1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/armadietto_ynh.git synced 2024-09-03 18:06:18 +02:00
armadietto_ynh/scripts/install

238 lines
9.1 KiB
Bash
Executable file

#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
ynh_clean_setup () {
### Remove this function if there's nothing to clean before calling the remove script.
true
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================
domain=$YNH_APP_ARG_DOMAIN
path_url=$YNH_APP_ARG_PATH
is_public=$YNH_APP_ARG_IS_PUBLIC
is_signup=$YNH_APP_ARG_IS_SIGNUP
app=$YNH_APP_INSTANCE_NAME
#=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#=================================================
ynh_script_progression --message="Validating installation parameters..." --weight=1
### If the app uses NGINX as web server (written in HTML/PHP in most cases), the final path should be "/var/www/$app".
### If the app provides an internal web server (or uses another application server such as uWSGI), the final path should be "/opt/yunohost/$app"
final_path=/opt/yunohost/$app
test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
# Only on / directory
if [ "$path_url" != "/" ]; then
ynh_die "Only / is allowed"
fi
# Register (book) web path
ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
ynh_script_progression --message="Storing installation settings..." --weight=1
ynh_app_setting_set --app=$app --key=domain --value=$domain
ynh_app_setting_set --app=$app --key=path --value=$path_url
ynh_app_setting_set --app=$app --key=is_signup --value=$is_signup
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# FIND AND OPEN A PORT
#=================================================
ynh_script_progression --message="Finding an available port..." --weight=1
# Find an available port
port=$(ynh_find_port --port=8008)
ynh_app_setting_set --app=$app --key=port --value=$port
# Optional: Expose this port publicly
# (N.B.: you only need to do this if the app actually needs to expose the port publicly.
# If you do this and the app doesn't actually need you are CREATING SECURITY HOLES IN THE SERVER !)
# Open the port
# ynh_script_progression --message="Configuring firewall..." --weight=1
# ynh_exec_warn_less yunohost firewall allow --no-upnp TCP $port
#=================================================
# INSTALL DEPENDENCIES
#=================================================
ynh_script_progression --message="Installing dependencies..." --weight=4
ynh_install_nodejs --nodejs_version=$NODEJS_VERSION
ynh_use_nodejs
#=================================================
# CHECK AND CREATE FINAL_PATH
#=================================================
ynh_script_progression --message="Setting up and create final app path..." --weight=1
ynh_app_setting_set $app final_path $final_path
# Download, check integrity, uncompress and patch the source from app.src
# ynh_setup_source --dest_dir="$final_path"
# Create final_path
mkdir -p "$final_path"
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring NGINX web server..." --weight=1
### `ynh_add_nginx_config` will use the file conf/nginx.conf
# Create a dedicated NGINX config
ynh_add_nginx_config
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Configuring system user..." --weight=1
# Create a system user
ynh_system_user_create --username=$app --home_dir="$final_path"
#=================================================
# SETUP SYSTEMD
#=================================================
ynh_script_progression --message="Configuring a systemd service..." --weight=1
ynh_replace_string --match_string="__NODEJS_PATH__" --replace_string="$nodejs_path" --target_file="../conf/systemd.service"
ynh_replace_string --match_string="__ENV_PATH__" --replace_string="$PATH" --target_file="../conf/systemd.service"
ynh_replace_string --match_string="__FINALPATH__" --replace_string="$final_path" --target_file="../conf/systemd.service"
# Create a dedicated systemd config
ynh_add_systemd_config
#=================================================
# DEFINE ARMADIETTO OPTIONS & CREATE DIRECTORY FOR DATA
#=================================================
ynh_script_progression --message="Configuring armadietto options..." --weight=1
# Define armadietto module path
modulepath="$node_version_path/$nodejs_version/lib/node_modules/armadietto/lib"
# Define app's data directory
datadir="/home/yunohost.app/${app}/storage"
# Create app folders
mkdir -p "$datadir"
cp -f ../conf/server.js "$final_path/server.js"
ynh_replace_string --match_string="__MODULE_PATH__" --replace_string="$modulepath" --target_file="$final_path/server.js"
ynh_replace_string --match_string="__DATADIR__" --replace_string="$datadir" --target_file="$final_path/server.js"
ynh_replace_string --match_string="__PORT__" --replace_string="$port" --target_file="$final_path/server.js"
ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$final_path/server.js"
ynh_replace_string --match_string="__SIGNUP__" --replace_string="$is_signup" --target_file="$final_path/server.js"
#=================================================
# INSTALL ARMADIETTO
#=================================================
ynh_script_progression --message="Install armadietto with npm..." --weight=1
cd $final_path
npm -g i armadietto
ynh_script_progression --message="Armadietto installed..." --weight=1
#=================================================
# GENERIC FINALIZATION
#=================================================
# SETUP LOGROTATE
#=================================================
ynh_script_progression --message="Configuring log rotation..." --weight=1
# Use logrotate to manage application logfile(s)
ynh_use_logrotate
#=================================================
# SECURE FILES AND DIRECTORIES
#=================================================
ynh_script_progression --message="Secure files and directories" --weight=1
# Set permissions to app files
chown -R $app:$app "$final_path"
chmod 0700 $datadir && chown $app:$app $datadir
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
yunohost service add $app --description="A short description of the app" --log="/var/log/$app/$app.log"
#=================================================
# SETUP FAIL2BAN
#=================================================
# ynh_script_progression --message="Configuring Fail2Ban..." --weight=1
# Create a dedicated Fail2Ban config
# ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login"
#=================================================
# SETUP SSOWAT
#=================================================
ynh_script_progression --message="Configuring permissions..." --weight=1
# Make app public if necessary
if [ $is_public -eq 1 ]
then
# Everyone can access the app.
# The "main" permission is automatically created before the install script.
ynh_permission_update --permission="main" --add="visitors"
fi
### N.B. : the following extra permissions only make sense if your app
### does have for example an admin interface or an API.
# Only the admin can access the admin panel of the app (if the app has an admin panel)
# ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin
# Everyone can access the API part
# We don't want to display the tile in the SSO so we put --show_tile="false"
# And we don't want the YunoHost admin to be able to remove visitors group to this permission, so we put --protected="true"
# ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --show_tile="false" --protected="true"
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# START ARMADIETTO
#=================================================
ynh_script_progression --message="Start armadietto web server..." --weight=1
# Start a systemd service
ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Installation of $app completed" --last