From 7378b95c7c3b416fd159acfd9668c379f8e4e8bf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=89ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Tue, 29 Dec 2020 22:46:49 +0100 Subject: [PATCH 01/17] Set SVG badge --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index f280337..4281af1 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ # WordPress for YunoHost [![Integration level](https://dash.yunohost.org/integration/wordpress.svg)](https://dash.yunohost.org/appci/app/wordpress) ![](https://ci-apps.yunohost.org/ci/badges/wordpress.status.svg) [![](https://ci-apps.yunohost.org/ci/badges/wordpress.maintain.svg)](https://github.com/YunoHost/Apps/#what-to-do-if-i-cant-maintain-my-app-anymore-) -[![Install WordPress with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=wordpress) +[![Install WordPress with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=wordpress) *[Lire ce readme en français.](./README_fr.md)* From 9205aa9650e260f02fd3ba90defdcb0d95c57ade Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=89ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Tue, 29 Dec 2020 22:47:35 +0100 Subject: [PATCH 02/17] Set SVG badge --- README_fr.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README_fr.md b/README_fr.md index da30f79..ef241ea 100644 --- a/README_fr.md +++ b/README_fr.md @@ -1,7 +1,7 @@ # WordPress pour YunoHost [![Niveau d'intégration](https://dash.yunohost.org/integration/wordpress.svg)](https://dash.yunohost.org/appci/app/wordpress) ![](https://ci-apps.yunohost.org/ci/badges/wordpress.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/wordpress.maintain.svg) -[![Installer WordPress avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=wordpress) +[![Installer WordPress avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=wordpress) *[Read this readme in english.](./README.md)* From e0c043ffb08ea83a31978c28d34d411492130c67 Mon Sep 17 00:00:00 2001 From: Kay0u Date: Thu, 31 Dec 2020 16:08:30 +0100 Subject: [PATCH 03/17] Fix cron --- conf/wp-config.php | 3 +++ scripts/actions/reset_default_app | 4 ++-- scripts/change_url | 7 ------- scripts/install | 4 ++-- scripts/upgrade | 4 ++-- 5 files changed, 9 insertions(+), 13 deletions(-) diff --git a/conf/wp-config.php b/conf/wp-config.php index f53900b..12c8c7e 100644 --- a/conf/wp-config.php +++ b/conf/wp-config.php @@ -18,6 +18,9 @@ * @package WordPress */ +/** Disable the wordress cron because it's managed by the system */ +define('DISABLE_WP_CRON', true); + // ** MySQL settings - You can get this info from your web host ** // /** The name of the database for WordPress */ define('DB_NAME', '__DB_USER__'); diff --git a/scripts/actions/reset_default_app b/scripts/actions/reset_default_app index fd1ab8d..1af95b8 100755 --- a/scripts/actions/reset_default_app +++ b/scripts/actions/reset_default_app @@ -66,8 +66,8 @@ yunohost app action run $app reset_default_phpfpm # CREATE A CRON TASK FOR AUTOMATIC UPDATE #================================================= -echo "# Reach everyday wp-cron.php?doing_wp_cron to trig the internal wordpress cron. -0 3 * * * root wget -q -O - https://$domain$path_url/wp-cron.php?doing_wp_cron >/dev/null 2>&1" > /etc/cron.d/$app +echo "# Reach everyday wp-cron.php to trig the internal WordPress cron. +0 3 * * * $app php$phpversion $final_path/wp-cron.php" > /etc/cron.d/$app #================================================= # SECURE FILES AND DIRECTORIES diff --git a/scripts/change_url b/scripts/change_url index 1990e6e..44af2d5 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -123,13 +123,6 @@ db_prefix=$(grep '^$table_prefix' "$final_path/wp-config.php" | sed "s/.*'\(.*\) ynh_mysql_execute_as_root --sql="UPDATE ${db_prefix}options SET option_value='https://$new_domain$new_path' WHERE option_name='siteurl'" --database=$app ynh_mysql_execute_as_root --sql="UPDATE ${db_prefix}options SET option_value='https://$new_domain$new_path' WHERE option_name='home'" --database=$app -#================================================= -# UPDATE THE CRON -#================================================= - -echo "# Reach everyday wp-cron.php?doing_wp_cron to trig the internal wordpress cron. -0 3 * * * root wget -q -O - https://$new_domain$new_path/wp-cron.php?doing_wp_cron >/dev/null 2>&1" > /etc/cron.d/$app - #================================================= # GENERIC FINALISATION #================================================= diff --git a/scripts/install b/scripts/install index e4c6c69..ff4d8f6 100644 --- a/scripts/install +++ b/scripts/install @@ -228,8 +228,8 @@ ynh_store_file_checksum --file="$final_path/wp-config.php" # CREATE A CRON TASK FOR AUTOMATIC UPDATE #================================================= -echo "# Reach everyday wp-cron.php?doing_wp_cron to trig the internal WordPress cron. -0 3 * * * root wget -q -O - https://$domain$path_url/wp-cron.php?doing_wp_cron >/dev/null 2>&1" > /etc/cron.d/$app +echo "# Reach everyday wp-cron.php to trig the internal WordPress cron. +0 3 * * * $app php$phpversion $final_path/wp-cron.php" > /etc/cron.d/$app #================================================= # GENERIC FINALISATION diff --git a/scripts/upgrade b/scripts/upgrade index 4df9b47..a104e38 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -263,8 +263,8 @@ ynh_store_file_checksum --file="$final_path/wp-config.php" # CREATE A CRON TASK FOR AUTOMATIC UPDATE #================================================= -echo "# Reach everyday wp-cron.php?doing_wp_cron to trig the internal wordpress cron. -0 3 * * * root wget -q -O - https://$domain$path_url/wp-cron.php?doing_wp_cron >/dev/null 2>&1" > /etc/cron.d/$app +echo "# Reach everyday wp-cron.php to trig the internal WordPress cron. +0 3 * * * $app php$phpversion $final_path/wp-cron.php" > /etc/cron.d/$app #================================================= # GENERIC FINALISATION From a9718cc0bcb9a9dbee4ee7d3737ee11e1c8bf569 Mon Sep 17 00:00:00 2001 From: Kay0u Date: Thu, 31 Dec 2020 17:01:39 +0100 Subject: [PATCH 04/17] fix auto upgrade to major versions --- scripts/install | 2 ++ scripts/upgrade | 6 ++++++ 2 files changed, 8 insertions(+) diff --git a/scripts/install b/scripts/install index e4c6c69..c03e746 100644 --- a/scripts/install +++ b/scripts/install @@ -215,6 +215,8 @@ ynh_script_progression --message="Activating plugins..." --weight=4 $wpcli_alias plugin activate simple-ldap-login $plugin_network # Do not activate http-authentication, this plugin is sometimes unstable $wpcli_alias plugin activate companion-auto-update $plugin_network +# Enable the auto update of major versions +ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name <<< "UPDATE wp_auto_updates SET onoroff='on' WHERE wp_auto_updates.name='major';" $wpcli_alias plugin activate wp-fail2ban-redux $plugin_network #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 4df9b47..adbed84 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -246,6 +246,12 @@ update_plugin simple-ldap-login $wpcli_alias plugin activate simple-ldap-login $plugin_network update_plugin companion-auto-update $wpcli_alias plugin activate companion-auto-update $plugin_network + + +# Enable the auto update of major versions +db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) +ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name <<< "UPDATE wp_auto_updates SET onoroff='on' WHERE wp_auto_updates.name='major';" + update_plugin wp-fail2ban-redux $wpcli_alias plugin activate wp-fail2ban-redux $plugin_network From ef3dcdfc795ebb4f1d8c9dffef340dd3fd307a55 Mon Sep 17 00:00:00 2001 From: Philippe Bernery Date: Sun, 3 Jan 2021 19:22:31 +0100 Subject: [PATCH 05/17] Update link to multisite glossary --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 4281af1..0d2f41f 100644 --- a/README.md +++ b/README.md @@ -10,7 +10,7 @@ If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to ## Overview WordPress is open source software you can use to create a beautiful website, blog, or app. -With this package, you can even activate the [multisite](https://codex.wordpress.org/Glossary#Multisite) option. +With this package, you can even activate the [multisite](https://wordpress.org/support/article/glossary/#multisite) option. **Shipped version:** 5.6 From 40512182dffb00b11f1687183f885ea583818670 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lo=C3=AFc=20Lemonsu?= Date: Thu, 7 Jan 2021 14:34:22 +0100 Subject: [PATCH 06/17] remove permissions for other on wp-config file --- scripts/actions/reset_default_app | 5 ++++- scripts/install | 3 ++- scripts/restore | 3 ++- scripts/upgrade | 5 +++-- 4 files changed, 11 insertions(+), 5 deletions(-) diff --git a/scripts/actions/reset_default_app b/scripts/actions/reset_default_app index 1af95b8..ba86327 100755 --- a/scripts/actions/reset_default_app +++ b/scripts/actions/reset_default_app @@ -77,12 +77,15 @@ echo "# Reach everyday wp-cron.php to trig the internal WordPress cron. # Files have to be own by the user of wordpress. To allow upgrade from the app. chown -R $app: $final_path # Except the file config wp-config.php -chown root: $final_path/wp-config.php +chown root:$app $final_path/wp-config.php # Reset permissions find $final_path/ -type f -print0 | xargs -0 chmod 0644 find $final_path/ -type d -print0 | xargs -0 chmod 0755 +# Remove permissions for others +chmod 640 $final_path/wp-config.php + #================================================= # UPGRADE FAIL2BAN #================================================= diff --git a/scripts/install b/scripts/install index ff4d8f6..687ccba 100644 --- a/scripts/install +++ b/scripts/install @@ -241,7 +241,8 @@ echo "# Reach everyday wp-cron.php to trig the internal WordPress cron. # Files have to be own by the user of wordpress. To allow upgrade from the app. chown -R $app: $final_path # Except the file config wp-config.php -chown root: $final_path/wp-config.php +chown root:$app $final_path/wp-config.php +chmod 640 $final_path/wp-config.php #================================================= # SETUP FAIL2BAN diff --git a/scripts/restore b/scripts/restore index d77447c..ecf9787 100644 --- a/scripts/restore +++ b/scripts/restore @@ -91,7 +91,8 @@ ynh_system_user_create --username=$app # Files have to be own by the user of wordpress. To allow upgrade from the app. chown -R $app: $final_path # Except the file config wp-config.php -chown root: $final_path/wp-config.php +chown root:$app $final_path/wp-config.php +chmod 640 $final_path/wp-config.php #================================================= # RESTORE THE PHP-FPM CONFIGURATION diff --git a/scripts/upgrade b/scripts/upgrade index a104e38..c2ef498 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -220,7 +220,7 @@ then ynh_store_file_checksum --file="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_systemd_action --service_name=nginx --action=reload - + plugin_network="--network" else multisite=0 @@ -276,7 +276,8 @@ echo "# Reach everyday wp-cron.php to trig the internal WordPress cron. # Files have to be own by the user of wordpress. To allow upgrade from the app. chown -R $app: $final_path # Except the file config wp-config.php -chown root: $final_path/wp-config.php +chown root:$app $final_path/wp-config.php +chmod 640 $final_path/wp-config.php #================================================= # UPGRADE FAIL2BAN From 4abfec2364e91cb0d313f67475f7fe57887e84a6 Mon Sep 17 00:00:00 2001 From: Kayou Date: Thu, 7 Jan 2021 18:26:05 +0100 Subject: [PATCH 07/17] Update reset_default_app --- scripts/actions/reset_default_app | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/actions/reset_default_app b/scripts/actions/reset_default_app index 1af95b8..a65d919 100755 --- a/scripts/actions/reset_default_app +++ b/scripts/actions/reset_default_app @@ -26,6 +26,7 @@ domain=$(ynh_app_setting_get --app=$app --key=domain) path_url=$(ynh_app_setting_get --app=$app --key=path) is_public=$(ynh_app_setting_get --app=$app --key=is_public) final_path=$(ynh_app_setting_get --app=$app --key=final_path) +phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= # SPECIFIC ACTION From fc55868b44270b143e3103c62b71b8626234db1e Mon Sep 17 00:00:00 2001 From: Kay0u Date: Wed, 13 Jan 2021 10:19:26 +0100 Subject: [PATCH 08/17] add some getops --- scripts/backup | 2 +- scripts/install | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/backup b/scripts/backup index 8624205..25bf9d5 100644 --- a/scripts/backup +++ b/scripts/backup @@ -69,7 +69,7 @@ ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf" # BACKUP CRON #================================================= -ynh_backup "/etc/cron.d/$app" +ynh_backup --src_path="/etc/cron.d/$app" #================================================= # END OF SCRIPT diff --git a/scripts/install b/scripts/install index 687ccba..25d0cc9 100644 --- a/scripts/install +++ b/scripts/install @@ -274,7 +274,7 @@ ynh_systemd_action --service_name=nginx --action=reload # REMOVE WP-CLI.PHAR #================================================= -ynh_secure_remove $final_path/wp-cli.phar +ynh_secure_remove --file=$final_path/wp-cli.phar #================================================= # SEND A README FOR THE ADMIN From a194f0653c30ccf2c2949510c38e06f312b1f3a1 Mon Sep 17 00:00:00 2001 From: Kay0u Date: Wed, 13 Jan 2021 10:19:37 +0100 Subject: [PATCH 09/17] add php-ldap as dependencies --- scripts/_common.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/_common.sh b/scripts/_common.sh index 3c25980..4404f4b 100755 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -6,7 +6,7 @@ YNH_PHP_VERSION="7.3" -extra_php_dependencies="php${YNH_PHP_VERSION}-mysql php${YNH_PHP_VERSION}-curl php${YNH_PHP_VERSION}-json php${YNH_PHP_VERSION}-mbstring php${YNH_PHP_VERSION}-xml php${YNH_PHP_VERSION}-zip php${YNH_PHP_VERSION}-gd php${YNH_PHP_VERSION}-soap php${YNH_PHP_VERSION}-ssh2 php${YNH_PHP_VERSION}-tokenizer" +extra_php_dependencies="php${YNH_PHP_VERSION}-mysql php${YNH_PHP_VERSION}-curl php${YNH_PHP_VERSION}-json php${YNH_PHP_VERSION}-mbstring php${YNH_PHP_VERSION}-xml php${YNH_PHP_VERSION}-zip php${YNH_PHP_VERSION}-gd php${YNH_PHP_VERSION}-soap php${YNH_PHP_VERSION}-ssh2 php${YNH_PHP_VERSION}-tokenizer php${YNH_PHP_VERSION}-ldap" #================================================= # EXPERIMENTAL HELPERS From 66714434cde32fcfc1dc72d2cbaed42cf36a69b3 Mon Sep 17 00:00:00 2001 From: Kay0u Date: Tue, 19 Jan 2021 11:24:41 +0100 Subject: [PATCH 10/17] Force major upgrade only if it's an old version package --- manifest.json | 2 +- scripts/upgrade | 12 ++++++++---- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/manifest.json b/manifest.json index 00e8571..9943d2c 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "Create a beautiful blog or website easily", "fr": "Logiciel de création de blog ou de site Web" }, - "version": "5.6~ynh1", + "version": "5.6~ynh2", "url": "https://wordpress.org/", "license": "GPL-2.0", "maintainer": { diff --git a/scripts/upgrade b/scripts/upgrade index adbed84..a037066 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -247,10 +247,14 @@ $wpcli_alias plugin activate simple-ldap-login $plugin_network update_plugin companion-auto-update $wpcli_alias plugin activate companion-auto-update $plugin_network - -# Enable the auto update of major versions -db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) -ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name <<< "UPDATE wp_auto_updates SET onoroff='on' WHERE wp_auto_updates.name='major';" +if ynh_compare_current_package_version --comparison lt --version 5.6~ynh2 +then + # Get the database table prefix + db_prefix=$(grep '^$table_prefix' "$final_path/wp-config.php" | sed "s/.*'\(.*\)'.*/\1/" ) + # Enable the auto update of major versions + db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) + ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name <<< "UPDATE ${db_prefix}auto_updates SET onoroff='on' WHERE ${db_prefix}auto_updates.name='major';" +fi update_plugin wp-fail2ban-redux $wpcli_alias plugin activate wp-fail2ban-redux $plugin_network From 8366217bdaa5358aa672cf7a8e5b83001f7951af Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Wed, 10 Mar 2021 08:25:19 +0100 Subject: [PATCH 11/17] Upgrade to 5.7 --- README.md | 2 +- README_fr.md | 2 +- conf/app.src | 4 ++-- manifest.json | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 0d2f41f..980780e 100644 --- a/README.md +++ b/README.md @@ -12,7 +12,7 @@ If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to WordPress is open source software you can use to create a beautiful website, blog, or app. With this package, you can even activate the [multisite](https://wordpress.org/support/article/glossary/#multisite) option. -**Shipped version:** 5.6 +**Shipped version:** 5.7 ## Screenshots diff --git a/README_fr.md b/README_fr.md index ef241ea..7e7a370 100644 --- a/README_fr.md +++ b/README_fr.md @@ -12,7 +12,7 @@ Si vous n'avez pas YunoHost, consultez [le guide](https://yunohost.org/#/install WordPress est un logiciel libre que vous pouvez utiliser pour créer un site ou un blog. Avec ce package, vous pouvez même activer l'option [multisite](https://codex.wordpress.org/Glossary#Multisite). -**Version incluse :** 5.6 +**Version incluse :** 5.7 ## Captures d'écran diff --git a/conf/app.src b/conf/app.src index 6fc3d12..2f4a19c 100644 --- a/conf/app.src +++ b/conf/app.src @@ -1,5 +1,5 @@ -SOURCE_URL=https://wordpress.org/wordpress-5.6.tar.gz -SOURCE_SUM=47f466f375557bd4e3e1fff69b1ccbe29053423736b1af8f3dbf9d38c4c5fcd3 +SOURCE_URL=https://wordpress.org/wordpress-5.7.tar.gz +SOURCE_SUM=92be8c4afd0186f783a12bad994baecc8f941a88535acddecbae0d7702169b71 SOURCE_SUM_PRG=sha256sum ARCH_FORMAT=tar.gz SOURCE_IN_SUBDIR=true diff --git a/manifest.json b/manifest.json index 9943d2c..5c9e6a1 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "Create a beautiful blog or website easily", "fr": "Logiciel de création de blog ou de site Web" }, - "version": "5.6~ynh2", + "version": "5.7~ynh1", "url": "https://wordpress.org/", "license": "GPL-2.0", "maintainer": { From a7ba8031cd5d0230de6cf2756870db7b4332c319 Mon Sep 17 00:00:00 2001 From: Kay0u Date: Wed, 10 Mar 2021 18:00:41 +0100 Subject: [PATCH 12/17] revert auto upgrade to major version --- scripts/install | 2 -- scripts/upgrade | 9 --------- 2 files changed, 11 deletions(-) diff --git a/scripts/install b/scripts/install index 22569b0..25d0cc9 100644 --- a/scripts/install +++ b/scripts/install @@ -215,8 +215,6 @@ ynh_script_progression --message="Activating plugins..." --weight=4 $wpcli_alias plugin activate simple-ldap-login $plugin_network # Do not activate http-authentication, this plugin is sometimes unstable $wpcli_alias plugin activate companion-auto-update $plugin_network -# Enable the auto update of major versions -ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name <<< "UPDATE wp_auto_updates SET onoroff='on' WHERE wp_auto_updates.name='major';" $wpcli_alias plugin activate wp-fail2ban-redux $plugin_network #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 004059f..455c57e 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -247,15 +247,6 @@ $wpcli_alias plugin activate simple-ldap-login $plugin_network update_plugin companion-auto-update $wpcli_alias plugin activate companion-auto-update $plugin_network -if ynh_compare_current_package_version --comparison lt --version 5.6~ynh2 -then - # Get the database table prefix - db_prefix=$(grep '^$table_prefix' "$final_path/wp-config.php" | sed "s/.*'\(.*\)'.*/\1/" ) - # Enable the auto update of major versions - db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) - ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name <<< "UPDATE ${db_prefix}auto_updates SET onoroff='on' WHERE ${db_prefix}auto_updates.name='major';" -fi - update_plugin wp-fail2ban-redux $wpcli_alias plugin activate wp-fail2ban-redux $plugin_network From 5f7f58779455e216ca17be59969258b7fdd6ca0b Mon Sep 17 00:00:00 2001 From: Kay0u Date: Wed, 10 Mar 2021 18:01:50 +0100 Subject: [PATCH 13/17] Add a message to manually trigger major updates --- scripts/install | 5 ++++- scripts/upgrade | 5 ++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/scripts/install b/scripts/install index 25d0cc9..49766d8 100644 --- a/scripts/install +++ b/scripts/install @@ -283,7 +283,10 @@ ynh_secure_remove --file=$final_path/wp-cli.phar # Get main domain and buid the url of the admin panel of the app. admin_panel="https://$(grep portal_domain /etc/ssowat/conf.json | cut -d'"' -f4)/yunohost/admin/#/apps/$app" -echo "You can configure this app easily by using the experimental __URL_TAG1__config-panel feature__URL_TAG2__$admin_panel/config-panel__URL_TAG3__. +echo "Please manually trigger updates to major versions in the WordPress admin area. +You can also activate the automatic update in the Companion Auto Update plugin settings. + +You can configure this app easily by using the experimental __URL_TAG1__config-panel feature__URL_TAG2__$admin_panel/config-panel__URL_TAG3__. You can also find some specific actions for this app by using the experimental __URL_TAG1__action feature__URL_TAG2__$admin_panel/actions__URL_TAG3__. If you're facing an issue or want to improve this app, please open a new issue in this __URL_TAG1__project__URL_TAG2__https://github.com/YunoHost-Apps/wordpress_ynh__URL_TAG3__." > mail_to_send diff --git a/scripts/upgrade b/scripts/upgrade index 455c57e..4941018 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -338,7 +338,10 @@ else fi ynh_app_changelog --format=$format -echo "You can configure this app easily by using the experimental __URL_TAG1__config-panel feature__URL_TAG2__$admin_panel/config-panel__URL_TAG3__. +echo "Please manually trigger updates to major versions in the WordPress admin area. +You can also activate the automatic update in the Companion Auto Update plugin settings. + +You can configure this app easily by using the experimental __URL_TAG1__config-panel feature__URL_TAG2__$admin_panel/config-panel__URL_TAG3__. You can also find some specific actions for this app by using the experimental __URL_TAG1__action feature__URL_TAG2__$admin_panel/actions__URL_TAG3__. If you're facing an issue or want to improve this app, please open a new issue in this __URL_TAG1__project__URL_TAG2__https://github.com/YunoHost-Apps/wordpress_ynh__URL_TAG3__. From 9d85bc2569bd75c8ce666e8646177de2226932dd Mon Sep 17 00:00:00 2001 From: Kay0u Date: Wed, 10 Mar 2021 18:29:51 +0100 Subject: [PATCH 14/17] new permissions system --- actions.toml | 12 ----- config_panel.toml | 9 ---- scripts/actions/public_private | 80 ---------------------------- scripts/actions/reset_default_app | 16 ------ scripts/actions/reset_default_system | 3 +- scripts/config | 17 ------ scripts/install | 19 ++++--- scripts/restore | 1 - scripts/upgrade | 54 +++++++------------ 9 files changed, 34 insertions(+), 177 deletions(-) delete mode 100755 scripts/actions/public_private diff --git a/actions.toml b/actions.toml index d5f7cd1..6a36fd7 100644 --- a/actions.toml +++ b/actions.toml @@ -1,15 +1,3 @@ -[public_private] -name = "Move to public or private" -command = "/bin/bash scripts/actions/public_private" -accepted_return_codes = [0] -description = "Change the public access of the app." - - [public_private.arguments] - [public_private.arguments.is_public] - type = "boolean" - ask = "Is it a public app?" - default = true - [reset_default_nginx] name = "Reset the NGINX config for this app." command = "/bin/bash scripts/actions/reset_default_system nginx" diff --git a/config_panel.toml b/config_panel.toml index 10e11b1..07f014d 100644 --- a/config_panel.toml +++ b/config_panel.toml @@ -5,15 +5,6 @@ name = "Wordpress configuration panel" name = "Wordpress configuration" - [main.is_public] - name = "Public access" - - [main.is_public.is_public] - ask = "Is it a public WordPress site?" - type = "boolean" - default = true - - [main.overwrite_files] name = "Overwriting config files" diff --git a/scripts/actions/public_private b/scripts/actions/public_private deleted file mode 100755 index d514a76..0000000 --- a/scripts/actions/public_private +++ /dev/null @@ -1,80 +0,0 @@ -#!/bin/bash - -#================================================= -# GENERIC STARTING -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - -source /usr/share/yunohost/helpers - -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= - -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# RETRIEVE ARGUMENTS -#================================================= - -# Get is_public -is_public=${YNH_ACTION_IS_PUBLIC} - -app=$YNH_APP_INSTANCE_NAME - -#================================================= -# CHECK IF ARGUMENTS ARE CORRECT -#================================================= - -#================================================= -# CHECK IF AN ACTION HAS TO BE DONE -#================================================= - -is_public_old=$(ynh_app_setting_get --app=$app --key=is_public) - -if [ $is_public -eq $is_public_old ] -then - ynh_die --message="is_public is already set as $is_public." --ret_code=0 -fi - -#================================================= -# SPECIFIC ACTION -#================================================= -# MOVE TO PUBLIC OR PRIVATE -#================================================= - -if [ $is_public -eq 0 ]; then - public_private="private" -else - public_private="public" -fi -ynh_script_progression --message="Moving the application to $public_private..." --weight=3 - -if [ $is_public -eq 0 ] -then - ynh_app_setting_delete --app=$app --key=unprotected_uris -else - ynh_app_setting_set --app=$app --key=unprotected_uris --value="/" -fi - -ynh_script_progression --message="Upgrading SSOwat configuration..." -# Regen ssowat configuration -yunohost app ssowatconf - -# Update the config of the app -ynh_app_setting_set --app=$app --key=is_public --value=$is_public - -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." - -ynh_systemd_action --service_name=nginx --action=reload - -#================================================= -# END OF SCRIPT -#================================================= - -ynh_script_progression --message="Execution completed" --last diff --git a/scripts/actions/reset_default_app b/scripts/actions/reset_default_app index a787de8..b7e8f70 100755 --- a/scripts/actions/reset_default_app +++ b/scripts/actions/reset_default_app @@ -24,7 +24,6 @@ app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app=$app --key=domain) path_url=$(ynh_app_setting_get --app=$app --key=path) -is_public=$(ynh_app_setting_get --app=$app --key=is_public) final_path=$(ynh_app_setting_get --app=$app --key=final_path) phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) @@ -95,21 +94,6 @@ ynh_script_progression --message="Reconfiguring Fail2Ban..." --weight=5 # Create a dedicated fail2ban config ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="PHP message: Leed: wrong login for .* client: " --max_retry=5 -#================================================= -# SETUP SSOWAT -#================================================= -ynh_script_progression --message="Upgrading SSOwat configuration..." --weight=1 - -# Remove skipped_uris if it's still present -ynh_app_setting_delete --app=$app --key=skipped_uris -if [ $is_public -eq 0 ]; then - # Remove the public access - ynh_app_setting_delete --app=$app --key=unprotected_uris -else - # Or replace skipped_uris by unprotected_uris - ynh_app_setting_set --app=$app --key=unprotected_uris --value="/" -fi - #================================================= # RELOAD NGINX #================================================= diff --git a/scripts/actions/reset_default_system b/scripts/actions/reset_default_system index 0c41e0a..9122755 100755 --- a/scripts/actions/reset_default_system +++ b/scripts/actions/reset_default_system @@ -29,7 +29,6 @@ path_url=$(ynh_app_setting_get --app=$app --key=path) final_path=$(ynh_app_setting_get --app=$app --key=final_path) multisite=$(ynh_app_setting_get --app=$app --key=multisite) -is_public=$(ynh_app_setting_get --app=$app --key=is_public) #================================================= # SPECIFIC ACTION @@ -63,7 +62,7 @@ then elif [ $type == phpfpm ] then # If the app is private, set the usage to low, otherwise to high. - if [ $is_public -eq 0 ] + if [ $(ynh_app_setting_get --app=$app --key=is_public) -eq 0 ] then usage=low else diff --git a/scripts/config b/scripts/config index 36c49ae..318b28c 100644 --- a/scripts/config +++ b/scripts/config @@ -26,10 +26,6 @@ fpm_config_dir=$(ynh_app_setting_get --app=$app --key=fpm_config_dir) # If the form has a value for a variable, take the value from the form, # Otherwise, keep the value from the app config. -# is_public -old_is_public="$(ynh_app_setting_get --app=$app --key=is_public)" -is_public="${YNH_CONFIG_MAIN_IS_PUBLIC_IS_PUBLIC:-$old_is_public}" - # Overwrite nginx configuration old_overwrite_nginx="$(ynh_app_setting_get --app=$app --key=overwrite_nginx)" overwrite_nginx="${YNH_CONFIG_MAIN_OVERWRITE_FILES_OVERWRITE_NGINX:-$old_overwrite_nginx}" @@ -78,8 +74,6 @@ show_config() { # here you are supposed to read some config file/database/other then print the values # ynh_return "YNH_CONFIG_${PANEL_ID}_${SECTION_ID}_${OPTION_ID}=value" - ynh_return "YNH_CONFIG_MAIN_IS_PUBLIC_IS_PUBLIC=$is_public" - ynh_return "YNH_CONFIG_MAIN_OVERWRITE_FILES_OVERWRITE_NGINX=$overwrite_nginx" ynh_return "YNH_CONFIG_MAIN_OVERWRITE_FILES_OVERWRITE_PHPFPM=$overwrite_phpfpm" @@ -97,17 +91,6 @@ show_config() { apply_config() { - # Change public accessibility - if [ "$is_public" != "$old_is_public" ] - then - if [ "$is_public" = "1" ] - then - yunohost app action run $app public_private --args is_public=1 - else - yunohost app action run $app public_private --args is_public=0 - fi - fi - #================================================= # MODIFY OVERWRITTING SETTINGS #================================================= diff --git a/scripts/install b/scripts/install index 22569b0..66b465f 100644 --- a/scripts/install +++ b/scripts/install @@ -52,7 +52,6 @@ ynh_script_progression --message="Storing installation settings..." --weight=2 ynh_app_setting_set --app=$app --key=domain --value=$domain ynh_app_setting_set --app=$app --key=path --value=$path_url ynh_app_setting_set --app=$app --key=admin --value=$admin_wordpress -ynh_app_setting_set --app=$app --key=is_public --value=$is_public ynh_app_setting_set --app=$app --key=language --value=$language ynh_app_setting_set --app=$app --key=multisite --value=$multisite @@ -140,7 +139,7 @@ ynh_script_progression --message="Installing wordpress with cURL..." --weight=10 chown -R $app: $final_path # Set the app as temporarily public for cURL call -ynh_app_setting_set --app=$app --key=unprotected_uris --value="/" +ynh_permission_update --permission="main" --add="visitors" # Regen SSOwat configuration yunohost app ssowatconf @@ -150,6 +149,9 @@ ynh_systemd_action --service_name=nginx --action=reload # Wordpress installation ynh_local_curl "/wp-admin/install.php?step=2" "&weblog_title=YunoBlog" "user_name=$admin_wordpress" "admin_password=$db_pwd" "admin_password2=$db_pwd" "admin_email=$admin_wordpress@$domain" "Submit=Install+WordPress" +# Remove the public access +ynh_permission_update --permission="main" --remove="visitors" + ynh_print_info --message="Please wait during Wordpress installation..." for i in `seq 1 300` do @@ -257,14 +259,19 @@ ynh_add_fail2ban_config --logpath="/var/log/auth.log" --failregex="Authenticatio #================================================= # SETUP SSOWAT #================================================= -ynh_script_progression --message="Configuring SSOwat..." +ynh_script_progression --message="Configuring permissions..." --time --weight=1 -if [ $is_public -eq 0 ] +# Make app public if necessary +if [ $is_public -eq 1 ] then - # Remove the public access - ynh_app_setting_delete --app=$app --key=unprotected_uris + # Everyone can access the app. + # The "main" permission is automatically created before the install script. + ynh_permission_update --permission="main" --add="visitors" fi +# Only the admin can access the admin panel of the app +ynh_permission_create --permission="admin" --url="/wp-login.php" --additional_urls="/wp-admin.php" --allowed=$admin_wordpress + #================================================= # RELOAD NGINX #================================================= diff --git a/scripts/restore b/scripts/restore index ecf9787..7672833 100644 --- a/scripts/restore +++ b/scripts/restore @@ -25,7 +25,6 @@ app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app=$app --key=domain) path_url=$(ynh_app_setting_get --app=$app --key=path) -is_public=$(ynh_app_setting_get --app=$app --key=is_public) final_path=$(ynh_app_setting_get --app=$app --key=final_path) db_name=$(ynh_app_setting_get --app=$app --key=db_name) admin_wordpress=$(ynh_app_setting_get --app=$app --key=admin) diff --git a/scripts/upgrade b/scripts/upgrade index 004059f..d07ba35 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -20,7 +20,6 @@ domain=$(ynh_app_setting_get --app=$app --key=domain) path_url=$(ynh_app_setting_get --app=$app --key=path) admin_wordpress=$(ynh_app_setting_get --app=$app --key=admin) language=$(ynh_app_setting_get --app=$app --key=language) -is_public=$(ynh_app_setting_get --app=$app --key=is_public) multisite=$(ynh_app_setting_get --app=$app --key=multisite) final_path=$(ynh_app_setting_get --app=$app --key=final_path) db_name=$(ynh_app_setting_get --app=$app --key=db_name) @@ -63,15 +62,6 @@ if [ -z "$language" ]; then ynh_app_setting_set --app=$app --key=language --value=$language fi -# Fix is_public as a boolean -if [ "${is_public,,}" = "yes" ]; then - ynh_app_setting_set --app=$app --key=is_public --value=1 - is_public=1 -elif [ "${is_public,,}" = "no" ]; then - ynh_app_setting_set --app=$app --key=is_public --value=0 - is_public=0 -fi - # Fix multisite as a boolean if [ "${multisite,,}" = "yes" ]; then ynh_app_setting_set --app=$app --key=multisite --value=1 @@ -110,14 +100,6 @@ if [ -z "$overwrite_phpfpm" ]; then ynh_app_setting_set --app=$app --key=overwrite_phpfpm --value=$overwrite_phpfpm fi -# If the app is private, set the usage to low, otherwise to high. -if [ $is_public -eq 0 ] -then - usage=low -else - usage=high -fi - # If fpm_footprint doesn't exist, create it if [ -z "$fpm_footprint" ]; then fpm_footprint=medium @@ -126,6 +108,13 @@ fi # If fpm_usage doesn't exist, create it if [ -z "$fpm_usage" ]; then + # If the app is private, set the usage to low, otherwise to high. + if [ $(ynh_app_setting_get --app=$app --key=is_public) -eq 0 ] + then + usage=low + else + usage=high + fi fpm_usage=$usage ynh_app_setting_set --app=$app --key=fpm_usage --value=$fpm_usage fi @@ -145,6 +134,18 @@ fi $wpcli_alias plugin is-installed wp-fail2ban && $wpcli_alias plugin deactivate $plugin_network wp-fail2ban && $wpcli_alias plugin uninstall wp-fail2ban $wpcli_alias plugin is-installed wp-fail2ban-redux || $wpcli_alias plugin install wp-fail2ban-redux +# Cleaning legacy permissions +if ynh_legacy_permissions_exists; then + ynh_legacy_permissions_delete_all + + ynh_app_setting_delete --app=$app --key=is_public +fi + +if ! ynh_permission_exists --permission="admin"; then + # Create the required permissions + ynh_permission_create --permission="admin" --url="/wp-login.php" --additional_urls="/wp-admin.php" --allowed=$admin_wordpress +fi + #================================================= # STANDARD UPGRADE STEPS #================================================= @@ -225,7 +226,7 @@ then else multisite=0 plugin_network="" - if [ $is_public -eq 1 ] + if ynh_permission_has_user --permission="main" --user="visitor" then ynh_replace_string --match_string="//--PUBLIC--define" --replace_string="define" --target_file=$final_path/wp-config.php fi @@ -297,21 +298,6 @@ ynh_script_progression --message="Reconfiguring Fail2Ban..." --weight=9 # Create a dedicated Fail2Ban config ynh_add_fail2ban_config --logpath="/var/log/auth.log" --failregex="Authentication (attempt for unknown user|failure for) .* from " --max_retry=5 -#================================================= -# SETUP SSOWAT -#================================================= -ynh_script_progression --message="Upgrading SSOwat configuration..." - -# Remove skipped_uris if it's still present -ynh_app_setting_delete --app=$app --key=skipped_uris -if [ $is_public -eq 0 ]; then - # Remove the public access - ynh_app_setting_delete --app=$app --key=unprotected_uris -else - # Or replace skipped_uris by unprotected_uris - ynh_app_setting_set --app=$app --key=unprotected_uris --value="/" -fi - #================================================= # RELOAD NGINX #================================================= From 7f10e5e2536d1a6b82b317178c8e1781f287d7aa Mon Sep 17 00:00:00 2001 From: Kay0u Date: Wed, 10 Mar 2021 20:07:57 +0100 Subject: [PATCH 15/17] change ldap plugin to be able to use ldap filters --- conf/sql/multisite.sql | 2 +- conf/sql/single.sql | 2 +- scripts/install | 10 ++++++++-- scripts/upgrade | 17 +++++++++++++++-- 4 files changed, 25 insertions(+), 6 deletions(-) diff --git a/conf/sql/multisite.sql b/conf/sql/multisite.sql index 63a84a6..c35345f 100644 --- a/conf/sql/multisite.sql +++ b/conf/sql/multisite.sql @@ -1 +1 @@ -INSERT INTO wp_sitemeta VALUES(NULL,1,'sll_settings','a:14:{s:14:"account_suffix";s:0:"";s:7:"base_dn";s:27:"ou=users,dc=yunohost,dc=org";s:18:"domain_controllers";a:1:{i:0;s:9:"localhost";}s:9:"directory";s:2:"ol";s:4:"role";s:10:"subscriber";s:13:"high_security";s:5:"false";s:8:"ol_login";s:3:"uid";s:7:"use_tls";s:5:"false";s:9:"ldap_port";s:3:"389";s:12:"ldap_version";s:1:"3";s:12:"create_users";s:4:"true";s:7:"enabled";s:4:"true";s:7:"version";s:3:"1.5";s:6:"groups";a:1:{i:0;s:0:"";}}'); +REPLACE INTO wp_sitemeta VALUES(NULL,1,'authLDAPOptions','a:22:{s:7:"Enabled";s:1:"1";s:7:"CachePW";b:0;s:3:"URI";s:44:"ldap://localhost/ou=users,dc=yunohost,dc=org";s:12:"URISeparator";s:1:" ";s:6:"Filter";s:__LENGTH__:"(&(|(objectclass=posixAccount))(uid=%s)(permission=cn=__APP__.admin,ou=permission,dc=yunohost,dc=org))";s:8:"NameAttr";s:0:"";s:7:"SecName";s:0:"";s:7:"UidAttr";s:0:"";s:8:"MailAttr";s:0:"";s:7:"WebAttr";s:0:"";s:6:"Groups";a:5:{s:13:"administrator";s:0:"";s:6:"editor";s:0:"";s:6:"author";s:0:"";s:11:"contributor";s:0:"";s:10:"subscriber";s:0:"";}s:5:"Debug";b:0;s:9:"GroupAttr";s:0:"";s:11:"GroupFilter";s:0:"";s:11:"DefaultRole";s:13:"administrator";s:11:"GroupEnable";b:0;s:13:"GroupOverUser";b:0;s:7:"Version";i:1;s:26:"DoNotOverwriteNonLdapUsers";b:0;s:8:"StartTLS";b:0;s:14:"GroupSeparator";s:0:"";s:9:"GroupBase";s:0:"";}'); diff --git a/conf/sql/single.sql b/conf/sql/single.sql index 0cc6985..bb07cb0 100644 --- a/conf/sql/single.sql +++ b/conf/sql/single.sql @@ -1 +1 @@ -INSERT INTO wp_options VALUES(NULL,'sll_settings','a:14:{s:14:"account_suffix";s:0:"";s:7:"base_dn";s:27:"ou=users,dc=yunohost,dc=org";s:18:"domain_controllers";a:1:{i:0;s:9:"localhost";}s:9:"directory";s:2:"ol";s:4:"role";s:10:"subscriber";s:13:"high_security";s:5:"false";s:8:"ol_login";s:3:"uid";s:7:"use_tls";s:5:"false";s:9:"ldap_port";s:3:"389";s:12:"ldap_version";s:1:"3";s:12:"create_users";s:4:"true";s:7:"enabled";s:4:"true";s:7:"version";s:3:"1.5";s:6:"groups";a:1:{i:0;s:0:"";}}','yes'); +REPLACE INTO wp_options VALUES(NULL,'authLDAPOptions','a:22:{s:7:"Enabled";s:1:"1";s:7:"CachePW";b:0;s:3:"URI";s:44:"ldap://localhost/ou=users,dc=yunohost,dc=org";s:12:"URISeparator";s:1:" ";s:6:"Filter";s:__LENGTH__:"(&(|(objectclass=posixAccount))(uid=%s)(permission=cn=__APP__.admin,ou=permission,dc=yunohost,dc=org))";s:8:"NameAttr";s:0:"";s:7:"SecName";s:0:"";s:7:"UidAttr";s:0:"";s:8:"MailAttr";s:0:"";s:7:"WebAttr";s:0:"";s:6:"Groups";a:5:{s:13:"administrator";s:0:"";s:6:"editor";s:0:"";s:6:"author";s:0:"";s:11:"contributor";s:0:"";s:10:"subscriber";s:0:"";}s:5:"Debug";b:0;s:9:"GroupAttr";s:0:"";s:11:"GroupFilter";s:0:"";s:11:"DefaultRole";s:13:"administrator";s:11:"GroupEnable";b:0;s:13:"GroupOverUser";b:0;s:7:"Version";i:1;s:26:"DoNotOverwriteNonLdapUsers";b:0;s:8:"StartTLS";b:0;s:14:"GroupSeparator";s:0:"";s:9:"GroupBase";s:0:"";}','yes'); diff --git a/scripts/install b/scripts/install index 66b465f..320ac9d 100644 --- a/scripts/install +++ b/scripts/install @@ -171,7 +171,7 @@ ynh_script_progression --message="Installing WordPress plugins..." --weight=20 ynh_exec_warn_less wget --no-verbose https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar --output-document=$final_path/wp-cli.phar wpcli_alias="php$phpversion $final_path/wp-cli.phar --allow-root --path=$final_path" -$wpcli_alias plugin install simple-ldap-login +$wpcli_alias plugin install authldap $wpcli_alias plugin install http-authentication $wpcli_alias plugin install companion-auto-update $wpcli_alias plugin install wp-fail2ban-redux @@ -202,9 +202,15 @@ then # Activate multisite in wordpress config ynh_replace_string --match_string="//--MULTISITE2--define" --replace_string="define" --target_file=$final_path/wp-config.php + ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file=../conf/sql/multisite.sql + ynh_replace_string --match_string="__LENGTH__" --replace_string="$((${#app} + 95))" --target_file=../conf/sql/multisite.sql + ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name < ../conf/sql/multisite.sql plugin_network="--network" else + ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file=../conf/sql/single.sql + ynh_replace_string --match_string="__LENGTH__" --replace_string="$((${#app} + 95))" --target_file=../conf/sql/single.sql + ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name < ../conf/sql/single.sql plugin_network="" fi @@ -214,7 +220,7 @@ fi #================================================= ynh_script_progression --message="Activating plugins..." --weight=4 -$wpcli_alias plugin activate simple-ldap-login $plugin_network +$wpcli_alias plugin activate authldap $plugin_network # Do not activate http-authentication, this plugin is sometimes unstable $wpcli_alias plugin activate companion-auto-update $plugin_network # Enable the auto update of major versions diff --git a/scripts/upgrade b/scripts/upgrade index d07ba35..6c80e41 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -134,6 +134,9 @@ fi $wpcli_alias plugin is-installed wp-fail2ban && $wpcli_alias plugin deactivate $plugin_network wp-fail2ban && $wpcli_alias plugin uninstall wp-fail2ban $wpcli_alias plugin is-installed wp-fail2ban-redux || $wpcli_alias plugin install wp-fail2ban-redux +# Remove old ldap plugin +$wpcli_alias plugin is-installed simple-ldap-login && $wpcli_alias plugin deactivate $plugin_network simple-ldap-login && $wpcli_alias plugin uninstall simple-ldap-login + # Cleaning legacy permissions if ynh_legacy_permissions_exists; then ynh_legacy_permissions_delete_all @@ -214,6 +217,8 @@ ynh_backup_if_checksum_is_different --file="$final_path/wp-config.php" #================================================= ynh_script_progression --message="Configuring multisite..." --weight=2 +db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) + if [ $multisite -eq 1 ] then ynh_replace_string --match_string="#--MULTISITE--" --replace_string="" --target_file=/etc/nginx/conf.d/$domain.d/$app.conf @@ -222,9 +227,17 @@ then ynh_systemd_action --service_name=nginx --action=reload + ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file=../conf/sql/multisite.sql + ynh_replace_string --match_string="__LENGTH__" --replace_string="$((${#app} + 95))" --target_file=../conf/sql/multisite.sql + + ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name < ../conf/sql/multisite.sql plugin_network="--network" else multisite=0 + ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file=../conf/sql/single.sql + ynh_replace_string --match_string="__LENGTH__" --replace_string="$((${#app} + 95))" --target_file=../conf/sql/single.sql + + ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name < ../conf/sql/single.sql plugin_network="" if ynh_permission_has_user --permission="main" --user="visitor" then @@ -243,8 +256,8 @@ ynh_script_progression --message="Updating plugins" --weight=11 update_plugin () { ( $wpcli_alias plugin is-installed $1 && $wpcli_alias plugin update $1 ) || $wpcli_alias plugin install $1 } -update_plugin simple-ldap-login -$wpcli_alias plugin activate simple-ldap-login $plugin_network +update_plugin authldap +$wpcli_alias plugin activate authldap $plugin_network update_plugin companion-auto-update $wpcli_alias plugin activate companion-auto-update $plugin_network From 74f8969bccf637a44f646b9808794cd902099cb6 Mon Sep 17 00:00:00 2001 From: Kay0u Date: Thu, 11 Mar 2021 13:44:03 +0100 Subject: [PATCH 16/17] fix user informations + set subscriber by default --- conf/sql/multisite.sql | 2 +- conf/sql/single.sql | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/conf/sql/multisite.sql b/conf/sql/multisite.sql index c35345f..075381a 100644 --- a/conf/sql/multisite.sql +++ b/conf/sql/multisite.sql @@ -1 +1 @@ -REPLACE INTO wp_sitemeta VALUES(NULL,1,'authLDAPOptions','a:22:{s:7:"Enabled";s:1:"1";s:7:"CachePW";b:0;s:3:"URI";s:44:"ldap://localhost/ou=users,dc=yunohost,dc=org";s:12:"URISeparator";s:1:" ";s:6:"Filter";s:__LENGTH__:"(&(|(objectclass=posixAccount))(uid=%s)(permission=cn=__APP__.admin,ou=permission,dc=yunohost,dc=org))";s:8:"NameAttr";s:0:"";s:7:"SecName";s:0:"";s:7:"UidAttr";s:0:"";s:8:"MailAttr";s:0:"";s:7:"WebAttr";s:0:"";s:6:"Groups";a:5:{s:13:"administrator";s:0:"";s:6:"editor";s:0:"";s:6:"author";s:0:"";s:11:"contributor";s:0:"";s:10:"subscriber";s:0:"";}s:5:"Debug";b:0;s:9:"GroupAttr";s:0:"";s:11:"GroupFilter";s:0:"";s:11:"DefaultRole";s:13:"administrator";s:11:"GroupEnable";b:0;s:13:"GroupOverUser";b:0;s:7:"Version";i:1;s:26:"DoNotOverwriteNonLdapUsers";b:0;s:8:"StartTLS";b:0;s:14:"GroupSeparator";s:0:"";s:9:"GroupBase";s:0:"";}'); +REPLACE INTO wp_sitemeta VALUES(NULL,1,'authLDAPOptions','a:22:{s:7:"Enabled";s:1:"1";s:7:"CachePW";b:0;s:3:"URI";s:44:"ldap://localhost/ou=users,dc=yunohost,dc=org";s:12:"URISeparator";s:1:" ";s:6:"Filter";s:__LENGTH__:"(&(|(objectclass=posixAccount))(uid=%s)(permission=cn=__APP__.admin,ou=permission,dc=yunohost,dc=org))";s:8:"NameAttr";s:9:"givenName";s:7:"SecName";s:2:"sn";s:7:"UidAttr";s:3:"uid";s:8:"MailAttr";s:4:"mail";s:7:"WebAttr";s:0:"";s:6:"Groups";a:5:{s:13:"administrator";s:0:"";s:6:"editor";s:0:"";s:6:"author";s:0:"";s:11:"contributor";s:0:"";s:10:"subscriber";s:0:"";}s:5:"Debug";b:0;s:9:"GroupAttr";s:0:"";s:11:"GroupFilter";s:0:"";s:11:"DefaultRole";s:10:"subscriber";s:11:"GroupEnable";b:0;s:13:"GroupOverUser";b:0;s:7:"Version";i:1;s:26:"DoNotOverwriteNonLdapUsers";b:0;s:8:"StartTLS";b:0;s:14:"GroupSeparator";s:0:"";s:9:"GroupBase";s:0:"";}'); diff --git a/conf/sql/single.sql b/conf/sql/single.sql index bb07cb0..9a3c8bd 100644 --- a/conf/sql/single.sql +++ b/conf/sql/single.sql @@ -1 +1 @@ -REPLACE INTO wp_options VALUES(NULL,'authLDAPOptions','a:22:{s:7:"Enabled";s:1:"1";s:7:"CachePW";b:0;s:3:"URI";s:44:"ldap://localhost/ou=users,dc=yunohost,dc=org";s:12:"URISeparator";s:1:" ";s:6:"Filter";s:__LENGTH__:"(&(|(objectclass=posixAccount))(uid=%s)(permission=cn=__APP__.admin,ou=permission,dc=yunohost,dc=org))";s:8:"NameAttr";s:0:"";s:7:"SecName";s:0:"";s:7:"UidAttr";s:0:"";s:8:"MailAttr";s:0:"";s:7:"WebAttr";s:0:"";s:6:"Groups";a:5:{s:13:"administrator";s:0:"";s:6:"editor";s:0:"";s:6:"author";s:0:"";s:11:"contributor";s:0:"";s:10:"subscriber";s:0:"";}s:5:"Debug";b:0;s:9:"GroupAttr";s:0:"";s:11:"GroupFilter";s:0:"";s:11:"DefaultRole";s:13:"administrator";s:11:"GroupEnable";b:0;s:13:"GroupOverUser";b:0;s:7:"Version";i:1;s:26:"DoNotOverwriteNonLdapUsers";b:0;s:8:"StartTLS";b:0;s:14:"GroupSeparator";s:0:"";s:9:"GroupBase";s:0:"";}','yes'); +REPLACE INTO wp_options VALUES(NULL,'authLDAPOptions','a:22:{s:7:"Enabled";s:1:"1";s:7:"CachePW";b:0;s:3:"URI";s:44:"ldap://localhost/ou=users,dc=yunohost,dc=org";s:12:"URISeparator";s:1:" ";s:6:"Filter";s:__LENGTH__:"(&(|(objectclass=posixAccount))(uid=%s)(permission=cn=__APP__.admin,ou=permission,dc=yunohost,dc=org))";s:8:"NameAttr";s:9:"givenName";s:7:"SecName";s:2:"sn";s:7:"UidAttr";s:3:"uid";s:8:"MailAttr";s:4:"mail";s:7:"WebAttr";s:0:"";s:6:"Groups";a:5:{s:13:"administrator";s:0:"";s:6:"editor";s:0:"";s:6:"author";s:0:"";s:11:"contributor";s:0:"";s:10:"subscriber";s:0:"";}s:5:"Debug";b:0;s:9:"GroupAttr";s:0:"";s:11:"GroupFilter";s:0:"";s:11:"DefaultRole";s:10:"subscriber";s:11:"GroupEnable";b:0;s:13:"GroupOverUser";b:0;s:7:"Version";i:1;s:26:"DoNotOverwriteNonLdapUsers";b:0;s:8:"StartTLS";b:0;s:14:"GroupSeparator";s:0:"";s:9:"GroupBase";s:0:"";}','yes'); From dd79c5ab3d3bf66a76384707f4819ce7f8869195 Mon Sep 17 00:00:00 2001 From: Kay0u Date: Thu, 11 Mar 2021 14:07:17 +0100 Subject: [PATCH 17/17] remove --time --- scripts/install | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/install b/scripts/install index 320ac9d..0d8fcf2 100644 --- a/scripts/install +++ b/scripts/install @@ -265,7 +265,7 @@ ynh_add_fail2ban_config --logpath="/var/log/auth.log" --failregex="Authenticatio #================================================= # SETUP SSOWAT #================================================= -ynh_script_progression --message="Configuring permissions..." --time --weight=1 +ynh_script_progression --message="Configuring permissions..." --weight=1 # Make app public if necessary if [ $is_public -eq 1 ]