#!/bin/bash #================================================= # GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= source _common.sh source /usr/share/yunohost/helpers #================================================= # MANAGE SCRIPT FAILURE #================================================= # Exit if an error occurs during the execution of the script ynh_abort_if_errors #================================================= # RETRIEVE ARGUMENTS FROM THE MANIFEST #================================================= domain=$YNH_APP_ARG_DOMAIN path_url=$YNH_APP_ARG_PATH is_public=$YNH_APP_ARG_IS_PUBLIC language=$YNH_APP_ARG_LANGUAGE admin_wordpress=$YNH_APP_ARG_ADMIN multisite=$YNH_APP_ARG_MULTISITE app=$YNH_APP_INSTANCE_NAME #================================================= # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS #================================================= ynh_script_progression --message="Validating installation parameters..." --weight=2 final_path=/var/www/$app test ! -e "$final_path" || ynh_die --message="This path already contains a folder" # Register (book) web path ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url if [ "$path_url" == "/" ] && [ $multisite -eq 1 ]; then ynh_die --message="Multisite option of wordpress doesn't work at the root of a domain." fi #================================================= # STORE SETTINGS FROM MANIFEST #================================================= ynh_script_progression --message="Storing installation settings..." --weight=2 ynh_app_setting_set --app=$app --key=domain --value=$domain ynh_app_setting_set --app=$app --key=path --value=$path_url ynh_app_setting_set --app=$app --key=language --value=$language ynh_app_setting_set --app=$app --key=admin --value=$admin_wordpress ynh_app_setting_set --app=$app --key=multisite --value=$multisite ynh_app_setting_set --app=$app --key=overwrite_nginx --value=1 ynh_app_setting_set --app=$app --key=overwrite_phpfpm --value=1 ynh_app_setting_set --app=$app --key=admin_mail_html --value=1 #================================================= # STANDARD MODIFICATIONS #================================================= # CREATE DEDICATED USER #================================================= ynh_script_progression --message="Configuring system user..." --weight=3 # Create a system user ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= # CREATE A MYSQL DATABASE #================================================= ynh_script_progression --message="Creating a MySQL database..." db_name=$(ynh_sanitize_dbid --db_name=$app) db_user=$db_name ynh_app_setting_set --app=$app --key=db_name --value=$db_name ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= ynh_script_progression --message="Setting up source files..." --weight=4 ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" #================================================= # NGINX CONFIGURATION #================================================= ynh_script_progression --message="Configuring NGINX web server..." --weight=3 # Create a dedicated NGINX config ynh_add_nginx_config #================================================= # PHP-FPM CONFIGURATION #================================================= ynh_script_progression --message="Configuring PHP-FPM..." --weight=2 # If the app is private, set the usage to low, otherwise to high. if [ $is_public -eq 0 ] then usage=low else usage=high fi # Create a dedicated PHP-FPM config ynh_add_fpm_config --usage=$usage --footprint=medium --package="$extra_php_dependencies" phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= # SPECIFIC SETUP #================================================= # CONFIGURE WP-CONFIG #================================================= ynh_script_progression --message="Configuring WordPress..." cp ../conf/wp-config.php $final_path/wp-config.php # Change variables in Wordpress configuration ynh_replace_string --match_string="__DB_USER__" --replace_string=$db_name --target_file=$final_path/wp-config.php ynh_replace_string --match_string="__DB_PWD__" --replace_string="$db_pwd" --target_file=$final_path/wp-config.php for i in 1 2 3 4 5 6 7 8 do j=$(ynh_string_random --length=40) ynh_replace_string --match_string="KEY$i" --replace_string="$j" --target_file=$final_path/wp-config.php sleep 0.5 done #================================================= # SETTING UP WITH CURL #================================================= ynh_script_progression --message="Installing wordpress with cURL..." --weight=10 # Set right permissions for cURL install chown -R $app: $final_path # Set the app as temporarily public for cURL call ynh_permission_update --permission="main" --add="visitors" # Regen SSOwat configuration yunohost app ssowatconf # Reload NGINX ynh_systemd_action --service_name=nginx --action=reload # Wordpress installation ynh_local_curl "/wp-admin/install.php?step=2" "&weblog_title=YunoBlog" "user_name=$admin_wordpress" "admin_password=$db_pwd" "admin_password2=$db_pwd" "admin_email=$admin_wordpress@$domain" "Submit=Install+WordPress" # Remove the public access ynh_permission_update --permission="main" --remove="visitors" ynh_print_info --message="Please wait during Wordpress installation..." for i in `seq 1 300` do # The loop waits for WordPress to be installed, or 5 minutes. if ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name <<< "show tables" | grep --quiet "wp_options"; then # If the table wp_options is found, WordPress has finished its installation. break fi sleep 1 done #================================================= # INSTALL WORDPRESS PLUGINS #================================================= ynh_script_progression --message="Installing WordPress plugins..." --weight=20 ynh_exec_warn_less wget --no-verbose https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar --output-document=$final_path/wp-cli.phar wpcli_alias="php$phpversion $final_path/wp-cli.phar --allow-root --path=$final_path" $wpcli_alias plugin install authldap $wpcli_alias plugin install http-authentication $wpcli_alias plugin install companion-auto-update $wpcli_alias plugin install wp-fail2ban-redux #================================================= # SET LANGUAGE #================================================= ynh_script_progression --message="Configuring language..." --weight=3 $wpcli_alias core language install $language $wpcli_alias site switch-language $language #================================================= # CONFIGURE MULTISITE #================================================= if [ $multisite -eq 1 ] then ynh_script_progression --message="Configuring multisite..." --weight=2 ynh_replace_string --match_string="#--MULTISITE--" --replace_string="" --target_file=/etc/nginx/conf.d/$domain.d/$app.conf # Allow multisite ynh_replace_string --match_string="//--MULTISITE1--define" --replace_string="define " --target_file=$final_path/wp-config.php # Activate multisite via wp-cli ynh_exec_fully_quiet $wpcli_alias core multisite-convert --base=$path_url/ # Activate multisite in wordpress config ynh_replace_string --match_string="//--MULTISITE2--define" --replace_string="define" --target_file=$final_path/wp-config.php db_prefix="wp_" ynh_replace_string --match_string="__DB_PREFIX__" --replace_string="$db_prefix" --target_file=../conf/sql/multisite.sql ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file=../conf/sql/multisite.sql ynh_replace_string --match_string="__LENGTH__" --replace_string="$((${#app} + 108))" --target_file=../conf/sql/multisite.sql ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name < ../conf/sql/multisite.sql plugin_network="--network" else db_prefix="wp_" ynh_replace_string --match_string="__DB_PREFIX__" --replace_string="$db_prefix" --target_file=../conf/sql/single.sql ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file=../conf/sql/single.sql ynh_replace_string --match_string="__LENGTH__" --replace_string="$((${#app} + 108))" --target_file=../conf/sql/single.sql ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name < ../conf/sql/single.sql plugin_network="" fi #================================================= # ACTIVATE WORDPRESS PLUGINS #================================================= ynh_script_progression --message="Activating plugins..." --weight=4 $wpcli_alias plugin activate authldap $plugin_network # Do not activate http-authentication, this plugin is sometimes unstable $wpcli_alias plugin activate companion-auto-update $plugin_network $wpcli_alias plugin activate wp-fail2ban-redux $plugin_network # Set file and directories ownership mkdir -p $final_path/wp-content/uploads chmod 750 "$final_path" chmod -R o-rwx "$final_path" chown -R $app:www-data "$final_path" chmod g+s $final_path/wp-content/uploads #================================================= # STORE THE CONFIG FILE CHECKSUM #================================================= # Calculate and store the config file checksum into the app settings ynh_store_file_checksum --file="$final_path/wp-config.php" chmod 400 "$final_path/wp-config.php" chown $app:$app "$final_path/wp-config.php" #================================================= # CREATE A CRON TASK FOR AUTOMATIC UPDATE #================================================= echo "# Reach everyday wp-cron.php to trig the internal WordPress cron. 0 3 * * * $app php$phpversion $final_path/wp-cron.php" > /etc/cron.d/$app #================================================= # GENERIC FINALISATION #================================================= # SETUP FAIL2BAN #================================================= ynh_script_progression --message="Configuring Fail2Ban..." --weight=7 # Create a dedicated Fail2Ban config ynh_add_fail2ban_config --logpath="/var/log/auth.log" --failregex="Authentication (attempt for unknown user|failure for) .* from " --max_retry=5 #================================================= # SETUP SSOWAT #================================================= ynh_script_progression --message="Configuring permissions..." --weight=1 # Make app public if necessary if [ $is_public -eq 1 ] then # Everyone can access the app. # The "main" permission is automatically created before the install script. ynh_permission_update --permission="main" --add="visitors" fi # Only the admin can access the admin panel of the app ynh_permission_create --permission="admin" --url="/wp-login.php" --additional_urls="/wp-admin.php" --allowed=$admin_wordpress #================================================= # RELOAD NGINX #================================================= ynh_script_progression --message="Reloading NGINX web server..." --weight=3 ynh_systemd_action --service_name=nginx --action=reload #================================================= # REMOVE WP-CLI.PHAR #================================================= ynh_secure_remove --file=$final_path/wp-cli.phar #================================================= # SEND A README FOR THE ADMIN #================================================= # Get main domain and buid the url of the admin panel of the app. admin_panel="https://$(grep portal_domain /etc/ssowat/conf.json | cut -d'"' -f4)/yunohost/admin/#/apps/$app" echo "Please manually trigger updates to major versions in the WordPress admin area. You can also activate the automatic update in the Companion Auto Update plugin settings. You can configure this app easily by using the experimental __URL_TAG1__config-panel feature__URL_TAG2__$admin_panel/config-panel__URL_TAG3__. You can also find some specific actions for this app by using the experimental __URL_TAG1__action feature__URL_TAG2__$admin_panel/actions__URL_TAG3__. If you're facing an issue or want to improve this app, please open a new issue in this __URL_TAG1__project__URL_TAG2__https://github.com/YunoHost-Apps/wordpress_ynh__URL_TAG3__." > mail_to_send ynh_send_readme_to_admin --app_message="mail_to_send" --recipients="$admin_wordpress" --type=install #================================================= # END OF SCRIPT #================================================= ynh_script_progression --message="Installation of $app completed" --last