diff --git a/README.md b/README.md index 34a831c..79256d3 100644 --- a/README.md +++ b/README.md @@ -5,7 +5,7 @@ It shall NOT be edited by hand. # Acropolis for YunoHost -[![Integration level](https://dash.yunohost.org/integration/acropolis.svg)](https://dash.yunohost.org/appci/app/acropolis) ![](https://ci-apps.yunohost.org/ci/badges/acropolis.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/acropolis.maintain.svg) +[![Integration level](https://dash.yunohost.org/integration/acropolis.svg)](https://dash.yunohost.org/appci/app/acropolis) ![Working status](https://ci-apps.yunohost.org/ci/badges/acropolis.status.svg) ![Maintenance status](https://ci-apps.yunohost.org/ci/badges/acropolis.maintain.svg) [![Install Acropolis with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=acropolis) *[Lire ce readme en français.](./README_fr.md)* @@ -20,12 +20,6 @@ Acropolis was forked from diaspora* in August 2021. The idea for the fork is to **Shipped version:** 2022.01.29~ynh1 - - -## Screenshots - -![](./doc/screenshots/example.jpg) - ## Disclaimers / important information Acropolis is beta software, and under active development. Use at your own risk! @@ -39,20 +33,21 @@ You may wish to close or limit registration for your instance of Ecko, so that t ## Documentation and resources -* Official app website: https://magicstone.dev -* Upstream app code repository: https://github.com/magicstone-dev/acropolis -* YunoHost documentation for this app: https://yunohost.org/app_acropolis -* Report a bug: https://github.com/YunoHost-Apps/acropolis_ynh/issues +* Official app website: +* Upstream app code repository: +* YunoHost documentation for this app: +* Report a bug: ## Developer info Please send your pull request to the [testing branch](https://github.com/YunoHost-Apps/acropolis_ynh/tree/testing). To try the testing branch, please proceed like that. -``` + +``` bash sudo yunohost app install https://github.com/YunoHost-Apps/acropolis_ynh/tree/testing --debug or sudo yunohost app upgrade acropolis -u https://github.com/YunoHost-Apps/acropolis_ynh/tree/testing --debug ``` -**More info regarding app packaging:** https://yunohost.org/packaging_apps \ No newline at end of file +**More info regarding app packaging:** diff --git a/README_fr.md b/README_fr.md index 3cc4846..4cac586 100644 --- a/README_fr.md +++ b/README_fr.md @@ -1,10 +1,14 @@ + + # Acropolis pour YunoHost -[![Niveau d'intégration](https://dash.yunohost.org/integration/acropolis.svg)](https://dash.yunohost.org/appci/app/acropolis) ![](https://ci-apps.yunohost.org/ci/badges/acropolis.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/acropolis.maintain.svg) +[![Niveau d'intégration](https://dash.yunohost.org/integration/acropolis.svg)](https://dash.yunohost.org/appci/app/acropolis) ![Statut du fonctionnement](https://ci-apps.yunohost.org/ci/badges/acropolis.status.svg) ![Statut de maintenance](https://ci-apps.yunohost.org/ci/badges/acropolis.maintain.svg) [![Installer Acropolis avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=acropolis) *[Read this readme in english.](./README.md)* -*[Lire ce readme en français.](./README_fr.md)* > *Ce package vous permet d'installer Acropolis rapidement et simplement sur un serveur YunoHost. Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.* @@ -14,13 +18,7 @@ Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour Acropolis was forked from diaspora* in August 2021. The idea for the fork is to optimize toward community, that is making it as easy as possible to contribute. We're following a protocol that basically says if you are addressing a valid problem, your code gets merged. Everything else follows from that. -**Version incluse :** 2022.01.29~ynh1 - - - -## Captures d'écran - -![](./doc/screenshots/example.jpg) +**Version incluse :** 2022.01.29~ynh1 ## Avertissements / informations importantes @@ -35,20 +33,21 @@ You may wish to close or limit registration for your instance of Ecko, so that t ## Documentations et ressources -* Site officiel de l'app : https://magicstone.dev -* Dépôt de code officiel de l'app : https://github.com/magicstone-dev/acropolis -* Documentation YunoHost pour cette app : https://yunohost.org/app_acropolis -* Signaler un bug : https://github.com/YunoHost-Apps/acropolis_ynh/issues +* Site officiel de l'app : +* Dépôt de code officiel de l'app : +* Documentation YunoHost pour cette app : +* Signaler un bug : ## Informations pour les développeurs Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/acropolis_ynh/tree/testing). Pour essayer la branche testing, procédez comme suit. -``` + +``` bash sudo yunohost app install https://github.com/YunoHost-Apps/acropolis_ynh/tree/testing --debug ou sudo yunohost app upgrade acropolis -u https://github.com/YunoHost-Apps/acropolis_ynh/tree/testing --debug ``` -**Plus d'infos sur le packaging d'applications :** https://yunohost.org/packaging_apps \ No newline at end of file +**Plus d'infos sur le packaging d'applications :** diff --git a/check_process b/check_process index c3d52c5..5a913f7 100644 --- a/check_process +++ b/check_process @@ -1,12 +1,10 @@ ;; Test complet ; Manifest domain="domain.tld" - path="/path" - admin="john" - email="admin@domain.tld" - language="fr" is_public=1 + admin="john" password="1Strong-Password" + email="admin@domain.tld" ; Checks pkg_linter=1 setup_sub_dir=0 @@ -15,14 +13,12 @@ setup_private=1 setup_public=1 upgrade=1 - #upgrade=1 from_commit=CommitHash + # 2022.01.29~ynh1 + upgrade=1 from_commit=dc712d6bf6dd2f67b9863b03b8a6a3705713a81c backup_restore=1 multi_instance=0 + port_already_use=0 change_url=0 ;;; Options Email= Notification=none -;;; Upgrade options - ; commit=CommitHash - name=Name and date of the commit. - manifest_arg=domain=DOMAIN&path=PATH&admin=USER&language=fr&is_public=1&password=pass&port=666& diff --git a/conf/app.src b/conf/app.src index 65f661d..03a1013 100644 --- a/conf/app.src +++ b/conf/app.src @@ -3,5 +3,5 @@ SOURCE_SUM=716d9c5e1e8e7d2694dbe6d2c1b5e48e5a5537a29ec8a8d0a722e6750fffae56 SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true -SOURCE_FILENAME=f586f64b4cee0b2a50f45b5cf6de4e1fd749def8.tar.gz -SOURCE_EXTRACT=true \ No newline at end of file +SOURCE_FILENAME= +SOURCE_EXTRACT=true diff --git a/conf/database.yml.example b/conf/database.yml.example new file mode 100644 index 0000000..f134bc8 --- /dev/null +++ b/conf/database.yml.example @@ -0,0 +1,53 @@ +postgresql: &postgresql + adapter: postgresql + host: "localhost" + port: 5432 + username: "__DB_USER__" + password: "__DB_PWD__" + encoding: unicode + +mysql: &mysql + adapter: mysql2 + host: "localhost" + port: 3306 + username: "root" + password: "root" +# socket: /tmp/mysql.sock + encoding: utf8mb4 + collation: utf8mb4_bin + + +# Comment the postgresql line and uncomment the mysql line +# if you want to use mysql +common: &common + # Choose one of the following + <<: *postgresql + #<<: *mysql + + # Should match environment.sidekiq.concurrency + #pool: 25 + +################################################## +#### CONFIGURE ABOVE ############################# +################################################## + + +# Normally you don't need to touch anything here + +combined: &combined + <<: *common +development: + <<: *combined + database: diaspora_development +production: + <<: *combined + database: __DB_NAME__ +test: + <<: *combined + database: diaspora_test +integration1: + <<: *combined + database: diaspora_integration1 +integration2: + <<: *combined + database: diaspora_integration2 diff --git a/conf/diaspora.toml.example b/conf/diaspora.toml.example new file mode 100644 index 0000000..f9fa0c4 --- /dev/null +++ b/conf/diaspora.toml.example @@ -0,0 +1,614 @@ +## Some notes about this file: +## - All comments start with a double # +## - All settings are commented out with a single # +## To change the default settings, you need both to uncomment the lines +## AND, in most cases, to change the value that is given. +## - Take care to keep proper quoting. All " must have a matching " at +## the end of the same line. The same goes for ' +## - The values true, false and numbers should have no quote marks. +## Everything else should. +## +## You can set and/or override all these settings through environment variables +## with the following conversion rules: +## - Strip the top level namespace (configuration, production, etc.) +## - Build the path to the setting, for example environment.s3.enable +## - Replace the dots with underscores: environment_s3_enable +## - Convert to upper case: ENVIRONMENT_S3_ENABLE +## - Specify lists/arrays as comma-separated values +## +## - For example, on Heroku: +## heroku config:set SERVICES_TWITTER_KEY=yourkey SERVICES_TWITTER_SECRET=yoursecret + +## You need to change or at least review the settings in this section +## in order for your pod to work. +[configuration.environment] + +## Set the hostname of the machine you're running Diaspora on, as seen +## from the internet. This should be the URL you want to use to +## access the pod. So if you plan to use a reverse proxy, it should be +## the URL the proxy listens on. DO NOT CHANGE THIS AFTER INITIAL SETUP! +## However changing http to https is okay and has no consequences. +## If you do change the URL, you will have to start again as the URL +## will be hardcoded into the database. +#url = "https://example.org/" + +## Set the bundle of certificate authorities (CA) certificates. +## This is specific to your operating system. +## Examples (uncomment the relevant one or add your own): +## For Debian, Ubuntu, Archlinux, Gentoo (package ca-certificates): +certificate_authorities = "/etc/ssl/certs/ca-certificates.crt" +## For CentOS, Fedora: +#certificate_authorities = "/etc/pki/tls/certs/ca-bundle.crt" + +## URL for a remote Redis (default="localhost"). +## Don't forget to restrict IP access if you uncomment these! +#redis = "redis://example_host" +#redis = "redis://username:password@host:6379/0" +#redis = "unix:///tmp/redis.sock" + +## Require SSL (default=true). +## When set, your pod will force the use of HTTPS in production mode. +## Since OAuth2 requires SSL, Diaspora's future API might not work if +## you're not using SSL. Also there is no guarantee that posting to +## services will be possible if SSL is disabled. +## Do not change this default unless you are sure! +#require_ssl = true + +## Single-process mode (default=false). +## If set to true, Diaspora will work with just the appserver (Unicorn by +## default) running. However, this makes it quite slow as intensive jobs +## must be run all the time inside the request cycle. We strongly +## recommended you leave this disabled for production setups. +## Set to true to enable. +#single_process_mode = false + +## Set redirect URL for an external image host (Amazon S3 or other). +## If hosting images for your pod on an external server (even your own), +## add its URL here. All requests made to images under /uploads/images +## will be redirected to https://images.example.org/uploads/images/ +#image_redirect_url = "https://images.example.org" + +## Pubsub server (default="https://pubsubhubbub.appspot.com/""). +## Diaspora is only tested against the default pubsub server. +## You probably don't want to uncomment or change this. +#pubsub_server = "https://pubsubhubbub.appspot.com/" + +## Sidekiq - background processing +[configuration.environment.sidekiq] + +## Number of parallel threads Sidekiq uses (default=5). +## If you touch this, please set the pool setting in your database.yml +## to a value that's at minimum close to this! You can safely increase +## it to 25 and more on a medium-sized pod. This applies per started +## Sidekiq worker, so if you set it to 25 and start two workers, you'll +## process up to 50 jobs in parallel. +#concurrency = 5 + +## Number of times a job is retried (default=10). +## There's an exponential effect to this: if you set this too high you +## might get too many jobs building up in the queue. +## Set it to 0 to disable it completely. +#retry = 10 + +## Lines of backtrace that are stored on failure (default=15). +## Set n to the required value. Set this to false to reduce Redis memory +## usage (and log size) if you're not interested in this data. +#backtrace = 15 + +## Number of jobs to keep in the dead queue (default=5000). +## Jobs get into the dead queue after they failed and exhausted all retries. +## Increasing this setting will increase the memory usage of Redis. +## Once gone from the dead queue, a failed job is permanently lost and +## cannot be retried manually. +#dead_jobs_limit = 1000 + +## Number of seconds a job remains in the dead queue (default=3628800 (six weeks)). +## Jobs get into the dead queue after they failed and exhausted all retries. +## Increasing this setting will increase the memory usage of Redis. +## Once gone from the dead queue, a failed job is permanently lost and +## cannot be retried manually. +#dead_jobs_timeout = 15552000 # 6 months + +## Log file for Sidekiq (default="log/sidekiq.log") +#log = "log/sidekiq.log" + +## Use Amazon S3 instead of your local filesystem +## to handle uploaded pictures (disabled by default). +[configuration.environment.s3] + +#enable = true +#key = "change_me" +#secret = "change_me" +#bucket = "my_photos" +#region = "us-east-1" + +## Use max-age header on Amazon S3 resources (default=true). +## When true, this allows locally cached images to be served for up to +## one year. This can improve load speed and save requests to the image +## host. Set to false to revert to browser defaults (usually less than +## one year). +#cache = true + +[configuration.environment.assets] + +## Serve static assets via the appserver (default=false). +## This is highly discouraged for production use. Let your reverse +## proxy/webserver do it by serving the files under public/ directly. +#serve = false + +## Upload your assets to S3 (default=false). +#upload = false + +## Specify an asset host. Ensure it does not have a trailing slash (/). +#host = "http://cdn.example.org/diaspora" + +## Logger configuration +[configuration.environment.logging] + +## Roll the application log on a daily basis (default=true). +#logrotate.enable = true + +## The number of days to keep (default=7) +#logrotate.days = 7 + +## Enables the debug-logging for SQL (default=false) +## This logs every SQL-statement! +#debug.sql = true + +## Enables the federation-debug-log (default=false) +## This logs all XMLs that are used for the federation +#debug.federation = true + +## Settings affecting how ./script/server behaves. +[configuration.server] + +## Where the appserver should listen to (default="unix:tmp/diaspora.sock") +#listen = "unix:tmp/diaspora.sock" +#listen = "unix:/run/diaspora/diaspora.sock" +#listen = "127.0.0.1:3000" + +## Set the path for the PID file of the unicorn master process (default=tmp/pids/web.pid) +#pid = "tmp/pids/web.pid" + +## Rails environment (default="development"). +## The environment in which the server should be started by default. +## Change this to "production" if you wish to run a production environment. +#rails_environment = "production" + +## Write unicorn stderr and stdout log. +#stderr_log = "log/unicorn-stderr.log" +#stdout_log = "log/unicorn-stdout.log" + +## Number of Unicorn worker processes (default=2). +## Increase this if you have many users. +#unicorn_worker = 2 + +## Number of seconds before a request is aborted (default=90). +## Increase if you get empty responses, or if large image uploads fail. +## Decrease if you're under heavy load and don't care if some +## requests fail. +#unicorn_timeout = 90 + +## Embed a Sidekiq worker inside the unicorn process (default=false). +## Useful for minimal Heroku setups. +#embed_sidekiq_worker = false + +## Number of Sidekiq worker processes (default=1). +## In most cases it is better to +## increase environment.sidekiq.concurrency instead! +#sidekiq_workers = 1 + +## Displays the location of a post in a map. +## If you enable this setting you use the map tiles of https://www.mapbox.com +## which is reliable. There you have to create an account to get +## an access token which is limited. If you want to get an unlimited account +## you can write an email to team@diasporafoundation.org. +## Please enable mapbox and fill out your access_token. +[configuration.map.mapbox] + +#enabled = false +#access_token = "youraccesstoken" +#style = "mapbox/streets-v11" + +## Settings potentially affecting the privacy of your users. +[configuration.privacy] + +## Include jQuery from jquery.com's CDN (default=false). +## Enabling this can reduce traffic and speed up load time since most +## clients already have this one cached. When set to false (the default), +## the jQuery library will be loaded from your pod's own resources. +#jquery_cdn = false + +## Google Analytics (disabled by default). +## Provide a key to enable tracking by Google Analytics. +#google_analytics_key = "yourkey" + +## Piwik Tracking (disabled by default). +## Provide a site ID and the host piwik is running on to enable +## tracking through Piwik. +#piwik.enable = true +#piwik.host = "stats.example.org" +#piwik.site_id = 1 + +## Statistics +## Your pod will report its name, software version and whether +## or not registrations are open via /statistics and NodeInfo. +## Uncomment the options below to enable more statistics. +[configuration.privacy.statistics] + +## Local user total and 6 month active counts. +#user_counts = true + +## Local post total count. +#post_counts = true +#comment_counts = true + +## Use Camo to proxy embedded remote images. +## Do not enable this setting unless you have a working Camo setup. Using +## camo to proxy embedded images will improve the privacy and security of +## your pod's frontend, but it will increase the traffic on your server. +## Check out https://wiki.diasporafoundation.org/Installation/Camo for +## more details and installation instructions. +[configuration.privacy.camo] + +## Proxy images embedded via markdown (default=false). +## Embedded images are quite often from non-SSL sites and may cause a +## partial content warning, so this is recommended. +#proxy_markdown_images = true + +## Proxy Open Graph thumbnails (default=false). +## Open Graph thumbnails may or may not be encrypted and loaded from +## servers outside the network. Recommended. +#proxy_opengraph_thumbnails = true + +## Proxy remote pod's images (default=false). +## Profile pictures and photos from other pods usually are encrypted, +## so enabling this is only useful if you want to avoid HTTP requests to +## third-party servers. This will create a lot of traffic on your camo +## instance. You have been warned. +#proxy_remote_pod_images = true + +## Root of your Camo installation +#root = "https://example.com/camo/" + +## Shared key of your Camo installation +#key = "example123example456example!" + +## General settings +[configuration.settings] + +## Pod name (default="Acropolis") +## The pod name displayed in various locations, including the header. +#pod_name = "Acropolis" + +## Allow registrations (default=true) +## Set this to false to prevent people from signing up to your pod +## without an invitation. Note that this needs to be set to true +## (or commented out) to enable the first registration (you). +#enable_registrations = true + +## Show local posts stream (default="disabled") +## If any other setting than disabled local public posts +## created on this pod can be shown. +## Setting this to admins shows the local posts stream only to users with the admin role. +## Setting this to moderators shows the local posts stream only to users with the moderator or admin role. +## Setting this to everyone shows the local posts stream to all users. +# enable_local_posts_stream= "disabled"|"admins"|"moderators"|"everyone" + +## Auto-follow on sign-up (default=false) +## Users will automatically follow a specified account on creation. +## Set this to false if you don't want your users to automatically +## follow an account upon creation. +#autofollow_on_join = false + +## Auto-follow account (default="hq@pod.diaspora.software") +## The diaspora* HQ account keeps users up to date with news about Diaspora. +## If you set another auto-follow account (for example your podmin account), +## please consider resharing diaspora* HQ's posts for your pod's users! +#autofollow_on_join_user = "hq@pod.diaspora.software" + +## Liberapay.com is a free platform which allow donations like patreon +## Set your username to include your Liberapay button +#liberapay_username = "change_me" + +## Bitcoin donations +## You can provide a bitcoin address here to allow your users to provide +## donations towards the running of their pod. +#bitcoin_address = "change_me" + +## Source code URL +## URL to the source code your pod is currently running. +## If not set your pod will provide a downloadable archive. +#source_url = "https://example.org/username/diaspora" + +## Changelog URL +## URL to the changelog of the diaspora-version your pod is currently running. +## If not set an auto-generated url to github is used. +#changelog_url = "https://github.com/diaspora/diaspora/blob/master/Changelog.md" + +## Default color theme +## You can change which color theme is displayed when a user is not signed in +## or has not selected any color theme from the available ones. You simply have +## to enter the name of the theme's folder in "app/assets/stylesheets/color_themes/". +## ("original" for the theme in "app/assets/stylesheets/color_themes/original/", for +## example). +#default_color_theme = "original" + +## CURL debug (default=false) +## Turn on extra verbose output when sending stuff. Note: you +## don't need to touch this unless explicitly told to. +#typhoeus_verbose = false + +## Maximum number of parallel HTTP requests made to other pods (default=20) +## Be careful, raising this setting will heavily increase the memory usage +## of your Sidekiq workers. +#typhoeus_concurrency = 20 + +## Maximum number of parallel user data export jobs (default=1) +## Be careful, exports of big/old profiles can use a lot of memory, running +## many of them in parallel can be a problem for small servers. +#export_concurrency = 1 + +## Welcome Message settings +[configuration.settings.welcome_message] + +## Welcome Message on registration (default=false) +## Send a message to new users after registration +## to tell them about your pod and how things +## are handled on it. +#enabled = false + +## Welcome Message subject (default="Welcome Message") +## The subject of the conversation that is started +## by your welcome message. +#subject = "Welcome Message" + +## Welcome Message text (default="Hello %{username}, welcome to Acropolis and the diaspora* network.") +## The content of your welcome message. +## The placeholder "%{username}" will be replaced by the username +## of the new user. +#text = "Hello %{username}, welcome to Acropolis and the diaspora* network." + +## Invitation settings +[configuration.settings.invitations] + +## Enable invitations (default=true) +## Set this to false if you don't want users to be able to send invites. +#open = true + +## Number of invitations per invite link (default=25) +## Every user will see such a link if you have enabled +## invitations on your pod. +#count = 25 + +## Paypal donations (disabled by default) +## You can set details for a Paypal button here to allow donations +## towards running the pod. +## First, enable the function, then set the currency in which you +## wish to receive donations, and **either** a hosted button id +## **or** an encrypted key for an unhosted button. +[configuration.settings.paypal_donations] +#enable = false + +## Currency used (USD, EUR...) +#currency = "USD" + +## Hosted Paypal button ID +#paypal_hosted_button_id = "change_me" + +## OR encrypted key of unhosted button +#paypal_unhosted_button_encrypted = "-----BEGIN PKCS7-----" + +## Community spotlight (disabled by default) +## The community spotlight shows new users public posts from people you +## think are interesting in Diaspora's community. To add an account +## to the community spotlight add the "spotlight" role to it. +[configuration.settings.community_spotlight] +#enable = true + +## E-mail address to which users can make suggestions about who +## should be in the community spotlight (optional). +#suggest_email = "admin@example.org" + +## Captcha settings +[configuration.settings.captcha] + +## Enable captcha (default=true) +## Set this to false if you don't want to use captcha for signup process. +#enable = true + +## Captcha image size (default="120x20") +#image_size = "120x20" + +## Length of captcha text (default=5)(max=12) +#captcha_length = 5 + +## Captcha image style (default="simply_green") +## Available options for captcha image styles are: "simply_blue", +## "simply_red" "simply_green", "charcoal_grey", "embossed_silver", +## "all_black", "distorted_black", "almost_invisible", "random". +#image_style = "simply_green" + +## Captcha image distortion (default="low") +## Sets the level of image distortion used in the captcha. +## Available options are: "low", "medium", "high", "random". +#distortion = "low" + +## Terms of Service +## Show a default or customized terms of service for users. +## You can create a custom Terms of Service by placing a template +## as app/views/terms/terms.haml or app/views/terms/terms.erb +## The default terms of service that can be extended is +## at app/views/terms/default.haml +## NOTE! The default terms have not been checked over by a lawyer and +## thus are unlikely to provide full legal protection for all situations +## for a podmin using them. They are also not specific to all countries +## and jurisdictions. If you are unsure, please check with a lawyer. +## We provide these for podmins as some basic rules that podmins +## can communicate to users easily via the diaspora* server software. +## Uncomment to enable this feature. +[configuration.settings.terms] + +## First enable it by uncommenting below. +#enable = true + +## Important! If you enable the terms, you should always +## set a location under which laws any disputes are governed +## under. For example, country or state/country, depending +## on the country in question. +## If this is not set, the whole paragraph about governing +## laws *is not shown* in the terms page. +#jurisdiction = "" + +## Age limit for signups. +## Set a number to activate this setting. This age limit is shown +## in the default ToS document. +#minimum_age = false + +## Maintenance +## Various pod maintenance related settings are controlled from here. +[configuration.settings.maintenance] + +## Removing old inactive users can be done automatically by background +## processing. The amount of inactivity is set by `after_days`. A warning +## email will be sent to the user and after an additional `warn_days`, the +## account will be automatically closed. +## This maintenance is not enabled by default. +#remove_old_users.enable = true +#remove_old_users.after_days = 730 +#remove_old_users.warn_days = 30 +#remove_old_users.limit_removals_to_per_day = 100 ## Limit queuing for removal per day. + + + +## Default meta tags +## You can change here the default meta tags content included on the pages of your pod. +## Title will be used for the opengraph og:site_name property while description will be used +## for description and og:description. +[configuration.settings.default_metas] +#title = "Acropolis" +#description = "This pod is compatible with the diaspora* social network, where you are in control." + +## CSP (Content Security Policy) header +## CSP allows limiting origins from where resources are allowed to be loaded. This +## improves security, since it helps to detect and mitigate cross-site scripting +## and data injection attacks. The default policy of diaspora* allows all third +## party domains from services that are included in diaspora*, like OEmbed +## scripts, so you can safely activate it by setting `report_only` to false. If +## you customized diaspora* (edited templates or added own JS), additional work +## may be required. You can test the policy with the `report_uri`. Our default CSP +## does not work with Google analytics or Piwik, because they inject JS code that +## is blocked by CSP. +[configuration.settings.csp] + +## Report-Only header (default=false) +## By default diaspora* adds a "Content-Security-Policy" header. If you set +## this to true, the "Content-Security-Policy-Report-Only" header is added instead. +#report_only = true + +## CSP report URI +## You can set an URI here, where the user agent reports violations as JSON document via a POST request. +#report_uri = "/csp_violation_reports" + +## Posting from Diaspora to external services (all are disabled by default). +[configuration.services] + +## OAuth credentials for Twitter +#twitter.enable = true +#twitter.key = "change_me" +#twitter.secret = "change_me" + +## OAuth credentials for Tumblr +#tumblr.enable = true +#tumblr.key = "change_me" +#tumblr.secret = "change_me" + +## OAuth credentials for Wordpress +#wordpress.enable = true +#wordpress.client_id = "change_me" +#wordpress.secret = "change_me" + +## Allow your pod to send emails for notifications, password recovery +## and other purposes (disabled by default). +[configuration.mail] + +## First you need to enable it. +#enable = true + +## Sender address used in mail sent by Diaspora. +#sender_address = "no-reply@example.org" + +## This selects which mailer should be used. Use "smtp" for a smtp +## connection or "sendmail" to use the sendmail binary. +#method = "smtp" + +## Ignored if method isn't "smtp". +[configuration.mail.smtp] + +## Host and port of the smtp server handling outgoing mail. +## This should match the common name of the certificate sent by +## the SMTP server, if it sends one. (default port=587) +#host = "smtp.example.org" +#port = 587 + +## Authentication required to send mail (default="plain"). +## Use one of "plain", "login" or "cram_md5". Use "none" +## if server does not support authentication. +#authentication = "plain" + +## Credentials to log in to the SMTP server. +## May be necessary if authentication is not "none". +#username = "change_me" +#password = "change_me" + +## Automatically enable TLS (default=true). +## Leave this commented out if authentication is set to "none". +#starttls_auto = true + +## The domain for the HELO command, if needed. +#domain = "smtp.example.org" + +## OpenSSL verify mode used when connecting to a SMTP server with TLS (default="peer"). +## Set this to "none" if and only if you have a self-signed certificate. +## Possible values: "none", "peer". +#openssl_verify_mode = "none" + +## Ignored if method isn't "sendmail". +[configuration.mail.sendmail] + +## The path to the sendmail binary (default="/usr/sbin/sendmail") +#location = "/usr/sbin/sendmail" + +## Use exim and sendmail (default=false) +#exim_fix = false + +## Administrator settings +[configuration.admins] + +## Set the admin account. +## This doesn't make the user an admin but is used when a generic +## admin contact is needed, much like the postmaster role in mail +## systems. Set only the username, NOT the full ID. +#account = "podmin" + +## E-mail address via which the administrator can be contacted. +#podmin_email = "podmin@example.org" + +## Advanced - ignore unless you know better + +## You can override settings defined above if you need +## them to be different in different environments. "configuration" +## in the namespaces above refers to all environments, replace it with a +## specific environment here. + +[production] +#environment.redis = "redis://production.example.org:6379" + +[production.mail.sendmail] +#location = "/usr/local/bin/sendmail" + +[development] +#environment.redis = "redis://dev.example.org:6379" + +[development.mail.sendmail] +#location = "/opt/bin/sendmail" diff --git a/conf/php-fpm.conf b/conf/php-fpm.conf deleted file mode 100644 index ab1a471..0000000 --- a/conf/php-fpm.conf +++ /dev/null @@ -1,430 +0,0 @@ -; Start a new pool named 'www'. -; the variable $pool can be used in any directive and will be replaced by the -; pool name ('www' here) -[__NAMETOCHANGE__] - -; Per pool prefix -; It only applies on the following directives: -; - 'access.log' -; - 'slowlog' -; - 'listen' (unixsocket) -; - 'chroot' -; - 'chdir' -; - 'php_values' -; - 'php_admin_values' -; When not set, the global prefix (or /usr) applies instead. -; Note: This directive can also be relative to the global prefix. -; Default Value: none -;prefix = /path/to/pools/$pool - -; Unix user/group of processes -; Note: The user is mandatory. If the group is not set, the default user's group -; will be used. -user = __USER__ -group = __USER__ - -; The address on which to accept FastCGI requests. -; Valid syntaxes are: -; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on -; a specific port; -; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on -; a specific port; -; 'port' - to listen on a TCP socket to all addresses -; (IPv6 and IPv4-mapped) on a specific port; -; '/path/to/unix/socket' - to listen on a unix socket. -; Note: This value is mandatory. -listen = /var/run/php/php__PHPVERSION__-fpm-__NAMETOCHANGE__.sock - -; Set listen(2) backlog. -; Default Value: 511 (-1 on FreeBSD and OpenBSD) -;listen.backlog = 511 - -; Set permissions for unix socket, if one is used. In Linux, read/write -; permissions must be set in order to allow connections from a web server. Many -; BSD-derived systems allow connections regardless of permissions. -; Default Values: user and group are set as the running user -; mode is set to 0660 -listen.owner = www-data -listen.group = www-data -;listen.mode = 0660 -; When POSIX Access Control Lists are supported you can set them using -; these options, value is a comma separated list of user/group names. -; When set, listen.owner and listen.group are ignored -;listen.acl_users = -;listen.acl_groups = - -; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect. -; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original -; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address -; must be separated by a comma. If this value is left blank, connections will be -; accepted from any ip address. -; Default Value: any -;listen.allowed_clients = 127.0.0.1 - -; Specify the nice(2) priority to apply to the pool processes (only if set) -; The value can vary from -19 (highest priority) to 20 (lower priority) -; Note: - It will only work if the FPM master process is launched as root -; - The pool processes will inherit the master process priority -; unless it specified otherwise -; Default Value: no set -; process.priority = -19 - -; Set the process dumpable flag (PR_SET_DUMPABLE prctl) even if the process user -; or group is differrent than the master process user. It allows to create process -; core dump and ptrace the process for the pool user. -; Default Value: no -; process.dumpable = yes - -; Choose how the process manager will control the number of child processes. -; Possible Values: -; static - a fixed number (pm.max_children) of child processes; -; dynamic - the number of child processes are set dynamically based on the -; following directives. With this process management, there will be -; always at least 1 children. -; pm.max_children - the maximum number of children that can -; be alive at the same time. -; pm.start_servers - the number of children created on startup. -; pm.min_spare_servers - the minimum number of children in 'idle' -; state (waiting to process). If the number -; of 'idle' processes is less than this -; number then some children will be created. -; pm.max_spare_servers - the maximum number of children in 'idle' -; state (waiting to process). If the number -; of 'idle' processes is greater than this -; number then some children will be killed. -; ondemand - no children are created at startup. Children will be forked when -; new requests will connect. The following parameter are used: -; pm.max_children - the maximum number of children that -; can be alive at the same time. -; pm.process_idle_timeout - The number of seconds after which -; an idle process will be killed. -; Note: This value is mandatory. -pm = dynamic - -; The number of child processes to be created when pm is set to 'static' and the -; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'. -; This value sets the limit on the number of simultaneous requests that will be -; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. -; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP -; CGI. The below defaults are based on a server without much resources. Don't -; forget to tweak pm.* to fit your needs. -; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' -; Note: This value is mandatory. -pm.max_children = 5 - -; The number of child processes created on startup. -; Note: Used only when pm is set to 'dynamic' -; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2 -pm.start_servers = 2 - -; The desired minimum number of idle server processes. -; Note: Used only when pm is set to 'dynamic' -; Note: Mandatory when pm is set to 'dynamic' -pm.min_spare_servers = 1 - -; The desired maximum number of idle server processes. -; Note: Used only when pm is set to 'dynamic' -; Note: Mandatory when pm is set to 'dynamic' -pm.max_spare_servers = 3 - -; The number of seconds after which an idle process will be killed. -; Note: Used only when pm is set to 'ondemand' -; Default Value: 10s -;pm.process_idle_timeout = 10s; - -; The number of requests each child process should execute before respawning. -; This can be useful to work around memory leaks in 3rd party libraries. For -; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. -; Default Value: 0 -;pm.max_requests = 500 - -; The URI to view the FPM status page. If this value is not set, no URI will be -; recognized as a status page. It shows the following informations: -; pool - the name of the pool; -; process manager - static, dynamic or ondemand; -; start time - the date and time FPM has started; -; start since - number of seconds since FPM has started; -; accepted conn - the number of request accepted by the pool; -; listen queue - the number of request in the queue of pending -; connections (see backlog in listen(2)); -; max listen queue - the maximum number of requests in the queue -; of pending connections since FPM has started; -; listen queue len - the size of the socket queue of pending connections; -; idle processes - the number of idle processes; -; active processes - the number of active processes; -; total processes - the number of idle + active processes; -; max active processes - the maximum number of active processes since FPM -; has started; -; max children reached - number of times, the process limit has been reached, -; when pm tries to start more children (works only for -; pm 'dynamic' and 'ondemand'); -; Value are updated in real time. -; Example output: -; pool: www -; process manager: static -; start time: 01/Jul/2011:17:53:49 +0200 -; start since: 62636 -; accepted conn: 190460 -; listen queue: 0 -; max listen queue: 1 -; listen queue len: 42 -; idle processes: 4 -; active processes: 11 -; total processes: 15 -; max active processes: 12 -; max children reached: 0 -; -; By default the status page output is formatted as text/plain. Passing either -; 'html', 'xml' or 'json' in the query string will return the corresponding -; output syntax. Example: -; http://www.foo.bar/status -; http://www.foo.bar/status?json -; http://www.foo.bar/status?html -; http://www.foo.bar/status?xml -; -; By default the status page only outputs short status. Passing 'full' in the -; query string will also return status for each pool process. -; Example: -; http://www.foo.bar/status?full -; http://www.foo.bar/status?json&full -; http://www.foo.bar/status?html&full -; http://www.foo.bar/status?xml&full -; The Full status returns for each process: -; pid - the PID of the process; -; state - the state of the process (Idle, Running, ...); -; start time - the date and time the process has started; -; start since - the number of seconds since the process has started; -; requests - the number of requests the process has served; -; request duration - the duration in µs of the requests; -; request method - the request method (GET, POST, ...); -; request URI - the request URI with the query string; -; content length - the content length of the request (only with POST); -; user - the user (PHP_AUTH_USER) (or '-' if not set); -; script - the main script called (or '-' if not set); -; last request cpu - the %cpu the last request consumed -; it's always 0 if the process is not in Idle state -; because CPU calculation is done when the request -; processing has terminated; -; last request memory - the max amount of memory the last request consumed -; it's always 0 if the process is not in Idle state -; because memory calculation is done when the request -; processing has terminated; -; If the process is in Idle state, then informations are related to the -; last request the process has served. Otherwise informations are related to -; the current request being served. -; Example output: -; ************************ -; pid: 31330 -; state: Running -; start time: 01/Jul/2011:17:53:49 +0200 -; start since: 63087 -; requests: 12808 -; request duration: 1250261 -; request method: GET -; request URI: /test_mem.php?N=10000 -; content length: 0 -; user: - -; script: /home/fat/web/docs/php/test_mem.php -; last request cpu: 0.00 -; last request memory: 0 -; -; Note: There is a real-time FPM status monitoring sample web page available -; It's available in: /usr/share/php/7.0/fpm/status.html -; -; Note: The value must start with a leading slash (/). The value can be -; anything, but it may not be a good idea to use the .php extension or it -; may conflict with a real PHP file. -; Default Value: not set -;pm.status_path = /status - -; The ping URI to call the monitoring page of FPM. If this value is not set, no -; URI will be recognized as a ping page. This could be used to test from outside -; that FPM is alive and responding, or to -; - create a graph of FPM availability (rrd or such); -; - remove a server from a group if it is not responding (load balancing); -; - trigger alerts for the operating team (24/7). -; Note: The value must start with a leading slash (/). The value can be -; anything, but it may not be a good idea to use the .php extension or it -; may conflict with a real PHP file. -; Default Value: not set -;ping.path = /ping - -; This directive may be used to customize the response of a ping request. The -; response is formatted as text/plain with a 200 response code. -; Default Value: pong -;ping.response = pong - -; The access log file -; Default: not set -;access.log = log/$pool.access.log - -; The access log format. -; The following syntax is allowed -; %%: the '%' character -; %C: %CPU used by the request -; it can accept the following format: -; - %{user}C for user CPU only -; - %{system}C for system CPU only -; - %{total}C for user + system CPU (default) -; %d: time taken to serve the request -; it can accept the following format: -; - %{seconds}d (default) -; - %{miliseconds}d -; - %{mili}d -; - %{microseconds}d -; - %{micro}d -; %e: an environment variable (same as $_ENV or $_SERVER) -; it must be associated with embraces to specify the name of the env -; variable. Some exemples: -; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e -; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e -; %f: script filename -; %l: content-length of the request (for POST request only) -; %m: request method -; %M: peak of memory allocated by PHP -; it can accept the following format: -; - %{bytes}M (default) -; - %{kilobytes}M -; - %{kilo}M -; - %{megabytes}M -; - %{mega}M -; %n: pool name -; %o: output header -; it must be associated with embraces to specify the name of the header: -; - %{Content-Type}o -; - %{X-Powered-By}o -; - %{Transfert-Encoding}o -; - .... -; %p: PID of the child that serviced the request -; %P: PID of the parent of the child that serviced the request -; %q: the query string -; %Q: the '?' character if query string exists -; %r: the request URI (without the query string, see %q and %Q) -; %R: remote IP address -; %s: status (response code) -; %t: server time the request was received -; it can accept a strftime(3) format: -; %d/%b/%Y:%H:%M:%S %z (default) -; The strftime(3) format must be encapsuled in a %{}t tag -; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t -; %T: time the log has been written (the request has finished) -; it can accept a strftime(3) format: -; %d/%b/%Y:%H:%M:%S %z (default) -; The strftime(3) format must be encapsuled in a %{}t tag -; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t -; %u: remote user -; -; Default: "%R - %u %t \"%m %r\" %s" -;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%" - -; The log file for slow requests -; Default Value: not set -; Note: slowlog is mandatory if request_slowlog_timeout is set -;slowlog = log/$pool.log.slow - -; The timeout for serving a single request after which a PHP backtrace will be -; dumped to the 'slowlog' file. A value of '0s' means 'off'. -; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) -; Default Value: 0 -;request_slowlog_timeout = 0 - -; The timeout for serving a single request after which the worker process will -; be killed. This option should be used when the 'max_execution_time' ini option -; does not stop script execution for some reason. A value of '0' means 'off'. -; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) -; Default Value: 0 -request_terminate_timeout = 1d - -; Set open file descriptor rlimit. -; Default Value: system defined value -;rlimit_files = 1024 - -; Set max core size rlimit. -; Possible Values: 'unlimited' or an integer greater or equal to 0 -; Default Value: system defined value -;rlimit_core = 0 - -; Chroot to this directory at the start. This value must be defined as an -; absolute path. When this value is not set, chroot is not used. -; Note: you can prefix with '$prefix' to chroot to the pool prefix or one -; of its subdirectories. If the pool prefix is not set, the global prefix -; will be used instead. -; Note: chrooting is a great security feature and should be used whenever -; possible. However, all PHP paths will be relative to the chroot -; (error_log, sessions.save_path, ...). -; Default Value: not set -;chroot = - -; Chdir to this directory at the start. -; Note: relative path can be used. -; Default Value: current directory or / when chroot -chdir = __FINALPATH__ - -; Redirect worker stdout and stderr into main error log. If not set, stdout and -; stderr will be redirected to /dev/null according to FastCGI specs. -; Note: on highloaded environement, this can cause some delay in the page -; process time (several ms). -; Default Value: no -;catch_workers_output = yes - -; Clear environment in FPM workers -; Prevents arbitrary environment variables from reaching FPM worker processes -; by clearing the environment in workers before env vars specified in this -; pool configuration are added. -; Setting to "no" will make all environment variables available to PHP code -; via getenv(), $_ENV and $_SERVER. -; Default Value: yes -;clear_env = no - -; Limits the extensions of the main script FPM will allow to parse. This can -; prevent configuration mistakes on the web server side. You should only limit -; FPM to .php extensions to prevent malicious users to use other extensions to -; execute php code. -; Note: set an empty value to allow all extensions. -; Default Value: .php -;security.limit_extensions = .php .php3 .php4 .php5 .php7 - -; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from -; the current environment. -; Default Value: clean env -;env[HOSTNAME] = $HOSTNAME -;env[PATH] = /usr/local/bin:/usr/bin:/bin -;env[TMP] = /tmp -;env[TMPDIR] = /tmp -;env[TEMP] = /tmp - -; Additional php.ini defines, specific to this pool of workers. These settings -; overwrite the values previously defined in the php.ini. The directives are the -; same as the PHP SAPI: -; php_value/php_flag - you can set classic ini defines which can -; be overwritten from PHP call 'ini_set'. -; php_admin_value/php_admin_flag - these directives won't be overwritten by -; PHP call 'ini_set' -; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no. - -; Defining 'extension' will load the corresponding shared extension from -; extension_dir. Defining 'disable_functions' or 'disable_classes' will not -; overwrite previously defined php.ini values, but will append the new value -; instead. - -; Note: path INI options can be relative and will be expanded with the prefix -; (pool, global or /usr) - -; Default Value: nothing is defined by default except the values in php.ini and -; specified at startup with the -d argument -;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com -;php_flag[display_errors] = off -;php_admin_value[error_log] = /var/log/fpm-php.www.log -;php_admin_flag[log_errors] = on -;php_admin_value[memory_limit] = 32M - -; Common values to change to increase file upload limit -; php_admin_value[upload_max_filesize] = 50M -; php_admin_value[post_max_size] = 50M -; php_admin_flag[mail.add_x_header] = Off - -; Other common parameters -; php_admin_value[max_execution_time] = 600 -; php_admin_value[max_input_time] = 300 -; php_admin_value[memory_limit] = 256M -; php_admin_flag[short_open_tag] = On diff --git a/doc/screenshots/example.jpg b/doc/screenshots/example.jpg deleted file mode 100644 index a1efa1a..0000000 Binary files a/doc/screenshots/example.jpg and /dev/null differ diff --git a/manifest.json b/manifest.json index af87809..c015beb 100644 --- a/manifest.json +++ b/manifest.json @@ -9,7 +9,7 @@ "version": "2022.01.29~ynh1", "url": "https://github.com/magicstone-dev/acropolis", "upstream": { - "license": "free", + "license": "AGPL-3.0-or-later", "website": "https://magicstone.dev", "code": "https://github.com/magicstone-dev/acropolis" }, @@ -30,21 +30,6 @@ "name": "domain", "type": "domain" }, - { - "name": "admin", - "type": "user" - }, - { - "name": "email", - "type": "email", - "ask": { - "en": "Enter email address for administative notifications." - } - }, - { - "name": "password", - "type": "password" - }, { "name": "is_public", "type": "boolean", @@ -52,6 +37,21 @@ "help": { "en": "For federation to work, this needs to be true. False is ok if you want to run a private instance." } + }, + { + "name": "admin", + "type": "user" + }, + { + "name": "password", + "type": "password" + }, + { + "name": "email", + "type": "string", + "ask": { + "en": "Enter email address for administative notifications." + } } ] } diff --git a/scripts/_common.sh b/scripts/_common.sh index ae61994..838ccf5 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -452,45 +452,3 @@ ynh_cleanup_ruby () { ynh_secure_remove --file="/etc/profile.d/rbenv.sh" fi } - -#================================================= -# REDIS HELPERS -#================================================= - -# get the first available redis database -# -# usage: ynh_redis_get_free_db -# | returns: the database number to use -ynh_redis_get_free_db() { - local result max db - result="$(redis-cli INFO keyspace)" - - # get the num - max=$(cat /etc/redis/redis.conf | grep ^databases | grep -Eow "[0-9]+") - - db=0 - # default Debian setting is 15 databases - for i in $(seq 0 "$max") - do - if ! echo "$result" | grep -q "db$i" - then - db=$i - break 1 - fi - db=-1 - done - - test "$db" -eq -1 && ynh_die --message="No available Redis databases..." - - echo "$db" -} - -# Create a master password and set up global settings -# Please always call this script in install and restore scripts -# -# usage: ynh_redis_remove_db database -# | arg: database - the database to erase -ynh_redis_remove_db() { - local db=$1 - redis-cli -n "$db" flushall -} diff --git a/scripts/backup b/scripts/backup index 1f20e98..c6fe988 100644 --- a/scripts/backup +++ b/scripts/backup @@ -16,7 +16,6 @@ source /usr/share/yunohost/helpers #================================================= ynh_clean_setup () { - ### Remove this function if there's nothing to clean before calling the remove script. true } # Exit if an error occurs during the execution of the script @@ -38,11 +37,6 @@ db_name=$(ynh_app_setting_get --app=$app --key=db_name) #================================================= ynh_print_info --message="Declaring files to be backed up..." -### N.B. : the following 'ynh_backup' calls are only a *declaration* of what needs -### to be backuped and not an actual copy of any file. The actual backup that -### creates and fill the archive with the files happens in the core after this -### script is called. Hence ynh_backups calls takes basically 0 seconds to run. - #================================================= # BACKUP THE APP MAIN DIR #================================================= diff --git a/scripts/install b/scripts/install index 92dffbd..887fb53 100644 --- a/scripts/install +++ b/scripts/install @@ -15,8 +15,7 @@ source /usr/share/yunohost/helpers #================================================= ynh_clean_setup () { - ### Remove this function if there's nothing to clean before calling the remove script. - true + ynh_clean_check_starting } # Exit if an error occurs during the execution of the script ynh_abort_if_errors @@ -29,38 +28,18 @@ domain=$YNH_APP_ARG_DOMAIN path_url="/" is_public=$YNH_APP_ARG_IS_PUBLIC admin=$YNH_APP_ARG_ADMIN -email=$YNH_APP_ARG_EMAIL password=$YNH_APP_ARG_PASSWORD +email=$YNH_APP_ARG_EMAIL -### If it's a multi-instance app, meaning it can be installed several times independently -### The id of the app as stated in the manifest is available as $YNH_APP_ID -### The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2"...) -### The app instance name is available as $YNH_APP_INSTANCE_NAME -### - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample -### - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2 -### - ynhexample__{N} for the subsequent installations, with N=3,4... -### The app instance name is probably what interests you most, since this is -### guaranteed to be unique. This is a good unique identifier to define installation path, -### db names... app=$YNH_APP_INSTANCE_NAME #================================================= # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS #================================================= -### About --weight and --time -### ynh_script_progression will show to your final users the progression of each scripts. -### In order to do that, --weight will represent the relative time of execution compared to the other steps in the script. -### --time is a packager option, it will show you the execution time since the previous call. -### This option should be removed before releasing your app. -### Use the execution time, given by --time, to estimate the weight of a step. -### A common way to do it is to set a weight equal to the execution time in second +1. -### The execution time is given for the duration since the previous call. So the weight should be applied to this previous call. ynh_script_progression --message="Validating installation parameters..." --weight=1 -### If the app uses NGINX as web server (written in HTML/PHP in most cases), the final path should be "/var/www/$app". -### If the app provides an internal web server (or uses another application server such as uWSGI), the final path should be "/opt/yunohost/$app" final_path=/var/www/$app -# test ! -e "$final_path" || ynh_die --message="This path already contains a folder" +test ! -e "$final_path" || ynh_die --message="This path already contains a folder" # Register (book) web path ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url @@ -71,6 +50,8 @@ ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url ynh_script_progression --message="Storing installation settings..." --weight=1 ynh_app_setting_set --app=$app --key=domain --value=$domain +ynh_app_setting_set --app=$app --key=path --value=$path_url +ynh_app_setting_set --app=$app --key=admin --value=$admin #================================================= # STANDARD MODIFICATIONS @@ -79,38 +60,17 @@ ynh_app_setting_set --app=$app --key=domain --value=$domain #================================================= ynh_script_progression --message="Finding an available port..." --weight=1 -### Use these lines if you have to open a port for the application -### `ynh_find_port` will find the first available port starting from the given port. -### If you're not using these lines: -### - Remove the section "CLOSE A PORT" in the remove script - # Find an available port port_web=$(ynh_find_port --port=3000) ynh_app_setting_set --app=$app --key=port_web --value=$port_web -# Optional: Expose this port publicly -# (N.B.: you only need to do this if the app actually needs to expose the port publicly. -# If you do this and the app doesn't actually need you are CREATING SECURITY HOLES IN THE SERVER !) - -# Open the port -# ynh_script_progression --message="Configuring firewall..." --time --weight=1 -# ynh_exec_warn_less yunohost firewall allow --no-upnp TCP $port - #================================================= # INSTALL DEPENDENCIES #================================================= ynh_script_progression --message="Installing dependencies..." --weight=1 -### `ynh_install_app_dependencies` allows you to add any "apt" dependencies to the package. -### Those deb packages will be installed as dependencies of this package. -### If you're not using this helper: -### - Remove the section "REMOVE DEPENDENCIES" in the remove script -### - Remove the variable "pkg_dependencies" in _common.sh -### - As well as the section "REINSTALL DEPENDENCIES" in the restore script -### - And the section "UPGRADE DEPENDENCIES" in the upgrade script - ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies -ynh_install_ruby --ruby_version=$RUBY_VERSION +ynh_exec_warn_less ynh_install_ruby --ruby_version=$RUBY_VERSION #================================================= # CREATE DEDICATED USER @@ -125,38 +85,25 @@ ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= ynh_script_progression --message="Creating a PostgreSQL database..." -db_name=$(ynh_sanitize_dbid --db_name="diaspora_production") -db_user=$(ynh_sanitize_dbid --db_name=$app) -db_pwd=$(ynh_string_random --length=30) - +db_name=$(ynh_sanitize_dbid --db_name=$app) +db_user=$db_name ynh_app_setting_set --app=$app --key=db_name --value=$db_name ynh_app_setting_set --app=$app --key=db_user --value=$db_user -ynh_app_setting_set --app=$app --key=db_pwd --value=$db_pwd ynh_psql_test_if_first_run -ynh_psql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd -# Set extensions +ynh_psql_setup_db --db_user=$db_user --db_name=$db_name ynh_psql_execute_as_root --sql="CREATE EXTENSION IF NOT EXISTS hstore;" --database=$db_name ynh_psql_execute_as_root --sql="CREATE EXTENSION IF NOT EXISTS pg_trgm;" --database=$db_name +db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd) #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= ynh_script_progression --message="Setting up source files..." --weight=1 -### `ynh_setup_source` is used to install an app from a zip or tar.gz file, -### downloaded from an upstream source, like a git repository. -### `ynh_setup_source` use the file conf/app.src - ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" -# FIXME: this should be managed by the core in the future -# Here, as a packager, you may have to tweak the ownerhsip/permissions -# such that the appropriate users (e.g. maybe www-data) can access -# files in some cases. -# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder - -# this will be treated as a security issue. mkdir -p "$final_path/tmp/pids" chmod 750 "$final_path" chmod -R o-rwx "$final_path" @@ -167,10 +114,8 @@ chown -R $app:www-data "$final_path" #================================================= ynh_script_progression --message="Configuring NGINX web server..." --weight=1 -### `ynh_add_nginx_config` will use the file conf/nginx.conf - # Create a dedicated NGINX config -ynh_add_nginx_config 'web' +ynh_add_nginx_config #================================================= # SPECIFIC SETUP @@ -202,7 +147,6 @@ pushd "$final_path" ynh_exec_as $app chmod +x script/server popd - #================================================= # ADD A CONFIGURATION #================================================= @@ -211,19 +155,8 @@ ynh_script_progression --message="Adding a configuration file..." --weight=1 database_yml="$final_path/config/database.yml" diaspora_toml="$final_path/config/diaspora.toml" -redis_namespace=${app}_production -ynh_app_setting_set --app="$app" --key=redis_namespace --value="$redis_namespace" - -secret_key_base=$(ynh_string_random --length=128) -ynh_app_setting_set --app="$app" --key=secret_key_base --value="$secret_key_base" - -ynh_add_config --template="$database_yml.example" --destination="$database_yml" -ynh_add_config --template="$diaspora_toml.example" --destination="$diaspora_toml" - - -ynh_replace_string --match_string="#certificate_authorities = \"/etc/ssl/" --replace_string="certificate_authorities = \"/etc/ssl/" --target_file=$diaspora_toml -ynh_replace_string --match_string="username: \"postgres\"" --replace_string="username: \"$db_user\"" --target_file=$database_yml -ynh_replace_string --match_string="password: \"postgres\"" --replace_string="password: \"$db_pwd\"" --target_file=$database_yml +ynh_add_config --template="../conf/database.yml.example" --destination="$database_yml" +ynh_add_config --template="../conf/diaspora.toml.example" --destination="$diaspora_toml" chmod 400 "$database_yml" chown $app:$app "$database_yml" @@ -245,27 +178,19 @@ ynh_add_systemd_config --service="$app-sidekiq" --template="$app-sidekiq.service ynh_script_progression --message="Installing acropolis..." pushd "$final_path" - sudo -u $app $ynh_ruby_load_path script/configure_bundler - sudo -u $app $ynh_ruby_load_path bin/bundle config set path 'vendor/bundle' - sudo -u $app $ynh_ruby_load_path bin/bundle install --full-index + ynh_exec_warn_less ynh_exec_as $app $ynh_ruby_load_path script/configure_bundler + ynh_exec_warn_less ynh_exec_as $app $ynh_ruby_load_path bin/bundle config set path 'vendor/bundle' + ynh_exec_warn_less ynh_exec_as $app $ynh_ruby_load_path bin/bundle install --full-index popd ynh_script_progression --message="Preparing the database and create initial admin user..." pushd "$final_path" - rake_exec="sudo -u $app $ynh_ruby_load_path RAILS_ENV=production bin/rake" - ynh_exec_warn_less $rake_exec db:migrate - ynh_exec_warn_less $rake_exec assets:precompile - ynh_exec_warn_less $rake_exec "admin:create[$admin, $email, $password]" + ynh_exec_warn_less ynh_exec_as $app $ynh_ruby_load_path RAILS_ENV=production bin/rake db:migrate + ynh_exec_warn_less ynh_exec_as $app $ynh_ruby_load_path RAILS_ENV=production bin/rake assets:precompile + ynh_exec_warn_less ynh_exec_as $app $ynh_ruby_load_path RAILS_ENV=production bin/rake "admin:create[$admin, $email, $password]" popd -#================================================= -# SETUP THE CRON FILE -#================================================= -# ynh_script_progression --message="Setuping the cron file..." - -# ynh_add_config --template="../conf/cron" --destination="/etc/cron.d/$app" - #================================================= # GENERIC FINALIZATION #================================================= @@ -273,14 +198,6 @@ popd #================================================= ynh_script_progression --message="Configuring log rotation..." --weight=1 -### `ynh_use_logrotate` is used to configure a logrotate configuration for the logs of this app. -### Use this helper only if there is effectively a log file for this app. -### If you're not using this helper: -### - Remove the section "BACKUP LOGROTATE" in the backup script -### - Remove also the section "REMOVE LOGROTATE CONFIGURATION" in the remove script -### - As well as the section "RESTORE THE LOGROTATE CONFIGURATION" in the restore script -### - And the section "SETUP LOGROTATE" in the upgrade script - # Use logrotate to manage application logfile(s) ynh_use_logrotate @@ -313,18 +230,6 @@ then ynh_permission_update --permission="main" --add="visitors" fi -### N.B. : the following extra permissions only make sense if your app -### does have for example an admin interface or an API. - -# Only the admin can access the admin panel of the app (if the app has an admin panel) -# ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin - -# Everyone can access the API part -# We don't want to display the tile in the SSO so we put --show_tile="false" -# And we don't want the YunoHost admin to be able to remove visitors group to this permission, so we put --protected="true" -# ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --show_tile="false" --protected="true" - - #================================================= # RELOAD NGINX #================================================= diff --git a/scripts/remove b/scripts/remove index 189652b..3f50932 100644 --- a/scripts/remove +++ b/scripts/remove @@ -21,7 +21,6 @@ domain=$(ynh_app_setting_get --app=$app --key=domain) port=$(ynh_app_setting_get --app=$app --key=port) db_name=$(ynh_app_setting_get --app=$app --key=db_name) db_user=$(ynh_app_setting_get --app=$app --key=db_user) - final_path=$(ynh_app_setting_get --app=$app --key=final_path) datadir=$(ynh_app_setting_get --app=$app --key=datadir) @@ -55,20 +54,10 @@ ynh_remove_systemd_config --service="$app-sidekiq" #================================================= # REMOVE THE POSTGRESQL DATABASE #================================================= - ynh_script_progression --message="Removing the PostgreSQL database.." ynh_psql_remove_db --db_user=$db_user --db_name=$db_name -#================================================= -# REMOVE DEPENDENCIES -#================================================= -ynh_script_progression --message="Removing dependencies..." --weight=1 - -# Remove metapackage and its dependencies -ynh_remove_ruby -ynh_remove_app_dependencies - #================================================= # REMOVE APP MAIN DIR #================================================= @@ -86,6 +75,15 @@ ynh_script_progression --message="Removing NGINX web server configuration..." -- # Remove the dedicated NGINX config ynh_remove_nginx_config +#================================================= +# REMOVE DEPENDENCIES +#================================================= +ynh_script_progression --message="Removing dependencies..." --weight=1 + +# Remove metapackage and its dependencies +ynh_remove_ruby +ynh_remove_app_dependencies + #================================================= # SPECIFIC REMOVE #================================================= @@ -93,9 +91,6 @@ ynh_remove_nginx_config #================================================= ynh_script_progression --message="Removing various files..." --weight=1 -# Remove a cron file -# ynh_secure_remove --file="/etc/cron.d/$app" - # Remove a directory securely ynh_secure_remove --file="/etc/$app" diff --git a/scripts/restore b/scripts/restore index 185baa9..e319c0e 100644 --- a/scripts/restore +++ b/scripts/restore @@ -16,8 +16,7 @@ source /usr/share/yunohost/helpers #================================================= ynh_clean_setup () { - #### Remove this function if there's nothing to clean before calling the remove script. - true + ynh_clean_check_starting } # Exit if an error occurs during the execution of the script ynh_abort_if_errors @@ -33,25 +32,18 @@ domain=$(ynh_app_setting_get --app=$app --key=domain) path_url=$(ynh_app_setting_get --app=$app --key=path) final_path=$(ynh_app_setting_get --app=$app --key=final_path) db_name=$(ynh_app_setting_get --app=$app --key=db_name) -db_user=$(ynh_sanitize_dbid --db_name=$app) -db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd) +db_user=$(ynh_app_setting_get --app=$app --key=db_user) #================================================= # CHECK IF THE APP CAN BE RESTORED #================================================= ynh_script_progression --message="Validating restoration parameters..." --weight=1 -test ! -d $final_path || ynh_die --message="There is already a directory: $final_path " +test ! -d $final_path \ + || ynh_die --message="There is already a directory: $final_path " #================================================= # STANDARD RESTORATION STEPS -#================================================= -# RESTORE THE NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Restoring the NGINX configuration..." --weight=1 - -ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" - #================================================= # RECREATE THE DEDICATED USER #================================================= @@ -67,12 +59,6 @@ ynh_script_progression --message="Restoring the app main directory..." --weight= ynh_restore_file --origin_path="$final_path" -# FIXME: this should be managed by the core in the future -# Here, as a packager, you may have to tweak the ownerhsip/permissions -# such that the appropriate users (e.g. maybe www-data) can access -# files in some cases. -# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder - -# this will be treated as a security issue. mkdir -p "$final_path/tmp/pids" chmod 750 "$final_path" chmod -R o-rwx "$final_path" @@ -80,6 +66,15 @@ chown -R $app:www-data "$final_path" #================================================= # SPECIFIC RESTORATION +#================================================= +# REINSTALL DEPENDENCIES +#================================================= +ynh_script_progression --message="Reinstalling dependencies..." --weight=1 + +# Define and install dependencies +ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies +ynh_exec_warn_less ynh_install_ruby --ruby_version=$RUBY_VERSION + #================================================= # ADD SWAP IF NEEDED #================================================= @@ -97,26 +92,18 @@ ynh_script_progression --message="Adding $swap_needed Mo to swap..." ynh_add_swap --size=$swap_needed #================================================= -# RESTORE THE CRON FILE +# RESTORE THE NGINX CONFIGURATION #================================================= -# ynh_script_progression --message="Restoring the cron file..." +ynh_script_progression --message="Restoring the NGINX configuration..." --weight=1 -# ynh_restore_file --origin_path="/etc/cron.d/$app" - -#================================================= -# REINSTALL DEPENDENCIES -#================================================= -ynh_script_progression --message="Reinstalling dependencies..." --weight=1 - -# Define and install dependencies -ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies -ynh_install_ruby --ruby_version=$RUBY_VERSION +ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= # RESTORE THE POSTGRESQL DATABASE #================================================= ynh_script_progression --message="Restoring the PostgreSQL database..." +db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd) ynh_psql_test_if_first_run ynh_psql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd ynh_psql_execute_as_root --sql="ALTER USER $db_user CREATEDB;" @@ -134,7 +121,6 @@ pushd "$final_path" ynh_exec_as $app echo "gem: --no-ri --no-rdoc" >> "$final_path/.gemrc" popd - #================================================= # RESTORE SYSTEMD #================================================= @@ -142,7 +128,6 @@ ynh_script_progression --message="Restoring the systemd configuration..." --weig ynh_restore_file --origin_path="/etc/systemd/system/$app-web.service" ynh_restore_file --origin_path="/etc/systemd/system/$app-sidekiq.service" - systemctl enable "$app-web" "$app-sidekiq" --quiet #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index a882c0b..bb9f545 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -20,26 +20,43 @@ domain=$(ynh_app_setting_get --app=$app --key=domain) path_url=$(ynh_app_setting_get --app=$app --key=path) admin=$(ynh_app_setting_get --app=$app --key=admin) final_path=$(ynh_app_setting_get --app=$app --key=final_path) -language=$(ynh_app_setting_get --app=$app --key=language) db_name=$(ynh_app_setting_get --app=$app --key=db_name) -redis_namespace=$(ynh_app_setting_get --app=$app --key=db_name) -db_user=$(ynh_sanitize_dbid --db_name=$app) -db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd) +db_user=$(ynh_app_setting_get --app=$app --key=db_user) +db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd) port_web=$(ynh_app_setting_get --app=$app --key=port_web) -secret_key_base=$(ynh_app_setting_get --app=$app --key=secret_key_base) #================================================= # CHECK VERSION #================================================= +ynh_script_progression --message="Checking version..." -### This helper will compare the version of the currently installed app and the version of the upstream package. -### $upgrade_type can have 2 different values -### - UPGRADE_APP if the upstream app version has changed -### - UPGRADE_PACKAGE if only the YunoHost package has changed -### ynh_check_app_version_changed will stop the upgrade if the app is up to date. -### UPGRADE_APP should be used to upgrade the core app only if there's an upgrade to do. upgrade_type=$(ynh_check_app_version_changed) +#================================================= +# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +#================================================= +ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=1 + +# Backup the current version of the app +ynh_backup_before_upgrade +ynh_clean_setup () { + ynh_clean_check_starting + # Restore it if the upgrade fails + ynh_restore_upgradebackup +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + +#================================================= +# STANDARD UPGRADE STEPS +#================================================= +# STOP SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Stopping a systemd service..." --weight=1 + +ynh_systemd_action --service_name=${app}-web --action="stop" --log_path=systemd --line_match="Stopped" +ynh_systemd_action --service_name=${app}-sidekiq --action="stop" --log_path=systemd --line_match="Stopped" + #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= @@ -67,46 +84,9 @@ if [[ -z "$db_pwd" ]]; then ynh_replace_string --match_string="DB_PASS=" --replace_string="DB_PASS=${db_pwd}" --target_file="$config" fi -# If redis_namespace doesn't exist, create it -if [[ -z "$redis_namespace" ]]; then - redis_namespace=${app}_production - ynh_app_setting_set --app=$app --key=redis_namespace --value=$redis_namespace -fi - -# If secret_key_base doesn't exist, retrieve it or create it -if [[ -z "$secret_key_base" ]]; then - secret_key_base=$(grep -oP "SECRET_KEY_BASE=\K\w+" $config) - if [[ -z "$secret_key_base" ]]; then - secret_key_base=$(ynh_string_random --length=128) - fi - ynh_app_setting_set --app=$app --key=secret_key_base --value="$secret_key_base" -fi - ynh_remove_extra_repo -#================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP -#================================================= -ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=1 - -# Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { - # Restore it if the upgrade fails - ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# STANDARD UPGRADE STEPS -#================================================= -# STOP SYSTEMD SERVICE -#================================================= -ynh_script_progression --message="Stopping a systemd service..." --weight=1 - -ynh_systemd_action --service_name=${app}-web --action="stop" --log_path=systemd --line_match="Stopped" -ynh_systemd_action --service_name=${app}-sidekiq --action="stop" --log_path=systemd --line_match="Stopped" - +ynh_app_setting_delete --app=$app --key=redis_namespace +ynh_app_setting_delete --app=$app --key=secret_key_base #================================================= # CREATE DEDICATED USER @@ -128,36 +108,28 @@ then ynh_setup_source --dest_dir="$final_path" fi -# FIXME: this should be managed by the core in the future -# Here, as a packager, you may have to tweak the ownerhsip/permissions -# such that the appropriate users (e.g. maybe www-data) can access -# files in some cases. -# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder - -# this will be treated as a security issue. chmod 750 "$final_path" chmod -R o-rwx "$final_path" chown -R $app:www-data "$final_path" -#================================================= -# NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=1 - -# Create a dedicated NGINX config -ynh_add_nginx_config 'web' - #================================================= # UPGRADE DEPENDENCIES #================================================= ynh_script_progression --message="Upgrading dependencies..." --weight=1 ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies -ynh_install_ruby --ruby_version=$RUBY_VERSION +ynh_exec_warn_less ynh_install_ruby --ruby_version=$RUBY_VERSION + +#================================================= +# NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=1 + +# Create a dedicated NGINX config +ynh_add_nginx_config #================================================= # SPECIFIC UPGRADE -#================================================= - #================================================= # INSTALLING RUBY AND BUNDLER #================================================= @@ -176,21 +148,9 @@ ynh_script_progression --message="Updating a configuration file..." --weight=1 database_yml="$final_path/config/database.yml" diaspora_toml="$final_path/config/diaspora.toml" -language="$(echo $language | head -c 2)" -redis_namespace=${app}_production -ynh_app_setting_set --app="$app" --key=redis_namespace --value="$redis_namespace" - -secret_key_base=$(ynh_string_random --length=128) -ynh_app_setting_set --app="$app" --key=secret_key_base --value="$secret_key_base" - -ynh_add_config --template="$database_yml.example" --destination="$database_yml" -ynh_add_config --template="$diaspora_toml.example" --destination="$diaspora_toml" - - -ynh_replace_string --match_string="#certificate_authorities = \"/etc/ssl/" --replace_string="certificate_authorities = \"/etc/ssl/" --target_file=$diaspora_toml -ynh_replace_string --match_string="username: \"postgres\"" --replace_string="username: \"$db_user\"" --target_file=$database_yml -ynh_replace_string --match_string="password: \"postgres\"" --replace_string="password: \"$db_pwd\"" --target_file=$database_yml +ynh_add_config --template="../conf/database.yml.example" --destination="$database_yml" +ynh_add_config --template="../conf/diaspora.toml.example" --destination="$diaspora_toml" chmod 400 "$database_yml" chown $app:$app "$database_yml" @@ -207,16 +167,18 @@ ynh_script_progression --message="Upgrading systemd configuration..." --weight=1 ynh_add_systemd_config --service="$app-web" --template="acropolis-web.service" ynh_add_systemd_config --service="$app-sidekiq" --template="acropolis-sidekiq.service" - +#================================================= +# UPGRADE ACROPOLIS +#================================================= ynh_script_progression --message="Upgrading acropolis..." pushd "$final_path" - sudo -u $app $ynh_ruby_load_path bin/bundle config deployment 'true' - sudo -u $app $ynh_ruby_load_path bin/bundle config without 'development test' - sudo -u $app $ynh_ruby_load_path bin/bundle install -j$(getconf _NPROCESSORS_ONLN) - sudo -u $app RAILS_ENV=production $ynh_ruby_load_path bin/bundle exec rails assets:clean - sudo -u $app RAILS_ENV=production $ynh_ruby_load_path bin/bundle exec rails assets:precompile - sudo -u $app RAILS_ENV=production $ynh_ruby_load_path bin/bundle exec rails db:migrate + ynh_exec_warn_less ynh_exec_as $app $ynh_ruby_load_path bin/bundle config deployment 'true' + ynh_exec_warn_less ynh_exec_as $app $ynh_ruby_load_path bin/bundle config without 'development test' + ynh_exec_warn_less ynh_exec_as $app $ynh_ruby_load_path bin/bundle install -j$(getconf _NPROCESSORS_ONLN) + ynh_exec_warn_less ynh_exec_as $app $ynh_ruby_load_path RAILS_ENV=production bin/rake assets:clean + ynh_exec_warn_less ynh_exec_as $app $ynh_ruby_load_path RAILS_ENV=production bin/rake assets:precompile + ynh_exec_warn_less ynh_exec_as $app $ynh_ruby_load_path RAILS_ENV=production bin/rake db:migrate popd #================================================= @@ -242,8 +204,8 @@ yunohost service add "$app-sidekiq" --description="$app sidekiq service" #================================================= ynh_script_progression --message="Starting a systemd service..." --weight=1 -ynh_systemd_action --service_name=${app}-web --action="start" --log_path=systemd --line_match="Listening on" -ynh_systemd_action --service_name=${app}-sidekiq --action="start" --log_path=systemd --line_match="Schedules Loaded" +ynh_systemd_action --service_name=${app}-web --action="start" --log_path=systemd --line_match="listening on" +ynh_systemd_action --service_name=${app}-sidekiq --action="start" --log_path=systemd --line_match="Booted Rails" #================================================= # RELOAD NGINX diff --git a/sources/extra_files/app/.gitignore b/sources/extra_files/app/.gitignore deleted file mode 100644 index 783a4ae..0000000 --- a/sources/extra_files/app/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -*~ -*.sw[op] diff --git a/sources/patches/.gitignore b/sources/patches/.gitignore deleted file mode 100644 index 783a4ae..0000000 --- a/sources/patches/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -*~ -*.sw[op]