YunoHost/example_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost/example_ynh.git synced 2024-09-03 20:06:13 +02:00
Code Issues Projects Releases Packages Wiki Activity

first set

Browse source 
disign from https://github.com/YunoHost-Apps/my_webapp_ynh
This commit is contained in:
Garwinch 2016-12-04 18:18:23 +01:00 committed by GitHub
parent 499e2811a2
commit 3be1f1c8f4
5 changed files with 231 additions and 191 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

44
scripts/backup
View file

@ -3,31 +3,29 @@
# Exit on command errors and treat unset variables as an error # Exit on command errors and treat unset variables as an error
set -eu set -eu
# See comments in install script # Get multi-instances specific variables
app=$YNH_APP_INSTANCE_NAME app=$YNH_APP_INSTANCE_NAME
# Source YunoHost helpers # Source app helpers
source /usr/share/yunohost/helpers . /usr/share/yunohost/helpers
# Backup sources & data # Retrieve app settings
# Note: the last argument is where to save this path, see the restore script.
ynh_backup "/var/www/${app}" "sources"
### MySQL (remove if not used) ###
# If a MySQL database is used:
# # Dump the database
# dbname=$app
# dbuser=$app
# dbpass=$(ynh_app_setting_get "$app" mysqlpwd)
# mysqldump -u "$dbuser" -p"$dbpass" --no-create-db "$dbname" > ./dump.sql
### MySQL end ###
# Copy NGINX configuration
domain=$(ynh_app_setting_get "$app" domain) domain=$(ynh_app_setting_get "$app" domain)
ynh_backup "/etc/nginx/conf.d/${domain}.d/${app}.conf" "nginx.conf" path=$(ynh_app_setting_get "$app" path)
with_mysql=$(ynh_app_setting_get "$app" with_mysql)
### PHP (remove if not used) ### # Copy the app files
# If a dedicated php-fpm process is used: DESTDIR="/var/www/${app}"
# # Copy PHP-FPM pool configuration ynh_backup "$DESTDIR" "sources" 1
# ynh_backup "/etc/php5/fpm/pool.d/${app}.conf" "php-fpm.conf"
### PHP end ### # Copy the conf files
ynh_backup "/etc/nginx/conf.d/${domain}.d/${app}.conf" "conf/nginx.conf"
ynh_backup "/etc/php5/fpm/pool.d/${app}.conf" "conf/php-fpm.conf"
# Dump the database
if [[ $with_mysql -eq 1 ]]; then
dbname=$app
dbuser=$app
dbpass=$(ynh_app_setting_get "$app" mysqlpwd)
mysqldump -u "$dbuser" -p"$dbpass" --no-create-db "$dbname" > ./dump.sql
fi

153
scripts/install
View file

@ -3,90 +3,103 @@
# Exit on command errors and treat unset variables as an error # Exit on command errors and treat unset variables as an error
set -eu set -eu
# This is a multi-instance app, meaning it can be installed several times independently # Get instances specific variables
# The id of the app as stated in the manifest is available as $YNH_APP_ID
# The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2", ...)
# The app instance name is available as $YNH_APP_INSTANCE_NAME
# - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample
# - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2
# - ynhexample__{N} for the subsequent installations, with N=3,4, ...
# The app instance name is probably what you are interested the most, since this is
# guaranteed to be unique. This is a good unique identifier to define installation path,
# db names, ...
app=$YNH_APP_INSTANCE_NAME app=$YNH_APP_INSTANCE_NAME
# Retrieve arguments # Retrieve arguments
domain=$YNH_APP_ARG_DOMAIN domain=$1
path=$YNH_APP_ARG_PATH path=${2%/}
admin=$YNH_APP_ARG_ADMIN password=$3
is_public=$YNH_APP_ARG_IS_PUBLIC is_public=$4
language=$YNH_APP_ARG_LANGUAGE with_mysql=$5
# Source YunoHost helpers # Source app helpers
source /usr/share/yunohost/helpers . /usr/share/yunohost/helpers
# Save app settings
ynh_app_setting_set "$app" admin "$admin"
ynh_app_setting_set "$app" is_public "$is_public"
ynh_app_setting_set "$app" language "$language"
# Check domain/path availability # Check domain/path availability
sudo yunohost app checkurl "${domain}${path}" -a "$app" \ sudo yunohost app checkurl "${domain}${path}" -a "$app" \
|| ynh_die "Path not available: ${domain}${path}" || exit 1
# Copy source files # Check password strength
src_path=/var/www/$app [[ ${#password} -gt 5 ]] || ynh_die \
sudo mkdir -p $src_path "The password is too weak, it must be longer than 5 characters"
sudo cp -a ../sources/. $src_path
# Set permissions to app files # Check destination directory
# you may need to make some file and/or directory writeable by www-data (nginx user) DESTDIR="/var/www/${app}"
sudo chown -R root: $src_path [[ -d "$DESTDIR" ]] && ynh_die \
"The destination directory '${DESTDIR}' already exists.\
You should safely delete it before installing this app."
### MySQL (can be removed if not used) ### # Save app settings
# If your app use a MySQL database you can use these lines to bootstrap user="webapp${app_nb}"
# a database, an associated user and save the password in app settings. ynh_app_setting_set "$app" is_public "$is_public"
# ynh_app_setting_set "$app" with_mysql "$with_mysql"
# # Generate MySQL password and create database ynh_app_setting_set "$app" password "$password"
# dbuser=$app ynh_app_setting_set "$app" user "$user"
# dbname=$app
# dbpass=$(ynh_string_random 12)
# ynh_app_setting_set "$app" mysqlpwd "$dbpass"
# ynh_mysql_create_db "$dbname" "$dbuser" "$dbpass"
#
# # Load initial SQL into the new database
# ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" \
# < "../sources/sql/mysql.init.sql"
### MySQL end ###
# Modify Nginx configuration file and copy it to Nginx conf directory # Create the user account
nginx_conf=../conf/nginx.conf sudo useradd -c "${app} user account" \
sed -i "s@YNH_WWW_PATH@$path@g" $nginx_conf -d "$DESTDIR" -M -g www-data "$user" \
sed -i "s@YNH_WWW_ALIAS@$src_path/@g" $nginx_conf || ynh_die "Unable to create user account"
# If a dedicated php-fpm process is used: sudo chpasswd <<< "${user}:${password}"
# Don't forget to modify ../conf/nginx.conf accordingly or your app will not work!
# sed -i "s@YNH_WWW_APP@$app@g" $nginx_conf
sudo cp $nginx_conf /etc/nginx/conf.d/$domain.d/$app.conf
### PHP (can be removed if not used) ### # Harden SSH connection for the user
# If a dedicated php-fpm process is used: echo "##-> ${app}
# Don't forget to modify ../conf/php-fpm.conf accordingly or your app will not work! # Hardening user connection
# Match User ${user}
# # Modify PHP-FPM pool configuration and copy it to the pool directory ChrootDirectory %h
# sed -i "s@YNH_WWW_APP@$app@g" ../conf/php-fpm.conf ForceCommand internal-sftp
# sed -i "s@YNH_WWW_ALIAS@$src_path/@g" ../conf/php-fpm.conf AllowTcpForwarding no
# finalphpconf=/etc/php5/fpm/pool.d/$app.conf PermitTunnel no
# sudo cp ../conf/php-fpm.conf $finalphpconf X11Forwarding no
# sudo chown root: $finalphpconf ##<- ${app}" | sudo tee -a /etc/ssh/sshd_config >/dev/null
# sudo chmod 644 $finalphpconf
# sudo service php5-fpm reload
### PHP end ###
# If app is public, add url to SSOWat conf as skipped_uris # Specify the user and the domain in the home page
if [[ $is_public -eq 1 ]]; then sed -i "s@{DOMAIN}@${domain}@g" ../sources/www/index.html
# unprotected_uris allows SSO credentials to be passed anyway. sed -i "s@{USER}@${user}@g" ../sources/www/index.html
ynh_app_setting_set "$app" unprotected_uris "/"
# Initialize database as needed
if [[ $with_mysql -eq 1 ]]; then
dbname=$app
dbuser=$app
dbpass=$(ynh_string_random)
ynh_mysql_create_db "$dbname" "$dbuser" "$dbpass"
# Store the database access
echo -e "# MySQL Database
name: ${dbname}\nuser: ${dbuser}\npass: ${dbpass}" > ../sources/db_access.txt
ynh_app_setting_set "$app" mysqlpwd "$dbpass"
fi fi
# Copy files to the right place and set permissions
sudo cp -r ../sources "$DESTDIR"
sudo chown -hR "${user}:" "$DESTDIR"
# Home directory of the user need to be owned by root to allow
# SFTP connections
sudo chown root: "$DESTDIR"
# Set SSOwat rules
[[ $is_public -eq 1 ]] \
&& ynh_app_setting_set "$app" skipped_uris "/"
# Copy and set nginx configuration
nginx_conf="/etc/nginx/conf.d/${domain}.d/${app}.conf"
sed -i "s@{PATH}@${path}@g" ../conf/nginx.conf
sed -i "s@{LOCATION}@${path:-/}@g" ../conf/nginx.conf
sed -i "s@{DESTDIR}@${DESTDIR}@g" ../conf/nginx.conf
sed -i "s@{POOLNAME}@${app}@g" ../conf/nginx.conf
sudo cp ../conf/nginx.conf "$nginx_conf"
# Copy and set php-fpm configuration
phpfpm_conf="/etc/php5/fpm/pool.d/${app}.conf"
sed -i "s@{USER}@${user}@g" ../conf/php-fpm.conf
sed -i "s@{POOLNAME}@${app}@g" ../conf/php-fpm.conf
sed -i "s@{DESTDIR}@${DESTDIR}@g" ../conf/php-fpm.conf
sudo cp ../conf/php-fpm.conf "$phpfpm_conf"
# Reload services # Reload services
sudo service php5-fpm reload
sudo service nginx reload sudo service nginx reload
sudo service sshd reload

50
scripts/remove
View file

@ -1,34 +1,40 @@
#!/bin/bash #!/bin/bash
# See comments in install script # Get multi-instances specific variables
app=$YNH_APP_INSTANCE_NAME app=$YNH_APP_INSTANCE_NAME
app_nb=$YNH_APP_INSTANCE_NUMBER
# Source YunoHost helpers # Source app helpers
source /usr/share/yunohost/helpers . /usr/share/yunohost/helpers
# Retrieve app settings # Retrieve app settings
domain=$(ynh_app_setting_get "$app" domain) domain=$(ynh_app_setting_get "$app" domain)
with_mysql=$(ynh_app_setting_get "$app" with_mysql)
user=$(ynh_app_setting_get "$app" user)
# Remove sources # Drop MySQL database and user as needed
sudo rm -rf /var/www/$app if [[ $with_mysql -eq 1 ]]; then
dbname=$app
dbuser=$app
dbpass=$(ynh_app_setting_get "$app" mysqlpwd)
ynh_mysql_drop_db $dbname || true
ynh_mysql_drop_user $dbuser || true
fi
# Remove nginx configuration file # Delete app directory and configurations
sudo rm -f /etc/nginx/conf.d/$domain.d/$app.conf sudo rm -rf "/var/www/${app}"
sudo rm -f "/etc/php5/fpm/pool.d/${app}.conf"
[[ -n $domain ]] && sudo rm -f "/etc/nginx/conf.d/${domain}.d/${app}.conf"
### PHP (remove if not used) ### # Remove custom SSH configuration
# If a dedicated php-fpm process is used: sudo sed -i "/##-> ${app}/,/##<- ${app}/d" /etc/ssh/sshd_config
# sudo rm -f /etc/php5/fpm/pool.d/$app.conf
# sudo service php5-fpm reload
### PHP end ###
### MySQL (remove if not used) ### # Reload services
# If a MySQL database is used: sudo service php5-fpm restart || true
# # Drop MySQL database and user sudo service nginx reload || true
# dbname=$app sudo service sshd reload
# dbuser=$app
# ynh_mysql_drop_db "$dbname" || true
# ynh_mysql_drop_user "$dbuser" || true
### MySQL end ###
# Reload nginx service # Remove the user account
sudo service nginx reload id "$user" >/dev/null 2>&1 \
&& sudo deluser --quiet --force "$user" >/dev/null \
|| true

97
scripts/restore
View file

@ -1,52 +1,81 @@
#!/bin/bash #!/bin/bash
# Note: each files and directories you've saved using the ynh_backup helper set -e
# will be located in the current directory, regarding the last argument.
# Exit on command errors and treat unset variables as an error # Get multi-instances specific variables
set -eu
# See comments in install script
app=$YNH_APP_INSTANCE_NAME app=$YNH_APP_INSTANCE_NAME
# Source YunoHost helpers # Source app helpers
source /usr/share/yunohost/helpers . /usr/share/yunohost/helpers
# Retrieve old app settings # Retrieve old app settings
domain=$(ynh_app_setting_get "$app" domain) domain=$(ynh_app_setting_get "$app" domain)
path=$(ynh_app_setting_get "$app" path) path=$(ynh_app_setting_get "$app" path)
with_mysql=$(ynh_app_setting_get "$app" with_mysql)
password=$(ynh_app_setting_get "$app" password)
user=$(ynh_app_setting_get "$app" user)
# Check domain/path availability # Check domain/path availability
sudo yunohost app checkurl "${domain}${path}" -a "$app" \ sudo yunohost app checkurl "${domain}${path}" -a "$app" \
|| ynh_die "Path not available: ${domain}${path}" || exit 1
# Restore sources & data # Check destination directory
src_path="/var/www/${app}" DESTDIR="/var/www/$app"
sudo cp -a ./sources "$src_path" [[ -d $DESTDIR ]] && ynh_die \
"The destination directory '$DESTDIR' already exists.\
You should safely delete it before restoring this app."
# Restore permissions to app files # Check configuration files
# you may need to make some file and/or directory writeable by www-data (nginx user) nginx_conf="/etc/nginx/conf.d/${domain}.d/${app}.conf"
sudo chown -R root: "$src_path" [[ -f $nginx_conf ]] && ynh_die \
"The NGINX configuration already exists at '${nginx_conf}'.
You should safely delete it before restoring this app."
phpfpm_conf="/etc/php5/fpm/pool.d/${app}.conf"
[[ -f $phpfpm_conf ]] && ynh_die \
"The PHP FPM configuration already exists at '${phpfpm_conf}'.
You should safely delete it before restoring this app."
### MySQL (remove if not used) ### # Create the user account
# If a MySQL database is used: sudo useradd -c "${app} user account" \
# # Create and restore the database -d "$DESTDIR" -M -g www-data "$user" \
# dbname=$app || ynh_die "Unable to create user account"
# dbuser=$app sudo chpasswd <<< "${user}:${password}"
# dbpass=$(ynh_app_setting_get "$app" mysqlpwd)
# ynh_mysql_create_db "$dbname" "$dbuser" "$dbpass"
# ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ./dump.sql
### MySQL end ###
# Restore NGINX configuration # Harden SSH connection for the user
sudo cp -a ./nginx.conf "/etc/nginx/conf.d/${domain}.d/${app}.conf" echo "##-> ${app}
# Hardening user connection
Match User ${user}
ChrootDirectory %h
ForceCommand internal-sftp
AllowTcpForwarding no
PermitTunnel no
X11Forwarding no
##<- ${app}" | sudo tee -a /etc/ssh/sshd_config >/dev/null
### PHP (remove if not used) ### # Restore the app files
# If a dedicated php-fpm process is used: sudo cp -a ./sources "$DESTDIR"
# # Copy PHP-FPM pool configuration and reload the service sudo chown -hR "${user}:" "$DESTDIR"
# sudo cp -a ./php-fpm.conf "/etc/php5/fpm/pool.d/${app}.conf"
# sudo service php5-fpm reload
### PHP end ###
# Restart webserver # Home directory of the user need to be owned by root to allow
sudo service nginx reload # SFTP connections
sudo chown root: "$DESTDIR"
# Create and restore the database as needed
if [[ $with_mysql -eq 1 ]]; then
dbname=$app
dbuser=$app
dbpass=$(ynh_app_setting_get "$app" mysqlpwd)
ynh_mysql_create_db "$dbname" "$dbuser" "$dbpass"
[[ -f ./dump.sql ]] \
&& ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ./dump.sql \
|| echo "No MySQL dump has been found" >&2
fi
# Restore configuration files
sudo cp -a ./conf/nginx.conf "$nginx_conf"
sudo cp -a ./conf/php-fpm.conf "$phpfpm_conf"
# Reload services
sudo service php5-fpm reload || true
sudo service nginx reload || true
sudo service sshd reload

78
scripts/upgrade
View file

@ -1,59 +1,53 @@
#!/bin/bash #!/bin/bash
# Exit on command errors and treat unset variables as an error
set -eu set -eu
# See comments in install script # Get multi-instances specific variables
app=$YNH_APP_INSTANCE_NAME app=$YNH_APP_INSTANCE_NAME
# Source YunoHost helpers # Source app helpers
source /usr/share/yunohost/helpers . /usr/share/yunohost/helpers
# Retrieve app settings # Retrieve app settings
domain=$(ynh_app_setting_get "$app" domain) domain=$(ynh_app_setting_get "$app" domain)
path=$(ynh_app_setting_get "$app" path) path=$(ynh_app_setting_get "$app" path)
admin=$(ynh_app_setting_get "$app" admin)
is_public=$(ynh_app_setting_get "$app" is_public)
language=$(ynh_app_setting_get "$app" language)
# Remove trailing "/" for next commands
path=${path%/} path=${path%/}
is_public=$(ynh_app_setting_get "$app" is_public)
with_mysql=$(ynh_app_setting_get "$app" with_mysql)
password=$(ynh_app_setting_get "$app" password)
user=$(ynh_app_setting_get "$app" user)
# Copy source files ([[ -n "$with_mysql" ]] && [[ -n "$password" ]] && [[ -n "$user" ]]) \
src_path=/var/www/$app || ynh_die "The app changed and can not be automatically upgraded. \
sudo mkdir -p $src_path You will have to manually upgrade it following those instructions: \
sudo cp -a ../sources/. $src_path https://github.com/garwinch/Yuno_app_cagette#upgrade"
# Set permissions to app files # Check destination directory
# you may need to make some file and/or directory writeable by www-data (nginx user) DESTDIR="/var/www/$app"
sudo chown -R root: $src_path [[ ! -d $DESTDIR ]] && ynh_die \
"The destination directory '$DESTDIR' does not exist.\
The app is not correctly installed, you should remove it first."
# Modify Nginx configuration file and copy it to Nginx conf directory # Harden SSH connection for the user
nginx_conf=../conf/nginx.conf sudo sed -i "/##-> ${app}/,/##<- ${app}/d" /etc/ssh/sshd_config
sed -i "s@YNH_WWW_PATH@$path@g" $nginx_conf echo "##-> ${app}
sed -i "s@YNH_WWW_ALIAS@$src_path/@g" $nginx_conf # Hardening user connection
# If a dedicated php-fpm process is used: Match User ${user}
# ChrootDirectory %h
# sed -i "s@YNH_WWW_APP@$app@g" $nginx_conf ForceCommand internal-sftp
sudo cp $nginx_conf /etc/nginx/conf.d/$domain.d/$app.conf AllowTcpForwarding no
PermitTunnel no
X11Forwarding no
##<- ${app}" | sudo tee -a /etc/ssh/sshd_config >/dev/null
### PHP (remove if not used) ### # Fix permissions
# If a dedicated php-fpm process is used: sudo chown -hR "${user}:" "$DESTDIR"
# # Modify PHP-FPM pool configuration and copy it to the pool directory
# sed -i "s@YNH_WWW_APP@$app@g" ../conf/php-fpm.conf
# sed -i "s@YNH_WWW_ALIAS@$src_path/@g" ../conf/php-fpm.conf
# finalphpconf=/etc/php5/fpm/pool.d/$app.conf
# sudo cp ../conf/php-fpm.conf $finalphpconf
# sudo chown root: $finalphpconf
# sudo chmod 644 $finalphpconf
# sudo service php5-fpm restart
### PHP end ###
# If app is public, add url to SSOWat conf as skipped_uris # Home directory of the user need to be owned by root to allow
if [[ $is_public -eq 1 ]]; then # SFTP connections
# See install script sudo chown root: "$DESTDIR"
ynh_app_setting_set "$app" unprotected_uris "/"
fi # Set SSOwat rules
[[ $is_public -eq 1 ]] \
&& ynh_app_setting_set "$app" skipped_uris "/"
# Reload nginx service
sudo service nginx reload