YunoHost-Apps/zerobin_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/zerobin_ynh.git synced 2024-09-03 18:06:01 +02:00
Code Issues Activity Actions

Merge pull request #20 from YunoHost-Apps/refactoring

Browse source 
Refactoring
This commit is contained in:
Maniack Crudelis 2017-10-31 12:33:50 +01:00 committed by GitHub
commit a00e6930d0
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
9 changed files with 352 additions and 379 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
check_process
View file

@ -1,5 +1,4 @@
;; Nom du test ;; Test complet
auto_remove=1
; Manifest ; Manifest
domain="domain.tld" (DOMAIN) domain="domain.tld" (DOMAIN)
path="/path" (PATH) path="/path" (PATH)
@ -16,6 +15,7 @@
multi_instance=1 multi_instance=1
incorrect_path=1 incorrect_path=1
port_already_use=0 port_already_use=0
change_url=0
;;; Levels ;;; Levels
Level 1=auto Level 1=auto
Level 2=auto Level 2=auto

6
conf/app.src Normal file
View file

@ -0,0 +1,6 @@
SOURCE_URL=https://github.com/PrivateBin/PrivateBin/archive/1.1.tar.gz
SOURCE_SUM=61d18753c792d83f54ad9e414d1d32198ab873054907081e732effd5ccbe96ef
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=

9
manifest.json
View file

@ -2,19 +2,20 @@
"name": "Zerobin", "name": "Zerobin",
"id": "zerobin", "id": "zerobin",
"packaging_format": 1, "packaging_format": 1,
"requirements": {
"yunohost": ">> 2.3.15"
},
"description": { "description": {
"en": "A minimalist, opensource online pastebin where the server has zero knowledge of pasted data", "en": "A minimalist, opensource online pastebin where the server has zero knowledge of pasted data",
"fr": "Un pastebin minimaliste, libre et où le serveur n'a aucune connaissance des données copiées" "fr": "Un pastebin minimaliste, libre et où le serveur n'a aucune connaissance des données copiées"
}, },
"version": "1.1",
"url": "http://sebsauvage.net/wiki/doku.php?id=php:zerobin", "url": "http://sebsauvage.net/wiki/doku.php?id=php:zerobin",
"license": "Zlib",
"maintainer": { "maintainer": {
"name": "julien", "name": "julien",
"email": "julien.malik@paraiso.me" "email": "julien.malik@paraiso.me"
}, },
"license": "free", "requirements": {
"yunohost": ">= 2.7.2"
},
"multi_instance": true, "multi_instance": true,
"services": [ "services": [
"nginx", "nginx",

207
scripts/_common
View file

@ -1,206 +1 @@
PRIVATEBIN_VERSION="1.1" #!/bin/bash
PRIVATEBIN_SOURCE_URL="https://github.com/PrivateBin/PrivateBin/archive/${PRIVATEBIN_VERSION}.tar.gz"
PRIVATEBIN_SOURCE_SHA256="61d18753c792d83f54ad9e414d1d32198ab873054907081e732effd5ccbe96ef"
# Substitute a string by another in a file
#
# usage: ynh_substitute_char string_to_find replace_string file_to_analyse
# | arg: string_to_find - String to replace in the file
# | arg: replace_string - New string that will replace
# | arg: file_to_analyse - File where the string will be replaced.
ynh_substitute_char () {
delimit=@
match_char=${1//${delimit}/"\\${delimit}"} # Escape the delimiter if it's in the string.
replace_char=${2//${delimit}/"\\${delimit}"}
workfile=$3
sudo sed --in-place "s${delimit}${match_char}${delimit}${replace_char}${delimit}g" "$workfile"
}
ynh_store_checksum_config () {
config_file_checksum=checksum_${1//[\/ ]/_} # Replace all '/' and ' ' by '_'
ynh_app_setting_set $app $config_file_checksum $(sudo md5sum "$1" | cut -d' ' -f1)
}
extract_source () {
local DESTDIR=$1
# retrieve and extract Roundcube tarball
rc_tarball="${DESTDIR}/privatebin.tar.gz"
sudo wget -q -O "$rc_tarball" "$PRIVATEBIN_SOURCE_URL" \
|| ynh_die "Unable to download source tarball"
echo "$PRIVATEBIN_SOURCE_SHA256 $rc_tarball" | sha256sum -c >/dev/null \
|| ynh_die "Invalid checksum of downloaded tarball"
sudo tar xf "$rc_tarball" -C "$DESTDIR" --strip-components 1 \
|| ynh_die "Unable to extract source tarball"
sudo rm "$rc_tarball"
}
# Add config nginx
ynh_nginx_config () {
finalnginxconf="/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_compare_checksum_config "$finalnginxconf" 1
sudo cp ../conf/nginx.conf "$finalnginxconf"
# To avoid a break by set -u, use a void substitution ${var:-}. If the variable is not set, it's simply set with an empty variable.
# Substitute in a nginx config file only if the variable is not empty
if test -n "${path:-}"; then
ynh_substitute_char "__PATH__" "$path" "$finalnginxconf"
fi
if test -n "${domain:-}"; then
ynh_substitute_char "__DOMAIN__" "$domain" "$finalnginxconf"
fi
if test -n "${port:-}"; then
ynh_substitute_char "__PORT__" "$port" "$finalnginxconf"
fi
if test -n "${app:-}"; then
ynh_substitute_char "__NAME__" "$app" "$finalnginxconf"
fi
if test -n "${final_path:-}"; then
ynh_substitute_char "__FINALPATH__" "$final_path" "$finalnginxconf"
fi
ynh_store_checksum_config "$finalnginxconf"
sudo systemctl reload nginx
}
# Remove config nginx
ynh_remove_nginx_config () {
ynh_secure_remove "/etc/nginx/conf.d/$domain.d/$app.conf"
sudo systemctl reload nginx
}
ynh_fpm_config () {
finalphpconf="/etc/php5/fpm/pool.d/$app.conf"
ynh_compare_checksum_config "$finalphpconf" 1
sudo cp ../conf/php-fpm.conf "$finalphpconf"
ynh_substitute_char "__NAMETOCHANGE__" "$app" "$finalphpconf"
ynh_substitute_char "__FINALPATH__" "$final_path" "$finalphpconf"
ynh_substitute_char "__USER__" "$app" "$finalphpconf"
sudo chown root: "$finalphpconf"
ynh_store_checksum_config "$finalphpconf"
if [ -e "../conf/php-fpm.ini" ]
then
finalphpini="/etc/php5/fpm/conf.d/20-$app.ini"
ynh_compare_checksum_config "$finalphpini" 1
sudo cp ../conf/php-fpm.ini "$finalphpini"
sudo chown root: "$finalphpini"
ynh_store_checksum_config "$finalphpini"
fi
sudo systemctl reload php5-fpm
}
ynh_remove_fpm_config () {
ynh_secure_remove "/etc/php5/fpm/pool.d/$app.conf"
ynh_secure_remove "/etc/php5/fpm/conf.d/20-$app.ini"
sudo systemctl reload php5-fpm
}
# Remove a file or a directory securely
#
# usage: ynh_secure_remove path_to_remove
# | arg: path_to_remove - File or directory to remove
ynh_secure_remove () {
path_to_remove=$1
forbidden_path=" \
/var/www \
/home/yunohost.app"
if [[ "$forbidden_path" =~ "$path_to_remove" \
# Match all path or subpath in $forbidden_path
|| "$path_to_remove" =~ ^/[[:alnum:]]+$ \
# Match all first level path from / (Like /var, /root, etc...)
|| "${path_to_remove:${#path_to_remove}-1}" = "/" ]]
# Match if the path finish by /. Because it's seems there is an empty variable
then
echo "Avoid deleting of $path_to_remove." >&2
else
if [ -e "$path_to_remove" ]
then
sudo rm -R "$path_to_remove"
else
echo "$path_to_remove doesn't deleted because it's not exist." >&2
fi
fi
}
# Create a system user
#
# usage: ynh_system_user_create user_name [home_dir]
# | arg: user_name - Name of the system user that will be create
# | arg: home_dir - Path of the home dir for the user. Usually the final path of the app. If this argument is omitted, the user will be created without home
ynh_system_user_create () {
if ! ynh_system_user_exists "$1" # Check if the user exists on the system
then # If the user doesn't exist
if [ $# -ge 2 ]; then # If a home dir is mentioned
user_home_dir="-d $2"
else
user_home_dir="--no-create-home"
fi
sudo useradd $user_home_dir --system --user-group $1 --shell /usr/sbin/nologin || ynh_die "Unable to create $1 system account"
fi
}
# Delete a system user
#
# usage: ynh_system_user_delete user_name
# | arg: user_name - Name of the system user that will be create
ynh_system_user_delete () {
if ynh_system_user_exists "$1" # Check if the user exists on the system
then
echo "Remove the user $1" >&2
sudo userdel $1
else
echo "The user $1 was not found" >&2
fi
}
ynh_compare_checksum_config () {
current_config_file=$1
compress_backup=${2:-0} # If $2 is empty, compress_backup will set at 0
config_file_checksum=checksum_${current_config_file//[\/ ]/_} # Replace all '/' and ' ' by '_'
checksum_value=$(ynh_app_setting_get $app $config_file_checksum)
if [ -n "$checksum_value" ]
then # Proceed only if a value was stocked into the app config
if ! echo "$checksum_value $current_config_file" | md5sum -c --status
then # If the checksum is now different
backup_config_file="$current_config_file.backup.$(date '+%d.%m.%y_%Hh%M,%Ss')"
if [ compress_backup -eq 1 ]
then
sudo tar --create --gzip --file "$backup_config_file.tar.gz" "$current_config_file" # Backup the current config file and compress
backup_config_file="$backup_config_file.tar.gz"
else
sudo cp -a "$current_config_file" "$backup_config_file" # Backup the current config file
fi
echo "Config file $current_config_file has been manually modified since the installation or last upgrade. So it has been duplicated in $backup_config_file" >&2
echo "$backup_config_file" # Return the name of the backup file
fi
fi
}
# Normalize the url path syntax
# Handle the slash at the beginning of path and its absence at ending
# Return a normalized url path
#
# example: url_path=$(ynh_normalize_url_path $url_path)
# ynh_normalize_url_path example -> /example
# ynh_normalize_url_path /example -> /example
# ynh_normalize_url_path /example/ -> /example
# ynh_normalize_url_path / -> /
#
# usage: ynh_normalize_url_path path_to_normalize
# | arg: url_path_to_normalize - URL path to normalize before using it
ynh_normalize_url_path () {
path_url=$1
test -n "$path_url" || ynh_die "ynh_normalize_url_path expect a URL path as first argument and received nothing."
if [ "${path_url:0:1}" != "/" ]; then # If the first character is not a /
path_url="/$path_url" # Add / at begin of path variable
fi
if [ "${path_url:${#path_url}-1}" == "/" ] && [ ${#path_url} -gt 1 ]; then # If the last character is a / and that not the only character.
path_url="${path_url:0:${#path_url}-1}" # Delete the last character
fi
echo $path_url
}

63
scripts/backup
View file

@ -1,36 +1,47 @@
#!/bin/bash #!/bin/bash
# causes the shell to exit if any subcommand or pipeline returns a non-zero status #=================================================
set -eu # GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
# Source YNH helpers
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
# This is a multi-instance app, meaning it can be installed several times independently #=================================================
# The id of the app as stated in the manifest is available as $YNH_APP_ID # MANAGE SCRIPT FAILURE
# The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2", ...) #=================================================
# The app instance name is available as $YNH_APP_INSTANCE_NAME
# - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample # Exit if an error occurs during the execution of the script
# - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2 ynh_abort_if_errors
# - ynhexample__{N} for the subsequent installations, with N=3,4, ...
# The app instance name is probably what you are interested the most, since this is #=================================================
# guaranteed to be unique. This is a good unique identifier to define installation path, # LOAD SETTINGS
# db names, ... #=================================================
app=$YNH_APP_INSTANCE_NAME app=$YNH_APP_INSTANCE_NAME
# Retrieve arguments final_path=$(ynh_app_setting_get $app final_path)
domain=$(ynh_app_setting_get "$app" domain) domain=$(ynh_app_setting_get $app domain)
# Backup directory location for the app from where the script is executed and #=================================================
# which will be compressed afterward # STANDARD BACKUP STEPS
backup_dir=$YNH_APP_BACKUP_DIR #=================================================
# BACKUP THE APP MAIN DIR
#=================================================
# Backup sources & data ynh_backup "$final_path"
ynh_backup "/var/www/${app}" "sources"
# Copy Nginx conf #=================================================
sudo mkdir -p ./conf # BACKUP THE NGINX CONFIGURATION
ynh_backup "/etc/nginx/conf.d/${domain}.d/${app}.conf" "conf/nginx.conf" #=================================================
# Copy the php-fpm conf files
ynh_backup "/etc/php5/fpm/pool.d/${app}.conf" "php-fpm.conf" ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_backup "/etc/php5/fpm/conf.d/20-${app}.ini" "php-fpm.ini"
#=================================================
# BACKUP THE PHP-FPM CONFIGURATION
#=================================================
ynh_backup "/etc/php5/fpm/pool.d/$app.conf"
ynh_backup "/etc/php5/fpm/conf.d/20-$app.ini"

115
scripts/install
View file

@ -1,51 +1,114 @@
#!/bin/bash #!/bin/bash
# Exit on command errors and treat unset variables as an error #=================================================
set -eu # GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
# Source app helpers
source ./_common
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================
# Retrieve arguments # Retrieve arguments
domain=$YNH_APP_ARG_DOMAIN domain=$YNH_APP_ARG_DOMAIN
path=$(ynh_normalize_url_path $YNH_APP_ARG_PATH) path_url=$YNH_APP_ARG_PATH
is_public=$YNH_APP_ARG_IS_PUBLIC is_public=$YNH_APP_ARG_IS_PUBLIC
app=$YNH_APP_INSTANCE_NAME app=$YNH_APP_INSTANCE_NAME
# Check domain/path availability #=================================================
sudo yunohost app checkurl "${domain}${path}" -a "$app" # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#=================================================
# Copy files to the right place
final_path=/var/www/$app final_path=/var/www/$app
sudo mkdir -p $final_path test ! -e "$final_path" || ynh_die "This path already contains a folder"
extract_source $final_path
# Create system user dedicace for this app # Normalize the url path syntax
path_url=$(ynh_normalize_url_path $path_url)
# Check web path availability
ynh_webpath_available $domain $path_url
# Register (book) web path
ynh_webpath_register $app $domain $path_url
#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
ynh_app_setting_set $app domain $domain
ynh_app_setting_set $app path $path_url
ynh_app_setting_set $app is_public $is_public
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_app_setting_set $app final_path $final_path
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source "$final_path"
#=================================================
# NGINX CONFIGURATION
#=================================================
# Create a dedicated nginx config
ynh_add_nginx_config
#=================================================
# CREATE DEDICATED USER
#=================================================
# Create a system user
ynh_system_user_create $app ynh_system_user_create $app
#=================================================
# PHP-FPM CONFIGURATION
#=================================================
# Create a dedicated php-fpm config
ynh_add_fpm_config
#=================================================
# GENERIC FINALIZATION
#=================================================
# SECURE FILES AND DIRECTORIES
#=================================================
# Set permissions to app files
chown -R root: $final_path
# Files owned by user specific can just read # Files owned by user specific can just read
sudo find $final_path -type f | xargs sudo chmod 644 find $final_path -type f | xargs chmod 644
sudo find $final_path -type d | xargs sudo chmod 755 find $final_path -type d | xargs chmod 755
sudo chown -R root: $final_path
# except for data and tmp subdir, where www-data must have write permissions # except for data and tmp subdir, where the user must have write permissions
sudo mkdir -p $final_path/{data,tmp} mkdir -p $final_path/{data,tmp}
sudo chown -R $app:root $final_path/{data,tmp} chown -R $app:root $final_path/{data,tmp}
sudo chmod 700 $final_path/{data,tmp} chmod 700 $final_path/{data,tmp}
# Modify Nginx configuration file and copy it to Nginx conf directory #=================================================
ynh_nginx_config # SETUP SSOWAT
#=================================================
# Create the php-fpm pool config
ynh_fpm_config
# If app is public, add url to SSOWat conf as skipped_uris # If app is public, add url to SSOWat conf as skipped_uris
if [[ $is_public -eq 1 ]]; then if [ $is_public -eq 1 ]; then
# unprotected_uris allows SSO credentials to be passed anyway. # unprotected_uris allows SSO credentials to be passed anyway.
ynh_app_setting_set "$app" unprotected_uris "/" ynh_app_setting_set "$app" unprotected_uris "/"
fi fi
sudo systemctl reload nginx #=================================================
sudo yunohost app ssowatconf # RELOAD NGINX
#=================================================
systemctl reload nginx

46
scripts/remove
View file

@ -1,22 +1,52 @@
#!/bin/bash #!/bin/bash
# Exit on command errors and treat unset variables as an error #=================================================
set -u # GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
# Source app helpers
source ./_common
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
#=================================================
# Get multi-instances specific variables # Get multi-instances specific variables
app=$YNH_APP_INSTANCE_NAME app=$YNH_APP_INSTANCE_NAME
# Retrieve arguments # Retrieve arguments
domain=$(ynh_app_setting_get "$app" domain) domain=$(ynh_app_setting_get "$app" domain)
final_path=$(ynh_app_setting_get $app final_path)
ynh_secure_remove /var/www/$app #=================================================
ynh_secure_remove /etc/nginx/conf.d/$domain.d/$app.conf # STANDARD REMOVE
#=================================================
# REMOVE APP MAIN DIR
#=================================================
# Remove the app directory securely
ynh_secure_remove "$final_path"
#=================================================
# REMOVE NGINX CONFIGURATION
#=================================================
# Remove the dedicated nginx config
ynh_remove_nginx_config
#=================================================
# REMOVE PHP-FPM CONFIGURATION
#=================================================
# Remove the dedicated php-fpm config
ynh_remove_fpm_config ynh_remove_fpm_config
ynh_system_user_delete $app #=================================================
# GENERIC FINALIZATION
#=================================================
# REMOVE DEDICATED USER
#=================================================
sudo systemctl reload nginx # Delete a system user
ynh_system_user_delete $app

130
scripts/restore
View file

@ -1,86 +1,78 @@
#!/bin/bash #!/bin/bash
# causes the shell to exit if any subcommand or pipeline returns a non-zero status #=================================================
set -eu # GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
if [ ! -e _common ]; then
# Fetch helpers file if not in current directory
sudo cp ../settings/scripts/_common ./_common
sudo chmod a+rx _common
fi
source _common
# Source app helpers
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
# This is a multi-instance app, meaning it can be installed several times independently #=================================================
# The id of the app as stated in the manifest is available as $YNH_APP_ID # MANAGE SCRIPT FAILURE
# The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2", ...) #=================================================
# The app instance name is available as $YNH_APP_INSTANCE_NAME
# - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample # Exit if an error occurs during the execution of the script
# - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2 ynh_abort_if_errors
# - ynhexample__{N} for the subsequent installations, with N=3,4, ...
# The app instance name is probably what you are interested the most, since this is #=================================================
# guaranteed to be unique. This is a good unique identifier to define installation path, # LOAD SETTINGS
# db names, ... #=================================================
app=$YNH_APP_INSTANCE_NAME app=$YNH_APP_INSTANCE_NAME
# Retrieve arguments domain=$(ynh_app_setting_get $app domain)
domain=$(ynh_app_setting_get "$app" domain) path_url=$(ynh_app_setting_get $app path)
path=$(ynh_app_setting_get "$app" path) final_path=$(ynh_app_setting_get $app final_path)
user=$(ynh_app_setting_get $app allowed_users)
is_public=$(ynh_app_setting_get $app is_public)
# Check domain/path availability #=================================================
sudo yunohost app checkurl "${domain}${path}" -a "$app" # CHECK IF THE APP CAN BE RESTORED
#=================================================
# Check $final_path ynh_webpath_available $domain $path_url \
final_path="/var/www/${app}" || ynh_die "Path not available: ${domain}${path_url}"
if [ -d $final_path ]; then test ! -d $final_path \
ynh_die "There is already a directory: $final_path" || ynh_die "There is already a directory: $final_path "
fi
# Check configuration files #=================================================
nginx_conf="/etc/nginx/conf.d/${domain}.d/${app}.conf" # STANDARD RESTORATION STEPS
if [ -f $nginx_conf ]; then #=================================================
ynh_die "The NGINX configuration already exists at '${nginx_conf}'. # RESTORE THE NGINX CONFIGURATION
You should safely delete it before restoring this app." #=================================================
fi
# Check configuration files php-fpm
phpfpm_conf="/etc/php5/fpm/pool.d/php-fpm-${app}.conf"
if [ -f $phpfpm_conf ]; then
ynh_die "The PHP FPM configuration already exists at '${phpfpm_conf}'.
You should safely delete it before restoring this app."
fi
phpfpm_ini="/etc/php5/fpm/conf.d/20-${app}.ini" ynh_restore_file "/etc/nginx/conf.d/$domain.d/$app.conf"
if [ -f $phpfpm_ini ]; then
ynh_die "The PHP FPM INI configuration already exists at '${phpfpm_ini}'. #=================================================
You should safely delete it before restoring this app." # RESTORE THE APP MAIN DIR
fi #=================================================
# Create dedicated system user for this app
ynh_restore_file "$final_path"
#=================================================
# RECREATE THE DEDICATED USER
#=================================================
# Create the dedicated user (if not existing)
ynh_system_user_create $app ynh_system_user_create $app
# Restore sources & data #=================================================
sudo cp -a "./sources" $final_path # RESTORE USER RIGHTS
#=================================================
# Set permissions chown -R $app:root $final_path/{data,tmp}
sudo chown -R root:root $final_path
sudo chown -R $app:root $final_path/{data,tmp}
sudo chmod -R 700 $final_path/{data,tmp}
# Restore nginx configuration files #=================================================
sudo cp -a ./conf/nginx.conf "${nginx_conf}" # RESTORE THE PHP-FPM CONFIGURATION
# Restore php-fpm configuration files #=================================================
sudo cp -a ./php-fpm.conf "${phpfpm_conf}"
sudo cp -a ./php-fpm.ini "${phpfpm_ini}"
# Set ssowat config ynh_restore_file "/etc/php5/fpm/pool.d/$app.conf"
if [ "$is_public" = "Yes" ]; ynh_restore_file "/etc/php5/fpm/conf.d/20-$app.ini"
then
ynh_app_setting_set $app unprotected_uris "/"
fi
# Reload service #=================================================
sudo systemctl reload nginx # GENERIC FINALIZATION
sudo systemctl reload php5-fpm #=================================================
sudo yunohost app ssowatconf # RELOAD NGINX AND PHP-FPM
#=================================================
systemctl reload php5-fpm
systemctl reload nginx

151
scripts/upgrade
View file

@ -1,30 +1,93 @@
#!/bin/bash #!/bin/bash
# Exit on command errors and treat unset variables as an error #=================================================
set -eu # GENERIC START
# Source app helpers #=================================================
source ./_common # IMPORT GENERIC HELPERS
#=================================================
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
#=================================================
app=$YNH_APP_INSTANCE_NAME app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get "$app" domain) domain=$(ynh_app_setting_get $app domain)
path=$(ynh_app_setting_get "$app" path) path_url=$(ynh_app_setting_get $app path)
user=$(ynh_app_setting_get "$app" user)
is_public=$(ynh_app_setting_get $app is_public) is_public=$(ynh_app_setting_get $app is_public)
final_path=$(ynh_app_setting_get $app final_path)
# Remove trailing "/" for next commands #=================================================
if [[ ! "$path" == "/" ]]; then # ENSURE DOWNWARD COMPATIBILITY
path=${path%/} #=================================================
# Fix is_public as a boolean value
if [ "$is_public" = "Yes" ]; then
ynh_app_setting_set $app is_public 1
is_public=1
elif [ "$is_public" = "No" ]; then
ynh_app_setting_set $app is_public 0
is_public=0
fi fi
# Create system user dedicace for this app # If final_path doesn't exist, create it
if [ -z $final_path ]; then
final_path=/var/www/$app
ynh_app_setting_set $app final_path $final_path
fi
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
# restore it if the upgrade fails
ynh_restore_upgradebackup
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# CHECK THE PATH
#=================================================
# Normalize the URL path syntax
path_url=$(ynh_normalize_url_path $path_url)
#=================================================
# STANDARD UPGRADE STEPS
#=================================================
# NGINX CONFIGURATION
#=================================================
# Create a dedicated nginx config
ynh_add_nginx_config
#=================================================
# CREATE DEDICATED USER
#=================================================
# Create a system user
ynh_system_user_create $app ynh_system_user_create $app
# Init final_path, if ever it got deleted somehow #=================================================
final_path=/var/www/$app # PHP-FPM CONFIGURATION
sudo mkdir -p $final_path #=================================================
# Create a dedicated php-fpm config
ynh_add_fpm_config
#=================================================
# SPECIFIC UPGRADE
#=================================================
# REMOVE OLD FILES
#=================================================
# ??? Maybe julienmalik can explain us why he would remove all this files.
# Clean all files and directory except the data directory # Clean all files and directory except the data directory
ynh_secure_remove $final_path/cfg ynh_secure_remove $final_path/cfg
ynh_secure_remove $final_path/CREDITS.md ynh_secure_remove $final_path/CREDITS.md
@ -43,34 +106,46 @@ ynh_secure_remove $final_path/robots.txt
ynh_secure_remove $final_path/tpl ynh_secure_remove $final_path/tpl
ynh_secure_remove $final_path/data ynh_secure_remove $final_path/data
# Copy files to the right place #=================================================
extract_source $final_path # DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
# Files owned by root, www-data can just read # Download, check integrity, uncompress and patch the source from app.src
sudo find $final_path -type f | xargs sudo chmod 644 ynh_setup_source "$final_path"
sudo find $final_path -type d | xargs sudo chmod 755
sudo chown -R root: $final_path
# except for data and tmp subdir, where www-data must have write permissions #=================================================
sudo mkdir -p $final_path/{data,tmp} # GENERIC FINALIZATION
sudo chown -R $app:root $final_path/{data,tmp} #=================================================
sudo chmod 700 $final_path/{data,tmp} # SECURE FILES AND DIRECTORIES
#=================================================
# Modify Nginx configuration file and copy it to Nginx conf directory # Set permissions to app files
ynh_nginx_config chown -R root: $final_path
# Files owned by user specific can just read
find $final_path -type f | xargs chmod 644
find $final_path -type d | xargs chmod 755
# Create the php-fpm pool config # except for data and tmp subdir, where the user must have write permissions
ynh_fpm_config mkdir -p $final_path/{data,tmp}
chown -R $app:root $final_path/{data,tmp}
chmod 700 $final_path/{data,tmp}
# Set ssowat config #=================================================
if [ "$is_public" = "Yes" ]; then # SETUP SSOWAT
ynh_app_setting_set $app is_public 1 # Fixe is_public en booléen #=================================================
is_public=1
else #=================================================
ynh_app_setting_set $app is_public 0 # SETUP SSOWAT
is_public=0 #=================================================
# If app is public, add url to SSOWat conf as skipped_uris
if [ $is_public -eq 1 ]; then
# unprotected_uris allows SSO credentials to be passed anyway.
ynh_app_setting_set "$app" unprotected_uris "/"
fi fi
# Reload Nginx #=================================================
sudo systemctl reload nginx # RELOAD NGINX
sudo yunohost app ssowatconf #=================================================
systemctl reload nginx