add paheko sur master

6 months ago · a0a021e082
14 changed files with 483 additions and 0 deletions
--- a/dockers/paheko/Dockerfile
+++ b/dockers/paheko/Dockerfile
@ -0,0 +1,98 @@
+FROM php:8.2-apache
+
+# pour upgrader paheko, il suffit de modifier le numéro de version ici
+ENV PAHEKO_VERSION 1.3.1
+
+ENV PAHEKO_DOWNLOAD_DIR download/paheko
+ENV PAHEKO_DIR /usr/share/paheko
+
+########################################
+# APT local cache
+# work around because COPY failed if no source file
+#COPY .dummy .apt-mirror-confi[g] .proxy-confi[g] /
+#RUN cp /.proxy-config /etc/profile.d/proxy.sh 2> /dev/null || true
+#RUN if [ -f /.apt-mirror-config ] ; then . /.apt-mirror-config && sed -i \
+#    -e "s/deb.debian.org/${APT_MIRROR_DEBIAN}/g" \
+#    -e "s/security.debian.org/${APT_MIRROR_DEBIAN_SECURITY}/g" \
+#    -e "s/archive.ubuntu.com/${APT_MIRROR_UBUNTU}/g" \
+#    -e "s/security.ubuntu.com/${APT_MIRROR_UBUNTU_SECURITY}/g" \
+#    /etc/apt/sources.list; fi
+
+########################################
+RUN apt-get update --quiet && apt-get install -y \
+    libicu-dev libpq-dev zlib1g-dev libicu-dev \
+    libzip-dev git wget zip patch imagemagick libmagickwand-dev; \
+    pecl install imagick; \
+    docker-php-ext-enable imagick;
+    
+#RUN docker-php-ext-install imagick 
+#RUN docker-php-ext-enable imagick
+
+#install composer setup script
+COPY dockers/paheko/composer-setup.sh /usr/local/bin/
+RUN chmod +x /usr/local/bin/composer-setup.sh
+
+#install internationalization libs
+RUN docker-php-ext-configure intl
+RUN docker-php-ext-install intl
+RUN docker-php-ext-install -j$(nproc) pdo ctype
+RUN /usr/local/bin/composer-setup.sh
+
+ADD "${PAHEKO_DOWNLOAD_DIR}/paheko-${PAHEKO_VERSION}.tar.gz" /usr/share/
+RUN mv /usr/share/paheko-${PAHEKO_VERSION} ${PAHEKO_DIR}
+
+
+RUN echo '<IfModule mod_negotiation.c>\n\
+  Options -MultiViews\n\
+</IfModule>\n\
+\n\
+php_value upload_max_filesize 100M\n\
+php_value post_max_size 100M\n\
+php_value memory_limit 256M\n\
+FallbackResource /_route.php\n\
+'> ${PAHEKO_DIR}/www/.htaccess
+
+#install prince pour génération pdf
+RUN curl https://www.princexml.com/download/prince_20230609-1_debian12_amd64.deb --output prince.deb
+RUN apt-get install libdeflate0 libjbig0 libjpeg62-turbo -y
+
+#on récupère 3 paquets de sécu sur bullseyes (me demande pas pourquoi)
+RUN curl http://security.debian.org/debian-security/pool/updates/main/libw/libwebp/libwebp6_0.6.1-2.1+deb11u2_amd64.deb --output libwebp6_0.6.1.deb
+RUN curl http://security.debian.org/debian-security/pool/updates/main/o/openssl/libssl1.1_1.1.1n-0+deb11u5_amd64.deb --output libssl1.1_1.1.deb
+RUN curl http://http.us.debian.org/debian/pool/main/t/tiff/libtiff5_4.2.0-1+deb11u4_amd64.deb --output libtiff5_4.2.0.deb
+RUN dpkg -i libwebp6_0.6.1.deb
+RUN dpkg -i libssl1.1_1.1.deb
+RUN dpkg -i libtiff5_4.2.0.deb
+RUN apt-get install libfontconfig1 libgif7 libjpeg62-turbo liblcms2-2 libtiff5-dev -y
+RUN apt-get install libaom3 libavif15 -y
+RUN dpkg -i prince.deb
+
+COPY dockers/paheko/config/factory_cron.sh ${PAHEKO_DIR}/
+COPY dockers/paheko/config/factory_cron_emails.sh ${PAHEKO_DIR}/
+COPY dockers/paheko/config/setupWebRights.sh ${PAHEKO_DIR}/
+RUN mkdir ${PAHEKO_DIR}/users
+
+#Plugin facturation (le seul qui ne fasse pas parti de la distribution de base
+COPY "dockers/paheko/config/facturation.tar.gz" ${PAHEKO_DIR}/data/plugins/
+RUN mkdir ${PAHEKO_DIR}/data/plugins/facturation && tar zxvf ${PAHEKO_DIR}/data/plugins/facturation.tar.gz -C ${PAHEKO_DIR}/data/plugins/facturation && rm ${PAHEKO_DIR}/data/plugins/facturation.tar.gz
+
+#fab: pour eviter l'anomalie: $msg mustn't contain any NULL byte
+RUN sed -i "394i\$msg = str_replace(chr(0), '', \$msg);"  ${PAHEKO_DIR}/include/lib/KD2/ErrorManager.php
+
+#install cron pour factory_cron.sh
+RUN apt-get install cron joe rsyslog -y
+RUN sed -i '/imklog/s/^/#/' /etc/rsyslog.conf
+RUN echo "0 1 * * * cd ${PAHEKO_DIR} && ${PAHEKO_DIR}/factory_cron.sh" >> /var/spool/cron/crontabs/root
+RUN echo "* * * * *  cd ${PAHEKO_DIR} && ${PAHEKO_DIR}/factory_cron_emails.sh" >> /var/spool/cron/crontabs/root
+RUN chmod 600 /var/spool/cron/crontabs/root
+RUN sed -i "/exec/i\service cron start\n" /usr/local/bin/docker-php-entrypoint
+RUN ln -sf /usr/local/bin/php /usr/bin/
+
+# Set owner web server
+RUN chown -R www-data: ${PAHEKO_DIR}
+
+#fab le 03/02/2023: pour avoir un php.ini de prod avec zend.assertions = -1
+RUN cp "/usr/local/etc/php/php.ini-production" "/usr/local/etc/php/php.ini"
+
+EXPOSE 80
+VOLUME [ "/usr/share/paheko/users" ]
--- a/dockers/paheko/build.sh
+++ b/dockers/paheko/build.sh
@ -0,0 +1,48 @@
+#!/bin/bash
+
+KAZ_ROOT=$(cd "$(dirname $0)/../.."; pwd)
+. "${KAZ_ROOT}/bin/.commonFunctions.sh"
+setKazVars
+
+###########################################################################"
+#on récupère la dernière version de paheko et tous les plugin
+
+PAHEKO_VER=$(grep "^ENV PAHEKO_VERSION" Dockerfile | awk '{print $3}')
+#FCT_VER="0.7.4"
+echo "VERSION PAHEKO : $PAHEKO_VER"
+#echo "VERSION FACTURATION : $FCT_VER"
+
+downloadFile () {
+    # $1 URL to download
+    if [ ! -f "$(basename "$1")" ]; then
+        printKazMsg "  - load $1"
+        curl -L -O "$1"
+    fi
+}
+
+mkdir -p "${KAZ_DNLD_DIR}/paheko"
+cd "${KAZ_DNLD_DIR}/paheko"
+
+#pour être certain de récupérer les dernières versions de plugin
+rm * -f
+
+printKazMsg "\n  *** Download paheko on ${KAZ_DNLD_DIR}"
+
+downloadFile "https://fossil.kd2.org/paheko/uv/paheko-${PAHEKO_VER}.tar.gz"
+
+#downloadFile "https://fossil.kd2.org/paheko-plugins/uv/caisse.tar.gz"
+#downloadFile "https://fossil.kd2.org/paheko-plugins/uv/dompdf.tar.gz"
+#downloadFile "https://fossil.kd2.org/paheko-plugins/uv/helloasso.tar.gz"
+#downloadFile "https://fossil.kd2.org/paheko-plugins/uv/ouvertures.tar.gz"
+#downloadFile "https://fossil.kd2.org/paheko-plugins/uv/reservations.tar.gz"
+#downloadFile "https://fossil.kd2.org/paheko-plugins/uv/stock_velos.tar.gz"
+#downloadFile "https://fossil.kd2.org/paheko-plugins/uv/taima.tar.gz"
+#downloadFile "https://gitlab.com/JBthePenguinpaheko-plugin-materiels/-/raw/main/materiels.tar.gz"
+#downloadFile "https://noizette.net/archive/garradin-plugin-facturation/${FCT_VER}/facturation.tar.gz"
+
+###########################################################################
+printKazMsg "\n  *** Création du Dockerfile paheko"
+
+cd "${KAZ_ROOT}"
+
+docker build -t pahekokaz . -f dockers/paheko/Dockerfile
--- a/dockers/paheko/composer-setup.sh
+++ b/dockers/paheko/composer-setup.sh
@ -0,0 +1,18 @@
+#!/bin/sh
+
+EXPECTED_SIGNATURE=$(wget -q -O - https://composer.github.io/installer.sig)
+php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
+ACTUAL_SIGNATURE=$(php -r "echo hash_file('SHA384', 'composer-setup.php');")
+
+if [ "$EXPECTED_SIGNATURE" != "$ACTUAL_SIGNATURE" ]
+then
+    >&2 echo 'ERROR: Invalid installer signature'
+    rm composer-setup.php
+    exit 1
+fi
+
+php composer-setup.php --quiet
+RESULT=$?
+rm composer-setup.php
+exit $RESULT
+
--- a/dockers/paheko/config/config.local.tmpl.php
+++ b/dockers/paheko/config/config.local.tmpl.php
@ -0,0 +1,128 @@
+<?php
+
+namespace Paheko;
+
+/**
+ * Ce fichier permet de configurer Garradin pour une utilisation
+ * avec plusieurs associations, mais une seule copie du code source.
+ * (aussi appel?? installation multi-sites, ferme ou usine)
+ *
+ * Voir la doc : https://fossil.kd2.org/paheko/wiki?name=Multi-sites
+ *
+ * N'oubliez pas d'installer ??galement le script cron.sh fournit
+ * pour lancer les rappels automatiques et sauvegardes.
+ *
+ * Si cela ne suffit pas ?? vos besoins, contactez-nous : https://paheko.eu/contact
+ * pour une aide sp??cifique ?? votre installation.
+ */
+
+// Nom de domaine parent des associations h??berg??es
+// Exemple : si vos associations sont h??berg??es en clubdetennis.paheko.eu,
+// indiquer ici 'paheko.eu'
+const FACTORY_DOMAIN = "__DOMAIN__";
+
+// R??pertoire o?? seront stock??es les donn??es des utilisateurs
+// Dans ce r??pertoire, un sous-r??pertoire sera cr???? pour chaque compte
+// Ainsi 'clubdetennis.paheko.eu' sera dans le r??pertoire courant (__DIR__),
+// sous-r??pertoire 'users' et dans celui-ci, sous-r??pertoire 'clubdetennis'
+//
+// Pour chaque utilisateur il faudra cr??er le sous-r??pertoire en premier lieu
+// (eg. mkdir .../users/clubdetennis)
+const FACTORY_USER_DIRECTORY = __DIR__ . '/users';
+
+// Envoyer les erreurs PHP par mail ?? l'adresse de l'administrateur syst??me
+// (mettre ?? null pour ne pas recevoir d'erreurs)
+const MAIL_ERRORS = 'admin@kaz.bzh';
+
+// IMPORTANT !
+// Modifier pour indiquer une valeur al??atoire de plus de 30 caract??res
+const SECRET_KEY = 'HkXFwmMIMaI1T4X9/BIxKahxa74tQvAj0z1keal/jXj7i2w1ifzvalPSAshAbSg2P/fhmh9TlA3+gD28jg+ljA==';
+
+// Quota de stockage de documents (en octets)
+// D??finit la taille de stockage disponible pour chaque association pour ses documents
+const FILE_STORAGE_QUOTA = 10 * 1024 * 1024 * 1024; // 10 Go
+
+////////////////////////////////////////////////////////////////
+// R??glages conseill??s, normalement il n'y a rien ?? modifier ici
+
+// Indiquer que l'on va utiliser cron pour lancer les t??ches ?? ex??cuter (envoi de rappels de cotisation)
+const USE_CRON = true;
+
+// Cache partag??
+const SHARED_CACHE_ROOT = __DIR__ . '/cache';
+
+// D??sactiver le log des erreurs PHP visible dans l'interface (s??curit??)
+const ENABLE_TECH_DETAILS = false;
+
+// D??sactiver les mises ?? jour depuis l'interface web
+// Pour ??tre s??r que seul l'admin sys puisse faire des mises ?? jour
+const ENABLE_UPGRADES = false;
+
+////////////////////////////////////////////////////////////////
+// Code 'magique' qui va configurer Garradin selon les r??glages
+
+$login = null;
+
+// Un sous-domaine ne peut pas faire plus de 63 caract??res
+$login_regexp = '([a-z0-9_-]{1,63})';
+$domain_regexp = sprintf('/^%s\.%s$/', $login_regexp, preg_quote(FACTORY_DOMAIN, '/'));
+
+
+//original
+//if (isset($_SERVER['SERVER_NAME']) && preg_match($regexp, $_SERVER['SERVER_NAME'], $match)) {
+//maj kaz
+if (isset($_SERVER['SERVER_NAME']) && preg_match('/^([a-z0-9_\-]+)-paheko\.__DOMAIN__$/', $_SERVER['SERVER_NAME'], $match)) {
+        $login = $match[1];
+}
+elseif (PHP_SAPI == 'cli' && !empty($_SERVER['PAHEKO_FACTORY_USER']) && preg_match('/^' . $login_regexp . '$/', $_SERVER['PAHEKO_FACTORY_USER'])) {
+        $login = $_SERVER['PAHEKO_FACTORY_USER'];
+}
+else {
+        // Login invalide ou non fourni
+        http_response_code(404);
+        die('<h1>Page non trouv??e</h1>');
+}
+
+$user_data_dir = rtrim(FACTORY_USER_DIRECTORY, '/') . '/' . $login;
+
+
+if (!is_dir($user_data_dir)) {
+        mkdir($user_data_dir, 0700, true);
+        //http_response_code(404);
+        //die("<h1>Cette association n'existe pas.</h1>");
+}
+
+// D??finir le dossier o?? sont stock??s les donn??es
+define('Paheko\DATA_ROOT', $user_data_dir);
+
+const PREFER_HTTPS = false;
+const SMTP_HOST =  "__SMTP_HOST__.__DOMAIN__";
+const SMTP_USER = null;
+const API_USER =  "__PAHEKO_API_USER__"; 
+const API_PASSWORD = "__PAHEKO_API_PASSWORD__";
+const SMTP_PASSWORD = null;
+const SMTP_PORT = 25;
+const SMTP_SECURITY = 'NONE';
+const ROOT = __DIR__;
+
+const DB_FILE = DATA_ROOT . '/association.sqlite';
+//const PLUGINS_ROOT = DATA_ROOT . '/plugins';
+const PLUGINS_ROOT =  __DIR__ . '/data/plugins';
+
+// D??finir l'URL
+//original
+//define('Garradin\WWW_URL', 'https://' . $login . FACTORY_USER_DIRECTORY . '/');
+//maj kaz
+define('Paheko\WWW_URL', "__HTTP_PROTO__://".$login."-paheko.__DOMAIN__/");
+
+define('Paheko\WWW_URI', '/');
+
+// Désactiver le log des erreurs visible dans l'interface (sécurité)
+define('Paheko\ERRORS_ENABLE_LOG_VIEW', true);
+
+// Ne pas afficher les erreurs de code
+define('Paheko\SHOW_ERRORS', true);
+
+
+#add by fab le 21/04/2022
+const PDF_COMMAND = 'prince';
--- a/dockers/paheko/config/factory_cron.sh
+++ b/dockers/paheko/config/factory_cron.sh
@ -0,0 +1,17 @@
+#!/bin/sh
+
+# Répertoire où sont stockées les données des utilisateurs
+# veiller à ce que ce soit le même que dans config.local.php
+FACTORY_USER_DIRECTORY="users"
+
+# Chemin vers le script cron.php de Paheko
+PAHEKO_CRON_SCRIPT="scripts/cron.php"
+
+cd /usr/share/paheko
+
+for user in $(cd ${FACTORY_USER_DIRECTORY} && ls -1d */)
+do
+	PAHEKO_FACTORY_USER=$(basename "$user") /usr/bin/php $PAHEKO_CRON_SCRIPT
+	echo $PAHEKO_FACTORY_USER
+done
+
--- a/dockers/paheko/config/factory_cron_emails.sh
+++ b/dockers/paheko/config/factory_cron_emails.sh
@ -0,0 +1,14 @@
+#!/bin/sh
+
+# Répertoire où sont stockées les données des utilisateurs
+# veiller à ce que ce soit le même que dans config.local.php
+FACTORY_USER_DIRECTORY="users"
+
+# Chemin vers le script emails.php de Paheko
+PAHEKO_CRON_SCRIPT="scripts/emails.php"
+
+for user in $(cd ${FACTORY_USER_DIRECTORY} && ls -1d */)
+do
+        PAHEKO_FACTORY_USER=$(basename "$user") /usr/bin/php $PAHEKO_CRON_SCRIPT
+        echo $PAHEKO_FACTORY_USER
+done
--- a/dockers/paheko/config/facturation.tar.gz
+++ b/dockers/paheko/config/facturation.tar.gz
--- a/dockers/paheko/config/paheko.conf
+++ b/dockers/paheko/config/paheko.conf
@ -0,0 +1,26 @@
+<VirtualHost *:80>
+  #ServerName paheko.kaz.bzh
+  DocumentRoot /usr/share/paheko/www
+  ErrorLog /var/log/apache2/error.log
+  CustomLog /var/log/apache2/access.log combined
+  ServerSignature Off
+
+  <Directory /usr/share/paheko/www >
+    AllowOverride All
+    Require all granted
+    Options FollowSymLinks MultiViews
+    <IfModule mod_dav.c>
+      Dav off
+    </IfModule>
+  </Directory>
+
+  <FilesMatch "^\.ht.*">
+    deny from all
+    satisfy all
+    ErrorDocument 403 "Access denied."
+  </FilesMatch>
+
+FallbackResource /_route.php
+
+
+</VirtualHost>
--- a/dockers/paheko/config/setupWebRights.sh
+++ b/dockers/paheko/config/setupWebRights.sh
@ -0,0 +1,3 @@
+#!/bin/sh
+
+chown -R www-data: /usr/share/paheko
--- a/dockers/paheko/docker-compose.yml
+++ b/dockers/paheko/docker-compose.yml
@ -0,0 +1,38 @@
+version: '3.5'
+
+services:
+
+  paheko:
+    image: pahekokaz
+    build: .
+    container_name: ${pahekoServName}
+    volumes:
+      - ./config/paheko.conf:/etc/apache2/sites-available/000-default.conf
+      - ./config/config.local.php:/usr/share/paheko/config.local.php
+      - ./config/factory_cron.sh:/usr/share/paheko/factory_cron.sh
+#      - ./config/cron.php:/usr/share/paheko/scripts/cron.php
+      - assoUsers:/usr/share/paheko/users
+      - /etc/localtime:/etc/localtime:ro
+      - /etc/timezone:/etc/timezone:ro
+    # ports:
+    #   - 8086:80
+    networks:
+      - pahekoNet
+      - postfixNet
+    external_links:
+      - ${smtpServName}:${smtpHost}.${domain}
+    labels:
+      - "traefik.enable=true"
+      - "traefik.frontend.rule=HostRegexp:{host:[a-zA-Z0-9_-]+-${pahekoHost}}.${domain}"
+      - "traefik.http.routers.${pahekoServName}.rule=HostRegexp(`{host:[a-zA-Z0-9_-]+-${pahekoHost}}.${domain}`)"
+
+volumes:
+  assoUsers:
+
+networks:
+  pahekoNet:
+    external: true
+    name: pahekoNet
+  postfixNet:
+    external: true
+    name: postfixNet
--- a/dockers/paheko/first.sh
+++ b/dockers/paheko/first.sh
@ -0,0 +1,19 @@
+#!/bin/bash
+
+SERV_DIR=$(cd $(dirname $0); pwd)
+KAZ_ROOT=$(cd $(dirname $0)/../..; pwd)
+. "${KAZ_ROOT}/bin/.commonFunctions.sh"
+setKazVars
+
+cd $(dirname $0)
+. "${DOCKERS_ENV}"
+
+
+if ! [[ "$(docker ps -f name=${pahekoServName} | grep -w ${pahekoServName})" ]]; then
+    echo -e "Paheko not running... abort"
+    exit
+fi
+
+printKazMsg "\n  *** Premier lancement de Paheko"
+
+docker exec "${pahekoServName}" /usr/share/paheko/setupWebRights.sh
--- a/dockers/paheko/installPlugins.sh.old
+++ b/dockers/paheko/installPlugins.sh.old
@ -0,0 +1,58 @@
+#!/bin/bash
+
+PRG="$0"
+KAZ_ROOT=$(cd $(dirname $0)/../..; pwd)
+. "${KAZ_ROOT}/bin/.commonFunctions.sh"
+setKazVars
+
+if [ ! -d "${DOCK_VOL_PAHEKO_ORGA}" ]; then
+    printKazError "\nno paheko volume!"
+    exit
+fi
+
+PAHEKO_PLG_LIST=$(getPahekoPluginList)
+PAHEKO_ORGA_LIST=$(getPahekoOrgaList)
+
+usage(){
+    echo "Usage: ${PRG} [orga...]"
+    # XXX set of extention ?
+    echo "  -h help"
+    exit 1
+}
+
+ORGA_SET=
+for ORGA in $@
+do
+    case "${ORGA}" in
+	'-h' | '-help' )
+	    usage
+	    ;;
+	* )
+	    if [[ ! "${NL}${PAHEKO_ORGA_LIST}${NL}" =~ "${NL}${ORGA}${NL}" ]]; then
+		printKazError "\n ${PRG}: ${ORGA} not in ${PAHEKO_ORGA_LIST}"
+	    else
+		ORGA_SET="${ORGA_SET} ${ORGA}"
+	    fi
+	    ;;
+    esac
+done
+
+if [ -z "${ORGA_SET}" ] ; then
+    ORGA_SET=${PAHEKO_ORGA_LIST}
+fi
+
+for ORGA in ${ORGA_SET}; do
+    if [ ! -d "${DOCK_VOL_PAHEKO_ORGA}/${ORGA}/" ]; then
+	continue
+    fi
+    echo -ne "\n  *** ${ORGA} plugins :"
+    for PLG in ${PAHEKO_PLG_LIST}; do
+	echo -n " ${PLG}"
+	cd "${DOCK_VOL_PAHEKO_ORGA}/${ORGA}/plugins/"
+	PLG_NAME="${PLG%%.*}"
+	mkdir -p "${PLG_NAME}"
+	cd "${PLG_NAME}"
+	tar -xzf "${KAZ_DNLD_PAHEKO_DIR}/${PLG}"
+    done
+    echo
+done
--- a/dockers/paheko/paheko-gen.sh
+++ b/dockers/paheko/paheko-gen.sh
@ -0,0 +1,12 @@
+#!/bin/bash
+
+KAZ_ROOT=$(cd "$(dirname $0)/../.."; pwd)
+. "${KAZ_ROOT}/bin/.commonFunctions.sh"
+setKazVars
+
+TMPL=config/config.local.tmpl.php
+CONF=config/config.local.php
+
+cd $(dirname $0)
+
+"${APPLY_TMPL}" "${TMPL}" "${CONF}"
--- a/dockers/paheko/reload.sh
+++ b/dockers/paheko/reload.sh
@ -0,0 +1,4 @@
+#!/bin/bash
+
+echo -e "\n  *** Reload Paheko"
+docker exec -ti pahekoServ apachectl -k restart