YunoHost-Apps/cjdns_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/cjdns_ynh.git synced 2024-09-03 18:16:29 +02:00
Code Issues Activity Actions

improvements

Browse source
This commit is contained in:
dkoukoul 2023-11-29 18:02:26 +02:00
parent 4e82c7a900
commit 60159169da
14 changed files with 53 additions and 418 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
README.md
View file

@ -1,3 +1,3 @@
# cjdns yunohost app
# Cjdns for Yunohost
This is a cjdns app for yunohost.

6
conf/systemd.service
View file

@ -1,12 +1,12 @@
[Unit]
Description=Cjdns network
After=network.target
After=network.target cjdns.service
[Service]
User=root
Group=root
WorkingDirectory=__DATA_DIR__/
ExecStart=/bin/bash -c '__DATA_DIR__/cjdroute < __DATA_DIR__/cjdroute.conf'
WorkingDirectory=__INSTALL_DIR__/
ExecStart=/bin/bash -c '__INSTALL_DIR__/cjdroute < __INSTALL_DIR__/cjdroute.conf'
KillMode=process
Restart=no

6
doc/ADMIN.md Normal file
View file

@ -0,0 +1,6 @@
Security
Upgrading
Other
...

2
doc/DESCRIPTION.md
View file

@ -1,5 +1,3 @@
# cjdns
Networking Reinvented
Cjdns implements an encrypted IPv6 network using public-key cryptography for address allocation and a distributed hash table for routing. This provides near-zero-configuration networking, and prevents many of the security and scalability issues that plague existing networks.

1
doc/PRE_INSTALL.md Normal file
View file

@ -0,0 +1 @@
What you need to know before installing cjdns...

BIN
doc/screenshots/example.jpg
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 35 KiB

BIN
doc/screenshots/screenshot.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 19 KiB

43
manifest.toml
View file

@ -1,34 +1,24 @@
#:schema https://raw.githubusercontent.com/YunoHost/apps/master/schemas/manifest.v2.schema.json
packaging_format = 2
id = "cjdns"
name = "Cjdns network"
description.en = "Cjdns implements an encrypted IPv6 network using public-key cryptography for address allocation and a distributed hash table for routing. This provides near-zero-configuration networking, and prevents many of the security and scalability issues that plague existing networks."
description.fr = "Cjdns est un réseau IPv6 chiffré utilisant des clefs publiques de cryptographie pour l'allocation d'adresses et une table de hashage distribuée pour le routage. Il fournit un réseau quasiment sans configuration et évite la majorité des problèmes de sécurité et de passage à l'échelle (scalability) des réseaux actuels."
name = "Cjdns"
description = "Cjdns encrypted IPv6 network"
version = "1.0~ynh1"
maintainers = ["dkoukoul"]
[upstream]
license = "GPL v3"
website = "https://example.com"
demo = "https://demo.example.com"
admindoc = "https://yunohost.org/packaging_apps"
userdoc = "https://yunohost.org/apps"
code = "https://some.forge.com/example/example"
license = "GPL-3.0"
website = "https://github.com/cjdelisle/cjdns/"
code = "https://github.com/cjdelisle/cjdns/"
[integration]
yunohost = ">= 11.1.21"
# FIXME: can be replaced by a list of supported archs using the dpkg --print-architecture nomenclature (amd64/i386/armhf/arm64), for example: ["amd64", "i386"]
architectures = "amd64"
architectures = ["amd64","arm64"]
multi_instance = false
ldap = "not_relevant"
sso = "not_relevant"
# FIXME: replace with an **estimate** minimum disk and RAM requirements. e.g. 20M, 400M, 1G...
ldap = false
sso = false
disk = "50M"
ram.build = "50M"
ram.runtime = "50M"
@ -36,19 +26,20 @@ ram.runtime = "50M"
[install]
[resources]
# [resources.sources]
# [resources.sources.main]
# url = "https://github.com/dkoukoul/cjdns/releases/download/debian/cjdroute"
# sha256 = "9510c5d8487101b7ec115b09a0770c88643b91b2cd4d1f18c794962ec14463c2"
[resources.sources]
[resources.sources.main]
amd64.url = "https://github.com/dkoukoul/cjdns/releases/download/v22-7/cjdroute_linux_x86_64.tar.gz"
amd64.sha256 = "7385b98a3f7874a1fea14a6afeb9019d3595269b5c3282cb4dea35fc3b4a47ac"
arm64.url = "https://github.com/dkoukoul/cjdns/releases/download/v22-7/cjdroute_linux_arm64.tar.gz"
arm64.sha256 = "8c391e024cc9094f0ec23ac325c2115013757da34fe730d46fc17436cf4773da"
[resources.system_user]
home="/var/www/cjdns"
[resources.install_dir]
[resources.data_dir]
dir="/home/cjdns"
[resources.ports]
# This will pick a random port for reverse-proxying and store it as the $port setting
[resources.apt]
packages = "curl, nodejs, jq"

91
scripts/backup
View file

@ -1,91 +0,0 @@
#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts
source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
#=================================================
# DECLARE DATA AND CONF FILES TO BACKUP
#=================================================
ynh_print_info --message="Declaring files to be backed up..."
### N.B. : the following 'ynh_backup' calls are only a *declaration* of what needs
### to be backuped and not an actual copy of any file. The actual backup that
### creates and fills the archive with the files happens in the core after this
### script is called. Hence ynh_backups calls take basically 0 seconds to run.
#=================================================
# BACKUP THE APP MAIN DIR
#=================================================
ynh_backup --src_path="$install_dir"
#=================================================
# BACKUP THE DATA DIR
#=================================================
# Only relevant if there is a "data_dir" resource for this app
ynh_backup --src_path="$data_dir" --is_big
#=================================================
# BACKUP THE NGINX CONFIGURATION
#=================================================
ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# BACKUP THE PHP-FPM CONFIGURATION
#=================================================
ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
#=================================================
# BACKUP FAIL2BAN CONFIGURATION
#=================================================
ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf"
ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf"
#=================================================
# SPECIFIC BACKUP
#=================================================
# BACKUP LOGROTATE
#=================================================
ynh_backup --src_path="/etc/logrotate.d/$app"
#=================================================
# BACKUP SYSTEMD
#=================================================
ynh_backup --src_path="/etc/systemd/system/$app.service"
#=================================================
# BACKUP VARIOUS FILES
#=================================================
ynh_backup --src_path="/etc/cron.d/$app"
ynh_backup --src_path="/etc/$app/"
#=================================================
# BACKUP THE MYSQL DATABASE
#=================================================
ynh_print_info --message="Backing up the MySQL database..."
### (However, things like MySQL dumps *do* take some time to run, though the
### copy of the generated dump to the archive still happens later)
ynh_mysql_dump_db --database="$db_name" > db.sql
#=================================================
# END OF SCRIPT
#=================================================
ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)."

47
scripts/change_url
View file

@ -1,47 +0,0 @@
#!/bin/bash
#=================================================
# GENERIC STARTING
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# STOP SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Stopping a systemd service..." --weight=1
ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log"
#=================================================
# MODIFY URL IN NGINX CONF
#=================================================
ynh_script_progression --message="Updating NGINX web server configuration..." --weight=1
ynh_change_url_nginx_config
#=================================================
# SPECIFIC MODIFICATIONS
#=================================================
# ...
#=================================================
#=================================================
# GENERIC FINALISATION
#=================================================
# START SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Starting a systemd service..." --weight=1
ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Change of URL completed for $app" --last

35
scripts/install
View file

@ -14,26 +14,25 @@ source /usr/share/yunohost/helpers
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression --message="Downloading cjdns binary..." --weight=1
cd $data_dir
wget https://github.com/dkoukoul/cjdns/releases/download/debian/cjdroute
ynh_script_progression --message="Setting up source files..." --weight=1
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$install_dir"
chmod -R o-rwx "$install_dir"
chown -R $app:www-data "$install_dir"
chmod +x "$install_dir/cjdroute"
# mv $install_dir/cjdroute $data_dir/cjdroute
#=================================================
# SYSTEM CONFIGURATION
# CONFIGURING CJDNS
#=================================================
ynh_script_progression --message="Generating cjdroute configuration file..." --weight=1
ynh_script_progression --message="Configuring cjdns..." --weight=1
chmod +x cjdroute
./cjdroute --genconf | ./cjdroute --cleanconf > cjdroute.conf
echo "Cjdroute configuration file generated"
### echo "Generating seed..."
### echo "/data/cjdroute.conf|$PKTEER_SECRET" | sha256sum | /server/cjdns/cjdroute --genconf-seed
echo "Editing cjdroute configuration file..."
jq '.security[0].setuser = 0' $data_dir/cjdroute.conf > $data_dir/cjdroute.conf.tmp && mv $data_dir/cjdroute.conf.tmp $data_dir/cjdroute.conf
jq '.noBackground = 1' $data_dir/cjdroute.conf > $data_dir/cjdroute.conf.tmp && mv $data_dir/cjdroute.conf.tmp $data_dir/cjdroute.conf
$install_dir/cjdroute --genconf | $install_dir/cjdroute --cleanconf > $install_dir/cjdroute.conf
# Use logrotate to manage application logfile(s)
# ynh_use_logrotate
jq '.security[0].setuser = 0' $install_dir/cjdroute.conf > $install_dir/cjdroute.conf.tmp && mv $install_dir/cjdroute.conf.tmp $install_dir/cjdroute.conf
jq '.noBackground = 1' $install_dir/cjdroute.conf > $install_dir/cjdroute.conf.tmp && mv $install_dir/cjdroute.conf.tmp $install_dir/cjdroute.conf
#=================================================
# SETUP SYSTEMD
@ -43,12 +42,14 @@ ynh_script_progression --message="Configuring cjdns systemd service..."
# Create a dedicated systemd config
ynh_add_systemd_config
# Use logrotate to manage application logfile(s)
ynh_use_logrotate
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrating cjdns service in YunoHost..."
yunohost service add $app --description="$app service"
yunohost service add $app --description="$app service" --log="/var/log/$app/$app.log"
#=================================================
# GENERIC FINALIZATION
@ -58,7 +59,7 @@ yunohost service add $app --description="$app service"
ynh_script_progression --message="Launching cjdns service..." --weight=1
# Start a systemd service
ynh_systemd_action --service_name=$app --action="start"
ynh_systemd_action --service_name=$app --action="start" --log_path="systemd"
#=================================================
# END OF SCRIPT

22
scripts/remove
View file

@ -9,18 +9,6 @@
source _common.sh
source /usr/share/yunohost/helpers
# Settings are automatically loaded as bash variables
# in every app script context, therefore typically these will exist:
# - $domain
# - $path
# - $language
# - $install_dir
# - $port
# ...
# For remove operations :
# - the core will deprovision every resource defined in the manifest **after** this script is ran
# this includes removing the install directory, and data directory (if --purge was used)
#=================================================
# REMOVE SYSTEM CONFIGURATIONS
@ -40,13 +28,17 @@ fi
ynh_remove_systemd_config
ynh_remove_logrotate
# =================================================
# STOP AND REMOVE SERVICE
#=================================================
ynh_script_progression --message="Stopping and removing the systemd service..." --weight=1
systemctl stop cjdns
killall cjdroute
# Remove other various files specific to the app... such as :
ynh_secure_remove --file="/var/log/$app"
ynh_secure_remove --file="$install_dir"
#=================================================
# END OF SCRIPT
#=================================================

81
scripts/restore
View file

@ -1,81 +0,0 @@
#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts
source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
#=================================================
# RESTORE THE APP MAIN DIR
#=================================================
ynh_script_progression --message="Restoring the app main directory..." --weight=1
ynh_restore_file --origin_path="$install_dir"
# $install_dir will automatically be initialized with some decent
# permissions by default ... however, you may need to recursively reapply
# ownership to all files such as after the ynh_setup_source step
chown -R $app:www-data "$install_dir"
#=================================================
# RESTORE THE DATA DIRECTORY
#=================================================
ynh_script_progression --message="Restoring the data directory..." --weight=1
ynh_restore_file --origin_path="$data_dir" --not_mandatory
# (Same as for install dir)
chown -R $app:www-data "$data_dir"
#=================================================
# RESTORE SYSTEM CONFIGURATIONS
#=================================================
# RESTORE THE PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring system configurations related to $app..." --weight=1
# This should be a symetric version of what happens in the install script
ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_restore_file --origin_path="/etc/systemd/system/$app.service"
systemctl enable $app.service --quiet
yunohost service add $app --description="A short description of the app" --log="/var/log/$app/$app.log"
ynh_restore_file --origin_path="/etc/logrotate.d/$app"
ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf"
ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf"
ynh_systemd_action --action=restart --service_name=fail2ban
# Other various files...
ynh_restore_file --origin_path="/etc/cron.d/$app"
ynh_restore_file --origin_path="/etc/$app/"
#=================================================
# GENERIC FINALIZATION
#=================================================
# RELOAD NGINX AND PHP-FPM OR THE APP SERVICE
#=================================================
ynh_script_progression --message="Reloading NGINX web server and $app's service..." --weight=1
# Typically you only have either $app or php-fpm but not both at the same time...
ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
ynh_systemd_action --service_name=php$phpversion-fpm --action=reload
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Restoration completed for $app" --last

135
scripts/upgrade
View file

@ -1,135 +0,0 @@
#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
# Settings are automatically loaded as bash variables
# in every app script context, therefore typically these will exist:
# - $domain
# - $path
# - $language
# - $install_dir
# - $port
# ...
# In the context of upgrade,
# - resources are automatically provisioned / updated / deleted (depending on existing resources)
# - a safety backup is automatically created by the core and will be restored if the upgrade fails
### This helper will compare the version of the currently installed app and the version of the upstream package.
### $upgrade_type can have 2 different values
### - UPGRADE_APP if the upstream app version has changed
### - UPGRADE_PACKAGE if only the YunoHost package has changed
### ynh_check_app_version_changed will stop the upgrade if the app is up to date.
### UPGRADE_APP should be used to upgrade the core app only if there's an upgrade to do.
upgrade_type=$(ynh_check_app_version_changed)
#=================================================
# STANDARD UPGRADE STEPS
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
#ynh_script_progression --message="Ensuring downward compatibility..." --weight=1
#
# N.B. : the following setting migration snippets are provided as *EXAMPLES*
# of what you may want to do in some cases (e.g. a setting was not defined on
# some legacy installs and you therefore want to initiaze stuff during upgrade)
#
# If db_name doesn't exist, create it
#if [ -z "$db_name" ]; then
# db_name=$(ynh_sanitize_dbid --db_name=$app)
# ynh_app_setting_set --app=$app --key=db_name --value=$db_name
#fi
# If install_dir doesn't exist, create it
#if [ -z "$install_dir" ]; then
# install_dir=/var/www/$app
# ynh_app_setting_set --app=$app --key=install_dir --value=$install_dir
#fi
#=================================================
# STOP SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Stopping a systemd service..." --weight=1
ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log"
#=================================================
# "REBUILD" THE APP (DEPLOY NEW SOURCES, RERUN NPM BUILD...)
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
if [ "$upgrade_type" == "UPGRADE_APP" ]
then
ynh_script_progression --message="Upgrading source files..." --weight=1
# Download, check integrity, uncompress and patch the source from manifest.toml
ynh_setup_source --dest_dir="$install_dir"
fi
# $install_dir will automatically be initialized with some decent
# permissions by default ... however, you may need to recursively reapply
# ownership to all files such as after the ynh_setup_source step
chown -R $app:www-data "$install_dir"
#=================================================
# REAPPLY SYSTEM CONFIGURATIONS
#=================================================
ynh_script_progression --message="Upgrading system configurations related to $app..." --weight=1
# This should be a literal copypaste of what happened in the install's "System configuration" section
ynh_add_systemd_config
yunohost service add $app --description="A short description of the app" --log="/var/log/$app/$app.log"
ynh_use_logrotate --non-append
#=================================================
# RECONFIGURE THE APP (UPDATE CONF, APPLY MIGRATIONS...)
#=================================================
# UPDATE A CONFIG FILE
#=================================================
ynh_script_progression --message="Updating a configuration file..." --weight=1
### Same as during install
###
### The file will automatically be backed-up if it's found to be manually modified (because
### ynh_add_config keeps track of the file's checksum)
ynh_add_config --template="some_config_file" --destination="$install_dir/some_config_file"
# FIXME: this should be handled by the core in the future
# You may need to use chmod 600 instead of 400,
# for example if the app is expected to be able to modify its own config
chmod 400 "$install_dir/some_config_file"
chown $app:$app "$install_dir/some_config_file"
### For more complex cases where you want to replace stuff using regexes,
### you shoud rely on ynh_replace_string (which is basically a wrapper for sed)
### When doing so, you also need to manually call ynh_store_file_checksum
###
### ynh_replace_string --match_string="match_string" --replace_string="replace_string" --target_file="$install_dir/some_config_file"
### ynh_store_file_checksum --file="$install_dir/some_config_file"
#=================================================
# START SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Starting a systemd service..." --weight=1
ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Upgrade of $app completed" --last