YunoHost-Apps/zap_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/zap_ynh.git synced 2024-09-03 20:36:07 +02:00
Code Issues Activity Actions

Merge pull request #37 from YunoHost-Apps/version-2

Browse source 
Version 2
This commit is contained in:
Salamandar 2024-01-24 13:16:48 +01:00 committed by GitHub
commit cc623739c8
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
23 changed files with 274 additions and 1066 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
README.md
View file

@ -16,7 +16,7 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in
## Overview
[Zap](https://zotlabs.com/zap/) is an an ethical alternative to Fediverse that provides powerful features for creating interconnected websites featuring a decentralized identity, communications, and permissions framework built using common webserver technology.
Zap is an an ethical alternative to Fediverse that provides powerful features for creating interconnected websites featuring a decentralized identity, communications, and permissions framework built using common webserver technology.
Compatible with **Mastodon**, **Pleroma**, **Pixelfed**, **Friendica**, **Hubzilla**, **Funkwhale**, **Peertube**, **Plume**, **WriteFreely** and many, many more.
@ -32,34 +32,13 @@ Compatible with **Mastodon**, **Pleroma**, **Pixelfed**, **Friendica**, **Hubzil
**Shipped version:** 21.11.28~ynh2
## Disclaimers / important information
## Installation
Before installing, read the [Zap installation instructions](https://codeberg.org/zot/zap/src/branch/release/install/INSTALL.txt) for important information about:
### Register a new domain and add it to YunoHost
- Zap requires a dedicated domain, so obtain one and add it using the YunoHost admin panel. **Domains -> Add domain**. As Zap uses the full domain and is installed on the root, you can create a subdomain such as Zap.domain.tld. Don't forget to update your DNS if you manage them manually.
## LDAP Admin user rights, logs and failed database updates
- **For admin rights**: When installation is complete, you will need to visit your new hub's page and login with the **admin account username** which was entered at the time of installation process. You should then be able to create your first channel and have the **admin rights** for the hub.
- **For normal YunoHost users :** Normal LDAP users can login through Ldap authentication and create there channels.
- **Failing to get admin rights :** If the admin cannot access the admin settings at `https://zap.example.com/admin` or you want to grant admin rights to any other user(s) on the hub, then you have to **manually add 4096** to the **account_roles** under **accounts** for that user in the **database through phpMYAdmin**.
- **For logs:** Go to **admin->logs** and enter the file name **php.log**.
- **Failed Database after Upgrade:** Some times databse upgrade fails after version upgrade. You can go to hub eg. `https://zap.example.com/admin/dbsync/` and check the numbers of failled update. These updates will have to be ran manually by **phpMYAdmin**.
## :red_circle: Antifeatures
- **Upstream not maintained**: This software is not maintained anymore. Expect it to break down over time, be exposed to unfixed security breaches, etc.
## Documentation and resources
* Official app website: <https://codeberg.org/zot-archive/zap>
* Upstream app code repository: <https://codeberg.org/zot-archive/zap>
* YunoHost Store: <https://apps.yunohost.org/app/zap>
* Report a bug: <https://github.com/YunoHost-Apps/zap_ynh/issues>

44
README_fr.md
View file

@ -16,50 +16,28 @@ Si vous navez pas YunoHost, regardez [ici](https://yunohost.org/#/install) po
## Vue densemble
[Zap](https://zotlabs.com/zap/) is an an ethical alternative to Fediverse that provides powerful features for creating interconnected websites featuring a decentralized identity, communications, and permissions framework built using common webserver technology.
Zap est une alternative éthique à Fediverse qui fournit des fonctionnalités puissantes pour créer des sites Web interconnectés dotés d'un cadre décentralisé d'identité, de communications et d'autorisations construit à l'aide d'une technologie de serveur Web commune.
Compatible with **Mastodon**, **Pleroma**, **Pixelfed**, **Friendica**, **Hubzilla**, **Funkwhale**, **Peertube**, **Plume**, **WriteFreely** and many, many more.
Compatible avec **Mastodon**, **Pleroma**, **Pixelfed**, **Friendica**, **Hubzilla**, **Funkwhale**, **Peertube**, **Plume**, **WriteFreely** et bien d'autres encore.
## Unique Features of ZAP
- **Groups** : public, private, and moderated.
- **Events** : Calendar and attendance; automatic birthday notifications for friends using this feature.
- **Cloud**storage : Built-in network file storage integrated with social networking access.
- **Editor** : Supports both markdown and bbcode. Use either or both - if you want.
- **Share**: Drag-and-drop a number of different things such as files, photos, webpages, maps, phone numbers to share- them.
- **Lists**: Sometimes referred to as circles or aspects, this lets you define your own groups of related friends and- communicate with them as a private group.
- **Extend** : Change or upgrade your software functionality as desired by installing additional features from addons and- the free app collection.
## Caractéristiques uniques de ZAP
- **Groupes** : publics, privés et modérés.
- **Événements** : Calendrier et participation ; notifications d'anniversaire automatiques pour les amis utilisant cette fonctionnalité.
- Stockage **Cloud** : stockage de fichiers réseau intégré intégré à l'accès aux réseaux sociaux.
- **Éditeur** : Prend en charge à la fois le markdown et le bbcode. Utilisez l'un ou les deux, si vous le souhaitez.
- **Partager** : faites glisser et déposez un certain nombre d'éléments différents tels que des fichiers, des photos, des pages Web, des cartes, des numéros de téléphone pour les partager.
- **Listes** : parfois appelées cercles ou aspects, cela vous permet de définir vos propres groupes d'amis liés et de communiquer avec eux en tant que groupe privé.
- **Extend** : modifiez ou mettez à niveau les fonctionnalités de votre logiciel comme vous le souhaitez en installant des fonctionnalités supplémentaires à partir des modules complémentaires et de la collection d'applications gratuites.
**Version incluse :** 21.11.28~ynh2
## Avertissements / informations importantes
## Installation
Before installing, read the [Zap installation instructions](https://codeberg.org/zot/zap/src/branch/release/install/INSTALL.txt) for important information about:
### Register a new domain and add it to YunoHost
- Zap requires a dedicated domain, so obtain one and add it using the YunoHost admin panel. **Domains -> Add domain**. As Zap uses the full domain and is installed on the root, you can create a subdomain such as Zap.domain.tld. Don't forget to update your DNS if you manage them manually.
## LDAP Admin user rights, logs and failed database updates
- **For admin rights**: When installation is complete, you will need to visit your new hub's page and login with the **admin account username** which was entered at the time of installation process. You should then be able to create your first channel and have the **admin rights** for the hub.
- **For normal YunoHost users :** Normal LDAP users can login through Ldap authentication and create there channels.
- **Failing to get admin rights :** If the admin cannot access the admin settings at `https://zap.example.com/admin` or you want to grant admin rights to any other user(s) on the hub, then you have to **manually add 4096** to the **account_roles** under **accounts** for that user in the **database through phpMYAdmin**.
- **For logs:** Go to **admin->logs** and enter the file name **php.log**.
- **Failed Database after Upgrade:** Some times databse upgrade fails after version upgrade. You can go to hub eg. `https://zap.example.com/admin/dbsync/` and check the numbers of failled update. These updates will have to be ran manually by **phpMYAdmin**.
## :red_circle: Fonctions indésirables
- **Upstream not maintained**: This software is not maintained anymore. Expect it to break down over time, be exposed to unfixed security breaches, etc.
## Documentations et ressources
* Site officiel de lapp : <https://codeberg.org/zot-archive/zap>
* Dépôt de code officiel de lapp : <https://codeberg.org/zot-archive/zap>
* YunoHost Store: <https://apps.yunohost.org/app/zap>
* Signaler un bug : <https://github.com/YunoHost-Apps/zap_ynh/issues>

20
check_process
View file

@ -1,20 +0,0 @@
;; Test complet
; Manifest
domain="domain.tld"
admin="john"
upload="256M"
database="1"
; Checks
pkg_linter=1
setup_sub_dir=0
setup_root=1
setup_nourl=0
setup_private=0
setup_public=1
upgrade=1
backup_restore=1
multi_instance=1
change_url=0
;;; Options
Email=
Notification=

3
conf/app.src
View file

@ -1,3 +0,0 @@
SOURCE_URL=https://codeberg.org/zot-archive/zap/archive/078714b9dde991d02f8cce1183ce357d96405558.tar.gz
SOURCE_SUM=b188872d60ef30d50686a079da03cc4cdee451729a84bcf748649bbe8b8568e6
SOURCE_FORMAT=tar.gz

6
conf/app_addons.src
View file

@ -1,6 +0,0 @@
SOURCE_URL=https://codeberg.org/zot-archive/zap-addons/archive/b2ddcc67735fb413f14efcc9c49780469b8b61cf.tar.gz
SOURCE_SUM=05595b3baa9d08001a8f01c7d069ebfb1b325621dd75e84ebc1257769e0f2f4a
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=
SOURCE_FILENAME=

4
conf/extra_php-fpm.conf Normal file
View file

@ -0,0 +1,4 @@
; Additional php.ini defines, specific to this pool of workers.
php_admin_value[upload_max_filesize] = 50M
php_admin_value[post_max_size] = 50M

104
conf/htconfig.php Normal file
View file

@ -0,0 +1,104 @@
<?php
// If automatic system installation fails:
// Copy or rename this file to .htconfig.php in the top level
// Hubzilla directory
// Why .htconfig.php? Because it contains sensitive information which could
// give somebody complete control of your database. Apache's default
// configuration denies access to and refuses to serve any file beginning
// with .ht
// Then set the following for your MySQL installation
$db_host = 'localhost'; // Use 'localhost' if you aren't using a remote server
$db_port = 0; // leave 0 for default or set your port
$db_user = '__DB_USER__';
$db_pass = '__DB_PWD__';
$db_data = '__DB_NAME__';
$db_type = 1; // use 1 for postgres, 0 for mysql
/*
* Notice: Many of the following settings will be available in the admin panel
* after a successful site install. Once they are set in the admin panel, they
* are stored in the DB - and the DB setting will over-ride any corresponding
* setting in this file
*
* The command-line tool util/config is able to query and set the DB items
* directly if for some reason the admin panel is not available and a system
* setting requires modification.
*
*/
// Choose a legal default timezone. If you are unsure, use "America/Los_Angeles".
// It can be changed later and only applies to timestamps for anonymous viewers.
App::$config['system']['timezone'] = '__TIMEZONE__';
// What is your site name? DO NOT ADD A TRAILING SLASH!
App::$config['system']['baseurl'] = 'https://__DOMAIN__';
App::$config['system']['sitename'] = "Zap";
App::$config['system']['location_hash'] = '__RANDOM_STRING__';
// These lines set additional security headers to be sent with all responses
// You may wish to set transport_security_header to 0 if your server already sends
// this header. content_security_policy may need to be disabled if you wish to
// run the piwik analytics plugin or include other offsite resources on a page
App::$config['system']['transport_security_header'] = 1;
App::$config['system']['content_security_policy'] = 1;
App::$config['system']['ssl_cookie_protection'] = 1;
// Your choices are REGISTER_OPEN, REGISTER_APPROVE, or REGISTER_CLOSED.
// Be certain to create your own personal account before setting
// REGISTER_CLOSED. 'register_text' (if set) will be displayed prominently on
// the registration page. REGISTER_APPROVE requires you set 'admin_email'
// to the email address of an already registered person who can authorise
// and/or approve/deny the request.
// In order to perform system administration via the admin panel, admin_email
// must precisely match the email address of the person logged in.
App::$config['system']['register_policy'] = REGISTER_OPEN;
App::$config['system']['register_text'] = '';
App::$config['system']['admin_email'] = '__EMAIL__';
// Location of PHP command line processor
App::$config['system']['php_path'] = 'php__PHPVERSION__';
// Configure how we communicate with directory servers.
// DIRECTORY_MODE_NORMAL = directory client, we will find a directory (all of your member's queries will be directed elsewhere)
// DIRECTORY_MODE_SECONDARY = caching directory or mirror (keeps in sync with realm primary [adds significant cron execution time])
// DIRECTORY_MODE_PRIMARY = main directory server (you do not want this unless you are operating your own realm. one per realm.)
// DIRECTORY_MODE_STANDALONE = "off the grid" or private directory services (only local site members in directory)
App::$config['system']['directory_mode'] = DIRECTORY_MODE_NORMAL;
// PHP error logging setup
// Before doing this ensure that the webserver has permission
// to create and write to php.out in the top level Red directory,
// or change the name (below) to a file/path where this is allowed.
ini_set('display_errors', '0');
// Uncomment the following 4 lines to turn on PHP error logging.
//error_reporting(E_ERROR | E_PARSE );
ini_set('error_log','php.log');
ini_set('log_errors','1');
App::$config['system']['addon'] = 'ldapauth';
App::$config['ldapauth']['ldap_server'] = 'localhost';
App::$config['ldapauth']['ldap_searchdn'] = 'ou=users,dc=yunohost,dc=org';
App::$config['ldapauth']['ldap_userattr'] = 'uid';
App::$config['ldapauth']['ldap_autocreateaccount_emailattribute'] = 'mail';
App::$config['ldapauth']['create_account'] = '1';

7
conf/ldap_conf.php
View file

@ -1,7 +0,0 @@
App::$config['system']['addon'] = 'ldapauth';
App::$config['ldapauth']['ldap_server'] = 'localhost';
App::$config['ldapauth']['ldap_searchdn'] = 'ou=users,dc=yunohost,dc=org';
App::$config['ldapauth']['ldap_userattr'] = 'uid';
App::$config['ldapauth']['ldap_autocreateaccount_emailattribute'] = 'mail';
App::$config['ldapauth']['create_account'] = '1';

13
conf/nginx.conf
View file

@ -1,13 +1,13 @@
#sub_path_only rewrite ^__PATH__$ __PATH__/ permanent;
location __PATH__/ {
alias __FINALPATH__/;
alias __INSTALL_DIR__/;
if (!-e $request_filename) {
rewrite ^(.*)$ /index.php?req=$1;
}
client_max_body_size 20m;
client_max_body_size 50m;
client_body_buffer_size 128k;
# Default indexes and catch-all
@ -31,15 +31,6 @@ location __PATH__/ {
}
}
# statically serve these file types when possible
# otherwise fall back to front controller
# allow browser to cache them
# added .htm for advanced source code editor library
# location ~* \.(jpg|jpeg|gif|png|ico|css|js|htm|html|map|ttf|woff|woff2|svg)$ {
# expires 30d;
# try_files $uri /index.php?q=$uri&$args;
# }
# block these file types
location ~* \.(tpl|md|tgz|log|out)$ {
deny all;

430
conf/php-fpm.conf
View file

@ -1,430 +0,0 @@
; Start a new pool named 'www'.
; the variable $pool can be used in any directive and will be replaced by the
; pool name ('www' here)
[__NAMETOCHANGE__]
; Per pool prefix
; It only applies on the following directives:
; - 'access.log'
; - 'slowlog'
; - 'listen' (unixsocket)
; - 'chroot'
; - 'chdir'
; - 'php_values'
; - 'php_admin_values'
; When not set, the global prefix (or /usr) applies instead.
; Note: This directive can also be relative to the global prefix.
; Default Value: none
;prefix = /path/to/pools/$pool
; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
; will be used.
user = __USER__
group = __USER__
; The address on which to accept FastCGI requests.
; Valid syntaxes are:
; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on
; a specific port;
; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
; a specific port;
; 'port' - to listen on a TCP socket to all addresses
; (IPv6 and IPv4-mapped) on a specific port;
; '/path/to/unix/socket' - to listen on a unix socket.
; Note: This value is mandatory.
listen = /var/run/php/php__PHPVERSION__-fpm-__NAMETOCHANGE__.sock
; Set listen(2) backlog.
; Default Value: 511 (-1 on FreeBSD and OpenBSD)
;listen.backlog = 511
; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server. Many
; BSD-derived systems allow connections regardless of permissions.
; Default Values: user and group are set as the running user
; mode is set to 0660
listen.owner = www-data
listen.group = www-data
;listen.mode = 0660
; When POSIX Access Control Lists are supported you can set them using
; these options, value is a comma separated list of user/group names.
; When set, listen.owner and listen.group are ignored
;listen.acl_users =
;listen.acl_groups =
; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect.
; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
; must be separated by a comma. If this value is left blank, connections will be
; accepted from any ip address.
; Default Value: any
;listen.allowed_clients = 127.0.0.1
; Specify the nice(2) priority to apply to the pool processes (only if set)
; The value can vary from -19 (highest priority) to 20 (lower priority)
; Note: - It will only work if the FPM master process is launched as root
; - The pool processes will inherit the master process priority
; unless it specified otherwise
; Default Value: no set
; process.priority = -19
; Set the process dumpable flag (PR_SET_DUMPABLE prctl) even if the process user
; or group is differrent than the master process user. It allows to create process
; core dump and ptrace the process for the pool user.
; Default Value: no
; process.dumpable = yes
; Choose how the process manager will control the number of child processes.
; Possible Values:
; static - a fixed number (pm.max_children) of child processes;
; dynamic - the number of child processes are set dynamically based on the
; following directives. With this process management, there will be
; always at least 1 children.
; pm.max_children - the maximum number of children that can
; be alive at the same time.
; pm.start_servers - the number of children created on startup.
; pm.min_spare_servers - the minimum number of children in 'idle'
; state (waiting to process). If the number
; of 'idle' processes is less than this
; number then some children will be created.
; pm.max_spare_servers - the maximum number of children in 'idle'
; state (waiting to process). If the number
; of 'idle' processes is greater than this
; number then some children will be killed.
; ondemand - no children are created at startup. Children will be forked when
; new requests will connect. The following parameter are used:
; pm.max_children - the maximum number of children that
; can be alive at the same time.
; pm.process_idle_timeout - The number of seconds after which
; an idle process will be killed.
; Note: This value is mandatory.
pm = dynamic
; The number of child processes to be created when pm is set to 'static' and the
; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'.
; This value sets the limit on the number of simultaneous requests that will be
; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
; CGI. The below defaults are based on a server without much resources. Don't
; forget to tweak pm.* to fit your needs.
; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand'
; Note: This value is mandatory.
pm.max_children = 5
; The number of child processes created on startup.
; Note: Used only when pm is set to 'dynamic'
; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2
pm.start_servers = 2
; The desired minimum number of idle server processes.
; Note: Used only when pm is set to 'dynamic'
; Note: Mandatory when pm is set to 'dynamic'
pm.min_spare_servers = 1
; The desired maximum number of idle server processes.
; Note: Used only when pm is set to 'dynamic'
; Note: Mandatory when pm is set to 'dynamic'
pm.max_spare_servers = 3
; The number of seconds after which an idle process will be killed.
; Note: Used only when pm is set to 'ondemand'
; Default Value: 10s
;pm.process_idle_timeout = 10s;
; The number of requests each child process should execute before respawning.
; This can be useful to work around memory leaks in 3rd party libraries. For
; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
; Default Value: 0
;pm.max_requests = 500
; The URI to view the FPM status page. If this value is not set, no URI will be
; recognized as a status page. It shows the following informations:
; pool - the name of the pool;
; process manager - static, dynamic or ondemand;
; start time - the date and time FPM has started;
; start since - number of seconds since FPM has started;
; accepted conn - the number of request accepted by the pool;
; listen queue - the number of request in the queue of pending
; connections (see backlog in listen(2));
; max listen queue - the maximum number of requests in the queue
; of pending connections since FPM has started;
; listen queue len - the size of the socket queue of pending connections;
; idle processes - the number of idle processes;
; active processes - the number of active processes;
; total processes - the number of idle + active processes;
; max active processes - the maximum number of active processes since FPM
; has started;
; max children reached - number of times, the process limit has been reached,
; when pm tries to start more children (works only for
; pm 'dynamic' and 'ondemand');
; Value are updated in real time.
; Example output:
; pool: www
; process manager: static
; start time: 01/Jul/2011:17:53:49 +0200
; start since: 62636
; accepted conn: 190460
; listen queue: 0
; max listen queue: 1
; listen queue len: 42
; idle processes: 4
; active processes: 11
; total processes: 15
; max active processes: 12
; max children reached: 0
;
; By default the status page output is formatted as text/plain. Passing either
; 'html', 'xml' or 'json' in the query string will return the corresponding
; output syntax. Example:
; http://www.foo.bar/status
; http://www.foo.bar/status?json
; http://www.foo.bar/status?html
; http://www.foo.bar/status?xml
;
; By default the status page only outputs short status. Passing 'full' in the
; query string will also return status for each pool process.
; Example:
; http://www.foo.bar/status?full
; http://www.foo.bar/status?json&full
; http://www.foo.bar/status?html&full
; http://www.foo.bar/status?xml&full
; The Full status returns for each process:
; pid - the PID of the process;
; state - the state of the process (Idle, Running, ...);
; start time - the date and time the process has started;
; start since - the number of seconds since the process has started;
; requests - the number of requests the process has served;
; request duration - the duration in µs of the requests;
; request method - the request method (GET, POST, ...);
; request URI - the request URI with the query string;
; content length - the content length of the request (only with POST);
; user - the user (PHP_AUTH_USER) (or '-' if not set);
; script - the main script called (or '-' if not set);
; last request cpu - the %cpu the last request consumed
; it's always 0 if the process is not in Idle state
; because CPU calculation is done when the request
; processing has terminated;
; last request memory - the max amount of memory the last request consumed
; it's always 0 if the process is not in Idle state
; because memory calculation is done when the request
; processing has terminated;
; If the process is in Idle state, then informations are related to the
; last request the process has served. Otherwise informations are related to
; the current request being served.
; Example output:
; ************************
; pid: 31330
; state: Running
; start time: 01/Jul/2011:17:53:49 +0200
; start since: 63087
; requests: 12808
; request duration: 1250261
; request method: GET
; request URI: /test_mem.php?N=10000
; content length: 0
; user: -
; script: /home/fat/web/docs/php/test_mem.php
; last request cpu: 0.00
; last request memory: 0
;
; Note: There is a real-time FPM status monitoring sample web page available
; It's available in: /usr/share/php/7.0/fpm/status.html
;
; Note: The value must start with a leading slash (/). The value can be
; anything, but it may not be a good idea to use the .php extension or it
; may conflict with a real PHP file.
; Default Value: not set
;pm.status_path = /status
; The ping URI to call the monitoring page of FPM. If this value is not set, no
; URI will be recognized as a ping page. This could be used to test from outside
; that FPM is alive and responding, or to
; - create a graph of FPM availability (rrd or such);
; - remove a server from a group if it is not responding (load balancing);
; - trigger alerts for the operating team (24/7).
; Note: The value must start with a leading slash (/). The value can be
; anything, but it may not be a good idea to use the .php extension or it
; may conflict with a real PHP file.
; Default Value: not set
;ping.path = /ping
; This directive may be used to customize the response of a ping request. The
; response is formatted as text/plain with a 200 response code.
; Default Value: pong
;ping.response = pong
; The access log file
; Default: not set
;access.log = log/$pool.access.log
; The access log format.
; The following syntax is allowed
; %%: the '%' character
; %C: %CPU used by the request
; it can accept the following format:
; - %{user}C for user CPU only
; - %{system}C for system CPU only
; - %{total}C for user + system CPU (default)
; %d: time taken to serve the request
; it can accept the following format:
; - %{seconds}d (default)
; - %{miliseconds}d
; - %{mili}d
; - %{microseconds}d
; - %{micro}d
; %e: an environment variable (same as $_ENV or $_SERVER)
; it must be associated with embraces to specify the name of the env
; variable. Some exemples:
; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e
; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e
; %f: script filename
; %l: content-length of the request (for POST request only)
; %m: request method
; %M: peak of memory allocated by PHP
; it can accept the following format:
; - %{bytes}M (default)
; - %{kilobytes}M
; - %{kilo}M
; - %{megabytes}M
; - %{mega}M
; %n: pool name
; %o: output header
; it must be associated with embraces to specify the name of the header:
; - %{Content-Type}o
; - %{X-Powered-By}o
; - %{Transfert-Encoding}o
; - ....
; %p: PID of the child that serviced the request
; %P: PID of the parent of the child that serviced the request
; %q: the query string
; %Q: the '?' character if query string exists
; %r: the request URI (without the query string, see %q and %Q)
; %R: remote IP address
; %s: status (response code)
; %t: server time the request was received
; it can accept a strftime(3) format:
; %d/%b/%Y:%H:%M:%S %z (default)
; The strftime(3) format must be encapsuled in a %{<strftime_format>}t tag
; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
; %T: time the log has been written (the request has finished)
; it can accept a strftime(3) format:
; %d/%b/%Y:%H:%M:%S %z (default)
; The strftime(3) format must be encapsuled in a %{<strftime_format>}t tag
; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
; %u: remote user
;
; Default: "%R - %u %t \"%m %r\" %s"
;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"
; The log file for slow requests
; Default Value: not set
; Note: slowlog is mandatory if request_slowlog_timeout is set
;slowlog = log/$pool.log.slow
; The timeout for serving a single request after which a PHP backtrace will be
; dumped to the 'slowlog' file. A value of '0s' means 'off'.
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
; Default Value: 0
;request_slowlog_timeout = 0
; The timeout for serving a single request after which the worker process will
; be killed. This option should be used when the 'max_execution_time' ini option
; does not stop script execution for some reason. A value of '0' means 'off'.
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
; Default Value: 0
request_terminate_timeout = 1d
; Set open file descriptor rlimit.
; Default Value: system defined value
;rlimit_files = 1024
; Set max core size rlimit.
; Possible Values: 'unlimited' or an integer greater or equal to 0
; Default Value: system defined value
;rlimit_core = 0
; Chroot to this directory at the start. This value must be defined as an
; absolute path. When this value is not set, chroot is not used.
; Note: you can prefix with '$prefix' to chroot to the pool prefix or one
; of its subdirectories. If the pool prefix is not set, the global prefix
; will be used instead.
; Note: chrooting is a great security feature and should be used whenever
; possible. However, all PHP paths will be relative to the chroot
; (error_log, sessions.save_path, ...).
; Default Value: not set
;chroot =
; Chdir to this directory at the start.
; Note: relative path can be used.
; Default Value: current directory or / when chroot
chdir = __FINALPATH__
; Redirect worker stdout and stderr into main error log. If not set, stdout and
; stderr will be redirected to /dev/null according to FastCGI specs.
; Note: on highloaded environement, this can cause some delay in the page
; process time (several ms).
; Default Value: no
;catch_workers_output = yes
; Clear environment in FPM workers
; Prevents arbitrary environment variables from reaching FPM worker processes
; by clearing the environment in workers before env vars specified in this
; pool configuration are added.
; Setting to "no" will make all environment variables available to PHP code
; via getenv(), $_ENV and $_SERVER.
; Default Value: yes
;clear_env = no
; Limits the extensions of the main script FPM will allow to parse. This can
; prevent configuration mistakes on the web server side. You should only limit
; FPM to .php extensions to prevent malicious users to use other extensions to
; execute php code.
; Note: set an empty value to allow all extensions.
; Default Value: .php
;security.limit_extensions = .php .php3 .php4 .php5 .php7
; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
; the current environment.
; Default Value: clean env
;env[HOSTNAME] = $HOSTNAME
;env[PATH] = /usr/local/bin:/usr/bin:/bin
;env[TMP] = /tmp
;env[TMPDIR] = /tmp
;env[TEMP] = /tmp
; Additional php.ini defines, specific to this pool of workers. These settings
; overwrite the values previously defined in the php.ini. The directives are the
; same as the PHP SAPI:
; php_value/php_flag - you can set classic ini defines which can
; be overwritten from PHP call 'ini_set'.
; php_admin_value/php_admin_flag - these directives won't be overwritten by
; PHP call 'ini_set'
; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no.
; Defining 'extension' will load the corresponding shared extension from
; extension_dir. Defining 'disable_functions' or 'disable_classes' will not
; overwrite previously defined php.ini values, but will append the new value
; instead.
; Note: path INI options can be relative and will be expanded with the prefix
; (pool, global or /usr)
; Default Value: nothing is defined by default except the values in php.ini and
; specified at startup with the -d argument
;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com
;php_flag[display_errors] = off
;php_admin_value[error_log] = /var/log/fpm-php.www.log
;php_admin_flag[log_errors] = on
;php_admin_value[memory_limit] = 32M
; Common values to change to increase file upload limit
; php_admin_value[upload_max_filesize] = 50M
; php_admin_value[post_max_size] = 50M
; php_admin_flag[mail.add_x_header] = Off
; Other common parameters
; php_admin_value[max_execution_time] = 600
; php_admin_value[max_input_time] = 300
; php_admin_value[memory_limit] = 256M
; php_admin_flag[short_open_tag] = On

2
conf/poller-cron
View file

@ -1,2 +1,2 @@
# Run poller periodically to update Hubzilla
*/10 * * * * __APP__ cd __FINALPATH__; /usr/bin/php__PHPVERSION__ Zotlabs/Daemon/Master.php Cron > /dev/null 2>&1
*/10 * * * * __APP__ cd __INSTALL_DIR__; /usr/bin/php__PHPVERSION__ Zotlabs/Daemon/Master.php Cron > /dev/null 2>&1

0
doc/DISCLAIMER.md → doc/ADMIN.md
View file

2
doc/DESCRIPTION.md
View file

@ -1,4 +1,4 @@
[Zap](https://zotlabs.com/zap/) is an an ethical alternative to Fediverse that provides powerful features for creating interconnected websites featuring a decentralized identity, communications, and permissions framework built using common webserver technology.
Zap is an an ethical alternative to Fediverse that provides powerful features for creating interconnected websites featuring a decentralized identity, communications, and permissions framework built using common webserver technology.
Compatible with **Mastodon**, **Pleroma**, **Pixelfed**, **Friendica**, **Hubzilla**, **Funkwhale**, **Peertube**, **Plume**, **WriteFreely** and many, many more.

13
doc/DESCRIPTION_fr.md Normal file
View file

@ -0,0 +1,13 @@
Zap est une alternative éthique à Fediverse qui fournit des fonctionnalités puissantes pour créer des sites Web interconnectés dotés d'un cadre décentralisé d'identité, de communications et d'autorisations construit à l'aide d'une technologie de serveur Web commune.
Compatible avec **Mastodon**, **Pleroma**, **Pixelfed**, **Friendica**, **Hubzilla**, **Funkwhale**, **Peertube**, **Plume**, **WriteFreely** et bien d'autres encore.
## Caractéristiques uniques de ZAP
- **Groupes** : publics, privés et modérés.
- **Événements** : Calendrier et participation ; notifications d'anniversaire automatiques pour les amis utilisant cette fonctionnalité.
- Stockage **Cloud** : stockage de fichiers réseau intégré intégré à l'accès aux réseaux sociaux.
- **Éditeur** : Prend en charge à la fois le markdown et le bbcode. Utilisez l'un ou les deux, si vous le souhaitez.
- **Partager** : faites glisser et déposez un certain nombre d'éléments différents tels que des fichiers, des photos, des pages Web, des cartes, des numéros de téléphone pour les partager.
- **Listes** : parfois appelées cercles ou aspects, cela vous permet de définir vos propres groupes d'amis liés et de communiquer avec eux en tant que groupe privé.
- **Extend** : modifiez ou mettez à niveau les fonctionnalités de votre logiciel comme vous le souhaitez en installant des fonctionnalités supplémentaires à partir des modules complémentaires et de la collection d'applications gratuites.

55
manifest.json
View file

@ -1,55 +0,0 @@
{
"name": "Zap",
"id": "zap",
"packaging_format": 1,
"description": {
"en": "Ethical fediverse server alternative",
"fr": "serveur fedverse éthique"
},
"version": "21.11.28~ynh2",
"url": "https://codeberg.org/zot-archive/zap",
"upstream": {
"license": "MIT",
"code": "https://codeberg.org/zot-archive/zap"
},
"license": "MIT",
"maintainer": {
"name": ""
},
"requirements": {
"yunohost": ">= 11.1.21"
},
"multi_instance": true,
"services": [
"nginx",
"php7.4-fpm",
"mysql",
"postgresql"
],
"arguments": {
"install" : [
{
"name": "domain",
"type": "domain",
"help": {
"en": "ZAP must run in the root of this domain. It means no other app can be accessed/run from this domain. We advise to use a dedicated subdomain such as zap.domain.tld",
"fr": "ZAP doit être installé à la racine du domaine. Cela implique qu'aucune autre app ne pourra être installée ou accessible sur ce domain. Nous conseillons un sous-domaine dédié par exemple zap.domain.tld."
}
},
{
"name": "admin",
"type": "user"
},
{
"name": "database",
"type": "select",
"ask": {
"en": "Choose the database to be used for the Zap [mysql:1,postgresql:2]",
"fr": "Choisissez la database de l'Zap [mysql:1,postgresql:2]"
},
"choices": ["1", "2"],
"default": "1"
}
]
}
}

64
manifest.toml Normal file
View file

@ -0,0 +1,64 @@
packaging_format = 2
id = "zap"
name = "Zap"
description.en = "Ethical fediverse server alternative"
description.fr = "serveur fedverse éthique"
version = "21.11.28~ynh2"
maintainers = []
[upstream]
license = "MIT"
code = "https://codeberg.org/zot-archive/zap"
website = "https://codeberg.org/zot-archive/zap"
[integration]
yunohost = ">= 11.2"
architectures = "all"
multi_instance = true
ldap = false
sso = false
disk = "50M"
ram.build = "50M"
ram.runtime = "50M"
[install]
[install.domain]
type = "domain"
[install.init_main_permission]
type = "group"
default = "visitors"
[install.admin]
type = "user"
[resources]
[resources.sources]
[resources.sources.main]
url = "https://codeberg.org/zot-archive/zap/archive/078714b9dde991d02f8cce1183ce357d96405558.tar.gz"
sha256 = "b188872d60ef30d50686a079da03cc4cdee451729a84bcf748649bbe8b8568e6"
[resources.sources.app_addons]
url = "https://codeberg.org/zot-archive/zap-addons/archive/b2ddcc67735fb413f14efcc9c49780469b8b61cf.tar.gz"
sha256 = "05595b3baa9d08001a8f01c7d069ebfb1b325621dd75e84ebc1257769e0f2f4a"
in_subdir = false
[resources.system_user]
[resources.install_dir]
[resources.permissions]
main.url = "/"
[resources.apt]
packages = "postgresql, postgresql-contrib, php7.4-pgsql, php7.4-mbstring, php7.4-cli, php7.4-imagick, php7.4-xml, php7.4-zip, php7.4-json, php7.4-gd"
[resources.database]
type = "postgresql"

5
scripts/_common.sh
View file

@ -4,11 +4,6 @@
# COMMON VARIABLES
#=================================================
# dependencies used by the app
YNH_PHP_VERSION="7.4"
pkg_dependencies="postgresql postgresql-contrib php${YNH_PHP_VERSION}-mbstring php${YNH_PHP_VERSION}-cli php${YNH_PHP_VERSION}-imagick php${YNH_PHP_VERSION}-xml php${YNH_PHP_VERSION}-zip php${YNH_PHP_VERSION}-pgsql php${YNH_PHP_VERSION}-mysql php${YNH_PHP_VERSION}-json php${YNH_PHP_VERSION}-gd"
#=================================================
# EXPERIMENTAL HELPERS
#=================================================

45
scripts/backup
View file

@ -9,29 +9,6 @@
source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
ynh_clean_setup () {
true
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
ynh_print_info --message="Loading installation settings..."
app=$YNH_APP_INSTANCE_NAME
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
domain=$(ynh_app_setting_get --app=$app --key=domain)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
database=$(ynh_app_setting_get --app=$app --key=database)
#=================================================
# DECLARE DATA AND CONF FILES TO BACKUP
#=================================================
@ -41,7 +18,7 @@ ynh_print_info --message="Declaring files to be backed up..."
# BACKUP THE APP MAIN DIR
#=================================================
ynh_backup --src_path="$final_path"
ynh_backup --src_path="$install_dir"
#=================================================
# BACKUP THE NGINX CONFIGURATION
@ -55,19 +32,6 @@ ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
#=================================================
# BACKUP OF THE DATABASE
#=================================================
if [ $database -eq 1 ]; then
ynh_print_info --message="Backup of the MySQL database..."
ynh_mysql_dump_db --database="$db_name" > db.sql
elif [ $database -eq 2 ]; then
# Removing postgresSQL database
ynh_print_info --message="Backup of the postgreSQL database..."
ynh_psql_dump_db --database="$db_name" > db.sql
fi
#=================================================
# BACKUP LOGROTATE
#=================================================
@ -87,6 +51,13 @@ ynh_backup --src_path="/etc/cron.d/$app"
ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf"
ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf"
#=================================================
# BACKUP OF THE DATABASE
#=================================================
ynh_print_info --message="Backup of the PostgreSQL database..."
ynh_psql_dump_db --database="$db_name" > db.sql
#=================================================
# END OF SCRIPT
#=================================================

179
scripts/install
View file

@ -9,91 +9,37 @@
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================
domain=$YNH_APP_ARG_DOMAIN
path_url="/"
admin=$YNH_APP_ARG_ADMIN
email=$(ynh_user_get_info --username=$admin --key=mail)
upload="256M"
database="1"
random_string=$(ynh_string_random --length=48)
database=`expr $YNH_APP_ARG_DATABASE`
app=$YNH_APP_INSTANCE_NAME
#=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#=================================================
ynh_script_progression --message="Validating installation parameters..."
final_path=/var/www/$app
test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
# Register (book) web path
ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
timezone=$(cat /etc/timezone)
#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
ynh_print_info "Storing installation settings..."
ynh_app_setting_set --app=$app --key=domain --value=$domain
ynh_app_setting_set --app=$app --key=path --value=$path_url
ynh_app_setting_set --app=$app --key=admin --value=$admin
ynh_app_setting_set --app=$app --key=email --value=$email
ynh_app_setting_set --app=$app --key=upload --value=$upload
ynh_app_setting_set --app=$app --key=database --value=$database
ynh_app_setting_set --app=$app --key=random_string --value=$random_string
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# INSTALL DEPENDENCIES
#=================================================
ynh_print_info "Installing dependencies..."
if [ $database -eq 2 ]; then
ynh_install_app_dependencies $pkg_dependencies
fi
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Configuring system user..."
# Create a system user
ynh_system_user_create --username=$app --home_dir="$final_path"
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
# 1 - Zap
ynh_script_progression --message="Setting up Zap source files..."
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
# Download, check integrity, uncompress and patch the source from app.src
git clone https://codeberg.org/zot-archive/zap.git "$final_path" --quiet
# 2 - Zap Addons
ynh_setup_source --dest_dir="$install_dir"
# Make addon Directory and unpack the addons to this directory
ynh_script_progression --message="Setting up Zap addons source files..."
pushd "$final_path"
pushd "$install_dir"
mkdir -p extend/addon/zaddons
mkdir addon
git clone https://codeberg.org/zot-archive/zap-addons.git $final_path/extend/addon/zaddons --quiet
ynh_setup_source --dest_dir="$install_dir/extend/addon/zaddons" --source_id="app_addons"
filelist=(`ls extend/addon/zaddons`)
cd addon
for a in "${filelist[@]}" ; do
@ -115,80 +61,31 @@ pushd "$final_path"
ln -s ../extend/addon/zaddons/$base $base
done
popd
# 3 - Some extra folders
ynh_script_progression --message="Creating smarty3 folder for personal data..."
mkdir -p "${final_path}/store"
mkdir -p "${final_path}/cache/smarty3"
chmod -R 775 $final_path/store $final_path/cache
mkdir -p "${install_dir}/store"
mkdir -p "${install_dir}/cache/smarty3"
chmod -R 775 $install_dir/store $install_dir/cache
# Copy the template install/htconfig.sample.php to .htconfig.php
config="$final_path/.htconfig.php"
ynh_script_progression --message="Moving .htconfig.php to root of Zap ..."
cp $final_path/install/htconfig.sample.php $config
config="$final_path/.htconfig.php"
# Create php.log inside for logs
ynh_print_info "Create php.log for the debuging..."
touch "$final_path/php.log"
touch "$install_dir/php.log"
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path"
chmod 750 "$install_dir"
chmod -R o-rwx "$install_dir"
chown -R $app:www-data "$install_dir"
#=================================================
# CREATE A DATABASE
# ADD A CONFIGURATION
#=================================================
ynh_script_progression --message="Adding a configuration file..." --weight=1
if [ $database -eq 1 ]; then
ynh_script_progression --message="Creating a MySQL database..."
db_name=$(ynh_sanitize_dbid --db_name=$app)
db_user=$db_name
ynh_app_setting_set --app=$app --key=db_name --value=$db_name
ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name
ynh_script_progression --message="Importing database..."
ynh_mysql_connect_as --user="$db_name" --password="$db_pwd" --database="$db_name" < $final_path/install/schema_mysql.sql
elif [ $database -eq 2 ]; then
# Create postgresql database
ynh_script_progression --message="Creating a postgresql database..."
ynh_replace_string --match_string="db_type = 0;" --replace_string="db_type = 1;" --target_file="$config"
db_name=$(ynh_sanitize_dbid --db_name=$app)
db_user=$app
ynh_psql_test_if_first_run
ynh_psql_setup_db --db_user=$db_user --db_name=$db_name
ynh_app_setting_set --app=$app --key=db_name --value=$db_name
ynh_script_progression --message="Importing database..."
ynh_psql_connect_as --user="$db_name" --password="$db_pwd" --database="$db_name" < $final_path/install/schema_postgres.sql
else
ynh_die --message="Some problem occured in creating the database, contact maintainer"
fi
ynh_add_config --template="htconfig.php" --destination="$install_dir/.htconfig.php"
#=================================================
# MODIFY A CONFIG FILE
#=================================================
phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
ynh_replace_string --match_string="your.mysqlhost.com" --replace_string="localhost" --target_file="$config"
ynh_replace_string --match_string= "mysqlpassword" --replace_string="$db_pwd" --target_file="$config"
ynh_replace_string --match_string="mysqlusername" --replace_string="$db_name" --target_file="$config"
ynh_replace_string --match_string= "mysqldatabasename" --replace_string="$db_name" --target_file="$config"
ynh_replace_string --match_string= "mysite.example" --replace_string="$domain" --target_file="$config"
ynh_replace_string --match_string= "if the auto install failed, put a unique random string here" --replace_string="$random_string" --target_file="$config"
sed -i "s/\['admin_email'\] = '';/\['admin_email'\] = '$email';/g" "$config"
ynh_replace_string --match_string= "//error_reporting(E_ERROR | E_WARNING | E_PARSE );" --replace_string="error_reporting(E_ERROR | E_WARNING | E_PARSE );" --target_file="$config"
ynh_replace_string --match_string= "//ini_set('error_log','php.out');" --replace_string="ini_set('error_log','php.log');" --target_file="$config"
ynh_replace_string --match_string= "//ini_set('log_errors','1');" --replace_string="ini_set('log_errors','1');" --target_file="$config"
ynh_replace_string --match_string= "//ini_set('display_errors', '0');" --replace_string="ini_set('display_errors', '0');" --target_file="$config"
sed -i "s/\['php_path'\] = 'php';/\['php_path'\] = 'php$phpversion';/g" "$config"
# addon LDAP config
ynh_script_progression --message="Push Ldap configuration to .htconfig.php..."
cat ../conf/ldap_conf.php >> $final_path/.htconfig.php
chmod 400 "$install_dir/.htconfig.php"
chown $app:$app "$install_dir/.htconfig.php"
#=================================================
# NGINX CONFIGURATION
@ -198,51 +95,17 @@ ynh_script_progression --message="Configuring NGINX web server..."
# Create a dedicated nginx config
ynh_add_nginx_config
#=================================================
# PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring PHP-FPM..."
# Create a dedicated php-fpm config
ynh_add_fpm_config
#=================================================
# CRON JOB CONFIGURATION
#=================================================
ynh_script_progression --message="Setting up cron job..."
ynh_add_config --template="../conf/poller-cron" --destination="/etc/cron.d/$app"
ynh_add_config --template="poller-cron" --destination="/etc/cron.d/$app"
chown root: "/etc/cron.d/$app"
chmod 644 "/etc/cron.d/$app"
#=================================================
# SETUP LOGROTATE
#=================================================
ynh_script_progression --message="Configuring log rotation..."
# Use logrotate to manage application logfile(s)
ynh_use_logrotate "$final_path/php.log"
ynh_use_logrotate "$install_dir/php.log"
#=================================================
# SETUP FAIL2BAN
#=================================================
ynh_script_progression --message="Add Fail2Ban..."
ynh_add_fail2ban_config --logpath="$final_path/php.log" --failregex="^.*auth\.php.*failed login attempt.*from IP <HOST>.*$" --max_retry="5"
#=================================================
# SETUP SSOWAT
#=================================================
ynh_script_progression --message="Configuring permissions..."
ynh_permission_update --permission="main" --add="visitors"
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..."
ynh_systemd_action --service_name=nginx --action=reload
ynh_add_fail2ban_config --logpath="$install_dir/php.log" --failregex="^.*auth\.php.*failed login attempt.*from IP <HOST>.*$" --max_retry="5"
#=================================================
# END OF SCRIPT

77
scripts/remove
View file

@ -10,95 +10,26 @@ source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
# REMOVE SYSTEM CONFIGURATIONS
#=================================================
ynh_script_progression --message="Loading installation settings..."
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user="$db_name"
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
database=$(ynh_app_setting_get --app=$app --key=database)
# REMOVE SYSTEMD SERVICE
#=================================================
# REMOVE THE DATABASE
#=================================================
if [ $database -eq 1 ]; then
ynh_script_progression --message="Removing MySQL database..."
ynh_mysql_remove_db --db_user=$db_user --db_name=$db_name
elif [ $database -eq 2 ]; then
# Removing postgresql database
ynh_script_progression --message="Removing postgreSQL database..."
ynh_psql_remove_db --db_user=$db_user --db_name=$db_name
fi
#=================================================
# REMOVE DEPENDENCIES
#=================================================
ynh_script_progression --message="Removing dependencies"
# Remove metapackage and its dependencies
ynh_remove_app_dependencies
#=================================================
# REMOVE APP MAIN DIR
#=================================================
ynh_script_progression --message="Removing app main directory..."
# Remove the app directory securely
ynh_secure_remove --file="$final_path"
#=================================================
# REMOVE NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Removing NGINX web server configuration..."
ynh_script_progression --message="Removing system configurations related to $app..." --weight=1
# Remove the dedicated NGINX config
ynh_remove_nginx_config
#=================================================
# REMOVE PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Removing PHP-FPM configuration..."
# Remove the dedicated php-fpm config
# Remove the dedicated PHP-FPM config
ynh_remove_fpm_config
#=================================================
# REMOVE LOGROTATE CONFIGURATION
#=================================================
ynh_script_progression --message="Removing logrotate configuration..."
# Remove the app-specific logrotate config
ynh_remove_logrotate
#=================================================
# REMOVE THE CRON FILE
#=================================================
# Remove a cron file
ynh_secure_remove --file="/etc/cron.d/$app"
#=================================================
# REMOVE FAIL2BAN CONFIGURATION
#=================================================
ynh_script_progression --message="Removing Fail2Ban configuration..."
ynh_remove_fail2ban_config
#=================================================
# GENERIC FINALIZATION
#=================================================
# REMOVE DEDICATED USER
#=================================================
ynh_script_progression --message="Removing the dedicated system user..."
# Delete a system user
ynh_system_user_delete --username=$app
#=================================================
# END OF SCRIPT
#=================================================

87
scripts/restore
View file

@ -10,84 +10,22 @@
source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading settings..."
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app=$app --key=path)
admin=$(ynh_app_setting_get --app=$app --key=admin)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
database=$(ynh_app_setting_get --app=$app --key=database)
db_user=$db_name
phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
#=================================================
# CHECK IF THE APP CAN BE RESTORED
#=================================================
ynh_script_progression --message="Validating restoration parameters..."
test ! -d $final_path || ynh_die --message="There is already a directory: $final_path "
#=================================================
# STANDARD RESTORATION STEPS
#=================================================
# RESTORE THE NGINX CONFIGURATION
#=================================================
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# RECREATE THE DEDICATED USER
#=================================================
ynh_print_info "Recreating the dedicated system user..."
# Create the dedicated user (if not existing)
ynh_system_user_create --username=$app --home_dir="$final_path"
#=================================================
# RESTORE THE APP MAIN DIR
#=================================================
ynh_script_progression --message="Restoring the app main directory..."
ynh_restore_file --origin_path="$final_path"
ynh_restore_file --origin_path="$install_dir"
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path"
chmod -R o-rwx "$install_dir"
chown -R $app:www-data "$install_dir"
#=================================================
# RESTORE THE MYSQL DATABASE
# RESTORE THE SQL DATABASE
#=================================================
ynh_script_progression --message="Restoring the MySQL database..."
ynh_script_progression --message="Restoring the PostgreSQL database..."
if [ $database -eq 1 ]; then
ynh_script_progression --message="Restoring MySQL database..."
db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd)
ynh_mysql_setup_db --db_user=$db_name --db_name=$db_name --db_pwd=$db_pwd
ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name < ./db.sql
elif [ $database -eq 2 ]; then
# Removing postgresql database
ynh_script_progression --message="Reinstalling dependencies..."
# Define and install dependencies
ynh_install_app_dependencies $pkg_dependencies
ynh_script_progression --message="Restoring the PostgreSQL database..."
db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd)
ynh_psql_test_if_first_run
ynh_psql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd
ynh_psql_execute_file_as_root --file="./db.sql" --database="$db_name"
fi
ynh_psql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql
#=================================================
# RESTORE THE PHP-FPM CONFIGURATION
@ -96,23 +34,12 @@ ynh_script_progression --message="Restoring PHP-FPM configuration..."
ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
#=================================================
# RESTORE THE CRON FILE
#=================================================
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_restore_file --origin_path="/etc/cron.d/$app"
#=================================================
# RESTORE THE LOGROTATE CONFIGURATION
#=================================================
ynh_restore_file --origin_path="/etc/logrotate.d/$app"
#=================================================
# RESTORE FAIL2BAN CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the Fail2Ban configuration..."
ynh_restore_file "/etc/fail2ban/jail.d/$app.conf"
ynh_restore_file "/etc/fail2ban/filter.d/$app.conf"
ynh_systemd_action --action=restart --service_name=fail2ban

146
scripts/upgrade
View file

@ -14,66 +14,8 @@ source /usr/share/yunohost/helpers
#=================================================
ynh_script_progression --message="Loading installation settings..."
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app=$app --key=path)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
upload=$(ynh_app_setting_get --app=$app --key=upload)
version=$(grep STD_VERSION $final_path/boot.php | cut -c 38- | rev | cut -c 5- | rev)
version=$(grep STD_VERSION $install_dir/boot.php | cut -c 38- | rev | cut -c 5- | rev)
last_update=$(grep update_time: /etc/yunohost/apps/$app/settings.yml | cut -c 14-)
database=$(ynh_app_setting_get --app=$app --key=database)
phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
# If db_name doesn't exist, create it
if [ -z "$db_name" ]; then
db_name=$(ynh_sanitize_dbid --db_name=$app)
ynh_app_setting_set --app=$app --key=db_name --value=$db_name
fi
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..."
# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
# restore it if the upgrade fails
ynh_restore_upgradebackup
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# Migrate legacy permissions to new system
#=================================================
ynh_script_progression --message="Ensuring downward compatibility..."
# If final_path doesn't exist, create it
if [ -z "$final_path" ]; then
final_path=/var/www/$app
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
fi
if ynh_legacy_permissions_exists
then
ynh_legacy_permissions_delete_all
ynh_app_setting_delete --app=$app --key=is_public
fi
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Making sure dedicated system user exists..."
# Create a dedicated user (if not existing)
ynh_system_user_create --username=$app --home_dir="$final_path"
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
@ -81,10 +23,10 @@ ynh_system_user_create --username=$app --home_dir="$final_path"
ynh_script_progression --message="Upgrading source files..."
# Download, check integrity, uncompress and patch the source from app.src
# ynh_setup_source --dest_dir="$final_path"
# ynh_setup_source --dest_dir="$install_dir"
if [ `cd $final_path && git rev-parse --is-inside-work-tree` ]; then
pushd "$final_path"
if [ `cd $install_dir && git rev-parse --is-inside-work-tree` ]; then
pushd "$install_dir"
git pull --quiet
cd extend/addon/zaddons
git pull --quiet
@ -117,36 +59,36 @@ if [ `cd $final_path && git rev-parse --is-inside-work-tree` ]; then
fi;
done
popd
chmod -R 775 $final_path/store
chmod -R 775 $install_dir/store
else
# Create a temporary directory
tmpdir="$(ynh_smart_mktemp 6000)"
# Backup the config file in the temp dir
cp -a "$final_path/.htconfig.php" "$tmpdir/.htconfig.php"
cp -a "$final_path/store" "$tmpdir/store"
cp -a "$final_path/php.log" "$tmpdir/php.log"
cp -a "$final_path/cache" "$tmpdir/cache"
cp -a "$install_dir/.htconfig.php" "$tmpdir/.htconfig.php"
cp -a "$install_dir/store" "$tmpdir/store"
cp -a "$install_dir/php.log" "$tmpdir/php.log"
cp -a "$install_dir/cache" "$tmpdir/cache"
# Remove the app directory securely
ynh_secure_remove "$final_path"
ynh_secure_remove "$install_dir"
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$final_path"
ynh_setup_source --dest_dir="$install_dir"
cp -a "$tmpdir/cache" "${final_path}"
cp -a "$tmpdir/store" "${final_path}"
cp -a "$tmpdir/.htconfig.php" "${final_path}"
cp -a "$tmpdir/php.log" "${final_path}"
cp -a "$tmpdir/cache" "${install_dir}"
cp -a "$tmpdir/store" "${install_dir}"
cp -a "$tmpdir/.htconfig.php" "${install_dir}"
cp -a "$tmpdir/php.log" "${install_dir}"
ynh_secure_remove --file="$tmpdir"
chmod -R 775 $final_path/store
mkdir $final_path/addon
ynh_setup_source --dest_dir="$final_path/addon" --source_id="app_addons"
chmod -R 775 $install_dir/store
mkdir $install_dir/addon
ynh_setup_source --dest_dir="$install_dir/addon" --source_id="app_addons"
fi
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path"
chmod 750 "$install_dir"
chmod -R o-rwx "$install_dir"
chown -R $app:www-data "$install_dir"
#=================================================
# NGINX CONFIGURATION
@ -156,59 +98,17 @@ ynh_script_progression --message="Upgrading NGINX web server configuration..."
# Create a dedicated nginx config
ynh_add_nginx_config
#=================================================
# PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Upgrading PHP-FPM configuration..."
# Create a dedicated php-fpm config
ynh_add_fpm_config
### Verify the checksum of a file, stored by `ynh_store_file_checksum` in the install script.
### And create a backup of this file if the checksum is different. So the file will be backed up if the admin had modified it.
ynh_backup_if_checksum_is_different --file="$final_path/.htconfig.php"
# Recalculate and store the checksum of the file for the next upgrade.
ynh_store_file_checksum --file="$final_path/.htconfig.php"
#=================================================
# SETUP LOGROTATE
#=================================================
ynh_script_progression --message="Upgrading logrotate configuration..."
# Use logrotate to manage app-specific logfile(s)
ynh_use_logrotate --non-append
#=================================================
# UPGRADE FAIL2BAN
#=================================================
ynh_script_progression --message="Re-configure Fail2Ban..."
ynh_add_fail2ban_config --logpath="$final_path/php.log" --failregex="^.*auth\.php.*failed login attempt.*from IP <HOST>.*$" --max_retry="5"
#=================================================
# UPGRADE CRON
#=================================================
ynh_script_progression --message="Setting up cron job..."
ynh_add_config --template="../conf/poller-cron" --destination="/etc/cron.d/$app"
ynh_add_config --template="poller-cron" --destination="/etc/cron.d/$app"
chown root: "/etc/cron.d/$app"
chmod 644 "/etc/cron.d/$app"
#=================================================
# UPGRADE DEPENDENCIES
#=================================================
ynh_script_progression --message="Upgrading dependencies..."
if [ $database -eq 2 ]; then
ynh_install_app_dependencies $pkg_dependencies
fi
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..."
ynh_systemd_action --service_name=nginx --action=reload
ynh_add_fail2ban_config --logpath="$install_dir/php.log" --failregex="^.*auth\.php.*failed login attempt.*from IP <HOST>.*$" --max_retry="5"
#=================================================
# END OF SCRIPT

9
tests.toml Normal file
View file

@ -0,0 +1,9 @@
test_format = 1.0
[default]
# ------------
# Tests to run
# ------------
exclude = ["change_url"]