diff --git a/README.md b/README.md index d14b4c9c..e8314336 100644 --- a/README.md +++ b/README.md @@ -1,68 +1,67 @@ -# CodeIgniter 4 Application Starter +# Sturwild -## What is CodeIgniter? +## What is Sturwild? -CodeIgniter is a PHP full-stack web framework that is light, fast, flexible and secure. -More information can be found at the [official site](https://codeigniter.com). +Sturwild is a software application for recording declarations of accidental sturgeon catches. -This repository holds a composer-installable app starter. -It has been built from the -[development repository](https://github.com/codeigniter4/CodeIgniter4). +It is written in PHP, and is based on the CodeIgniter framework. -More information about the plans for version 4 can be found in [CodeIgniter 4](https://forum.codeigniter.com/forumdisplay.php?fid=28) on the forums. +The database works with Postgresql. -You can read the [user guide](https://codeigniter.com/user_guide/) -corresponding to the latest version of the framework. +## How to install it? -## Installation & updates +- install a virtual machine running Debian or Ubuntu +- define an URL for the application, as **mysturwild.myinstitute.fr** +- create a https certificate to your application +- download the installation script, and run it: -`composer create-project codeigniter4/appstarter` then `composer update` whenever -there is a new release of the framework. +```bash +wget https://github.com/inrae/sturwild/raw/main/install/deploy_new_instance.sh +chmod +x deploy_new_instance.sh +./deploy_new_instance.sh +``` -When updating, check the release notes to see if there are any changes you might need to apply -to your `app` folder. The affected files can be copied or merged from -`vendor/codeigniter4/framework/app`. +The script will: -## Setup +- install Apache2 server, Php, Postgresql and all necessary libraries +- install the software in the folder `/var/www/sturwildApp/sturwild` +- create the database +- add the file `/etc/apache2/sites-available/sturwild.conf` to add the virtual host of your application -Copy `env` to `.env` and tailor for your app, specifically the baseURL -and any database settings. +After that: -## Important Change with index.php +- edit the file `/etc/apache2/sites-available/sturwild.conf` to specify the URL and the paths to the certificate +- edit the file `/var/www/sturwildApp/sturwild/.env`, and: + - define the address of your app (`app.baseURL`) + - configure the identification mode. By default and to configure the app at the first time, you must: + - choose an identification mode that contains **BDD** (`Ppci\Config\IdentificationConfig.identificationMode`), for example BDD, CAS-BDD, LDAP-BDD, OIDC-BDD + - disable the support of TOTP (`Ppci\Config\IdentificationConfig.disableTotpToAdmin=1`) +- activate the app: + - `a2ensite sturwild` + - `systemctl restart apache2` -`index.php` is no longer in the root of the project! It has been moved inside the *public* folder, -for better security and separation of components. +You can now load the app into your browser. The first login is: -This means that you should configure your web server to "point" to your project's *public* folder, and -not to the project root. A better practice would be to configure a virtual host to point there. A poor practice would be to point your web server to the project root and expect to enter *public/...*, as the rest of your logic and the -framework are exposed. +- login: *admin* +- password: *password* -**Please** read the user guide for a better explanation of how CI4 works! +Edit the database parameters (*Administration > Application Settings*), and particulary: -## Repository Management +- **APPLI_CODE**: the code of your institute +- **otp_issuer**: the code of your institute suffixed by STURWILD, to refind the code of the double-identification -We use GitHub issues, in our main repository, to track **BUGS** and to track approved **DEVELOPMENT** work packages. -We use our [forum](http://forum.codeigniter.com) to provide SUPPORT and to discuss -FEATURE REQUESTS. +You can now configure the app, create groups, users, etc. When the configuration is complete, reactive the support of TOTP. -This repository is a "distribution" one, built by our release preparation script. -Problems with it can be raised on our forum, or as issues in the main repository. +## How to upgrade -## Server Requirements +```bash +su +cd /var/www/sturwildApp/sturwild +git pull origin main +./upgradedb.sh +``` -PHP version 8.1 or higher is required, with the following extensions installed: +This will: -- [intl](http://php.net/manual/en/intl.requirements.php) -- [mbstring](http://php.net/manual/en/mbstring.installation.php) - -> [!WARNING] -> - The end of life date for PHP 7.4 was November 28, 2022. -> - The end of life date for PHP 8.0 was November 26, 2023. -> - If you are still using PHP 7.4 or 8.0, you should upgrade immediately. -> - The end of life date for PHP 8.1 will be December 31, 2025. - -Additionally, make sure that the following extensions are enabled in your PHP: - -- json (enabled by default - don't turn it off) -- [mysqlnd](http://php.net/manual/en/mysqlnd.install.php) if you plan to use MySQL -- [libcurl](http://php.net/manual/en/curl.requirements.php) if you plan to use the HTTP\CURLRequest library +- download the last version of the app +- update if necessary the database \ No newline at end of file diff --git a/app/Config/App.php b/app/Config/App.php index fdad279f..327ae514 100644 --- a/app/Config/App.php +++ b/app/Config/App.php @@ -211,8 +211,8 @@ class App extends BaseConfig * * @var string */ - public $privateKey = ROOTPATH . "id_app"; - public $pubKey = ROOTPATH . "id_app.pub"; + public $privateKey = ROOTPATH . "id_sturwild"; + public $pubKey = ROOTPATH . "id_sturwild.pub"; /** * List of locales date formats * diff --git a/env b/env index e2370367..1184821f 100644 --- a/env +++ b/env @@ -12,21 +12,24 @@ #-------------------------------------------------------------------- # ENVIRONMENT +# CI_ENVIRONMENT = production +# CI_ENVIRONMENT = development + #-------------------------------------------------------------------- -CI_ENVIRONMENT = development +CI_ENVIRONMENT = production # disable totp identification in admin mode # Only for first connection in development mode -Ppci\Config\IdentificationConfig.disableTotpToAdmin=1 +Ppci\Config\IdentificationConfig.disableTotpToAdmin=0 #-------------------------------------------------------------------- # Ppci configuration #-------------------------------------------------------------------- app.baseURL = 'https://myapp.mysociety.com' -BASE_DIR = "/var/webroot/project-root" +BASE_DIR = "/var/www/sturwildApp/sturwild" FRONT_DIR = "${BASE_DIR}/public" # If you have trouble with `.`, you could also use `_`. -app.CSPEnabled = true +app.CSPEnabled = false # Duration of conservation of logs in table gacl.log # logDuration = 365 @@ -52,8 +55,8 @@ database.default.charset = utf8 #-------------------------------------------------------------------- # Encryption #-------------------------------------------------------------------- -privateKey = ${BASE_DIR}/id_sturwild -pubKey = ${BASE_DIR}/id_sturwild.pub +app.privateKey = "${BASE_DIR}/id_sturwild" +app.pubKey = "${BASE_DIR}/id_sturwild.pub" #-------------------------------------------------------------------- # Ppci identification diff --git a/install/apache/sturwild.conf b/install/apache2/sturwild.conf similarity index 100% rename from install/apache/sturwild.conf rename to install/apache2/sturwild.conf diff --git a/install/deploy_new_instance.sh b/install/deploy_new_instance.sh index c7c9607a..e95755c1 100755 --- a/install/deploy_new_instance.sh +++ b/install/deploy_new_instance.sh @@ -53,11 +53,11 @@ cd sturwild cp env .env # creation of database echo "creation of the database" -cd /install +cd install su postgres -c "psql -f init_by_psql.sql" cd .. echo "you may verify the configuration of access to postgresql" -echo "look at /etc/postgresql/11/main/pg_hba.conf (verify your version). Only theses lines must be activate:" +echo "look at /etc/postgresql/13/main/pg_hba.conf (verify your version). Only theses lines must be activate:" echo '# "local" is for Unix domain socket connections only local all all peer # IPv4 local connections: @@ -106,8 +106,8 @@ sed -e "s/ /