Flarum support (#3342)

* Flarum support

* Run Prettier

* update logo

* Add nginx only templates

---------

Co-authored-by: Stephen J Carnam <steveorevo@gmail.com>
Co-authored-by: Steveorevo <steve@steveorevo.com>

install/deb/templates/web/nginx/php-fpm/flarum.stpl

@@ -0,0 +1,112 @@
+#=========================================================================#
+# Default Web Domain Template                                             #
+# DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS   #
+# https://docs.hestiacp.com/admin_docs/web.html#how-do-web-templates-work #
+#=========================================================================#
+
+server {
+	listen      %ip%:%web_ssl_port% ssl http2;
+	server_name %domain_idn% %alias_idn%;
+	root        %docroot%;
+	index       index.php index.html index.htm;
+	access_log  /var/log/nginx/domains/%domain%.log combined;
+	access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+	error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+
+	include %home%/%user%/conf/web/%domain%/nginx.forcessl.conf*;
+
+	# Pass requests that don't refer directly to files in the filesystem to index.php
+	location / {
+	  try_files $uri $uri/ /index.php?$query_string;
+	}
+
+	location ~ \.php$ {
+		fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+		try_files $uri =404;
+		fastcgi_pass %backend_lsnr%;
+		fastcgi_index index.php;
+		include /etc/nginx/fastcgi_params;
+		include %home%/%user%/conf/web/%domain%/nginx.fastcgi_cache.conf*;
+	}
+
+	#Uncomment the following lines if you are not using a `public` directory
+	#to prevent sensitive resources from being exposed.
+	location ~* ^/(\.git|composer\.(json|lock)|auth\.json|config\.php|flarum|storage|vendor) {
+	   deny all;
+	   return 404;
+	}
+
+	# The following directives are based on best practices from H5BP Nginx Server Configs
+	# https://github.com/h5bp/server-configs-nginx
+
+	# Expire rules for static content
+	location ~* \.(?:manifest|appcache|html?|xml|json)$ {
+	  add_header Cache-Control "max-age=0";
+	}
+
+	location ~* \.(?:rss|atom)$ {
+	  add_header Cache-Control "max-age=3600";
+	}
+
+	location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|mp4|ogg|ogv|webm|htc)$ {
+	  add_header Cache-Control "max-age=2592000";
+	  access_log off;
+	}
+
+	location ~* \.(?:css|js)$ {
+	  add_header Cache-Control "max-age=31536000";
+	  access_log off;
+	}
+
+	location ~* \.(?:ttf|ttc|otf|eot|woff|woff2)$ {
+	  add_header Cache-Control "max-age=2592000";
+	  access_log off;
+	}
+
+	# Gzip compression
+	gzip on;
+	gzip_comp_level 5;
+	gzip_min_length 256;
+	gzip_proxied any;
+	gzip_vary on;
+	gzip_types
+		application/atom+xml
+		application/javascript
+		application/json
+		application/ld+json
+		application/manifest+json
+		application/rss+xml
+		application/vnd.geo+json
+		application/vnd.ms-fontobject
+		application/x-font-ttf
+		application/x-web-app-manifest+json
+		application/xhtml+xml
+		application/xml
+		font/opentype
+		image/bmp
+		image/svg+xml
+		image/x-icon
+		text/cache-manifest
+		text/css
+		text/javascript
+		text/plain
+		text/vcard
+		text/vnd.rim.location.xloc
+		text/vtt
+		text/x-component
+		text/x-cross-domain-policy;
+
+	location /error/ {
+		alias   %home%/%user%/web/%domain%/document_errors/;
+	}
+
+	location /vstats/ {
+		alias   %home%/%user%/web/%domain%/stats/;
+		include %home%/%user%/web/%domain%/stats/auth.conf*;
+	}
+
+	include     /etc/nginx/conf.d/phpmyadmin.inc*;
+	include     /etc/nginx/conf.d/phppgadmin.inc*;
+	include     %home%/%user%/conf/web/%domain%/nginx.conf_*;
+}

install/deb/templates/web/nginx/php-fpm/flarum.tpl

@@ -0,0 +1,116 @@
+#=========================================================================#
+# Default Web Domain Template                                             #
+# DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS   #
+# https://docs.hestiacp.com/admin_docs/web.html#how-do-web-templates-work #
+#=========================================================================#
+
+server {
+	listen      %ip%:%web_port%;
+	server_name %domain_idn% %alias_idn%;
+	root        %docroot%;
+	index       index.php index.html index.htm;
+	access_log  /var/log/nginx/domains/%domain%.log combined;
+	access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+	error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+	ssl_certificate      %ssl_pem%;
+	ssl_certificate_key  %ssl_key%;
+	ssl_stapling on;
+	ssl_stapling_verify on;
+
+	include %home%/%user%/conf/web/%domain%/nginx.forcessl.conf*;
+
+	# Pass requests that don't refer directly to files in the filesystem to index.php
+	location / {
+	  try_files $uri $uri/ /index.php?$query_string;
+	}
+
+	location ~ \.php$ {
+		fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+		try_files $uri =404;
+		fastcgi_pass %backend_lsnr%;
+		fastcgi_index index.php;
+		include /etc/nginx/fastcgi_params;
+		include %home%/%user%/conf/web/%domain%/nginx.fastcgi_cache.conf*;
+	}
+
+	#Uncomment the following lines if you are not using a `public` directory
+	#to prevent sensitive resources from being exposed.
+	location ~* ^/(\.git|composer\.(json|lock)|auth\.json|config\.php|flarum|storage|vendor) {
+	   deny all;
+	   return 404;
+	}
+
+	# The following directives are based on best practices from H5BP Nginx Server Configs
+	# https://github.com/h5bp/server-configs-nginx
+
+	# Expire rules for static content
+	location ~* \.(?:manifest|appcache|html?|xml|json)$ {
+	  add_header Cache-Control "max-age=0";
+	}
+
+	location ~* \.(?:rss|atom)$ {
+	  add_header Cache-Control "max-age=3600";
+	}
+
+	location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|mp4|ogg|ogv|webm|htc)$ {
+	  add_header Cache-Control "max-age=2592000";
+	  access_log off;
+	}
+
+	location ~* \.(?:css|js)$ {
+	  add_header Cache-Control "max-age=31536000";
+	  access_log off;
+	}
+
+	location ~* \.(?:ttf|ttc|otf|eot|woff|woff2)$ {
+	  add_header Cache-Control "max-age=2592000";
+	  access_log off;
+	}
+
+	# Gzip compression
+	gzip on;
+	gzip_comp_level 5;
+	gzip_min_length 256;
+	gzip_proxied any;
+	gzip_vary on;
+	gzip_types
+		application/atom+xml
+		application/javascript
+		application/json
+		application/ld+json
+		application/manifest+json
+		application/rss+xml
+		application/vnd.geo+json
+		application/vnd.ms-fontobject
+		application/x-font-ttf
+		application/x-web-app-manifest+json
+		application/xhtml+xml
+		application/xml
+		font/opentype
+		image/bmp
+		image/svg+xml
+		image/x-icon
+		text/cache-manifest
+		text/css
+		text/javascript
+		text/plain
+		text/vcard
+		text/vnd.rim.location.xloc
+		text/vtt
+		text/x-component
+		text/x-cross-domain-policy;
+
+	location /error/ {
+		alias   %home%/%user%/web/%domain%/document_errors/;
+	}
+
+	location /vstats/ {
+		alias   %home%/%user%/web/%domain%/stats/;
+		include %home%/%user%/web/%domain%/stats/auth.conf*;
+	}
+
+	include     /etc/nginx/conf.d/phpmyadmin.inc*;
+	include     /etc/nginx/conf.d/phppgadmin.inc*;
+	include     %home%/%user%/conf/web/%domain%/nginx.conf_*;
+}

web/src/app/WebApp/Installers/Flarum/FlarumSetup.php

@@ -0,0 +1,214 @@
+<?php
+namespace Hestia\WebApp\Installers\Flarum;
+
+use Hestia\System\Util;
+use Hestia\WebApp\Installers\BaseSetup as BaseSetup;
+
+class FlarumSetup extends BaseSetup {
+	protected $appInfo = [
+		"name" => "Flarum",
+		"group" => "forum",
+		"enabled" => true,
+		"version" => "latest",
+		"thumbnail" => "fl-thumb.png",
+	];
+
+	protected $appname = "flarum";
+
+	protected $config = [
+		"form" => [
+			"forum_title" => ["type" => "text", "value" => "Flarum Forum"],
+			"admin_username" => ["value" => "fladmin"],
+			"admin_email" => "text",
+			"admin_password" => "password",
+			"install_directory" => ["type" => "text", "value" => "", "placeholder" => "/"],
+		],
+		"database" => true,
+		"resources" => [
+			"composer" => ["src" => "flarum/flarum"],
+		],
+		"server" => [
+			"nginx" => [
+				"template" => "flarum",
+			],
+			"php" => [
+				"supported" => ["8.0", "8.1", "8.2"],
+			],
+		],
+	];
+
+	// Our updateFile routine done the 'Hestia way'
+	public function updateFile($file, $search, $replace) {
+		$result = null;
+		$this->appcontext->runUser("v-open-fs-file", [$file], $result);
+		foreach ($result->raw as $line_num => $line) {
+			if (strpos($line, $search) !== false) {
+				$result->raw[$line_num] = str_replace($search, $replace, $line);
+			}
+		}
+		$tmp = $this->saveTempFile(implode("\r\n", $result->raw));
+		if (!$this->appcontext->runUser("v-move-fs-file", [$tmp, $file], $result)) {
+			throw new \Exception("Error updating file in: " . $tmp . " " . $result->text);
+		}
+		return $result;
+	}
+
+	public function install(array $options = null): bool {
+		parent::setAppDirInstall($options["install_directory"]);
+		parent::install($options);
+		parent::setup($options);
+		$result = null;
+
+		// Move public folder content (https://docs.flarum.org/install/#customizing-paths)
+		if (
+			!$this->appcontext->runUser(
+				"v-list-fs-directory",
+				[$this->getDocRoot("public")],
+				$result,
+			)
+		) {
+			throw new \Exception(
+				"Error listing folder at: " . $this->getDocRoot("public") . $result->text,
+			);
+		}
+		foreach ($result->raw as $line_num => $line) {
+			$detail = explode("|", $line);
+			$type = $detail[0];
+			$name = end($detail);
+			if ($name != "") {
+				if ($type == "d") {
+					// Directory
+					if (
+						!$this->appcontext->runUser(
+							"v-move-fs-directory",
+							[
+								$this->getDocRoot("public") . "/" . $name,
+								$this->getDocRoot() . "/" . $name,
+							],
+							$result,
+						)
+					) {
+						throw new \Exception(
+							"Error moving folder at: " .
+								$this->getDocRoot("public") .
+								"/" .
+								$name .
+								$result->text,
+						);
+					}
+				} else {
+					if (
+						!$this->appcontext->runUser(
+							"v-move-fs-file",
+							[
+								$this->getDocRoot("public") . "/" . $name,
+								$this->getDocRoot() . "/" . $name,
+							],
+							$result,
+						)
+					) {
+						throw new \Exception(
+							"Error moving file at: " .
+								$this->getDocRoot("public") .
+								"/" .
+								$name .
+								$result->text,
+						);
+					}
+				}
+			}
+		}
+		if (
+			!$this->appcontext->runUser(
+				"v-delete-fs-directory",
+				[$this->getDocRoot("public")],
+				$result,
+			)
+		) {
+			throw new \Exception(
+				"Error deleting folder at: " . $this->getDocRoot("public") . $result->text,
+			);
+		}
+
+		// Not using 'public'; enable protection rewrite rules and update paths
+		$result = $this->updateFile(
+			$this->getDocRoot(".htaccess"),
+			"# RewriteRule ",
+			"RewriteRule ",
+		);
+		$result = $this->updateFile(
+			$this->getDocRoot("index.php"),
+			'$site = require \'../site.php\';',
+			'$site = require \'./site.php\';',
+		);
+		$result = $this->updateFile(
+			$this->getDocRoot("site.php"),
+			"'public' => __DIR__.'/public',",
+			"'public' => __DIR__,",
+		);
+
+		// POST install
+		$this->appcontext->run(
+			"v-list-web-domain",
+			[$this->appcontext->user(), $this->domain, "json"],
+			$status,
+		);
+		$sslEnabled = $status->json[$this->domain]["SSL"] == "no" ? 0 : 1;
+		$webDomain = ($sslEnabled ? "https://" : "http://") . $this->domain;
+		$webPort = $sslEnabled ? "443" : "80";
+
+		$mysql_host = "localhost";
+		$mysql_database = addcslashes(
+			$this->appcontext->user() . "_" . $options["database_name"],
+			"\\'",
+		);
+		$mysql_username = addcslashes(
+			$this->appcontext->user() . "_" . $options["database_user"],
+			"\\'",
+		);
+		$mysql_password = addcslashes($options["database_password"], "\\'");
+		$table_prefix = addcslashes(Util::generate_string(5, false) . "_", "\\'");
+		$subfolder = $options["install_directory"];
+		if (substr($subfolder, 0, 1) != "/") {
+			$subfolder = "/" . $subfolder;
+		}
+
+		$cmd =
+			"/usr/bin/curl --location --post301 --insecure --resolve " .
+			$this->domain .
+			":$webPort:" .
+			$this->appcontext->getWebDomainIp($this->domain) .
+			" " .
+			escapeshellarg($webDomain . $subfolder . "/index.php") .
+			" -d " .
+			escapeshellarg(
+				"forumTitle=" .
+					rawurlencode($options["forum_title"]) .
+					"&mysqlHost=" .
+					rawurlencode($mysql_host) .
+					"&mysqlDatabase=" .
+					rawurlencode($mysql_database) .
+					"&mysqlUsername=" .
+					rawurlencode($mysql_username) .
+					"&mysqlPassword=" .
+					rawurlencode($mysql_password) .
+					"&tablePrefix=" .
+					rawurlencode($table_prefix) .
+					"&adminUsername=" .
+					rawurlencode($options["admin_username"]) .
+					"&adminEmail=" .
+					rawurlencode($options["admin_email"]) .
+					"&adminPassword=" .
+					rawurlencode($options["admin_password"]) .
+					"&adminPasswordConfirmation=" .
+					rawurlencode($options["admin_password"]),
+			);
+		exec($cmd, $output, $return_var);
+
+		// Report any errors
+		if ($return_var > 0) {
+			throw new \Exception(implode(PHP_EOL, $output));
+		}
+		return $result->code === 0 && $return_var === 0;
+	}
+}