From 9e79240c217c76ecbb785f07a1f4a069b38ed789 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?E=CC=81ric=20Gaspar?=
 <46165813+ericgaspar@users.noreply.github.com>
Date: Sun, 14 May 2023 12:52:06 +0200
Subject: [PATCH] fix

---
 conf/systemd.service | 53 --------------------------------------------
 scripts/change_url   | 18 ---------------
 scripts/install      | 16 +------------
 scripts/remove       |  9 --------
 scripts/restore      |  8 -------
 scripts/upgrade      | 19 +---------------
 6 files changed, 2 insertions(+), 121 deletions(-)
 delete mode 100644 conf/systemd.service

diff --git a/conf/systemd.service b/conf/systemd.service
deleted file mode 100644
index ddffa87..0000000
--- a/conf/systemd.service
+++ /dev/null
@@ -1,53 +0,0 @@
-[Unit]
-Description=ChatGPT-web
-After=network.target
-
-[Service]
-Type=simple
-User=__APP__
-Group=__APP__
-WorkingDirectory=__INSTALL_DIR__/
-Environment="PATH=__ENV_PATH__"
-Environment="NODE_ENV=production"
-ExecStart=__YNH_NPM__ run build
-Restart=on-failure
-RestartSec=5
-StartLimitInterval=60s
-StartLimitBurst=3
-
-# Sandboxing options to harden security
-# Depending on specificities of your service/app, you may need to tweak these
-# .. but this should be a good baseline
-# Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html
-NoNewPrivileges=yes
-PrivateTmp=yes
-PrivateDevices=yes
-RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 AF_NETLINK
-RestrictNamespaces=yes
-RestrictRealtime=yes
-DevicePolicy=closed
-ProtectClock=yes
-ProtectHostname=yes
-ProtectProc=invisible
-ProtectSystem=full
-ProtectControlGroups=yes
-ProtectKernelModules=yes
-ProtectKernelTunables=yes
-LockPersonality=yes
-SystemCallArchitectures=native
-SystemCallFilter=~@clock @debug @module @mount @obsolete @reboot @setuid @swap @cpu-emulation @privileged
-
-# Denying access to capabilities that should not be relevant for webapps
-# Doc: https://man7.org/linux/man-pages/man7/capabilities.7.html
-CapabilityBoundingSet=~CAP_RAWIO CAP_MKNOD
-CapabilityBoundingSet=~CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE
-CapabilityBoundingSet=~CAP_SYS_BOOT CAP_SYS_TIME CAP_SYS_MODULE CAP_SYS_PACCT
-CapabilityBoundingSet=~CAP_LEASE CAP_LINUX_IMMUTABLE CAP_IPC_LOCK
-CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_WAKE_ALARM
-CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG
-CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE
-CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW
-CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG
-
-[Install]
-WantedBy=multi-user.target
diff --git a/scripts/change_url b/scripts/change_url
index ae914ad..4ba8cf7 100644
--- a/scripts/change_url
+++ b/scripts/change_url
@@ -9,15 +9,6 @@
 source _common.sh
 source /usr/share/yunohost/helpers
 
-#=================================================
-# STANDARD MODIFICATIONS
-#=================================================
-# STOP SYSTEMD SERVICE
-#=================================================
-ynh_script_progression --message="Stopping a systemd service..." --weight=1
-
-ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log"
-
 #=================================================
 # MODIFY URL IN NGINX CONF
 #=================================================
@@ -25,15 +16,6 @@ ynh_script_progression --message="Updating NGINX web server configuration..." --
 
 ynh_change_url_nginx_config
 
-#=================================================
-# GENERIC FINALISATION
-#=================================================
-# START SYSTEMD SERVICE
-#=================================================
-ynh_script_progression --message="Starting a systemd service..." --weight=1
-
-ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
-
 #=================================================
 # END OF SCRIPT
 #=================================================
diff --git a/scripts/install b/scripts/install
index 6584f75..e8cf7d2 100755
--- a/scripts/install
+++ b/scripts/install
@@ -36,12 +36,6 @@ ynh_script_progression --message="Adding system configurations related to $app..
 # Create a dedicated NGINX config using the conf/nginx.conf template
 ynh_add_nginx_config
 
-# Create a dedicated systemd config
-env_path="$PATH"
-ynh_add_systemd_config
-
-yunohost service add $app --description="ChatGPT web interface" --log="/var/log/$app/$app.log"
-
 #=================================================
 # APP INITIAL CONFIGURATION
 #=================================================
@@ -64,17 +58,9 @@ ynh_script_progression --message="Building app... (this will take some time and
 pushd "$install_dir"
 	ynh_use_nodejs
 	ynh_exec_warn_less sudo -u $app env $ynh_node_load_PATH npm ci
-	#ynh_exec_warn_less sudo -u $app env $ynh_node_load_PATH npm run build
+	ynh_exec_warn_less sudo -u $app env $ynh_node_load_PATH npm run build
 popd
 
-#=================================================
-# START SYSTEMD SERVICE
-#=================================================
-ynh_script_progression --message="Starting a systemd service..." --weight=1
-
-# Start a systemd service
-ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
-
 #=================================================
 # END OF SCRIPT
 #=================================================
diff --git a/scripts/remove b/scripts/remove
index c6023fa..6d79bce 100755
--- a/scripts/remove
+++ b/scripts/remove
@@ -16,15 +16,6 @@ source /usr/share/yunohost/helpers
 #=================================================
 ynh_script_progression --message="Removing system configurations related to $app..." --weight=1
 
-# Remove the service from the list of services known by YunoHost (added from `yunohost service add`)
-if ynh_exec_warn_less yunohost service status $app >/dev/null
-then
-	ynh_script_progression --message="Removing $app service integration..." --weight=1
-	yunohost service remove $app
-fi
-
-ynh_remove_systemd_config
-
 ynh_remove_nginx_config
 
 ynh_remove_nodejs
diff --git a/scripts/restore b/scripts/restore
index 7dde3fa..4dad23d 100755
--- a/scripts/restore
+++ b/scripts/restore
@@ -28,11 +28,6 @@ ynh_script_progression --message="Restoring system configurations related to $ap
 
 ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
 
-ynh_restore_file --origin_path="/etc/systemd/system/$app.service"
-systemctl enable $app.service --quiet
-
-yunohost service add $app --description="ChatGPT web interface" --log="/var/log/$app/$app.log"
-
 #=================================================
 # GENERIC FINALIZATION
 #=================================================
@@ -40,9 +35,6 @@ yunohost service add $app --description="ChatGPT web interface" --log="/var/log/
 #=================================================
 ynh_script_progression --message="Reloading NGINX web server and $app's service..." --weight=1
 
-# Typically you only have either $app or php-fpm but not both at the same time...
-ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
-
 ynh_systemd_action --service_name=nginx --action=reload
 
 #=================================================
diff --git a/scripts/upgrade b/scripts/upgrade
index 83b6a6f..c381e5b 100755
--- a/scripts/upgrade
+++ b/scripts/upgrade
@@ -11,13 +11,6 @@ source /usr/share/yunohost/helpers
 
 upgrade_type=$(ynh_check_app_version_changed)
 
-#=================================================
-# STOP SYSTEMD SERVICE
-#=================================================
-ynh_script_progression --message="Stopping a systemd service..." --weight=1
-
-ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log"
-
 #=================================================
 # "REBUILD" THE APP (DEPLOY NEW SOURCES, RERUN NPM BUILD...)
 #=================================================
@@ -41,24 +34,14 @@ ynh_script_progression --message="Upgrading system configurations related to $ap
 
 ynh_add_nginx_config
 
-env_path="$PATH"
-ynh_add_systemd_config
-
 yunohost service add $app --description="ChatGPT web interface" --log="/var/log/$app/$app.log"
 
 pushd "$install_dir"
 	ynh_use_nodejs
 	ynh_exec_warn_less sudo -u $app env $ynh_node_load_PATH npm ci
-	#ynh_exec_warn_less sudo -u $app env $ynh_node_load_PATH npm run build
+	ynh_exec_warn_less sudo -u $app env $ynh_node_load_PATH npm run build
 popd
 
-#=================================================
-# START SYSTEMD SERVICE
-#=================================================
-ynh_script_progression --message="Starting a systemd service..." --weight=1
-
-ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
-
 #=================================================
 # END OF SCRIPT
 #=================================================