Created

Standard name for Yunohost appli
Include jquery lib

LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2015 Chtixof
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -0,0 +1,10 @@
+# pgpback_ynh : save and restore local PGP keys used by RainLoop under Yunohost #
+
+pgpback_ynh is packaged to be installed on a [Yunohost](https://yunohost.org) server. It has been tested with Chrome.
+
+The PGP keys used by [RainLoop](https://github.com/polytan02/rainloop_ynh) for encryption and signature are stored in the local storage of the browser.
+
+pgpback_ynh comes in complement. It enables to:
+- save the PGP keys from the local storage to the server in a file dedicated to the user connected to Yunohost
+- clear the PGP keys from the local storage, to avoid it to be accessed by anyone
+- restore the PGP keys in the local storage from the server 

conf/nginx.conf

@@ -0,0 +1,18 @@
+location PATHTOCHANGE {
+
+  alias WWWPATH ;
+
+  index index.html index.php ;
+  try_files $uri $uri/ index.php;
+  location ~ [^/]\.php(/|$) {
+    fastcgi_split_path_info ^(.+?\.php)(/.*)$;
+    fastcgi_pass unix:/var/run/php5-fpm.sock;
+    fastcgi_index index.php;
+    include fastcgi_params;
+    fastcgi_param   REMOTE_USER   $remote_user;
+    fastcgi_param  PATH_INFO $fastcgi_path_info;
+  }
+
+  # Include SSOWAT user panel.
+  include conf.d/yunohost_panel.conf.inc;
+}

manifest.json

@@ -0,0 +1,31 @@
+{
+    "name": "PGPBack",
+    "id": "pgpback",
+    "description": {
+        "en": "Save and restore the PGP keys for Rainloop",
+        "fr": "Sauve et restaure les clés PGP pour Rainloop"
+    },
+    "license": "MIT",
+    "developer": {
+        "name": "chtixof"
+    },
+    "multi_instance": "false",
+    "arguments": {
+        "install" : [            {
+                "name": "domain",
+                "ask": {
+                    "en": "Choose a domain for PGPBack",
+                    "en": "Choisissez un domaine pour PGPBack"
+                },
+                "example": "domain.org"
+            },{
+                "name": "path",
+                "ask": {
+                    "en": "Choose a path for PGPBack",
+                    "en": "Choisissez un chemin pour PGPBack"
+                },
+                "example": "/pgpback",
+                "default": "/pgpback"
+            } ]
+    }
+}

scripts/backup

@@ -0,0 +1,15 @@
+#!/bin/bash
+app=pgpback
+
+# The parameter $1 is the backup directory location
+# which will be compressed afterward
+backup_dir=$1/apps/$app
+mkdir -p $backup_dir
+
+# Backup sources & data
+sudo cp -a /var/www/$app/. $backup_dir/sources
+
+# Copy Nginx and YunoHost parameters to make the script "standalone"
+sudo cp -a /etc/yunohost/apps/$app/. $backup_dir/yunohost
+domain=$(sudo yunohost app setting $app domain)
+sudo cp -a /etc/nginx/conf.d/$domain.d/$app.conf $backup_dir/nginx.conf

scripts/install

@@ -0,0 +1,28 @@
+#!/bin/bash
+# Installation de pgpback dans Yunohost
+app=pgpback
+
+# Retrieve arguments
+domain=$1
+path=$2
+
+# Check domain/path availability
+sudo yunohost app checkurl $domain$path -a $app
+if [[ ! $? -eq 0 ]]; then
+    exit 1
+fi
+
+# Copy files to the right place with the right permissions
+final_path=/var/www/$app
+sudo mkdir -p $final_path
+sudo cp -a ../sources/* $final_path
+sudo chown -R www-data: $final_path
+
+# Modify Nginx configuration file and copy it to Nginx conf directory
+sed -i "s@PATHTOCHANGE@$path@g"  ../conf/nginx.conf
+sed -i "s@WWWPATH@$final_path@g" ../conf/nginx.conf
+sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf
+
+# Reload nginx and regenerate SSOwat conf
+sudo service nginx reload
+sudo yunohost app ssowatconf

scripts/remove

@@ -0,0 +1,15 @@
+#!/bin/bash
+app=pgpback
+
+# Retrieve arguments
+domain=$(sudo yunohost app setting $app domain)
+
+# Remove sources
+sudo rm -rf /var/www/$app
+
+# Remove configuration files
+sudo rm -f /etc/nginx/conf.d/$domain.d/$app.conf
+
+# Restart services
+sudo service nginx reload
+sudo yunohost app ssowatconf

scripts/restore

@@ -0,0 +1,16 @@
+#!/bin/bash
+app=pgpback
+
+# The parameter $1 is the uncompressed restore directory location
+backup_dir=$1/apps/$app
+
+# Restore sources & data
+sudo cp -a $backup_dir/sources/. /var/www/$app
+
+# Restore Nginx and YunoHost parameters
+sudo cp -a $backup_dir/yunohost/. /etc/yunohost/apps/$app
+domain=$(sudo yunohost app setting $app domain)
+sudo cp -a $backup_dir/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf
+
+# Restart webserver
+sudo service nginx reload

scripts/upgrade

@@ -0,0 +1,24 @@
+#!/bin/bash
+app=pgpback
+
+# Retrieve arguments
+domain=$(sudo yunohost app setting $app domain)
+path=$(sudo yunohost app setting $app path)
+
+# Remove trailing "/" for next commands
+path=${path%/}
+
+# Copy source files
+final_path=/var/www/$app
+sudo mkdir -p $final_path
+sudo cp -a ../sources/* $final_path
+
+# Modify Nginx configuration file and copy it to Nginx conf directory
+sed -i "s@PATHTOCHANGE@$path@g"  ../conf/nginx.conf
+sed -i "s@WWWPATH@$final_path@g" ../conf/nginx.conf
+sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf
+
+# Restart services
+sudo service nginx reload
+sudo yunohost app ssowatconf
+

sources/fav.php

@@ -0,0 +1,23 @@
+<?php
+$text=file_get_contents('php://input');
+$user=$_SERVER["PHP_AUTH_USER"];
+$file='pk_'.$user.'.json';
+if ($user=="") {
+  $out='{"rc":-2,"pk":[]}';  
+
+} else if ($text=="") {
+  $fread=file_get_contents($file);
+  if ($fread==""){
+    $out='{"rc":-3,"pk":[]}';  
+  } else {
+    $out='{"rc":-1,"pk":'.file_get_contents($file).'}';  
+  }  
+} else {
+  $fstatus=file_put_contents($file,$text) ;
+  $out='{"rc":'.$fstatus.',"pk":[]}';  
+}
+header("Cache-Control: no-cache, must-revalidate");
+header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
+header("Content-Type: application/json; charset=utf-8");
+echo json_encode($out);   
+?>

sources/index.html

@@ -0,0 +1,90 @@
+<!DOCTYPE html>
+<head>           
+  <meta charset="utf-8">           
+  <title>PGPBack   
+  </title>           
+<style>
+body {
+background: #41444f;
+color: #bbb;
+}
+a {
+color: #fff;
+text-decoration:none;
+}
+a:hover {
+color: #fff;
+text-decoration:underline;
+}
+</style>
+</head>   
+<body>
+<h1>PGPBack : OpenPGP keys backup for Rainloop</h1>
+PGPBack has been tested with Chrome. It enables the following:<br><br>
+<a id="arestorels"  href="javascript:void(0)">Set the local OpenPGP keys from the server</a><br/><br/>
+<a id="asavels"  href="javascript:void(0)">Backup the local OpenPGP keys onto the server</a><br/><br/>
+<a id="aclearls"  href="javascript:void(0)">Clear the local OpenPGP keys (for security reasons)</a><br/><br/> 
+<script src="lib/jquery-1.11.2.min.js"></script>
+<script>
+$(document).ready(function() {
+  $('#asavels').click(function() {
+    if (confirm('The local OpenPGP keys will be loaded onto the server')) {
+      $.ajax("fav.php", {
+        data : JSON.stringify([localStorage["openpgp-private-keys"],localStorage["openpgp-public-keys"]]),
+        contentType : 'application/json',
+        type : 'POST',
+        dataType: 'json',
+        success: function (data) {
+          parseddata=JSON.parse(data);
+          switch (parseddata.rc){
+          case -2:
+            alert("User not logged in Yunohost. Keys not saved.");        
+            break;
+          case -1:
+          case -3:
+            alert("No keys to save.");        
+            break;
+          case 0:
+            alert("Problem when writing the data. Keys not saved.");        
+            break;
+          default:
+            alert("Keys saved ("+parseddata.rc+" bytes)."); 
+          }
+        }
+      });
+    }
+  });
+  $('#aclearls').click(function() {
+    if (confirm('The local OpenPGP keys will be deleted')) {
+      delete localStorage["openpgp-private-keys"];
+      delete localStorage["openpgp-public-keys"];
+    }
+  });
+  $('#arestorels').click(function() {
+    if (confirm('The local OpenPGP keys will be replaced by those from the server')) {
+      $.ajax("fav.php", {
+        contentType : 'application/json',
+        type : 'POST',
+        dataType: 'json',   
+        success: function (data) {
+          parseddata=JSON.parse(data);
+          switch (parseddata.rc){
+          case -2:
+            alert("User not logged in Yunohost. Keys not set.");        
+            break;
+          case -3:
+            alert("No data found. Keys not set.");        
+            break;
+          default:
+            localStorage["openpgp-private-keys"]=parseddata.pk[0];
+            localStorage["openpgp-public-keys"]=parseddata.pk[1];
+            alert("Keys set from the server."); 
+          }
+        }
+      });
+    }
+  });
+})
+</script>     
+</body>
+</html>