Aller au contenu

Logiciel Pastèque/Server/Upgrade 6 to 7

Un livre de Wikilivres.

Upgrading Pasteque v6 to v7

[modifier | modifier le wikicode]

Upgrade database

[modifier | modifier le wikicode]

Like for every major version, run the upgrade script to update the database.

No conversion is required for the server to work but it can have some surprises with modules.

JWT configuration

[modifier | modifier le wikicode]

There are two new properties in the config file

// JWT auth
$config['jwt_timeout'] = 600; // Validity in seconds of an auth token
$config['jwt_secret'] = "Change this to a superstrong password";

Put these two new properties in the config file and change the jwt_secret. It is used to sign and verify the auth tokens, don't hesitate to put a 256 character long random string with special characters.

Openbar was deleted. If your server used it, you are suggested to switch to inifile for a simple configuration or local to put user accounts in a database.

PHP 5.5 is required for Inifile auth module.

Inifile uses password hashing. You can use the following php-cli script to generate the hash property. You may also use an online generator like https://pasteque.pro/user_ini.php

<?php
if ($argc < 2) {
	system("stty -echo");
	$password = fread(STDIN, 80);
	$password2 = fread(STDIN, 80);
	system("stty echo");
	if ($password != $password2) {
		file_put_contents("php://stderr", "Password mismatch\n");
		die();
	}
} else {
	$password = $argv[1];
}
echo "password=" . password_hash($password, PASSWORD_DEFAULT);

A new layer of loggin has been added in v7 with new configuration properties. With more log output, the server can write the log in a dedicated file along the system log (usefull when you can't have access in real time to the system log):

// Uncomment to add an other log directory. System log is still enabled.
//$config['log_dir'] = "/var/log/pasteque";
// Log level: one of DEBUG, INFO, WARNING, ERROR
$config['log_level'] = 'WARNING';

The user running the server must have write permission to the targeted directory. A new log file is created every day.

The core modules for managing enabled modules were deleted.

Instead, the list of activated modules is set in the APPLICATIONS table. The upgrade script set it by default to all. You may have to change this value from the previous configuration.

No special changes required. Just upgrade the clients and let's go.