From 359fedfa609a067caf74e156654a380cda1be039 Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Fri, 2 Jun 2017 17:46:46 +0200 Subject: [PATCH 01/37] Update app.src --- conf/app.src | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/conf/app.src b/conf/app.src index cc2d6c7..20f3c51 100644 --- a/conf/app.src +++ b/conf/app.src @@ -1,2 +1,6 @@ SOURCE_URL=url of app's source -SOURCE_SUM=md5 or sha1 checksum +SOURCE_SUM=sha256 checksum +SOURCE_SUM_PRG=sha256 +SOURCE_FORMAT=tar.gz +SOURCE_IN_SUBDIR=true +SOURCE_FILENAME= From 4d59043a5968828737abdf4472842fc17a9d6c49 Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Fri, 2 Jun 2017 17:49:54 +0200 Subject: [PATCH 02/37] [enh] Update nginx.conf --- conf/nginx.conf | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/conf/nginx.conf b/conf/nginx.conf index 8c76342..74fc4df 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,7 +1,11 @@ -location YNH_WWW_PATH { +location __PATH__ { # Path to source - alias YNH_WWW_ALIAS ; + alias __FINALPATH__/ ; + + if ($scheme = http) { + rewrite ^ https://$server_name$request_uri? permanent; + } # Example PHP configuration (remove if not used) index index.php; @@ -12,13 +16,14 @@ location YNH_WWW_PATH { try_files $uri $uri/ index.php; location ~ [^/]\.php(/|$) { fastcgi_split_path_info ^(.+?\.php)(/.*)$; - fastcgi_pass unix:/var/run/php5-fpm.sock; - - # Filename to be changed if dedicated php-fpm process is required + fastcgi_pass unix:/var/run/php5-fpm-__NAME__.sock; + + # If you don't use a dedicated fpm config for your app, + # use a general fpm pool. # This is to be used INSTEAD of line above # Don't forget to adjust scripts install/upgrade/remove/backup accordingly # - #fastcgi_pass unix:/var/run/php5-fpm-YNH_WWW_APP.sock; + #fastcgi_pass unix:/var/run/php5-fpm.sock; fastcgi_index index.php; include fastcgi_params; @@ -26,7 +31,7 @@ location YNH_WWW_PATH { fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param SCRIPT_FILENAME $request_filename; } - # PHP configuration end + # PHP configuration end # Include SSOWAT user panel. include conf.d/yunohost_panel.conf.inc; From f9a96d0a290b3460eb5e22484f39f8da8e864e87 Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Fri, 2 Jun 2017 17:55:03 +0200 Subject: [PATCH 03/37] [enh] Update php-fpm --- conf/php-fpm.conf | 287 ++++++++++++++++++++++++++++++++++------------ 1 file changed, 214 insertions(+), 73 deletions(-) diff --git a/conf/php-fpm.conf b/conf/php-fpm.conf index 2061166..8affbc2 100644 --- a/conf/php-fpm.conf +++ b/conf/php-fpm.conf @@ -1,7 +1,7 @@ ; Start a new pool named 'www'. ; the variable $pool can we used in any directive and will be replaced by the ; pool name ('www' here) -[YNH_WWW_APP] +[__NAMETOCHANGE__] ; Per pool prefix ; It only applies on the following directives: @@ -16,6 +16,12 @@ ; Default Value: none ;prefix = /path/to/pools/$pool +; Unix user/group of processes +; Note: The user is mandatory. If the group is not set, the default user's group +; will be used. +user = __USER__ +group = __USER__ + ; The address on which to accept FastCGI requests. ; Valid syntaxes are: ; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific address on @@ -24,12 +30,21 @@ ; specific port; ; '/path/to/unix/socket' - to listen on a unix socket. ; Note: This value is mandatory. -listen = /var/run/php5-fpm-YNH_WWW_APP.sock +listen = /var/run/php5-fpm-__NAMETOCHANGE__.sock ; Set listen(2) backlog. A value of '-1' means unlimited. ; Default Value: 128 (-1 on FreeBSD and OpenBSD) -;listen.backlog = -1 +;listen.backlog = 128 +; Set permissions for unix socket, if one is used. In Linux, read/write +; permissions must be set in order to allow connections from a web server. Many +; BSD-derived systems allow connections regardless of permissions. +; Default Values: user and group are set as the running user +; mode is set to 0660 +listen.owner = www-data +listen.group = www-data +;listen.mode = 0660 + ; List of ipv4 addresses of FastCGI clients which are allowed to connect. ; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original ; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address @@ -38,26 +53,20 @@ listen = /var/run/php5-fpm-YNH_WWW_APP.sock ; Default Value: any ;listen.allowed_clients = 127.0.0.1 -; Set permissions for unix socket, if one is used. In Linux, read/write -; permissions must be set in order to allow connections from a web server. Many -; BSD-derived systems allow connections regardless of permissions. -; Default Values: user and group are set as the running user -; mode is set to 0666 -listen.owner = www-data -listen.group = www-data -listen.mode = 0600 - -; Unix user/group of processes -; Note: The user is mandatory. If the group is not set, the default user's group -; will be used. -user = www-data -group = www-data +; Specify the nice(2) priority to apply to the pool processes (only if set) +; The value can vary from -19 (highest priority) to 20 (lower priority) +; Note: - It will only work if the FPM master process is launched as root +; - The pool processes will inherit the master process priority +; unless it specified otherwise +; Default Value: no set +; priority = -19 ; Choose how the process manager will control the number of child processes. ; Possible Values: ; static - a fixed number (pm.max_children) of child processes; ; dynamic - the number of child processes are set dynamically based on the -; following directives: +; following directives. With this process management, there will be +; always at least 1 children. ; pm.max_children - the maximum number of children that can ; be alive at the same time. ; pm.start_servers - the number of children created on startup. @@ -69,34 +78,46 @@ group = www-data ; state (waiting to process). If the number ; of 'idle' processes is greater than this ; number then some children will be killed. +; ondemand - no children are created at startup. Children will be forked when +; new requests will connect. The following parameter are used: +; pm.max_children - the maximum number of children that +; can be alive at the same time. +; pm.process_idle_timeout - The number of seconds after which +; an idle process will be killed. ; Note: This value is mandatory. pm = dynamic ; The number of child processes to be created when pm is set to 'static' and the -; maximum number of child processes to be created when pm is set to 'dynamic'. +; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'. ; This value sets the limit on the number of simultaneous requests that will be ; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. ; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP -; CGI. -; Note: Used when pm is set to either 'static' or 'dynamic' +; CGI. The below defaults are based on a server without much resources. Don't +; forget to tweak pm.* to fit your needs. +; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' ; Note: This value is mandatory. -pm.max_children = 6 +pm.max_children = 10 ; The number of child processes created on startup. ; Note: Used only when pm is set to 'dynamic' ; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2 -pm.start_servers = 3 +pm.start_servers = 2 ; The desired minimum number of idle server processes. ; Note: Used only when pm is set to 'dynamic' ; Note: Mandatory when pm is set to 'dynamic' -pm.min_spare_servers = 3 +pm.min_spare_servers = 1 ; The desired maximum number of idle server processes. ; Note: Used only when pm is set to 'dynamic' ; Note: Mandatory when pm is set to 'dynamic' -pm.max_spare_servers = 5 +pm.max_spare_servers = 3 +; The number of seconds after which an idle process will be killed. +; Note: Used only when pm is set to 'ondemand' +; Default Value: 10s +;pm.process_idle_timeout = 10s; + ; The number of requests each child process should execute before respawning. ; This can be useful to work around memory leaks in 3rd party libraries. For ; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. @@ -104,38 +125,103 @@ pm.max_spare_servers = 5 pm.max_requests = 500 ; The URI to view the FPM status page. If this value is not set, no URI will be -; recognized as a status page. By default, the status page shows the following -; information: -; accepted conn - the number of request accepted by the pool; +; recognized as a status page. It shows the following informations: ; pool - the name of the pool; -; process manager - static or dynamic; +; process manager - static, dynamic or ondemand; +; start time - the date and time FPM has started; +; start since - number of seconds since FPM has started; +; accepted conn - the number of request accepted by the pool; +; listen queue - the number of request in the queue of pending +; connections (see backlog in listen(2)); +; max listen queue - the maximum number of requests in the queue +; of pending connections since FPM has started; +; listen queue len - the size of the socket queue of pending connections; ; idle processes - the number of idle processes; ; active processes - the number of active processes; -; total processes - the number of idle + active processes. +; total processes - the number of idle + active processes; +; max active processes - the maximum number of active processes since FPM +; has started; ; max children reached - number of times, the process limit has been reached, ; when pm tries to start more children (works only for -; pm 'dynamic') -; The values of 'idle processes', 'active processes' and 'total processes' are -; updated each second. The value of 'accepted conn' is updated in real time. +; pm 'dynamic' and 'ondemand'); +; Value are updated in real time. ; Example output: -; accepted conn: 12073 ; pool: www ; process manager: static -; idle processes: 35 -; active processes: 65 -; total processes: 100 -; max children reached: 1 +; start time: 01/Jul/2011:17:53:49 +0200 +; start since: 62636 +; accepted conn: 190460 +; listen queue: 0 +; max listen queue: 1 +; listen queue len: 42 +; idle processes: 4 +; active processes: 11 +; total processes: 15 +; max active processes: 12 +; max children reached: 0 +; ; By default the status page output is formatted as text/plain. Passing either -; 'html' or 'json' as a query string will return the corresponding output -; syntax. Example: +; 'html', 'xml' or 'json' in the query string will return the corresponding +; output syntax. Example: ; http://www.foo.bar/status ; http://www.foo.bar/status?json ; http://www.foo.bar/status?html +; http://www.foo.bar/status?xml +; +; By default the status page only outputs short status. Passing 'full' in the +; query string will also return status for each pool process. +; Example: +; http://www.foo.bar/status?full +; http://www.foo.bar/status?json&full +; http://www.foo.bar/status?html&full +; http://www.foo.bar/status?xml&full +; The Full status returns for each process: +; pid - the PID of the process; +; state - the state of the process (Idle, Running, ...); +; start time - the date and time the process has started; +; start since - the number of seconds since the process has started; +; requests - the number of requests the process has served; +; request duration - the duration in µs of the requests; +; request method - the request method (GET, POST, ...); +; request URI - the request URI with the query string; +; content length - the content length of the request (only with POST); +; user - the user (PHP_AUTH_USER) (or '-' if not set); +; script - the main script called (or '-' if not set); +; last request cpu - the %cpu the last request consumed +; it's always 0 if the process is not in Idle state +; because CPU calculation is done when the request +; processing has terminated; +; last request memory - the max amount of memory the last request consumed +; it's always 0 if the process is not in Idle state +; because memory calculation is done when the request +; processing has terminated; +; If the process is in Idle state, then informations are related to the +; last request the process has served. Otherwise informations are related to +; the current request being served. +; Example output: +; ************************ +; pid: 31330 +; state: Running +; start time: 01/Jul/2011:17:53:49 +0200 +; start since: 63087 +; requests: 12808 +; request duration: 1250261 +; request method: GET +; request URI: /test_mem.php?N=10000 +; content length: 0 +; user: - +; script: /home/fat/web/docs/php/test_mem.php +; last request cpu: 0.00 +; last request memory: 0 +; +; Note: There is a real-time FPM status monitoring sample web page available +; It's available in: ${prefix}/share/fpm/status.html +; ; Note: The value must start with a leading slash (/). The value can be ; anything, but it may not be a good idea to use the .php extension or it ; may conflict with a real PHP file. ; Default Value: not set -pm.status_path = /fpm-status +;pm.status_path = /status ; The ping URI to call the monitoring page of FPM. If this value is not set, no ; URI will be recognized as a ping page. This could be used to test from outside @@ -147,46 +233,105 @@ pm.status_path = /fpm-status ; anything, but it may not be a good idea to use the .php extension or it ; may conflict with a real PHP file. ; Default Value: not set -ping.path = /ping +;ping.path = /ping ; This directive may be used to customize the response of a ping request. The ; response is formatted as text/plain with a 200 response code. ; Default Value: pong ;ping.response = pong -; The timeout for serving a single request after which the worker process will -; be killed. This option should be used when the 'max_execution_time' ini option -; does not stop script execution for some reason. A value of '0' means 'off'. -; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) -; Default Value: 0 -request_terminate_timeout = 120s +; The access log file +; Default: not set +;access.log = log/$pool.access.log +; The access log format. +; The following syntax is allowed +; %%: the '%' character +; %C: %CPU used by the request +; it can accept the following format: +; - %{user}C for user CPU only +; - %{system}C for system CPU only +; - %{total}C for user + system CPU (default) +; %d: time taken to serve the request +; it can accept the following format: +; - %{seconds}d (default) +; - %{miliseconds}d +; - %{mili}d +; - %{microseconds}d +; - %{micro}d +; %e: an environment variable (same as $_ENV or $_SERVER) +; it must be associated with embraces to specify the name of the env +; variable. Some exemples: +; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e +; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e +; %f: script filename +; %l: content-length of the request (for POST request only) +; %m: request method +; %M: peak of memory allocated by PHP +; it can accept the following format: +; - %{bytes}M (default) +; - %{kilobytes}M +; - %{kilo}M +; - %{megabytes}M +; - %{mega}M +; %n: pool name +; %o: ouput header +; it must be associated with embraces to specify the name of the header: +; - %{Content-Type}o +; - %{X-Powered-By}o +; - %{Transfert-Encoding}o +; - .... +; %p: PID of the child that serviced the request +; %P: PID of the parent of the child that serviced the request +; %q: the query string +; %Q: the '?' character if query string exists +; %r: the request URI (without the query string, see %q and %Q) +; %R: remote IP address +; %s: status (response code) +; %t: server time the request was received +; it can accept a strftime(3) format: +; %d/%b/%Y:%H:%M:%S %z (default) +; %T: time the log has been written (the request has finished) +; it can accept a strftime(3) format: +; %d/%b/%Y:%H:%M:%S %z (default) +; %u: remote user +; +; Default: "%R - %u %t \"%m %r\" %s" +;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%" + +; The log file for slow requests +; Default Value: not set +; Note: slowlog is mandatory if request_slowlog_timeout is set +slowlog = /var/log/nginx/__NAMETOCHANGE__.slow.log + ; The timeout for serving a single request after which a PHP backtrace will be ; dumped to the 'slowlog' file. A value of '0s' means 'off'. ; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) ; Default Value: 0 request_slowlog_timeout = 5s - -; The log file for slow requests -; Default Value: not set -; Note: slowlog is mandatory if request_slowlog_timeout is set -slowlog = /var/log/nginx/YNH_WWW_APP.slow.log - + +; The timeout for serving a single request after which the worker process will +; be killed. This option should be used when the 'max_execution_time' ini option +; does not stop script execution for some reason. A value of '0' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +request_terminate_timeout = 1d + ; Set open file descriptor rlimit. ; Default Value: system defined value -rlimit_files = 4096 - +;rlimit_files = 1024 + ; Set max core size rlimit. ; Possible Values: 'unlimited' or an integer greater or equal to 0 ; Default Value: system defined value -rlimit_core = 0 - +;rlimit_core = 0 + ; Chroot to this directory at the start. This value must be defined as an ; absolute path. When this value is not set, chroot is not used. ; Note: you can prefix with '$prefix' to chroot to the pool prefix or one ; of its subdirectories. If the pool prefix is not set, the global prefix ; will be used instead. -; Note: chrooting is a great security feature and should be used whenever +; Note: chrooting is a great security feature and should be used whenever ; possible. However, all PHP paths will be relative to the chroot ; (error_log, sessions.save_path, ...). ; Default Value: not set @@ -195,7 +340,7 @@ rlimit_core = 0 ; Chdir to this directory at the start. ; Note: relative path can be used. ; Default Value: current directory or / when chroot -chdir = /var/www/YNH_WWW_ALIAS +chdir = __FINALPATH__ ; Redirect worker stdout and stderr into main error log. If not set, stdout and ; stderr will be redirected to /dev/null according to FastCGI specs. @@ -204,6 +349,14 @@ chdir = /var/www/YNH_WWW_ALIAS ; Default Value: no catch_workers_output = yes +; Limits the extensions of the main script FPM will allow to parse. This can +; prevent configuration mistakes on the web server side. You should only limit +; FPM to .php extensions to prevent malicious users to use other extensions to +; exectute php code. +; Note: set an empty value to allow all extensions. +; Default Value: .php +;security.limit_extensions = .php .php3 .php4 .php5 + ; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from ; the current environment. ; Default Value: clean env @@ -217,7 +370,7 @@ catch_workers_output = yes ; overwrite the values previously defined in the php.ini. The directives are the ; same as the PHP SAPI: ; php_value/php_flag - you can set classic ini defines which can -; be overwritten from PHP call 'ini_set'. +; be overwritten from PHP call 'ini_set'. ; php_admin_value/php_admin_flag - these directives won't be overwritten by ; PHP call 'ini_set' ; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no. @@ -237,15 +390,3 @@ catch_workers_output = yes ;php_admin_value[error_log] = /var/log/fpm-php.www.log ;php_admin_flag[log_errors] = on ;php_admin_value[memory_limit] = 32M - -# Common values to change to increase file upload limit -;php_value[upload_max_filesize] = 50M -;php_value[post_max_size] = 50M -;php_value[mail.add_x_header] = Off - -# Other common parameters -;php_value[max_execution_time] = 600 -;php_value[max_input_time] = 300 -;php_value[memory_limit] = 256M -;php_value[short_open_tag] = On - From 4812b4cfbf940a30dd73964e24d3033e8e4a543b Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Fri, 2 Jun 2017 17:57:12 +0200 Subject: [PATCH 04/37] [enh] Add a php-fpm.ini file --- conf/php-fpm.ini | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 conf/php-fpm.ini diff --git a/conf/php-fpm.ini b/conf/php-fpm.ini new file mode 100644 index 0000000..27a4207 --- /dev/null +++ b/conf/php-fpm.ini @@ -0,0 +1,10 @@ +# Common values to change to increase file upload limit +; upload_max_filesize = 50M +; post_max_size = 50M +; mail.add_x_header = Off + +# Other common parameters +; max_execution_time = 600 +; max_input_time = 300 +; memory_limit = 256M +; short_open_tag = On From a01ee6cbe268afb8a311ddf9133251ce8d6ed252 Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Fri, 2 Jun 2017 18:03:28 +0200 Subject: [PATCH 05/37] [enh] Default check_process --- check_process | 40 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) create mode 100644 check_process diff --git a/check_process b/check_process new file mode 100644 index 0000000..030355f --- /dev/null +++ b/check_process @@ -0,0 +1,40 @@ +# See here for more informations +# https://github.com/YunoHost/package_check#syntax-check_process-file +;; Test complet + ; Manifest + domain="domain.tld" (DOMAIN) + path="/path" (PATH) + admin="john" (USER) + language="fr" + is_public=1 (PUBLIC|public=1|private=0) + password="pass" + port="666" (PORT) + ; Checks + pkg_linter=1 + setup_sub_dir=1 + setup_root=1 + setup_nourl=0 + setup_private=1 + setup_public=1 + upgrade=1 + backup_restore=1 + multi_instance=1 + incorrect_path=1 + port_already_use=1 + change_url=0 +;;; Levels + Level 1=auto + Level 2=auto + Level 3=auto +# Level 4: + Level 4=0 +# Level 5: + Level 5=auto + Level 6=auto + Level 7=auto + Level 8=0 + Level 9=0 + Level 10=0 +;;; Options +Email= +Notification=none From 50b1b9acfda62cbdf7719fb58cd6c466ba0979a8 Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Fri, 2 Jun 2017 18:05:09 +0200 Subject: [PATCH 06/37] [enh] Add extra_files directory --- sources/extra_files/.gitignore | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 sources/extra_files/.gitignore diff --git a/sources/extra_files/.gitignore b/sources/extra_files/.gitignore new file mode 100644 index 0000000..783a4ae --- /dev/null +++ b/sources/extra_files/.gitignore @@ -0,0 +1,2 @@ +*~ +*.sw[op] From 66022393366c62eb48efbbe46d89c6c15d2b80ba Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Fri, 2 Jun 2017 18:06:31 +0200 Subject: [PATCH 07/37] [Enh] Add patches directory --- sources/patches/.gitignore | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 sources/patches/.gitignore diff --git a/sources/patches/.gitignore b/sources/patches/.gitignore new file mode 100644 index 0000000..783a4ae --- /dev/null +++ b/sources/patches/.gitignore @@ -0,0 +1,2 @@ +*~ +*.sw[op] From ea1e9f4f10736ac84fbd2b5a9940d9e28545c892 Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Fri, 2 Jun 2017 18:23:51 +0200 Subject: [PATCH 08/37] [enh] Upgrade install --- scripts/install | 244 +++++++++++++++++++++++++++++++++++------------- 1 file changed, 177 insertions(+), 67 deletions(-) diff --git a/scripts/install b/scripts/install index a9e6add..e4da182 100755 --- a/scripts/install +++ b/scripts/install @@ -1,7 +1,30 @@ #!/bin/bash -# Exit on command errors and treat unset variables as an error -set -eu +#================================================= +# GENERIC STARTING +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +source _common.sh +source /usr/share/yunohost/helpers + +#================================================= +# MANAGE FAILURE OF THE SCRIPT +#================================================= + +# Exit if an error occurs during the execution of the script. +ynh_abort_if_errors + +#================================================= +# RETRIEVE ARGUMENTS FROM THE MANIFEST +#================================================= + +domain=$YNH_APP_ARG_DOMAIN +path_url=$YNH_APP_ARG_PATH +admin=$YNH_APP_ARG_ADMIN +is_public=$YNH_APP_ARG_IS_PUBLIC +language=$YNH_APP_ARG_LANGUAGE # This is a multi-instance app, meaning it can be installed several times independently # The id of the app as stated in the manifest is available as $YNH_APP_ID @@ -15,78 +38,165 @@ set -eu # db names, ... app=$YNH_APP_INSTANCE_NAME -# Retrieve arguments -domain=$YNH_APP_ARG_DOMAIN -path_url=$YNH_APP_ARG_PATH -admin=$YNH_APP_ARG_ADMIN -is_public=$YNH_APP_ARG_IS_PUBLIC -language=$YNH_APP_ARG_LANGUAGE +#================================================= +# CHECK IF THE APP CAN BE INSTALLED WITH THIS ARGS +#================================================= -# Source YunoHost helpers -source /usr/share/yunohost/helpers +# Normalize the url path syntax +path_url=$(ynh_normalize_url_path $path_url) -# Save app settings -ynh_app_setting_set "$app" admin "$admin" -ynh_app_setting_set "$app" is_public "$is_public" -ynh_app_setting_set "$app" language "$language" +# Check availability of a web path +ynh_webpath_available $domain $path_url +# Register/book a web path for an app +ynh_webpath_register $app $domain $path_url -# Check domain/path availability -sudo yunohost app checkurl "${domain}${path_url}" -a "$app" \ - || ynh_die "Path not available: ${domain}${path_url}" +final_path=/var/www/$app +test ! -e "$final_path" || ynh_die "This path already contains a folder" -# Copy source files -src_path=/var/www/$app -sudo mkdir -p $src_path -sudo cp -a ../sources/. $src_path +#================================================= +# STORE SETTINGS FROM MANIFEST +#================================================= -# Set permissions to app files -# you may need to make some file and/or directory writeable by www-data (nginx user) -sudo chown -R root: $src_path +ynh_app_setting_set $app domain $domain +ynh_app_setting_set $app path $path_url +ynh_app_setting_set $app admin $admin +ynh_app_setting_set $app is_public $is_public +ynh_app_setting_set $app language $language + +#================================================= +# STANDARD MODIFICATIONS +#================================================= +# FIND AND OPEN A PORT +#================================================= + +# Find a free port +port=$(ynh_find_port 8095) +# Open this port +sudo yunohost firewall allow --no-upnp TCP $port 2>&1 +ynh_app_setting_set $app port $port -### MySQL (can be removed if not used) ### +#================================================= +# INSTALL DEPENDENCIES +#================================================= + +ynh_install_app_dependencies deb1 deb2 + +#================================================= +# CREATE A SQL BDD +#================================================= # If your app use a MySQL database you can use these lines to bootstrap # a database, an associated user and save the password in app settings. -# -# # Generate MySQL password and create database -# dbuser=$app -# dbname=$app -# dbpass=$(ynh_string_random 12) -# ynh_app_setting_set "$app" mysqlpwd "$dbpass" -# ynh_mysql_create_db "$dbname" "$dbuser" "$dbpass" -# -# # Load initial SQL into the new database -# ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" \ -# < "../sources/sql/mysql.init.sql" -### MySQL end ### - -# Modify Nginx configuration file and copy it to Nginx conf directory -nginx_conf=../conf/nginx.conf -sed -i "s@YNH_WWW_PATH@$path_url@g" $nginx_conf -sed -i "s@YNH_WWW_ALIAS@$src_path/@g" $nginx_conf -# If a dedicated php-fpm process is used: -# Don't forget to modify ../conf/nginx.conf accordingly or your app will not work! -# sed -i "s@YNH_WWW_APP@$app@g" $nginx_conf -sudo cp $nginx_conf /etc/nginx/conf.d/$domain.d/$app.conf - -### PHP (can be removed if not used) ### -# If a dedicated php-fpm process is used: -# Don't forget to modify ../conf/php-fpm.conf accordingly or your app will not work! -# -# # Modify PHP-FPM pool configuration and copy it to the pool directory -# sed -i "s@YNH_WWW_APP@$app@g" ../conf/php-fpm.conf -# sed -i "s@YNH_WWW_ALIAS@$src_path/@g" ../conf/php-fpm.conf -# finalphpconf=/etc/php5/fpm/pool.d/$app.conf -# sudo cp ../conf/php-fpm.conf $finalphpconf -# sudo chown root: $finalphpconf -# sudo chmod 644 $finalphpconf -# sudo service php5-fpm reload -### PHP end ### - -# If app is public, add url to SSOWat conf as skipped_uris -if [[ $is_public -eq 1 ]]; then - # unprotected_uris allows SSO credentials to be passed anyway. - ynh_app_setting_set "$app" unprotected_uris "/" + +db_name=$(ynh_sanitize_dbid $app) +ynh_app_setting_set $app db_name $db_name +ynh_mysql_setup_db $db_name $db_name + +#================================================= +# DOWNLOAD, CHECK AND UNPACK SOURCE +#================================================= + +ynh_app_setting_set $app final_path $final_path +# Download, check integrity, uncompress and patch the source from app.src +ynh_setup_source "$final_path" + +#================================================= +# NGINX CONFIGURATION +#================================================= + +# Create a dedicated nginx config +ynh_nginx_config + +#================================================= +# CREATE DEDICATED USER +#================================================= + +# Create a system user +ynh_system_user_create $app + +#================================================= +# PHP-FPM CONFIGURATION +#================================================= + +# Create a dedicated php-fpm config +ynh_fpm_config + +#================================================= +# SPECIFIC SETUP +#================================================= +# ... +#================================================= + +#================================================= +# SETUP SYSTEMD +#================================================= + +# Create a dedicated systemd config +ynh_systemd_config + +#================================================= +# SETTING UP WITH CURL +#================================================= + +# Set right permissions for curl install +sudo chown -R $app: $final_path + +# Put the app public for curl +ynh_app_setting_set $app unprotected_uris "/" +# Reload SSOwat config +sudo yunohost app ssowatconf + +# Reload Nginx +sudo systemctl reload nginx + +# Installation with curl +ynh_local_curl "/INSTALL_PATH" "key1=value1" "key2=value2" "key3=value3" + +#================================================= +# STORE THE CHECKSUM OF THE CONFIG FILE +#================================================= + +# Calculate and store the config file checksum into the app settings +ynh_store_file_checksum "$final_path/CONFIG_FILE" + +#================================================= +# GENERIC FINALISATION +#================================================= +# SECURING FILES AND DIRECTORIES +#================================================= + +# Set permissions to app files +sudo chown -R root: $final_path + +#================================================= +# SETUP LOGROTATE +#================================================= + +# Use logrotate to manage the logfile +ynh_use_logrotate + +#================================================= +# ENABLE SERVICE IN ADMIN PANEL +#================================================= + +sudo yunohost service add NAME_INIT.D --log "/var/log/FILE.log" + +#================================================= +# SETUP SSOWAT +#================================================= + +if [ $is_public -eq 0 ] +then # Remove the public access + ynh_app_setting_delete $app skipped_uris +fi +# Make app public if necessary +if [ $is_public -eq 1 ] +then + # unprotected_uris allows SSO credentials to be passed anyway. + ynh_app_setting_set $app unprotected_uris "/" fi -# Reload services -sudo service nginx reload +#================================================= +# RELOAD NGINX +#================================================= + +sudo systemctl reload nginx From 2d44b31306df8e9620cd931b4c5abb05f4345c9e Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Fri, 2 Jun 2017 18:25:33 +0200 Subject: [PATCH 09/37] Remove _common.sh --- scripts/install | 1 - 1 file changed, 1 deletion(-) diff --git a/scripts/install b/scripts/install index e4da182..4f1b36c 100755 --- a/scripts/install +++ b/scripts/install @@ -6,7 +6,6 @@ # IMPORT GENERIC HELPERS #================================================= -source _common.sh source /usr/share/yunohost/helpers #================================================= From f89431e9fdade414ec2208bde677e149a2a72976 Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Fri, 2 Jun 2017 18:28:20 +0200 Subject: [PATCH 10/37] [enh] Upgrade backup --- scripts/backup | 92 ++++++++++++++++++++++++++++++++++++-------------- 1 file changed, 67 insertions(+), 25 deletions(-) diff --git a/scripts/backup b/scripts/backup index af8ccd9..1aa253f 100755 --- a/scripts/backup +++ b/scripts/backup @@ -1,33 +1,75 @@ #!/bin/bash +#================================================= +# GENERIC STARTING +#================================================= +# MANAGE FAILURE OF THE SCRIPT +#================================================= + # Exit on command errors and treat unset variables as an error set -eu -# See comments in install script -app=$YNH_APP_INSTANCE_NAME +#================================================= +# IMPORT GENERIC HELPERS +#================================================= -# Source YunoHost helpers source /usr/share/yunohost/helpers -# Backup sources & data -# Note: the last argument is where to save this path, see the restore script. -ynh_backup "/var/www/${app}" "sources" - -### MySQL (remove if not used) ### -# If a MySQL database is used: -# # Dump the database -# dbname=$app -# dbuser=$app -# dbpass=$(ynh_app_setting_get "$app" mysqlpwd) -# mysqldump -u "$dbuser" -p"$dbpass" --no-create-db "$dbname" > ./dump.sql -### MySQL end ### - -# Copy NGINX configuration -domain=$(ynh_app_setting_get "$app" domain) -ynh_backup "/etc/nginx/conf.d/${domain}.d/${app}.conf" "nginx.conf" - -### PHP (remove if not used) ### -# If a dedicated php-fpm process is used: -# # Copy PHP-FPM pool configuration -# ynh_backup "/etc/php5/fpm/pool.d/${app}.conf" "php-fpm.conf" -### PHP end ### +#================================================= +# LOAD SETTINGS +#================================================= + +app=$YNH_APP_INSTANCE_NAME + +final_path=$(ynh_app_setting_get $app final_path) +domain=$(ynh_app_setting_get $app domain) +db_name=$(ynh_app_setting_get $app db_name) +db_pwd=$(ynh_app_setting_get $app mysqlpwd) + +#================================================= +# STANDARD BACKUP STEPS +#================================================= +# BACKUP OF THE MAIN DIR OF THE APP +#================================================= + +new_ynh_backup "$final_path" + +#================================================= +# BACKUP OF THE NGINX CONFIGURATION +#================================================= + +new_ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf" + +#================================================= +# BACKUP OF THE PHP-FPM CONFIGURATION +#================================================= + +new_ynh_backup "/etc/php5/fpm/pool.d/$app.conf" +new_ynh_backup "/etc/php5/fpm/conf.d/20-$app.ini" + +#================================================= +# BACKUP OF THE SQL BDD +#================================================= + +ynh_mysql_dump_db "$db_name" > db.sql +new_ynh_backup "db.sql" + +#================================================= +# SPECIFIC BACKUP +#================================================= +# BACKUP LOGROTATE +#================================================= + +new_ynh_backup "/etc/logrotate.d/$app" + +#================================================= +# BACKUP SYSTEMD +#================================================= + +new_ynh_backup "/etc/systemd/system/$app.service" + +#================================================= +# BACKUP OF THE CRON FILE +#================================================= + +new_ynh_backup "/etc/cron.d/$app" From 2306b93a05d6443339ede283445eb0a9d960392b Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Fri, 2 Jun 2017 18:34:13 +0200 Subject: [PATCH 11/37] [enh] Upgrade remove --- scripts/remove | 128 +++++++++++++++++++++++++++++++++++++++---------- 1 file changed, 104 insertions(+), 24 deletions(-) diff --git a/scripts/remove b/scripts/remove index 59ef331..d709e2c 100755 --- a/scripts/remove +++ b/scripts/remove @@ -1,34 +1,114 @@ #!/bin/bash -# See comments in install script -app=$YNH_APP_INSTANCE_NAME +#================================================= +# GENERIC STARTING +#================================================= +# IMPORT GENERIC HELPERS +#================================================= -# Source YunoHost helpers source /usr/share/yunohost/helpers -# Retrieve app settings -domain=$(ynh_app_setting_get "$app" domain) +#================================================= +# LOAD SETTINGS +#================================================= + +app=$YNH_APP_INSTANCE_NAME + +domain=$(ynh_app_setting_get $app domain) +port=$(ynh_app_setting_get $app port) +db_name=$(ynh_app_setting_get $app db_name) + +#================================================= +# STANDARD REMOVE +#================================================= +# STOP AND REMOVE SERVICE +#================================================= + +# Remove the dedicated systemd config +ynh_remove_systemd_config + +#================================================= +# DISABLE SERVICE IN ADMIN PANEL +#================================================= + +if sudo yunohost service status | grep -q $app +then + echo "Remove $app service" + sudo yunohost service remove $app +fi + +#================================================= +# REMOVE DEPENDENCIES +#================================================= + +# Remove fake package and its dependencies +ynh_remove_app_dependencies + +#================================================= +# REMOVE THE SQL BDD +#================================================= + +# Remove a database if it exists, and the associated user +ynh_mysql_remove_db $db_name $db_name + +#================================================= +# REMOVE THE MAIN DIR OF THE APP +#================================================= + +# Remove the app directory securely +ynh_secure_remove "/var/www/$app" + +#================================================= +# REMOVE THE NGINX CONFIGURATION +#================================================= + +# Remove the dedicated nginx config +ynh_remove_nginx_config + +#================================================= +# REMOVE THE PHP-FPM CONFIGURATION +#================================================= + +# Remove the dedicated php-fpm config +ynh_remove_fpm_config + +#================================================= +# REMOVE THE LOGROTATE CONFIG +#================================================= + +# Remove the app's logrotate config. +ynh_remove_logrotate + +#================================================= +# CLOSE A PORT +#================================================= + +if sudo yunohost firewall list | grep -q "\- $port$" +then + echo "Close port $port" + QUIET sudo yunohost firewall disallow TCP $port +fi + +#================================================= +# SPECIFIC REMOVE +#================================================= +# REMOVE THE CRON FILE +#================================================= -# Remove sources -sudo rm -rf /var/www/$app +# Remove a cron file +ynh_secure_remove "/etc/cron.d/$app" -# Remove nginx configuration file -sudo rm -f /etc/nginx/conf.d/$domain.d/$app.conf +# Remove a directory securely +ynh_secure_remove "/etc/$app/" -### PHP (remove if not used) ### -# If a dedicated php-fpm process is used: -# sudo rm -f /etc/php5/fpm/pool.d/$app.conf -# sudo service php5-fpm reload -### PHP end ### +# Remove the log files +ynh_secure_remove "/var/log/$app/" -### MySQL (remove if not used) ### -# If a MySQL database is used: -# # Drop MySQL database and user -# dbname=$app -# dbuser=$app -# ynh_mysql_drop_db "$dbname" || true -# ynh_mysql_drop_user "$dbuser" || true -### MySQL end ### +#================================================= +# GENERIC FINALISATION +#================================================= +# REMOVE DEDICATED USER +#================================================= -# Reload nginx service -sudo service nginx reload +# Delete a system user +ynh_system_user_delete $app From 54cadaf5fec11b89df77299d1fb6f9c2927f28ad Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Fri, 2 Jun 2017 18:37:25 +0200 Subject: [PATCH 12/37] [enh] Upgrade restore --- scripts/restore | 146 +++++++++++++++++++++++++++++++++++------------- 1 file changed, 108 insertions(+), 38 deletions(-) diff --git a/scripts/restore b/scripts/restore index 93169e9..9eede1d 100755 --- a/scripts/restore +++ b/scripts/restore @@ -1,52 +1,122 @@ #!/bin/bash -# Note: each files and directories you've saved using the ynh_backup helper -# will be located in the current directory, regarding the last argument. +#================================================= +# GENERIC STARTING +#================================================= +# MANAGE FAILURE OF THE SCRIPT +#================================================= # Exit on command errors and treat unset variables as an error set -eu -# See comments in install script -app=$YNH_APP_INSTANCE_NAME +#================================================= +# IMPORT GENERIC HELPERS +#================================================= -# Source YunoHost helpers source /usr/share/yunohost/helpers -# Retrieve old app settings -domain=$(ynh_app_setting_get "$app" domain) -path_url=$(ynh_app_setting_get "$app" path_url) +#================================================= +# LOAD SETTINGS +#================================================= + +app=$YNH_APP_INSTANCE_NAME + +domain=$(ynh_app_setting_get $app domain) +path_url=$(ynh_app_setting_get $app path) +final_path=$(ynh_app_setting_get $app final_path) +db_name=$(ynh_app_setting_get $app db_name) + +#================================================= +# CHECK IF THE APP CAN BE RESTORED +#================================================= -# Check domain/path availability sudo yunohost app checkurl "${domain}${path_url}" -a "$app" \ - || ynh_die "Path not available: ${domain}${path_url}" + || ynh_die "Path not available: ${domain}${path_url}" +test ! -d $final_path \ + || ynh_die "There is already a directory: $final_path " + +#================================================= +# STANDARD RESTORE STEPS +#================================================= +# RESTORE OF THE NGINX CONFIGURATION +#================================================= + +ynh_restore_file "/etc/nginx/conf.d/$domain.d/$app.conf" -# Restore sources & data -src_path="/var/www/${app}" -sudo cp -a ./sources "$src_path" +#================================================= +# RESTORE OF THE MAIN DIR OF THE APP +#================================================= + +ynh_restore_file "$final_path" + +#================================================= +# RESTORE OF THE SQL BDD +#================================================= + +db_pwd=$(ynh_app_setting_get $app mysqlpwd) +ynh_mysql_setup_db $db_name $db_name $db_pwd +ynh_mysql_connect_as $db_name $db_pwd $db_name < ./db.sql + +#================================================= +# RECREATE OF THE DEDICATED USER +#================================================= + +# Recreate the dedicated user, if not exist +ynh_system_user_create $app + +#================================================= +# RESTORE USER RIGHTS +#================================================= # Restore permissions to app files -# you may need to make some file and/or directory writeable by www-data (nginx user) -sudo chown -R root: "$src_path" - -### MySQL (remove if not used) ### -# If a MySQL database is used: -# # Create and restore the database -# dbname=$app -# dbuser=$app -# dbpass=$(ynh_app_setting_get "$app" mysqlpwd) -# ynh_mysql_create_db "$dbname" "$dbuser" "$dbpass" -# ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ./dump.sql -### MySQL end ### - -# Restore NGINX configuration -sudo cp -a ./nginx.conf "/etc/nginx/conf.d/${domain}.d/${app}.conf" - -### PHP (remove if not used) ### -# If a dedicated php-fpm process is used: -# # Copy PHP-FPM pool configuration and reload the service -# sudo cp -a ./php-fpm.conf "/etc/php5/fpm/pool.d/${app}.conf" -# sudo service php5-fpm reload -### PHP end ### - -# Restart webserver -sudo service nginx reload +sudo chown -R root: $final_path + +#================================================= +# RESTORE OF THE PHP-FPM CONFIGURATION +#================================================= + +ynh_restore_file "/etc/php5/fpm/pool.d/$app.conf" +ynh_restore_file "/etc/php5/fpm/conf.d/20-$app.ini" + +#================================================= +# SPECIFIC RESTORE +#================================================= +# REINSTALL DEPENDENCIES +#================================================= + +# Define and install dependencies with a equivs control file +ynh_install_app_dependencies deb1 deb2 + +#================================================= +# ENABLE SERVICE IN ADMIN PANEL +#================================================= + +sudo yunohost service add $app --log "/var/log/$app/APP.log" + +#================================================= +# RESTORE SYSTEMD +#================================================= + +ynh_restore_file "/etc/systemd/system/$app.service" +sudo systemctl enable $app.service + +#================================================= +# RESTORE OF THE CRON FILE +#================================================= + +ynh_restore_file "/etc/cron.d/$app" + +#================================================= +# BACKUP OF THE LOGROTATE CONFIGURATION +#================================================= + +ynh_restore_file "/etc/logrotate.d/$app" + +#================================================= +# GENERIC FINALISATION +#================================================= +# RELOAD NGINX AND PHP-FPM +#================================================= + +sudo systemctl reload php5-fpm +sudo systemctl reload nginx From 0b61391adeda8c9d9dff5aaa8e3f5a42eb5cd262 Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Fri, 2 Jun 2017 18:44:37 +0200 Subject: [PATCH 13/37] [enh] Upgrade upgrade script --- scripts/upgrade | 175 ++++++++++++++++++++++++++++++++++-------------- 1 file changed, 124 insertions(+), 51 deletions(-) diff --git a/scripts/upgrade b/scripts/upgrade index 2dffa9f..806eae6 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -1,59 +1,132 @@ #!/bin/bash -# Exit on command errors and treat unset variables as an error -set -eu +#================================================= +# GENERIC STARTING +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +source /usr/share/yunohost/helpers + +#================================================= +# LOAD SETTINGS +#================================================= -# See comments in install script app=$YNH_APP_INSTANCE_NAME -# Source YunoHost helpers -source /usr/share/yunohost/helpers +domain=$(ynh_app_setting_get $app domain) +path_url=$(ynh_app_setting_get $app path) +admin=$(ynh_app_setting_get $app admin) +is_public=$(ynh_app_setting_get $app is_public) +final_path=$(ynh_app_setting_get $app final_path) +port=$(ynh_app_setting_get $app port) +db_name=$(ynh_app_setting_get $app db_name) + +#================================================= +# FIX OLD THINGS +#================================================= + +if [ "$is_public" = "Yes" ]; then + ynh_app_setting_set $app is_public 1 # Fix is_public as a boolean value + is_public=1 +elif [ "$is_public" = "No" ]; then + ynh_app_setting_set $app is_public 0 + is_public=0 +fi + +if [ -z $db_name ]; then # If db_name doesn't exist, create it + db_name=$(ynh_sanitize_dbid $app) + ynh_app_setting_set $app db_name $db_name +fi + +#================================================= +# CHECK THE PATH +#================================================= + +# Normalize the url path syntax +path_url=$(ynh_normalize_url_path $path_url) + +#================================================= +# STANDARD UPGRADE STEPS +#================================================= +# DOWNLOAD, CHECK AND UNPACK SOURCE +#================================================= + +# Download, check integrity, uncompress and patch the source from app.src +ynh_setup_source "$final_path" + +#================================================= +# NGINX CONFIGURATION +#================================================= + +# Create a dedicated nginx config +ynh_nginx_config -# Retrieve app settings -domain=$(ynh_app_setting_get "$app" domain) -path_url=$(ynh_app_setting_get "$app" path_url) -admin=$(ynh_app_setting_get "$app" admin) -is_public=$(ynh_app_setting_get "$app" is_public) -language=$(ynh_app_setting_get "$app" language) - -# Remove trailing "/" for next commands -path_url=${path_url%/} - -# Copy source files -src_path=/var/www/$app -sudo mkdir -p $src_path -sudo cp -a ../sources/. $src_path - -# Set permissions to app files -# you may need to make some file and/or directory writeable by www-data (nginx user) -sudo chown -R root: $src_path - -# Modify Nginx configuration file and copy it to Nginx conf directory -nginx_conf=../conf/nginx.conf -sed -i "s@YNH_WWW_PATH@$path_url@g" $nginx_conf -sed -i "s@YNH_WWW_ALIAS@$src_path/@g" $nginx_conf -# If a dedicated php-fpm process is used: -# -# sed -i "s@YNH_WWW_APP@$app@g" $nginx_conf -sudo cp $nginx_conf /etc/nginx/conf.d/$domain.d/$app.conf - -### PHP (remove if not used) ### -# If a dedicated php-fpm process is used: -# # Modify PHP-FPM pool configuration and copy it to the pool directory -# sed -i "s@YNH_WWW_APP@$app@g" ../conf/php-fpm.conf -# sed -i "s@YNH_WWW_ALIAS@$src_path/@g" ../conf/php-fpm.conf -# finalphpconf=/etc/php5/fpm/pool.d/$app.conf -# sudo cp ../conf/php-fpm.conf $finalphpconf -# sudo chown root: $finalphpconf -# sudo chmod 644 $finalphpconf -# sudo service php5-fpm restart -### PHP end ### - -# If app is public, add url to SSOWat conf as skipped_uris -if [[ $is_public -eq 1 ]]; then - # See install script - ynh_app_setting_set "$app" unprotected_uris "/" +#================================================= +# CREATE DEDICATED USER +#================================================= + +# Create a system user +ynh_system_user_create $app + +#================================================= +# PHP-FPM CONFIGURATION +#================================================= + +# Create a dedicated php-fpm config +ynh_fpm_config + +#================================================= +# SPECIFIC UPGRADE +#================================================= +# ... +#================================================= + +# Verify the checksum and backup the file if it's different +ynh_backup_if_checksum_is_different "$final_path/CONFIG_FILE" +# Recalculate and store the config file checksum into the app settings +ynh_store_file_checksum "$final_path/CONFIG_FILE" + +#================================================= +# SETUP LOGROTATE +#================================================= + +# Use logrotate to manage the logfile +ynh_use_logrotate + +#================================================= +# SETUP SYSTEMD +#================================================= + +# Create a dedicated systemd config +ynh_systemd_config + +#================================================= +# GENERIC FINALISATION +#================================================= +# SECURING FILES AND DIRECTORIES +#================================================= + +# Set right permissions for curl install +sudo chown -R root: $final_path + +#================================================= +# SETUP SSOWAT +#================================================= + +if [ $is_public -eq 0 ] +then # Remove the public access + ynh_app_setting_delete $app skipped_uris +fi +# Make app public if necessary +if [ $is_public -eq 1 ] +then + # unprotected_uris allows SSO credentials to be passed anyway. + ynh_app_setting_set $app unprotected_uris "/" fi -# Reload nginx service -sudo service nginx reload +#================================================= +# RELOAD NGINX +#================================================= + +sudo systemctl reload nginx From cad756ab12ec223ec1e9decc66bee5bfd70ff3f3 Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Fri, 2 Jun 2017 18:54:30 +0200 Subject: [PATCH 14/37] [enh] Need the next release --- manifest.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifest.json b/manifest.json index 83d4340..63e057f 100644 --- a/manifest.json +++ b/manifest.json @@ -14,7 +14,7 @@ "url": "http://example.com" }, "requirements": { - "yunohost": ">> 2.4.0" + "yunohost": ">> 2.5.6" }, "multi_instance": true, "services": [ From 2aff2e83d6af4d2ab79df2bb4a4938508d0f4d8a Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Mon, 5 Jun 2017 13:04:03 +0200 Subject: [PATCH 15/37] Add a _common.sh for new helpers --- scripts/_common.sh | 640 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 640 insertions(+) create mode 100644 scripts/_common.sh diff --git a/scripts/_common.sh b/scripts/_common.sh new file mode 100644 index 0000000..86feec5 --- /dev/null +++ b/scripts/_common.sh @@ -0,0 +1,640 @@ +#!/bin/bash + +# Normalize the url path syntax +# Handle the slash at the beginning of path and its absence at ending +# Return a normalized url path +# +# example: url_path=$(ynh_normalize_url_path $url_path) +# ynh_normalize_url_path example -> /example +# ynh_normalize_url_path /example -> /example +# ynh_normalize_url_path /example/ -> /example +# ynh_normalize_url_path / -> / +# +# usage: ynh_normalize_url_path path_to_normalize +# | arg: url_path_to_normalize - URL path to normalize before using it +ynh_normalize_url_path () { + path_url=$1 + test -n "$path_url" || ynh_die "ynh_normalize_url_path expect a URL path as first argument and received nothing." + if [ "${path_url:0:1}" != "/" ]; then # If the first character is not a / + path_url="/$path_url" # Add / at begin of path variable + fi + if [ "${path_url:${#path_url}-1}" == "/" ] && [ ${#path_url} -gt 1 ]; then # If the last character is a / and that not the only character. + path_url="${path_url:0:${#path_url}-1}" # Delete the last character + fi + echo $path_url +} + +# Check if a mysql user exists +# +# usage: ynh_mysql_user_exists user +# | arg: user - the user for which to check existence +function ynh_mysql_user_exists() +{ + local user=$1 + if [[ -z $(ynh_mysql_execute_as_root "SELECT User from mysql.user WHERE User = '$user';") ]] + then + return 1 + else + return 0 + fi +} + +# Create a database, an user and its password. Then store the password in the app's config +# +# After executing this helper, the password of the created database will be available in $db_pwd +# It will also be stored as "mysqlpwd" into the app settings. +# +# usage: ynh_mysql_setup_db user name [pwd] +# | arg: user - Owner of the database +# | arg: name - Name of the database +# | arg: pwd - Password of the database. If not given, a password will be generated +ynh_mysql_setup_db () { + local db_user="$1" + local db_name="$2" + db_pwd=$(ynh_string_random) # Generate a random password + ynh_mysql_create_db "$db_name" "$db_user" "$db_pwd" # Create the database + ynh_app_setting_set $app mysqlpwd $db_pwd # Store the password in the app's config +} + +# Remove a database if it exists, and the associated user +# +# usage: ynh_mysql_remove_db user name +# | arg: user - Owner of the database +# | arg: name - Name of the database +ynh_mysql_remove_db () { + local db_user="$1" + local db_name="$2" + local mysql_root_password=$(sudo cat $MYSQL_ROOT_PWD_FILE) + if mysqlshow -u root -p$mysql_root_password | grep -q "^| $db_name"; then # Check if the database exists + echo "Removing database $db_name" >&2 + ynh_mysql_drop_db $db_name # Remove the database + else + echo "Database $db_name not found" >&2 + fi + + # Remove mysql user if it exists + if $(ynh_mysql_user_exists $db_user); then + ynh_mysql_drop_user $db_user + fi +} + +# Correct the name given in argument for mariadb +# +# Avoid invalid name for your database +# +# Exemple: dbname=$(ynh_make_valid_dbid $app) +# +# usage: ynh_make_valid_dbid name +# | arg: name - name to correct +# | ret: the corrected name +ynh_sanitize_dbid () { + dbid=${1//[-.]/_} # We should avoid having - and . in the name of databases. They are replaced by _ + echo $dbid +} + +# Manage a fail of the script +# +# Print a warning to inform that the script was failed +# Execute the ynh_clean_setup function if used in the app script +# +# usage of ynh_clean_setup function +# This function provide a way to clean some residual of installation that not managed by remove script. +# To use it, simply add in your script: +# ynh_clean_setup () { +# instructions... +# } +# This function is optionnal. +# +# Usage: ynh_exit_properly is used only by the helper ynh_abort_if_errors. +# You must not use it directly. +ynh_exit_properly () { + exit_code=$? + if [ "$exit_code" -eq 0 ]; then + exit 0 # Exit without error if the script ended correctly + fi + + trap '' EXIT # Ignore new exit signals + set +eu # Do not exit anymore if a command fail or if a variable is empty + + echo -e "!!\n $app's script has encountered an error. Its execution was cancelled.\n!!" >&2 + + if type -t ynh_clean_setup > /dev/null; then # Check if the function exist in the app script. + ynh_clean_setup # Call the function to do specific cleaning for the app. + fi + + ynh_die # Exit with error status +} + +# Exit if an error occurs during the execution of the script. +# +# Stop immediatly the execution if an error occured or if a empty variable is used. +# The execution of the script is derivate to ynh_exit_properly function before exit. +# +# Usage: ynh_abort_if_errors +ynh_abort_if_errors () { + set -eu # Exit if a command fail, and if a variable is used unset. + trap ynh_exit_properly EXIT # Capturing exit signals on shell script +} + +# Define and install dependencies with a equivs control file +# This helper can/should only be called once per app +# +# usage: ynh_install_app_dependencies dep [dep [...]] +# | arg: dep - the package name to install in dependence +ynh_install_app_dependencies () { + dependencies=$@ + manifest_path="../manifest.json" + if [ ! -e "$manifest_path" ]; then + manifest_path="../settings/manifest.json" # Into the restore script, the manifest is not at the same place + fi + version=$(sudo grep '\"version\": ' "$manifest_path" | cut -d '"' -f 4) # Retrieve the version number in the manifest file. + dep_app=${app//_/-} # Replace all '_' by '-' + + if ynh_package_is_installed "${dep_app}-ynh-deps"; then + echo "A package named ${dep_app}-ynh-deps is already installed" >&2 + else + cat > ./${dep_app}-ynh-deps.control << EOF # Make a control file for equivs-build +Section: misc +Priority: optional +Package: ${dep_app}-ynh-deps +Version: ${version} +Depends: ${dependencies// /, } +Architecture: all +Description: Fake package for ${app} (YunoHost app) dependencies + This meta-package is only responsible of installing its dependencies. +EOF + ynh_package_install_from_equivs ./${dep_app}-ynh-deps.control \ + || ynh_die "Unable to install dependencies" # Install the fake package and its dependencies + ynh_app_setting_set $app apt_dependencies $dependencies + fi +} + +# Remove fake package and its dependencies +# +# Dependencies will removed only if no other package need them. +# +# usage: ynh_remove_app_dependencies +ynh_remove_app_dependencies () { + dep_app=${app//_/-} # Replace all '_' by '-' + ynh_package_autoremove ${dep_app}-ynh-deps # Remove the fake package and its dependencies if they not still used. +} + +# Use logrotate to manage the logfile +# +# usage: ynh_use_logrotate [logfile] +# | arg: logfile - absolute path of logfile +# +# If no argument provided, a standard directory will be use. /var/log/${app} +# You can provide a path with the directory only or with the logfile. +# /parentdir/logdir/ +# /parentdir/logdir/logfile.log +# +# It's possible to use this helper several times, each config will added to same logrotate config file. +ynh_use_logrotate () { + if [ "$#" -gt 0 ]; then + if [ "$(echo ${1##*.})" == "log" ]; then # Keep only the extension to check if it's a logfile + logfile=$1 # In this case, focus logrotate on the logfile + else + logfile=$1/.log # Else, uses the directory and all logfile into it. + fi + else + logfile="/var/log/${app}/.log" # Without argument, use a defaut directory in /var/log + fi + cat > ./${app}-logrotate << EOF # Build a config file for logrotate +$logfile { + # Rotate if the logfile exceeds 100Mo + size 100M + # Keep 12 old log maximum + rotate 12 + # Compress the logs with gzip + compress + # Compress the log at the next cycle. So keep always 2 non compressed logs + delaycompress + # Copy and truncate the log to allow to continue write on it. Instead of move the log. + copytruncate + # Do not do an error if the log is missing + missingok + # Not rotate if the log is empty + notifempty + # Keep old logs in the same dir + noolddir +} +EOF + sudo mkdir -p $(dirname "$logfile") # Create the log directory, if not exist + cat ${app}-logrotate | sudo tee -a /etc/logrotate.d/$app > /dev/null # Append this config to the others for this app. If a config file already exist +} + +# Remove the app's logrotate config. +# +# usage: ynh_remove_logrotate +ynh_remove_logrotate () { + if [ -e "/etc/logrotate.d/$app" ]; then + sudo rm "/etc/logrotate.d/$app" + fi +} + +# Find a free port and return it +# +# example: port=$(ynh_find_port 8080) +# +# usage: ynh_find_port begin_port +# | arg: begin_port - port to start to search +ynh_find_port () { + port=$1 + test -n "$port" || ynh_die "The argument of ynh_find_port must be a valid port." + while netcat -z 127.0.0.1 $port # Check if the port is free + do + port=$((port+1)) # Else, pass to next port + done + echo $port +} + +# Create a system user +# +# usage: ynh_system_user_create user_name [home_dir] +# | arg: user_name - Name of the system user that will be create +# | arg: home_dir - Path of the home dir for the user. Usually the final path of the app. If this argument is omitted, the user will be created without home +ynh_system_user_create () { + if ! ynh_system_user_exists "$1" # Check if the user exists on the system + then # If the user doesn't exist + if [ $# -ge 2 ]; then # If a home dir is mentioned + user_home_dir="-d $2" + else + user_home_dir="--no-create-home" + fi + sudo useradd $user_home_dir --system --user-group $1 --shell /usr/sbin/nologin || ynh_die "Unable to create $1 system account" + fi +} + +# Delete a system user +# +# usage: ynh_system_user_delete user_name +# | arg: user_name - Name of the system user that will be create +ynh_system_user_delete () { + if ynh_system_user_exists "$1" # Check if the user exists on the system + then + echo "Remove the user $1" >&2 + sudo userdel $1 + else + echo "The user $1 was not found" >&2 + fi +} + +# Curl abstraction to help with POST requests to local pages (such as installation forms) +# +# $domain and $path_url should be defined externally (and correspond to the domain.tld and the /path (of the app?)) +# +# example: ynh_local_curl "/install.php?installButton" "foo=$var1" "bar=$var2" +# +# usage: ynh_local_curl "page_uri" "key1=value1" "key2=value2" ... +# | arg: page_uri - Path (relative to $path_url) of the page where POST data will be sent +# | arg: key1=value1 - (Optionnal) POST key and corresponding value +# | arg: key2=value2 - (Optionnal) Another POST key and corresponding value +# | arg: ... - (Optionnal) More POST keys and values +ynh_local_curl () { + # Define url of page to curl + full_page_url=https://localhost$path_url$1 + + # Concatenate all other arguments with '&' to prepare POST data + POST_data="" + for arg in "${@:2}" + do + POST_data="${POST_data}${arg}&" + done + if [ -n "$POST_data" ] + then + # Add --data arg and remove the last character, which is an unecessary '&' + POST_data="--data \"${POST_data::-1}\"" + fi + + # Curl the URL + curl --silent --show-error -kL -H "Host: $domain" --resolve $domain:443:127.0.0.1 $POST_data "$full_page_url" +} + +# Substitute/replace a string by another in a file +# +# usage: ynh_replace_string match_string replace_string target_file +# | arg: match_string - String to be searched and replaced in the file +# | arg: replace_string - String that will replace matches +# | arg: target_file - File in which the string will be replaced. +ynh_replace_string () { + delimit=@ + match_string=${1//${delimit}/"\\${delimit}"} # Escape the delimiter if it's in the string. + replace_string=${2//${delimit}/"\\${delimit}"} + workfile=$3 + + sudo sed --in-place "s${delimit}${match_string}${delimit}${replace_string}${delimit}g" "$workfile" +} + +# Remove a file or a directory securely +# +# usage: ynh_secure_remove path_to_remove +# | arg: path_to_remove - File or directory to remove +ynh_secure_remove () { + path_to_remove=$1 + forbidden_path=" \ + /var/www \ + /home/yunohost.app" + + if [[ "$forbidden_path" =~ "$path_to_remove" \ + # Match all paths or subpaths in $forbidden_path + || "$path_to_remove" =~ ^/[[:alnum:]]+$ \ + # Match all first level paths from / (Like /var, /root, etc...) + || "${path_to_remove:${#path_to_remove}-1}" = "/" ]] + # Match if the path finishes by /. Because it seems there is an empty variable + then + echo "Avoid deleting $path_to_remove." >&2 + else + if [ -e "$path_to_remove" ] + then + sudo rm -R "$path_to_remove" + else + echo "$path_to_remove wasn't deleted because it doesn't exist." >&2 + fi + fi +} + +# Download, check integrity, uncompress and patch the source from app.src +# +# The file conf/app.src need to contains: +# +# SOURCE_URL=Address to download the app archive +# SOURCE_SUM=Control sum +# # (Optional) Programm to check the integrity (sha256sum, md5sum$YNH_EXECUTION_DIR/...) +# # default: sha256 +# SOURCE_SUM_PRG=sha256 +# # (Optional) Archive format +# # default: tar.gz +# SOURCE_FORMAT=tar.gz +# # (Optional) Put false if source are directly in the archive root +# # default: true +# SOURCE_IN_SUBDIR=false +# # (Optionnal) Name of the local archive (offline setup support) +# # default: ${src_id}.${src_format} +# SOURCE_FILENAME=example.tar.gz +# +# Details: +# This helper download sources from SOURCE_URL if there is no local source +# archive in /opt/yunohost-apps-src/APP_ID/SOURCE_FILENAME +# +# Next, it check the integrity with "SOURCE_SUM_PRG -c --status" command. +# +# If it's ok, the source archive will be uncompress in $dest_dir. If the +# SOURCE_IN_SUBDIR is true, the first level directory of the archive will be +# removed. +# +# Finally, patches named sources/patches/${src_id}-*.patch and extra files in +# sources/extra_files/$src_id will be applyed to dest_dir +# +# +# usage: ynh_setup_source dest_dir [source_id] +# | arg: dest_dir - Directory where to setup sources +# | arg: source_id - Name of the app, if the package contains more than one app +ynh_setup_source () { + local dest_dir=$1 + local src_id=${2:-app} # If the argument is not given, source_id equal "app" + + # Load value from configuration file (see above for a small doc about this file + # format) + local src_url=$(grep 'SOURCE_URL=' "../conf/${src_id}.src" | cut -d= -f2-) + local src_sum=$(grep 'SOURCE_SUM=' "../conf/${src_id}.src" | cut -d= -f2-) + local src_sumprg=$(grep 'SOURCE_SUM_PRG=' "../conf/${src_id}.src" | cut -d= -f2-) + local src_format=$(grep 'SOURCE_FORMAT=' "../conf/${src_id}.src" | cut -d= -f2-) + local src_in_subdir=$(grep 'SOURCE_IN_SUBDIR=' "../conf/${src_id}.src" | cut -d= -f2-) + local src_filename=$(grep 'SOURCE_FILENAME=' "../conf/${src_id}.src" | cut -d= -f2-) + + # Default value + src_sumprg=${src_sumprg:-sha256sum} + src_in_subdir=${src_in_subdir:-true} + src_format=${src_format:-tar.gz} + src_format=$(echo "$src_format" | tr '[:upper:]' '[:lower:]') + if [ "$src_filename" = "" ] ; then + src_filename="${src_id}.${src_format}" + fi + local local_src="/opt/yunohost-apps-src/${YNH_APP_ID}/${src_filename}" + + if test -e "$local_src" + then # Use the local source file if it is present + cp $local_src $src_filename + else # If not, download the source + wget -nv -O $src_filename $src_url + fi + + # Check the control sum + echo "${src_sum} ${src_filename}" | ${src_sumprg} -c --status \ + || ynh_die "Corrupt source" + + # Extract source into the app dir + sudo mkdir -p "$dest_dir" + if [ "$src_format" = "zip" ] + then + # Zip format + # Using of a temp directory, because unzip doesn't manage --strip-components + if $src_in_subdir ; then + local tmp_dir=$(mktemp -d) + sudo unzip -quo $src_filename -d "$tmp_dir" + sudo cp -a $tmp_dir/*/. "$dest_dir" + ynh_secure_remove "$tmp_dir" + else + sudo unzip -quo $src_filename -d "$dest_dir" + fi + else + local strip="" + if $src_in_subdir ; then + strip="--strip-components 1" + fi + if [[ "$src_format" =~ ^tar.gz|tar.bz2|tar.xz$ ]] ; then + sudo tar -xf $src_filename -C "$dest_dir" $strip + else + ynh_die "Archive format unrecognized." + fi + fi + + # Apply patches + if (( $(find ../sources/patches/ -type f -name "${src_id}-*.patch" 2> /dev/null | wc -l) > "0" )); then + local old_dir=$(pwd) + (cd "$dest_dir" \ + && for p in ../sources/patches/${src_id}-*.patch; do \ + sudo patch -p1 < $p; done) \ + || ynh_die "Unable to apply patches" + cd $old_dir + fi + + # Add supplementary files + if test -e "../sources/extra_files/${src_id}"; then + sudo cp -a ../sources/extra_files/$src_id/. "$dest_dir" + fi +} + +# Check availability of a web path +# +# example: ynh_webpath_available some.domain.tld /coffee +# +# usage: ynh_webpath_available domain path +# | arg: domain - the domain/host of the url +# | arg: path - the web path to check the availability of +ynh_webpath_available () { + local domain=$1 + local path=$2 + sudo yunohost domain url-available $domain $path +} + +# Register/book a web path for an app +# +# example: ynh_webpath_register wordpress some.domain.tld /coffee +# +# usage: ynh_webpath_register app domain path +# | arg: app - the app for which the domain should be registered +# | arg: domain - the domain/host of the web path +# | arg: path - the web path to be registered +ynh_webpath_register () { + local app=$1 + local domain=$2 + local path=$3 + sudo yunohost app register-url $app $domain $path +} + +# Calculate and store a file checksum into the app settings +# +# $app should be defined when calling this helper +# +# usage: ynh_store_file_checksum file +# | arg: file - The file on which the checksum will performed, then stored. +ynh_store_file_checksum () { + local checksum_setting_name=checksum_${1//[\/ ]/_} # Replace all '/' and ' ' by '_' + ynh_app_setting_set $app $checksum_setting_name $(sudo md5sum "$1" | cut -d' ' -f1) +} + +# Verify the checksum and backup the file if it's different +# This helper is primarily meant to allow to easily backup personalised/manually +# modified config files. +# +# $app should be defined when calling this helper +# +# usage: ynh_backup_if_checksum_is_different file +# | arg: file - The file on which the checksum test will be perfomed. +# +# | ret: Return the name a the backup file, or nothing +ynh_backup_if_checksum_is_different () { + local file=$1 + local checksum_setting_name=checksum_${file//[\/ ]/_} # Replace all '/' and ' ' by '_' + local checksum_value=$(ynh_app_setting_get $app $checksum_setting_name) + if [ -n "$checksum_value" ] + then # Proceed only if a value was stored into the app settings + if ! echo "$checksum_value $file" | sudo md5sum -c --status + then # If the checksum is now different + backup_file="/home/yunohost.conf/backup/$file.backup.$(date '+%Y%m%d.%H%M%S')" + sudo mkdir -p "$(dirname "$backup_file")" + sudo cp -a "$file" "$backup_file" # Backup the current file + echo "File $file has been manually modified since the installation or last upgrade. So it has been duplicated in $backup_file" >&2 + echo "$backup_file" # Return the name of the backup file + fi + fi +} + +# Create a dedicated nginx config +# +# usage: ynh_add_nginx_config +ynh_add_nginx_config () { + finalnginxconf="/etc/nginx/conf.d/$domain.d/$app.conf" + ynh_backup_if_checksum_is_different "$finalnginxconf" 1 + sudo cp ../conf/nginx.conf "$finalnginxconf" + + # To avoid a break by set -u, use a void substitution ${var:-}. If the variable is not set, it's simply set with an empty variable. + # Substitute in a nginx config file only if the variable is not empty + if test -n "${path_url:-}"; then + ynh_replace_string "__PATH__" "$path_url" "$finalnginxconf" + fi + if test -n "${domain:-}"; then + ynh_replace_string "__DOMAIN__" "$domain" "$finalnginxconf" + fi + if test -n "${port:-}"; then + ynh_replace_string "__PORT__" "$port" "$finalnginxconf" + fi + if test -n "${app:-}"; then + ynh_replace_string "__NAME__" "$app" "$finalnginxconf" + fi + if test -n "${final_path:-}"; then + ynh_replace_string "__FINALPATH__" "$final_path" "$finalnginxconf" + fi + ynh_store_checksum_config "$finalnginxconf" + + sudo systemctl reload nginx +} + +# Remove the dedicated nginx config +# +# usage: ynh_remove_nginx_config +ynh_remove_nginx_config () { + ynh_secure_remove "/etc/nginx/conf.d/$domain.d/$app.conf" + sudo systemctl reload nginx +} + +# Create a dedicated php-fpm config +# +# usage: ynh_add_fpm_config +ynh_add_fpm_config () { + finalphpconf="/etc/php5/fpm/pool.d/$app.conf" + ynh_backup_if_checksum_is_different "$finalphpconf" 1 + sudo cp ../conf/php-fpm.conf "$finalphpconf" + ynh_replace_string "__NAMETOCHANGE__" "$app" "$finalphpconf" + ynh_replace_string "__FINALPATH__" "$final_path" "$finalphpconf" + ynh_replace_string "__USER__" "$app" "$finalphpconf" + sudo chown root: "$finalphpconf" + ynh_store_file_checksum "$finalphpconf" + + if [ -e "../conf/php-fpm.ini" ] + then + finalphpini="/etc/php5/fpm/conf.d/20-$app.ini" + ynh_compare_checksum_config "$finalphpini" 1 + sudo cp ../conf/php-fpm.ini "$finalphpini" + sudo chown root: "$finalphpini" + ynh_store_checksum_config "$finalphpini" + fi + + sudo systemctl reload php5-fpm +} + +# Remove the dedicated php-fpm config +# +# usage: ynh_remove_fpm_config +ynh_remove_fpm_config () { + ynh_secure_remove "/etc/php5/fpm/pool.d/$app.conf" + ynh_secure_remove "/etc/php5/fpm/conf.d/20-$app.ini" 2>&1 + sudo systemctl reload php5-fpm +} + +# Create a dedicated systemd config +# +# usage: ynh_add_systemd_config +ynh_add_systemd_config () { + finalsystemdconf="/etc/systemd/system/$app.service" + ynh_compare_checksum_config "$finalsystemdconf" 1 + sudo cp ../conf/systemd.service "$finalsystemdconf" + + # To avoid a break by set -u, use a void substitution ${var:-}. If the variable is not set, it's simply set with an empty variable. + # Substitute in a nginx config file only if the variable is not empty + if test -n "${final_path:-}"; then + ynh_replace_string "__FINALPATH__" "$final_path" "$finalsystemdconf" + fi + if test -n "${app:-}"; then + ynh_replace_string "__APP__" "$app" "$finalsystemdconf" + fi + ynh_store_checksum_config "$finalsystemdconf" + + sudo chown root: "$finalsystemdconf" + sudo systemctl enable $app + sudo systemctl daemon-reload +} + +# Remove the dedicated systemd config +# +# usage: ynh_remove_systemd_config +ynh_remove_systemd_config () { + finalsystemdconf="/etc/systemd/system/$app.service" + if [ -e "$finalsystemdconf" ]; then + sudo systemctl stop $app + sudo systemctl disable $app + ynh_secure_remove "$finalsystemdconf" + fi +} From 922a70929f59f9a61e0d49ea17182c2a857ea7cc Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Mon, 5 Jun 2017 13:06:35 +0200 Subject: [PATCH 16/37] _common.sh --- scripts/upgrade | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/upgrade b/scripts/upgrade index 806eae6..c152ce5 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -6,6 +6,7 @@ # IMPORT GENERIC HELPERS #================================================= +source _common.sh source /usr/share/yunohost/helpers #================================================= From 238865c0e34ca59cf3f605de298c79a6d9bffe57 Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Mon, 5 Jun 2017 13:09:19 +0200 Subject: [PATCH 17/37] _common.sh --- scripts/restore | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/scripts/restore b/scripts/restore index 9eede1d..a90e963 100755 --- a/scripts/restore +++ b/scripts/restore @@ -13,6 +13,12 @@ set -eu # IMPORT GENERIC HELPERS #================================================= +if [ ! -e _common.sh ]; then + # Get the _common.sh file if it's not in the current directory + sudo cp ../settings/scripts/_common.sh ./_common.sh + sudo chmod a+rx _common.sh +fi +source _common.sh source /usr/share/yunohost/helpers #================================================= From c03c9fc04576c74b1ce40d8645fbfdbe4f56d632 Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Mon, 5 Jun 2017 13:10:28 +0200 Subject: [PATCH 18/37] _common.sh --- scripts/backup | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/scripts/backup b/scripts/backup index 1aa253f..386992c 100755 --- a/scripts/backup +++ b/scripts/backup @@ -13,6 +13,12 @@ set -eu # IMPORT GENERIC HELPERS #================================================= +if [ ! -e _common.sh ]; then + # Get the _common.sh file if it's not in the current directory + sudo cp ../settings/scripts/_common.sh ./_common.sh + sudo chmod a+rx _common.sh +fi +source _common.sh source /usr/share/yunohost/helpers #================================================= From 832fc6523efebb8ef0e37e6c476950fce1e22ba1 Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Mon, 5 Jun 2017 13:11:07 +0200 Subject: [PATCH 19/37] _common.sh --- scripts/remove | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/remove b/scripts/remove index d709e2c..506b499 100755 --- a/scripts/remove +++ b/scripts/remove @@ -6,6 +6,7 @@ # IMPORT GENERIC HELPERS #================================================= +source _common.sh source /usr/share/yunohost/helpers #================================================= From 622d37171824c057926e40fc4e6c2617d54aa2eb Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Mon, 5 Jun 2017 13:11:48 +0200 Subject: [PATCH 20/37] _common.sh --- scripts/install | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/install b/scripts/install index 4f1b36c..e4da182 100755 --- a/scripts/install +++ b/scripts/install @@ -6,6 +6,7 @@ # IMPORT GENERIC HELPERS #================================================= +source _common.sh source /usr/share/yunohost/helpers #================================================= From 947bde8284a2b4115a348237fb8d120339974901 Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Mon, 5 Jun 2017 13:27:24 +0200 Subject: [PATCH 21/37] Old way backup But, with a compatibility with the new system --- scripts/backup | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/scripts/backup b/scripts/backup index 386992c..dcd005d 100755 --- a/scripts/backup +++ b/scripts/backup @@ -38,27 +38,27 @@ db_pwd=$(ynh_app_setting_get $app mysqlpwd) # BACKUP OF THE MAIN DIR OF THE APP #================================================= -new_ynh_backup "$final_path" +ynh_backup "$final_path" "${backup_dir}$final_path" #================================================= # BACKUP OF THE NGINX CONFIGURATION #================================================= -new_ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf" +ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf" "${backup_dir}/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= # BACKUP OF THE PHP-FPM CONFIGURATION #================================================= -new_ynh_backup "/etc/php5/fpm/pool.d/$app.conf" -new_ynh_backup "/etc/php5/fpm/conf.d/20-$app.ini" +ynh_backup "/etc/php5/fpm/pool.d/$app.conf" "${backup_dir}/etc/php5/fpm/pool.d/$app.conf" +ynh_backup "/etc/php5/fpm/conf.d/20-$app.ini" "${backup_dir}/etc/php5/fpm/conf.d/20-$app.ini" #================================================= # BACKUP OF THE SQL BDD #================================================= ynh_mysql_dump_db "$db_name" > db.sql -new_ynh_backup "db.sql" +ynh_backup "db.sql" "${backup_dir}/db.sql" #================================================= # SPECIFIC BACKUP @@ -66,16 +66,16 @@ new_ynh_backup "db.sql" # BACKUP LOGROTATE #================================================= -new_ynh_backup "/etc/logrotate.d/$app" +ynh_backup "/etc/logrotate.d/$app" "${backup_dir}/etc/logrotate.d/$app" #================================================= # BACKUP SYSTEMD #================================================= -new_ynh_backup "/etc/systemd/system/$app.service" +ynh_backup "/etc/systemd/system/$app.service" "${backup_dir}/etc/systemd/system/$app.service" #================================================= # BACKUP OF THE CRON FILE #================================================= -new_ynh_backup "/etc/cron.d/$app" +ynh_backup "/etc/cron.d/$app" "${backup_dir}/etc/cron.d/$app" From eafe4235f4be2527c90261a7dd1d2928543f3f8b Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Mon, 5 Jun 2017 13:33:09 +0200 Subject: [PATCH 22/37] Fake ynh_restore_file for prepare to this futur helper --- scripts/_common.sh | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/scripts/_common.sh b/scripts/_common.sh index 86feec5..069747c 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -638,3 +638,10 @@ ynh_remove_systemd_config () { ynh_secure_remove "$finalsystemdconf" fi } + +##################################### + +# This is not an official helper, just an abstract helper to prepare to the new one. +ynh_restore_file () { + sudo cp -a "${backup_dir}$1" "$1" +} From 9bca078a6f82bf0756d70bbdd206b6976cb7836b Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Tue, 13 Jun 2017 14:17:02 +0200 Subject: [PATCH 23/37] Move into 'app' directory --- sources/extra_files/{ => app}/.gitignore | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename sources/extra_files/{ => app}/.gitignore (100%) diff --git a/sources/extra_files/.gitignore b/sources/extra_files/app/.gitignore similarity index 100% rename from sources/extra_files/.gitignore rename to sources/extra_files/app/.gitignore From c100968d8b670e4b664f8aedffbb9dac3815bc72 Mon Sep 17 00:00:00 2001 From: Jimmy Monin Date: Sat, 17 Jun 2017 17:37:16 +0200 Subject: [PATCH 24/37] Advertise helpers temporary inclusion in _common.sh --- scripts/_common.sh | 26 +++++++++++++++++++------- 1 file changed, 19 insertions(+), 7 deletions(-) diff --git a/scripts/_common.sh b/scripts/_common.sh index 069747c..763ede3 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -1,5 +1,11 @@ #!/bin/bash +# ============================================================================= +# YUNOHOST 2.6 FORTHCOMING HELPERS +# (will be part of YunoHost 2.6, so won't be necessary any more after +# YunoHost 2.6 gets widespread) +# ============================================================================= + # Normalize the url path syntax # Handle the slash at the beginning of path and its absence at ending # Return a normalized url path @@ -532,6 +538,19 @@ ynh_backup_if_checksum_is_different () { fi } +##################################### + +# This is not an official helper, just an abstract helper to prepare to the new one. +ynh_restore_file () { + sudo cp -a "${backup_dir}$1" "$1" +} + +# ============================================================================= +# YUNOHOST 2.6 FORTHCOMING HELPERS +# (will be part of YunoHost 2.6, so won't be necessary any more after +# YunoHost 2.6 gets widespread) +# ============================================================================= + # Create a dedicated nginx config # # usage: ynh_add_nginx_config @@ -638,10 +657,3 @@ ynh_remove_systemd_config () { ynh_secure_remove "$finalsystemdconf" fi } - -##################################### - -# This is not an official helper, just an abstract helper to prepare to the new one. -ynh_restore_file () { - sudo cp -a "${backup_dir}$1" "$1" -} From 97fd2840318e5e11a4fc01f7a301174d90863e72 Mon Sep 17 00:00:00 2001 From: Jimmy Monin Date: Sat, 17 Jun 2017 17:49:26 +0200 Subject: [PATCH 25/37] Fix wording and typos --- scripts/install | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/scripts/install b/scripts/install index e4da182..2f02ac2 100755 --- a/scripts/install +++ b/scripts/install @@ -1,7 +1,7 @@ #!/bin/bash #================================================= -# GENERIC STARTING +# GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= @@ -10,10 +10,10 @@ source _common.sh source /usr/share/yunohost/helpers #================================================= -# MANAGE FAILURE OF THE SCRIPT +# MANAGE SCRIPT FAILURE #================================================= -# Exit if an error occurs during the execution of the script. +# Exit if an error occurs during the execution of the script ynh_abort_if_errors #================================================= @@ -39,15 +39,15 @@ language=$YNH_APP_ARG_LANGUAGE app=$YNH_APP_INSTANCE_NAME #================================================= -# CHECK IF THE APP CAN BE INSTALLED WITH THIS ARGS +# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS #================================================= # Normalize the url path syntax path_url=$(ynh_normalize_url_path $path_url) -# Check availability of a web path +# Check web path availability ynh_webpath_available $domain $path_url -# Register/book a web path for an app +# Register (book) web path ynh_webpath_register $app $domain $path_url final_path=/var/www/$app @@ -82,10 +82,10 @@ ynh_app_setting_set $app port $port ynh_install_app_dependencies deb1 deb2 #================================================= -# CREATE A SQL BDD +# CREATE A MYSQL DATABASE #================================================= -# If your app use a MySQL database you can use these lines to bootstrap -# a database, an associated user and save the password in app settings. +# If your app uses a MySQL database, you can use these lines to bootstrap +# a database, an associated user and save the password in app settings db_name=$(ynh_sanitize_dbid $app) ynh_app_setting_set $app db_name $db_name @@ -134,13 +134,13 @@ ynh_fpm_config ynh_systemd_config #================================================= -# SETTING UP WITH CURL +# SETUP APPLICATION WITH CURL #================================================= # Set right permissions for curl install sudo chown -R $app: $final_path -# Put the app public for curl +# Set the app as temporarily public for curl call ynh_app_setting_set $app unprotected_uris "/" # Reload SSOwat config sudo yunohost app ssowatconf @@ -159,9 +159,9 @@ ynh_local_curl "/INSTALL_PATH" "key1=value1" "key2=value2" "key3=value3" ynh_store_file_checksum "$final_path/CONFIG_FILE" #================================================= -# GENERIC FINALISATION +# GENERIC FINALIZATION #================================================= -# SECURING FILES AND DIRECTORIES +# SECURE FILES AND DIRECTORIES #================================================= # Set permissions to app files @@ -171,11 +171,11 @@ sudo chown -R root: $final_path # SETUP LOGROTATE #================================================= -# Use logrotate to manage the logfile +# Use logrotate to manage application logfile(s) ynh_use_logrotate #================================================= -# ENABLE SERVICE IN ADMIN PANEL +# ADVERTISE SERVICE IN ADMIN PANEL #================================================= sudo yunohost service add NAME_INIT.D --log "/var/log/FILE.log" From 605a77212501a4c0873d8acf025fc8b5378a0d39 Mon Sep 17 00:00:00 2001 From: Jimmy Monin Date: Sat, 17 Jun 2017 17:54:26 +0200 Subject: [PATCH 26/37] Fix wording and typos --- scripts/remove | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/scripts/remove b/scripts/remove index 506b499..ede1b0f 100755 --- a/scripts/remove +++ b/scripts/remove @@ -1,7 +1,7 @@ #!/bin/bash #================================================= -# GENERIC STARTING +# GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= @@ -29,7 +29,7 @@ db_name=$(ynh_app_setting_get $app db_name) ynh_remove_systemd_config #================================================= -# DISABLE SERVICE IN ADMIN PANEL +# REMOVE SERVICE FROM ADMIN PANEL #================================================= if sudo yunohost service status | grep -q $app @@ -42,42 +42,42 @@ fi # REMOVE DEPENDENCIES #================================================= -# Remove fake package and its dependencies +# Remove metapackage and its dependencies ynh_remove_app_dependencies #================================================= -# REMOVE THE SQL BDD +# REMOVE THE MYSQL DATABASE #================================================= -# Remove a database if it exists, and the associated user +# Remove a database if it exists, along with the associated user ynh_mysql_remove_db $db_name $db_name #================================================= -# REMOVE THE MAIN DIR OF THE APP +# REMOVE APP MAIN DIR #================================================= # Remove the app directory securely ynh_secure_remove "/var/www/$app" #================================================= -# REMOVE THE NGINX CONFIGURATION +# REMOVE NGINX CONFIGURATION #================================================= # Remove the dedicated nginx config ynh_remove_nginx_config #================================================= -# REMOVE THE PHP-FPM CONFIGURATION +# REMOVE PHP-FPM CONFIGURATION #================================================= # Remove the dedicated php-fpm config ynh_remove_fpm_config #================================================= -# REMOVE THE LOGROTATE CONFIG +# REMOVE LOGROTATE CONFIGURATION #================================================= -# Remove the app's logrotate config. +# Remove the app-specific logrotate config ynh_remove_logrotate #================================================= @@ -106,7 +106,7 @@ ynh_secure_remove "/etc/$app/" ynh_secure_remove "/var/log/$app/" #================================================= -# GENERIC FINALISATION +# GENERIC FINALIZATION #================================================= # REMOVE DEDICATED USER #================================================= From 9d182f9ccccfde52305f8d767f85d6062b1a6b66 Mon Sep 17 00:00:00 2001 From: Jimmy Monin Date: Sat, 17 Jun 2017 18:02:28 +0200 Subject: [PATCH 27/37] Fix wording and typos --- scripts/upgrade | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/scripts/upgrade b/scripts/upgrade index c152ce5..bbaf187 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -1,7 +1,7 @@ #!/bin/bash #================================================= -# GENERIC STARTING +# GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= @@ -24,7 +24,7 @@ port=$(ynh_app_setting_get $app port) db_name=$(ynh_app_setting_get $app db_name) #================================================= -# FIX OLD THINGS +# ENSURE DOWNWARD COMPATIBILITY #================================================= if [ "$is_public" = "Yes" ]; then @@ -44,7 +44,7 @@ fi # CHECK THE PATH #================================================= -# Normalize the url path syntax +# Normalize the URL path syntax path_url=$(ynh_normalize_url_path $path_url) #================================================= @@ -92,7 +92,7 @@ ynh_store_file_checksum "$final_path/CONFIG_FILE" # SETUP LOGROTATE #================================================= -# Use logrotate to manage the logfile +# Use logrotate to manage app-specific logfile(s) ynh_use_logrotate #================================================= @@ -103,12 +103,12 @@ ynh_use_logrotate ynh_systemd_config #================================================= -# GENERIC FINALISATION +# GENERIC FINALIZATION #================================================= -# SECURING FILES AND DIRECTORIES +# SECURE FILES AND DIRECTORIES #================================================= -# Set right permissions for curl install +# Set right permissions for curl installation sudo chown -R root: $final_path #================================================= @@ -122,7 +122,7 @@ fi # Make app public if necessary if [ $is_public -eq 1 ] then - # unprotected_uris allows SSO credentials to be passed anyway. + # unprotected_uris allows SSO credentials to be passed anyway ynh_app_setting_set $app unprotected_uris "/" fi From ef65e1126130ebf2d2f808c0213f95633bd0f604 Mon Sep 17 00:00:00 2001 From: Jimmy Monin Date: Sat, 17 Jun 2017 18:10:46 +0200 Subject: [PATCH 28/37] Fix wording and typos --- scripts/restore | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/scripts/restore b/scripts/restore index a90e963..79cdbe1 100755 --- a/scripts/restore +++ b/scripts/restore @@ -1,12 +1,12 @@ #!/bin/bash #================================================= -# GENERIC STARTING +# GENERIC START #================================================= -# MANAGE FAILURE OF THE SCRIPT +# MANAGE SCRIPT FAILURE #================================================= -# Exit on command errors and treat unset variables as an error +# Exit on command errors and treat access to unset variables as an error set -eu #================================================= @@ -42,21 +42,21 @@ test ! -d $final_path \ || ynh_die "There is already a directory: $final_path " #================================================= -# STANDARD RESTORE STEPS +# STANDARD RESTORATION STEPS #================================================= -# RESTORE OF THE NGINX CONFIGURATION +# RESTORE THE NGINX CONFIGURATION #================================================= ynh_restore_file "/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= -# RESTORE OF THE MAIN DIR OF THE APP +# RESTORE THE APP MAIN DIR #================================================= ynh_restore_file "$final_path" #================================================= -# RESTORE OF THE SQL BDD +# RESTORE THE MYSQL DATABASE #================================================= db_pwd=$(ynh_app_setting_get $app mysqlpwd) @@ -64,37 +64,37 @@ ynh_mysql_setup_db $db_name $db_name $db_pwd ynh_mysql_connect_as $db_name $db_pwd $db_name < ./db.sql #================================================= -# RECREATE OF THE DEDICATED USER +# RECREATE THE DEDICATED USER #================================================= -# Recreate the dedicated user, if not exist +# Create the dedicated user (if not existing) ynh_system_user_create $app #================================================= # RESTORE USER RIGHTS #================================================= -# Restore permissions to app files +# Restore permissions on app files sudo chown -R root: $final_path #================================================= -# RESTORE OF THE PHP-FPM CONFIGURATION +# RESTORE THE PHP-FPM CONFIGURATION #================================================= ynh_restore_file "/etc/php5/fpm/pool.d/$app.conf" ynh_restore_file "/etc/php5/fpm/conf.d/20-$app.ini" #================================================= -# SPECIFIC RESTORE +# SPECIFIC RESTORATION #================================================= # REINSTALL DEPENDENCIES #================================================= -# Define and install dependencies with a equivs control file +# Define and install dependencies ynh_install_app_dependencies deb1 deb2 #================================================= -# ENABLE SERVICE IN ADMIN PANEL +# ADVERTISE SERVICE IN ADMIN PANEL #================================================= sudo yunohost service add $app --log "/var/log/$app/APP.log" @@ -107,19 +107,19 @@ ynh_restore_file "/etc/systemd/system/$app.service" sudo systemctl enable $app.service #================================================= -# RESTORE OF THE CRON FILE +# RESTORE THE CRON FILE #================================================= ynh_restore_file "/etc/cron.d/$app" #================================================= -# BACKUP OF THE LOGROTATE CONFIGURATION +# BACKUP THE LOGROTATE CONFIGURATION #================================================= ynh_restore_file "/etc/logrotate.d/$app" #================================================= -# GENERIC FINALISATION +# GENERIC FINALIZATION #================================================= # RELOAD NGINX AND PHP-FPM #================================================= From b21cd9b254032f50a0443de2cff0e9422a60392c Mon Sep 17 00:00:00 2001 From: Jimmy Monin Date: Sat, 17 Jun 2017 23:19:48 +0200 Subject: [PATCH 29/37] Fix wording and typos --- scripts/backup | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/scripts/backup b/scripts/backup index dcd005d..34afd23 100755 --- a/scripts/backup +++ b/scripts/backup @@ -1,12 +1,12 @@ #!/bin/bash #================================================= -# GENERIC STARTING +# GENERIC START #================================================= -# MANAGE FAILURE OF THE SCRIPT +# MANAGE SCRIPT FAILURE #================================================= -# Exit on command errors and treat unset variables as an error +# Exit on command errors and treat access to unset variables as an error set -eu #================================================= @@ -35,26 +35,26 @@ db_pwd=$(ynh_app_setting_get $app mysqlpwd) #================================================= # STANDARD BACKUP STEPS #================================================= -# BACKUP OF THE MAIN DIR OF THE APP +# BACKUP THE APP MAIN DIR #================================================= ynh_backup "$final_path" "${backup_dir}$final_path" #================================================= -# BACKUP OF THE NGINX CONFIGURATION +# BACKUP THE NGINX CONFIGURATION #================================================= ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf" "${backup_dir}/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= -# BACKUP OF THE PHP-FPM CONFIGURATION +# BACKUP THE PHP-FPM CONFIGURATION #================================================= ynh_backup "/etc/php5/fpm/pool.d/$app.conf" "${backup_dir}/etc/php5/fpm/pool.d/$app.conf" ynh_backup "/etc/php5/fpm/conf.d/20-$app.ini" "${backup_dir}/etc/php5/fpm/conf.d/20-$app.ini" #================================================= -# BACKUP OF THE SQL BDD +# BACKUP THE MYSQL DATABASE #================================================= ynh_mysql_dump_db "$db_name" > db.sql @@ -75,7 +75,7 @@ ynh_backup "/etc/logrotate.d/$app" "${backup_dir}/etc/logrotate.d/$app" ynh_backup "/etc/systemd/system/$app.service" "${backup_dir}/etc/systemd/system/$app.service" #================================================= -# BACKUP OF THE CRON FILE +# BACKUP THE CRON FILE #================================================= ynh_backup "/etc/cron.d/$app" "${backup_dir}/etc/cron.d/$app" From b417663e88d34f18d0e726c1e83881e87e811635 Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Sun, 25 Jun 2017 16:37:13 +0200 Subject: [PATCH 30/37] Purge common --- scripts/_common.sh | 547 --------------------------------------------- 1 file changed, 547 deletions(-) diff --git a/scripts/_common.sh b/scripts/_common.sh index 763ede3..d4d6af2 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -2,553 +2,6 @@ # ============================================================================= # YUNOHOST 2.6 FORTHCOMING HELPERS -# (will be part of YunoHost 2.6, so won't be necessary any more after -# YunoHost 2.6 gets widespread) -# ============================================================================= - -# Normalize the url path syntax -# Handle the slash at the beginning of path and its absence at ending -# Return a normalized url path -# -# example: url_path=$(ynh_normalize_url_path $url_path) -# ynh_normalize_url_path example -> /example -# ynh_normalize_url_path /example -> /example -# ynh_normalize_url_path /example/ -> /example -# ynh_normalize_url_path / -> / -# -# usage: ynh_normalize_url_path path_to_normalize -# | arg: url_path_to_normalize - URL path to normalize before using it -ynh_normalize_url_path () { - path_url=$1 - test -n "$path_url" || ynh_die "ynh_normalize_url_path expect a URL path as first argument and received nothing." - if [ "${path_url:0:1}" != "/" ]; then # If the first character is not a / - path_url="/$path_url" # Add / at begin of path variable - fi - if [ "${path_url:${#path_url}-1}" == "/" ] && [ ${#path_url} -gt 1 ]; then # If the last character is a / and that not the only character. - path_url="${path_url:0:${#path_url}-1}" # Delete the last character - fi - echo $path_url -} - -# Check if a mysql user exists -# -# usage: ynh_mysql_user_exists user -# | arg: user - the user for which to check existence -function ynh_mysql_user_exists() -{ - local user=$1 - if [[ -z $(ynh_mysql_execute_as_root "SELECT User from mysql.user WHERE User = '$user';") ]] - then - return 1 - else - return 0 - fi -} - -# Create a database, an user and its password. Then store the password in the app's config -# -# After executing this helper, the password of the created database will be available in $db_pwd -# It will also be stored as "mysqlpwd" into the app settings. -# -# usage: ynh_mysql_setup_db user name [pwd] -# | arg: user - Owner of the database -# | arg: name - Name of the database -# | arg: pwd - Password of the database. If not given, a password will be generated -ynh_mysql_setup_db () { - local db_user="$1" - local db_name="$2" - db_pwd=$(ynh_string_random) # Generate a random password - ynh_mysql_create_db "$db_name" "$db_user" "$db_pwd" # Create the database - ynh_app_setting_set $app mysqlpwd $db_pwd # Store the password in the app's config -} - -# Remove a database if it exists, and the associated user -# -# usage: ynh_mysql_remove_db user name -# | arg: user - Owner of the database -# | arg: name - Name of the database -ynh_mysql_remove_db () { - local db_user="$1" - local db_name="$2" - local mysql_root_password=$(sudo cat $MYSQL_ROOT_PWD_FILE) - if mysqlshow -u root -p$mysql_root_password | grep -q "^| $db_name"; then # Check if the database exists - echo "Removing database $db_name" >&2 - ynh_mysql_drop_db $db_name # Remove the database - else - echo "Database $db_name not found" >&2 - fi - - # Remove mysql user if it exists - if $(ynh_mysql_user_exists $db_user); then - ynh_mysql_drop_user $db_user - fi -} - -# Correct the name given in argument for mariadb -# -# Avoid invalid name for your database -# -# Exemple: dbname=$(ynh_make_valid_dbid $app) -# -# usage: ynh_make_valid_dbid name -# | arg: name - name to correct -# | ret: the corrected name -ynh_sanitize_dbid () { - dbid=${1//[-.]/_} # We should avoid having - and . in the name of databases. They are replaced by _ - echo $dbid -} - -# Manage a fail of the script -# -# Print a warning to inform that the script was failed -# Execute the ynh_clean_setup function if used in the app script -# -# usage of ynh_clean_setup function -# This function provide a way to clean some residual of installation that not managed by remove script. -# To use it, simply add in your script: -# ynh_clean_setup () { -# instructions... -# } -# This function is optionnal. -# -# Usage: ynh_exit_properly is used only by the helper ynh_abort_if_errors. -# You must not use it directly. -ynh_exit_properly () { - exit_code=$? - if [ "$exit_code" -eq 0 ]; then - exit 0 # Exit without error if the script ended correctly - fi - - trap '' EXIT # Ignore new exit signals - set +eu # Do not exit anymore if a command fail or if a variable is empty - - echo -e "!!\n $app's script has encountered an error. Its execution was cancelled.\n!!" >&2 - - if type -t ynh_clean_setup > /dev/null; then # Check if the function exist in the app script. - ynh_clean_setup # Call the function to do specific cleaning for the app. - fi - - ynh_die # Exit with error status -} - -# Exit if an error occurs during the execution of the script. -# -# Stop immediatly the execution if an error occured or if a empty variable is used. -# The execution of the script is derivate to ynh_exit_properly function before exit. -# -# Usage: ynh_abort_if_errors -ynh_abort_if_errors () { - set -eu # Exit if a command fail, and if a variable is used unset. - trap ynh_exit_properly EXIT # Capturing exit signals on shell script -} - -# Define and install dependencies with a equivs control file -# This helper can/should only be called once per app -# -# usage: ynh_install_app_dependencies dep [dep [...]] -# | arg: dep - the package name to install in dependence -ynh_install_app_dependencies () { - dependencies=$@ - manifest_path="../manifest.json" - if [ ! -e "$manifest_path" ]; then - manifest_path="../settings/manifest.json" # Into the restore script, the manifest is not at the same place - fi - version=$(sudo grep '\"version\": ' "$manifest_path" | cut -d '"' -f 4) # Retrieve the version number in the manifest file. - dep_app=${app//_/-} # Replace all '_' by '-' - - if ynh_package_is_installed "${dep_app}-ynh-deps"; then - echo "A package named ${dep_app}-ynh-deps is already installed" >&2 - else - cat > ./${dep_app}-ynh-deps.control << EOF # Make a control file for equivs-build -Section: misc -Priority: optional -Package: ${dep_app}-ynh-deps -Version: ${version} -Depends: ${dependencies// /, } -Architecture: all -Description: Fake package for ${app} (YunoHost app) dependencies - This meta-package is only responsible of installing its dependencies. -EOF - ynh_package_install_from_equivs ./${dep_app}-ynh-deps.control \ - || ynh_die "Unable to install dependencies" # Install the fake package and its dependencies - ynh_app_setting_set $app apt_dependencies $dependencies - fi -} - -# Remove fake package and its dependencies -# -# Dependencies will removed only if no other package need them. -# -# usage: ynh_remove_app_dependencies -ynh_remove_app_dependencies () { - dep_app=${app//_/-} # Replace all '_' by '-' - ynh_package_autoremove ${dep_app}-ynh-deps # Remove the fake package and its dependencies if they not still used. -} - -# Use logrotate to manage the logfile -# -# usage: ynh_use_logrotate [logfile] -# | arg: logfile - absolute path of logfile -# -# If no argument provided, a standard directory will be use. /var/log/${app} -# You can provide a path with the directory only or with the logfile. -# /parentdir/logdir/ -# /parentdir/logdir/logfile.log -# -# It's possible to use this helper several times, each config will added to same logrotate config file. -ynh_use_logrotate () { - if [ "$#" -gt 0 ]; then - if [ "$(echo ${1##*.})" == "log" ]; then # Keep only the extension to check if it's a logfile - logfile=$1 # In this case, focus logrotate on the logfile - else - logfile=$1/.log # Else, uses the directory and all logfile into it. - fi - else - logfile="/var/log/${app}/.log" # Without argument, use a defaut directory in /var/log - fi - cat > ./${app}-logrotate << EOF # Build a config file for logrotate -$logfile { - # Rotate if the logfile exceeds 100Mo - size 100M - # Keep 12 old log maximum - rotate 12 - # Compress the logs with gzip - compress - # Compress the log at the next cycle. So keep always 2 non compressed logs - delaycompress - # Copy and truncate the log to allow to continue write on it. Instead of move the log. - copytruncate - # Do not do an error if the log is missing - missingok - # Not rotate if the log is empty - notifempty - # Keep old logs in the same dir - noolddir -} -EOF - sudo mkdir -p $(dirname "$logfile") # Create the log directory, if not exist - cat ${app}-logrotate | sudo tee -a /etc/logrotate.d/$app > /dev/null # Append this config to the others for this app. If a config file already exist -} - -# Remove the app's logrotate config. -# -# usage: ynh_remove_logrotate -ynh_remove_logrotate () { - if [ -e "/etc/logrotate.d/$app" ]; then - sudo rm "/etc/logrotate.d/$app" - fi -} - -# Find a free port and return it -# -# example: port=$(ynh_find_port 8080) -# -# usage: ynh_find_port begin_port -# | arg: begin_port - port to start to search -ynh_find_port () { - port=$1 - test -n "$port" || ynh_die "The argument of ynh_find_port must be a valid port." - while netcat -z 127.0.0.1 $port # Check if the port is free - do - port=$((port+1)) # Else, pass to next port - done - echo $port -} - -# Create a system user -# -# usage: ynh_system_user_create user_name [home_dir] -# | arg: user_name - Name of the system user that will be create -# | arg: home_dir - Path of the home dir for the user. Usually the final path of the app. If this argument is omitted, the user will be created without home -ynh_system_user_create () { - if ! ynh_system_user_exists "$1" # Check if the user exists on the system - then # If the user doesn't exist - if [ $# -ge 2 ]; then # If a home dir is mentioned - user_home_dir="-d $2" - else - user_home_dir="--no-create-home" - fi - sudo useradd $user_home_dir --system --user-group $1 --shell /usr/sbin/nologin || ynh_die "Unable to create $1 system account" - fi -} - -# Delete a system user -# -# usage: ynh_system_user_delete user_name -# | arg: user_name - Name of the system user that will be create -ynh_system_user_delete () { - if ynh_system_user_exists "$1" # Check if the user exists on the system - then - echo "Remove the user $1" >&2 - sudo userdel $1 - else - echo "The user $1 was not found" >&2 - fi -} - -# Curl abstraction to help with POST requests to local pages (such as installation forms) -# -# $domain and $path_url should be defined externally (and correspond to the domain.tld and the /path (of the app?)) -# -# example: ynh_local_curl "/install.php?installButton" "foo=$var1" "bar=$var2" -# -# usage: ynh_local_curl "page_uri" "key1=value1" "key2=value2" ... -# | arg: page_uri - Path (relative to $path_url) of the page where POST data will be sent -# | arg: key1=value1 - (Optionnal) POST key and corresponding value -# | arg: key2=value2 - (Optionnal) Another POST key and corresponding value -# | arg: ... - (Optionnal) More POST keys and values -ynh_local_curl () { - # Define url of page to curl - full_page_url=https://localhost$path_url$1 - - # Concatenate all other arguments with '&' to prepare POST data - POST_data="" - for arg in "${@:2}" - do - POST_data="${POST_data}${arg}&" - done - if [ -n "$POST_data" ] - then - # Add --data arg and remove the last character, which is an unecessary '&' - POST_data="--data \"${POST_data::-1}\"" - fi - - # Curl the URL - curl --silent --show-error -kL -H "Host: $domain" --resolve $domain:443:127.0.0.1 $POST_data "$full_page_url" -} - -# Substitute/replace a string by another in a file -# -# usage: ynh_replace_string match_string replace_string target_file -# | arg: match_string - String to be searched and replaced in the file -# | arg: replace_string - String that will replace matches -# | arg: target_file - File in which the string will be replaced. -ynh_replace_string () { - delimit=@ - match_string=${1//${delimit}/"\\${delimit}"} # Escape the delimiter if it's in the string. - replace_string=${2//${delimit}/"\\${delimit}"} - workfile=$3 - - sudo sed --in-place "s${delimit}${match_string}${delimit}${replace_string}${delimit}g" "$workfile" -} - -# Remove a file or a directory securely -# -# usage: ynh_secure_remove path_to_remove -# | arg: path_to_remove - File or directory to remove -ynh_secure_remove () { - path_to_remove=$1 - forbidden_path=" \ - /var/www \ - /home/yunohost.app" - - if [[ "$forbidden_path" =~ "$path_to_remove" \ - # Match all paths or subpaths in $forbidden_path - || "$path_to_remove" =~ ^/[[:alnum:]]+$ \ - # Match all first level paths from / (Like /var, /root, etc...) - || "${path_to_remove:${#path_to_remove}-1}" = "/" ]] - # Match if the path finishes by /. Because it seems there is an empty variable - then - echo "Avoid deleting $path_to_remove." >&2 - else - if [ -e "$path_to_remove" ] - then - sudo rm -R "$path_to_remove" - else - echo "$path_to_remove wasn't deleted because it doesn't exist." >&2 - fi - fi -} - -# Download, check integrity, uncompress and patch the source from app.src -# -# The file conf/app.src need to contains: -# -# SOURCE_URL=Address to download the app archive -# SOURCE_SUM=Control sum -# # (Optional) Programm to check the integrity (sha256sum, md5sum$YNH_EXECUTION_DIR/...) -# # default: sha256 -# SOURCE_SUM_PRG=sha256 -# # (Optional) Archive format -# # default: tar.gz -# SOURCE_FORMAT=tar.gz -# # (Optional) Put false if source are directly in the archive root -# # default: true -# SOURCE_IN_SUBDIR=false -# # (Optionnal) Name of the local archive (offline setup support) -# # default: ${src_id}.${src_format} -# SOURCE_FILENAME=example.tar.gz -# -# Details: -# This helper download sources from SOURCE_URL if there is no local source -# archive in /opt/yunohost-apps-src/APP_ID/SOURCE_FILENAME -# -# Next, it check the integrity with "SOURCE_SUM_PRG -c --status" command. -# -# If it's ok, the source archive will be uncompress in $dest_dir. If the -# SOURCE_IN_SUBDIR is true, the first level directory of the archive will be -# removed. -# -# Finally, patches named sources/patches/${src_id}-*.patch and extra files in -# sources/extra_files/$src_id will be applyed to dest_dir -# -# -# usage: ynh_setup_source dest_dir [source_id] -# | arg: dest_dir - Directory where to setup sources -# | arg: source_id - Name of the app, if the package contains more than one app -ynh_setup_source () { - local dest_dir=$1 - local src_id=${2:-app} # If the argument is not given, source_id equal "app" - - # Load value from configuration file (see above for a small doc about this file - # format) - local src_url=$(grep 'SOURCE_URL=' "../conf/${src_id}.src" | cut -d= -f2-) - local src_sum=$(grep 'SOURCE_SUM=' "../conf/${src_id}.src" | cut -d= -f2-) - local src_sumprg=$(grep 'SOURCE_SUM_PRG=' "../conf/${src_id}.src" | cut -d= -f2-) - local src_format=$(grep 'SOURCE_FORMAT=' "../conf/${src_id}.src" | cut -d= -f2-) - local src_in_subdir=$(grep 'SOURCE_IN_SUBDIR=' "../conf/${src_id}.src" | cut -d= -f2-) - local src_filename=$(grep 'SOURCE_FILENAME=' "../conf/${src_id}.src" | cut -d= -f2-) - - # Default value - src_sumprg=${src_sumprg:-sha256sum} - src_in_subdir=${src_in_subdir:-true} - src_format=${src_format:-tar.gz} - src_format=$(echo "$src_format" | tr '[:upper:]' '[:lower:]') - if [ "$src_filename" = "" ] ; then - src_filename="${src_id}.${src_format}" - fi - local local_src="/opt/yunohost-apps-src/${YNH_APP_ID}/${src_filename}" - - if test -e "$local_src" - then # Use the local source file if it is present - cp $local_src $src_filename - else # If not, download the source - wget -nv -O $src_filename $src_url - fi - - # Check the control sum - echo "${src_sum} ${src_filename}" | ${src_sumprg} -c --status \ - || ynh_die "Corrupt source" - - # Extract source into the app dir - sudo mkdir -p "$dest_dir" - if [ "$src_format" = "zip" ] - then - # Zip format - # Using of a temp directory, because unzip doesn't manage --strip-components - if $src_in_subdir ; then - local tmp_dir=$(mktemp -d) - sudo unzip -quo $src_filename -d "$tmp_dir" - sudo cp -a $tmp_dir/*/. "$dest_dir" - ynh_secure_remove "$tmp_dir" - else - sudo unzip -quo $src_filename -d "$dest_dir" - fi - else - local strip="" - if $src_in_subdir ; then - strip="--strip-components 1" - fi - if [[ "$src_format" =~ ^tar.gz|tar.bz2|tar.xz$ ]] ; then - sudo tar -xf $src_filename -C "$dest_dir" $strip - else - ynh_die "Archive format unrecognized." - fi - fi - - # Apply patches - if (( $(find ../sources/patches/ -type f -name "${src_id}-*.patch" 2> /dev/null | wc -l) > "0" )); then - local old_dir=$(pwd) - (cd "$dest_dir" \ - && for p in ../sources/patches/${src_id}-*.patch; do \ - sudo patch -p1 < $p; done) \ - || ynh_die "Unable to apply patches" - cd $old_dir - fi - - # Add supplementary files - if test -e "../sources/extra_files/${src_id}"; then - sudo cp -a ../sources/extra_files/$src_id/. "$dest_dir" - fi -} - -# Check availability of a web path -# -# example: ynh_webpath_available some.domain.tld /coffee -# -# usage: ynh_webpath_available domain path -# | arg: domain - the domain/host of the url -# | arg: path - the web path to check the availability of -ynh_webpath_available () { - local domain=$1 - local path=$2 - sudo yunohost domain url-available $domain $path -} - -# Register/book a web path for an app -# -# example: ynh_webpath_register wordpress some.domain.tld /coffee -# -# usage: ynh_webpath_register app domain path -# | arg: app - the app for which the domain should be registered -# | arg: domain - the domain/host of the web path -# | arg: path - the web path to be registered -ynh_webpath_register () { - local app=$1 - local domain=$2 - local path=$3 - sudo yunohost app register-url $app $domain $path -} - -# Calculate and store a file checksum into the app settings -# -# $app should be defined when calling this helper -# -# usage: ynh_store_file_checksum file -# | arg: file - The file on which the checksum will performed, then stored. -ynh_store_file_checksum () { - local checksum_setting_name=checksum_${1//[\/ ]/_} # Replace all '/' and ' ' by '_' - ynh_app_setting_set $app $checksum_setting_name $(sudo md5sum "$1" | cut -d' ' -f1) -} - -# Verify the checksum and backup the file if it's different -# This helper is primarily meant to allow to easily backup personalised/manually -# modified config files. -# -# $app should be defined when calling this helper -# -# usage: ynh_backup_if_checksum_is_different file -# | arg: file - The file on which the checksum test will be perfomed. -# -# | ret: Return the name a the backup file, or nothing -ynh_backup_if_checksum_is_different () { - local file=$1 - local checksum_setting_name=checksum_${file//[\/ ]/_} # Replace all '/' and ' ' by '_' - local checksum_value=$(ynh_app_setting_get $app $checksum_setting_name) - if [ -n "$checksum_value" ] - then # Proceed only if a value was stored into the app settings - if ! echo "$checksum_value $file" | sudo md5sum -c --status - then # If the checksum is now different - backup_file="/home/yunohost.conf/backup/$file.backup.$(date '+%Y%m%d.%H%M%S')" - sudo mkdir -p "$(dirname "$backup_file")" - sudo cp -a "$file" "$backup_file" # Backup the current file - echo "File $file has been manually modified since the installation or last upgrade. So it has been duplicated in $backup_file" >&2 - echo "$backup_file" # Return the name of the backup file - fi - fi -} - -##################################### - -# This is not an official helper, just an abstract helper to prepare to the new one. -ynh_restore_file () { - sudo cp -a "${backup_dir}$1" "$1" -} - -# ============================================================================= -# YUNOHOST 2.6 FORTHCOMING HELPERS -# (will be part of YunoHost 2.6, so won't be necessary any more after -# YunoHost 2.6 gets widespread) # ============================================================================= # Create a dedicated nginx config From 1e2adaab712d5be007e3f8de823c3834f3e71c35 Mon Sep 17 00:00:00 2001 From: Jimmy Monin Date: Sun, 25 Jun 2017 17:25:21 +0200 Subject: [PATCH 31/37] Fix YunoHost version for forthcoming helpers --- scripts/_common.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/_common.sh b/scripts/_common.sh index d4d6af2..8ae77b5 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -1,7 +1,7 @@ #!/bin/bash # ============================================================================= -# YUNOHOST 2.6 FORTHCOMING HELPERS +# YUNOHOST 2.7 FORTHCOMING HELPERS # ============================================================================= # Create a dedicated nginx config From 942d0c033f9f367d9001d83bbcee4fa19a792c16 Mon Sep 17 00:00:00 2001 From: Jimmy Monin Date: Wed, 5 Jul 2017 18:10:43 +0200 Subject: [PATCH 32/37] Remove sudo prefixes (not needed any more in YunoHost 2.6) --- scripts/_common.sh | 30 +++++++++++++++--------------- scripts/backup | 4 ++-- scripts/install | 14 +++++++------- scripts/remove | 8 ++++---- scripts/restore | 16 ++++++++-------- scripts/upgrade | 4 ++-- 6 files changed, 38 insertions(+), 38 deletions(-) diff --git a/scripts/_common.sh b/scripts/_common.sh index 8ae77b5..7b1c62d 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -10,7 +10,7 @@ ynh_add_nginx_config () { finalnginxconf="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_backup_if_checksum_is_different "$finalnginxconf" 1 - sudo cp ../conf/nginx.conf "$finalnginxconf" + cp ../conf/nginx.conf "$finalnginxconf" # To avoid a break by set -u, use a void substitution ${var:-}. If the variable is not set, it's simply set with an empty variable. # Substitute in a nginx config file only if the variable is not empty @@ -31,7 +31,7 @@ ynh_add_nginx_config () { fi ynh_store_checksum_config "$finalnginxconf" - sudo systemctl reload nginx + systemctl reload nginx } # Remove the dedicated nginx config @@ -39,7 +39,7 @@ ynh_add_nginx_config () { # usage: ynh_remove_nginx_config ynh_remove_nginx_config () { ynh_secure_remove "/etc/nginx/conf.d/$domain.d/$app.conf" - sudo systemctl reload nginx + systemctl reload nginx } # Create a dedicated php-fpm config @@ -48,23 +48,23 @@ ynh_remove_nginx_config () { ynh_add_fpm_config () { finalphpconf="/etc/php5/fpm/pool.d/$app.conf" ynh_backup_if_checksum_is_different "$finalphpconf" 1 - sudo cp ../conf/php-fpm.conf "$finalphpconf" + cp ../conf/php-fpm.conf "$finalphpconf" ynh_replace_string "__NAMETOCHANGE__" "$app" "$finalphpconf" ynh_replace_string "__FINALPATH__" "$final_path" "$finalphpconf" ynh_replace_string "__USER__" "$app" "$finalphpconf" - sudo chown root: "$finalphpconf" + chown root: "$finalphpconf" ynh_store_file_checksum "$finalphpconf" if [ -e "../conf/php-fpm.ini" ] then finalphpini="/etc/php5/fpm/conf.d/20-$app.ini" ynh_compare_checksum_config "$finalphpini" 1 - sudo cp ../conf/php-fpm.ini "$finalphpini" - sudo chown root: "$finalphpini" + cp ../conf/php-fpm.ini "$finalphpini" + chown root: "$finalphpini" ynh_store_checksum_config "$finalphpini" fi - sudo systemctl reload php5-fpm + systemctl reload php5-fpm } # Remove the dedicated php-fpm config @@ -73,7 +73,7 @@ ynh_add_fpm_config () { ynh_remove_fpm_config () { ynh_secure_remove "/etc/php5/fpm/pool.d/$app.conf" ynh_secure_remove "/etc/php5/fpm/conf.d/20-$app.ini" 2>&1 - sudo systemctl reload php5-fpm + systemctl reload php5-fpm } # Create a dedicated systemd config @@ -82,7 +82,7 @@ ynh_remove_fpm_config () { ynh_add_systemd_config () { finalsystemdconf="/etc/systemd/system/$app.service" ynh_compare_checksum_config "$finalsystemdconf" 1 - sudo cp ../conf/systemd.service "$finalsystemdconf" + cp ../conf/systemd.service "$finalsystemdconf" # To avoid a break by set -u, use a void substitution ${var:-}. If the variable is not set, it's simply set with an empty variable. # Substitute in a nginx config file only if the variable is not empty @@ -94,9 +94,9 @@ ynh_add_systemd_config () { fi ynh_store_checksum_config "$finalsystemdconf" - sudo chown root: "$finalsystemdconf" - sudo systemctl enable $app - sudo systemctl daemon-reload + chown root: "$finalsystemdconf" + systemctl enable $app + systemctl daemon-reload } # Remove the dedicated systemd config @@ -105,8 +105,8 @@ ynh_add_systemd_config () { ynh_remove_systemd_config () { finalsystemdconf="/etc/systemd/system/$app.service" if [ -e "$finalsystemdconf" ]; then - sudo systemctl stop $app - sudo systemctl disable $app + systemctl stop $app + systemctl disable $app ynh_secure_remove "$finalsystemdconf" fi } diff --git a/scripts/backup b/scripts/backup index 34afd23..7764d59 100755 --- a/scripts/backup +++ b/scripts/backup @@ -15,8 +15,8 @@ set -eu if [ ! -e _common.sh ]; then # Get the _common.sh file if it's not in the current directory - sudo cp ../settings/scripts/_common.sh ./_common.sh - sudo chmod a+rx _common.sh + cp ../settings/scripts/_common.sh ./_common.sh + chmod a+rx _common.sh fi source _common.sh source /usr/share/yunohost/helpers diff --git a/scripts/install b/scripts/install index 2f02ac2..97336c7 100755 --- a/scripts/install +++ b/scripts/install @@ -72,7 +72,7 @@ ynh_app_setting_set $app language $language # Find a free port port=$(ynh_find_port 8095) # Open this port -sudo yunohost firewall allow --no-upnp TCP $port 2>&1 +yunohost firewall allow --no-upnp TCP $port 2>&1 ynh_app_setting_set $app port $port #================================================= @@ -138,15 +138,15 @@ ynh_systemd_config #================================================= # Set right permissions for curl install -sudo chown -R $app: $final_path +chown -R $app: $final_path # Set the app as temporarily public for curl call ynh_app_setting_set $app unprotected_uris "/" # Reload SSOwat config -sudo yunohost app ssowatconf +yunohost app ssowatconf # Reload Nginx -sudo systemctl reload nginx +systemctl reload nginx # Installation with curl ynh_local_curl "/INSTALL_PATH" "key1=value1" "key2=value2" "key3=value3" @@ -165,7 +165,7 @@ ynh_store_file_checksum "$final_path/CONFIG_FILE" #================================================= # Set permissions to app files -sudo chown -R root: $final_path +chown -R root: $final_path #================================================= # SETUP LOGROTATE @@ -178,7 +178,7 @@ ynh_use_logrotate # ADVERTISE SERVICE IN ADMIN PANEL #================================================= -sudo yunohost service add NAME_INIT.D --log "/var/log/FILE.log" +yunohost service add NAME_INIT.D --log "/var/log/FILE.log" #================================================= # SETUP SSOWAT @@ -199,4 +199,4 @@ fi # RELOAD NGINX #================================================= -sudo systemctl reload nginx +systemctl reload nginx diff --git a/scripts/remove b/scripts/remove index ede1b0f..fbd8064 100755 --- a/scripts/remove +++ b/scripts/remove @@ -32,10 +32,10 @@ ynh_remove_systemd_config # REMOVE SERVICE FROM ADMIN PANEL #================================================= -if sudo yunohost service status | grep -q $app +if yunohost service status | grep -q $app then echo "Remove $app service" - sudo yunohost service remove $app + yunohost service remove $app fi #================================================= @@ -84,10 +84,10 @@ ynh_remove_logrotate # CLOSE A PORT #================================================= -if sudo yunohost firewall list | grep -q "\- $port$" +if yunohost firewall list | grep -q "\- $port$" then echo "Close port $port" - QUIET sudo yunohost firewall disallow TCP $port + QUIET yunohost firewall disallow TCP $port fi #================================================= diff --git a/scripts/restore b/scripts/restore index 79cdbe1..e29e9ed 100755 --- a/scripts/restore +++ b/scripts/restore @@ -15,8 +15,8 @@ set -eu if [ ! -e _common.sh ]; then # Get the _common.sh file if it's not in the current directory - sudo cp ../settings/scripts/_common.sh ./_common.sh - sudo chmod a+rx _common.sh + cp ../settings/scripts/_common.sh ./_common.sh + chmod a+rx _common.sh fi source _common.sh source /usr/share/yunohost/helpers @@ -36,7 +36,7 @@ db_name=$(ynh_app_setting_get $app db_name) # CHECK IF THE APP CAN BE RESTORED #================================================= -sudo yunohost app checkurl "${domain}${path_url}" -a "$app" \ +yunohost app checkurl "${domain}${path_url}" -a "$app" \ || ynh_die "Path not available: ${domain}${path_url}" test ! -d $final_path \ || ynh_die "There is already a directory: $final_path " @@ -75,7 +75,7 @@ ynh_system_user_create $app #================================================= # Restore permissions on app files -sudo chown -R root: $final_path +chown -R root: $final_path #================================================= # RESTORE THE PHP-FPM CONFIGURATION @@ -97,14 +97,14 @@ ynh_install_app_dependencies deb1 deb2 # ADVERTISE SERVICE IN ADMIN PANEL #================================================= -sudo yunohost service add $app --log "/var/log/$app/APP.log" +yunohost service add $app --log "/var/log/$app/APP.log" #================================================= # RESTORE SYSTEMD #================================================= ynh_restore_file "/etc/systemd/system/$app.service" -sudo systemctl enable $app.service +systemctl enable $app.service #================================================= # RESTORE THE CRON FILE @@ -124,5 +124,5 @@ ynh_restore_file "/etc/logrotate.d/$app" # RELOAD NGINX AND PHP-FPM #================================================= -sudo systemctl reload php5-fpm -sudo systemctl reload nginx +systemctl reload php5-fpm +systemctl reload nginx diff --git a/scripts/upgrade b/scripts/upgrade index bbaf187..68a0d77 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -109,7 +109,7 @@ ynh_systemd_config #================================================= # Set right permissions for curl installation -sudo chown -R root: $final_path +chown -R root: $final_path #================================================= # SETUP SSOWAT @@ -130,4 +130,4 @@ fi # RELOAD NGINX #================================================= -sudo systemctl reload nginx +systemctl reload nginx From 495c587f4a0e4a2a5fa9b443fca59fb98c1b5a8e Mon Sep 17 00:00:00 2001 From: "ljf (zamentur)" Date: Thu, 6 Jul 2017 10:14:42 +0200 Subject: [PATCH 33/37] [fix] YunoHost version requirement --- manifest.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifest.json b/manifest.json index 63e057f..606f903 100644 --- a/manifest.json +++ b/manifest.json @@ -14,7 +14,7 @@ "url": "http://example.com" }, "requirements": { - "yunohost": ">> 2.5.6" + "yunohost": ">> 2.6.4" }, "multi_instance": true, "services": [ From a21c5dbdf4afa38b9b4921d48535abbc037bd94c Mon Sep 17 00:00:00 2001 From: JimboJoe Date: Fri, 21 Jul 2017 18:45:33 +0200 Subject: [PATCH 34/37] Update minimum version syntax --- manifest.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifest.json b/manifest.json index 606f903..a1f7b55 100644 --- a/manifest.json +++ b/manifest.json @@ -14,7 +14,7 @@ "url": "http://example.com" }, "requirements": { - "yunohost": ">> 2.6.4" + "yunohost": ">= 2.6.4" }, "multi_instance": true, "services": [ From 094e19b7fcc29943c74c4ea320504c2b4f93967c Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Fri, 21 Jul 2017 20:41:23 +0200 Subject: [PATCH 35/37] Fix nginx helper MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Micro décision Le nom du helper n'est pas bon. --- scripts/upgrade | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/upgrade b/scripts/upgrade index 68a0d77..c0b3296 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -61,7 +61,7 @@ ynh_setup_source "$final_path" #================================================= # Create a dedicated nginx config -ynh_nginx_config +ynh_add_nginx_config #================================================= # CREATE DEDICATED USER From 57053e2c13f4ecc24e91283c0ea9b0d2695dd904 Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Fri, 21 Jul 2017 20:41:52 +0200 Subject: [PATCH 36/37] Fix nginx helper MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Micro décision Le nom du helper n'est pas bon. --- scripts/install | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/install b/scripts/install index 97336c7..8bd3d26 100755 --- a/scripts/install +++ b/scripts/install @@ -104,7 +104,7 @@ ynh_setup_source "$final_path" #================================================= # Create a dedicated nginx config -ynh_nginx_config +ynh_add_nginx_config #================================================= # CREATE DEDICATED USER From b4c6969284fb5c4d3f57735709a75873c1716c8b Mon Sep 17 00:00:00 2001 From: Maniack Crudelis Date: Fri, 21 Jul 2017 20:56:26 +0200 Subject: [PATCH 37/37] Upgrade helpers MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Micro décision Mise à jour des helpers --- scripts/_common.sh | 44 ++++++++++++++++++++++---------------------- 1 file changed, 22 insertions(+), 22 deletions(-) diff --git a/scripts/_common.sh b/scripts/_common.sh index 7b1c62d..0f53f77 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -9,8 +9,8 @@ # usage: ynh_add_nginx_config ynh_add_nginx_config () { finalnginxconf="/etc/nginx/conf.d/$domain.d/$app.conf" - ynh_backup_if_checksum_is_different "$finalnginxconf" 1 - cp ../conf/nginx.conf "$finalnginxconf" + ynh_backup_if_checksum_is_different "$finalnginxconf" + sudo cp ../conf/nginx.conf "$finalnginxconf" # To avoid a break by set -u, use a void substitution ${var:-}. If the variable is not set, it's simply set with an empty variable. # Substitute in a nginx config file only if the variable is not empty @@ -29,9 +29,9 @@ ynh_add_nginx_config () { if test -n "${final_path:-}"; then ynh_replace_string "__FINALPATH__" "$final_path" "$finalnginxconf" fi - ynh_store_checksum_config "$finalnginxconf" + ynh_store_file_checksum "$finalnginxconf" - systemctl reload nginx + sudo systemctl reload nginx } # Remove the dedicated nginx config @@ -39,7 +39,7 @@ ynh_add_nginx_config () { # usage: ynh_remove_nginx_config ynh_remove_nginx_config () { ynh_secure_remove "/etc/nginx/conf.d/$domain.d/$app.conf" - systemctl reload nginx + sudo systemctl reload nginx } # Create a dedicated php-fpm config @@ -47,24 +47,24 @@ ynh_remove_nginx_config () { # usage: ynh_add_fpm_config ynh_add_fpm_config () { finalphpconf="/etc/php5/fpm/pool.d/$app.conf" - ynh_backup_if_checksum_is_different "$finalphpconf" 1 - cp ../conf/php-fpm.conf "$finalphpconf" + ynh_backup_if_checksum_is_different "$finalphpconf" + sudo cp ../conf/php-fpm.conf "$finalphpconf" ynh_replace_string "__NAMETOCHANGE__" "$app" "$finalphpconf" ynh_replace_string "__FINALPATH__" "$final_path" "$finalphpconf" ynh_replace_string "__USER__" "$app" "$finalphpconf" - chown root: "$finalphpconf" + sudo chown root: "$finalphpconf" ynh_store_file_checksum "$finalphpconf" if [ -e "../conf/php-fpm.ini" ] then finalphpini="/etc/php5/fpm/conf.d/20-$app.ini" - ynh_compare_checksum_config "$finalphpini" 1 - cp ../conf/php-fpm.ini "$finalphpini" - chown root: "$finalphpini" - ynh_store_checksum_config "$finalphpini" + ynh_backup_if_checksum_is_different "$finalphpini" + sudo cp ../conf/php-fpm.ini "$finalphpini" + sudo chown root: "$finalphpini" + ynh_store_file_checksum "$finalphpini" fi - systemctl reload php5-fpm + sudo systemctl reload php5-fpm } # Remove the dedicated php-fpm config @@ -73,7 +73,7 @@ ynh_add_fpm_config () { ynh_remove_fpm_config () { ynh_secure_remove "/etc/php5/fpm/pool.d/$app.conf" ynh_secure_remove "/etc/php5/fpm/conf.d/20-$app.ini" 2>&1 - systemctl reload php5-fpm + sudo systemctl reload php5-fpm } # Create a dedicated systemd config @@ -81,8 +81,8 @@ ynh_remove_fpm_config () { # usage: ynh_add_systemd_config ynh_add_systemd_config () { finalsystemdconf="/etc/systemd/system/$app.service" - ynh_compare_checksum_config "$finalsystemdconf" 1 - cp ../conf/systemd.service "$finalsystemdconf" + ynh_backup_if_checksum_is_different "$finalsystemdconf" + sudo cp ../conf/systemd.service "$finalsystemdconf" # To avoid a break by set -u, use a void substitution ${var:-}. If the variable is not set, it's simply set with an empty variable. # Substitute in a nginx config file only if the variable is not empty @@ -92,11 +92,11 @@ ynh_add_systemd_config () { if test -n "${app:-}"; then ynh_replace_string "__APP__" "$app" "$finalsystemdconf" fi - ynh_store_checksum_config "$finalsystemdconf" + ynh_store_file_checksum "$finalsystemdconf" - chown root: "$finalsystemdconf" - systemctl enable $app - systemctl daemon-reload + sudo chown root: "$finalsystemdconf" + sudo systemctl enable $app + sudo systemctl daemon-reload } # Remove the dedicated systemd config @@ -105,8 +105,8 @@ ynh_add_systemd_config () { ynh_remove_systemd_config () { finalsystemdconf="/etc/systemd/system/$app.service" if [ -e "$finalsystemdconf" ]; then - systemctl stop $app - systemctl disable $app + sudo systemctl stop $app + sudo systemctl disable $app ynh_secure_remove "$finalsystemdconf" fi }