diff --git a/README.md b/README.md index d762e71..270b97e 100644 --- a/README.md +++ b/README.md @@ -1,30 +1,48 @@ -# AdGuard Home app for YunoHost -AdGuard Home Server + -**Shipped version:** 0.104.1 +# AdGuard Home for YunoHost -- [Yunohost project](https://yunohost.org) -- [AdGuard Home website](https://github.com/AdguardTeam/AdGuardHome) +[![Integration level](https://dash.yunohost.org/integration/adguardhome.svg)](https://dash.yunohost.org/appci/app/adguardhome) ![](https://ci-apps.yunohost.org/ci/badges/adguardhome.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/adguardhome.maintain.svg) +[![Install AdGuard Home with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=adguardhome) -![](https://camo.githubusercontent.com/c6c427a65dd6a52d092015fff9205e148130aa94/68747470733a2f2f63646e2e616467756172642e636f6d2f7075626c69632f416467756172642f436f6d6d6f6e2f616467756172645f686f6d652e737667) +*[Lire ce readme en français.](./README_fr.md)* + +> *This package allows you to install AdGuard Home quickly and simply on a YunoHost server. +If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/install) to learn how to install it.* + +## Overview + +Network-wide ads & trackers blocking DNS server + +**Shipped version:** 0.106.3~ynh1 -[![Install AdGuard Home with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=adguard) -### Installing guide +## Screenshots - App can be installed by YunoHost **admin web-interface** or by **running following command**: +![](./doc/screenshots/68747470733a2f2f63646e2e616467756172642e636f6d2f7075626c69632f416467756172642f436f6d6d6f6e2f616467756172645f686f6d652e676966.gif) - $ sudo yunohost app install https://github.com/YunoHost-Apps/adguard_ynh +## Documentation and resources - Fail to start ? try : +* Official app website: https://adguard.com/adguard-home.html +* Official user documentation: https://kb.adguard.com/en +* Official admin documentation: https://github.com/AdguardTeam/AdGuardHome/wiki +* Upstream app code repository: https://github.com/AdguardTeam/AdGuardHome +* YunoHost documentation for this app: https://yunohost.org/app_adguardhome +* Report a bug: https://github.com/YunoHost-Apps/adguardhome_ynh/issues - $ systemctl status adguard - $ apt install -y net-tools - $ netstat -tlnp | grep 53 +## Developer info +Please send your pull request to the [testing branch](https://github.com/YunoHost-Apps/adguardhome_ynh/tree/testing). -### Upgrade this package: - - $ sudo yunohost app upgrade adguard -u https://github.com/YunoHost-Apps/adguard_ynh +To try the testing branch, please proceed like that. +``` +sudo yunohost app install https://github.com/YunoHost-Apps/adguardhome_ynh/tree/testing --debug +or +sudo yunohost app upgrade adguardhome -u https://github.com/YunoHost-Apps/adguardhome_ynh/tree/testing --debug +``` +**More info regarding app packaging:** https://yunohost.org/packaging_apps \ No newline at end of file diff --git a/README_fr.md b/README_fr.md new file mode 100644 index 0000000..1455b0e --- /dev/null +++ b/README_fr.md @@ -0,0 +1,44 @@ +# AdGuard Home pour YunoHost + +[![Niveau d'intégration](https://dash.yunohost.org/integration/adguardhome.svg)](https://dash.yunohost.org/appci/app/adguardhome) ![](https://ci-apps.yunohost.org/ci/badges/adguardhome.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/adguardhome.maintain.svg) +[![Installer AdGuard Home avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=adguardhome) + +*[Read this readme in english.](./README.md)* +*[Lire ce readme en français.](./README_fr.md)* + +> *Ce package vous permet d'installer AdGuard Home rapidement et simplement sur un serveur YunoHost. +Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.* + +## Vue d'ensemble + +Serveur DNS, bloqueur de publicités et trackers + +**Version incluse :** 0.106.3~ynh1 + + + +## Captures d'écran + +![](./doc/screenshots/68747470733a2f2f63646e2e616467756172642e636f6d2f7075626c69632f416467756172642f436f6d6d6f6e2f616467756172645f686f6d652e676966.gif) + +## Documentations et ressources + +* Site officiel de l'app : https://adguard.com/adguard-home.html +* Documentation officielle utilisateur : https://kb.adguard.com/en +* Documentation officielle de l'admin : https://github.com/AdguardTeam/AdGuardHome/wiki +* Dépôt de code officiel de l'app : https://github.com/AdguardTeam/AdGuardHome +* Documentation YunoHost pour cette app : https://yunohost.org/app_adguardhome +* Signaler un bug : https://github.com/YunoHost-Apps/adguardhome_ynh/issues + +## Informations pour les développeurs + +Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/adguardhome_ynh/tree/testing). + +Pour essayer la branche testing, procédez comme suit. +``` +sudo yunohost app install https://github.com/YunoHost-Apps/adguardhome_ynh/tree/testing --debug +ou +sudo yunohost app upgrade adguardhome -u https://github.com/YunoHost-Apps/adguardhome_ynh/tree/testing --debug +``` + +**Plus d'infos sur le packaging d'applications :** https://yunohost.org/packaging_apps \ No newline at end of file diff --git a/check_process b/check_process old mode 100644 new mode 100755 index 0cbeae3..5482428 --- a/check_process +++ b/check_process @@ -1,42 +1,27 @@ -# See here for more informations -# https://github.com/YunoHost/package_check#syntax-check_process-file - -# Move this file from check_process.default to check_process when you have filled it. - ;; Test complet ; Manifest - domain="domain.tld" (DOMAIN) - path="/" (PATH) - is_public=1 (PUBLIC|public=1|private=0) -# password="pass" -# nextclouddomain="domain.tld" - port="9980" (PORT) + domain="domain.tld" + path="/path" + admin="john" + is_public=1 + password="1Strong-Password" ; Checks pkg_linter=1 setup_sub_dir=0 setup_root=1 setup_nourl=0 - setup_private=0 + setup_private=1 setup_public=1 upgrade=1 + #upgrade=1 from_commit=CommitHash backup_restore=1 - multi_instance=1 - incorrect_path=1 + multi_instance=0 port_already_use=0 - change_url=0 -;;; Levels - Level 1=auto - Level 2=auto - Level 3=auto -# Level 4: - Level 4=1 (This app supports the Nextcloud LDAP auth) -# Level 5: - Level 5=auto - Level 6=auto - Level 7=auto - Level 8=0 - Level 9=0 - Level 10=0 + change_url=1 ;;; Options Email= Notification=none +;;; Upgrade options + ; commit=CommitHash + name=Name and date of the commit. + manifest_arg=domain=DOMAIN&path=PATH&admin=USER&language=fr&is_public=1&password=pass&port=666& diff --git a/conf/AdGuardHome.yaml b/conf/AdGuardHome.yaml index 29b29cb..4651b48 100644 --- a/conf/AdGuardHome.yaml +++ b/conf/AdGuardHome.yaml @@ -1,16 +1,20 @@ bind_host: 0.0.0.0 -bind_port: 3000 +bind_port: __PORT__ +beta_bind_port: 0 users: -- name: __USER__ - password: __PWD__ +- name: __ADMIN__ + password: __PASSWORD__ +auth_attempts: 5 +block_auth_min: 15 http_proxy: "" language: "" rlimit_nofile: 0 debug_pprof: false web_session_ttl: 720 dns: - bind_host: 0.0.0.0 - port: 53 + bind_hosts: + - 0.0.0.0 + port: __ADGUARD_PORT__ statistics_interval: 1 querylog_enabled: true querylog_file_enabled: true @@ -63,6 +67,9 @@ dns: cache_time: 30 rewrites: [] blocked_services: [] + local_domain_name: lan + resolve_clients: true + local_ptr_upstreams: [] tls: enabled: false server_name: "" @@ -70,6 +77,8 @@ tls: port_https: 443 port_dns_over_tls: 853 port_dns_over_quic: 784 + port_dnscrypt: 0 + dnscrypt_config_file: "" allow_unencrypted_doh: false strict_sni_check: false certificate_chain: "" @@ -115,4 +124,4 @@ log_max_size: 100 log_max_age: 3 log_file: "" verbose: false -schema_version: 7 +schema_version: 10 \ No newline at end of file diff --git a/conf/app-amd64.src b/conf/app-amd64.src deleted file mode 100644 index 1765737..0000000 --- a/conf/app-amd64.src +++ /dev/null @@ -1,7 +0,0 @@ -SOURCE_URL=https://github.com/AdguardTeam/AdGuardHome/releases/download/v0.104.1/AdGuardHome_linux_amd64.tar.gz -SOURCE_SUM=1af720ff10f68a1f78858500b182b63bfecef7c95fe53f4a26e460f2d59e3fd0c52db04654078eb3d98cc422001f40b14cba663d730d4ca99bdd874c4f500963 -SOURCE_SUM_PRG=sha512sum -SOURCE_FORMAT=tar.gz -SOURCE_IN_SUBDIR=true -SOURCE_EXTRACT=true -SOURCE_FILENAME=adguard.tar.gz diff --git a/conf/app-arm.src b/conf/app-arm.src deleted file mode 100644 index 5923c34..0000000 --- a/conf/app-arm.src +++ /dev/null @@ -1,7 +0,0 @@ -SOURCE_URL=https://github.com/AdguardTeam/AdGuardHome/releases/download/v0.104.1/AdGuardHome_linux_armv7.tar.gz -SOURCE_SUM=0fc56bbd1c4cf97ad17ebec4ffc8257619673567403c2972e77a75af762f566f7f088bf769e23d1dc615836e48ca6e51cc51cb52e3a2790ecc2618cb7e94b13f -SOURCE_SUM_PRG=sha512sum -SOURCE_FORMAT=tar.gz -SOURCE_IN_SUBDIR=true -SOURCE_EXTRACT=true -SOURCE_FILENAME=adguard.tar.gz diff --git a/conf/app-arm64.src b/conf/app-arm64.src deleted file mode 100644 index 3afcc98..0000000 --- a/conf/app-arm64.src +++ /dev/null @@ -1,7 +0,0 @@ -SOURCE_URL=https://github.com/AdguardTeam/AdGuardHome/releases/download/v0.104.1/AdGuardHome_linux_arm64.tar.gz -SOURCE_SUM=44fe711b28a4ecb023eee662f8fb7d66ab5dd195584e264d8af0e51549c332b8225ddd3c8418894b0b8ecdbca229ced26f3340893f88b04153a672f3272cc974 -SOURCE_SUM_PRG=sha512sum -SOURCE_FORMAT=tar.gz -SOURCE_IN_SUBDIR=true -SOURCE_EXTRACT=true -SOURCE_FILENAME=adguard.tar.gz diff --git a/conf/armv7.src b/conf/armv7.src new file mode 100644 index 0000000..f6682a8 --- /dev/null +++ b/conf/armv7.src @@ -0,0 +1,7 @@ +SOURCE_URL=https://github.com/AdguardTeam/AdGuardHome/releases/download/v0.106.3/AdGuardHome_linux_armv7.tar.gz +SOURCE_SUM=8bbc0e15ab68b2a11630e84f318f755f4a6f92ea9d0fa727e107f060ed6f5a2c +SOURCE_SUM_PRG=sha256sum +SOURCE_FORMAT=tar.gz +SOURCE_IN_SUBDIR=2 +SOURCE_FILENAME= +SOURCE_EXTRACT=true diff --git a/conf/htpasswd-amd64 b/conf/htpasswd-amd64 deleted file mode 100644 index 3b31b47..0000000 Binary files a/conf/htpasswd-amd64 and /dev/null differ diff --git a/conf/htpasswd-arm64 b/conf/htpasswd-arm64 deleted file mode 100644 index 233b098..0000000 Binary files a/conf/htpasswd-arm64 and /dev/null differ diff --git a/conf/htpasswd-armhf b/conf/htpasswd-armhf deleted file mode 100644 index 86998d2..0000000 Binary files a/conf/htpasswd-armhf and /dev/null differ diff --git a/conf/nginx.conf b/conf/nginx.conf index fc5aff9..4575d7b 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,10 +1,11 @@ -# Force usage of https +location __PATH__/ { + + # Force usage of https if ($scheme = http) { rewrite ^ https://$server_name$request_uri? permanent; -} + } -location ^~ __PATH__/ { - proxy_pass http://127.0.0.1:3000; + proxy_pass http://127.0.0.1:__PORT__; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; @@ -15,4 +16,13 @@ location ^~ __PATH__/ { proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; + + # Include SSOWAT user panel. + include conf.d/yunohost_panel.conf.inc; } + +#location ~ .*.(gif|jpg|jpeg|png|bmp|swf|css|js)$ { +# proxy_pass http://127.0.0.1:__PORT__; +# proxy_set_header Host $host; +# proxy_set_header X-Forwarded-For $remote_addr; +# } diff --git a/conf/systemd.service b/conf/systemd.service index da68ecd..8f278e9 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -1,16 +1,19 @@ [Unit] -Description=adguard -After=network.target +Description=AdGuard Home: Network-level blocker +ConditionFileIsExecutable=__FINALPATH__/AdGuardHome +After=syslog.target network-online.target [Service] -WorkingDirectory=__FINALPATH__ -User=root -Group=users Type=simple -UMask=000 -ExecStart=__FINALPATH__/AdGuardHome -RestartSec=15 +User=__APP__ +Group=__APP__ +StartLimitInterval=5 +StartLimitBurst=10 +WorkingDirectory=__FINALPATH__/ +ExecStart=__FINALPATH__/AdGuardHome Restart=always +RestartSec=10 +#EnvironmentFile=-/etc/sysconfig/AdGuardHome [Install] -WantedBy=multi-user.target \ No newline at end of file +WantedBy=multi-user.target diff --git a/conf/x86-64.src b/conf/x86-64.src new file mode 100644 index 0000000..5b17899 --- /dev/null +++ b/conf/x86-64.src @@ -0,0 +1,7 @@ +SOURCE_URL=https://github.com/AdguardTeam/AdGuardHome/releases/download/v0.106.3/AdGuardHome_linux_amd64.tar.gz +SOURCE_SUM=a89332993c66a0f94886e243eb3141596c33cfe085c7ef7e30ead1885b40e086 +SOURCE_SUM_PRG=sha256sum +SOURCE_FORMAT=tar.gz +SOURCE_IN_SUBDIR=2 +SOURCE_FILENAME= +SOURCE_EXTRACT=true \ No newline at end of file diff --git a/doc/.DS_Store b/doc/.DS_Store new file mode 100644 index 0000000..c90376b Binary files /dev/null and b/doc/.DS_Store differ diff --git a/doc/screenshots/68747470733a2f2f63646e2e616467756172642e636f6d2f7075626c69632f416467756172642f436f6d6d6f6e2f616467756172645f686f6d652e676966.gif b/doc/screenshots/68747470733a2f2f63646e2e616467756172642e636f6d2f7075626c69632f416467756172642f436f6d6d6f6e2f616467756172645f686f6d652e676966.gif new file mode 100644 index 0000000..035054c Binary files /dev/null and b/doc/screenshots/68747470733a2f2f63646e2e616467756172642e636f6d2f7075626c69632f416467756172642f436f6d6d6f6e2f616467756172645f686f6d652e676966.gif differ diff --git a/manifest.json b/manifest.json index 7840cf9..d0da57b 100644 --- a/manifest.json +++ b/manifest.json @@ -1,73 +1,49 @@ { "name": "AdGuard Home", - "id": "adguard", + "id": "adguardhome", "packaging_format": 1, "description": { - "en": "AdGuard Home package for YunoHost.", - "fr": "AdGuard Home pour YunoHost." + "en": "Network-wide ads & trackers blocking DNS server", + "fr": "Serveur DNS, bloqueur de publicités et trackers" }, - "version": "0.103.3", - "url": "https://github.com/AdguardTeam/AdGuardHome", - "license": "free", + "version": "0.106.3~ynh1", + "url": "https://adguard.com/adguard-home.html", + "upstream": { + "license": "GPL-3.0", + "website": "https://adguard.com/adguard-home.html", + "admindoc": "https://github.com/AdguardTeam/AdGuardHome/wiki", + "userdoc": "https://kb.adguard.com/en", + "code": "https://github.com/AdguardTeam/AdGuardHome" + }, + "license": "GPL-3.0", "maintainer": { "name": "liberodark", "email": "liberodark@gmail.com" }, "requirements": { - "yunohost": ">= 2.7.2" + "yunohost": ">= 4.2.4" }, "multi_instance": false, "services": [ - "nginx", - "php5-fpm", - "mysql" + "nginx" ], "arguments": { "install": [{ "name": "domain", - "type": "domain", - "ask": { - "en": "Choose a domain name for AdGuard Home", - "fr": "Choisissez un nom de domaine pour AdGuard Home" - }, - "example": "example.com" - }, - { - "name": "path", - "type": "path", - "ask": { - "en": "Choose a path for AdGuard Home / is accepted", - "fr": "Choisissez un chemin pour AdGuard Home / est accepté" - }, - "example": "/", - "default": "/" + "type": "domain" }, { "name": "is_public", "type": "boolean", - "ask": { - "en": "Is it a public site ?", - "fr": "Est-ce un site public ?" - }, - "default": "true" + "default": true }, { - "name": "ad_user", - "type": "ad_user", - "ask": { - "en": "Enter your admin username ?", - "fr": "Entrez votre nom d'utilisateur ?" - }, - "example": "liberodark" + "name": "admin", + "type": "user" }, { - "name": "ad_password", - "type": "ad_password", - "ask": { - "en": "Enter your password !", - "fr": "Entrez votre mot de passe !" - }, - "example": "mypassword" + "name": "password", + "type": "password" } ] } diff --git a/scripts/_common.sh b/scripts/_common.sh index 0f53f77..f15ea3d 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -1,112 +1,45 @@ #!/bin/bash -# ============================================================================= -# YUNOHOST 2.7 FORTHCOMING HELPERS -# ============================================================================= +#================================================= +# COMMON VARIABLES +#================================================= -# Create a dedicated nginx config +# dependencies used by the app +pkg_dependencies="python3-bcrypt" + +#================================================= +# PERSONAL HELPERS +#================================================= + +#================================================= +# EXPERIMENTAL HELPERS +#================================================= + +#================================================= +# FUTURE OFFICIAL HELPERS +#================================================= + +# Check the architecture # -# usage: ynh_add_nginx_config -ynh_add_nginx_config () { - finalnginxconf="/etc/nginx/conf.d/$domain.d/$app.conf" - ynh_backup_if_checksum_is_different "$finalnginxconf" - sudo cp ../conf/nginx.conf "$finalnginxconf" - - # To avoid a break by set -u, use a void substitution ${var:-}. If the variable is not set, it's simply set with an empty variable. - # Substitute in a nginx config file only if the variable is not empty - if test -n "${path_url:-}"; then - ynh_replace_string "__PATH__" "$path_url" "$finalnginxconf" - fi - if test -n "${domain:-}"; then - ynh_replace_string "__DOMAIN__" "$domain" "$finalnginxconf" - fi - if test -n "${port:-}"; then - ynh_replace_string "__PORT__" "$port" "$finalnginxconf" - fi - if test -n "${app:-}"; then - ynh_replace_string "__NAME__" "$app" "$finalnginxconf" - fi - if test -n "${final_path:-}"; then - ynh_replace_string "__FINALPATH__" "$final_path" "$finalnginxconf" - fi - ynh_store_file_checksum "$finalnginxconf" - - sudo systemctl reload nginx -} - -# Remove the dedicated nginx config +# example: architecture=$(ynh_detect_arch) # -# usage: ynh_remove_nginx_config -ynh_remove_nginx_config () { - ynh_secure_remove "/etc/nginx/conf.d/$domain.d/$app.conf" - sudo systemctl reload nginx -} - -# Create a dedicated php-fpm config +# usage: ynh_detect_arch # -# usage: ynh_add_fpm_config -ynh_add_fpm_config () { - finalphpconf="/etc/php5/fpm/pool.d/$app.conf" - ynh_backup_if_checksum_is_different "$finalphpconf" - sudo cp ../conf/php-fpm.conf "$finalphpconf" - ynh_replace_string "__NAMETOCHANGE__" "$app" "$finalphpconf" - ynh_replace_string "__FINALPATH__" "$final_path" "$finalphpconf" - ynh_replace_string "__USER__" "$app" "$finalphpconf" - sudo chown root: "$finalphpconf" - ynh_store_file_checksum "$finalphpconf" - - if [ -e "../conf/php-fpm.ini" ] - then - finalphpini="/etc/php5/fpm/conf.d/20-$app.ini" - ynh_backup_if_checksum_is_different "$finalphpini" - sudo cp ../conf/php-fpm.ini "$finalphpini" - sudo chown root: "$finalphpini" - ynh_store_file_checksum "$finalphpini" - fi - - sudo systemctl reload php5-fpm -} - -# Remove the dedicated php-fpm config -# -# usage: ynh_remove_fpm_config -ynh_remove_fpm_config () { - ynh_secure_remove "/etc/php5/fpm/pool.d/$app.conf" - ynh_secure_remove "/etc/php5/fpm/conf.d/20-$app.ini" 2>&1 - sudo systemctl reload php5-fpm -} - -# Create a dedicated systemd config -# -# usage: ynh_add_systemd_config -ynh_add_systemd_config () { - finalsystemdconf="/etc/systemd/system/$app.service" - ynh_backup_if_checksum_is_different "$finalsystemdconf" - sudo cp ../conf/systemd.service "$finalsystemdconf" - - # To avoid a break by set -u, use a void substitution ${var:-}. If the variable is not set, it's simply set with an empty variable. - # Substitute in a nginx config file only if the variable is not empty - if test -n "${final_path:-}"; then - ynh_replace_string "__FINALPATH__" "$final_path" "$finalsystemdconf" - fi - if test -n "${app:-}"; then - ynh_replace_string "__APP__" "$app" "$finalsystemdconf" - fi - ynh_store_file_checksum "$finalsystemdconf" - - sudo chown root: "$finalsystemdconf" - sudo systemctl enable $app - sudo systemctl daemon-reload -} - -# Remove the dedicated systemd config -# -# usage: ynh_remove_systemd_config -ynh_remove_systemd_config () { - finalsystemdconf="/etc/systemd/system/$app.service" - if [ -e "$finalsystemdconf" ]; then - sudo systemctl stop $app - sudo systemctl disable $app - ynh_secure_remove "$finalsystemdconf" - fi +# Requires YunoHost version 2.2.4 or higher. +ynh_detect_arch(){ + local architecture + if [ -n "$(uname -m | grep arm64)" ] || [ -n "$(uname -m | grep aarch64)" ]; then + architecture="arm64" + elif [ -n "$(uname -m | grep 64)" ]; then + architecture="x86-64" + elif [ -n "$(uname -m | grep armv7)" ]; then + architecture="armv7" + elif [ -n "$(uname -m | grep armv6)" ]; then + architecture="armv6" + elif [ -n "$(uname -m | grep armv5)" ]; then + architecture="armv5" + else + architecture="unknown" + fi + echo $architecture } diff --git a/scripts/backup b/scripts/backup index 13ce93d..fb3c925 100644 --- a/scripts/backup +++ b/scripts/backup @@ -6,7 +6,7 @@ # IMPORT GENERIC HELPERS #================================================= -#Keep this path for calling _common.sh inside the execution's context of backup and restore scripts +# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers @@ -24,54 +24,38 @@ ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading installation settings..." --time --weight=1 +ynh_print_info --message="Loading installation settings..." app=$YNH_APP_INSTANCE_NAME -final_path=$(ynh_app_setting_get --app="$app" --key=final_path) -domain=$(ynh_app_setting_get --app="$app" --key=domain) +final_path=$(ynh_app_setting_get --app=$app --key=final_path) +domain=$(ynh_app_setting_get --app=$app --key=domain) #================================================= -# STANDARD BACKUP STEPS +# DECLARE DATA AND CONF FILES TO BACKUP #================================================= -# STOP SYSTEMD SERVICE -#================================================= -ynh_script_progression --message="Stopping a systemd service..." --time --weight=1 - -ynh_systemd_action --service_name="$app" --action="stop" --log_path="/var/log/$app/$app.log" +ynh_print_info --message="Declaring files to be backed up..." #================================================= # BACKUP THE APP MAIN DIR #================================================= -ynh_script_progression --message="Backing up the main app directory..." --time --weight=1 ynh_backup --src_path="$final_path" #================================================= # BACKUP THE NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Backing up nginx web server configuration..." --time --weight=1 ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" -#================================================= -# SPECIFIC BACKUP #================================================= # BACKUP SYSTEMD #================================================= -ynh_script_progression --message="Backing up systemd configuration..." --time --weight=1 ynh_backup --src_path="/etc/systemd/system/$app.service" -#================================================= -# START SYSTEMD SERVICE -#================================================= -ynh_script_progression --message="Starting a systemd service..." --time --weight=1 - -ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/$app.log" - #================================================= # END OF SCRIPT #================================================= -ynh_script_progression --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." --time --last +ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." diff --git a/scripts/change_url b/scripts/change_url new file mode 100644 index 0000000..fd8eea8 --- /dev/null +++ b/scripts/change_url @@ -0,0 +1,114 @@ +#!/bin/bash + +#================================================= +# GENERIC STARTING +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +source _common.sh +source /usr/share/yunohost/helpers + +#================================================= +# RETRIEVE ARGUMENTS +#================================================= + +old_domain=$YNH_APP_OLD_DOMAIN +old_path=$YNH_APP_OLD_PATH + +new_domain=$YNH_APP_NEW_DOMAIN +new_path=$YNH_APP_NEW_PATH + +app=$YNH_APP_INSTANCE_NAME + +#================================================= +# LOAD SETTINGS +#================================================= +ynh_script_progression --message="Loading installation settings..." --weight=1 + +# Needed for helper "ynh_add_nginx_config" +final_path=$(ynh_app_setting_get --app=$app --key=final_path) + +#================================================= +# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP +#================================================= +ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=1 + +# Backup the current version of the app +ynh_backup_before_upgrade +ynh_clean_setup () { + # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location. + ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" + + # Restore it if the upgrade fails + ynh_restore_upgradebackup +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + +#================================================= +# CHECK WHICH PARTS SHOULD BE CHANGED +#================================================= + +change_domain=0 +if [ "$old_domain" != "$new_domain" ] +then + change_domain=1 +fi + +if [ "$old_path" != "$new_path" ] || [ "$new_path" != "/" ] +then + ynh_die --message="You must use a root domain" +fi + +#================================================= +# STANDARD MODIFICATIONS +#================================================= +# STOP SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Stopping a systemd service..." --weight=1 + +ynh_systemd_action --service_name=$app --action="stop" + +#================================================= +# MODIFY URL IN NGINX CONF +#================================================= +ynh_script_progression --message="Updating NGINX web server configuration..." --weight=1 + +nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf + +# Change the domain for NGINX +if [ $change_domain -eq 1 ] +then + # Delete file checksum for the old conf file location + ynh_delete_file_checksum --file="$nginx_conf_path" + mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf + # Store file checksum for the new config file location + ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" +fi + +#================================================= +# SPECIFIC MODIFICATIONS +#================================================= + +#================================================= +# GENERIC FINALISATION +#================================================= +# START SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Starting a systemd service..." --weight=1 + +ynh_systemd_action --service_name=$app --action="start" + +#================================================= +# RELOAD NGINX +#================================================= +ynh_script_progression --message="Reloading NGINX web server..." --weight=1 + +ynh_systemd_action --service_name=nginx --action=reload + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Change of URL completed for $app" --last \ No newline at end of file diff --git a/scripts/install b/scripts/install index 57cf270..2fbc514 100644 --- a/scripts/install +++ b/scripts/install @@ -13,10 +13,6 @@ source /usr/share/yunohost/helpers # MANAGE SCRIPT FAILURE #================================================= -ynh_clean_setup () { - ### Remove this function if there's nothing to clean before calling the remove script. - true -} # Exit if an error occurs during the execution of the script ynh_abort_if_errors @@ -26,171 +22,151 @@ ynh_abort_if_errors # Retrieve arguments domain=$YNH_APP_ARG_DOMAIN -path_url=$YNH_APP_ARG_PATH +path_url="/" is_public=$YNH_APP_ARG_IS_PUBLIC -ad_user=$YNH_APP_ARG_AD_USER -ad_password=$YNH_APP_ARG_AD_PASSWORD +admin=$YNH_APP_ARG_ADMIN +password=$YNH_APP_ARG_PASSWORD +architecture=$(ynh_detect_arch) -### If it's a multi-instance app, meaning it can be installed several times independently -### The id of the app as stated in the manifest is available as $YNH_APP_ID -### The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2", ...) -### The app instance name is available as $YNH_APP_INSTANCE_NAME -### - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample -### - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2 -### - ynhexample__{N} for the subsequent installations, with N=3,4, ... -### The app instance name is probably what interests you most, since this is -### guaranteed to be unique. This is a good unique identifier to define installation path, -### db names, ... app=$YNH_APP_INSTANCE_NAME #================================================= # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS #================================================= +ynh_script_progression --message="Validating installation parameters..." --weight=1 -### If the app uses nginx as web server (written in HTML/PHP in most cases), the final path should be "/var/www/$app". -### If the app provides an internal web server (or uses another application server such as uwsgi), the final path should be "/opt/yunohost/$app" -final_path=/opt/yunohost/$app -test ! -e "$final_path" || ynh_die "This path already contains a folder" +final_path=/var/www/$app +test ! -e "$final_path" || ynh_die --message="This path already contains a folder" -# Normalize the url path syntax -path_url=$(ynh_normalize_url_path "$path_url") - -# Check web path availability -ynh_webpath_available "$domain" "$path_url" # Register (book) web path -ynh_webpath_register "$app" "$domain" "$path_url" +ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url #================================================= # STORE SETTINGS FROM MANIFEST #================================================= +ynh_script_progression --message="Storing installation settings..." --weight=2 -ynh_app_setting_set "$app" domain "$domain" -ynh_app_setting_set "$app" path "$path_url" -ynh_app_setting_set "$app" is_public "$is_public" - -#============================================== -# INSTALL DEPS -#============================================== - -ynh_install_app_dependencies libcap2-bin libaprutil1 +ynh_app_setting_set --app=$app --key=domain --value=$domain +ynh_app_setting_set --app=$app --key=path --value=$path_url +ynh_app_setting_set --app=$app --key=admin --value=$admin #================================================= # FIND AND OPEN A PORT #================================================= +ynh_script_progression --message="Finding an available port..." --weight=1 -### Use these lines if you have to open a port for the application -### `ynh_find_port` will find the first available port starting from the given port. -### If you're not using these lines: -### - Remove the section "CLOSE A PORT" in the remove script +# Find an available port +port=$(ynh_find_port --port=3000) +ynh_app_setting_set --app=$app --key=port --value=$port -# Find a free port -port=$(ynh_find_port 53) +# Find an available port +adguard_port=$(ynh_find_port --port=53) +ynh_app_setting_set --app=$app --key=adguard_port --value=$adguard_port + +# Disable the port 53 for upnp +ynh_exec_warn_less yunohost firewall allow --no-upnp TCP $adguard_port #================================================= -# DOWNLOAD, CHECK AND UNPACK SOURCE +# INSTALL DEPENDENCIES #================================================= +ynh_script_progression --message="Installing dependencies..." --weight=1 -ynh_app_setting_set "$app" final_path "$final_path" - -# Download, check integrity, uncompress and patch the source from app-[arch].src -case $(uname -m) in - x86_64) ynh_setup_source "$final_path" "app-amd64" ;; - aarch64) ynh_setup_source "$final_path" "app-arm64" ;; - armv7l) ynh_setup_source "$final_path" "app-arm" ;; - *) ynh_die "Unknown arch" ;; -esac +# Define and install dependencies +ynh_install_app_dependencies $pkg_dependencies #================================================= -# GENERATE PASSWORD +# CRYPT PASSWORD #================================================= - -case $(uname -m) in - x86_64) htpasswd_arch=htpasswd-amd64 ;; - aarch64) htpasswd_arch=htpasswd-arm64 ;; - armv7l) htpasswd_arch=htpasswd-armhf ;; - *) ynh_die "Unknown arch" ;; -esac - -chmod +x ../conf/$htpasswd_arch -password_gen=$(../conf/$htpasswd_arch -B -n -b "$ad_user" "$ad_password" | sed "s/""$ad_user""://") - -#================================================= -# MODIFY A CONFIG FILE -#================================================= - -ynh_replace_string "__FINALPATH__" "$final_path" "../conf/systemd.service" -ynh_replace_string "__USER__" "$ad_user" "../conf/AdGuardHome.yaml" -ynh_replace_string "__PWD__" "$password_gen" "../conf/AdGuardHome.yaml" - -#================================================= -# SETUP SYSTEMD -#================================================= - -ynh_add_systemd_config -systemctl enable "$app".service - -#============================================== -# INSTALL ADGUARD -#============================================== - -#setcap CAP_NET_BIND_SERVICE=+eip .$final_path/AdGuardHome - -#================================================= -# NGINX CONFIGURATION -#================================================= - -# Create a dedicated nginx config -ynh_add_nginx_config +password=$(python3 -c "import bcrypt; print(bcrypt.hashpw(b\"$password\", bcrypt.gensalt(rounds=10)).decode())") +ynh_app_setting_set --app=$app --key=password --value=$password #================================================= # CREATE DEDICATED USER #================================================= +ynh_script_progression --message="Configuring system user..." --weight=1 # Create a system user -#ynh_system_user_create $app +ynh_system_user_create --username=$app --home_dir=$final_path + +#================================================= +# DOWNLOAD, CHECK AND UNPACK SOURCE +#================================================= +ynh_script_progression --message="Setting up source files..." --weight=4 + +ynh_app_setting_set --app=$app --key=final_path --value=$final_path +# Download, check integrity, uncompress and patch the source from app.src +ynh_setup_source --dest_dir=$final_path --source_id="$architecture" + +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app: "$final_path" + +setcap 'CAP_NET_BIND_SERVICE=+eip CAP_NET_RAW=+eip' $final_path/AdGuardHome + +#================================================= +# NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Configuring NGINX web server..." --weight=3 + +# Create a dedicated NGINX config +ynh_add_nginx_config #================================================= # MODIFY A CONFIG FILE #================================================= +ynh_script_progression --message="Modifying a config file..." --weight=1 -cp -a ../conf/AdGuardHome.yaml "$final_path"/AdGuardHome.yaml +# Main config File +ynh_add_config --template="../conf/AdGuardHome.yaml" --destination="$final_path/AdGuardHome.yaml" + +chmod 600 "$final_path/AdGuardHome.yaml" +chown -R $app: "$final_path/AdGuardHome.yaml" #================================================= -# STORE THE CONFIG FILE CHECKSUM +# SETUP SYSTEMD #================================================= +ynh_script_progression --message="Configuring a systemd service..." --weight=1 -### `ynh_store_file_checksum` is used to store the checksum of a file. -### That way, during the upgrade script, by using `ynh_backup_if_checksum_is_different`, -### you can make a backup of this file before modifying it again if the admin had modified it. - -# Calculate and store the config file checksum into the app settings -#ynh_store_file_checksum "$final_path/AdGuardHome.yaml" +# Create a dedicated systemd config +ynh_add_systemd_config #================================================= # GENERIC FINALIZATION #================================================= -# SECURE FILES AND DIRECTORIES +# INTEGRATE SERVICE IN YUNOHOST #================================================= +ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 -### For security reason, any app should set the permissions to root: before anything else. -### Then, if write authorization is needed, any access should be given only to directories -### that really need such authorization. +yunohost service add $app --description="Ads & trackers blocking DNS server" -# Set permissions to app files -chown -R root: "$final_path" +#================================================= +# START SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Starting a systemd service..." --weight=2 + +# Start a systemd service +ynh_systemd_action --service_name=$app --action="restart" --log_path=systemd #================================================= # SETUP SSOWAT #================================================= +ynh_script_progression --message="Configuring permissions..." --weight=1 -# If app is public, add url to SSOWat conf as skipped_uris -if [ "$is_public" -eq 1 ]; then - # unprotected_uris allows SSO credentials to be passed anyway. - ynh_app_setting_set "$app" unprotected_uris "/" +# Make app public if necessary +if [ $is_public -eq 1 ] +then + ynh_permission_update --permission="main" --add="visitors" fi -# Reload services -systemctl reload nginx -systemctl stop dnsmasq.service -systemctl disable dnsmasq.service -systemctl start "$app".service +#================================================= +# RELOAD NGINX +#================================================= +ynh_script_progression --message="Reloading NGINX web server..." --weight=2 + +ynh_systemd_action --service_name=nginx --action=reload + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Installation of $app completed" --last diff --git a/scripts/remove b/scripts/remove index c6445ec..873c0b8 100644 --- a/scripts/remove +++ b/scripts/remove @@ -12,31 +12,32 @@ source /usr/share/yunohost/helpers #================================================= # LOAD SETTINGS #================================================= -ynh_print_info "Loading installation settings..." +ynh_script_progression --message="Loading installation settings..." --weight=1 app=$YNH_APP_INSTANCE_NAME -domain=$(ynh_app_setting_get "$app" domain) -port=$(ynh_app_setting_get "$app" port) -final_path=$(ynh_app_setting_get "$app" final_path) +domain=$(ynh_app_setting_get --app=$app --key=domain) +port=$(ynh_app_setting_get --app=$app --key=port) +final_path=$(ynh_app_setting_get --app=$app --key=final_path) +adguard_port=$(ynh_app_setting_get --app=$app --key=adguard_port) #================================================= # STANDARD REMOVE #================================================= -# REMOVE SERVICE FROM ADMIN PANEL +# REMOVE SERVICE INTEGRATION IN YUNOHOST #================================================= -# Remove a service from the admin panel, added by `yunohost service add` -if yunohost service status "$app" >/dev/null 2>&1 +# Remove the service from the list of services known by YunoHost (added from `yunohost service add`) +if ynh_exec_warn_less yunohost service status $app >/dev/null then - ynh_print_info "Removing $app service" - yunohost service remove "$app" + ynh_script_progression --message="Removing $app service integration..." --weight=1 + yunohost service remove $app fi #================================================= # STOP AND REMOVE SERVICE #================================================= -ynh_print_info "Stopping and removing the systemd service" +ynh_script_progression --message="Stopping and removing the systemd service..." --weight=1 # Remove the dedicated systemd config ynh_remove_systemd_config @@ -44,7 +45,7 @@ ynh_remove_systemd_config #================================================= # REMOVE DEPENDENCIES #================================================= -ynh_print_info "Removing dependencies" +ynh_script_progression --message="Removing dependencies..." --weight=1 # Remove metapackage and its dependencies ynh_remove_app_dependencies @@ -52,75 +53,39 @@ ynh_remove_app_dependencies #================================================= # REMOVE APP MAIN DIR #================================================= -ynh_print_info "Removing app main directory" +ynh_script_progression --message="Removing app main directory..." --weight=1 # Remove the app directory securely -ynh_secure_remove "$final_path" +ynh_secure_remove --file="$final_path" #================================================= # REMOVE NGINX CONFIGURATION #================================================= -ynh_print_info "Removing nginx web server configuration" +ynh_script_progression --message="Removing NGINX web server configuration..." --weight=1 -# Remove the dedicated nginx config +# Remove the dedicated NGINX config ynh_remove_nginx_config -#================================================= -# REMOVE PHP-FPM CONFIGURATION -#================================================= -#ynh_print_info "Removing php-fpm configuration" - -# Remove the dedicated php-fpm config -#ynh_remove_fpm_config - -#================================================= -# REMOVE LOGROTATE CONFIGURATION -#================================================= -ynh_print_info "Removing logrotate configuration" - -# Remove the app-specific logrotate config -ynh_remove_logrotate - #================================================= # CLOSE A PORT #================================================= -if yunohost firewall list | grep -q "\- $port$" +if yunohost firewall list | grep -q "\- $adguard_port$" then - ynh_print_info "Closing port $port" - ynh_exec_warn_less yunohost firewall disallow TCP "$port" + ynh_script_progression --message="Closing port $adguard_port..." --weight=1 + ynh_exec_warn_less yunohost firewall disallow TCP $adguard_port fi -#================================================= -# SPECIFIC REMOVE -#================================================= -# REMOVE THE CRON FILE -#================================================= - -# Remove a cron file -ynh_secure_remove "/etc/cron.d/$app" - -# Remove a directory securely -ynh_secure_remove "/etc/$app/" - -# Remove the log files -ynh_secure_remove "/var/log/$app/" - -#================================================= -# GENERIC FINALIZATION #================================================= # REMOVE DEDICATED USER #================================================= -ynh_print_info "Removing the dedicated system user" +ynh_script_progression --message="Removing the dedicated system user..." --weight=1 # Delete a system user -ynh_system_user_delete "$app" +ynh_system_user_delete --username=$app #================================================= # END OF SCRIPT #================================================= -systemctl start dnsmasq.service -systemctl enable dnsmasq.service - -ynh_print_info "Removal of $app completed" +ynh_script_progression --message="Removal of $app completed" --last diff --git a/scripts/restore b/scripts/restore index 144f42e..e658c53 100644 --- a/scripts/restore +++ b/scripts/restore @@ -6,7 +6,7 @@ # IMPORT GENERIC HELPERS #================================================= -#Keep this path for calling _common.sh inside the execution's context of backup and restore scripts +# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers @@ -14,32 +14,26 @@ source /usr/share/yunohost/helpers # MANAGE SCRIPT FAILURE #================================================= -ynh_clean_setup () { - #### Remove this function if there's nothing to clean before calling the remove script. - true -} # Exit if an error occurs during the execution of the script ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading settings..." --time --weight=1 +ynh_script_progression --message="Loading installation settings..." --weight=1 app=$YNH_APP_INSTANCE_NAME -domain=$(ynh_app_setting_get --app="$app" --key=domain) -path_url=$(ynh_app_setting_get --app="$app" --key=path) -final_path=$(ynh_app_setting_get --app="$app" --key=final_path) +domain=$(ynh_app_setting_get --app=$app --key=domain) +path_url=$(ynh_app_setting_get --app=$app --key=path) +final_path=$(ynh_app_setting_get --app=$app --key=final_path) #================================================= # CHECK IF THE APP CAN BE RESTORED #================================================= -ynh_script_progression --message="Validating restoration parameters..." --time --weight=1 +ynh_script_progression --message="Validating restoration parameters..." --weight=1 -ynh_webpath_available --domain="$domain" --path_url="$path_url" \ - || ynh_die --message="Path not available: ${domain}${path_url}" -test ! -d "$final_path" \ +test ! -d $final_path \ || ynh_die --message="There is already a directory: $final_path " #================================================= @@ -47,53 +41,70 @@ test ! -d "$final_path" \ #================================================= # RESTORE THE NGINX CONFIGURATION #================================================= +ynh_script_progression --message="Restoring the NGINX configuration..." --weight=1 ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" +#================================================= +# RECREATE THE DEDICATED USER +#================================================= +ynh_script_progression --message="Recreating the dedicated system user..." --weight=1 + +# Create the dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # RESTORE THE APP MAIN DIR #================================================= -ynh_script_progression --message="Restoring the app main directory..." --time --weight=1 +ynh_script_progression --message="Restoring the app main directory..." --weight=1 ynh_restore_file --origin_path="$final_path" -#================================================= -# RECREATE THE DEDICATED USER -#================================================= -ynh_script_progression --message="Recreating the dedicated system user..." --time --weight=1 +# this will be treated as a security issue. +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app: "$final_path" -# Create the dedicated user (if not existing) -ynh_system_user_create --username="$app" +setcap 'CAP_NET_BIND_SERVICE=+eip CAP_NET_RAW=+eip' $final_path/AdGuardHome #================================================= # SPECIFIC RESTORATION +#================================================= +# REINSTALL DEPENDENCIES +#================================================= +ynh_script_progression --message="Reinstalling dependencies..." --weight=1 + +# Define and install dependencies +ynh_install_app_dependencies $pkg_dependencies + #================================================= # RESTORE SYSTEMD #================================================= -ynh_script_progression --message="Restoring the systemd configuration..." --time --weight=1 +ynh_script_progression --message="Restoring the systemd configuration..." --weight=1 ynh_restore_file --origin_path="/etc/systemd/system/$app.service" -systemctl enable "$app".service +systemctl enable $app.service --quiet #================================================= # INTEGRATE SERVICE IN YUNOHOST #================================================= +ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 -yunohost service add "$app" --description "Adguard media system" --log "/var/log/$app/$app.log" +yunohost service add $app --description="Ads & trackers blocking DNS server" #================================================= # START SYSTEMD SERVICE #================================================= -ynh_script_progression --message="Starting a systemd service..." --time --weight=1 +ynh_script_progression --message="Starting a systemd service..." --weight=1 -ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/$app.log" +ynh_systemd_action --service_name=$app --action="restart" --log_path="systemd" #================================================= # GENERIC FINALIZATION #================================================= # RELOAD NGINX AND PHP-FPM #================================================= -ynh_script_progression --message="Reloading nginx web server and php-fpm..." --time --weight=1 +ynh_script_progression --message="Reloading NGINX web server..." --weight=1 ynh_systemd_action --service_name=nginx --action=reload @@ -101,4 +112,4 @@ ynh_systemd_action --service_name=nginx --action=reload # END OF SCRIPT #================================================= -ynh_script_progression --message="Restoration completed for $app" --time --last +ynh_script_progression --message="Restoration completed for $app" --last diff --git a/scripts/upgrade b/scripts/upgrade index c2b10ac..8e09037 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -1,52 +1,157 @@ #!/bin/bash -# Exit on command errors and treat unset variables as an error -set -eu +#================================================= +# GENERIC START +#================================================= +# IMPORT GENERIC HELPERS +#================================================= -# See comments in install script -app=$YNH_APP_INSTANCE_NAME -final_path=/opt/yunohost/$app -date=$(date +%Y.%m.%d_%H-%M-%S) - -# Source YunoHost helpers +source _common.sh source /usr/share/yunohost/helpers -cp -a /opt/yunohost/"$app"/AdGuardHome.yaml /opt/yunohost/"$app"/AdGuardHome.yaml."$date".bak +#================================================= +# LOAD SETTINGS +#================================================= +ynh_script_progression --message="Loading installation settings..." --weight=1 + +app=$YNH_APP_INSTANCE_NAME + +domain=$(ynh_app_setting_get --app=$app --key=domain) +path_url=$(ynh_app_setting_get --app=$app --key=path) +admin=$(ynh_app_setting_get --app=$app --key=admin) +password=$(ynh_app_setting_get --app=$app --key=password) +final_path=$(ynh_app_setting_get --app=$app --key=final_path) +port=$(ynh_app_setting_get --app=$app --key=port) +adguard_port=$(ynh_app_setting_get --app=$app --key=adguard_port) +architecture=$(ynh_detect_arch) + +#================================================= +# CHECK VERSION +#================================================= + +upgrade_type=$(ynh_check_app_version_changed) + +#================================================= +# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +#================================================= +ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=1 + +# Backup the current version of the app +ynh_backup_before_upgrade +ynh_clean_setup () { + # Restore it if the upgrade fails + ynh_restore_upgradebackup +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + +#================================================= +# STANDARD UPGRADE STEPS +#================================================= +# STOP SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Stopping a systemd service..." --weight=1 + +ynh_systemd_action --service_name=$app --action="stop" + +# Disable the port 53 for upnp +ynh_exec_warn_less yunohost firewall allow --no-upnp TCP $adguard_port + +#================================================= +# ENSURE DOWNWARD COMPATIBILITY +#================================================= +ynh_script_progression --message="Ensuring downward compatibility..." --weight=1 + +# Cleaning legacy permissions +if ynh_legacy_permissions_exists; then + ynh_legacy_permissions_delete_all + + ynh_app_setting_delete --app=$app --key=is_public +fi + +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 + +# Create a dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= -ynh_app_setting_set "$app" final_path "$final_path" +if [ "$upgrade_type" == "UPGRADE_APP" ] +then + ynh_script_progression --message="Upgrading source files..." --weight=1 -# Download, check integrity, uncompress and patch the source from app-[arch].src -case $(uname -m) in - x86_64) ynh_setup_source "$final_path" "app-amd64" ;; - aarch64) ynh_setup_source "$final_path" "app-arm64" ;; - armv7l) ynh_setup_source "$final_path" "app-arm" ;; - *) ynh_die "Unknown arch" ;; -esac + # Download, check integrity, uncompress and patch the source from app.src + ynh_setup_source --dest_dir=$final_path --source_id="$architecture" +fi + +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app: "$final_path" + +setcap 'CAP_NET_BIND_SERVICE=+eip CAP_NET_RAW=+eip' $final_path/AdGuardHome #================================================= # NGINX CONFIGURATION #================================================= +ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=1 -# Create a dedicated nginx config -#ynh_add_nginx_config +# Create a dedicated NGINX config +ynh_add_nginx_config #================================================= -# UPGRADE CONFIG +# UPGRADE DEPENDENCIES #================================================= -#cp -a ../conf/loolwsd.xml /etc/loolwsd -#ynh_replace_string "__NEXTCLOUDDOMAIN__" "$nextcloud_domain" "/etc/loolwsd/loolwsd.xml" -#ynh_replace_string "__PASSWORD__" "$password" "/etc/loolwsd/loolwsd.xml" -#systemctl restart loolwsd +ynh_script_progression --message="Upgrading dependencies..." --weight=1 -# If app is public, add url to SSOWat conf as skipped_uris -#if [[ $is_public -eq 1 ]]; then - # See install script -# ynh_app_setting_set "$app" unprotected_uris "/" -#fi +ynh_install_app_dependencies $pkg_dependencies -# Start Adguard service -systemctl restart adguard +#================================================= +# UPDATE A CONFIG FILE +#================================================= +ynh_script_progression --message="Updating a configuration file..." --weight=1 + +# Main config File +ynh_add_config --template="../conf/AdGuardHome.yaml" --destination="$final_path/AdGuardHome.yaml" + +chmod 600 "$final_path/AdGuardHome.yaml" +chown -R $app: "$final_path/AdGuardHome.yaml" + +#================================================= +# SETUP SYSTEMD +#================================================= +ynh_script_progression --message="Upgrading systemd configuration..." --weight=1 + +# Create a dedicated systemd config +ynh_add_systemd_config + +#================================================= +# INTEGRATE SERVICE IN YUNOHOST +#================================================= +ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 + +yunohost service add $app --description="Ads & trackers blocking DNS server" + +#================================================= +# START SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Starting a systemd service..." --weight=1 + +ynh_systemd_action --service_name=$app --action="restart" --log_path="systemd" + +#================================================= +# RELOAD NGINX +#================================================= +ynh_script_progression --message="Reloading NGINX web server..." --weight=1 + +ynh_systemd_action --service_name=nginx --action=reload + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Upgrade of $app completed" --last