#!/bin/bash #================================================= # GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= source _common.sh source /usr/share/yunohost/helpers #================================================= # MANAGE SCRIPT FAILURE #================================================= ynh_clean_setup () { ### Remove this function if there's nothing to clean before calling the remove script. true } # Exit if an error occurs during the execution of the script ynh_abort_if_errors #================================================= # RETRIEVE ARGUMENTS FROM THE MANIFEST #================================================= # Retrieve arguments domain=$YNH_APP_ARG_DOMAIN path_url=$YNH_APP_ARG_PATH is_public=$YNH_APP_ARG_IS_PUBLIC ### If it's a multi-instance app, meaning it can be installed several times independently ### The id of the app as stated in the manifest is available as $YNH_APP_ID ### The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2", ...) ### The app instance name is available as $YNH_APP_INSTANCE_NAME ### - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample ### - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2 ### - ynhexample__{N} for the subsequent installations, with N=3,4, ... ### The app instance name is probably what interests you most, since this is ### guaranteed to be unique. This is a good unique identifier to define installation path, ### db names, ... app=$YNH_APP_INSTANCE_NAME #================================================= # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS #================================================= ### If the app uses nginx as web server (written in HTML/PHP in most cases), the final path should be "/var/www/$app". ### If the app provides an internal web server (or uses another application server such as uwsgi), the final path should be "/opt/yunohost/$app" final_path=/var/www/$app test ! -e "$final_path" || ynh_die "This path already contains a folder" # Normalize the url path syntax path_url=$(ynh_normalize_url_path $path_url) # Check web path availability ynh_webpath_available $domain $path_url # Register (book) web path ynh_webpath_register $app $domain $path_url #================================================= # STORE SETTINGS FROM MANIFEST #================================================= ynh_app_setting_set $app domain $domain ynh_app_setting_set $app path $path_url ynh_app_setting_set $app is_public $is_public #================================================= # FIND AND OPEN A PORT #================================================= ### Use these lines if you have to open a port for the application ### `ynh_find_port` will find the first available port starting from the given port. ### If you're not using these lines: ### - Remove the section "CLOSE A PORT" in the remove script # Find a free port port=$(ynh_find_port 8096) # Open this port yunohost firewall allow --no-upnp TCP $port 2>&1 ynh_app_setting_set $app port $port #============================================== # INSTALL DEPS #============================================== ## Install MariaDB 10.1 ynh_package_install software-properties-common dirmngr mariadb-common mariadb-server mariadb-client ## Start mariadb systemctl start mariadb systemctl enable mariadb ## Install the PHP 7.2 repo for debian ynh_package_install ca-certificates apt-transport-https wget -q https://packages.sury.org/php/apt.gpg -O- | apt-key add - echo "deb https://packages.sury.org/php/ stretch main" | tee /etc/apt/sources.list.d/php.list ## Get apt updates ynh_package_update ## Install PHP 7.2 ynh_package_install php7.2 php7.2-cli php7.2-gd php7.2-mysql php7.2-pdo php7.2-mbstring php7.2-tokenizer php7.2-bcmath php7.2-xml php7.2-fpm php7.2-curl php7.2-zip ## Start php7 systemctl enable php7.2-fpm systemctl start php7.2-fpm #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= ynh_app_setting_set $app final_path $final_path # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source "$final_path" #================================================= # CREATE DEDICATED USER #================================================= # Create a system user ynh_system_user_create $app #================================================= # CREATE A MYSQL DATABASE #================================================= ### Use these lines if you need a database for the application. ### `ynh_mysql_setup_db` will create a database, an associated user and a ramdom password. ### The password will be stored as 'mysqlpwd' into the app settings, ### and will be available as $db_pwd ### If you're not using these lines: ### - Remove the section "BACKUP THE MYSQL DATABASE" in the backup script ### - Remove also the section "REMOVE THE MYSQL DATABASE" in the remove script ### - As well as the section "RESTORE THE MYSQL DATABASE" in the restore script #db_name=$(ynh_sanitize_dbid $app) #ynh_app_setting_set $app db_name $db_name #ynh_mysql_setup_db $db_name $db_name #ynh_mysql_execute_as_root <<< "GRANT ALL PRIVILEGES ON $db_name.* TO '$app'@'localhost' WITH GRANT OPTION;FLUSH PRIVILEGES;" db_user=$app db_name=$app db_pass=$(ynh_string_random 20) ynh_app_setting_set $app db_pass $db_pass #============================================== # INSTALL Composer #============================================== #sudo -u "admin" "curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer" php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');" php -r "if (hash_file('sha384', 'composer-setup.php') === '93b54496392c062774670ac18b134c3b3a95e5a5e5c8f1a9f115f203b75bf9a129d5daa8ba6a13e2cc8a1da0806388a8') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;" php composer-setup.php --install-dir=/usr/bin --filename=composer php -r "unlink('composer-setup.php');" #================================================= # MODIFY A CONFIG FILE #================================================= # Main config File ynh_replace_string "__DB_USER__" "$db_user" "../conf/.env.example" ynh_replace_string "__DB_NAME__" "$db_name" "../conf/.env.example" ynh_replace_string "__DB_PASS__" "$db_pass" "../conf/.env.example" cp -a ../conf/.env.example $final_path/.env cp -a ../conf/pteroq.service /etc/systemd/system/pteroq.service #============================================== # INSTALL Pterodactyl #============================================== cd $final_path chmod -R 755 storage/* bootstrap/cache/ composer install --no-dev --optimize-autoloader php artisan key:generate --force php artisan p:environment:setup --author=admin@yuno.fr --url=https://$domain/$path_url --timezone=America/New_York --cache=redis --session=database --queue=redis --disable-settings-ui --redis-host=127.0.0.1 --redis-pass= --redis-port=6379 php artisan p:environment:database --host=localhost --port=3306 --database=$db_name --username=$db_user --password=$db_pass php artisan p:user:make --email=test@example.com --admin=1 php artisan migrate --seed php artisan p:user:make chown -R www-data:www-data * #Cron crontab -l > pterodactyl echo "* * * * * php /var/www/pterodactyl/artisan schedule:run" >> pterodactyl crontab pterodactyl #crontab -l | { cat; echo "* * * * * php /var/www/pterodactyl/artisan schedule:run"; } | crontab - #================================================= # NGINX CONFIGURATION #================================================= # Create a dedicated nginx config ynh_add_nginx_config #================================================= # STORE THE CONFIG FILE CHECKSUM #================================================= ### `ynh_store_file_checksum` is used to store the checksum of a file. ### That way, during the upgrade script, by using `ynh_backup_if_checksum_is_different`, ### you can make a backup of this file before modifying it again if the admin had modified it. # Calculate and store the config file checksum into the app settings #ynh_store_file_checksum "/etc/onlyoffice/documentserver/nginx/onlyoffice-documentserver.conf" #================================================= # GENERIC FINALIZATION #================================================= # SECURE FILES AND DIRECTORIES #================================================= ### For security reason, any app should set the permissions to root: before anything else. ### Then, if write authorization is needed, any access should be given only to directories ### that really need such authorization. # Set permissions to app files #chown -R root: /etc/loolwsd #================================================= # SETUP SSOWAT #================================================= # If app is public, add url to SSOWat conf as skipped_uris if [ $is_public -eq 1 ]; then # unprotected_uris allows SSO credentials to be passed anyway. ynh_app_setting_set "$app" unprotected_uris "/" fi # Reload services systemctl reload nginx sudo systemctl enable --now pteroq.service