mirror of
https://github.com/YunoHost-Apps/zerobin_ynh.git
synced 2024-09-03 18:06:01 +02:00
commit
64be493f06
9 changed files with 361 additions and 379 deletions
|
@ -1,5 +1,4 @@
|
|||
;; Nom du test
|
||||
auto_remove=1
|
||||
;; Test complet
|
||||
; Manifest
|
||||
domain="domain.tld" (DOMAIN)
|
||||
path="/path" (PATH)
|
||||
|
@ -16,6 +15,7 @@
|
|||
multi_instance=1
|
||||
incorrect_path=1
|
||||
port_already_use=0
|
||||
change_url=0
|
||||
;;; Levels
|
||||
Level 1=auto
|
||||
Level 2=auto
|
||||
|
|
6
conf/app.src
Normal file
6
conf/app.src
Normal file
|
@ -0,0 +1,6 @@
|
|||
SOURCE_URL=https://github.com/PrivateBin/PrivateBin/archive/1.1.1.tar.gz
|
||||
SOURCE_SUM=ff2f5699712e6bf70ae1335ad51228855e21c0180029343e26b2e97dd0d542b8
|
||||
SOURCE_SUM_PRG=sha256sum
|
||||
SOURCE_FORMAT=tar.gz
|
||||
SOURCE_IN_SUBDIR=true
|
||||
SOURCE_FILENAME=
|
|
@ -2,19 +2,20 @@
|
|||
"name": "Zerobin",
|
||||
"id": "zerobin",
|
||||
"packaging_format": 1,
|
||||
"requirements": {
|
||||
"yunohost": ">> 2.3.15"
|
||||
},
|
||||
"description": {
|
||||
"en": "A minimalist, opensource online pastebin where the server has zero knowledge of pasted data",
|
||||
"fr": "Un pastebin minimaliste, libre et où le serveur n'a aucune connaissance des données copiées"
|
||||
},
|
||||
"version": "1.1.1",
|
||||
"url": "http://sebsauvage.net/wiki/doku.php?id=php:zerobin",
|
||||
"license": "Zlib",
|
||||
"maintainer": {
|
||||
"name": "julien",
|
||||
"email": "julien.malik@paraiso.me"
|
||||
},
|
||||
"license": "free",
|
||||
"requirements": {
|
||||
"yunohost": ">= 2.7.2"
|
||||
},
|
||||
"multi_instance": true,
|
||||
"services": [
|
||||
"nginx",
|
||||
|
|
207
scripts/_common
207
scripts/_common
|
@ -1,206 +1 @@
|
|||
PRIVATEBIN_VERSION="1.1"
|
||||
PRIVATEBIN_SOURCE_URL="https://github.com/PrivateBin/PrivateBin/archive/${PRIVATEBIN_VERSION}.tar.gz"
|
||||
PRIVATEBIN_SOURCE_SHA256="61d18753c792d83f54ad9e414d1d32198ab873054907081e732effd5ccbe96ef"
|
||||
|
||||
# Substitute a string by another in a file
|
||||
#
|
||||
# usage: ynh_substitute_char string_to_find replace_string file_to_analyse
|
||||
# | arg: string_to_find - String to replace in the file
|
||||
# | arg: replace_string - New string that will replace
|
||||
# | arg: file_to_analyse - File where the string will be replaced.
|
||||
ynh_substitute_char () {
|
||||
delimit=@
|
||||
match_char=${1//${delimit}/"\\${delimit}"} # Escape the delimiter if it's in the string.
|
||||
replace_char=${2//${delimit}/"\\${delimit}"}
|
||||
workfile=$3
|
||||
|
||||
sudo sed --in-place "s${delimit}${match_char}${delimit}${replace_char}${delimit}g" "$workfile"
|
||||
}
|
||||
|
||||
ynh_store_checksum_config () {
|
||||
config_file_checksum=checksum_${1//[\/ ]/_} # Replace all '/' and ' ' by '_'
|
||||
ynh_app_setting_set $app $config_file_checksum $(sudo md5sum "$1" | cut -d' ' -f1)
|
||||
}
|
||||
|
||||
extract_source () {
|
||||
local DESTDIR=$1
|
||||
|
||||
# retrieve and extract Roundcube tarball
|
||||
rc_tarball="${DESTDIR}/privatebin.tar.gz"
|
||||
sudo wget -q -O "$rc_tarball" "$PRIVATEBIN_SOURCE_URL" \
|
||||
|| ynh_die "Unable to download source tarball"
|
||||
echo "$PRIVATEBIN_SOURCE_SHA256 $rc_tarball" | sha256sum -c >/dev/null \
|
||||
|| ynh_die "Invalid checksum of downloaded tarball"
|
||||
sudo tar xf "$rc_tarball" -C "$DESTDIR" --strip-components 1 \
|
||||
|| ynh_die "Unable to extract source tarball"
|
||||
sudo rm "$rc_tarball"
|
||||
}
|
||||
|
||||
|
||||
# Add config nginx
|
||||
ynh_nginx_config () {
|
||||
finalnginxconf="/etc/nginx/conf.d/$domain.d/$app.conf"
|
||||
ynh_compare_checksum_config "$finalnginxconf" 1
|
||||
sudo cp ../conf/nginx.conf "$finalnginxconf"
|
||||
|
||||
# To avoid a break by set -u, use a void substitution ${var:-}. If the variable is not set, it's simply set with an empty variable.
|
||||
# Substitute in a nginx config file only if the variable is not empty
|
||||
if test -n "${path:-}"; then
|
||||
ynh_substitute_char "__PATH__" "$path" "$finalnginxconf"
|
||||
fi
|
||||
if test -n "${domain:-}"; then
|
||||
ynh_substitute_char "__DOMAIN__" "$domain" "$finalnginxconf"
|
||||
fi
|
||||
if test -n "${port:-}"; then
|
||||
ynh_substitute_char "__PORT__" "$port" "$finalnginxconf"
|
||||
fi
|
||||
if test -n "${app:-}"; then
|
||||
ynh_substitute_char "__NAME__" "$app" "$finalnginxconf"
|
||||
fi
|
||||
if test -n "${final_path:-}"; then
|
||||
ynh_substitute_char "__FINALPATH__" "$final_path" "$finalnginxconf"
|
||||
fi
|
||||
ynh_store_checksum_config "$finalnginxconf"
|
||||
|
||||
sudo systemctl reload nginx
|
||||
}
|
||||
|
||||
# Remove config nginx
|
||||
ynh_remove_nginx_config () {
|
||||
ynh_secure_remove "/etc/nginx/conf.d/$domain.d/$app.conf"
|
||||
sudo systemctl reload nginx
|
||||
}
|
||||
|
||||
ynh_fpm_config () {
|
||||
finalphpconf="/etc/php5/fpm/pool.d/$app.conf"
|
||||
ynh_compare_checksum_config "$finalphpconf" 1
|
||||
sudo cp ../conf/php-fpm.conf "$finalphpconf"
|
||||
ynh_substitute_char "__NAMETOCHANGE__" "$app" "$finalphpconf"
|
||||
ynh_substitute_char "__FINALPATH__" "$final_path" "$finalphpconf"
|
||||
ynh_substitute_char "__USER__" "$app" "$finalphpconf"
|
||||
sudo chown root: "$finalphpconf"
|
||||
ynh_store_checksum_config "$finalphpconf"
|
||||
|
||||
if [ -e "../conf/php-fpm.ini" ]
|
||||
then
|
||||
finalphpini="/etc/php5/fpm/conf.d/20-$app.ini"
|
||||
ynh_compare_checksum_config "$finalphpini" 1
|
||||
sudo cp ../conf/php-fpm.ini "$finalphpini"
|
||||
sudo chown root: "$finalphpini"
|
||||
ynh_store_checksum_config "$finalphpini"
|
||||
fi
|
||||
|
||||
sudo systemctl reload php5-fpm
|
||||
}
|
||||
|
||||
ynh_remove_fpm_config () {
|
||||
ynh_secure_remove "/etc/php5/fpm/pool.d/$app.conf"
|
||||
ynh_secure_remove "/etc/php5/fpm/conf.d/20-$app.ini"
|
||||
sudo systemctl reload php5-fpm
|
||||
}
|
||||
|
||||
# Remove a file or a directory securely
|
||||
#
|
||||
# usage: ynh_secure_remove path_to_remove
|
||||
# | arg: path_to_remove - File or directory to remove
|
||||
ynh_secure_remove () {
|
||||
path_to_remove=$1
|
||||
forbidden_path=" \
|
||||
/var/www \
|
||||
/home/yunohost.app"
|
||||
|
||||
if [[ "$forbidden_path" =~ "$path_to_remove" \
|
||||
# Match all path or subpath in $forbidden_path
|
||||
|| "$path_to_remove" =~ ^/[[:alnum:]]+$ \
|
||||
# Match all first level path from / (Like /var, /root, etc...)
|
||||
|| "${path_to_remove:${#path_to_remove}-1}" = "/" ]]
|
||||
# Match if the path finish by /. Because it's seems there is an empty variable
|
||||
then
|
||||
echo "Avoid deleting of $path_to_remove." >&2
|
||||
else
|
||||
if [ -e "$path_to_remove" ]
|
||||
then
|
||||
sudo rm -R "$path_to_remove"
|
||||
else
|
||||
echo "$path_to_remove doesn't deleted because it's not exist." >&2
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
# Create a system user
|
||||
#
|
||||
# usage: ynh_system_user_create user_name [home_dir]
|
||||
# | arg: user_name - Name of the system user that will be create
|
||||
# | arg: home_dir - Path of the home dir for the user. Usually the final path of the app. If this argument is omitted, the user will be created without home
|
||||
ynh_system_user_create () {
|
||||
if ! ynh_system_user_exists "$1" # Check if the user exists on the system
|
||||
then # If the user doesn't exist
|
||||
if [ $# -ge 2 ]; then # If a home dir is mentioned
|
||||
user_home_dir="-d $2"
|
||||
else
|
||||
user_home_dir="--no-create-home"
|
||||
fi
|
||||
sudo useradd $user_home_dir --system --user-group $1 --shell /usr/sbin/nologin || ynh_die "Unable to create $1 system account"
|
||||
fi
|
||||
}
|
||||
|
||||
# Delete a system user
|
||||
#
|
||||
# usage: ynh_system_user_delete user_name
|
||||
# | arg: user_name - Name of the system user that will be create
|
||||
ynh_system_user_delete () {
|
||||
if ynh_system_user_exists "$1" # Check if the user exists on the system
|
||||
then
|
||||
echo "Remove the user $1" >&2
|
||||
sudo userdel $1
|
||||
else
|
||||
echo "The user $1 was not found" >&2
|
||||
fi
|
||||
}
|
||||
|
||||
ynh_compare_checksum_config () {
|
||||
current_config_file=$1
|
||||
compress_backup=${2:-0} # If $2 is empty, compress_backup will set at 0
|
||||
config_file_checksum=checksum_${current_config_file//[\/ ]/_} # Replace all '/' and ' ' by '_'
|
||||
checksum_value=$(ynh_app_setting_get $app $config_file_checksum)
|
||||
if [ -n "$checksum_value" ]
|
||||
then # Proceed only if a value was stocked into the app config
|
||||
if ! echo "$checksum_value $current_config_file" | md5sum -c --status
|
||||
then # If the checksum is now different
|
||||
backup_config_file="$current_config_file.backup.$(date '+%d.%m.%y_%Hh%M,%Ss')"
|
||||
if [ compress_backup -eq 1 ]
|
||||
then
|
||||
sudo tar --create --gzip --file "$backup_config_file.tar.gz" "$current_config_file" # Backup the current config file and compress
|
||||
backup_config_file="$backup_config_file.tar.gz"
|
||||
else
|
||||
sudo cp -a "$current_config_file" "$backup_config_file" # Backup the current config file
|
||||
fi
|
||||
echo "Config file $current_config_file has been manually modified since the installation or last upgrade. So it has been duplicated in $backup_config_file" >&2
|
||||
echo "$backup_config_file" # Return the name of the backup file
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
# Normalize the url path syntax
|
||||
# Handle the slash at the beginning of path and its absence at ending
|
||||
# Return a normalized url path
|
||||
#
|
||||
# example: url_path=$(ynh_normalize_url_path $url_path)
|
||||
# ynh_normalize_url_path example -> /example
|
||||
# ynh_normalize_url_path /example -> /example
|
||||
# ynh_normalize_url_path /example/ -> /example
|
||||
# ynh_normalize_url_path / -> /
|
||||
#
|
||||
# usage: ynh_normalize_url_path path_to_normalize
|
||||
# | arg: url_path_to_normalize - URL path to normalize before using it
|
||||
ynh_normalize_url_path () {
|
||||
path_url=$1
|
||||
test -n "$path_url" || ynh_die "ynh_normalize_url_path expect a URL path as first argument and received nothing."
|
||||
if [ "${path_url:0:1}" != "/" ]; then # If the first character is not a /
|
||||
path_url="/$path_url" # Add / at begin of path variable
|
||||
fi
|
||||
if [ "${path_url:${#path_url}-1}" == "/" ] && [ ${#path_url} -gt 1 ]; then # If the last character is a / and that not the only character.
|
||||
path_url="${path_url:0:${#path_url}-1}" # Delete the last character
|
||||
fi
|
||||
echo $path_url
|
||||
}
|
||||
#!/bin/bash
|
||||
|
|
|
@ -1,36 +1,47 @@
|
|||
#!/bin/bash
|
||||
|
||||
# causes the shell to exit if any subcommand or pipeline returns a non-zero status
|
||||
set -eu
|
||||
#=================================================
|
||||
# GENERIC START
|
||||
|
||||
#=================================================
|
||||
# IMPORT GENERIC HELPERS
|
||||
#=================================================
|
||||
|
||||
# Source YNH helpers
|
||||
source /usr/share/yunohost/helpers
|
||||
|
||||
# This is a multi-instance app, meaning it can be installed several times independently
|
||||
# The id of the app as stated in the manifest is available as $YNH_APP_ID
|
||||
# The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2", ...)
|
||||
# The app instance name is available as $YNH_APP_INSTANCE_NAME
|
||||
# - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample
|
||||
# - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2
|
||||
# - ynhexample__{N} for the subsequent installations, with N=3,4, ...
|
||||
# The app instance name is probably what you are interested the most, since this is
|
||||
# guaranteed to be unique. This is a good unique identifier to define installation path,
|
||||
# db names, ...
|
||||
#=================================================
|
||||
# MANAGE SCRIPT FAILURE
|
||||
#=================================================
|
||||
|
||||
# Exit if an error occurs during the execution of the script
|
||||
ynh_abort_if_errors
|
||||
|
||||
#=================================================
|
||||
# LOAD SETTINGS
|
||||
#=================================================
|
||||
|
||||
app=$YNH_APP_INSTANCE_NAME
|
||||
|
||||
# Retrieve arguments
|
||||
domain=$(ynh_app_setting_get "$app" domain)
|
||||
final_path=$(ynh_app_setting_get $app final_path)
|
||||
domain=$(ynh_app_setting_get $app domain)
|
||||
|
||||
# Backup directory location for the app from where the script is executed and
|
||||
# which will be compressed afterward
|
||||
backup_dir=$YNH_APP_BACKUP_DIR
|
||||
#=================================================
|
||||
# STANDARD BACKUP STEPS
|
||||
#=================================================
|
||||
# BACKUP THE APP MAIN DIR
|
||||
#=================================================
|
||||
|
||||
# Backup sources & data
|
||||
ynh_backup "/var/www/${app}" "sources"
|
||||
ynh_backup "$final_path"
|
||||
|
||||
# Copy Nginx conf
|
||||
sudo mkdir -p ./conf
|
||||
ynh_backup "/etc/nginx/conf.d/${domain}.d/${app}.conf" "conf/nginx.conf"
|
||||
# Copy the php-fpm conf files
|
||||
ynh_backup "/etc/php5/fpm/pool.d/${app}.conf" "php-fpm.conf"
|
||||
ynh_backup "/etc/php5/fpm/conf.d/20-${app}.ini" "php-fpm.ini"
|
||||
#=================================================
|
||||
# BACKUP THE NGINX CONFIGURATION
|
||||
#=================================================
|
||||
|
||||
ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf"
|
||||
|
||||
#=================================================
|
||||
# BACKUP THE PHP-FPM CONFIGURATION
|
||||
#=================================================
|
||||
|
||||
ynh_backup "/etc/php5/fpm/pool.d/$app.conf"
|
||||
ynh_backup "/etc/php5/fpm/conf.d/20-$app.ini"
|
||||
|
|
115
scripts/install
115
scripts/install
|
@ -1,51 +1,114 @@
|
|||
#!/bin/bash
|
||||
|
||||
# Exit on command errors and treat unset variables as an error
|
||||
set -eu
|
||||
#=================================================
|
||||
# GENERIC START
|
||||
#=================================================
|
||||
# IMPORT GENERIC HELPERS
|
||||
#=================================================
|
||||
|
||||
# Source app helpers
|
||||
source ./_common
|
||||
source /usr/share/yunohost/helpers
|
||||
|
||||
#=================================================
|
||||
# MANAGE SCRIPT FAILURE
|
||||
#=================================================
|
||||
|
||||
# Exit if an error occurs during the execution of the script
|
||||
ynh_abort_if_errors
|
||||
|
||||
#=================================================
|
||||
# RETRIEVE ARGUMENTS FROM THE MANIFEST
|
||||
#=================================================
|
||||
|
||||
# Retrieve arguments
|
||||
domain=$YNH_APP_ARG_DOMAIN
|
||||
path=$(ynh_normalize_url_path $YNH_APP_ARG_PATH)
|
||||
path_url=$YNH_APP_ARG_PATH
|
||||
is_public=$YNH_APP_ARG_IS_PUBLIC
|
||||
|
||||
app=$YNH_APP_INSTANCE_NAME
|
||||
|
||||
# Check domain/path availability
|
||||
sudo yunohost app checkurl "${domain}${path}" -a "$app"
|
||||
#=================================================
|
||||
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
|
||||
#=================================================
|
||||
|
||||
# Copy files to the right place
|
||||
final_path=/var/www/$app
|
||||
sudo mkdir -p $final_path
|
||||
extract_source $final_path
|
||||
test ! -e "$final_path" || ynh_die "This path already contains a folder"
|
||||
|
||||
# Create system user dedicace for this app
|
||||
# Normalize the url path syntax
|
||||
path_url=$(ynh_normalize_url_path $path_url)
|
||||
|
||||
# Check web path availability
|
||||
ynh_webpath_available $domain $path_url
|
||||
# Register (book) web path
|
||||
ynh_webpath_register $app $domain $path_url
|
||||
|
||||
#=================================================
|
||||
# STORE SETTINGS FROM MANIFEST
|
||||
#=================================================
|
||||
|
||||
ynh_app_setting_set $app domain $domain
|
||||
ynh_app_setting_set $app path $path_url
|
||||
ynh_app_setting_set $app is_public $is_public
|
||||
|
||||
#=================================================
|
||||
# STANDARD MODIFICATIONS
|
||||
#=================================================
|
||||
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
||||
#=================================================
|
||||
|
||||
ynh_app_setting_set $app final_path $final_path
|
||||
# Download, check integrity, uncompress and patch the source from app.src
|
||||
ynh_setup_source "$final_path"
|
||||
|
||||
#=================================================
|
||||
# NGINX CONFIGURATION
|
||||
#=================================================
|
||||
|
||||
# Create a dedicated nginx config
|
||||
ynh_add_nginx_config
|
||||
|
||||
#=================================================
|
||||
# CREATE DEDICATED USER
|
||||
#=================================================
|
||||
|
||||
# Create a system user
|
||||
ynh_system_user_create $app
|
||||
|
||||
#=================================================
|
||||
# PHP-FPM CONFIGURATION
|
||||
#=================================================
|
||||
|
||||
# Create a dedicated php-fpm config
|
||||
ynh_add_fpm_config
|
||||
|
||||
#=================================================
|
||||
# GENERIC FINALIZATION
|
||||
#=================================================
|
||||
# SECURE FILES AND DIRECTORIES
|
||||
#=================================================
|
||||
|
||||
# Set permissions to app files
|
||||
chown -R root: $final_path
|
||||
# Files owned by user specific can just read
|
||||
sudo find $final_path -type f | xargs sudo chmod 644
|
||||
sudo find $final_path -type d | xargs sudo chmod 755
|
||||
sudo chown -R root: $final_path
|
||||
find $final_path -type f | xargs chmod 644
|
||||
find $final_path -type d | xargs chmod 755
|
||||
|
||||
# except for data and tmp subdir, where www-data must have write permissions
|
||||
sudo mkdir -p $final_path/{data,tmp}
|
||||
sudo chown -R $app:root $final_path/{data,tmp}
|
||||
sudo chmod 700 $final_path/{data,tmp}
|
||||
# except for data and tmp subdir, where the user must have write permissions
|
||||
mkdir -p $final_path/{data,tmp}
|
||||
chown -R $app:root $final_path/{data,tmp}
|
||||
chmod 700 $final_path/{data,tmp}
|
||||
|
||||
# Modify Nginx configuration file and copy it to Nginx conf directory
|
||||
ynh_nginx_config
|
||||
|
||||
# Create the php-fpm pool config
|
||||
ynh_fpm_config
|
||||
#=================================================
|
||||
# SETUP SSOWAT
|
||||
#=================================================
|
||||
|
||||
# If app is public, add url to SSOWat conf as skipped_uris
|
||||
if [[ $is_public -eq 1 ]]; then
|
||||
if [ $is_public -eq 1 ]; then
|
||||
# unprotected_uris allows SSO credentials to be passed anyway.
|
||||
ynh_app_setting_set "$app" unprotected_uris "/"
|
||||
fi
|
||||
|
||||
sudo systemctl reload nginx
|
||||
sudo yunohost app ssowatconf
|
||||
#=================================================
|
||||
# RELOAD NGINX
|
||||
#=================================================
|
||||
|
||||
systemctl reload nginx
|
||||
|
|
|
@ -1,22 +1,52 @@
|
|||
#!/bin/bash
|
||||
|
||||
# Exit on command errors and treat unset variables as an error
|
||||
set -u
|
||||
#=================================================
|
||||
# GENERIC START
|
||||
#=================================================
|
||||
# IMPORT GENERIC HELPERS
|
||||
#=================================================
|
||||
|
||||
# Source app helpers
|
||||
source ./_common
|
||||
source /usr/share/yunohost/helpers
|
||||
|
||||
#=================================================
|
||||
# LOAD SETTINGS
|
||||
#=================================================
|
||||
|
||||
# Get multi-instances specific variables
|
||||
app=$YNH_APP_INSTANCE_NAME
|
||||
|
||||
# Retrieve arguments
|
||||
domain=$(ynh_app_setting_get "$app" domain)
|
||||
final_path=$(ynh_app_setting_get $app final_path)
|
||||
|
||||
ynh_secure_remove /var/www/$app
|
||||
ynh_secure_remove /etc/nginx/conf.d/$domain.d/$app.conf
|
||||
#=================================================
|
||||
# STANDARD REMOVE
|
||||
#=================================================
|
||||
# REMOVE APP MAIN DIR
|
||||
#=================================================
|
||||
|
||||
# Remove the app directory securely
|
||||
ynh_secure_remove "$final_path"
|
||||
|
||||
#=================================================
|
||||
# REMOVE NGINX CONFIGURATION
|
||||
#=================================================
|
||||
|
||||
# Remove the dedicated nginx config
|
||||
ynh_remove_nginx_config
|
||||
|
||||
#=================================================
|
||||
# REMOVE PHP-FPM CONFIGURATION
|
||||
#=================================================
|
||||
|
||||
# Remove the dedicated php-fpm config
|
||||
ynh_remove_fpm_config
|
||||
|
||||
ynh_system_user_delete $app
|
||||
#=================================================
|
||||
# GENERIC FINALIZATION
|
||||
#=================================================
|
||||
# REMOVE DEDICATED USER
|
||||
#=================================================
|
||||
|
||||
sudo systemctl reload nginx
|
||||
# Delete a system user
|
||||
ynh_system_user_delete $app
|
||||
|
|
130
scripts/restore
130
scripts/restore
|
@ -1,86 +1,78 @@
|
|||
#!/bin/bash
|
||||
|
||||
# causes the shell to exit if any subcommand or pipeline returns a non-zero status
|
||||
set -eu
|
||||
#=================================================
|
||||
# GENERIC START
|
||||
#=================================================
|
||||
# IMPORT GENERIC HELPERS
|
||||
#=================================================
|
||||
|
||||
if [ ! -e _common ]; then
|
||||
# Fetch helpers file if not in current directory
|
||||
sudo cp ../settings/scripts/_common ./_common
|
||||
sudo chmod a+rx _common
|
||||
fi
|
||||
source _common
|
||||
# Source app helpers
|
||||
source /usr/share/yunohost/helpers
|
||||
|
||||
# This is a multi-instance app, meaning it can be installed several times independently
|
||||
# The id of the app as stated in the manifest is available as $YNH_APP_ID
|
||||
# The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2", ...)
|
||||
# The app instance name is available as $YNH_APP_INSTANCE_NAME
|
||||
# - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample
|
||||
# - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2
|
||||
# - ynhexample__{N} for the subsequent installations, with N=3,4, ...
|
||||
# The app instance name is probably what you are interested the most, since this is
|
||||
# guaranteed to be unique. This is a good unique identifier to define installation path,
|
||||
# db names, ...
|
||||
#=================================================
|
||||
# MANAGE SCRIPT FAILURE
|
||||
#=================================================
|
||||
|
||||
# Exit if an error occurs during the execution of the script
|
||||
ynh_abort_if_errors
|
||||
|
||||
#=================================================
|
||||
# LOAD SETTINGS
|
||||
#=================================================
|
||||
|
||||
app=$YNH_APP_INSTANCE_NAME
|
||||
|
||||
# Retrieve arguments
|
||||
domain=$(ynh_app_setting_get "$app" domain)
|
||||
path=$(ynh_app_setting_get "$app" path)
|
||||
user=$(ynh_app_setting_get $app allowed_users)
|
||||
is_public=$(ynh_app_setting_get $app is_public)
|
||||
domain=$(ynh_app_setting_get $app domain)
|
||||
path_url=$(ynh_app_setting_get $app path)
|
||||
final_path=$(ynh_app_setting_get $app final_path)
|
||||
|
||||
# Check domain/path availability
|
||||
sudo yunohost app checkurl "${domain}${path}" -a "$app"
|
||||
#=================================================
|
||||
# CHECK IF THE APP CAN BE RESTORED
|
||||
#=================================================
|
||||
|
||||
# Check $final_path
|
||||
final_path="/var/www/${app}"
|
||||
if [ -d $final_path ]; then
|
||||
ynh_die "There is already a directory: $final_path"
|
||||
fi
|
||||
ynh_webpath_available $domain $path_url \
|
||||
|| ynh_die "Path not available: ${domain}${path_url}"
|
||||
test ! -d $final_path \
|
||||
|| ynh_die "There is already a directory: $final_path "
|
||||
|
||||
# Check configuration files
|
||||
nginx_conf="/etc/nginx/conf.d/${domain}.d/${app}.conf"
|
||||
if [ -f $nginx_conf ]; then
|
||||
ynh_die "The NGINX configuration already exists at '${nginx_conf}'.
|
||||
You should safely delete it before restoring this app."
|
||||
fi
|
||||
# Check configuration files php-fpm
|
||||
phpfpm_conf="/etc/php5/fpm/pool.d/php-fpm-${app}.conf"
|
||||
if [ -f $phpfpm_conf ]; then
|
||||
ynh_die "The PHP FPM configuration already exists at '${phpfpm_conf}'.
|
||||
You should safely delete it before restoring this app."
|
||||
fi
|
||||
#=================================================
|
||||
# STANDARD RESTORATION STEPS
|
||||
#=================================================
|
||||
# RESTORE THE NGINX CONFIGURATION
|
||||
#=================================================
|
||||
|
||||
phpfpm_ini="/etc/php5/fpm/conf.d/20-${app}.ini"
|
||||
if [ -f $phpfpm_ini ]; then
|
||||
ynh_die "The PHP FPM INI configuration already exists at '${phpfpm_ini}'.
|
||||
You should safely delete it before restoring this app."
|
||||
fi
|
||||
# Create dedicated system user for this app
|
||||
ynh_restore_file "/etc/nginx/conf.d/$domain.d/$app.conf"
|
||||
|
||||
#=================================================
|
||||
# RESTORE THE APP MAIN DIR
|
||||
#=================================================
|
||||
|
||||
ynh_restore_file "$final_path"
|
||||
|
||||
#=================================================
|
||||
# RECREATE THE DEDICATED USER
|
||||
#=================================================
|
||||
|
||||
# Create the dedicated user (if not existing)
|
||||
ynh_system_user_create $app
|
||||
|
||||
# Restore sources & data
|
||||
sudo cp -a "./sources" $final_path
|
||||
#=================================================
|
||||
# RESTORE USER RIGHTS
|
||||
#=================================================
|
||||
|
||||
# Set permissions
|
||||
sudo chown -R root:root $final_path
|
||||
sudo chown -R $app:root $final_path/{data,tmp}
|
||||
sudo chmod -R 700 $final_path/{data,tmp}
|
||||
chown -R $app:root $final_path/{data,tmp}
|
||||
|
||||
# Restore nginx configuration files
|
||||
sudo cp -a ./conf/nginx.conf "${nginx_conf}"
|
||||
# Restore php-fpm configuration files
|
||||
sudo cp -a ./php-fpm.conf "${phpfpm_conf}"
|
||||
sudo cp -a ./php-fpm.ini "${phpfpm_ini}"
|
||||
#=================================================
|
||||
# RESTORE THE PHP-FPM CONFIGURATION
|
||||
#=================================================
|
||||
|
||||
# Set ssowat config
|
||||
if [ "$is_public" = "Yes" ];
|
||||
then
|
||||
ynh_app_setting_set $app unprotected_uris "/"
|
||||
fi
|
||||
ynh_restore_file "/etc/php5/fpm/pool.d/$app.conf"
|
||||
ynh_restore_file "/etc/php5/fpm/conf.d/20-$app.ini"
|
||||
|
||||
# Reload service
|
||||
sudo systemctl reload nginx
|
||||
sudo systemctl reload php5-fpm
|
||||
sudo yunohost app ssowatconf
|
||||
#=================================================
|
||||
# GENERIC FINALIZATION
|
||||
#=================================================
|
||||
# RELOAD NGINX AND PHP-FPM
|
||||
#=================================================
|
||||
|
||||
systemctl reload php5-fpm
|
||||
systemctl reload nginx
|
||||
|
|
160
scripts/upgrade
160
scripts/upgrade
|
@ -1,30 +1,102 @@
|
|||
#!/bin/bash
|
||||
|
||||
# Exit on command errors and treat unset variables as an error
|
||||
set -eu
|
||||
# Source app helpers
|
||||
source ./_common
|
||||
#=================================================
|
||||
# GENERIC START
|
||||
#=================================================
|
||||
# IMPORT GENERIC HELPERS
|
||||
#=================================================
|
||||
|
||||
source /usr/share/yunohost/helpers
|
||||
|
||||
#=================================================
|
||||
# LOAD SETTINGS
|
||||
#=================================================
|
||||
|
||||
app=$YNH_APP_INSTANCE_NAME
|
||||
|
||||
domain=$(ynh_app_setting_get "$app" domain)
|
||||
path=$(ynh_app_setting_get "$app" path)
|
||||
user=$(ynh_app_setting_get "$app" user)
|
||||
domain=$(ynh_app_setting_get $app domain)
|
||||
path_url=$(ynh_app_setting_get $app path)
|
||||
is_public=$(ynh_app_setting_get $app is_public)
|
||||
final_path=$(ynh_app_setting_get $app final_path)
|
||||
|
||||
# Remove trailing "/" for next commands
|
||||
if [[ ! "$path" == "/" ]]; then
|
||||
path=${path%/}
|
||||
#=================================================
|
||||
# ENSURE DOWNWARD COMPATIBILITY
|
||||
#=================================================
|
||||
|
||||
# Fix is_public as a boolean value
|
||||
if [ "$is_public" = "Yes" ]; then
|
||||
ynh_app_setting_set $app is_public 1
|
||||
is_public=1
|
||||
elif [ "$is_public" = "No" ]; then
|
||||
ynh_app_setting_set $app is_public 0
|
||||
is_public=0
|
||||
elif [ -z "$is_public" ]; then
|
||||
if grep --quiet "unprotected_uris" "/etc/yunohost/apps/$app/settings.yml"
|
||||
then
|
||||
ynh_app_setting_set $app is_public 1
|
||||
is_public=1
|
||||
else
|
||||
ynh_app_setting_set $app is_public 0
|
||||
is_public=0
|
||||
fi
|
||||
fi
|
||||
|
||||
# Create system user dedicace for this app
|
||||
# If final_path doesn't exist, create it
|
||||
if [ -z $final_path ]; then
|
||||
final_path=/var/www/$app
|
||||
ynh_app_setting_set $app final_path $final_path
|
||||
fi
|
||||
|
||||
#=================================================
|
||||
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
|
||||
#=================================================
|
||||
|
||||
# Backup the current version of the app
|
||||
ynh_backup_before_upgrade
|
||||
ynh_clean_setup () {
|
||||
# restore it if the upgrade fails
|
||||
ynh_restore_upgradebackup
|
||||
}
|
||||
# Exit if an error occurs during the execution of the script
|
||||
ynh_abort_if_errors
|
||||
|
||||
#=================================================
|
||||
# CHECK THE PATH
|
||||
#=================================================
|
||||
|
||||
# Normalize the URL path syntax
|
||||
path_url=$(ynh_normalize_url_path $path_url)
|
||||
|
||||
#=================================================
|
||||
# STANDARD UPGRADE STEPS
|
||||
#=================================================
|
||||
# NGINX CONFIGURATION
|
||||
#=================================================
|
||||
|
||||
# Create a dedicated nginx config
|
||||
ynh_add_nginx_config
|
||||
|
||||
#=================================================
|
||||
# CREATE DEDICATED USER
|
||||
#=================================================
|
||||
|
||||
# Create a system user
|
||||
ynh_system_user_create $app
|
||||
|
||||
# Init final_path, if ever it got deleted somehow
|
||||
final_path=/var/www/$app
|
||||
sudo mkdir -p $final_path
|
||||
#=================================================
|
||||
# PHP-FPM CONFIGURATION
|
||||
#=================================================
|
||||
|
||||
# Create a dedicated php-fpm config
|
||||
ynh_add_fpm_config
|
||||
|
||||
#=================================================
|
||||
# SPECIFIC UPGRADE
|
||||
#=================================================
|
||||
# REMOVE OLD FILES
|
||||
#=================================================
|
||||
|
||||
# ??? Maybe julienmalik can explain us why he would remove all this files.
|
||||
# Clean all files and directory except the data directory
|
||||
ynh_secure_remove $final_path/cfg
|
||||
ynh_secure_remove $final_path/CREDITS.md
|
||||
|
@ -43,34 +115,46 @@ ynh_secure_remove $final_path/robots.txt
|
|||
ynh_secure_remove $final_path/tpl
|
||||
ynh_secure_remove $final_path/data
|
||||
|
||||
# Copy files to the right place
|
||||
extract_source $final_path
|
||||
#=================================================
|
||||
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
||||
#=================================================
|
||||
|
||||
# Files owned by root, www-data can just read
|
||||
sudo find $final_path -type f | xargs sudo chmod 644
|
||||
sudo find $final_path -type d | xargs sudo chmod 755
|
||||
sudo chown -R root: $final_path
|
||||
# Download, check integrity, uncompress and patch the source from app.src
|
||||
ynh_setup_source "$final_path"
|
||||
|
||||
# except for data and tmp subdir, where www-data must have write permissions
|
||||
sudo mkdir -p $final_path/{data,tmp}
|
||||
sudo chown -R $app:root $final_path/{data,tmp}
|
||||
sudo chmod 700 $final_path/{data,tmp}
|
||||
#=================================================
|
||||
# GENERIC FINALIZATION
|
||||
#=================================================
|
||||
# SECURE FILES AND DIRECTORIES
|
||||
#=================================================
|
||||
|
||||
# Modify Nginx configuration file and copy it to Nginx conf directory
|
||||
ynh_nginx_config
|
||||
# Set permissions to app files
|
||||
chown -R root: $final_path
|
||||
# Files owned by user specific can just read
|
||||
find $final_path -type f | xargs chmod 644
|
||||
find $final_path -type d | xargs chmod 755
|
||||
|
||||
# Create the php-fpm pool config
|
||||
ynh_fpm_config
|
||||
# except for data and tmp subdir, where the user must have write permissions
|
||||
mkdir -p $final_path/{data,tmp}
|
||||
chown -R $app:root $final_path/{data,tmp}
|
||||
chmod 700 $final_path/{data,tmp}
|
||||
|
||||
# Set ssowat config
|
||||
if [ "$is_public" = "Yes" ]; then
|
||||
ynh_app_setting_set $app is_public 1 # Fixe is_public en booléen
|
||||
is_public=1
|
||||
else
|
||||
ynh_app_setting_set $app is_public 0
|
||||
is_public=0
|
||||
#=================================================
|
||||
# SETUP SSOWAT
|
||||
#=================================================
|
||||
|
||||
#=================================================
|
||||
# SETUP SSOWAT
|
||||
#=================================================
|
||||
|
||||
# If app is public, add url to SSOWat conf as skipped_uris
|
||||
if [ $is_public -eq 1 ]; then
|
||||
# unprotected_uris allows SSO credentials to be passed anyway.
|
||||
ynh_app_setting_set "$app" unprotected_uris "/"
|
||||
fi
|
||||
|
||||
# Reload Nginx
|
||||
sudo systemctl reload nginx
|
||||
sudo yunohost app ssowatconf
|
||||
#=================================================
|
||||
# RELOAD NGINX
|
||||
#=================================================
|
||||
|
||||
systemctl reload nginx
|
||||
|
|
Loading…
Reference in a new issue