From b22cb373fc7086a6e048a5232dd13454e11e6118 Mon Sep 17 00:00:00 2001 From: mhfowler Date: Wed, 18 Aug 2021 12:15:22 +0200 Subject: [PATCH] Working ynh --- conf/app.src | 7 --- conf/nginx.conf | 37 ++++++-------- conf/start.sh | 4 +- scripts/_common.sh | 2 +- scripts/backup | 19 ------- scripts/change_url | 10 ---- scripts/install | 122 ++++++++++++++++----------------------------- scripts/restore | 29 ----------- scripts/upgrade | 10 +--- 9 files changed, 61 insertions(+), 179 deletions(-) delete mode 100644 conf/app.src diff --git a/conf/app.src b/conf/app.src deleted file mode 100644 index 17489bf..0000000 --- a/conf/app.src +++ /dev/null @@ -1,7 +0,0 @@ -SOURCE_URL=url of app's source -SOURCE_SUM=sha256 checksum -SOURCE_SUM_PRG=sha256sum -SOURCE_FORMAT=tar.gz -SOURCE_IN_SUBDIR=true -SOURCE_FILENAME= -SOURCE_EXTRACT=true diff --git a/conf/nginx.conf b/conf/nginx.conf index 37de41d..ce46a28 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,33 +1,24 @@ -#sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; location __PATH__/ { - # Path to source - alias __FINALPATH__/ ; - # Force usage of https if ($scheme = http) { - rewrite ^ https://$server_name$request_uri? permanent; + rewrite ^ https://$server_name$request_uri? permanent; } -### Example PHP configuration (remove it if not used) - index index.php; - - # Common parameter to increase upload size limit in conjunction with dedicated php-fpm file - #client_max_body_size 50M; - - try_files $uri $uri/ index.php; - location ~ [^/]\.php(/|$) { - fastcgi_split_path_info ^(.+?\.php)(/.*)$; - fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock; - - fastcgi_index index.php; - include fastcgi_params; - fastcgi_param REMOTE_USER $remote_user; - fastcgi_param PATH_INFO $fastcgi_path_info; - fastcgi_param SCRIPT_FILENAME $request_filename; - } -### End of PHP configuration part + proxy_set_header Accept-Encoding ""; + try_files $uri @proxy; # Include SSOWAT user panel. include conf.d/yunohost_panel.conf.inc; } + +location @proxy { + proxy_pass http://127.0.0.1:__PORT__; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Host $server_name; + proxy_set_header X-Forwarded-Proto https; + proxy_set_header Proxy ""; + proxy_pass_header Server; +} \ No newline at end of file diff --git a/conf/start.sh b/conf/start.sh index e3f1df1..f506584 100644 --- a/conf/start.sh +++ b/conf/start.sh @@ -1,3 +1,3 @@ #!/usr/bin/env bash -/var/www/example/venv/bin/activate -archivebox server \ No newline at end of file +__FINALPATH__/venv/bin/activate +archivebox server __PORT__ \ No newline at end of file diff --git a/scripts/_common.sh b/scripts/_common.sh index 790bb05..026c8d0 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -5,7 +5,7 @@ #================================================= # dependencies used by the app -pkg_dependencies="python3-venv" +pkg_dependencies="python3-venv expect" #================================================= # PERSONAL HELPERS diff --git a/scripts/backup b/scripts/backup index f99225d..f9d4080 100755 --- a/scripts/backup +++ b/scripts/backup @@ -31,7 +31,6 @@ app=$YNH_APP_INSTANCE_NAME final_path=$(ynh_app_setting_get --app=$app --key=final_path) domain=$(ynh_app_setting_get --app=$app --key=domain) db_name=$(ynh_app_setting_get --app=$app --key=db_name) -phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) datadir=$(ynh_app_setting_get --app=$app --key=datadir) #================================================= @@ -62,12 +61,6 @@ ynh_backup --src_path="$datadir" --is_big ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" -#================================================= -# BACKUP THE PHP-FPM CONFIGURATION -#================================================= - -ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" - #================================================= # BACKUP FAIL2BAN CONFIGURATION #================================================= @@ -93,20 +86,8 @@ ynh_backup --src_path="/etc/systemd/system/$app.service" # BACKUP VARIOUS FILES #================================================= -ynh_backup --src_path="/etc/cron.d/$app" - ynh_backup --src_path="/etc/$app/" -#================================================= -# BACKUP THE MYSQL DATABASE -#================================================= -ynh_print_info --message="Backing up the MySQL database..." - -### (However, things like MySQL dumps *do* take some time to run, though the -### copy of the generated dump to the archive still happens later) - -ynh_mysql_dump_db --database="$db_name" > db.sql - #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/change_url b/scripts/change_url index 495b7eb..bc7e2af 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -29,10 +29,6 @@ ynh_script_progression --message="Loading installation settings..." --time --wei # Needed for helper "ynh_add_nginx_config" final_path=$(ynh_app_setting_get --app=$app --key=final_path) -# Add settings here as needed by your application -#db_name=$(ynh_app_setting_get --app=$app --key=db_name) -#db_user=$db_name -#db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd) #================================================= # BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP @@ -105,12 +101,6 @@ then ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" fi -#================================================= -# SPECIFIC MODIFICATIONS -#================================================= -# ... -#================================================= - #================================================= # GENERIC FINALISATION #================================================= diff --git a/scripts/install b/scripts/install index 354e64e..a28bde9 100755 --- a/scripts/install +++ b/scripts/install @@ -31,6 +31,8 @@ is_public=$YNH_APP_ARG_IS_PUBLIC language=$YNH_APP_ARG_LANGUAGE password=$YNH_APP_ARG_PASSWORD +admin_mail=$(ynh_user_get_info $admin 'mail') + ### If it's a multi-instance app, meaning it can be installed several times independently ### The id of the app as stated in the manifest is available as $YNH_APP_ID ### The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2"...) @@ -95,7 +97,7 @@ ynh_app_setting_set --app=$app --key=port --value=$port # Optional: Expose this port publicly # (N.B.: you only need to do this if the app actually needs to expose the port publicly. # If you do this and the app doesn't actually need you are CREATING SECURITY HOLES IN THE SERVER !) - +# TODO: test without this line # Open the port ynh_script_progression --message="Configuring firewall..." --time --weight=1 ynh_exec_warn_less yunohost firewall allow --no-upnp TCP $port @@ -105,14 +107,6 @@ ynh_exec_warn_less yunohost firewall allow --no-upnp TCP $port #================================================= ynh_script_progression --message="Installing dependencies..." --time --weight=1 -### `ynh_install_app_dependencies` allows you to add any "apt" dependencies to the package. -### Those deb packages will be installed as dependencies of this package. -### If you're not using this helper: -### - Remove the section "REMOVE DEPENDENCIES" in the remove script -### - Remove the variable "pkg_dependencies" in _common.sh -### - As well as the section "REINSTALL DEPENDENCIES" in the restore script -### - And the section "UPGRADE DEPENDENCIES" in the upgrade script - ynh_install_app_dependencies $pkg_dependencies #================================================= @@ -123,26 +117,6 @@ ynh_script_progression --message="Configuring system user..." --time --weight=1 # Create a system user ynh_system_user_create --username=$app --home_dir="$final_path" -# TODO: remove mysql section -#================================================= -# CREATE A MYSQL DATABASE -#================================================= -#ynh_script_progression --message="Creating a MySQL database..." --time --weight=1 - -### Use these lines if you need a database for the application. -### `ynh_mysql_setup_db` will create a database, an associated user and a ramdom password. -### The password will be stored as 'mysqlpwd' into the app settings, -### and will be available as $db_pwd -### If you're not using these lines: -### - Remove the section "BACKUP THE MYSQL DATABASE" in the backup script -### - Remove also the section "REMOVE THE MYSQL DATABASE" in the remove script -### - As well as the section "RESTORE THE MYSQL DATABASE" in the restore script - -#db_name=$(ynh_sanitize_dbid --db_name=$app) -#db_user=$db_name -#ynh_app_setting_set --app=$app --key=db_name --value=$db_name -#ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name - #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -180,9 +154,6 @@ ynh_add_nginx_config #================================================= # SPECIFIC SETUP #================================================= -# ... -#================================================= - #================================================= # PIP INSTALLATION #================================================= @@ -191,6 +162,8 @@ ynh_script_progression --message="Install project via pip..." --weight=80 python3 -m venv "${final_path}/venv" cp ../conf/requirements.txt "$final_path/requirements.txt" cp ../conf/start.sh "$final_path/start.sh" +ynh_replace_string "__FINALPATH__" "$final_path" "$final_path/start.sh" +ynh_replace_string "__PORT__" "$port" "$final_path/start.sh" chmod 760 "$final_path/start.sh" chown -R "$app" "$final_path" @@ -201,7 +174,6 @@ chown -R "$app" "$final_path" set -o nounset ynh_exec_as $app $final_path/venv/bin/pip install --upgrade pip ynh_exec_as $app $final_path/venv/bin/pip install -r "$final_path/requirements.txt" -# ynh_exec_as $app $final_path/venv/bin/pip install --upgrade "$pip_install_string" ) #================================================= @@ -209,24 +181,12 @@ chown -R "$app" "$final_path" #================================================= ynh_script_progression --message="Creating a data directory..." --time --weight=1 -### Use these lines if you need to create a directory to store "persistent files" for the application. -### Usually this directory is used to store uploaded files or any file that won't be updated during -### an upgrade and that won't be deleted during app removal -### If you're not using these lines: -### - Remove the section "BACKUP THE DATA DIR" in the backup script -### - As well as the section "RESTORE THE DATA DIRECTORY" in the restore script - datadir=/home/yunohost.app/$app ynh_app_setting_set --app=$app --key=datadir --value=$datadir mkdir -p $datadir -# FIXME: this should be managed by the core in the future -# Here, as a packager, you may have to tweak the ownerhsip/permissions -# such that the appropriate users (e.g. maybe www-data) can access -# files in some cases. -# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder - -# this will be treated as a security issue. +# permissions chmod 750 "$datadir" chmod -R o-rwx "$datadir" chown -R $app:www-data "$datadir" @@ -235,7 +195,43 @@ chown -R $app:www-data "$datadir" #================================================= # INITIALIZE ARCHIVEBOX #================================================= -#cd $datadir && ynh_exec_as $app archivebox manage createsuperuser --noinput --username archivebox2 --email max@mfowler.info +ynh_script_progression --message="Initializing Archivebox" --time --weight=1 +cd $datadir && ynh_exec_as $app archivebox init + +ynh_script_progression --message="Checking if admin superuser already exists: $admin" --time --weight=1 +USER_EXISTS=$(cd $datadir && ynh_exec_as $app archivebox manage shell -c "from django.contrib.auth.models import User; print(User.objects.filter(username='$admin').count())") +ynh_script_progression --message="Found users: $USER_EXISTS" --time --weight=1 + +if [ $USER_EXISTS -eq 1 ] +then + ynh_script_progression --message="User already exists: setting admin password" --time --weight=1 +ynh_exec_as $app /usr/bin/expect<