add config & README update

* Fix * Update manifest.json * report @raucao patch-1 & liitle doc corrections * Auto-update README * update config_panel, manifest, check, doc... * Auto-update README * Auto-update README * add signup config (#11) Co-authored-by: Yunohost-Bot <> @ericgaspar * fix details Co-authored-by: ericgaspar <junk.eg@free.fr> Co-authored-by: Yunohost-Bot <>
2024-09-03 18:06:18 +02:00 · 2022-01-21 04:42:56 +01:00 · 2022-01-21 04:42:56 +01:00 · 96f46dff13
commit 96f46dff13
parent a314768dc7
17 changed files with 78 additions and 185 deletions
--- a/README.md
+++ b/README.md
@ -18,7 +18,7 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in

 [Armadietto](https://github.com/remotestorage/armadietto/) is a [remoteStorage](https://remotestorage.io) server written for Node.js.

-Armadietto is maintained by remoteStorage Team [IRC](https://kiwiirc.com/client/irc.freenode.net/#remotestorage)
+Armadietto is maintained by the remoteStorage community, ([IRC](https://web.libera.chat/#remotestorage), [forums](https://community.remotestorage.io/)).

 > ### :warning: WARNING
 > Please do not consider `armadietto` production ready, this project is still
@ -29,16 +29,18 @@ Armadietto is maintained by remoteStorage Team [IRC](https://kiwiirc.com/client/

 **Shipped version:** 0.1.5

+### Installation option 
+
+User registration is not allowed out of the box.
+This option can be enabled in the configuration panel.
+
 ### Application for remoteStorage

-[Click here](https://remotestorage.io/apps/) to see the list of applications that can be used with RemoteStorage.
-
-### Features
-
- liste des caractéristiques...
+[Here](https://remotestorage.io/apps/) is a non-exhaustive list of apps that have integrated remoteStorage as a storage/sync option.


-**Shipped version:** 0.0.2~ynh6
+
+**Shipped version:** 0.0.6~ynh1



@ -49,16 +51,15 @@ Armadietto is maintained by remoteStorage Team [IRC](https://kiwiirc.com/client/
 ## Disclaimers / important information

 ### :warning: WARNING
-Armadietto_ynh still in develoment:
+The Armadietto_ynh package is still under development, so you should expect some undocumented changes before it is labeled stable.

-* Security considerations from [Armadietto](https://github.com/remotestorage/armadietto/) :
+### :information_source: Security considerations from [Armadietto](https://github.com/remotestorage/armadietto/) :

-
->### **Storage security**
+> #### **Storage security**
 >
->In production, we recommend that you restrict access to the files managed by your armadietto server as much as possible. This is particularly true if you host your storage on a machine with other web applications; you need to protect your files in the event that one of those apps is exploited.
+> In production, we recommend that you restrict access to the files managed by your armadietto server as much as possible. This is particularly true if you host your storage on a machine with other web applications; you need to protect your files in the event that one of those apps is exploited.
 >
->You should take these steps to keep your storage safe:
+> You should take these steps to keep your storage safe:
 >
 >    - Pick a unique Unix user to run your server process; no other process on the box should run as this user: sudo useradd armadietto --system --no-create-home
 >
--- a/README_fr.md
+++ b/README_fr.md
@ -14,7 +14,7 @@ Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour

 [Armadietto](https://github.com/remotestorage/armadietto/) est un serveur [remoteStorage](https://remotestorage.io) écrit pour Node.js.

-Armadietto est maintenu par l'équipe remoteStorage [IRC](https://kiwiirc.com/client/irc.freenode.net/#remotestorage).
+Armadietto est maintenu par la communauté remoteStorage, ([IRC](https://web.libera.chat/#remotestorage), [forums](https://community.remotestorage.io/)).

 > ### :warning: WARNING
 > Veuillez ne pas considérer `armadietto` comme prêt pour la production, ce projet est toujours
@ -25,11 +25,16 @@ Armadietto est maintenu par l'équipe remoteStorage [IRC](https://kiwiirc.com/cl

 **Version livrée:** 0.1.5

+### Option d'installation 
+
+L'inscription des utilisateurs n'est pas autorisée par défault.
+Cette option peut être activée via le panneau de configutration.
+
 ### Application pour remoteStorage

-[Cliquez ici](https://remotestorage.io/apps/) pour voir la liste des applications qui peuvent être utilisées avec RemoteStorage.
+[Cliquez ici](https://remotestorage.io/apps/) pour voir une liste non exhaustive d'applications ayant intégré remoteStorage comme option de stockage/synchronisation.

-**Version incluse :** 0.0.2~ynh6
+**Version incluse :** 0.0.6~ynh1



@ -40,13 +45,11 @@ Armadietto est maintenu par l'équipe remoteStorage [IRC](https://kiwiirc.com/cl
 ## Avertissements / informations importantes

 ### :warning: WARNING
-Armadietto_ynh still in develoment:
+Le paquet Armadietto_ynh est toujours en cours de développement, vous devez donc vous attendre à d'éventuels changements non documentés avant qu'il ne soit qualifié de stable.

-* l'authentification unique ou l'intégration LDAP ne fonctionne pas ?
-* Considérations sur la sécurité de [Armadietto](https://github.com/remotestorage/armadietto/) :
+### :information_source: Considérations sur la sécurité de [Armadietto](https://github.com/remotestorage/armadietto/) :

-
-> ### **Sécurité du stockage**
+> #### **Sécurité du stockage**
 > 
 > En production, nous vous recommandons de restreindre autant que possible l'accès aux fichiers gérés par votre serveur armadietto. Ceci est particulièrement vrai si vous hébergez votre stockage sur une machine avec d'autres applications web ; vous devez protéger vos fichiers dans le cas où l'une de ces applications serait exploitée.
 > 
--- a/10
+++ b/10
@ -10,26 +10,22 @@
 		admin="armadietto"
 		language="fr"
 		is_public=1
-		is_signup=true
+		is_signup=0
 		port="8008"
 	; Checks
 		pkg_linter=1
-		setup_sub_dir=0
 		setup_root=1
-		setup_nourl=0
 		setup_private=1
 		setup_public=1
 		upgrade=1
 		# 0.0.2~ynh5 
 		upgrade=1	from_commit=d185b84698a9f7e83eff6bf6dd5606f35282a536
 		backup_restore=1
-		multi_instance=0
-		port_already_use=0
 		change_url=1
 ;;; Options
 Email=
 Notification=none
 ;;; Upgrade options
 	; commit=d185b84698a9f7e83eff6bf6dd5606f35282a536
-		name= Upgrade to version 0.0.2~ynh6
-		manifest_arg=domain=DOMAIN&path=PATH&admin=USER&language=fr&is_public=1&is_signup=true&port=8008&
+		name= Upgrade from version 0.0.2~ynh6
+		manifest_arg=domain=DOMAIN&path=PATH&admin=USER&language=fr&is_public=1&is_signup=0&port=8008&
--- a/conf/config.sample.yml
+++ b/conf/config.sample.yml
@ -1,11 +0,0 @@
-#=================================================
-# ARMADIETTO CONFIGURATION 
-#=================================================
-
-
-final_path: __FINALPATH__
-datadir: __DATADIR__
-port: __PORT__
-domain: __DOMAIN__
-is_signup: __IS_SIGNUP__
-
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@ -1,9 +1,5 @@
 location __PATH__ {
    
-    if ($scheme = http) {
-        rewrite ^ https://$server_name$request_uri? permanent;
-    }
-    
    proxy_pass          http://127.0.0.1:__PORT__;
    proxy_set_header    Host $host;

--- a/conf/systemd.service
+++ b/conf/systemd.service
@ -6,8 +6,8 @@ After=network.target
 Type=simple
 User=__APP__
 Group=__APP__
-WorkingDirectory=__FINALPATH__/
-ExecStart=__YNH_NODE__ __FINALPATH__/server
+WorkingDirectory=__FINAL_PATH__/
+ExecStart=__YNH_NODE__ __FINAL_PATH__/server
 Restart=always
 Environment=__YNH_NODE_LOAD_PATH__
 Environment=NODE_ENV=production
--- a/config_panel.toml
+++ b/config_panel.toml
@ -1,16 +1,17 @@
 version = "1.0"
-name= "Armadietto configuration panel"

 [main]
-name = "Armadietto signup configuration"
+name = "Settings"

    [main.is_signup]
    name = "Signup configuration"

-        [main.is_signup.signup]
-        ask.en = "Allow signups?"
-        ask.fr = "Accepter les inscriptions ?"
+    services = ["__APP__"]
+
+        [main.is_signup.is_signup]
+        ask = "Allow signups?"
        type = "boolean"
-        default = true
-        help.en = "Would you like to allow visitors to register and create an account?"
-        help.fr = "Souhaitez-vous autoriser les visiteurs à s'inscrire et créer un compte ?"    
+        yes = '1'
+        no = ''
+        help = "Would you like to allow visitors to register and create an account?"
+        bind = "signup:/opt/yunohost/__APP__/server.js"
--- a/doc/DESCRIPTION.md
+++ b/doc/DESCRIPTION.md
@ -1,7 +1,7 @@

 [Armadietto](https://github.com/remotestorage/armadietto/) is a [remoteStorage](https://remotestorage.io) server written for Node.js.

-Armadietto is maintained by remoteStorage Team [IRC](https://kiwiirc.com/client/irc.freenode.net/#remotestorage)
+Armadietto is maintained by the remoteStorage community, ([IRC](https://web.libera.chat/#remotestorage), [forums](https://community.remotestorage.io/)).

 > ### :warning: WARNING
 > Please do not consider `armadietto` production ready, this project is still
@ -12,10 +12,12 @@ Armadietto is maintained by remoteStorage Team [IRC](https://kiwiirc.com/client/

 **Shipped version:** 0.1.5

+### Installation option 
+
+User registration is not allowed out of the box.
+This option can be enabled in the configuration panel.
+
 ### Application for remoteStorage

-[Click here](https://remotestorage.io/apps/) to see the list of applications that can be used with RemoteStorage.
+[Here](https://remotestorage.io/apps/) is a non-exhaustive list of apps that have integrated remoteStorage as a storage/sync option.

-### Features
-
- liste des caractéristiques...
--- a/doc/DESCRIPTION_fr.md
+++ b/doc/DESCRIPTION_fr.md
@ -1,7 +1,7 @@

 [Armadietto](https://github.com/remotestorage/armadietto/) est un serveur [remoteStorage](https://remotestorage.io) écrit pour Node.js.

-Armadietto est maintenu par l'équipe remoteStorage [IRC](https://kiwiirc.com/client/irc.freenode.net/#remotestorage).
+Armadietto est maintenu par la communauté remoteStorage, ([IRC](https://web.libera.chat/#remotestorage), [forums](https://community.remotestorage.io/)).

 > ### :warning: WARNING
 > Veuillez ne pas considérer `armadietto` comme prêt pour la production, ce projet est toujours
@ -12,6 +12,11 @@ Armadietto est maintenu par l'équipe remoteStorage [IRC](https://kiwiirc.com/cl

 **Version livrée:** 0.1.5

+### Option d'installation 
+
+L'inscription des utilisateurs n'est pas autorisée par défault.
+Cette option peut être activée via le panneau de configutration.
+
 ### Application pour remoteStorage

-[Cliquez ici](https://remotestorage.io/apps/) pour voir la liste des applications qui peuvent être utilisées avec RemoteStorage.
+[Cliquez ici](https://remotestorage.io/apps/) pour voir une liste non exhaustive d'applications ayant intégré remoteStorage comme option de stockage/synchronisation.
--- a/doc/DISCLAIMER.md
+++ b/doc/DISCLAIMER.md
@ -1,14 +1,13 @@
 ### :warning: WARNING
-Armadietto_ynh still in develoment:
+The Armadietto_ynh package is still under development, so you should expect some undocumented changes before it is labeled stable.

-* Security considerations from [Armadietto](https://github.com/remotestorage/armadietto/) :
+### :information_source: Security considerations from [Armadietto](https://github.com/remotestorage/armadietto/) :

-
->### **Storage security**
+> #### **Storage security**
 >
->In production, we recommend that you restrict access to the files managed by your armadietto server as much as possible. This is particularly true if you host your storage on a machine with other web applications; you need to protect your files in the event that one of those apps is exploited.
+> In production, we recommend that you restrict access to the files managed by your armadietto server as much as possible. This is particularly true if you host your storage on a machine with other web applications; you need to protect your files in the event that one of those apps is exploited.
 >
->You should take these steps to keep your storage safe:
+> You should take these steps to keep your storage safe:
 >
 >    - Pick a unique Unix user to run your server process; no other process on the box should run as this user: sudo useradd armadietto --system --no-create-home
 >
--- a/doc/DISCLAIMER_fr.md
+++ b/doc/DISCLAIMER_fr.md
@ -1,11 +1,9 @@
 ### :warning: WARNING
-Armadietto_ynh still in develoment:
+Le paquet Armadietto_ynh est toujours en cours de développement, vous devez donc vous attendre à d'éventuels changements non documentés avant qu'il ne soit qualifié de stable.

-* l'authentification unique ou l'intégration LDAP ne fonctionne pas ?
-* Considérations sur la sécurité de [Armadietto](https://github.com/remotestorage/armadietto/) :
+### :information_source: Considérations sur la sécurité de [Armadietto](https://github.com/remotestorage/armadietto/) :

-
-> ### **Sécurité du stockage**
+> #### **Sécurité du stockage**
 > 
 > En production, nous vous recommandons de restreindre autant que possible l'accès aux fichiers gérés par votre serveur armadietto. Ceci est particulièrement vrai si vous hébergez votre stockage sur une machine avec d'autres applications web ; vous devez protéger vos fichiers dans le cas où l'une de ces applications serait exploitée.
 > 
--- a/manifest.json
+++ b/manifest.json
@ -3,10 +3,10 @@
    "id": "armadietto",
    "packaging_format": 1,
    "description": {
-        "en": "A remoteStorage server written for Node.js.",
-        "fr": "Un serveur remoteStorage écrit pour node.js."
+        "en": "A remoteStorage server running as a nodejs web service with systemd",
+        "fr": "Un serveur remoteStorage excécuté en tant que service web nodejs par systemd"
    },
-    "version": "0.0.2~ynh6",
+    "version": "0.0.6~ynh1",
    "url": "https://github.com/remotestorage/armadietto",
    "upstream": {
        "license": "MIT",
@ -32,12 +32,6 @@
                "name": "domain",
                "type": "domain"
            },
-            {
-                "name": "path",
-                "type": "path",
-                "example": "/",
-                "default": "/"
-            },
            {
                "name": "is_public",
                "type": "boolean",
@ -58,7 +52,7 @@
                    "en": "Would you like to allow visitors to register and create an account?",
                    "fr": "Souhaitez-vous autoriser les visiteurs à s'inscrire et créer un compte ?"
                },
-                "default": true
+                "default": false
            }
        ]
    }
--- a/scripts/change_url
+++ b/scripts/change_url
@ -29,11 +29,6 @@ ynh_script_progression --message="Loading installation settings..." --weight=2
 # Needed for helper "ynh_add_nginx_config"
 final_path=$(ynh_app_setting_get --app=$app --key=final_path)

-# Add settings here as needed by your application
-#db_name=$(ynh_app_setting_get --app=$app --key=db_name)
-#db_user=$db_name
-#db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd)
-
 #=================================================
 # BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP
 #=================================================
--- a/scripts/install
+++ b/scripts/install
@ -25,7 +25,7 @@ ynh_abort_if_errors
 #=================================================

 domain=$YNH_APP_ARG_DOMAIN
-path_url=$YNH_APP_ARG_PATH
+path_url="/"
 is_public=$YNH_APP_ARG_IS_PUBLIC
 is_signup=$YNH_APP_ARG_IS_SIGNUP

@ -43,11 +43,6 @@ final_path=/opt/yunohost/$app

 test ! -e "$final_path" || ynh_die --message="This path already contains a folder"

-# Only on / directory
-if [ "$path_url" != "/" ]; then
-    ynh_die "Only / is allowed"
-fi
-
 # Register (book) web path
 ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url

@ -58,7 +53,6 @@ ynh_script_progression --message="Storing installation settings..." --weight=1

 ynh_app_setting_set --app=$app --key=domain --value=$domain
 ynh_app_setting_set --app=$app --key=path --value=$path_url
-ynh_app_setting_set --app=$app --key=final_path --value=final_path
 ynh_app_setting_set --app=$app --key=is_signup --value=$is_signup
 ynh_app_setting_set --app=$app --key=datadir --value=$datadir

@ -86,7 +80,7 @@ ynh_use_nodejs
 #=================================================
 ynh_script_progression --message="Setting up and create final app path..." --weight=1

-ynh_app_setting_set $app final_path $final_path
+ynh_app_setting_set --app=$app --key=final_path --value=$final_path

 # Create final_path
 mkdir -p "$final_path"
@ -107,16 +101,6 @@ ynh_script_progression --message="Configuring system user..." --weight=2
 # Create a system user
 ynh_system_user_create --username=$app

-#=================================================
-# ADD A CONFIGURATION
-#=================================================
-ynh_script_progression --message="Adding a configuration file..." --weight=1
-
-ynh_add_config --template="../conf/config.sample.yml" --destination="$final_path/config.yml"
-
-chmod 400 "$final_path/config.yml"
-chown $app:$app "$final_path/config.yml"
-
 #=================================================
 # SETUP SYSTEMD
 #=================================================
--- a/scripts/remove
+++ b/scripts/remove
@ -77,7 +77,6 @@ ynh_script_progression --message="Removing NGINX web server configuration..." --
 # Remove the dedicated NGINX config
 ynh_remove_nginx_config

-
 #=================================================
 # REMOVE DEPENDENCIES
 #=================================================
@ -85,34 +84,6 @@ ynh_script_progression --message="Removing dependencies..." --weight=2

 ynh_remove_nodejs --nodejs_version=$NODEJS_VERSION

-#=================================================
-# CLOSE A PORT
-#=================================================
-
-if yunohost firewall list | grep -q "\- $port$"
-then
-	ynh_script_progression --message="Closing port $port..." --weight=1
-	ynh_exec_warn_less yunohost firewall disallow TCP $port
-fi
-
-#=================================================
-# REMOVE FAIL2BAN CONFIGURATION
-#=================================================
-# ynh_script_progression --message="Removing Fail2ban configuration..." --weight=1
-
-# Remove the dedicated Fail2Ban config
-# ynh_remove_fail2ban_config
-
-#=================================================
-# SPECIFIC REMOVE
-#=================================================
-# REMOVE VARIOUS FILES
-#=================================================
-ynh_script_progression --message="Removing various files..." --weight=1
-
-# Remove a cron file
-# ynh_secure_remove --file="" 
-
 #=================================================
 # GENERIC FINALIZATION
 #=================================================
--- a/scripts/restore
+++ b/scripts/restore
@ -114,7 +114,8 @@ ynh_script_progression --message="Secure files and directories" --weight=1

 # Set permissions to app files
 chown -R $app:$app "$final_path"
-chmod 0700 $datadir && chown $app:$app $datadir
+chmod 0700 $datadir
+chown $app:$app $datadir

 #=================================================
 # INTEGRATE SERVICE IN YUNOHOST
--- a/scripts/upgrade
+++ b/scripts/upgrade
@ -29,13 +29,6 @@ ynh_script_progression --message="Checking version..." --weight=1

 upgrade_type=$(ynh_check_app_version_changed)

-### This helper will compare the version of the currently installed app and the version of the upstream package.
-### $upgrade_type can have 2 different values
-### - UPGRADE_APP if the upstream app version has changed
-### - UPGRADE_PACKAGE if only the YunoHost package has changed
-### ynh_check_app_version_changed will stop the upgrade if the app is up to date.
-### UPGRADE_APP should be used to upgrade the core app only if there's an upgrade to do.
-
 #=================================================
 # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
 #=================================================
@ -64,10 +57,15 @@ ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app
 #=================================================
 ynh_script_progression --message="Ensuring downward compatibility..." --weight=1

+# If is_signup doesn't exist, create it
+if [ -z "$is_signup" ]; then
+	is_signup="true"
+	ynh_app_setting_set --app=$app --key=is_signup --value=$is_signup
+fi
+
 # Cleaning legacy permissions
 if ynh_legacy_permissions_exists; then
 	ynh_legacy_permissions_delete_all
-
 	ynh_app_setting_delete --app=$app --key=is_public
 fi

@ -100,8 +98,6 @@ ynh_system_user_create --username=$app
 ynh_script_progression --message="Setting up and create final app path..." --weight=1

 ynh_app_setting_set $app final_path $final_path
-# Download, check integrity, uncompress and patch the source from app.src
-# ynh_setup_source --dest_dir="$final_path"

 # Create final_path
 mkdir -p "$final_path"
@ -116,19 +112,10 @@ ynh_use_nodejs

 #=================================================
 # SPECIFIC UPGRADE
-#=================================================
-# ADD A CONFIGURATION
-#=================================================
-ynh_script_progression --message="Adding a configuration file..." --weight=2
-
-ynh_add_config --template="../conf/config.sample.yml" --destination="$final_path/config.yml"
-
-chmod 400 "$final_path/config.yml"
-chown $app:$app "$final_path/config.yml"
-
 #=================================================
 # CREATE DATA DIRECTORY
 #=================================================
+
 if [ -z "$datadir" ]; then
 	ynh_script_progression --message="Creating a data directory..." --weight=1

@ -163,36 +150,6 @@ then
 	popd
 fi

-#=================================================
-# UPDATE A CONFIG FILE
-#=================================================
-ynh_script_progression --message="Updating a configuration file..." --weight=2
-
-ynh_add_config --template="../conf/config.sample.yml" --destination="$final_path/config.yml"
-
-chmod 400 "$final_path/config.yml"
-chown $app:$app "$final_path/config.yml"
-
-### Same as during install
-###
-### The file will automatically be backed-up if it's found to be manually modified (because
-### ynh_add_config keeps track of the file's checksum)
-
-# ynh_add_config --template="some_config_file" --destination="$final_path/some_config_file"
-
-# FIXME: this should be handled by the core in the future
-# You may need to use chmod 600 instead of 400,
-# for example if the app is expected to be able to modify its own config
-# chmod 400 "$final_path/some_config_file"
-# chown $app:$app "$final_path/some_config_file"
-
-### For more complex cases where you want to replace stuff using regexes,
-### you shoud rely on ynh_replace_string (which is basically a wrapper for sed)
-### When doing so, you also need to manually call ynh_store_file_checksum
-###
-### ynh_replace_string --match_string="match_string" --replace_string="replace_string" --target_file="$final_path/some_config_file"
-### ynh_store_file_checksum --file="$final_path/some_config_file"
-
 #=================================================
 # SETUP SYSTEMD
 #=================================================
@ -218,7 +175,8 @@ ynh_script_progression --message="Secure files and directories" --weight=1

 # Set permissions to app files
 chown -R $app:$app "$final_path"
-chmod 0700 $datadir && chown $app:$app $datadir
+chmod 0700 "$datadir"
+chown $app:$app "$datadir"

 #=================================================
 # INTEGRATE SERVICE IN YUNOHOST