single.sql
ynh_replace --match="__APP__" --replace="$app" --file=../conf/sql/single.sql
ynh_replace --match="__LENGTH__" --replace="$((${#app} + 108))" --file=../conf/sql/single.sql
ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name < ../conf/sql/single.sql
ynh_mysql_db_shell < ../conf/sql/single.sql
plugin_network=""
fi
#=================================================
# ACTIVATE WORDPRESS PLUGINS
#=================================================
ynh_script_progression --message="Activating plugins..." --weight=4
ynh_script_progression "Activating plugins..."
$wpcli_alias plugin activate authldap $plugin_network
# Do not activate http-authentication, this plugin is sometimes unstable
@ -164,7 +159,7 @@ $wpcli_alias plugin activate wp-fail2ban-redux $plugin_network
# Set file and directories ownership
mkdir -p $install_dir/wp-content/uploads
mkdir -p $install_dir/wp-content/temp
chown -R $app:www-data "$install_dir"
#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R $app:www-data "$install_dir"
find "$install_dir" -type d -exec chmod 750 {} \;
find "$install_dir" -type f -exec chmod 640 {} \;
find "$install_dir/wp-content/uploads" -type d -exec chmod 770 {} \;
@ -177,36 +172,34 @@ setfacl -Rm d:g:www-data:rwX "$install_dir/wp-content/temp"
#=================================================
# Calculate and store the config file checksum into the app settings
ynh_store_file_checksum --file="$install_dir/wp-config.php"
ynh_store_file_checksum "$install_dir/wp-config.php"
chmod 400 "$install_dir/wp-config.php"
chown $app:$app "$install_dir/wp-config.php"
#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 400 "$install_dir/wp-config.php"
#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown $app:$app "$install_dir/wp-config.php"
#=================================================
# CREATE A CRON TASK FOR AUTOMATIC UPDATE
#=================================================
echo "# Reach everyday wp-cron.php to trig the internal WordPress cron.
0 3 * * * $app php$phpversion $install_dir/wp-cron.php" > /etc/cron.d/$app
0 3 * * * $app php$php_version $install_dir/wp-cron.php" > /etc/cron.d/$app
#=================================================
# GENERIC FINALISATION
#=================================================
# SETUP FAIL2BAN
#=================================================
ynh_script_progression --message="Configuring Fail2Ban..." --weight=7
ynh_script_progression "Configuring Fail2Ban..."
# Create a dedicated Fail2Ban config
ynh_add_fail2ban_config --logpath="/var/log/auth.log" --failregex="Authentication (attempt for unknown user|failure for) .* from <HOST>" --max_retry=5
ynh_config_add_fail2ban --logpath="/var/log/auth.log" --failregex="Authentication (attempt for unknown user|failure for) .* from <HOST>"
#=================================================
# REMOVE WP-CLI.PHAR
#=================================================
ynh_secure_remove --file=$install_dir/wp-cli.phar
ynh_safe_rm $install_dir/wp-cli.phar
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Installation of $app completed" --last
ynh_script_progression "Installation of $app completed"

18
scripts/remove
View file

@ -1,33 +1,27 @@
#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# REMOVE NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Removing NGINX web server configuration..." --weight=1
ynh_script_progression "Removing NGINX web server configuration..."
# Remove the dedicated NGINX config
ynh_remove_nginx_config
ynh_config_remove_nginx
# Remove the dedicated PHP-FPM config
ynh_remove_fpm_config
ynh_config_remove_phpfpm
# Remove the dedicated Fail2Ban config
ynh_remove_fail2ban_config
ynh_config_remove_fail2ban
# Remove a cron file
ynh_secure_remove --file="/etc/cron.d/$app"
ynh_safe_rm "/etc/cron.d/$app"
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Removal of $app completed" --last
ynh_script_progression "Removal of $app completed"

46
scripts/restore
View file

@ -1,11 +1,5 @@
#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts
source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
@ -19,14 +13,14 @@ ynh_maintenance_mode_ON
#=================================================
# RESTORE THE APP MAIN DIR
#=================================================
ynh_script_progression --message="Restoring the app main directory..." --weight=5
ynh_script_progression "Restoring the app main directory..."
ynh_restore_file --origin_path="$install_dir"
ynh_restore "$install_dir"
# Set file and directories ownership
mkdir -p $install_dir/wp-content/uploads
mkdir -p $install_dir/wp-content/temp
chown -R $app:www-data "$install_dir"
#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R $app:www-data "$install_dir"
find "$install_dir" -type d -exec chmod 750 {} \;
find "$install_dir" -type f -exec chmod 640 {} \;
find "$install_dir/wp-content/uploads" -type d -exec chmod 770 {} \;
@ -34,44 +28,42 @@ find "$install_dir/wp-content/temp" -type d -exec chmod 770 {} \;
setfacl -Rm d:g:www-data:rwX "$install_dir/wp-content/uploads"
setfacl -Rm d:g:www-data:rwX "$install_dir/wp-content/temp"
chmod 400 "$install_dir/wp-config.php"
chown $app:$app "$install_dir/wp-config.php"
#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 400 "$install_dir/wp-config.php"
#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown $app:$app "$install_dir/wp-config.php"
#=================================================
# RESTORE THE MYSQL DATABASE
#=================================================
ynh_script_progression --message="Restoring the MySQL database..." --weight=3
ynh_script_progression "Restoring the MySQL database..."
ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql
ynh_mysql_db_shell < ./db.sql
#=================================================
# RESTORE THE PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the PHP-FPM configuration..." --weight=2
ynh_script_progression "Restoring the PHP-FPM configuration..."
# Restore the file first, so it can have a backup if different
ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
ynh_restore "/etc/php/$php_version/fpm/pool.d/$app.conf"
# Recreate a dedicated php-fpm config
ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint
ynh_config_add_phpfpm
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_restore "/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_restore_file --origin_path="/etc/cron.d/$app"
ynh_restore "/etc/cron.d/$app"
ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf"
ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf"
ynh_systemd_action --action=restart --service_name=fail2ban
ynh_restore "/etc/fail2ban/jail.d/$app.conf"
ynh_restore "/etc/fail2ban/filter.d/$app.conf"
ynh_systemctl --action=restart --service=fail2ban
#=================================================
# GENERIC FINALIZATION
#=================================================
# RELOAD NGINX AND PHP-FPM
#=================================================
ynh_script_progression --message="Reloading NGINX web server and PHP-FPM..." --weight=2
ynh_script_progression "Reloading NGINX web server and PHP-FPM..."
ynh_systemd_action --service_name=php$phpversion-fpm --action=reload
ynh_systemd_action --service_name=nginx --action=reload
ynh_systemctl --service=php$php_version-fpm --action=reload
ynh_systemctl --service=nginx --action=reload
#=================================================
# DEACTIVE MAINTENANCE MODE
@ -83,4 +75,4 @@ ynh_maintenance_mode_OFF
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Restoration completed for $app" --last
ynh_script_progression "Restoration completed for $app"

105
scripts/upgrade
View file

@ -1,19 +1,9 @@
#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# CHECK VERSION
#=================================================
upgrade_type=$(ynh_check_app_version_changed)
ynh_app_setting_set_default --key=php_memory_limit --value=64M
#=================================================
# ACTIVATE MAINTENANCE MODE
@ -21,31 +11,31 @@ upgrade_type=$(ynh_check_app_version_changed)
ynh_maintenance_mode_ON
#=================================================
# STANDARD UPGRADE STEPS
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
ynh_script_progression --message="Ensuring downward compatibility..."
ynh_script_progression "Ensuring downward compatibility..."
if [ -z "${admin:-}" ]; then
ynh_mysql_execute_as_root --sql="select MAX(user_login) from wp_users where user_status=0 INTO OUTFILE '/tmp/wordpressuser';" --database=$db_name
ynh_mysql_db_shell <<< "select MAX(user_login) from wp_users where user_status=0 INTO OUTFILE '/tmp/wordpressuser';"
admin=$(cat /tmp/wordpressuser)
ynh_secure_remove --file=/tmp/wordpressuser
ynh_app_setting_set --app=$app --key=admin --value=$admin
ynh_safe_rm /tmp/wordpressuser
ynh_app_setting_set --key=admin --value=$admin
fi
# FIXMEhelpers2.1: maybe replace with: ynh_app_setting_set_default --key=language --value=$(grep WPLANG $install_dir/wp-config.php | cut -d"'" -f4)
if [ -z "${language:-}" ]; then
language=$(grep WPLANG $install_dir/wp-config.php | cut -d"'" -f4)
ynh_app_setting_set --app=$app --key=language --value=$language
ynh_app_setting_set --key=language --value=$language
fi
# Fix multisite as a boolean
if [ "${multisite,,}" = "yes" ]; then
ynh_app_setting_set --app=$app --key=multisite --value=1
ynh_app_setting_set --key=multisite --value=1
multisite=1
elif [ "${multisite,,}" = "no" ]; then
ynh_app_setting_set --app=$app --key=multisite --value=0
ynh_app_setting_set --key=multisite --value=0
multisite=0
fi
@ -57,24 +47,24 @@ fi
# If fpm_footprint doesn't exist, create it
if [ -z "${fpm_footprint:-}" ]; then
fpm_footprint=medium
ynh_app_setting_set --app=$app --key=fpm_footprint --value=$fpm_footprint
#REMOVEME? Everything about fpm_footprint is removed in helpers2.1... | ynh_app_setting_set --key=fpm_footprint --value=$fpm_footprint
fi
# If fpm_free_footprint doesn't exist, create it
if [ -z "${fpm_free_footprint:-}" ]; then
fpm_free_footprint=0
ynh_app_setting_set --app=$app --key=fpm_free_footprint --value=$fpm_free_footprint
#REMOVEME? Everything about fpm_free_footprint is removed in helpers2.1... | ynh_app_setting_set --key=fpm_free_footprint --value=$fpm_free_footprint
fi
# If fpm_usage doesn't exist, create it
if [ -z "${fpm_usage:-}" ]; then
fpm_usage=low
ynh_app_setting_set --app=$app --key=fpm_usage --value=$fpm_usage
#REMOVEME? Everything about fpm_usage is removed in helpers2.1... | ynh_app_setting_set --key=fpm_usage --value=$fpm_usage
fi
# Replace wp-fail2ban by wp-fail2ban-redux
ynh_exec_warn_less wget --no-verbose https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar --output-document=$install_dir/wp-cli.phar
wpcli_alias="php$phpversion $install_dir/wp-cli.phar --allow-root --path=$install_dir"
ynh_hide_warnings wget --no-verbose https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar --output-document=$install_dir/wp-cli.phar
wpcli_alias="php$php_version $install_dir/wp-cli.phar --allow-root --path=$install_dir"
plugin_network=""
if [ $multisite -eq 1 ]; then
plugin_network="--network"
@ -88,72 +78,70 @@ $wpcli_alias plugin is-installed simple-ldap-login && $wpcli_alias plugin deacti
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=2
ynh_script_progression "Upgrading NGINX web server configuration..."
ynh_add_nginx_config
ynh_config_add_nginx
#=================================================
# PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=4
ynh_script_progression "Upgrading PHP-FPM configuration..."
# Create a dedicated PHP-FPM config
ynh_add_fpm_config --usage=$fpm_usage --footprint=$fpm_footprint
ynh_config_add_phpfpm
#=================================================
# SPECIFIC UPGRADE
#=================================================
# SAVE THE CONFIG FILE IF IT HAS BEEN MODIFIED
#=================================================
# Verify the checksum of a file, stored by `ynh_store_file_checksum` in the install script.
ynh_backup_if_checksum_is_different --file="$install_dir/wp-config.php"
ynh_backup_if_checksum_is_different "$install_dir/wp-config.php"
#=================================================
# CONFIGURE MULTISITE
#=================================================
ynh_script_progression --message="Configuring multisite..." --weight=2
ynh_script_progression "Configuring multisite..."
if [ $multisite -eq 1 ]
then
ynh_replace_string --match_string="#--MULTISITE--" --replace_string="" --target_file=/etc/nginx/conf.d/$domain.d/$app.conf
ynh_replace --match="#--MULTISITE--" --replace="" --file=/etc/nginx/conf.d/$domain.d/$app.conf
ynh_store_file_checksum --file="/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_store_file_checksum "/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_systemd_action --service_name=nginx --action=reload
ynh_systemctl --service=nginx --action=reload
db_prefix=$(grep '^$table_prefix' "$install_dir/wp-config.php" | sed "s/.*'\(.*\)'.*/\1/" )
ynh_replace_string --match_string="__DB_PREFIX__" --replace_string="$db_prefix" --target_file=../conf/sql/multisite.sql
ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file=../conf/sql/multisite.sql
ynh_replace_string --match_string="__LENGTH__" --replace_string="$((${#app} + 108))" --target_file=../conf/sql/multisite.sql
ynh_replace --match="__DB_PREFIX__" --replace="$db_prefix" --file=../conf/sql/multisite.sql
ynh_replace --match="__APP__" --replace="$app" --file=../conf/sql/multisite.sql
ynh_replace --match="__LENGTH__" --replace="$((${#app} + 108))" --file=../conf/sql/multisite.sql
ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name < ../conf/sql/multisite.sql
ynh_mysql_db_shell < ../conf/sql/multisite.sql
plugin_network="--network"
else
multisite=0
db_prefix=$(grep '^$table_prefix' "$install_dir/wp-config.php" | sed "s/.*'\(.*\)'.*/\1/" )
ynh_replace_string --match_string="__DB_PREFIX__" --replace_string="$db_prefix" --target_file=../conf/sql/single.sql
ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file=../conf/sql/single.sql
ynh_replace_string --match_string="__LENGTH__" --replace_string="$((${#app} + 108))" --target_file=../conf/sql/single.sql
ynh_replace --match="__DB_PREFIX__" --replace="$db_prefix" --file=../conf/sql/single.sql
ynh_replace --match="__APP__" --replace="$app" --file=../conf/sql/single.sql
ynh_replace --match="__LENGTH__" --replace="$((${#app} + 108))" --file=../conf/sql/single.sql
ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name < ../conf/sql/single.sql
ynh_mysql_db_shell < ../conf/sql/single.sql
plugin_network=""
if ynh_permission_has_user --permission="main" --user="visitor"
then
ynh_replace_string --match_string="//--PUBLIC--define" --replace_string="define" --target_file=$install_dir/wp-config.php
ynh_replace --match="//--PUBLIC--define" --replace="define" --file=$install_dir/wp-config.php
fi
fi
ynh_app_setting_set --app=$app --key=multisite --value=$multisite
ynh_app_setting_set --key=multisite --value=$multisite
#=================================================
# UPDATE WORDPRESS PLUGINS
#=================================================
ynh_script_progression --message="Updating plugins" --weight=11
ynh_script_progression "Updating plugins"
# wget -nv https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar -O $install_dir/wp-cli.phar
# wpcli_alias="php$phpversion $install_dir/wp-cli.phar --allow-root --path=$install_dir"
# wpcli_alias="php$php_version $install_dir/wp-cli.phar --allow-root --path=$install_dir"
update_plugin () {
( $wpcli_alias plugin is-installed $1 && $wpcli_alias plugin update $1 ) || $wpcli_alias plugin install $1
}
@ -168,11 +156,10 @@ $wpcli_alias plugin activate wp-fail2ban-redux $plugin_network
# Disable broken plugin http-authentication
$wpcli_alias plugin is-installed http-authentication && $wpcli_alias plugin deactivate http-authentication $plugin_network
# Set file and directories ownership
mkdir -p $install_dir/wp-content/uploads
mkdir -p $install_dir/wp-content/temp
chown -R $app:www-data "$install_dir"
#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R $app:www-data "$install_dir"
find "$install_dir" -type d -exec chmod 750 {} \;
find "$install_dir" -type f -exec chmod 640 {} \;
find "$install_dir/wp-content/uploads" -type d -exec chmod 770 {} \;
@ -185,33 +172,31 @@ setfacl -Rm d:g:www-data:rwX "$install_dir/wp-content/temp"
#=================================================
# Recalculate and store the checksum of the file for the next upgrade.
ynh_store_file_checksum --file="$install_dir/wp-config.php"
ynh_store_file_checksum "$install_dir/wp-config.php"
chmod 400 "$install_dir/wp-config.php"
chown $app:$app "$install_dir/wp-config.php"
#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 400 "$install_dir/wp-config.php"
#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown $app:$app "$install_dir/wp-config.php"
#=================================================
# CREATE A CRON TASK FOR AUTOMATIC UPDATE
#=================================================
echo "# Reach everyday wp-cron.php to trig the internal WordPress cron.
0 3 * * * $app php$phpversion $install_dir/wp-cron.php" > /etc/cron.d/$app
0 3 * * * $app php$php_version $install_dir/wp-cron.php" > /etc/cron.d/$app
#=================================================
# GENERIC FINALISATION
#=================================================
# UPGRADE FAIL2BAN
#=================================================
ynh_script_progression --message="Reconfiguring Fail2Ban..." --weight=9
ynh_script_progression "Reconfiguring Fail2Ban..."
# Create a dedicated Fail2Ban config
ynh_add_fail2ban_config --logpath="/var/log/auth.log" --failregex="Authentication (attempt for unknown user|failure for) .* from <HOST>" --max_retry=5
ynh_config_add_fail2ban --logpath="/var/log/auth.log" --failregex="Authentication (attempt for unknown user|failure for) .* from <HOST>"
#=================================================
# REMOVE WP-CLI.PHAR
#=================================================
ynh_secure_remove --file=$install_dir/wp-cli.phar
ynh_safe_rm $install_dir/wp-cli.phar
#=================================================
# DEACTIVE MAINTENANCE MODE
@ -223,4 +208,4 @@ ynh_maintenance_mode_OFF
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Upgrade of $app completed" --last
ynh_script_progression "Upgrade of $app completed"