diff --git a/.github/workflows/updater.sh b/.github/workflows/updater.sh deleted file mode 100755 index 227490a..0000000 --- a/.github/workflows/updater.sh +++ /dev/null @@ -1,136 +0,0 @@ -#!/bin/bash - -#================================================= -# PACKAGE UPDATING HELPER -#================================================= - -# This script is meant to be run by GitHub Actions -# The YunoHost-Apps organisation offers a template Action to run this script periodically -# Since each app is different, maintainers can adapt its contents so as to perform -# automatic actions when a new upstream release is detected. - -#================================================= -# FETCHING LATEST RELEASE AND ITS ASSETS -#================================================= - -# Fetching information -current_version=$(jq -j '.version|split("~")[0]' manifest.json) -repo=$(jq -j '.upstream.code|split("https://github.com/")[1]' manifest.json) -# Some jq magic is needed, because the latest upstream release is not always the latest version (e.g. security patches for older versions) -version=$(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '.[] | select( .prerelease != true ) | .tag_name' | sort -V | tail -1) -assets=($(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '[ .[] | select(.tag_name=="'"$version"'").assets[].browser_download_url ] | join(" ") | @sh' | tr -d "'")) - -# Later down the script, we assume the version has only digits and dots -# Sometimes the release name starts with a "v", so let's filter it out. -# You may need more tweaks here if the upstream repository has different naming conventions. -if [[ ${version:0:1} == "v" || ${version:0:1} == "V" ]]; then - version=${version:1} -fi - -# Setting up the environment variables -echo "Current version: $current_version" -echo "Latest release from upstream: $version" -{ echo "VERSION=$version"; echo "REPO=$repo"; } >> "$GITHUB_ENV" -# For the time being, let's assume the script will fail -echo "PROCEED=false" >> "$GITHUB_ENV" - -# Proceed only if the retrieved version is greater than the current one -if ! dpkg --compare-versions "$current_version" "lt" "$version" ; then - echo "::warning ::No new version available" - exit 0 -# Proceed only if a PR for this new version does not already exist -elif git ls-remote -q --exit-code --heads https://github.com/"$GITHUB_REPOSITORY".git ci-auto-update-v"$version" ; then - echo "::warning ::A branch already exists for this update" - exit 0 -fi - -# Each release can hold multiple assets (e.g. binaries for different architectures, source code, etc.) -echo "${#assets[@]} available asset(s)" - -#================================================= -# UPDATE SOURCE FILES -#================================================= - -# Here we use the $assets variable to get the resources published in the upstream release. -# Here is an example for Grav, it has to be adapted in accordance with how the upstream releases look like. - -# Let's loop over the array of assets URLs -for asset_url in "${assets[@]}"; do - -echo "Handling asset at $asset_url" - -# Assign the asset to a source file in conf/ directory -# Here we base the source file name upon a unique keyword in the assets url (admin vs. update) -# Leave $src empty to ignore the asset -case $asset_url in - *"AdGuardHome_linux_amd64.tar.gz") - src="amd64" - ;; - *"AdGuardHome_linux_armv7.tar.gz") - src="armhf" - ;; - *"AdGuardHome_linux_arm64.tar.gz") - src="arm64" - ;; - *) - src="" - ;; -esac - -# If $src is not empty, let's process the asset -if [ -n "$src" ]; then - -# Create the temporary directory -tempdir="$(mktemp -d)" - -# Download sources and calculate checksum -filename=${asset_url##*/} -curl --silent -4 -L "$asset_url" -o "$tempdir/$filename" -checksum=$(sha256sum "$tempdir/$filename" | head -c 64) - -# Delete temporary directory -rm -rf "$tempdir" - -# Get extension -if [[ $filename == *.tar.gz ]]; then - extension=tar.gz -else - extension=${filename##*.} -fi - -# Rewrite source file -cat < conf/$src.src -SOURCE_URL=$asset_url -SOURCE_SUM=$checksum -SOURCE_SUM_PRG=sha256sum -SOURCE_FORMAT=tar.gz -SOURCE_IN_SUBDIR=2 -SOURCE_EXTRACT=true -EOT -echo "... conf/$src.src updated" - -else -echo "... asset ignored" -fi - -done - -#================================================= -# SPECIFIC UPDATE STEPS -#================================================= - -# Any action on the app's source code can be done. -# The GitHub Action workflow takes care of committing all changes after this script ends. - -#================================================= -# GENERIC FINALIZATION -#================================================= - -# Replace new version in manifest -echo "$(jq -s --indent 4 ".[] | .version = \"$version~ynh1\"" manifest.json)" > manifest.json - -# No need to update the README, yunohost-bot takes care of it - -# The Action will proceed only if the PROCEED environment variable is set to true -echo "PROCEED=true" >> "$GITHUB_ENV" -exit 0 diff --git a/.github/workflows/updater.yml b/.github/workflows/updater.yml deleted file mode 100644 index ad9b07e..0000000 --- a/.github/workflows/updater.yml +++ /dev/null @@ -1,51 +0,0 @@ -# This workflow allows GitHub Actions to automagically update your app whenever a new upstream release is detected. -# You need to enable Actions in your repository settings, and fetch this Action from the YunoHost-Apps organization. -# This file should be enough by itself, but feel free to tune it to your needs. -# It calls updater.sh, which is where you should put the app-specific update steps. -name: Check for new upstream releases -on: - # Allow to manually trigger the workflow - workflow_dispatch: - # Run it every day at 6:00 UTC - schedule: - - cron: '0 6 * * *' -jobs: - updater: - runs-on: ubuntu-latest - steps: - - name: Fetch the source code - uses: actions/checkout@v3 - with: - token: ${{ secrets.GITHUB_TOKEN }} - ref: 'testing' - - name: Run the updater script - id: run_updater - run: | - # Setting up Git user - git config --global user.name 'yunohost-bot' - git config --global user.email 'yunohost-bot@users.noreply.github.com' - # Run the updater script - /bin/bash .github/workflows/updater.sh - - name: Commit changes - id: commit - if: ${{ env.PROCEED == 'true' }} - run: | - git commit -am "Upgrade to v$VERSION" - - name: Create Pull Request - id: cpr - if: ${{ env.PROCEED == 'true' }} - uses: peter-evans/create-pull-request@v4 - with: - token: ${{ secrets.GITHUB_TOKEN }} - commit-message: Update to version ${{ env.VERSION }} - committer: 'yunohost-bot ' - author: 'yunohost-bot ' - signoff: false - base: testing - branch: ci-auto-update-v${{ env.VERSION }} - delete-branch: true - title: 'Upgrade to version ${{ env.VERSION }}' - body: | - Upgrade to v${{ env.VERSION }} - Changelog: https://github.com/${{ env.REPO }}/releases/tag/v${{ env.VERSION }} - draft: false diff --git a/actions.toml b/actions.toml deleted file mode 100644 index 245a703..0000000 --- a/actions.toml +++ /dev/null @@ -1,8 +0,0 @@ -[reset_default_config] -name = "Reset the AdguardHome config" -command = "/bin/bash scripts/actions/reset_default_config" -# user = "root" # optional -# cwd = "/" # optional -# accepted_return_codes = [0, 1, 2, 3] # optional -accepted_return_codes = [0] -description = "Reset the AdguardHome config for this app." \ No newline at end of file diff --git a/conf/AdGuardHome.yaml b/conf/AdGuardHome.yaml index bc54f6e..a37ec83 100644 --- a/conf/AdGuardHome.yaml +++ b/conf/AdGuardHome.yaml @@ -15,7 +15,7 @@ dns: bind_hosts: __IPV4_ADDR__ __IPV6_ADDR__ - port: __ADGUARD_PORT__ + port: __PORT_ADGUARD__ statistics_interval: 1 querylog_enabled: true querylog_file_enabled: true diff --git a/conf/amd64.src b/conf/amd64.src deleted file mode 100644 index d351214..0000000 --- a/conf/amd64.src +++ /dev/null @@ -1,6 +0,0 @@ -SOURCE_URL=https://github.com/AdguardTeam/AdGuardHome/releases/download/v0.107.41/AdGuardHome_linux_amd64.tar.gz -SOURCE_SUM=9e171202103ff57bd4ddebc280cbc71eb7a33f5b1ba23170f462b3dfcdca93f5 -SOURCE_SUM_PRG=sha256sum -SOURCE_FORMAT=tar.gz -SOURCE_IN_SUBDIR=2 -SOURCE_EXTRACT=true diff --git a/conf/arm64.src b/conf/arm64.src deleted file mode 100644 index 6ff0e8b..0000000 --- a/conf/arm64.src +++ /dev/null @@ -1,6 +0,0 @@ -SOURCE_URL=https://github.com/AdguardTeam/AdGuardHome/releases/download/v0.107.41/AdGuardHome_linux_arm64.tar.gz -SOURCE_SUM=e23f5164a832c8647e0035b03189dc9c72821e9216ee5a5f8057739b8d072539 -SOURCE_SUM_PRG=sha256sum -SOURCE_FORMAT=tar.gz -SOURCE_IN_SUBDIR=2 -SOURCE_EXTRACT=true diff --git a/conf/armhf.src b/conf/armhf.src deleted file mode 100644 index 23c5023..0000000 --- a/conf/armhf.src +++ /dev/null @@ -1,6 +0,0 @@ -SOURCE_URL=https://github.com/AdguardTeam/AdGuardHome/releases/download/v0.107.41/AdGuardHome_linux_armv7.tar.gz -SOURCE_SUM=0ded3fcc63b009d7934730fd31e698b700153e6ac7dc205f5aa7352810a309d7 -SOURCE_SUM_PRG=sha256sum -SOURCE_FORMAT=tar.gz -SOURCE_IN_SUBDIR=2 -SOURCE_EXTRACT=true diff --git a/conf/systemd.service b/conf/systemd.service index 8f278e9..7705193 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -1,6 +1,6 @@ [Unit] -Description=AdGuard Home: Network-level blocker -ConditionFileIsExecutable=__FINALPATH__/AdGuardHome +Description=AdGuardHome: Network-level blocker +ConditionFileIsExecutable=__INSTALL_DIR__/AdGuardHome After=syslog.target network-online.target [Service] @@ -9,8 +9,8 @@ User=__APP__ Group=__APP__ StartLimitInterval=5 StartLimitBurst=10 -WorkingDirectory=__FINALPATH__/ -ExecStart=__FINALPATH__/AdGuardHome +WorkingDirectory=__INSTALL_DIR__/ +ExecStart=__INSTALL_DIR__/AdGuardHome Restart=always RestartSec=10 #EnvironmentFile=-/etc/sysconfig/AdGuardHome diff --git a/config_panel.toml b/config_panel.toml index fd8de27..c8db66c 100644 --- a/config_panel.toml +++ b/config_panel.toml @@ -1,16 +1,12 @@ version = "1.0" [main] -name = "Adguard configuration" - +name = "AdguardHome configuration" services = ["__APP__"] -[main.options] -name = "Enable some features" - -[main.options.dns_over_https] -ask = "Enable DNS-over-HTTPS" -bind = "allow_unencrypted_doh:__FINALPATH__/AdGuardHome.yaml" -no = "false" -type = "boolean" -yes = "true" + [main.options.dns_over_https] + ask = "Enable DNS-over-HTTPS" + type = "boolean" + yes = "true" + no = "false" + bind = "allow_unencrypted_doh:__INSTALL_DIR__/AdGuardHome.yaml" diff --git a/doc/DISCLAIMER.md b/doc/DISCLAIMER.md deleted file mode 100644 index e69de29..0000000 diff --git a/doc/DISCLAIMER_fr.md b/doc/DISCLAIMER_fr.md deleted file mode 100644 index e69de29..0000000 diff --git a/manifest.json b/manifest.json deleted file mode 100644 index eadd76b..0000000 --- a/manifest.json +++ /dev/null @@ -1,60 +0,0 @@ -{ - "name": "AdGuard Home", - "id": "adguardhome", - "packaging_format": 1, - "description": { - "en": "Network-wide ads & trackers blocking DNS server", - "fr": "Serveur DNS, bloqueur de publicités et trackers" - }, - "version": "0.107.41~ynh1", - "url": "https://adguard.com/adguard-home.html", - "upstream": { - "license": "GPL-3.0", - "website": "https://adguard.com/adguard-home.html", - "admindoc": "https://github.com/AdguardTeam/AdGuardHome/wiki", - "userdoc": "https://kb.adguard.com/en", - "code": "https://github.com/AdguardTeam/AdGuardHome", - "cpe": "cpe:2.3:a:adguard:adguardhome" - }, - "license": "GPL-3.0", - "maintainer": { - "name": "ddataa", - "email": "" - }, - "requirements": { - "yunohost": ">= 4.3.0" - }, - "multi_instance": false, - "services": [ - "nginx" - ], - "arguments": { - "install": [ - { - "name": "domain", - "type": "domain" - }, - { - "name": "path", - "type": "path", - "default": "/adguard" - }, - { - "name": "admin", - "type": "user" - }, - { - "name": "password", - "type": "password" - }, - { - "name": "dns_over_https", - "type": "boolean", - "ask": { - "en": "Should DNS-over-HTTPS be enabled? (If so, anyone who knows your adguard address can make a doh request to https://adguardomain.tld/dns-query)" - }, - "default": true - } - ] - } -} diff --git a/manifest.toml b/manifest.toml new file mode 100644 index 0000000..d741e31 --- /dev/null +++ b/manifest.toml @@ -0,0 +1,84 @@ +packaging_format = 2 + +id = "adguardhome" +name = "AdGuard Home" +description.en = "Network-wide ads & trackers blocking DNS server" +description.fr = "Serveur DNS, bloqueur de publicités et trackers" + +version = "0.107.41~ynh1" + +maintainers = ["ddataa"] + +[upstream] +license = "GPL-3.0" +website = "https://adguard.com/adguard-home.html" +admindoc = "https://github.com/AdguardTeam/AdGuardHome/wiki" +userdoc = "https://kb.adguard.com/en" +code = "https://github.com/AdguardTeam/AdGuardHome" + +[integration] +yunohost = ">= 11.2" +architectures = "all" +multi_instance = false +ldap = false +sso = false +disk = "50M" +ram.build = "50M" +ram.runtime = "50M" + +[install] + [install.domain] + type = "domain" + + [install.path] + type = "path" + default = "/adguard" + + [install.init_main_permission] + type = "group" + default = "visitors" + + [install.admin] + type = "user" + + [install.password] + type = "password" + + [install.dns_over_https] + ask.en = "Should DNS-over-HTTPS be enabled? (If so, anyone who knows your adguard address can make a doh request to https://adguardomain.tld/dns-query)" + type = "boolean" + default = true + +[resources] + [resources.sources.main] + in_subdir = "2" + arm64.url = "https://github.com/AdguardTeam/AdGuardHome/releases/download/v0.107.41/AdGuardHome_linux_arm64.tar.gz" + arm64.sha256 = "e23f5164a832c8647e0035b03189dc9c72821e9216ee5a5f8057739b8d072539" + amd64.url = "https://github.com/AdguardTeam/AdGuardHome/releases/download/v0.107.41/AdGuardHome_linux_amd64.tar.gz" + amd64.sha256 = "9e171202103ff57bd4ddebc280cbc71eb7a33f5b1ba23170f462b3dfcdca93f5" + armhf.url = "https://github.com/AdguardTeam/AdGuardHome/releases/download/v0.107.41/AdGuardHome_linux_armv7.tar.gz" + armhf.sha256 = "0ded3fcc63b009d7934730fd31e698b700153e6ac7dc205f5aa7352810a309d7" + + autoupdate.strategy = "latest_github_release" + autoupdate.asset.amd64 = "^AdGuardHome_linux_amd64.tar.gz$" + autoupdate.asset.arm64 = "^AdGuardHome_linux_arm64.tar.gz$" + autoupdate.asset.armhf = "^AdGuardHome_linux_armv7.tar.gz$" + + [resources.ports] + adguard.default = 53 + adguard.exposed = "Both" + + [resources.system_user] + + [resources.install_dir] + + [resources.permissions] + main.url = "/" + api.url = "/re:__DOMAIN__/dns-query" + api.allowed = "visitors" + api.auth_header = false + api.show_tile = false + api.protected = true + + [resources.apt] + packages ="python3-bcrypt, python3-yaml" diff --git a/scripts/_common.sh b/scripts/_common.sh index e64c6cc..944a65e 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -4,9 +4,6 @@ # COMMON VARIABLES #================================================= -# dependencies used by the scripts (generating password and processing IPs) -pkg_dependencies="python3-bcrypt python3-yaml" - #================================================= # PERSONAL HELPERS #================================================= diff --git a/scripts/actions/reset_default_config b/scripts/actions/reset_default_config deleted file mode 100644 index c8d6bff..0000000 --- a/scripts/actions/reset_default_config +++ /dev/null @@ -1,65 +0,0 @@ -#!/bin/bash - -#================================================= -# GENERIC STARTING -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - -source scripts/_common.sh -source /usr/share/yunohost/helpers - -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= - -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# RETRIEVE ARGUMENTS -#================================================= - -app=$YNH_APP_INSTANCE_NAME - -admin=$(ynh_app_setting_get --app=$app --key=admin) -password=$(ynh_app_setting_get --app=$app --key=password) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -port=$(ynh_app_setting_get --app=$app --key=port) -adguard_port=$(ynh_app_setting_get --app=$app --key=adguard_port) -dns_over_https=$(ynh_app_setting_get --app=$app --key=dns_over_https) - -ipv4_route_output=$(echo "$(ip -4 route get 1.2.3.4 2> /dev/null)" | head -n1) -ipv6_route_output=$(echo "$(ip -6 route get ::1.2.3.4 2> /dev/null)" | head -n1) - -ipv4_addr="" -for i in $(seq "$(echo $ipv4_route_output | wc -w)" -1 1); do - ip=$(echo $ipv4_route_output | awk "{print \$$i}") - if ynh_validate_ip4 --ip_address=$ip; then - ipv4_addr="- $ip" - break - fi -done - -ipv6_addr="" -for i in $(seq "$(echo $ipv6_route_output | wc -w)" -1 1); do - ip=$(echo $ipv6_route_output | awk "{print \$$i}") - if ynh_validate_ip6 --ip_address=$ip; then - ipv6_addr="- $ip" - break - fi -done - -#================================================= -# RESET THE CONFIG FILE -#================================================= -ynh_script_progression --message="Updating a configuration file..." --weight=1 - -ynh_add_config --template="../conf/AdGuardHome.yaml" --destination="$final_path/AdGuardHome.yaml" - -#================================================= -# RESTART SYSTEMD SERVICE -#================================================= -ynh_script_progression --message="Restarting a systemd service..." --weight=1 - -ynh_systemd_action --service_name=$app --action="restart" diff --git a/scripts/backup b/scripts/backup index 7062e29..250b80f 100644 --- a/scripts/backup +++ b/scripts/backup @@ -10,26 +10,6 @@ source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= - -ynh_clean_setup () { - true -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# LOAD SETTINGS -#================================================= -ynh_print_info --message="Loading installation settings..." - -app=$YNH_APP_INSTANCE_NAME - -final_path=$(ynh_app_setting_get --app="$app" --key=final_path) -domain=$(ynh_app_setting_get --app="$app" --key=domain) - #================================================= # DECLARE DATA AND CONF FILES TO BACKUP #================================================= @@ -39,7 +19,7 @@ ynh_print_info --message="Declaring files to be backed up..." # BACKUP THE APP MAIN DIR #================================================= -ynh_backup --src_path="$final_path" +ynh_backup --src_path="$install_dir" #================================================= # BACKUP THE NGINX CONFIGURATION diff --git a/scripts/change_url b/scripts/change_url index 42c3942..5c25374 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -9,60 +9,6 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# RETRIEVE ARGUMENTS -#================================================= - -old_domain=$YNH_APP_OLD_DOMAIN -old_path=$YNH_APP_OLD_PATH - -new_domain=$YNH_APP_NEW_DOMAIN -new_path=$YNH_APP_NEW_PATH - -app=$YNH_APP_INSTANCE_NAME - -#================================================= -# LOAD SETTINGS -#================================================= -ynh_script_progression --message="Loading installation settings..." --weight=1 - -# Needed for helper "ynh_add_nginx_config" -final_path=$(ynh_app_setting_get --app="$app" --key=final_path) -port=$(ynh_app_setting_get --app="$app" --key=port) - -#================================================= -# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP -#================================================= -ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=1 - -# Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { - # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location. - ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" - - # Restore it if the upgrade fails - ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# CHECK WHICH PARTS SHOULD BE CHANGED -#================================================= - -change_domain=0 -if [ "$old_domain" != "$new_domain" ] -then - change_domain=1 -fi - -change_path=0 -if [ "$old_path" != "$new_path" ] -then - change_path=1 -fi - #================================================= # STANDARD MODIFICATIONS #================================================= @@ -70,36 +16,14 @@ fi #================================================= ynh_script_progression --message="Stopping a systemd service..." --weight=1 -ynh_systemd_action --service_name="$app" --action="stop" +ynh_systemd_action --service_name=$app --action="stop" --log_path="systemd" #================================================= # MODIFY URL IN NGINX CONF #================================================= ynh_script_progression --message="Updating NGINX web server configuration..." --weight=1 -nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf - -# Change the path in the NGINX config file -if [ $change_path -eq 1 ] -then - # Make a backup of the original NGINX config file if modified - ynh_backup_if_checksum_is_different --file="$nginx_conf_path" - # Set global variables for NGINX helper - domain="$old_domain" - path_url="$new_path" - # Create a dedicated NGINX config - ynh_add_nginx_config -fi - -# Change the domain for NGINX -if [ $change_domain -eq 1 ] -then - # Delete file checksum for the old conf file location - ynh_delete_file_checksum --file="$nginx_conf_path" - mv "$nginx_conf_path" "/etc/nginx/conf.d/$new_domain.d/$app.conf" - # Store file checksum for the new config file location - ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" -fi +ynh_change_url_nginx_config #================================================= # GENERIC FINALISATION @@ -108,14 +32,7 @@ fi #================================================= ynh_script_progression --message="Starting a systemd service..." --weight=1 -ynh_systemd_action --service_name="$app" --action="start" - -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." --weight=1 - -ynh_systemd_action --service_name=nginx --action=reload +ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" #================================================= # END OF SCRIPT diff --git a/scripts/install b/scripts/install index 29e323c..5c2e176 100644 --- a/scripts/install +++ b/scripts/install @@ -9,48 +9,11 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= - -ynh_clean_setup () { - ynh_clean_check_starting -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# RETRIEVE ARGUMENTS FROM THE MANIFEST -#================================================= - -domain=$YNH_APP_ARG_DOMAIN -path_url=$YNH_APP_ARG_PATH -admin=$YNH_APP_ARG_ADMIN -password=$YNH_APP_ARG_PASSWORD -dns_over_https=$YNH_APP_ARG_DNS_OVER_HTTPS - -app=$YNH_APP_INSTANCE_NAME - -#================================================= -# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS -#================================================= -ynh_script_progression --message="Validating installation parameters..." --weight=1 - -final_path="/var/www/$app" -test ! -e "$final_path" || ynh_die --message="This path already contains a folder" - -# Register (book) web path -ynh_webpath_register --app="$app" --domain="$domain" --path_url="$path_url" - #================================================= # STORE SETTINGS FROM MANIFEST #================================================= ynh_script_progression --message="Storing installation settings..." --weight=2 -ynh_app_setting_set --app="$app" --key=domain --value="$domain" -ynh_app_setting_set --app="$app" --key=path --value="$path_url" -ynh_app_setting_set --app="$app" --key=admin --value="$admin" - if [ "$dns_over_https" == "1" ]; then dns_over_https="true" @@ -68,54 +31,18 @@ else fi ynh_app_setting_set --app="$app" --key=dns_over_https --value=$dns_over_https -#================================================= -# STANDARD MODIFICATIONS -#================================================= -# FIND AND OPEN A PORT -#================================================= -ynh_script_progression --message="Finding an available port..." --weight=1 - -# Find an available port -port=$(ynh_find_port --port=3000) -ynh_app_setting_set --app="$app" --key=port --value="$port" - -# Find an available port -adguard_port=53 -ynh_app_setting_set --app="$app" --key=adguard_port --value=$adguard_port - -# Disable the port 53 for upnp -ynh_exec_warn_less yunohost firewall allow --no-upnp TCP $adguard_port -ynh_exec_warn_less yunohost firewall allow --no-upnp UDP $adguard_port - -#================================================= -# INSTALL DEPENDENCIES -#================================================= -ynh_script_progression --message="Installing dependencies..." --weight=1 - -ynh_install_app_dependencies "$pkg_dependencies" - -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." --weight=1 - -# Create a system user -ynh_system_user_create --username="$app" --home_dir="$final_path" --groups="ssl-cert" - #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= ynh_script_progression --message="Setting up source files..." --weight=4 -ynh_app_setting_set --app="$app" --key=final_path --value="$final_path" # Download, check integrity, uncompress and patch the source from app.src -ynh_setup_source --dest_dir="$final_path" --source_id="$YNH_ARCH" +ynh_setup_source --dest_dir=$install_dir -chmod 750 "$final_path" -chmod -R o-rwx "$final_path" -chown -R "$app":"$app" "$final_path" +chmod -R o-rwx "$install_dir" +chown -R $app:$app "$install_dir" -setcap 'CAP_NET_BIND_SERVICE=+eip CAP_NET_RAW=+eip' "$final_path"/AdGuardHome +setcap 'CAP_NET_BIND_SERVICE=+eip CAP_NET_RAW=+eip' $install_dir/AdGuardHome #================================================= # NGINX CONFIGURATION @@ -179,10 +106,10 @@ password=$(python3 -c "import bcrypt; print(bcrypt.hashpw(b\"$password\", bcrypt ynh_app_setting_set --app="$app" --key=password --value="$password" # Main config File -ynh_add_config --template="../conf/AdGuardHome.yaml" --destination="$final_path/AdGuardHome.yaml" +ynh_add_config --template="../conf/AdGuardHome.yaml" --destination="$install_dir/AdGuardHome.yaml" -chmod 600 "$final_path/AdGuardHome.yaml" -chown -R "$app":"$app" "$final_path/AdGuardHome.yaml" +chmod 600 "$install_dir/AdGuardHome.yaml" +chown -R $app:$app "$install_dir/AdGuardHome.yaml" #================================================= # SETUP SYSTEMD @@ -192,14 +119,7 @@ ynh_script_progression --message="Configuring a systemd service..." --weight=1 # Create a dedicated systemd config ynh_add_systemd_config -#================================================= -# GENERIC FINALIZATION -#================================================= -# INTEGRATE SERVICE IN YUNOHOST -#================================================= -ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 - -yunohost service add "$app" --description="Ads & trackers blocking DNS server" --needs_exposed_ports $adguard_port +yunohost service add $app --description="Ads & trackers blocking DNS server" --needs_exposed_ports $port_adguard #================================================= # START SYSTEMD SERVICE @@ -209,20 +129,6 @@ ynh_script_progression --message="Starting a systemd service..." --weight=2 # Start a systemd service ynh_systemd_action --service_name="$app" --action="restart" --log_path=systemd -#================================================= -# SETUP SSOWAT -#================================================= -ynh_script_progression --message="Configuring permissions..." - -ynh_permission_create --permission="api" --label="api" --url="re:$domain/dns-query" --allowed="visitors" --auth_header="false" --show_tile="false" --protected="true" - -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." --weight=2 - -ynh_systemd_action --service_name=nginx --action=reload - #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/remove b/scripts/remove index 307ae29..e21957a 100644 --- a/scripts/remove +++ b/scripts/remove @@ -9,18 +9,6 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# LOAD SETTINGS -#================================================= -ynh_script_progression --message="Loading installation settings..." --weight=1 - -app=$YNH_APP_INSTANCE_NAME - -domain=$(ynh_app_setting_get --app="$app" --key=domain) -port=$(ynh_app_setting_get --app="$app" --key=port) -final_path=$(ynh_app_setting_get --app="$app" --key=final_path) -adguard_port=$(ynh_app_setting_get --app="$app" --key=adguard_port) - #================================================= # STANDARD REMOVE #================================================= @@ -34,56 +22,12 @@ then yunohost service remove "$app" fi -#================================================= -# STOP AND REMOVE SERVICE -#================================================= -ynh_script_progression --message="Stopping and removing the systemd service..." --weight=1 - # Remove the dedicated systemd config ynh_remove_systemd_config -#================================================= -# REMOVE APP MAIN DIR -#================================================= -ynh_script_progression --message="Removing app main directory..." --weight=1 - -# Remove the app directory securely -ynh_secure_remove --file="$final_path" - -#================================================= -# REMOVE NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Removing NGINX web server configuration..." --weight=1 - # Remove the dedicated NGINX config ynh_remove_nginx_config -#================================================= -# REMOVE DEPENDENCIES -#================================================= -ynh_script_progression --message="Removing dependencies..." --weight=1 - -# Remove metapackage and its dependencies -ynh_remove_app_dependencies - -#================================================= -# CLOSE A PORT -#================================================= - -if yunohost firewall list | grep -q "\- $adguard_port$" -then - ynh_script_progression --message="Closing port $adguard_port..." --weight=1 - ynh_exec_warn_less yunohost firewall disallow TCP "$adguard_port" -fi - -#================================================= -# REMOVE DEDICATED USER -#================================================= -ynh_script_progression --message="Removing the dedicated system user..." --weight=1 - -# Delete a system user -ynh_system_user_delete --username="$app" - #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/restore b/scripts/restore index a4f761d..6070641 100644 --- a/scripts/restore +++ b/scripts/restore @@ -10,94 +10,24 @@ source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= - -ynh_clean_setup () { - ynh_clean_check_starting -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# LOAD SETTINGS -#================================================= -ynh_script_progression --message="Loading installation settings..." --weight=1 - -app=$YNH_APP_INSTANCE_NAME - -domain=$(ynh_app_setting_get --app="$app" --key=domain) -path_url=$(ynh_app_setting_get --app="$app" --key=path) -final_path=$(ynh_app_setting_get --app="$app" --key=final_path) -adguard_port=$(ynh_app_setting_get --app="$app" --key=adguard_port) - -#================================================= -# CHECK IF THE APP CAN BE RESTORED -#================================================= -ynh_script_progression --message="Validating restoration parameters..." --weight=1 - -test ! -d "$final_path" \ - || ynh_die --message="There is already a directory: $final_path " - -#================================================= -# STANDARD RESTORATION STEPS -#================================================= -# RECREATE THE DEDICATED USER -#================================================= -ynh_script_progression --message="Recreating the dedicated system user..." --weight=1 - -# Create the dedicated user (if not existing) -ynh_system_user_create --username="$app" --home_dir="$final_path" - #================================================= # RESTORE THE APP MAIN DIR #================================================= ynh_script_progression --message="Restoring the app main directory..." --weight=1 -ynh_restore_file --origin_path="$final_path" +ynh_restore_file --origin_path="$install_dir" # this will be treated as a security issue. -chmod 750 "$final_path" -chmod -R o-rwx "$final_path" -chown -R "$app":"$app" "$final_path" +chmod 750 "$install_dir" +chmod -R o-rwx "$install_dir" +chown -R $app:$app "$install_dir" -setcap 'CAP_NET_BIND_SERVICE=+eip CAP_NET_RAW=+eip' "$final_path"/AdGuardHome +setcap 'CAP_NET_BIND_SERVICE=+eip CAP_NET_RAW=+eip' $install_dir/AdGuardHome ynh_restore_file --origin_path="/etc/dnsmasq.d/$app" systemctl restart dnsmasq -#================================================= -# DOWNLOAD, CHECK AND UNPACK SOURCE -#================================================= - -# compare if the system arch is different from the binary arch -# if so, download the correct binary -if [ "$(uname -m)" != "$(file "$final_path"/AdGuardHome | cut -d ',' -f 2 | tr -d ' ')" ] -then - ynh_script_progression --message="Upgrading source files..." --weight=1 - - # Download, check integrity, uncompress and patch the source from app.src - ynh_setup_source --dest_dir="$final_path" --source_id="$YNH_ARCH" -fi - -chmod 750 "$final_path" -chmod -R o-rwx "$final_path" -chown -R "$app":"$app" "$final_path" - -setcap 'CAP_NET_BIND_SERVICE=+eip CAP_NET_RAW=+eip' "$final_path"/AdGuardHome - -#================================================= -# SPECIFIC RESTORATION -#================================================= -# REINSTALL DEPENDENCIES -#================================================= -ynh_script_progression --message="Reinstalling dependencies..." --weight=1 - -# Define and install dependencies -ynh_install_app_dependencies "$pkg_dependencies" - #================================================= # RESTORE THE NGINX CONFIGURATION #================================================= @@ -105,20 +35,10 @@ ynh_script_progression --message="Restoring the NGINX web server configuration.. ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" -#================================================= -# RESTORE SYSTEMD -#================================================= -ynh_script_progression --message="Restoring the systemd configuration..." --weight=1 - ynh_restore_file --origin_path="/etc/systemd/system/$app.service" systemctl enable "$app.service" --quiet -#================================================= -# INTEGRATE SERVICE IN YUNOHOST -#================================================= -ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 - -yunohost service add "$app" --description="Ads & trackers blocking DNS server" --needs_exposed_ports "$adguard_port" +yunohost service add $app --description="Ads & trackers blocking DNS server" --needs_exposed_ports $port_adguard #================================================= # START SYSTEMD SERVICE @@ -127,13 +47,6 @@ ynh_script_progression --message="Starting a systemd service..." --weight=1 ynh_systemd_action --service_name="$app" --action="restart" --log_path="systemd" -#================================================= -# GENERIC FINALIZATION -#================================================= -# RELOAD NGINX AND PHP-FPM -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." --weight=1 - ynh_systemd_action --service_name=nginx --action=reload #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 1336821..d036e39 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -9,44 +9,12 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# LOAD SETTINGS -#================================================= -ynh_script_progression --message="Loading installation settings..." --weight=1 - -app=$YNH_APP_INSTANCE_NAME - -domain=$(ynh_app_setting_get --app="$app" --key=domain) -path_url=$(ynh_app_setting_get --app="$app" --key=path) -admin=$(ynh_app_setting_get --app="$app" --key=admin) -password=$(ynh_app_setting_get --app="$app" --key=password) -final_path=$(ynh_app_setting_get --app="$app" --key=final_path) -port=$(ynh_app_setting_get --app="$app" --key=port) -adguard_port=$(ynh_app_setting_get --app="$app" --key=adguard_port) -dns_over_https=$(ynh_app_setting_get --app="$app" --key=dns_over_https) - #================================================= # CHECK VERSION #================================================= -ynh_script_progression --message="Checking version..." upgrade_type=$(ynh_check_app_version_changed) -#================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP -#================================================= -ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=1 - -# Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { - ynh_clean_check_starting - # Restore it if the upgrade fails - ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - #================================================= # STANDARD UPGRADE STEPS #================================================= @@ -56,40 +24,18 @@ ynh_script_progression --message="Stopping a systemd service..." --weight=1 ynh_systemd_action --service_name="$app" --action="stop" -# Disable the port 53 for upnp -ynh_exec_warn_less yunohost firewall allow --no-upnp TCP "$adguard_port" -ynh_exec_warn_less yunohost firewall allow --no-upnp UDP "$adguard_port" - #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= ynh_script_progression --message="Ensuring downward compatibility..." --weight=1 -# Cleaning legacy permissions -if ynh_legacy_permissions_exists; then - ynh_legacy_permissions_delete_all - - ynh_app_setting_delete --app="$app" --key=is_public -fi - -# The dns port should be 53 -if [ "$adguard_port" -ne "53" ]; then - adguard_port=53 - ynh_app_setting_set --app="$app" --key=adguard_port --value="$adguard_port" -fi - -# Create a permission if needed -if ! ynh_permission_exists --permission="api"; then - ynh_permission_create --permission="api" --label="api" --url="re:$domain/dns-query" --allowed="visitors" --auth_header="false" --show_tile="false" --protected="true" -fi - if [ -n "$dns_over_https" ] && [ "$dns_over_https" == "1" ]; then dns_over_https="true" ynh_app_setting_set --app="$app" --key=dns_over_https --value=$dns_over_https # DNS over TLS adguard_DoT_port=853 - ynh_app_setting_set --app="$app" --key=adguard_DoT_port --value=$adguard_DoT_port + ynh_app_setting_set --app=$app --key=adguard_DoT_port --value=$adguard_DoT_port ynh_exec_warn_less yunohost firewall allow --no-upnp UDP $adguard_DoT_port ynh_exec_warn_less yunohost firewall allow --no-upnp TCP $adguard_DoT_port # DNS over QUIC @@ -102,14 +48,6 @@ then ynh_app_setting_set --app="$app" --key=dns_over_https --value=$dns_over_https fi -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 - -# Create a dedicated user (if not existing) -ynh_system_user_create --username="$app" --home_dir="$final_path" --groups="ssl-cert" - #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -119,21 +57,13 @@ then ynh_script_progression --message="Upgrading source files..." --weight=1 # Download, check integrity, uncompress and patch the source from app.src - ynh_setup_source --dest_dir="$final_path" --source_id="$YNH_ARCH" + ynh_setup_source --dest_dir=$install_dir fi -chmod 750 "$final_path" -chmod -R o-rwx "$final_path" -chown -R "$app":"$app" "$final_path" +chmod -R o-rwx "$install_dir" +chown -R $app:$app "$install_dir" -setcap 'CAP_NET_BIND_SERVICE=+eip CAP_NET_RAW=+eip' "$final_path"/AdGuardHome - -#================================================= -# UPGRADE DEPENDENCIES -#================================================= -ynh_script_progression --message="Upgrading dependencies..." --weight=1 - -ynh_install_app_dependencies "$pkg_dependencies" +setcap 'CAP_NET_BIND_SERVICE=+eip CAP_NET_RAW=+eip' $install_dir/AdGuardHome #================================================= # NGINX CONFIGURATION @@ -143,6 +73,11 @@ ynh_script_progression --message="Upgrading NGINX web server configuration..." - # Create a dedicated NGINX config ynh_add_nginx_config +# Create a dedicated systemd config +ynh_add_systemd_config + +yunohost service add $app --description="Ads & trackers blocking DNS server" --needs_exposed_ports $port_adguard + #================================================= # SPECIFIC UPGRADE #================================================= @@ -194,7 +129,7 @@ done # Reset the bind_hosts if the current ip is 0.0.0.0 python3 -c "import yaml -with open(\"$final_path/AdGuardHome.yaml\", 'r') as file: +with open(\"$install_dir/AdGuardHome.yaml\", 'r') as file: conf_file = yaml.safe_load(file) need_file_update = False @@ -207,32 +142,17 @@ if \"0.0.0.0\" in conf_file[\"dns\"][\"bind_hosts\"]: conf_file[\"dns\"][\"bind_hosts\"].append(\"$ipv6_addr\") need_file_update = True -if conf_file[\"dns\"][\"port\"] != $adguard_port: - conf_file[\"dns\"][\"port\"] = $adguard_port +if conf_file[\"dns\"][\"port\"] != $port_adguard: + conf_file[\"dns\"][\"port\"] = $port_adguard need_file_update = True if need_file_update: - with open(\"$final_path/AdGuardHome.yaml\", 'w') as file: + with open(\"$install_dir/AdGuardHome.yaml\", 'w') as file: yaml.dump(conf_file, file) " -chmod 600 "$final_path/AdGuardHome.yaml" -chown -R "$app":"$app" "$final_path/AdGuardHome.yaml" - -#================================================= -# SETUP SYSTEMD -#================================================= -ynh_script_progression --message="Upgrading systemd configuration..." --weight=1 - -# Create a dedicated systemd config -ynh_add_systemd_config - -#================================================= -# INTEGRATE SERVICE IN YUNOHOST -#================================================= -ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 - -yunohost service add "$app" --description="Ads & trackers blocking DNS server" --needs_exposed_ports "$adguard_port" +chmod 600 "$install_dir/AdGuardHome.yaml" +chown -R $app:$app "$install_dir/AdGuardHome.yaml" #================================================= # START SYSTEMD SERVICE @@ -241,13 +161,6 @@ ynh_script_progression --message="Starting a systemd service..." --weight=1 ynh_systemd_action --service_name="$app" --action="restart" --log_path="systemd" -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." --weight=1 - -ynh_systemd_action --service_name=nginx --action=reload - #================================================= # END OF SCRIPT #================================================= diff --git a/tests.toml b/tests.toml new file mode 100644 index 0000000..00d7469 --- /dev/null +++ b/tests.toml @@ -0,0 +1,9 @@ +test_format = 1.0 + +[default] + + # ------------------------------- + # Default args to use for install + # ------------------------------- + + args.dns_over_https=1 \ No newline at end of file