diff --git a/conf/nginx.conf b/conf/nginx.conf index d2b485e..bd2ced4 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,9 +1,5 @@ location __PATH__ { - if ($scheme = http) { - rewrite ^ https://$server_name$request_uri? permanent; - } - proxy_pass http://127.0.0.1:__PORT__; proxy_set_header Host $host; diff --git a/conf/server.js b/conf/server.js index 5531073..36a85aa 100644 --- a/conf/server.js +++ b/conf/server.js @@ -19,7 +19,7 @@ server = new Armadietto({ key: '/etc/yunohost/certs/__DOMAIN__/key.pem' }, allow: { - signup: __SIGNUP__ + signup: __IS_SIGNUP__ }, cacheViews: false }); diff --git a/manifest.json b/manifest.json index 02aaaf8..da59dd8 100644 --- a/manifest.json +++ b/manifest.json @@ -3,8 +3,8 @@ "id": "armadietto", "packaging_format": 1, "description": { - "en": "Armadietto is a remoteStorage server written for Node.js.", - "fr": "Armadietto est un serveur remoteStorage écrit pour node.js." + "en": "RemoteStorage server written for Node.js", + "fr": "Serveur remoteStorage écrit pour node.js" }, "version": "0.0.2-beta.10~ynh2", "url": "https://github.com/remotestorage/armadietto", diff --git a/scripts/install b/scripts/install index f4b26b8..63a1ac3 100755 --- a/scripts/install +++ b/scripts/install @@ -39,8 +39,6 @@ datadir="/home/yunohost.app/${app}/storage" #================================================= ynh_script_progression --message="Validating installation parameters..." --weight=1 -### If the app uses NGINX as web server (written in HTML/PHP in most cases), the final path should be "/var/www/$app". -### If the app provides an internal web server (or uses another application server such as uWSGI), the final path should be "/opt/yunohost/$app" final_path=/opt/yunohost/$app test ! -e "$final_path" || ynh_die --message="This path already contains a folder" @@ -61,7 +59,6 @@ ynh_app_setting_set --app=$app --key=domain --value=$domain ynh_app_setting_set --app=$app --key=path --value=$path_url ynh_app_setting_set --app=$app --key=final_path --value=final_path ynh_app_setting_set --app=$app --key=is_signup --value=$is_signup -ynh_app_setting_set --app=$app --key=datadir --value=$datadir #================================================= # STANDARD MODIFICATIONS @@ -74,14 +71,6 @@ ynh_script_progression --message="Finding an available port..." --weight=1 port=$(ynh_find_port --port=8008) ynh_app_setting_set --app=$app --key=port --value=$port -# Optional: Expose this port publicly -# (N.B.: you only need to do this if the app actually needs to expose the port publicly. -# If you do this and the app doesn't actually need you are CREATING SECURITY HOLES IN THE SERVER !) - -# Open the port -# ynh_script_progression --message="Configuring firewall..." --weight=1 -# ynh_exec_warn_less yunohost firewall allow --no-upnp TCP $port - #================================================= # INSTALL DEPENDENCIES #================================================= @@ -96,8 +85,6 @@ ynh_use_nodejs ynh_script_progression --message="Setting up and create final app path..." --weight=1 ynh_app_setting_set $app final_path $final_path -# Download, check integrity, uncompress and patch the source from app.src -# ynh_setup_source --dest_dir="$final_path" # Create final_path mkdir -p "$final_path" @@ -107,8 +94,6 @@ mkdir -p "$final_path" #================================================= ynh_script_progression --message="Configuring NGINX web server..." --weight=1 -### `ynh_add_nginx_config` will use the file conf/nginx.conf - # Create a dedicated NGINX config ynh_add_nginx_config @@ -138,25 +123,32 @@ ynh_script_progression --message="Configuring a systemd service..." --weight=1 # Create a dedicated systemd config ynh_add_systemd_config +#================================================= +# CREATE DATA DIRECTORY +#================================================= +ynh_script_progression --message="Creating a data directory..." --weight=1 + +datadir="/home/yunohost.app/$app/storage" +ynh_app_setting_set --app=$app --key=datadir --value=$datadir + +mkdir -p $datadir + +chmod 750 "$datadir" +chmod -R o-rwx "$datadir" +chown -R $app:www-data "$datadir" + #================================================= # SETUP ARMADIETTO AS A SERVICE #================================================= ynh_script_progression --message="Configuring armadietto as a service..." --weight=1 # Define armadietto module path -modulepath="$node_version_path/$nodejs_version/lib/node_modules/armadietto/lib" +module_path="$node_version_path/$nodejs_version/lib/node_modules/armadietto/lib" -# Create app data folder -mkdir -p "$datadir" +ynh_add_config --template="../conf/server.js" --destination="$final_path/server.js" -# Using Armadietto as a service in a basic node server -cp -f ../conf/server.js "$final_path/server.js" - -ynh_replace_string --match_string="__MODULE_PATH__" --replace_string="$modulepath" --target_file="$final_path/server.js" -ynh_replace_string --match_string="__DATADIR__" --replace_string="$datadir" --target_file="$final_path/server.js" -ynh_replace_string --match_string="__PORT__" --replace_string="$port" --target_file="$final_path/server.js" -ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$final_path/server.js" -ynh_replace_string --match_string="__SIGNUP__" --replace_string="$is_signup" --target_file="$final_path/server.js" +chmod 400 "$final_path/server.js" +chown $app:$app "$final_path/server.js" #================================================= # INSTALL ARMADIETTO @@ -167,8 +159,6 @@ pushd $final_path ynh_npm -g i armadietto popd -ynh_script_progression --message="Armadietto installed..." - #================================================= # GENERIC FINALIZATION #================================================= @@ -185,8 +175,9 @@ ynh_use_logrotate ynh_script_progression --message="Secure files and directories" --weight=1 # Set permissions to app files -chown -R $app:$app "$final_path" -chmod 0700 $datadir && chown $app:$app $datadir +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" #================================================= # INTEGRATE SERVICE IN YUNOHOST @@ -203,8 +194,6 @@ ynh_script_progression --message="Configuring permissions..." --weight=1 # Make app public if necessary if [ $is_public -eq 1 ] then - # Everyone can access the app. - # The "main" permission is automatically created before the install script. ynh_permission_update --permission="main" --add="visitors" fi diff --git a/scripts/remove b/scripts/remove index 475bcdf..fecfbe5 100755 --- a/scripts/remove +++ b/scripts/remove @@ -45,7 +45,7 @@ ynh_remove_systemd_config #================================================= # REMOVE LOGROTATE CONFIGURATION #================================================= -ynh_script_progression --message="Removing logrotate configuration..." --time --weight=1 +ynh_script_progression --message="Removing logrotate configuration..." --weight=1 # Remove the app-specific logrotate config ynh_remove_logrotate @@ -77,7 +77,6 @@ ynh_script_progression --message="Removing NGINX web server configuration..." -- # Remove the dedicated NGINX config ynh_remove_nginx_config - #================================================= # REMOVE DEPENDENCIES #================================================= @@ -85,34 +84,6 @@ ynh_script_progression --message="Removing dependencies..." --weight=1 ynh_remove_nodejs --nodejs_version=$NODEJS_VERSION -#================================================= -# CLOSE A PORT -#================================================= - -if yunohost firewall list | grep -q "\- $port$" -then - ynh_script_progression --message="Closing port $port..." --weight=1 - ynh_exec_warn_less yunohost firewall disallow TCP $port -fi - -#================================================= -# REMOVE FAIL2BAN CONFIGURATION -#================================================= -# ynh_script_progression --message="Removing Fail2ban configuration..." --weight=1 - -# Remove the dedicated Fail2Ban config -# ynh_remove_fail2ban_config - -#================================================= -# SPECIFIC REMOVE -#================================================= -# REMOVE VARIOUS FILES -#================================================= -ynh_script_progression --message="Removing various files..." --weight=1 - -# Remove a cron file -# ynh_secure_remove --file="" - #================================================= # GENERIC FINALIZATION #================================================= diff --git a/scripts/restore b/scripts/restore index 524f1a7..5bab156 100755 --- a/scripts/restore +++ b/scripts/restore @@ -38,8 +38,7 @@ datadir=$(ynh_app_setting_get --app=$app --key=datadir) #================================================= ynh_script_progression --message="Validating restoration parameters..." --weight=1 -test ! -d $final_path \ - || ynh_die --message="There is already a directory: $final_path " +test ! -d $final_path || ynh_die --message="There is already a directory: $final_path " #================================================= # REINSTALL DEPENDENCIES @@ -98,8 +97,6 @@ pushd $final_path ynh_npm -g i armadietto popd -ynh_script_progression --message="Armadietto reinstalled..." - #================================================= # GENERIC FINALIZATION #================================================= @@ -116,8 +113,9 @@ ynh_use_logrotate ynh_script_progression --message="Secure files and directories" --weight=1 # Set permissions to app files -chown -R $app:$app "$final_path" -chmod 0700 $datadir && chown $app:$app $datadir +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" #================================================= # INTEGRATE SERVICE IN YUNOHOST diff --git a/scripts/upgrade b/scripts/upgrade index bf2f4a7..8ce9174 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -26,12 +26,6 @@ is_signup=$(ynh_app_setting_get --app=$app --key=signup) # CHECK VERSION #================================================= -### This helper will compare the version of the currently installed app and the version of the upstream package. -### $upgrade_type can have 2 different values -### - UPGRADE_APP if the upstream app version has changed -### - UPGRADE_PACKAGE if only the YunoHost package has changed -### ynh_check_app_version_changed will stop the upgrade if the app is up to date. -### UPGRADE_APP should be used to upgrade the core app only if there's an upgrade to do. upgrade_type=$(ynh_check_app_version_changed) #================================================= @@ -113,7 +107,7 @@ ynh_use_nodejs #================================================= # ADD A CONFIGURATION #================================================= -ynh_script_progression --message="Adding a configuration file..." +ynh_script_progression --message="Adding a configuration file..." --weight=1 ynh_add_config --template="../conf/config.sample.yml" --destination="$final_path/config.yml" @@ -126,19 +120,12 @@ chown $app:$app "$final_path/config.yml" ynh_script_progression --message="Configuring armadietto as a service..." --weight=1 # Define armadietto module path -modulepath="$node_version_path/$nodejs_version/lib/node_modules/armadietto/lib" +module_path="$node_version_path/$nodejs_version/lib/node_modules/armadietto/lib" -# Create app data folder -mkdir -p "$datadir" +ynh_add_config --template="../conf/server.js" --destination="$final_path/server.js" -# Using Armadietto as a service in a basic node server -cp -f ../conf/server.js "$final_path/server.js" - -ynh_replace_string --match_string="__MODULE_PATH__" --replace_string="$modulepath" --target_file="$final_path/server.js" -ynh_replace_string --match_string="__DATADIR__" --replace_string="$datadir" --target_file="$final_path/server.js" -ynh_replace_string --match_string="__PORT__" --replace_string="$port" --target_file="$final_path/server.js" -ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$final_path/server.js" -ynh_replace_string --match_string="__SIGNUP__" --replace_string="$is_signup" --target_file="$final_path/server.js" +chmod 400 "$final_path/server.js" +chown $app:$app "$final_path/server.js" #================================================= # UPGRADE ARMADIETTO @@ -150,8 +137,6 @@ then pushd $final_path ynh_npm -g i armadietto popd - - ynh_script_progression --message="Armadietto upgraded..." fi #================================================= @@ -203,8 +188,9 @@ ynh_use_logrotate ynh_script_progression --message="Secure files and directories" --weight=1 # Set permissions to app files -chown -R $app:$app "$final_path" -chmod 0700 $datadir && chown $app:$app $datadir +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" #================================================= # INTEGRATE SERVICE IN YUNOHOST