gabriel
/
register_ynh
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

[enh] Update the upgrade script and document how to migrate

pull/1/head
Jérôme Lebleu 10 years ago
parent
643223ec31
commit
9fea67c20c
2 changed files with 103 additions and 58 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 51
      README.md
  2. 110
      scripts/upgrade

51
README.md
View File

@ -3,13 +3,54 @@ Custom Webapp
Empty application with SFTP access to the Web directory.
It can also create a MySQL database. In that case, the connection details
will be stored in the file `db_accesss.txt` located in the root folder of
the SFTP user.
## Overview
## TODO
This application allows you to easily install a custom Web application,
providing files access with SFTP. It can also create a MySQL database
which will be backed up and restored if your application. The connection
details will be stored in the file `db_accesss.txt` located at the root
directory.
* Update `upgrade` script and manage upgrading from current official app
Once installed, go to the chosen URL to know the user, domain and port
you will have to use for the SFTP access. Under the Web directory, you
will have a `www` folder which is the public and served one. You can
put all the files of your custom Web application inside.
## Upgrade
Due to the SFTP access change, the upgrade can not be done from the last
`my_webapp` application - provided with YunoHost 2.2. You will have to remove
it first and install this new one, taking care of migrating your Web
application.
### Save your files and database
You will have to save the content of the `/var/www/my_webapp/files`
directory, either from the Web admin interface provided with the old app,
connecting to your server using SSH or SFTP as `admin`.
If you've created a MySQL database, you can also migrate it since the new
version allows to manage it for you. To create a dump, you could use
*phpMyAdmin* or connect to your server and execute:
`mysqldump -u root -p$(cat /etc/yunohost/password --no-create-db "$dbname" > ./dump.sql`
(do not forget to replace `$dbname` by your database name).
### Restore your custom Webapp
When you've take care of save your files - and optionally your database,
you can remove the app and install this new one. You can set the same
settings as the previous installation.
To restore your files, connect to the Web directory using the SFTP account
and put everything into the `www` directory.
If you have chosen to migrate your database too, open the file `db_access.txt`
to know the new database, user and password you will have to set in your app
configuration. You can either restore the dump using *phpMyAdmin* or connect
to your server and execute:
`mysql -u "$dbuser" -p"$dbpass" "$dbname" < ./dump.sql`
(do not forget to replace `$dbuser`, `$dbpass` and `$dbname` with the values
given in the file).
## Links

110
scripts/upgrade
View File

@ -1,68 +1,72 @@
#!/bin/bash
set -e
set -eu
# Retrieve arguments
domain=$(sudo yunohost app setting my_webapp domain)
path=$(sudo yunohost app setting my_webapp path)
user=$(sudo yunohost app setting my_webapp ftp_user \
|| sudo yunohost app setting my_webapp allowed_users \
|| echo "")
is_public=$(sudo yunohost app setting my_webapp is_public)
final_path=/var/www/my_webapp
# Get multi-instances specific variables
app=$YNH_APP_INSTANCE_NAME
# Remove trailing "/" from the path
path=${path%/}
# Source app helpers
. /usr/share/yunohost/helpers
# Reset permissions
if [[ "$user" != "" ]]; then
sudo yunohost app setting my_webapp allowed_users -v "$user"
fi
# Retrieve app settings
domain=$(ynh_app_setting_get "$app" domain)
path=$(ynh_app_setting_get "$app" path)
path=${path%/}
is_public=$(ynh_app_setting_get "$app" is_public)
mysql_db=$(ynh_app_setting_get "$app" mysql_db)
password=$(ynh_app_setting_get "$app" password)
user=$(ynh_app_setting_get "$app" user)
# Update the salt in the admin.php file
salt=$(dd if=/dev/urandom bs=1 count=200 2> /dev/null | tr -c -d 'A-Za-z0-9' | sed -n 's/\(.\{24\}\).*/\1/p')
sed -i "s@SALTTOCHANGE@$salt@g" ../sources/admin.php
([[ -n "$mysql_db" ]] && [[ -n "$password" ]] && [[ -n "$user" ]]) \
|| ynh_die "The app changed and can not be automatically upgraded. \
You will have to manually upgrade it following those instructions: \
https://github.com/YunoHost-Apps/my_webapp_ynh#upgrade"
# Modify the index.html instruction file
sed -i "s@USER@$user@g" ../sources/files/index.html
sed -i "s@URL@https://$domain$path/admin/@g" ../sources/files/index.html
# Check destination directory
DESTDIR="/var/www/$app"
[[ ! -d $DESTDIR ]] && ynh_die \
"The destination directory '$DESTDIR' does not exist.\
The app is not correctly installed, you should remove it first."
# Copy files to the right place
sudo mkdir -p $final_path
sudo cp ../sources/admin.php $final_path/
sudo cp -r ../sources/_assets $final_path/
# Harden SSH connection for the user
sudo sed -i "/##-> ${app}/,/##<- ${app}/d" /etc/ssh/sshd_config
echo "##-> ${app}
# Hardening user connection
Match User ${user}
ChrootDirectory %h
ForceCommand internal-sftp
AllowTcpForwarding no
PermitTunnel no
X11Forwarding no
##<- ${app}" | sudo tee -a /etc/ssh/sshd_config >/dev/null
# Create directory and set permissions
sudo mkdir -p $final_path/files
sudo chmod 775 -R $final_path/files
sudo chown -hR www-data:www-data $final_path/files
# Fix permissions
sudo chown -hR "${user}:" "$DESTDIR"
# Modify Nginx configuration file and copy it to Nginx conf directory
if [[ "$path" == "" ]]; then
sed -i "s@LOCATIONTOCHANGE@/@g" ../conf/nginx.conf
else
sed -i "s@LOCATIONTOCHANGE@$path@g" ../conf/nginx.conf
fi
sed -i "s@PATHTOCHANGE@$path@g" ../conf/nginx.conf
sed -i "s@ALIASTOCHANGE@$final_path/@g" ../conf/nginx.conf
sed -i "s@NAMETOCHANGE@my_webapp@g" ../conf/nginx.conf
sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/my_webapp.conf
# Home directory of the user need to be owned by root to allow
# SFTP connections
sudo chown root: "$DESTDIR"
# Same goes for PHP-FPM configuration
sed -i "s@NAMETOCHANGE@my_webapp@g" ../conf/php-fpm.conf
sudo cp ../conf/php-fpm.conf /etc/php5/fpm/pool.d/my_webapp.conf
# Set SSOwat rules
[[ $is_public -eq 1 ]] \
&& ynh_app_setting_set "$app" skipped_uris "/"
# Make app public if necessary
if [ "$is_public" = "Yes" ];
then
sudo yunohost app setting my_webapp unprotected_uris -v "/"
fi
# Copy and set nginx configuration
nginx_conf="/etc/nginx/conf.d/${domain}.d/${app}.conf"
sed -i "s@{PATH}@${path}@g" ../conf/nginx.conf
sed -i "s@{LOCATION}@${path:-/}@g" ../conf/nginx.conf
sed -i "s@{DESTDIR}@${DESTDIR}@g" ../conf/nginx.conf
sed -i "s@{POOLNAME}@${app}@g" ../conf/nginx.conf
sudo cp ../conf/nginx.conf "$nginx_conf"
# Protect the file manager
sudo yunohost app setting my_webapp protected_uris -v "/admin"
# Copy and set php-fpm configuration
phpfpm_conf="/etc/php5/fpm/pool.d/${app}.conf"
sed -i "s@{USER}@${user}@g" ../conf/php-fpm.conf
sed -i "s@{POOLNAME}@${app}@g" ../conf/php-fpm.conf
sed -i "s@{DESTDIR}@${DESTDIR}@g" ../conf/php-fpm.conf
sudo cp ../conf/php-fpm.conf "$phpfpm_conf"
# Reload Nginx, php5-fpm and regenerate SSOwat conf
# Reload services
sudo service php5-fpm reload
sudo service nginx reload
sudo killall php5-fpm || echo "PHP-FPM already killed"
sudo service php5-fpm start
sudo yunohost app ssowatconf
sudo service sshd reload
Write Preview
Loading…
Cancel
Save