#!/bin/bash # Exit on command errors and treat unset variables as an error set -eu # Source app helpers source ./_common source /usr/share/yunohost/helpers app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get "$app" domain) path=$(ynh_app_setting_get "$app" path) user=$(ynh_app_setting_get "$app" user) is_public=$(ynh_app_setting_get $app is_public) # Remove trailing "/" for next commands if [[ ! "$path" == "/" ]]; then path=${path%/} fi # Create system user dedicace for this app ynh_system_user_create $app # Init final_path, if ever it got deleted somehow final_path=/var/www/$app sudo mkdir -p $final_path # Clean all files and directory except the data directory ynh_secure_remove $final_path/cfg ynh_secure_remove $final_path/CREDITS.md ynh_secure_remove $final_path/i18n ynh_secure_remove $final_path/index.php ynh_secure_remove $final_path/js ynh_secure_remove $final_path/README.md ynh_secure_remove $final_path/tmp ynh_secure_remove $final_path/CHANGELOG.md ynh_secure_remove $final_path/css ynh_secure_remove $final_path/favicon.ico ynh_secure_remove $final_path/img ynh_secure_remove $final_path/INSTALL.md ynh_secure_remove $final_path/lib ynh_secure_remove $final_path/robots.txt ynh_secure_remove $final_path/tpl ynh_secure_remove $final_path/data # Copy files to the right place extract_source $final_path # Files owned by root, www-data can just read sudo find $final_path -type f | xargs sudo chmod 644 sudo find $final_path -type d | xargs sudo chmod 755 sudo chown -R root: $final_path # except for data and tmp subdir, where www-data must have write permissions sudo mkdir -p $final_path/{data,tmp} sudo chown -R $app:root $final_path/{data,tmp} sudo chmod 700 $final_path/{data,tmp} # Modify Nginx configuration file and copy it to Nginx conf directory sed -i "s@YNH_WWW_PATH@$path@g" ../conf/nginx.conf sed -i "s@YNH_WWW_ALIAS@$final_path/@g" ../conf/nginx.conf nginxconf=/etc/nginx/conf.d/$domain.d/$app.conf sudo cp ../conf/nginx.conf $nginxconf sudo chown root: $nginxconf sudo chmod 600 $nginxconf # Create the php-fpm pool config ynh_fpm_config # Set ssowat config ynh_app_setting_set "$app" is_public "$is_public" if [ "$is_public" = "Yes" ]; then ynh_app_setting_set "$app" unprotected_uris "/" fi # Reload Nginx sudo systemctl reload nginx sudo yunohost app ssowatconf