mirror of
https://github.com/YunoHost-Apps/13ft_ynh.git
synced 2024-09-03 18:06:03 +02:00
first try
This commit is contained in:
lapineige
GitHub
parent
6f0266bea7
commit
3ab10ded5c
1 changed files with 9 additions and 149 deletions
158
scripts/install
158
scripts/install
|
|
@ -27,9 +27,6 @@ ynh_abort_if_errors
|
|||
domain=$YNH_APP_ARG_DOMAIN
|
||||
path_url=$YNH_APP_ARG_PATH
|
||||
is_public=$YNH_APP_ARG_IS_PUBLIC
|
||||
language=$YNH_APP_ARG_LANGUAGE
|
||||
admin=$YNH_APP_ARG_ADMIN
|
||||
password=$YNH_APP_ARG_PASSWORD
|
||||
|
||||
### If it's a multi-instance app, meaning it can be installed several times independently
|
||||
### The id of the app as stated in the manifest is available as $YNH_APP_ID
|
||||
|
|
@ -72,7 +69,6 @@ ynh_script_progression --message="Storing installation settings..." --weight=1
|
|||
ynh_app_setting_set --app=$app --key=domain --value=$domain
|
||||
ynh_app_setting_set --app=$app --key=path --value=$path_url
|
||||
ynh_app_setting_set --app=$app --key=language --value=$language
|
||||
ynh_app_setting_set --app=$app --key=admin --value=$admin
|
||||
|
||||
#=================================================
|
||||
# STANDARD MODIFICATIONS
|
||||
|
|
@ -87,8 +83,8 @@ ynh_script_progression --message="Finding an available port..." --weight=1
|
|||
### - Remove the section "CLOSE A PORT" in the remove script
|
||||
|
||||
# Find an available port
|
||||
port=$(ynh_find_port --port=8095)
|
||||
ynh_app_setting_set --app=$app --key=port --value=$port
|
||||
#port=$(ynh_find_port --port=8095)
|
||||
#ynh_app_setting_set --app=$app --key=port --value=$port
|
||||
|
||||
# Optional: Expose this port publicly
|
||||
# (N.B.: you only need to do this if the app actually needs to expose the port publicly.
|
||||
|
|
@ -101,7 +97,7 @@ ynh_app_setting_set --app=$app --key=port --value=$port
|
|||
#=================================================
|
||||
# INSTALL DEPENDENCIES
|
||||
#=================================================
|
||||
ynh_script_progression --message="Installing dependencies..." --weight=1
|
||||
ynh_script_progression --message="Installing python dependencies..." --weight=1
|
||||
|
||||
### `ynh_install_app_dependencies` allows you to add any "apt" dependencies to the package.
|
||||
### Those deb packages will be installed as dependencies of this package.
|
||||
|
|
@ -111,7 +107,9 @@ ynh_script_progression --message="Installing dependencies..." --weight=1
|
|||
### - As well as the section "REINSTALL DEPENDENCIES" in the restore script
|
||||
### - And the section "UPGRADE DEPENDENCIES" in the upgrade script
|
||||
|
||||
ynh_install_app_dependencies $pkg_dependencies
|
||||
# ynh_install_app_dependencies $pkg_dependencies
|
||||
|
||||
pip3 install flask
|
||||
|
||||
#=================================================
|
||||
# CREATE DEDICATED USER
|
||||
|
|
@ -121,25 +119,6 @@ ynh_script_progression --message="Configuring system user..." --weight=1
|
|||
# Create a system user
|
||||
ynh_system_user_create --username=$app --home_dir="$final_path"
|
||||
|
||||
#=================================================
|
||||
# CREATE A MYSQL DATABASE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Creating a MySQL database..." --weight=1
|
||||
|
||||
### Use these lines if you need a database for the application.
|
||||
### `ynh_mysql_setup_db` will create a database, an associated user and a ramdom password.
|
||||
### The password will be stored as 'mysqlpwd' into the app settings,
|
||||
### and will be available as $db_pwd
|
||||
### If you're not using these lines:
|
||||
### - Remove the section "BACKUP THE MYSQL DATABASE" in the backup script
|
||||
### - Remove also the section "REMOVE THE MYSQL DATABASE" in the remove script
|
||||
### - As well as the section "RESTORE THE MYSQL DATABASE" in the restore script
|
||||
|
||||
db_name=$(ynh_sanitize_dbid --db_name=$app)
|
||||
db_user=$db_name
|
||||
ynh_app_setting_set --app=$app --key=db_name --value=$db_name
|
||||
ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name
|
||||
|
||||
#=================================================
|
||||
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
||||
#=================================================
|
||||
|
|
@ -163,25 +142,6 @@ chmod 750 "$final_path"
|
|||
chmod -R o-rwx "$final_path"
|
||||
chown -R $app:www-data "$final_path"
|
||||
|
||||
#=================================================
|
||||
# PHP-FPM CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Configuring PHP-FPM..." --weight=1
|
||||
|
||||
### `ynh_add_fpm_config` is used to set up a PHP config.
|
||||
### You can remove it if your app doesn't use PHP.
|
||||
### `ynh_add_fpm_config` will use the files conf/php-fpm.conf
|
||||
### If you're not using these lines:
|
||||
### - You can remove these files in conf/.
|
||||
### - Remove the section "BACKUP THE PHP-FPM CONFIGURATION" in the backup script
|
||||
### - Remove also the section "REMOVE PHP-FPM CONFIGURATION" in the remove script
|
||||
### - As well as the section "RESTORE THE PHP-FPM CONFIGURATION" in the restore script
|
||||
### with the reload at the end of the script.
|
||||
### - And the section "PHP-FPM CONFIGURATION" in the upgrade script
|
||||
|
||||
# Create a dedicated PHP-FPM config
|
||||
ynh_add_fpm_config
|
||||
|
||||
#=================================================
|
||||
# NGINX CONFIGURATION
|
||||
#=================================================
|
||||
|
|
@ -198,65 +158,6 @@ ynh_add_nginx_config
|
|||
# ...
|
||||
#=================================================
|
||||
|
||||
#=================================================
|
||||
# CREATE DATA DIRECTORY
|
||||
#=================================================
|
||||
ynh_script_progression --message="Creating a data directory..." --weight=1
|
||||
|
||||
### Use these lines if you need to create a directory to store "persistent files" for the application.
|
||||
### Usually this directory is used to store uploaded files or any file that won't be updated during
|
||||
### an upgrade and that won't be deleted during app removal unless "--purge" option is used.
|
||||
### If you're not using these lines:
|
||||
### - Remove the section "BACKUP THE DATA DIR" in the backup script
|
||||
### - Remove the section "RESTORE THE DATA DIRECTORY" in the restore script
|
||||
### - As well as the section "REMOVE DATA DIR" in the remove script
|
||||
|
||||
datadir=/home/yunohost.app/$app
|
||||
ynh_app_setting_set --app=$app --key=datadir --value=$datadir
|
||||
|
||||
mkdir -p $datadir
|
||||
|
||||
# FIXME: this should be managed by the core in the future
|
||||
# Here, as a packager, you may have to tweak the ownerhsip/permissions
|
||||
# such that the appropriate users (e.g. maybe www-data) can access
|
||||
# files in some cases.
|
||||
# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder -
|
||||
# this will be treated as a security issue.
|
||||
chmod 750 "$datadir"
|
||||
chmod -R o-rwx "$datadir"
|
||||
chown -R $app:www-data "$datadir"
|
||||
|
||||
#=================================================
|
||||
# ADD A CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Adding a configuration file..." --weight=1
|
||||
|
||||
### You can add specific configuration files.
|
||||
###
|
||||
### Typically, put your template conf file in ../conf/your_config_file
|
||||
### The template may contain strings such as __FOO__ or __FOO_BAR__,
|
||||
### which will automatically be replaced by the values of $foo and $foo_bar
|
||||
###
|
||||
### ynh_add_config will also keep track of the config file's checksum,
|
||||
### which later during upgrade may allow to automatically backup the config file
|
||||
### if it's found that the file was manually modified
|
||||
###
|
||||
### Check the documentation of `ynh_add_config` for more info.
|
||||
|
||||
ynh_add_config --template="some_config_file" --destination="$final_path/some_config_file"
|
||||
|
||||
# FIXME: this should be handled by the core in the future
|
||||
# You may need to use chmod 600 instead of 400,
|
||||
# for example if the app is expected to be able to modify its own config
|
||||
chmod 400 "$final_path/some_config_file"
|
||||
chown $app:$app "$final_path/some_config_file"
|
||||
|
||||
### For more complex cases where you want to replace stuff using regexes,
|
||||
### you shoud rely on ynh_replace_string (which is basically a wrapper for sed)
|
||||
### When doing so, you also need to manually call ynh_store_file_checksum
|
||||
###
|
||||
### ynh_replace_string --match_string="match_string" --replace_string="replace_string" --target_file="$final_path/some_config_file"
|
||||
### ynh_store_file_checksum --file="$final_path/some_config_file"
|
||||
|
||||
#=================================================
|
||||
# SETUP SYSTEMD
|
||||
|
|
@ -275,46 +176,13 @@ ynh_script_progression --message="Configuring a systemd service..." --weight=1
|
|||
### - And the section "SETUP SYSTEMD" in the upgrade script
|
||||
|
||||
# Create a dedicated systemd config
|
||||
ynh_add_systemd_config
|
||||
# ynh_add_systemd_config
|
||||
|
||||
#=================================================
|
||||
# SETUP APPLICATION WITH CURL
|
||||
#=================================================
|
||||
|
||||
### Use these lines only if the app installation needs to be finalized through
|
||||
### web forms. We generally don't want to ask the final user,
|
||||
### so we're going to use curl to automatically fill the fields and submit the
|
||||
### forms.
|
||||
|
||||
# Set the app as temporarily public for curl call
|
||||
ynh_script_progression --message="Configuring SSOwat..." --weight=1
|
||||
# Making the app public for curl
|
||||
ynh_permission_update --permission="main" --add="visitors"
|
||||
|
||||
# Installation with curl
|
||||
ynh_script_progression --message="Finalizing installation..." --weight=1
|
||||
ynh_local_curl "/INSTALL_PATH" "key1=value1" "key2=value2" "key3=value3"
|
||||
|
||||
# Remove the public access
|
||||
ynh_permission_update --permission="main" --remove="visitors"
|
||||
|
||||
#=================================================
|
||||
# GENERIC FINALIZATION
|
||||
#=================================================
|
||||
# SETUP LOGROTATE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Configuring log rotation..." --weight=1
|
||||
|
||||
### `ynh_use_logrotate` is used to configure a logrotate configuration for the logs of this app.
|
||||
### Use this helper only if there is effectively a log file for this app.
|
||||
### If you're not using this helper:
|
||||
### - Remove the section "BACKUP LOGROTATE" in the backup script
|
||||
### - Remove also the section "REMOVE LOGROTATE CONFIGURATION" in the remove script
|
||||
### - As well as the section "RESTORE THE LOGROTATE CONFIGURATION" in the restore script
|
||||
### - And the section "SETUP LOGROTATE" in the upgrade script
|
||||
|
||||
# Use logrotate to manage application logfile(s)
|
||||
ynh_use_logrotate
|
||||
|
||||
#=================================================
|
||||
# INTEGRATE SERVICE IN YUNOHOST
|
||||
|
|
@ -364,14 +232,6 @@ ynh_script_progression --message="Starting a systemd service..." --weight=1
|
|||
# Start a systemd service
|
||||
ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
|
||||
|
||||
#=================================================
|
||||
# SETUP FAIL2BAN
|
||||
#=================================================
|
||||
ynh_script_progression --message="Configuring Fail2Ban..." --weight=1
|
||||
|
||||
# Create a dedicated Fail2Ban config
|
||||
ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login"
|
||||
|
||||
#=================================================
|
||||
# SETUP SSOWAT
|
||||
#=================================================
|
||||
|
|
@ -389,12 +249,12 @@ fi
|
|||
### does have for example an admin interface or an API.
|
||||
|
||||
# Only the admin can access the admin panel of the app (if the app has an admin panel)
|
||||
ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin
|
||||
# ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin
|
||||
|
||||
# Everyone can access the API part
|
||||
# We don't want to display the tile in the SSO so we put --show_tile="false"
|
||||
# And we don't want the YunoHost admin to be able to remove visitors group to this permission, so we put --protected="true"
|
||||
ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --show_tile="false" --protected="true"
|
||||
# ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --show_tile="false" --protected="true"
|
||||
|
||||
#=================================================
|
||||
# RELOAD NGINX
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue