From eabb8c69f36ed2bbc65acfe71b575626858c1a0e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?F=C3=A9lix=20Pi=C3=A9dallu?= Date: Fri, 5 Jan 2024 15:28:04 +0100 Subject: [PATCH 1/5] Manifestv2 port --- check_process | 26 ----- conf/server.js | 3 +- conf/systemd.service | 8 +- doc/{DISCLAIMER.md => ADMIN.md} | 4 +- doc/{DISCLAIMER_fr.md => ADMIN_fr.md} | 4 +- manifest.json | 55 --------- manifest.toml | 58 ++++++++++ scripts/_common.sh | 3 - scripts/backup | 25 +--- scripts/change_url | 99 +--------------- scripts/install | 158 ++++---------------------- scripts/remove | 73 ++---------- scripts/restore | 105 ++++------------- scripts/upgrade | 145 +++++------------------ tests.toml | 12 ++ 15 files changed, 159 insertions(+), 619 deletions(-) delete mode 100644 check_process rename doc/{DISCLAIMER.md => ADMIN.md} (96%) rename doc/{DISCLAIMER_fr.md => ADMIN_fr.md} (97%) delete mode 100644 manifest.json create mode 100644 manifest.toml create mode 100644 tests.toml diff --git a/check_process b/check_process deleted file mode 100644 index 2a87b4f..0000000 --- a/check_process +++ /dev/null @@ -1,26 +0,0 @@ -;; Test complet - ; Manifest - domain="domain.tld" - is_public=1 - is_signup=0 - ; Checks - pkg_linter=1 - setup_sub_dir=0 - setup_root=1 - setup_nourl=0 - setup_private=1 - setup_public=1 - upgrade=1 - # 0.0.2~ynh5 - upgrade=1 from_commit=75b669baf73a507c9b22baf3280529cf7c1ee242 - backup_restore=1 - multi_instance=0 - port_already_use=0 - change_url=1 -;;; Options -Email= -Notification=none -;;; Upgrade options - ; commit=75b669baf73a507c9b22baf3280529cf7c1ee242 - name= Upgrade from version 0.0.2~ynh6 - manifest_arg=domain=DOMAIN&path=PATH&admin=USER&language=fr&is_public=1&is_signup=0&port=8008& diff --git a/conf/server.js b/conf/server.js index 80179e0..c70a2c9 100644 --- a/conf/server.js +++ b/conf/server.js @@ -5,7 +5,7 @@ let server; // const type = process.argv[2]; -store = new Armadietto.FileTree({path: '__DATADIR__'}); +store = new Armadietto.FileTree({path: '__DATA_DIR__/storage'}); server = new Armadietto({ store: store, @@ -26,4 +26,3 @@ server = new Armadietto({ console.log('LISTENING ON PORT __PORT__'); server.boot(); - diff --git a/conf/systemd.service b/conf/systemd.service index 9ced78c..8e59cfa 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -6,14 +6,14 @@ After=network.target Type=simple User=__APP__ Group=__APP__ -WorkingDirectory=__FINAL_PATH__/ -ExecStart=__YNH_NODE__ __FINAL_PATH__/server +WorkingDirectory=__INSTALL_DIR__/ +ExecStart=__YNH_NODE__ __INSTALL_DIR__/server Restart=always Environment=__YNH_NODE_LOAD_PATH__ Environment=NODE_ENV=production # Sandboxing options to harden security -# Depending on specificities of your service/app, you may need to tweak these +# Depending on specificities of your service/app, you may need to tweak these # .. but this should be a good baseline # Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html NoNewPrivileges=yes @@ -41,7 +41,7 @@ CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_WAKE_ALARM CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW -CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG +CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG [Install] WantedBy=multi-user.target diff --git a/doc/DISCLAIMER.md b/doc/ADMIN.md similarity index 96% rename from doc/DISCLAIMER.md rename to doc/ADMIN.md index 26c80a2..9e7dac4 100644 --- a/doc/DISCLAIMER.md +++ b/doc/ADMIN.md @@ -23,8 +23,8 @@ The Armadietto_ynh package is still under development, so you should expect some ### **Important Notes** -- RemoteStorage requires a dedicated domain, so obtain one and add it using the YunoHost admin panel. **Domains -> Add domain**. -- As RemoteStorage uses the full domain and is installed on the root, you can create a subdomain such as remote.domain.tld. +- RemoteStorage requires a dedicated domain, so obtain one and add it using the YunoHost admin panel. **Domains -> Add domain**. +- As RemoteStorage uses the full domain and is installed on the root, you can create a subdomain such as remote.domain.tld. - Don't forget to update your DNS if you manage them manually. - RemoteStorage requires browser-approved SSL certificates. If you have certificates not issued by [Let's Encrypt](https://letsencrypt.org/), install them manually as usual. diff --git a/doc/DISCLAIMER_fr.md b/doc/ADMIN_fr.md similarity index 97% rename from doc/DISCLAIMER_fr.md rename to doc/ADMIN_fr.md index 94421be..e25e9b3 100644 --- a/doc/DISCLAIMER_fr.md +++ b/doc/ADMIN_fr.md @@ -23,8 +23,8 @@ Le paquet Armadietto_ynh est toujours en cours de développement, vous devez don ### **Notes importantes** -- RemoteStorage nécessite un domaine dédié, il faut donc en obtenir un et l'ajouter en utilisant le panneau d'administration de YunoHost. **Domaines -> Ajouter un domaine**. -- Comme RemoteStorage utilise le domaine complet et est installé à la racine, vous pouvez créer un sous-domaine tel que remote.domain.tld. +- RemoteStorage nécessite un domaine dédié, il faut donc en obtenir un et l'ajouter en utilisant le panneau d'administration de YunoHost. **Domaines -> Ajouter un domaine**. +- Comme RemoteStorage utilise le domaine complet et est installé à la racine, vous pouvez créer un sous-domaine tel que remote.domain.tld. - N'oubliez pas de mettre à jour vos DNS si vous les gérez manuellement. - RemoteStorage nécessite des certificats SSL approuvés par le navigateur. Si vous disposez de certificats qui ne sont pas émis par [Let's Encrypt](https://letsencrypt.org/), installez-les manuellement comme d'habitude. diff --git a/manifest.json b/manifest.json deleted file mode 100644 index b501206..0000000 --- a/manifest.json +++ /dev/null @@ -1,55 +0,0 @@ -{ - "name": "Armadietto", - "id": "armadietto", - "packaging_format": 1, - "description": { - "en": "RemoteStorage server running as a nodejs web service with systemd", - "fr": "Serveur remoteStorage excécuté en tant que service web nodejs par systemd" - }, - "version": "0.2.0~ynh2", - "url": "https://github.com/remotestorage/armadietto", - "upstream": { - "license": "WTFPL", - "website": "https://remotestorage.io/", - "code": "https://github.com/remotestorage/armadietto" - }, - "license": "WTFPL", - "maintainer": { - "name": "bencharp", - "email": "contact@bencharp.com", - "url": "https://www.bencharp.com" - }, - "requirements": { - "yunohost": ">= 11.0.9" - }, - "multi_instance": false, - "services": [ - "nginx" - ], - "arguments": { - "install": [ - { - "name": "domain", - "type": "domain" - }, - { - "name": "is_public", - "type": "boolean", - "default": true - }, - { - "name": "is_signup", - "type": "boolean", - "ask": { - "en": "Allow signups?", - "fr": "Accepter les inscriptions ?" - }, - "help": { - "en": "Would you like to allow visitors to register and create an account?", - "fr": "Souhaitez-vous autoriser les visiteurs à s'inscrire et créer un compte ?" - }, - "default": false - } - ] - } -} diff --git a/manifest.toml b/manifest.toml new file mode 100644 index 0000000..e074c7a --- /dev/null +++ b/manifest.toml @@ -0,0 +1,58 @@ +#:schema https://raw.githubusercontent.com/YunoHost/apps/master/schemas/manifest.v2.schema.json + +packaging_format = 2 + +id = "armadietto" +name = "Armadietto" +description.en = "RemoteStorage server running as a nodejs web service with systemd" +description.fr = "Serveur remoteStorage excécuté en tant que service web nodejs par systemd" + +version = "0.2.0~ynh2" + +maintainers = ["bencharp"] + +[upstream] +license = "WTFPL" +website = "https://remotestorage.io/" +code = "https://github.com/remotestorage/armadietto" + +[integration] +yunohost = ">= 11.0.9" +architectures = "all" +multi_instance = false +ldap = "?" # FIXME: replace with true, false, or "not_relevant". Not to confuse with the "sso" key : the "ldap" key corresponds to wether or not a user *can* login on the app using its YunoHost credentials. +sso = "?" # FIXME: replace with true, false, or "not_relevant". Not to confuse with the "ldap" key : the "sso" key corresponds to wether or not a user is *automatically logged-in* on the app when logged-in on the YunoHost portal. +disk = "50M" # FIXME: replace with an **estimate** minimum disk requirement. e.g. 20M, 400M, 1G, ... +ram.build = "50M" # FIXME: replace with an **estimate** minimum ram requirement. e.g. 50M, 400M, 1G, ... +ram.runtime = "50M" # FIXME: replace with an **estimate** minimum ram requirement. e.g. 50M, 400M, 1G, ... + +[install] + [install.domain] + # this is a generic question - ask strings are automatically handled by Yunohost's core + type = "domain" + + [install.init_main_permission] + type = "group" + default = "visitors" + + [install.is_signup] + ask.en = "Allow signups?" + ask.fr = "Accepter les inscriptions ?" + help.en = "Would you like to allow visitors to register and create an account?" + help.fr = "Souhaitez-vous autoriser les visiteurs à s'inscrire et créer un compte ?" + type = "boolean" + default = false + +[resources] + [resources.system_user] + + [resources.install_dir] + + [resources.data_dir] + subdirs = ["storage"] + + [resources.permissions] + main.url = "/" + + [resources.ports] + main.default = 8008 diff --git a/scripts/_common.sh b/scripts/_common.sh index 2a28ffc..256e69c 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -4,9 +4,6 @@ # COMMON VARIABLES #================================================= -# dependencies used by the app -# pkg_dependencies="" - NODEJS_VERSION=14 #================================================= diff --git a/scripts/backup b/scripts/backup index 67278fd..d4006e2 100755 --- a/scripts/backup +++ b/scripts/backup @@ -10,27 +10,6 @@ source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= - -ynh_clean_setup () { - true -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# LOAD SETTINGS -#================================================= -ynh_print_info --message="Loading installation settings..." - -app=$YNH_APP_INSTANCE_NAME - -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -domain=$(ynh_app_setting_get --app=$app --key=domain) -datadir=$(ynh_app_setting_get --app=$app --key=datadir) - #================================================= # DECLARE DATA AND CONF FILES TO BACKUP #================================================= @@ -40,13 +19,13 @@ ynh_print_info --message="Declaring files to be backed up..." # BACKUP THE APP MAIN DIR #================================================= -ynh_backup --src_path="$final_path" +ynh_backup --src_path="$install_dir" #================================================= # BACKUP THE DATA DIR #================================================= -ynh_backup --src_path="$datadir" --is_big +ynh_backup --src_path="$data_dir" --is_big #================================================= # BACKUP THE NGINX CONFIGURATION diff --git a/scripts/change_url b/scripts/change_url index 100667f..b7e71be 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -9,65 +9,6 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# RETRIEVE ARGUMENTS -#================================================= - -old_domain=$YNH_APP_OLD_DOMAIN -old_path=$YNH_APP_OLD_PATH - -new_domain=$YNH_APP_NEW_DOMAIN -new_path="/" - -app=$YNH_APP_INSTANCE_NAME - -#================================================= -# LOAD SETTINGS -#================================================= -ynh_script_progression --message="Loading installation settings..." --weight=2 - -# Needed for helper "ynh_add_nginx_config" -final_path=$(ynh_app_setting_get --app=$app --key=final_path) - -# Add settings here as needed by your application -port=$(ynh_app_setting_get --app=$app --key=port) -datadir=$(ynh_app_setting_get --app=$app --key=datadir) -is_signup=$(ynh_app_setting_get --app=$app --key=is_signup) - -#================================================= -# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP -#================================================= -ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=3 - -# Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { - ynh_clean_check_starting - # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location. - ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" - - # Restore it if the upgrade fails - ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# CHECK WHICH PARTS SHOULD BE CHANGED -#================================================= - -change_domain=0 -if [ "$old_domain" != "$new_domain" ] -then - change_domain=1 -fi - -change_path=0 -if [ "$old_path" != "$new_path" ] -then - change_path=1 -fi - #================================================= # STANDARD MODIFICATIONS #================================================= @@ -82,29 +23,7 @@ ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app #================================================= ynh_script_progression --message="Updating NGINX web server configuration..." --weight=1 -nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf - -# Change the path in the NGINX config file -if [ $change_path -eq 1 ] -then - # Make a backup of the original NGINX config file if modified - ynh_backup_if_checksum_is_different --file="$nginx_conf_path" - # Set global variables for NGINX helper - domain="$old_domain" - path_url="$new_path" - # Create a dedicated NGINX config - ynh_add_nginx_config -fi - -# Change the domain for NGINX -if [ $change_domain -eq 1 ] -then - # Delete file checksum for the old conf file location - ynh_delete_file_checksum --file="$nginx_conf_path" - mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf - # Store file checksum for the new config file location - ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" -fi +ynh_change_url_nginx_config #================================================= # SPECIFIC MODIFICATIONS @@ -113,15 +32,14 @@ fi #================================================= ynh_script_progression --message="Updating a configuration file..." --weight=2 -domain=$new_domain -ynh_use_nodejs # Define armadietto module path +ynh_use_nodejs module_path="$node_version_path/$nodejs_version/lib/node_modules/armadietto/lib" -ynh_add_config --template="../conf/server.js" --destination="$final_path/server.js" +ynh_add_config --template="../conf/server.js" --destination="$install_dir/server.js" -chmod 400 "$final_path/server.js" -chown $app:$app "$final_path/server.js" +chmod 400 "$install_dir/server.js" +chown $app:$app "$install_dir/server.js" #================================================= # GENERIC FINALISATION @@ -133,13 +51,6 @@ ynh_script_progression --message="Starting a systemd service..." --weight=1 # Start a systemd service ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." --weight=1 - -ynh_systemd_action --service_name=nginx --action=reload - #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/install b/scripts/install index a4e757d..04f68a9 100755 --- a/scripts/install +++ b/scripts/install @@ -9,95 +9,14 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= - -ynh_clean_setup () { - ynh_clean_check_starting -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# RETRIEVE ARGUMENTS FROM THE MANIFEST -#================================================= - -domain=$YNH_APP_ARG_DOMAIN -path_url="/" -is_public=$YNH_APP_ARG_IS_PUBLIC -is_signup=$YNH_APP_ARG_IS_SIGNUP - -app=$YNH_APP_INSTANCE_NAME - -#================================================= -# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS -#================================================= -ynh_script_progression --message="Validating installation parameters..." --weight=2 - -final_path=/opt/yunohost/$app -test ! -e "$final_path" || ynh_die --message="This path already contains a folder" - -# Register (book) web path -ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url - -#================================================= -# STORE SETTINGS FROM MANIFEST -#================================================= -ynh_script_progression --message="Storing installation settings..." --weight=1 - -ynh_app_setting_set --app=$app --key=domain --value=$domain -ynh_app_setting_set --app=$app --key=path --value=$path_url -ynh_app_setting_set --app=$app --key=is_signup --value=$is_signup - -#================================================= -# STANDARD MODIFICATIONS -#================================================= -# FIND AND OPEN A PORT -#================================================= -ynh_script_progression --message="Finding an available port..." --weight=2 - -# Find an available port -port=$(ynh_find_port --port=8008) -ynh_app_setting_set --app=$app --key=port --value=$port - #================================================= # INSTALL DEPENDENCIES #================================================= -ynh_script_progression --message="Installing dependencies..." --weight=23 +ynh_script_progression --message="Installing NodeJS..." --weight=23 -ynh_install_nodejs --nodejs_version=$NODEJS_VERSION +ynh_install_nodejs --nodejs_version="$NODEJS_VERSION" ynh_use_nodejs -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." --weight=2 - -# Create a system user -ynh_system_user_create --username=$app --home_dir="$final_path" - -#================================================= -# CHECK AND CREATE FINAL_PATH -#================================================= -ynh_script_progression --message="Setting up and create final app path..." --weight=1 - -ynh_app_setting_set --app=$app --key=final_path --value=$final_path -# Create final_path -mkdir -p "$final_path" - -chmod 750 "$final_path" -chmod -R o-rwx "$final_path" -chown -R $app:$app "$final_path" - -#================================================= -# NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Configuring NGINX web server..." --weight=2 - -# Create a dedicated NGINX config -ynh_add_nginx_config - #================================================= # SPECIFIC SETUP #================================================= @@ -105,24 +24,17 @@ ynh_add_nginx_config #================================================= ynh_script_progression --message="Install armadietto with npm..." --weight=1 -pushd $final_path - upstream_version=$(ynh_app_upstream_version) - ynh_npm -g i armadietto@$upstream_version +pushd "$install_dir" + upstream_version=$(ynh_app_upstream_version) + ynh_npm -g i "armadietto@$upstream_version" popd -#================================================= -# CREATE DATA DIRECTORY -#================================================= -ynh_script_progression --message="Creating a data directory..." --weight=1 +chmod 750 "$install_dir" +chmod -R o-rwx "$install_dir" +chown -R "$app:$app" "$install_dir" -datadir="/home/yunohost.app/${app}/storage" -ynh_app_setting_set --app=$app --key=datadir --value=$datadir - -mkdir -p $datadir - -chmod 750 "$datadir" -chmod -R o-rwx "$datadir" -chown -R $app:$app "$datadir" +chmod -R o-rwx "$data_dir" +chown -R "$app:$app" "$data_dir" #================================================= # ADD A CONFIGURATION @@ -132,63 +44,33 @@ ynh_script_progression --message="Adding a configuration file..." --weight=2 # Define armadietto module path module_path="$node_version_path/$nodejs_version/lib/node_modules/armadietto/lib" -ynh_add_config --template="../conf/server.js" --destination="$final_path/server.js" +ynh_add_config --template="../conf/server.js" --destination="$install_dir/server.js" -chmod 400 "$final_path/server.js" -chown $app:$app "$final_path/server.js" +chmod 400 "$install_dir/server.js" +chown $app:$app "$install_dir/server.js" #================================================= -# SETUP SYSTEMD +# SYSTEM CONFIGURATION #================================================= -ynh_script_progression --message="Configuring a systemd service..." --weight=3 +ynh_script_progression --message="Adding system configurations related to $app..." --weight=1 + +# Create a dedicated NGINX config +ynh_add_nginx_config # Create a dedicated systemd config ynh_add_systemd_config - -#================================================= -# GENERIC FINALIZATION -#================================================= -# SETUP LOGROTATE -#================================================= -ynh_script_progression --message="Configuring log rotation..." --weight=1 +yunohost service add $app --description="Armadietto run a remotestorage server as service" --log="/var/log/$app/$app.log" # Use logrotate to manage application logfile(s) ynh_use_logrotate -#================================================= -# INTEGRATE SERVICE IN YUNOHOST -#================================================= -ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 - -yunohost service add $app --description="Armadietto run a remotestorage server as service" --log="/var/log/$app/$app.log" - #================================================= # START SYSTEMD SERVICE #================================================= ynh_script_progression --message="Starting a systemd service..." --weight=1 # Start a systemd service -ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" - -#================================================= -# SETUP SSOWAT -#================================================= -ynh_script_progression --message="Configuring permissions..." --weight=2 - -# Make app public if necessary -if [ $is_public -eq 1 ] -then - # Everyone can access the app. - # The "main" permission is automatically created before the install script. - ynh_permission_update --permission="main" --add="visitors" -fi - -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." --weight=1 - -ynh_systemd_action --service_name=nginx --action=reload +ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/$app.log" #================================================= # END OF SCRIPT diff --git a/scripts/remove b/scripts/remove index 8aa11d3..c94b6b4 100755 --- a/scripts/remove +++ b/scripts/remove @@ -10,91 +10,32 @@ source _common.sh source /usr/share/yunohost/helpers #================================================= -# LOAD SETTINGS -#================================================= -ynh_script_progression --message="Loading installation settings..." --weight=2 - -app=$YNH_APP_INSTANCE_NAME - -domain=$(ynh_app_setting_get --app=$app --key=domain) -port=$(ynh_app_setting_get --app=$app --key=port) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -datadir=$(ynh_app_setting_get --app=$app --key=datadir) - -#================================================= -# STANDARD REMOVE -#================================================= -# REMOVE SERVICE INTEGRATION IN YUNOHOST +# REMOVE SYSTEM CONFIGURATIONS #================================================= +ynh_script_progression --message="Removing system configurations related to $app..." --weight=1 # Remove the service from the list of services known by YunoHost (added from `yunohost service add`) -if ynh_exec_warn_less yunohost service status $app >/dev/null -then - ynh_script_progression --message="Removing $app service integration..." --weight=1 - yunohost service remove $app +if ynh_exec_warn_less yunohost service status $app >/dev/null; then + yunohost service remove $app fi -#================================================= -# STOP AND REMOVE SERVICE -#================================================= -ynh_script_progression --message="Stopping and removing the systemd service..." --weight=2 +# Remove the dedicated NGINX config +ynh_remove_nginx_config # Remove the dedicated systemd config ynh_remove_systemd_config -#================================================= -# REMOVE LOGROTATE CONFIGURATION -#================================================= -ynh_script_progression --message="Removing logrotate configuration..." --weight=1 - # Remove the app-specific logrotate config ynh_remove_logrotate -#================================================= -# REMOVE APP MAIN DIR -#================================================= -ynh_script_progression --message="Removing app main directory..." --weight=2 - -# Remove the app directory securely -ynh_secure_remove --file="$final_path" - -#================================================= -# REMOVE DATA DIR -#================================================= - -# Remove the data directory if --purge option is used -if [ "${YNH_APP_PURGE:-0}" -eq 1 ] -then - ynh_script_progression --message="Removing app data directory..." --weight=1 - ynh_secure_remove --file="$datadir" -fi - -#================================================= -# REMOVE NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Removing NGINX web server configuration..." --weight=1 - -# Remove the dedicated NGINX config -ynh_remove_nginx_config - #================================================= # REMOVE DEPENDENCIES #================================================= -ynh_script_progression --message="Removing dependencies..." --weight=2 +ynh_script_progression --message="Removing NodeJS..." --weight=2 # Remove metapackage and its dependencies ynh_remove_nodejs --nodejs_version=$NODEJS_VERSION -#================================================= -# GENERIC FINALIZATION -#================================================= -# REMOVE DEDICATED USER -#================================================= -ynh_script_progression --message="Removing the dedicated system user..." --weight=1 - -# Delete a system user -ynh_system_user_delete --username=$app - #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/restore b/scripts/restore index 517b1bf..3236863 100755 --- a/scripts/restore +++ b/scripts/restore @@ -10,86 +10,37 @@ source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= - -ynh_clean_setup () { - ynh_clean_check_starting -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# LOAD SETTINGS -#================================================= -ynh_script_progression --message="Loading installation settings..." --weight=2 - -app=$YNH_APP_INSTANCE_NAME - -domain=$(ynh_app_setting_get --app=$app --key=domain) -path_url=$(ynh_app_setting_get --app=$app --key=path) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -datadir=$(ynh_app_setting_get --app=$app --key=datadir) - -#================================================= -# CHECK IF THE APP CAN BE RESTORED -#================================================= -ynh_script_progression --message="Validating restoration parameters..." --weight=1 - -test ! -d $final_path \ - || ynh_die --message="There is already a directory: $final_path " - -#================================================= -# STANDARD RESTORATION STEPS -#================================================= -# RESTORE THE NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Restoring the NGINX web server configuration..." --weight=1 - -ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" - -#================================================= -# RECREATE THE DEDICATED USER -#================================================= -ynh_script_progression --message="Recreating the dedicated system user..." --weight=1 - -# Create the dedicated user (if not existing) -ynh_system_user_create --username=$app --home_dir="$final_path" - #================================================= # RESTORE THE APP MAIN DIR #================================================= ynh_script_progression --message="Restoring the app main directory..." --weight=1 -ynh_restore_file --origin_path="$final_path" +ynh_restore_file --origin_path="$install_dir" -chmod 750 "$final_path" -chmod -R o-rwx "$final_path" -chown -R $app:$app "$final_path" +chmod 750 "$install_dir" +chmod -R o-rwx "$install_dir" +chown -R $app:$app "$install_dir" #================================================= # RESTORE THE DATA DIRECTORY #================================================= ynh_script_progression --message="Restoring the data directory..." -ynh_restore_file --origin_path="$datadir" --not_mandatory +ynh_restore_file --origin_path="$data_dir" --not_mandatory -mkdir -p $datadir - -chmod 750 "$datadir" -chmod -R o-rwx "$datadir" -chown -R $app:$app "$datadir" +chmod 750 "$data_dir" +chmod -R o-rwx "$data_dir" +chown -R $app:$app "$data_dir" #================================================= # SPECIFIC RESTORATION #================================================= # REINSTALL DEPENDENCIES #================================================= -ynh_script_progression --message="Reinstalling dependencies..." --weight=21 +#REMOVEME? ynh_script_progression --message="Reinstalling dependencies..." --weight=21 # Define and install dependencies -ynh_install_nodejs --nodejs_version=$NODEJS_VERSION +ynh_install_nodejs --nodejs_version="$NODEJS_VERSION" ynh_use_nodejs #================================================= @@ -97,46 +48,30 @@ ynh_use_nodejs #================================================= ynh_script_progression --message="Install armadietto with npm..." --weight=1 -pushd $final_path - upstream_version=$(ynh_app_upstream_version) - ynh_npm -g i armadietto@$upstream_version +pushd $install_dir + upstream_version=$(ynh_app_upstream_version) + ynh_npm -g i "armadietto@$upstream_version" popd #================================================= -# RESTORE SYSTEMD +# RESTORE SYSTEM CONFIGURATIONS #================================================= -ynh_script_progression --message="Restoring the systemd configuration..." --weight=2 +ynh_script_progression --message="Restoring system configurations related to $app..." --weight=1 -ynh_restore_file --origin_path="/etc/systemd/system/$app.service" -systemctl enable $app.service --quiet - -#================================================= -# RESTORE THE LOGROTATE CONFIGURATION -#================================================= -ynh_script_progression --message="Restoring the logrotate configuration..." --weight=1 +ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_restore_file --origin_path="/etc/logrotate.d/$app" -#================================================= -# INTEGRATE SERVICE IN YUNOHOST -#================================================= -ynh_script_progression --message="Integrating service in YunoHost..." --weight=2 - +ynh_restore_file --origin_path="/etc/systemd/system/$app.service" +systemctl enable $app.service --quiet yunohost service add $app --description="Armadietto run a remotestorage server as service" --log="/var/log/$app/$app.log" #================================================= # START SYSTEMD SERVICE #================================================= -ynh_script_progression --message="Starting a systemd service..." --weight=1 +ynh_script_progression --message="Reloading NGINX web server and $app's services..." --weight=1 -ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" - -#================================================= -# GENERIC FINALIZATION -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." --weight=1 +ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/$app.log" ynh_systemd_action --service_name=nginx --action=reload diff --git a/scripts/upgrade b/scripts/upgrade index 706ba5b..27cdb84 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -9,42 +9,8 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# LOAD SETTINGS -#================================================= -ynh_script_progression --message="Loading installation settings..." --weight=1 - -app=$YNH_APP_INSTANCE_NAME - -domain=$(ynh_app_setting_get --app=$app --key=domain) -path_url=$(ynh_app_setting_get --app=$app --key=path) -port=$(ynh_app_setting_get --app=$app --key=port) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -datadir=$(ynh_app_setting_get --app=$app --key=datadir) -is_signup=$(ynh_app_setting_get --app=$app --key=is_signup) - -#================================================= -# CHECK VERSION -#================================================= -ynh_script_progression --message="Checking version..." --weight=1 - upgrade_type=$(ynh_check_app_version_changed) -#================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP -#================================================= -ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=4 - -# Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { - ynh_clean_check_starting - # Restore it if the upgrade fails - ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - #================================================= # STANDARD UPGRADE STEPS #================================================= @@ -61,67 +27,19 @@ ynh_script_progression --message="Ensuring downward compatibility..." --weight=1 # If is_signup doesn't exist, create it if [ -z "$is_signup" ]; then - is_signup="true" - ynh_app_setting_set --app=$app --key=is_signup --value=$is_signup -fi - -# Cleaning legacy permissions -if ynh_legacy_permissions_exists; then - ynh_legacy_permissions_delete_all - - ynh_app_setting_delete --app=$app --key=is_public + is_signup="true" + ynh_app_setting_set --app="$app" --key=is_signup --value=$is_signup fi # Remove old log file ynh_secure_remove --file="/var/log/$app/" -if [ -z "$datadir" ]; then - ynh_script_progression --message="Creating a data directory..." --weight=1 - - ynh_app_setting_set --app=$app --key=datadir --value=$datadir - - # Create app data folder - mkdir -p $datadir - - chmod 750 "$datadir" - chmod -R o-rwx "$datadir" - chown -R $app:www-data "$datadir" -fi - -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 - -# Create a dedicated user (if not existing) -ynh_system_user_create --username=$app --home_dir="$final_path" - -#================================================= -# CHECK AND CREATE FINAL_PATH -#================================================= -ynh_script_progression --message="Setting up and create final app path..." --weight=1 - -# Create final_path -mkdir -p "$final_path" - -chmod 750 "$final_path" -chmod -R o-rwx "$final_path" -chown -R $app:$app "$final_path" - -#================================================= -# NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Upgrading NGINX web server configuration..." - -# Create a dedicated NGINX config -ynh_add_nginx_config - #================================================= # UPGRADE DEPENDENCIES #================================================= -ynh_script_progression --message="Upgrading dependencies..." --weight=4 +ynh_script_progression --message="Upgrading NodeJS..." --weight=4 -ynh_install_nodejs --nodejs_version=$NODEJS_VERSION +ynh_install_nodejs --nodejs_version="$NODEJS_VERSION" ynh_use_nodejs #================================================= @@ -130,16 +48,22 @@ ynh_use_nodejs # UPGRADE ARMADIETTO #================================================= -if [ "$upgrade_type" == "UPGRADE_APP" ] -then - ynh_script_progression --message="Upgrade armadietto with npm..." --weight=1 +if [ "$upgrade_type" == "UPGRADE_APP" ]; then + ynh_script_progression --message="Upgrade armadietto with npm..." --weight=1 - pushd $final_path - upstream_version=$(ynh_app_upstream_version) - ynh_npm -g i armadietto@$upstream_version - popd + pushd "$install_dir" + upstream_version=$(ynh_app_upstream_version) + ynh_npm -g i "armadietto@$upstream_version" + popd fi +chmod 750 "$install_dir" +chmod -R o-rwx "$install_dir" +chown -R $app:$app "$install_dir" + +chmod -R o-rwx "$data_dir" +chown -R "$app:$app" "$data_dir" + #================================================= # UPDATE A CONFIG FILE #================================================= @@ -148,36 +72,26 @@ ynh_script_progression --message="Updating a configuration file..." --weight=2 # Define armadietto module path module_path="$node_version_path/$nodejs_version/lib/node_modules/armadietto/lib" -ynh_add_config --template="../conf/server.js" --destination="$final_path/server.js" +ynh_add_config --template="../conf/server.js" --destination="$install_dir/server.js" -chmod 400 "$final_path/server.js" -chown $app:$app "$final_path/server.js" +chmod 400 "$install_dir/server.js" +chown $app:$app "$install_dir/server.js" #================================================= -# SETUP SYSTEMD +# REAPPLY SYSTEM CONFIGURATIONS #================================================= -ynh_script_progression --message="Upgrading systemd configuration..." --weight=3 +ynh_script_progression --message="Upgrading system configurations related to $app..." --weight=1 + +# Create a dedicated NGINX config +ynh_add_nginx_config # Create a dedicated systemd config ynh_add_systemd_config - -#================================================= -# GENERIC FINALIZATION -#================================================= -# SETUP LOGROTATE -#================================================= -ynh_script_progression --message="Upgrading logrotate configuration..." --weight=2 +yunohost service add $app --description="Armadietto run a remotestorage server as service" --log="/var/log/$app/$app.log" # Use logrotate to manage app-specific logfile(s) ynh_use_logrotate --non-append -#================================================= -# INTEGRATE SERVICE IN YUNOHOST -#================================================= -ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 - -yunohost service add $app --description="Armadietto run a remotestorage server as service" --log="/var/log/$app/$app.log" - #================================================= # START SYSTEMD SERVICE #================================================= @@ -185,13 +99,6 @@ ynh_script_progression --message="Starting a systemd service..." --weight=1 ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." --weight=2 - -ynh_systemd_action --service_name=nginx --action=reload - #================================================= # END OF SCRIPT #================================================= diff --git a/tests.toml b/tests.toml new file mode 100644 index 0000000..1ef3e92 --- /dev/null +++ b/tests.toml @@ -0,0 +1,12 @@ +#:schema https://raw.githubusercontent.com/YunoHost/apps/master/schemas/tests.v1.schema.json + +test_format = 1.0 + +[default] + + args.public_key = "" + # ------------------------------- + # Commits to test upgrade from + # ------------------------------- + + test_upgrade_from.75b669baf73a507c9b22baf3280529cf7c1ee242.name= "0.0.2~ynh6" From 747f17e2941d59aea1174085fe9d054c69208bf7 Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Fri, 5 Jan 2024 14:28:13 +0000 Subject: [PATCH 2/5] Auto-update README --- README.md | 33 --------------------------------- README_fr.md | 33 --------------------------------- 2 files changed, 66 deletions(-) diff --git a/README.md b/README.md index c42e77e..676990f 100644 --- a/README.md +++ b/README.md @@ -44,39 +44,6 @@ This option can be enabled in the configuration panel. ![Screenshot of Armadietto](./doc/screenshots/armadietto-welcome.png) ![Screenshot of Armadietto](./doc/screenshots/armadietto-signup.png) -## Disclaimers / important information - -### :warning: WARNING -The Armadietto_ynh package is still under development, so you should expect some undocumented changes before it is labeled stable. - -### :information_source: Security considerations from [Armadietto](https://github.com/remotestorage/armadietto/) : - -> #### **Storage security** -> -> In production, we recommend that you restrict access to the files managed by your armadietto server as much as possible. This is particularly true if you host your storage on a machine with other web applications; you need to protect your files in the event that one of those apps is exploited. -> -> You should take these steps to keep your storage safe: -> -> - Pick a unique Unix user to run your server process; no other process on the box should run as this user: sudo useradd armadietto --system --no-create-home -> -> - Do not run other applications as root, or as any user that could access files owned by your armadietto user -> -> - Make sure the directory path/to/storage cannot be read, written or executed by anyone but this user: sudo chmod 0700 /path/to/storage && sudo chown armadietto /path/to/storage -> -> - Do not run armadietto as root; if you need to bind to port 80 or 443 use a reverse proxy like nginx, Apache2, caddy, lighttpd or enable bind capability: setcap 'cap_net_bind_service=+ep' `which armadietto` -> -> - Ideally, run your storage inside a container or on a dedicated machine - -
- -### **Important Notes** - -- RemoteStorage requires a dedicated domain, so obtain one and add it using the YunoHost admin panel. **Domains -> Add domain**. -- As RemoteStorage uses the full domain and is installed on the root, you can create a subdomain such as remote.domain.tld. -- Don't forget to update your DNS if you manage them manually. - -- RemoteStorage requires browser-approved SSL certificates. If you have certificates not issued by [Let's Encrypt](https://letsencrypt.org/), install them manually as usual. - ## Documentation and resources * Official app website: diff --git a/README_fr.md b/README_fr.md index 690dd3e..a48ee31 100644 --- a/README_fr.md +++ b/README_fr.md @@ -44,39 +44,6 @@ Cette option peut être activée via le panneau de configutration. ![Capture d’écran de Armadietto](./doc/screenshots/armadietto-welcome.png) ![Capture d’écran de Armadietto](./doc/screenshots/armadietto-signup.png) -## Avertissements / informations importantes - -### :warning: WARNING -Le paquet Armadietto_ynh est toujours en cours de développement, vous devez donc vous attendre à d'éventuels changements non documentés avant qu'il ne soit qualifié de stable. - -### :information_source: Considérations sur la sécurité de [Armadietto](https://github.com/remotestorage/armadietto/) : - -> #### **Sécurité du stockage** -> -> En production, nous vous recommandons de restreindre autant que possible l'accès aux fichiers gérés par votre serveur armadietto. Ceci est particulièrement vrai si vous hébergez votre stockage sur une machine avec d'autres applications web ; vous devez protéger vos fichiers dans le cas où l'une de ces applications serait exploitée. -> -> Vous devez prendre les mesures suivantes pour assurer la sécurité de votre stockage : -> -> - Choisissez un utilisateur Unix unique pour exécuter votre processus serveur ; aucun autre processus sur la machine ne doit être exécuté sous cet utilisateur : sudo useradd armadietto --system --no-create-home -> -> - Ne lancez pas d'autres applications en tant que root, ou en tant qu'utilisateur qui pourrait accéder à des fichiers appartenant à votre utilisateur armadietto. -> -> - Assurez-vous que le répertoire path/to/storage ne peut être lu, écrit ou exécuté par personne d'autre que cet utilisateur : sudo chmod 0700 /path/to/storage && sudo chown armadietto /path/to/storage -> -> - Ne lancez pas armadietto en tant que root ; si vous avez besoin de vous lier au port 80 ou 443, utilisez un reverse proxy comme nginx, Apache2, caddy, lighttpd ou activez la capacité de liaison : setcap 'cap_net_bind_service=+ep' `which armadietto`. -> -> - Idéalement, exécutez votre stockage dans un conteneur ou sur une machine dédiée. - -
- -### **Notes importantes** - -- RemoteStorage nécessite un domaine dédié, il faut donc en obtenir un et l'ajouter en utilisant le panneau d'administration de YunoHost. **Domaines -> Ajouter un domaine**. -- Comme RemoteStorage utilise le domaine complet et est installé à la racine, vous pouvez créer un sous-domaine tel que remote.domain.tld. -- N'oubliez pas de mettre à jour vos DNS si vous les gérez manuellement. - -- RemoteStorage nécessite des certificats SSL approuvés par le navigateur. Si vous disposez de certificats qui ne sont pas émis par [Let's Encrypt](https://letsencrypt.org/), installez-les manuellement comme d'habitude. - ## Documentations et ressources * Site officiel de l’app : From 64c6ce4e5eefd25640e9fff2feb3f0bcc5a38e8c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?F=C3=A9lix=20Pi=C3=A9dallu?= Date: Fri, 5 Jan 2024 15:42:00 +0100 Subject: [PATCH 3/5] Fix config_panel --- config_panel.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config_panel.toml b/config_panel.toml index b13bd5c..857c103 100644 --- a/config_panel.toml +++ b/config_panel.toml @@ -14,4 +14,4 @@ name = "Settings" yes = '1' no = '' help = "Would you like to allow visitors to register and create an account?" - bind = "signup:/opt/yunohost/__APP__/server.js" \ No newline at end of file + bind = "signup:/var/www/__APP__/server.js" From 66bebfddb0c4c1d27170489399a119f569c08a98 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?F=C3=A9lix=20Pi=C3=A9dallu?= Date: Fri, 5 Jan 2024 15:43:42 +0100 Subject: [PATCH 4/5] Fix linter manifest.toml --- manifest.toml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifest.toml b/manifest.toml index e074c7a..69937bd 100644 --- a/manifest.toml +++ b/manifest.toml @@ -20,8 +20,8 @@ code = "https://github.com/remotestorage/armadietto" yunohost = ">= 11.0.9" architectures = "all" multi_instance = false -ldap = "?" # FIXME: replace with true, false, or "not_relevant". Not to confuse with the "sso" key : the "ldap" key corresponds to wether or not a user *can* login on the app using its YunoHost credentials. -sso = "?" # FIXME: replace with true, false, or "not_relevant". Not to confuse with the "ldap" key : the "sso" key corresponds to wether or not a user is *automatically logged-in* on the app when logged-in on the YunoHost portal. +ldap = false +sso = false disk = "50M" # FIXME: replace with an **estimate** minimum disk requirement. e.g. 20M, 400M, 1G, ... ram.build = "50M" # FIXME: replace with an **estimate** minimum ram requirement. e.g. 50M, 400M, 1G, ... ram.runtime = "50M" # FIXME: replace with an **estimate** minimum ram requirement. e.g. 50M, 400M, 1G, ... From da340df63a85de5a0fcbe58f6f2ab99e06b31321 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?F=C3=A9lix=20Pi=C3=A9dallu?= Date: Fri, 5 Jan 2024 16:24:06 +0100 Subject: [PATCH 5/5] small fixes --- manifest.toml | 6 +++--- scripts/restore | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/manifest.toml b/manifest.toml index 69937bd..2128307 100644 --- a/manifest.toml +++ b/manifest.toml @@ -22,9 +22,9 @@ architectures = "all" multi_instance = false ldap = false sso = false -disk = "50M" # FIXME: replace with an **estimate** minimum disk requirement. e.g. 20M, 400M, 1G, ... -ram.build = "50M" # FIXME: replace with an **estimate** minimum ram requirement. e.g. 50M, 400M, 1G, ... -ram.runtime = "50M" # FIXME: replace with an **estimate** minimum ram requirement. e.g. 50M, 400M, 1G, ... +disk = "50M" +ram.build = "500M" +ram.runtime = "100M" [install] [install.domain] diff --git a/scripts/restore b/scripts/restore index 3236863..a1d1a29 100755 --- a/scripts/restore +++ b/scripts/restore @@ -37,7 +37,7 @@ chown -R $app:$app "$data_dir" #================================================= # REINSTALL DEPENDENCIES #================================================= -#REMOVEME? ynh_script_progression --message="Reinstalling dependencies..." --weight=21 +ynh_script_progression --message="Reinstalling NodeJS..." --weight=21 # Define and install dependencies ynh_install_nodejs --nodejs_version="$NODEJS_VERSION"