diff --git a/.github/ISSUE_TEMPLATE.md b/.github/ISSUE_TEMPLATE.md new file mode 100755 index 0000000..2729a6b --- /dev/null +++ b/.github/ISSUE_TEMPLATE.md @@ -0,0 +1,55 @@ +--- +name: Bug report +about: When creating a bug report, please use the following template to provide all the relevant information and help debugging efficiently. + +--- + +**How to post a meaningful bug report** +1. *Read this whole template first.* +2. *Determine if you are on the right place:* + - *If you were performing an action on the app from the webadmin or the CLI (install, update, backup, restore, change_url...), you are on the right place!* + - *Otherwise, the issue may be due to the app itself. Refer to its documentation or repository for help.* + - *When in doubt, post here and we will figure it out together.* +3. *Delete the italic comments as you write over them below, and remove this guide.* +--- + +### Describe the bug + +*A clear and concise description of what the bug is.* + +### Context + +- Hardware: *VPS bought online / Old laptop or computer / Raspberry Pi at home / Internet Cube with VPN / Other ARM board / ...* +- YunoHost version: x.x.x +- I have access to my server: *Through SSH | through the webadmin | direct access via keyboard / screen | ...* +- Are you in a special context or did you perform some particular tweaking on your YunoHost instance?: *no / yes* + - If yes, please explain: +- Using, or trying to install package version/branch: +- If upgrading, current package version: *can be found in the admin, or with `yunohost app info $app_id`* + +### Steps to reproduce + +- *If you performed a command from the CLI, the command itself is enough. For example:* + ```sh + sudo yunohost app install the_app + ``` +- *If you used the webadmin, please perform the equivalent command from the CLI first.* +- *If the error occurs in your browser, explain what you did:* + 1. *Go to '...'* + 2. *Click on '...'* + 3. *Scroll down to '...'* + 4. *See error* + +### Expected behavior + +*A clear and concise description of what you expected to happen. You can remove this section if the command above is enough to understand your intent.* + +### Logs + +*When an operation fails, YunoHost provides a simple way to share the logs.* +- *In the webadmin, the error message contains a link to the relevant log page. On that page, you will be able to 'Share with Yunopaste'. If you missed it, the logs of previous operations are also available under Tools > Logs.* +- *In command line, the command to share the logs is displayed at the end of the operation and looks like `yunohost log display [log name] --share`. If you missed it, you can find the log ID of a previous operation using `yunohost log list`.* + +*After sharing the log, please copypaste directly the link provided by YunoHost (to help readability, no need to copypaste the entire content of the log here, just the link is enough...)* + +*If applicable and useful, add screenshots to help explain your problem.* diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md new file mode 100755 index 0000000..ef70e18 --- /dev/null +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -0,0 +1,16 @@ +## Problem + +- *Description of why you made this PR* + +## Solution + +- *And how do you fix that problem* + +## PR Status + +- [ ] Code finished and ready to be reviewed/tested +- [ ] The fix/enhancement were manually tested (if applicable) + +## Automatic tests + +Automatic tests can be triggered on https://ci-apps-dev.yunohost.org/ *after creating the PR*, by commenting "!testme", "!gogogadgetoci" or "By the power of systemd, I invoke The Great App CI to test this Pull Request!". (N.B. : for this to work you need to be a member of the Yunohost-Apps organization) diff --git a/.github/workflows/updater.sh b/.github/workflows/updater.sh new file mode 100755 index 0000000..332937f --- /dev/null +++ b/.github/workflows/updater.sh @@ -0,0 +1,137 @@ +#!/bin/bash + +#================================================= +# PACKAGE UPDATING HELPER +#================================================= + +# This script is meant to be run by GitHub Actions +# The YunoHost-Apps organisation offers a template Action to run this script periodically +# Since each app is different, maintainers can adapt its contents so as to perform +# automatic actions when a new upstream release is detected. + +# Remove this exit command when you are ready to run this Action +#exit 1 + +#================================================= +# FETCHING LATEST RELEASE AND ITS ASSETS +#================================================= + +# Fetching information +current_version=$(cat manifest.json | jq -j '.version|split("~")[0]') +repo=$(cat manifest.json | jq -j '.upstream.code|split("https://github.com/")[1]') +# Some jq magic is needed, because the latest upstream release is not always the latest version (e.g. security patches for older versions) +version=$(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '.[] | select( .prerelease != true ) | .tag_name' | sort -V | tail -1) +assets=($(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '[ .[] | select(.tag_name=="'$version'").assets[].browser_download_url ] | join(" ") | @sh' | tr -d "'")) + +# Later down the script, we assume the version has only digits and dots +# Sometimes the release name starts with a "v", so let's filter it out. +# You may need more tweaks here if the upstream repository has different naming conventions. +if [[ ${version:0:1} == "v" || ${version:0:1} == "V" ]]; then + version=${version:1} +fi + +# Setting up the environment variables +echo "Current version: $current_version" +echo "Latest release from upstream: $version" +echo "VERSION=$version" >> $GITHUB_ENV +echo "REPO=$repo" >> $GITHUB_ENV +# For the time being, let's assume the script will fail +echo "PROCEED=false" >> $GITHUB_ENV + +# Proceed only if the retrieved version is greater than the current one +if ! dpkg --compare-versions "$current_version" "lt" "$version" ; then + echo "::warning ::No new version available" + exit 0 +# Proceed only if a PR for this new version does not already exist +elif git ls-remote -q --exit-code --heads https://github.com/$GITHUB_REPOSITORY.git ci-auto-update-v$version ; then + echo "::warning ::A branch already exists for this update" + exit 0 +fi + +# Each release can hold multiple assets (e.g. binaries for different architectures, source code, etc.) +echo "${#assets[@]} available asset(s)" + +#================================================= +# UPDATE SOURCE FILES +#================================================= + +# Here we use the $assets variable to get the resources published in the upstream release. +# Here is an example for Grav, it has to be adapted in accordance with how the upstream releases look like. + +# Let's loop over the array of assets URLs +for asset_url in ${assets[@]}; do + +echo "Handling asset at $asset_url" + +# Assign the asset to a source file in conf/ directory +# Here we base the source file name upon a unique keyword in the assets url (admin vs. update) +# Leave $src empty to ignore the asset +case $asset_url in + "v"*".tar.gz") + src="app" + ;; + *"update"*) + src="app-upgrade" + ;; + *) + src="app" + ;; +esac + +# If $src is not empty, let's process the asset +if [ ! -z "$src" ]; then + +# Create the temporary directory +tempdir="$(mktemp -d)" + +# Download sources and calculate checksum +filename=${asset_url##*/} +curl --silent -4 -L $asset_url -o "$tempdir/$filename" +checksum=$(sha256sum "$tempdir/$filename" | head -c 64) + +# Delete temporary directory +rm -rf $tempdir + +# Get extension +if [[ $filename == *.tar.gz ]]; then + extension=tar.gz +else + extension=${filename##*.} +fi + +# Rewrite source file +cat < conf/$src.src +SOURCE_URL=$asset_url +SOURCE_SUM=$checksum +SOURCE_SUM_PRG=sha256sum +SOURCE_FORMAT=$extension +SOURCE_IN_SUBDIR=true +SOURCE_FILENAME= +EOT +echo "... conf/$src.src updated" + +else +echo "... asset ignored" +fi + +done + +#================================================= +# SPECIFIC UPDATE STEPS +#================================================= + +# Any action on the app's source code can be done. +# The GitHub Action workflow takes care of committing all changes after this script ends. + +#================================================= +# GENERIC FINALIZATION +#================================================= + +# Replace new version in manifest +echo "$(jq -s --indent 4 ".[] | .version = \"$version~ynh1\"" manifest.json)" > manifest.json + +# No need to update the README, yunohost-bot takes care of it + +# The Action will proceed only if the PROCEED environment variable is set to true +echo "PROCEED=true" >> $GITHUB_ENV +exit 0 diff --git a/.github/workflows/updater.yml b/.github/workflows/updater.yml new file mode 100644 index 0000000..4363d38 --- /dev/null +++ b/.github/workflows/updater.yml @@ -0,0 +1,50 @@ +# This workflow allows GitHub Actions to automagically update your app whenever a new upstream release is detected. +# You need to enable Actions in your repository settings, and fetch this Action from the YunoHost-Apps organization. +# This file should be enough by itself, but feel free to tune it to your needs. +# It calls updater.sh, which is where you should put the app-specific update steps. +name: Check for new upstream releases +on: + # Allow to manually trigger the workflow + workflow_dispatch: + # Run it every day at 6:00 UTC + schedule: + - cron: '0 6 * * *' +jobs: + updater: + runs-on: ubuntu-latest + steps: + - name: Fetch the source code + uses: actions/checkout@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + - name: Run the updater script + id: run_updater + run: | + # Setting up Git user + git config --global user.name 'yunohost-bot' + git config --global user.email 'yunohost-bot@users.noreply.github.com' + # Run the updater script + /bin/bash .github/workflows/updater.sh + - name: Commit changes + id: commit + if: ${{ env.PROCEED == 'true' }} + run: | + git commit -am "Upgrade to v$VERSION" + - name: Create Pull Request + id: cpr + if: ${{ env.PROCEED == 'true' }} + uses: peter-evans/create-pull-request@v3 + with: + token: ${{ secrets.GITHUB_TOKEN }} + commit-message: Update to version ${{ env.VERSION }} + committer: 'yunohost-bot ' + author: 'yunohost-bot ' + signoff: false + base: testing + branch: ci-auto-update-v${{ env.VERSION }} + delete-branch: true + title: 'Upgrade to version ${{ env.VERSION }}' + body: | + Upgrade to v${{ env.VERSION }} + [See upstream release page](https://github.com/${{ env.REPO }}/releases/tag/v${{ env.VERSION }}) + draft: false diff --git a/README.md b/README.md index 6af87b7..b888d2e 100644 --- a/README.md +++ b/README.md @@ -27,7 +27,7 @@ It aims to ease you perform your 2FA authentication steps whatever the device yo - Edit accounts, even the imported ones - Generate TOTP and HOTP security codes -**Shipped version:** 2.1.0~ynh2 +**Shipped version:** 3.0.0~ynh1 **Demo:** https://demo.2fauth.app/login @@ -37,6 +37,7 @@ It aims to ease you perform your 2FA authentication steps whatever the device yo ## Documentation and resources +* Official admin documentation: https://docs.2fauth.app/ * Upstream app code repository: https://github.com/Bubka/2FAuth * YunoHost documentation for this app: https://yunohost.org/app_2fauth * Report a bug: https://github.com/YunoHost-Apps/2fauth_ynh/issues diff --git a/README_fr.md b/README_fr.md index a2689db..92b5e16 100644 --- a/README_fr.md +++ b/README_fr.md @@ -23,7 +23,7 @@ It aims to ease you perform your 2FA authentication steps whatever the device yo - Edit accounts, even the imported ones - Generate TOTP and HOTP security codes -**Version incluse :** 2.1.0~ynh2 +**Version incluse :** 3.0.0~ynh1 **Démo :** https://demo.2fauth.app/login @@ -33,6 +33,7 @@ It aims to ease you perform your 2FA authentication steps whatever the device yo ## Documentations et ressources +* Documentation officielle de l'admin : https://docs.2fauth.app/ * Dépôt de code officiel de l'app : https://github.com/Bubka/2FAuth * Documentation YunoHost pour cette app : https://yunohost.org/app_2fauth * Signaler un bug : https://github.com/YunoHost-Apps/2fauth_ynh/issues diff --git a/check_process b/check_process index a55c27f..f3b1686 100644 --- a/check_process +++ b/check_process @@ -11,7 +11,7 @@ setup_private=1 setup_public=1 upgrade=1 - #upgrade=1 from_commit=CommitHash + upgrade=1 from_commit=f883227999b72a9107acf7d353ccb90d2cd791f3 backup_restore=1 multi_instance=1 change_url=1 @@ -19,6 +19,6 @@ Email= Notification=none ;;; Upgrade options - ; commit=CommitHash - name=Name and date of the commit. + ; commit=f883227999b72a9107acf7d353ccb90d2cd791f3 + name=Merge pull request #1 from YunoHost-Apps/testing manifest_arg=domain=DOMAIN&path=PATH&is_public=1&language=fr&admin=USER&password=pass&port=666& diff --git a/conf/.env.example b/conf/.env.example index 0174860..dd0a5c4 100644 --- a/conf/.env.example +++ b/conf/.env.example @@ -79,7 +79,7 @@ SESSION_DRIVER=file # Refer your email provider documentation to configure your mail settings # Set a value for every available setting to avoid issue -MAIL_DRIVER=log +MAIL_DRIVER=smtp MAIL_HOST=localhost MAIL_PORT=25 MAIL_FROM=admin@__DOMAIN__ diff --git a/conf/app.src b/conf/app.src index f8ef35c..562e580 100644 --- a/conf/app.src +++ b/conf/app.src @@ -1,5 +1,5 @@ -SOURCE_URL=https://github.com/Bubka/2FAuth/archive/refs/tags/v2.1.0.tar.gz -SOURCE_SUM=73d5db48c405d9bb8a98d21f56c5c700d9b64ccb7320ba685695977da92d801d +SOURCE_URL=https://github.com/Bubka/2FAuth/archive/refs/tags/v3.0.0.tar.gz +SOURCE_SUM=b890baf6958c6dcf93b72a2c2fbfcfc96f948921ffcdf74e492503da900d6aaf SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true diff --git a/conf/nginx.conf b/conf/nginx.conf index 619b9b5..080dd5d 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -5,13 +5,8 @@ location / { index index.php; - location = /favicon.ico { - access_log off; log_not_found off; - } - - location = /robots.txt { - access_log off; log_not_found off; - } + location = /favicon.ico { access_log off; log_not_found off; } + location = /robots.txt { access_log off; log_not_found off; } location ~ /\.(?!well-known).* { deny all; diff --git a/manifest.json b/manifest.json index e1b8b3f..034d56e 100644 --- a/manifest.json +++ b/manifest.json @@ -4,13 +4,14 @@ "packaging_format": 1, "description": { "en": "self-hosted alternative to One Time Passcode", - "fr": "self-hosted alternative to One Time Passcode" + "fr": "Alternative auto-hébergée a One Time Passcode" }, - "version": "2.1.0~ynh2", + "version": "3.0.0~ynh1", "url": "https://github.com/Bubka/2FAuth", "upstream": { "license": "AGPL-3.0", "demo": "https://demo.2fauth.app/login", + "admindoc": "https://docs.2fauth.app/", "code": "https://github.com/Bubka/2FAuth" }, "license": "AGPL-3.0", @@ -24,7 +25,7 @@ "multi_instance": true, "services": [ "nginx", - "php7.3-fpm", + "php8.0-fpm", "mysql" ], "arguments": { diff --git a/scripts/_common.sh b/scripts/_common.sh index 28674dc..3b24e4d 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -4,12 +4,12 @@ # COMMON VARIABLES #================================================= -YNH_PHP_VERSION="7.3" +YNH_PHP_VERSION="8.0" # Composer version -YNH_COMPOSER_VERSION="2.3.3" +YNH_COMPOSER_VERSION="2.3.5" -pkg_dependencies="php${YNH_PHP_VERSION}-sqlite3 php${YNH_PHP_VERSION}-json php${YNH_PHP_VERSION}-bcmath php${YNH_PHP_VERSION}-xml php${YNH_PHP_VERSION}-mbstring php${YNH_PHP_VERSION}-gd php${YNH_PHP_VERSION}-mysql" +pkg_dependencies="php${YNH_PHP_VERSION}-bcmath php${YNH_PHP_VERSION}-xml php${YNH_PHP_VERSION}-mbstring php${YNH_PHP_VERSION}-gd php${YNH_PHP_VERSION}-mysql" #================================================= # PERSONAL HELPERS diff --git a/scripts/install b/scripts/install index c32f767..ed1fc44 100755 --- a/scripts/install +++ b/scripts/install @@ -112,7 +112,7 @@ ynh_add_fpm_config #================================================= ynh_script_progression --message="Installing $app with Composer..." --weight=15 -ynh_install_composer #--install_args="--ignore-platform-reqs" +ynh_install_composer --install_args="--prefer-dist --no-scripts --no-dev" #================================================= # ADD A CONFIGURATION @@ -122,13 +122,13 @@ ynh_script_progression --message="Adding a configuration file..." --weight=1 # Setup application config ynh_add_config --template="../conf/.env.example" --destination="$final_path/.env" -chmod 400 "$final_path/.env" +chmod 644 "$final_path/.env" chown $app:$app "$final_path/.env" #================================================= # BUILDING #================================================= -ynh_script_progression --message="Building..." --weight=10 +ynh_script_progression --message="Building $app..." --weight=10 # Setup application config pushd $final_path @@ -139,6 +139,10 @@ pushd $final_path php$phpversion artisan key:generate -n popd +chmod 775 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + #================================================= # SETUP SSOWAT #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 1a099d2..540fe26 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -20,7 +20,7 @@ domain=$(ynh_app_setting_get --app=$app --key=domain) path_url=$(ynh_app_setting_get --app=$app --key=path) final_path=$(ynh_app_setting_get --app=$app --key=final_path) db_name=$(ynh_app_setting_get --app=$app --key=db_name) -phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) +phpversion=$YNH_PHP_VERSION #================================================= # CHECK VERSION @@ -105,14 +105,16 @@ ynh_add_nginx_config ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=1 # Create a dedicated PHP-FPM config -ynh_add_fpm_config +ynh_add_fpm_config --phpversion=$phpversion #================================================= # INSTALL LYCHEE WITH COMPOSER #================================================= ynh_script_progression --message="Installing $app with Composer..." --weight=15 -ynh_install_composer +#rm $final_path/package-lock.json + +ynh_install_composer --install_args="--prefer-dist --no-scripts --no-dev" #================================================= # BUILDING @@ -121,10 +123,13 @@ ynh_script_progression --message="Building..." --weight=10 # Setup application config pushd $final_path + #php$phpversion artisan cache:clear + #php$phpversion artisan config:clear php$phpversion artisan migrate -n - #php$phpversion artisan passport:install -n + php$phpversion artisan passport:install -n #php$phpversion artisan storage:link -n - php$phpversion artisan config:clear -n + php$phpversion artisan config:cache -n + php$phpversion artisan route:cache popd #=================================================