update

5 years ago · 99cc3a5cef
2 changed files with 54 additions and 1 deletions
--- a/manifest.json
+++ b/manifest.json
@ -38,7 +38,16 @@
                "type": "path",
                "example": "/site",
                "default": "/"
-            }
+            },
+			{
+				"name": "user",
+				"type": "user",
+				"ask": {
+					"en": "Choose the WordPress administrator (must be an existing YunoHost user)",
+					"fr": "Administrateur du site (doit être un utilisateur YunoHost existant)"
+				},
+				"example": "john"
+			}
        ]
    }
 }
--- a/scripts/install
+++ b/scripts/install
@ -22,6 +22,7 @@ ynh_abort_if_errors

 domain=$YNH_APP_ARG_DOMAIN
 path_url=$YNH_APP_ARG_PATH
+user=$YNH_APP_ARG_USER

 app=$YNH_APP_INSTANCE_NAME

@ -86,6 +87,40 @@ setfacl -m g:$app:rx /var/www

 chown -R $app: "$final_path"

+if ! ynh_system_group_exists "web"    # Check if the group exists on the system
+then    # If the user doesn't exist
+    yunohost user group create web
+fi
+
+ynh_package_install proftpd-mod-ldap
+
+echo "<IfModule mod_ldap.c>
+    LDAPServer ldap://localhost/??sub
+    LDAPUsers ou=users,dc=yunohost,dc=org (uid=%u)
+</IfModule>
+
+PassivePorts                  50000 50100
+
+<IfModule mod_tls.c>
+    TLSEngine                               on
+    TLSLog                                  /var/log/proftpd/tls.log
+    TLSProtocol                             SSLv23
+    TLSRSACertificateFile                   /etc/yunohost/certs/$domain/crt.pem
+    TLSRSACertificateKeyFile                /etc/yunohost/certs/$domain/key.pem
+    TLSVerifyClient                         off
+    TLSOptions                              NoSessionReuseRequired
+    TLSRequired                             on
+</IfModule>" > /etc/proftpd/conf.d/yunohost.conf
+
+systemctl restart proftpd
+
+yunohost firewall allow TCP 21
+yunohost firewall allow TCP 50000:50100
+
+# Allow web group to browse content of /var/www
+setfacl -m g:tiny_file_manager:rx /var/www
+setfacl -m g:tiny_file_manager.main:rx /var/www
+
 #=================================================
 # PHP-FPM CONFIGURATION
 #=================================================
@ -97,6 +132,15 @@ phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)

 #=================================================
 # GENERIC FINALIZATION
+#=================================================
+# SETUP SSOWAT
+#=================================================
+ynh_script_progression --message="Configuring permissions..." --weight=1
+
+ynh_permission_update --permission="main" --remove=all_users
+
+ynh_permission_update --permission="main" --add=$user
+
 #=================================================
 # RELOAD NGINX
 #=================================================