Support ⇒ Dragonfly CMS v10 ⇒ Package Manager ⇒ Community Forums ⇒ CPG Dragonfly™ CMS
Forum IndexDragonfly CMS v10

Package Manager Reply to topic


Dragonfly CMS v10.0.28 now has a Package Manager.
It is fully working, and it should allow easy installing of: modules, themes, languages, etc.

To create your own package you can use the following script:
<?php ini_set('display_errors', 1); $dir = __DIR__ . '/' . $argv[1]; if (Phar::canWrite()) { @unlink("{$dir}.tgz"); $p = new PharData("{$dir}.tar"); $p = $p->compress(Phar::GZ, '.tgz'); $p->buildFromDirectory($dir); $manifest = "{$dir}/package.xml"; if (is_file($manifest)) { unset($p['package.xml']); $p->setMetadata(array('package' => file_get_contents($manifest))); } echo "Package created\n"; } else { echo "Cannot create package\n"; }
When your package is at /path/to/mypackage
save it as: /path/to/create-package.php
Then run it from your command line:
$ php /path/to/create-package.php mypackage

Repositories
You can also add your own repository at: Admin -> Package Manager -> Settings
At writing ours is at "https: //dragonflycms.org/downloads/v10/"
The manager then downloads/uses: /downloads/v10/packages.xml


More info soon!
Attachment: packagemanager-list.png
Description
Filesize 20.42 KiB
Viewed 5 Time(s)
You are not allowed to view/download this attachment
Attachment: packagemanager-settings.png
Description
Filesize 11.91 KiB
Viewed 1 Time(s)
You are not allowed to view/download this attachment

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):
Fedora 25 / Apache 2.4.27 / MariaDB 10.1.26 / PHP 7.1.10 / Mercurial

Last edited by DJ Maze on Mon Oct 23, 2017 12:38 am; edited 9 times in total


I've added signature security in all files to prevent tampering in the future.

There were 3 options to choose from:
  1. GnuPG extension
  2. OpenSSL extension
  3. Phar::setSignatureAlgorithm(Phar::OPENSSL, $private_key)
After testing them all, #3 has become the solution as it embeds the signature inside the package without writing lots of PHP code ourselves.

This way we can properly secure our packages and prevent tampered/malicious updates,
as they all must match the public key.

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):
Fedora 25 / Apache 2.4.27 / MariaDB 10.1.26 / PHP 7.1.10 / Mercurial

Last edited by DJ Maze on Mon Oct 23, 2017 12:37 am; edited 3 times in total


Also don't forget to read the Wiki entry for more info

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):
Fedora 25 / Apache 2.4.27 / MariaDB 10.1.26 / PHP 7.1.10 / Mercurial

Last edited by DJ Maze on Tue Jan 16, 2018 3:53 am; edited 1 time in total

All times are UTC


Jump to: