Merge branch 'testing' into patch-2

8 years ago · 8bcc16539e
14 changed files with 134 additions and 98 deletions
--- a/README.md
+++ b/README.md
@ -5,7 +5,7 @@ Nextcloud for YunoHost
 own data. A personal cloud which run on your own server. With Nextcloud
 you can synchronize your files over your devices.

-**Shipped version:** 12.0.2
+**Shipped version:** 12.0.5

 [![Install Nextcloud with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=nextcloud)
 ![](https://github.com/nextcloud/screenshots/blob/master/files/filelist.png)
--- a/conf/config.json
+++ b/conf/config.json
@ -1,38 +1,41 @@
-{
-  "system": {
-    "datadirectory": "#DATADIR#",
-    "trusted_domains": [
-      "localhost",
-      "#DOMAIN#"
-    ],
-    "updatechecker": false,
-    "memcache.local": "\\OC\\Memcache\\APCu",
-    "integrity.check.disabled": true
-  },
-  "apps": {
-    "user_ldap": {
-      "ldap_base": "dc=yunohost,dc=org",
-      "ldap_base_groups": "ou=groups,dc=yunohost,dc=org",
-      "ldap_base_users": "ou=users,dc=yunohost,dc=org",
-      "ldap_cache_ttl": "600",
-      "ldap_configuration_active": "1",
-      "ldap_display_name": "displayname",
-      "ldap_email_attr": "mail",
-      "ldap_expert_username_attr": "uid",
-      "ldap_group_display_name": "cn",
-      "ldap_group_filter": "objectClass=posixGroup",
-      "ldap_group_filter_mode": "0",
-      "ldap_groupfilter_objectclass": "posixGroup",
-      "ldap_host": "localhost",
-      "ldap_login_filter": "(&(|(objectclass=posixAccount))(uid=%uid))",
-      "ldap_login_filter_mode": "0",
-      "ldap_port": "389",
-      "ldap_quota_attr": "userquota",
-      "ldap_tls": "0",
-      "ldap_user_display_name": "cn",
-      "ldap_user_filter_mode": "0",
-      "ldap_userfilter_objectclass": "posixAccount",
-      "ldap_userlist_filter": "objectclass=posixAccount"
-    }
-  }
-}
+{
+  "system": {
+    "updatechecker": false,
+    "memcache.local": "\\OC\\Memcache\\APCu",
+    "integrity.check.disabled": true,
+    "filelocking.enabled": true,
+    "memcache.locking": "\\OC\\Memcache\\Redis",
+    "redis": {
+      "host": "localhost",
+      "port": "6379",
+      "timeout": "0.0",
+      "password": ""
+     }
+  },
+  "apps": {
+    "user_ldap": {
+      "ldap_base": "dc=yunohost,dc=org",
+      "ldap_base_groups": "ou=groups,dc=yunohost,dc=org",
+      "ldap_base_users": "ou=users,dc=yunohost,dc=org",
+      "ldap_cache_ttl": "600",
+      "ldap_configuration_active": "1",
+      "ldap_display_name": "displayname",
+      "ldap_email_attr": "mail",
+      "ldap_expert_username_attr": "uid",
+      "ldap_group_display_name": "cn",
+      "ldap_group_filter": "objectClass=posixGroup",
+      "ldap_group_filter_mode": "0",
+      "ldap_groupfilter_objectclass": "posixGroup",
+      "ldap_host": "localhost",
+      "ldap_login_filter": "(&(|(objectclass=posixAccount))(uid=%uid))",
+      "ldap_login_filter_mode": "0",
+      "ldap_port": "389",
+      "ldap_quota_attr": "userquota",
+      "ldap_tls": "0",
+      "ldap_user_display_name": "cn",
+      "ldap_user_filter_mode": "0",
+      "ldap_userfilter_objectclass": "posixAccount",
+      "ldap_userlist_filter": "objectclass=posixAccount"
+    }
+  }
+}
--- a/conf/config_install.json
+++ b/conf/config_install.json
@ -0,0 +1,9 @@
+{
+  "system": {
+    "datadirectory": "#DATADIR#",
+    "trusted_domains": [
+      "localhost",
+      "#DOMAIN#"
+    ]
+  }
+}
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@ -23,7 +23,12 @@ location ^~ __PATH__ {
  # Set max upload size
  client_max_body_size 10G;
  fastcgi_buffers 64 4K;
-
+  
+  # Extend timeouts
+  client_body_timeout 60m;
+  proxy_read_timeout 60m;
+  fastcgi_read_timeout 60m;
+  
  # Disable gzip to avoid the removal of the ETag header
  gzip off;

--- a/conf/php-fpm.conf
+++ b/conf/php-fpm.conf
@ -365,6 +365,7 @@ catch_workers_output = yes
 ;env[TMP] = /tmp
 ;env[TMPDIR] = /tmp
 ;env[TEMP] = /tmp
+env[PATH] = $PATH

 ; Additional php.ini defines, specific to this pool of workers. These settings
 ; overwrite the values previously defined in the php.ini. The directives are the
--- a/manifest.json
+++ b/manifest.json
@ -6,9 +6,9 @@
        "en": "Access & share your files, calendars, contacts, mail & more from any device, on your terms",
        "fr": "Consultez et partagez vos fichiers, agendas, carnets d'adresses, emails et bien plus depuis les appareils de votre choix, sous vos conditions"
    },
-    "version": "12.0.2",
+    "version": "12.0.5-1",
    "url": "https://nextcloud.com",
-    "license": "AGPL-3",
+    "license": "AGPL-3.0",
    "maintainer": {
        "name": "-",
        "email": "-"
--- a/scripts/_common.sh
+++ b/scripts/_common.sh
@ -3,7 +3,7 @@
 # COMMON VARIABLES
 #=================================================

-pkg_dependencies="php5-gd php5-json php5-intl php5-mcrypt php5-curl php5-apcu php5-imagick php5-ldap acl tar smbclient"
+pkg_dependencies="php5-gd php5-json php5-intl php5-mcrypt php5-curl php5-apcu php5-redis php5-ldap php5-imagick imagemagick acl tar smbclient"

 #=================================================
 # COMMON HELPERS
--- a/scripts/backup
+++ b/scripts/backup
@ -3,11 +3,6 @@
 #=================================================
 # GENERIC START
 #=================================================
-# MANAGE SCRIPT FAILURE
-#=================================================
-
-# Exit on command errors and treat access to unset variables as an error
-set -eu

 #=================================================
 # IMPORT GENERIC HELPERS
@ -21,6 +16,13 @@ fi
 source _common.sh
 source /usr/share/yunohost/helpers

+#=================================================
+# MANAGE SCRIPT FAILURE
+#=================================================
+
+# Exit if an error occurs during the execution of the script
+ynh_abort_if_errors
+
 #=================================================
 # LOAD SETTINGS
 #=================================================
@ -82,5 +84,5 @@ if [ -z $backup_core_only ]
 then
 	ynh_backup "/home/yunohost.app/${app}/data"
 else
-	echo "Data dir will not saved, because backup_core_only is set." >&2
+	echo "Data dir will not be saved, because backup_core_only is set." >&2
 fi
--- a/scripts/install
+++ b/scripts/install
@ -144,11 +144,6 @@ exec_occ maintenance:install \
 # CONFIGURE NEXTCLOUD
 #=================================================

-nc_conf="${final_path}/config.json"
-cp ../conf/config.json "$nc_conf"
-ynh_replace_string "#DOMAIN#" "$domain" "$nc_conf"
-ynh_replace_string "#DATADIR#" "$datadir" "$nc_conf"
-
 # Ensure that UpdateNotification app is disabled
 exec_occ app:disable updatenotification

@ -156,7 +151,18 @@ exec_occ app:disable updatenotification
 exec_occ app:enable user_ldap
 exec_occ ldap:create-empty-config

-# Load the config file in nextcloud
+# Load the installation config file in nextcloud
+nc_conf="${final_path}/config_install.json"
+cp ../conf/config_install.json "$nc_conf"
+ynh_replace_string "#DOMAIN#" "$domain" "$nc_conf"
+ynh_replace_string "#DATADIR#" "$datadir" "$nc_conf"
+exec_occ config:import "$nc_conf"
+# Then remove it
+rm -f "$nc_conf"
+
+# Load the additional config file (used also for upgrade)
+nc_conf="${final_path}/config_install.json"
+cp ../conf/config.json "$nc_conf"
 exec_occ config:import "$nc_conf"
 # Then remove it
 rm -f "$nc_conf"
@ -216,6 +222,8 @@ ynh_store_file_checksum "${final_path}/config/config.php"

 cron_path="/etc/cron.d/$app"
 cp -a ../conf/nextcloud.cron "$cron_path"
+chown root: "$cron_path"
+chmod 644 "$cron_path"

 ynh_replace_string "#USER#" "$app" "$cron_path"
 ynh_replace_string "#DESTDIR#" "$final_path" "$cron_path"
--- a/scripts/restore
+++ b/scripts/restore
@ -3,11 +3,6 @@
 #=================================================
 # GENERIC START
 #=================================================
-# MANAGE SCRIPT FAILURE
-#=================================================
-
-# Exit on command errors and treat access to unset variables as an error
-set -eu

 #=================================================
 # IMPORT GENERIC HELPERS
@ -21,6 +16,13 @@ fi
 source _common.sh
 source /usr/share/yunohost/helpers

+#=================================================
+# MANAGE SCRIPT FAILURE
+#=================================================
+
+# Exit if an error occurs during the execution of the script
+ynh_abort_if_errors
+
 #=================================================
 # LOAD SETTINGS
 #=================================================
@ -102,12 +104,16 @@ ynh_restore_file "/etc/logrotate.d/$app"
 # RESTORE THE DATA DIRECTORY
 #=================================================

+datadir="/home/yunohost.app/${app}/data"
+
 # The data directory will be restored only if it exists in the backup archive
 # So only if it was backup previously.
-if [ -d "$YNH_BACKUP_DIR/data" ]
+if [ -d "$YNH_BACKUP_DIR/apps/$app/backup/home/yunohost.app/$app" ]
 then
-	datadir="/home/yunohost.app/${app}/data"
 	ynh_restore_file "$datadir"
+else
+	# Create app folders
+	mkdir -p "$datadir"
 fi
 # Remove the option backup_core_only if it's in the settings.yml file
 ynh_app_setting_delete $app backup_core_only
--- a/scripts/upgrade
+++ b/scripts/upgrade
@ -286,6 +286,8 @@ ynh_store_file_checksum "${final_path}/config/config.php"

 cron_path="/etc/cron.d/$app"
 cp -a ../conf/nextcloud.cron "$cron_path"
+chown root: "$cron_path"
+chmod 644 "$cron_path"

 ynh_replace_string "#USER#" "$app" "$cron_path"
 ynh_replace_string "#DESTDIR#" "$final_path" "$cron_path"
@ -334,7 +336,7 @@ they are probably disabled and you'll have to manually enable them again." >&2
 #=================================================

 # Use logrotate to manage app-specific logfile(s)
-ynh_use_logrotate
+ynh_use_logrotate --non-append

 #=================================================
 # GENERIC FINALIZATION
--- a/scripts/upgrade.d/upgrade.last.sh
+++ b/scripts/upgrade.d/upgrade.last.sh
@ -1,7 +1,7 @@
 #!/bin/bash

 # Last available nextcloud version
-next_version="12.0.2"
+next_version="12.0.5"

 # Nextcloud tarball checksum sha256
-nextcloud_source_sha256="eb34d6cb9f55ee84bf2ad847b4b08cdb925321848ffa2264a9b1566e7b21a17c"
+nextcloud_source_sha256="c8be29ace6821079e881818266fe49d28812b5aa0c7d2e76511173d48828ca43"
--- a/sources/patches/app-00-add-logout_url-conf.patch
+++ b/sources/patches/app-00-add-logout_url-conf.patch
--- a/sources/patches/app-01-disable-CSPv3-nonce_and_allow-YNH-fonts.patch
+++ b/sources/patches/app-01-disable-CSPv3-nonce_and_allow-YNH-fonts.patch
@ -1,33 +1,33 @@
- lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php | 4 ++++
- lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php    | 3 ++-
- 2 files changed, 6 insertions(+), 1 deletion(-)
-
-diff --git a/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php b/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php
-index 85ae127f5f..91618a09fc 100644
--- a/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php
-+++ b/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php
-@@ -65,6 +65,10 @@ class ContentSecurityPolicyNonceManager {
- 	 * @return bool
- 	 */
- 	public function browserSupportsCspV3() {
-+		// YunoHost patch: disable CSPv3 nonces to:
-+		// - avoid white page on first login from YunoHost portal
-+		// - allow YunoHost tile display
-+		return false;
- 		$browserWhitelist = [
- 			Request::USER_AGENT_CHROME,
- 			// Firefox 45+
-diff --git a/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php b/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php
-index 64d4eb6e5d..59d5885620 100644
--- a/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php
-+++ b/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php
-@@ -377,7 +377,8 @@ class EmptyContentSecurityPolicy {
- 
- 		if(!empty($this->allowedFontDomains)) {
- 			$policy .= 'font-src ' . implode(' ', $this->allowedFontDomains);
-			$policy .= ';';
-+			// YunoHost patch: extend font-src to load data fonts embedded in YunoHost tile script
-+			$policy .= ' data:;';
- 		}
- 
- 		if(!empty($this->allowedConnectDomains)) {
+ lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php | 4 ++++
+ lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php    | 3 ++-
+ 2 files changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php b/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php
+index 85ae127f5f..91618a09fc 100644
+--- a/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php
+++ b/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php
+@@ -65,6 +65,10 @@ class ContentSecurityPolicyNonceManager {
+ 	 * @return bool
+ 	 */
+ 	public function browserSupportsCspV3() {
+		// YunoHost patch: disable CSPv3 nonces to:
+		// - avoid white page on first login from YunoHost portal
+		// - allow YunoHost tile display
+		return false;
+ 		$browserWhitelist = [
+ 			Request::USER_AGENT_CHROME,
+ 			// Firefox 45+
+diff --git a/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php b/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php
+index 64d4eb6e5d..59d5885620 100644
+--- a/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php
+++ b/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php
+@@ -377,7 +377,8 @@ class EmptyContentSecurityPolicy {
+ 
+ 		if(!empty($this->allowedFontDomains)) {
+ 			$policy .= 'font-src ' . implode(' ', $this->allowedFontDomains);
+-			$policy .= ';';
+			// YunoHost patch: extend font-src to load data fonts embedded in YunoHost tile script
+			$policy .= ' data:;';
+ 		}
+ 
+ 		if(!empty($this->allowedConnectDomains)) {