blob: 20f9ea046836f0510db12241cff05fc577aed672 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
|
#!/bin/bash
ynh_version="2.4"
YNH_VERSION () { # Returns the version number of the Yunohost moulinette
ynh_version=$(sudo yunohost -v | grep "moulinette:" | cut -d' ' -f2 | cut -d'.' -f1,2)
}
CHECK_VAR () { # Verifies that the variable is not empty.
# $1 = Variable to be checked
# $2 = Display text on error
test -n "$1" || (echo "$2" >&2 && false)
}
EXIT_PROPERLY () { # Causes the script to stop in the event of an error. And clean the residue.
trap '' ERR
echo -e "\e[91m \e[1m" # Shell in light red bold
echo -e "!!\n $app install's script has encountered an error. Installation was cancelled.\n!!" >&2
if type -t CLEAN_SETUP > /dev/null; then # Checks the existence of the function before executing it.
CLEAN_SETUP # Call the specific cleanup function of the install script.
fi
# Compensates the ssowat bug that does not remove the app's input in case of installation error.
sudo sed -i "\@\"$domain/\":@d" /etc/ssowat/conf.json
if [ "$ynh_version" = "2.2" ]; then
/bin/bash $script_dir/remove
fi
ynh_die
}
TRAP_ON () { # Activate signal capture
trap EXIT_PROPERLY ERR # Capturing exit signals on error
}
TRAP_OFF () { # Ignoring signal capture until TRAP_ON
trap '' ERR # Ignoring exit signals
}
CHECK_USER () { # Check the validity of the user admin
# $1 = User admin variable
ynh_user_exists "$1" || (echo "Wrong admin" >&2 && false)
}
CHECK_PATH () { # Checks / at the beginning of the path. And his absence at the end.
if [ "${path:0:1}" != "/" ]; then # If the first character is not /
path="/$path" # Add / at the beginning of path
fi
if [ "${path:${#path}-1}" == "/" ] && [ ${#path} -gt 1 ]; then # If the last character is a / and it is not the only character.
path="${path:0:${#path}-1}" # Delete last character
fi
}
CHECK_DOMAINPATH () { # Checks the availability of the path and domain.
sudo yunohost app checkurl $domain -a $app
}
CHECK_FINALPATH () { # Checks that the destination folder is not already in use.
final_path=/opt/$app
if [ -e "$final_path" ]
then
echo "This path already contains a folder" >&2
false
fi
}
STORE_MD5_CONFIG () { # Saves the checksum of the config file
# $1 = Name of the conf file for storage in settings.yml
# $2 = Full name and path of the conf file.
ynh_app_setting_set $app $1_file_md5 $(sudo md5sum "$2" | cut -d' ' -f1)
}
CHECK_MD5_CONFIG () { # Created a backup of the config file if it was changed.
# $1 = Name of the conf file for storage in settings.yml
# $2 = Full name and path of the conf file.onf.
if [ "$(ynh_app_setting_get $app $1_file_md5)" != $(sudo md5sum "$2" | cut -d' ' -f1) ]; then
sudo cp -a "$2" "$2.backup.$(date '+%d.%m.%y_%Hh%M,%Ss')" # Si le fichier de config a été modifié, créer un backup.
fi
}
FIND_PORT () { # Search free port
# $1 = Port number to start the search.
port=$1
while ! sudo yunohost app checkport $port ; do
port=$((port+1))
done
CHECK_VAR "$port" "port empty"
}
SETUP_SOURCE () { # Download source, decompress and copu into $final_path
src=$(cat ../sources/source_md5 | awk -F' ' {'print $2'})
sudo wget -nv -i ../sources/source_url -O $src
# Checks the checksum of the downloaded source.
# md5sum -c ../sources/source_md5 --status || ynh_die "Corrupt source"
# Decompress source
if [ "$(echo ${src##*.})" == "tgz" ]; then
tar -x -f $src
elif [ "$(echo ${src##*.})" == "zip" ]; then
unzip -q $src
else
false # Unsupported archive format.
fi
# Copy file source
sudo cp -a $(cat ../sources/source_dir)/. "$final_path/live"
# Copy additional file and modified
if test -e "../sources/ajouts"; then
sudo cp -a ../sources/ajouts/. "$final_path"
fi
}
# Create user with special hack
CREATE_USER () {
sudo curl -kSs https://${domain}/auth/sign_up --cookie-jar cookie | grep csrf > token || true
token=$(sudo cat token | sed -n '/csrf-token/s/.*name="csrf-token"\s\+content="\([^"]\+\).*/\1/p')
sudo curl -kSs https://${domain}/auth --data "&user[account_attributes][username]=${admin_mastodon}&user[email]=${admin_mastodon}@${domain}&user[password]=${admin_pass}&user[password_confirmation]=${admin_pass}&authenticity_token=${token}" --cookie cookie
}
### REMOVE SCRIPT
REMOVE_NGINX_CONF () { # Delete nginx configuration
if [ -e "/etc/nginx/conf.d/$domain.d/$app.conf" ]; then # Delete nginx config
echo "Delete nginx config"
sudo rm "/etc/nginx/conf.d/$domain.d/$app.conf"
sudo systemctl reload nginx
fi
}
REMOVE_LOGROTATE_CONF () { # Delete logrotate configuration
if [ -e "/etc/logrotate.d/$app" ]; then
echo "Delete logrotate config"
sudo rm "/etc/logrotate.d/$app"
fi
}
SECURE_REMOVE () { # Deleting a folder with variable verification
chaine="$1" # The argument must be given between simple quotes '', to avoid interpreting the variables.
no_var=0
while (echo "$chaine" | grep -q '\$') # Loop as long as there are $ in the string
do
no_var=1
global_var=$(echo "$chaine" | cut -d '$' -f 2) # Isole the first variable found.
only_var=\$$(expr "$global_var" : '\([A-Za-z0-9_]*\)') # Isole completely the variable by adding the $ at the beginning and keeping only the name of the variable. Mostly gets rid of / and a possible path behind.
real_var=$(eval "echo ${only_var}") # `eval "echo ${var}` Allows to interpret a variable contained in a variable.
if test -z "$real_var" || [ "$real_var" = "/" ]; then
echo "Variable $only_var is empty, suppression of $chaine cancelled." >&2
return 1
fi
chaine=$(echo "$chaine" | sed "s@$only_var@$real_var@") # Replaces variable with its value in the string.
done
if [ "$no_var" -eq 1 ]
then
if [ -e "$chaine" ]; then
echo "Delete directory $chaine"
sudo rm -r "$chaine"
fi
return 0
else
echo "No detected variable." >&2
return 1
fi
}
# Create a db without password
#
# usage: ynh_mysql_create_user user
# | arg: user - the user name to create
ynh_psql_create_db_without_password() {
db=$1
sudo su -c "psql" postgres <<< \
"CREATE USER $db CREATEDB;"
}
# Create a user
#
# usage: ynh_mysql_create_user user pwd [host]
# | arg: user - the user name to create
# | arg: pwd - the password to identify user by
ynh_psql_create_user() {
sudo su -c "psql" postgres <<< \
"CREATE USER ${1} WITH PASSWORD '${2}';"
}
# Create a user without password
#
# usage: ynh_mysql_create_user user pwd [host]
# | arg: user - the user name to create
ynh_psql_create_user_without_password() {
sudo su -c "psql" postgres <<< \
"CREATE USER ${1};"
}
# Create a database and grant optionnaly privilegies to a user
#
# usage: ynh_mysql_create_db db [user [pwd]]
# | arg: db - the database name to create
# | arg: user - the user to grant privilegies
# | arg: pwd - the password to identify user by
ynh_psql_create_db() {
db=$1
# grant all privilegies to user
if [[ $# -gt 1 ]]; then
ynh_psql_create_user ${2} "${3}"
sudo su -c "createdb -O ${2} $db" postgres
else
sudo su -c "createdb $db" postgres
fi
}
# Drop a role
#
# usage: ynh_mysql_drop_role db
# | arg: db - the database name to drop
ynh_psql_drop_role() {
sudo su -c "psql" postgres <<< \
"DROP ROLE ${1};"
}
# Drop a database
#
# usage: ynh_mysql_drop_db db
# | arg: db - the database name to drop
ynh_psql_drop_db() {
sudo su -c "dropdb ${1}" postgres
}
# Drop a user
#
# usage: ynh_mysql_drop_user user
# | arg: user - the user name to drop
ynh_psql_drop_user() {
sudo su -c "dropuser ${1}" postgres
}
# Remove a file or a directory securely
#
# usage: ynh_secure_remove path_to_remove
# | arg: path_to_remove - File or directory to remove
ynh_secure_remove () {
path_to_remove=$1
forbidden_path=" \
/var/www \
/home/yunohost.app"
if [[ "$forbidden_path" =~ "$path_to_remove" \
# Match all path or subpath in $forbidden_path
|| "$path_to_remove" =~ ^/[[:alnum:]]+$ \
# Match all first level path from / (Like /var, /root, etc...)
|| "${path_to_remove:${#path_to_remove}-1}" = "/" ]]
# Match if the path finish by /. Because it's seems there is an empty variable
then
echo "Avoid deleting of $path_to_remove." >&2
else
if [ -e "$path_to_remove" ]
then
sudo rm -R "$path_to_remove"
else
echo "$path_to_remove doesn't deleted because it's not exist." >&2
fi
fi
}
|
