mirror of
https://github.com/YunoHost-Apps/code-server_ynh.git
synced 2024-09-03 18:16:28 +02:00
commit
ba5b838918
22 changed files with 553 additions and 410 deletions
134
.github/workflows/updater.sh
vendored
Executable file
134
.github/workflows/updater.sh
vendored
Executable file
|
@ -0,0 +1,134 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# PACKAGE UPDATING HELPER
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
# This script is meant to be run by GitHub Actions
|
||||||
|
# The YunoHost-Apps organisation offers a template Action to run this script periodically
|
||||||
|
# Since each app is different, maintainers can adapt its contents so as to perform
|
||||||
|
# automatic actions when a new upstream release is detected.
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# FETCHING LATEST RELEASE AND ITS ASSETS
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
# Fetching information
|
||||||
|
current_version=$(cat manifest.json | jq -j '.version|split("~")[0]')
|
||||||
|
repo=$(cat manifest.json | jq -j '.upstream.code|split("https://github.com/")[1]')
|
||||||
|
# Some jq magic is needed, because the latest upstream release is not always the latest version (e.g. security patches for older versions)
|
||||||
|
version=$(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '.[] | select( .prerelease != true ) | .tag_name' | sort -V | tail -1)
|
||||||
|
assets=($(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '[ .[] | select(.tag_name=="'$version'").assets[].browser_download_url ] | join(" ") | @sh' | tr -d "'"))
|
||||||
|
|
||||||
|
# Later down the script, we assume the version has only digits and dots
|
||||||
|
# Sometimes the release name starts with a "v", so let's filter it out.
|
||||||
|
# You may need more tweaks here if the upstream repository has different naming conventions.
|
||||||
|
if [[ ${version:0:1} == "v" || ${version:0:1} == "V" ]]; then
|
||||||
|
version=${version:1}
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Setting up the environment variables
|
||||||
|
echo "Current version: $current_version"
|
||||||
|
echo "Latest release from upstream: $version"
|
||||||
|
echo "VERSION=$version" >> $GITHUB_ENV
|
||||||
|
# For the time being, let's assume the script will fail
|
||||||
|
echo "PROCEED=false" >> $GITHUB_ENV
|
||||||
|
|
||||||
|
# Proceed only if the retrieved version is greater than the current one
|
||||||
|
if ! dpkg --compare-versions "$current_version" "lt" "$version" ; then
|
||||||
|
echo "::warning ::No new version available"
|
||||||
|
exit 0
|
||||||
|
# Proceed only if a PR for this new version does not already exist
|
||||||
|
elif git ls-remote -q --exit-code --heads https://github.com/$GITHUB_REPOSITORY.git ci-auto-update-v$version ; then
|
||||||
|
echo "::warning ::A branch already exists for this update"
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Each release can hold multiple assets (e.g. binaries for different architectures, source code, etc.)
|
||||||
|
echo "${#assets[@]} available asset(s)"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# UPDATE SOURCE FILES
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
# Here we use the $assets variable to get the resources published in the upstream release.
|
||||||
|
# Here is an example for Grav, it has to be adapted in accordance with how the upstream releases look like.
|
||||||
|
|
||||||
|
# Let's loop over the array of assets URLs
|
||||||
|
for asset_url in ${assets[@]}; do
|
||||||
|
|
||||||
|
echo "Handling asset at $asset_url"
|
||||||
|
|
||||||
|
# Assign the asset to a source file in conf/ directory
|
||||||
|
# Here we base the source file name upon a unique keyword in the assets url (arch)
|
||||||
|
# Leave $src empty to ignore the asset
|
||||||
|
case $asset_url in
|
||||||
|
*"linux-amd64.tar.gz")
|
||||||
|
src="amd64"
|
||||||
|
;;
|
||||||
|
*"linux-arm64.tar.gz")
|
||||||
|
src="arm64"
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
src=""
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
# If $src is not empty, let's process the asset
|
||||||
|
if [ ! -z "$src" ]; then
|
||||||
|
|
||||||
|
# Create the temporary directory
|
||||||
|
tempdir="$(mktemp -d)"
|
||||||
|
|
||||||
|
# Download sources and calculate checksum
|
||||||
|
filename=${asset_url##*/}
|
||||||
|
curl --silent -4 -L $asset_url -o "$tempdir/$filename"
|
||||||
|
checksum=$(sha256sum "$tempdir/$filename" | head -c 64)
|
||||||
|
|
||||||
|
# Delete temporary directory
|
||||||
|
rm -rf $tempdir
|
||||||
|
|
||||||
|
# Get extension
|
||||||
|
if [[ $filename == *.tar.gz ]]; then
|
||||||
|
extension=tar.gz
|
||||||
|
else
|
||||||
|
extension=${filename##*.}
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Rewrite source file
|
||||||
|
cat <<EOT > conf/$src.src
|
||||||
|
SOURCE_URL=$asset_url
|
||||||
|
SOURCE_SUM=$checksum
|
||||||
|
SOURCE_SUM_PRG=sha256sum
|
||||||
|
SOURCE_FORMAT=$extension
|
||||||
|
SOURCE_IN_SUBDIR=true
|
||||||
|
SOURCE_FILENAME=
|
||||||
|
SOURCE_EXTRACT=true
|
||||||
|
EOT
|
||||||
|
echo "... conf/$src.src updated"
|
||||||
|
|
||||||
|
else
|
||||||
|
echo "... asset ignored"
|
||||||
|
fi
|
||||||
|
|
||||||
|
done
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# SPECIFIC UPDATE STEPS
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
# Any action on the app's source code can be done.
|
||||||
|
# The GitHub Action workflow takes care of committing all changes after this script ends.
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# GENERIC FINALIZATION
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
# Replace new version in manifest
|
||||||
|
echo "$(jq -s --indent 4 ".[] | .version = \"$version~ynh1\"" manifest.json)" > manifest.json
|
||||||
|
|
||||||
|
# No need to update the README, yunohost-bot takes care of it
|
||||||
|
|
||||||
|
# The Action will proceed only if the PROCEED environment variable is set to true
|
||||||
|
echo "PROCEED=true" >> $GITHUB_ENV
|
||||||
|
exit 0
|
20
README.md
20
README.md
|
@ -17,7 +17,7 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in
|
||||||
|
|
||||||
Run VS Code on your server and access it in the browser
|
Run VS Code on your server and access it in the browser
|
||||||
|
|
||||||
**Shipped version:** 3.11.0~ynh1
|
**Shipped version:** 4.0.1~ynh1
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
@ -27,23 +27,27 @@ Run VS Code on your server and access it in the browser
|
||||||
|
|
||||||
## Disclaimers / important information
|
## Disclaimers / important information
|
||||||
|
|
||||||
|
### Installation
|
||||||
|
|
||||||
|
* The package does not create a dedicated system user, rather during installation you are asked what user you want code-server to run as. **Don't give access to users you don't fully trust!**
|
||||||
|
|
||||||
### Limitations
|
### Limitations
|
||||||
|
|
||||||
* Requires a dedicated domain
|
* Requires a dedicated domain
|
||||||
* Single-user, no LDAP
|
* Single-user, no LDAP
|
||||||
* Subdomains for services on ports (like 8080.code-server-domain.tld) are not supported
|
* Subdomains for services on ports (like 8080.code-server-domain.tld) are not supported
|
||||||
|
|
||||||
### Other info
|
### Extensions
|
||||||
|
|
||||||
* The package does not create a dedicated system user, rather during installation you are asked what user you want code-server to run as. **Don't give access to users you don't fully trust!**
|
This application uses [Open VSX Registry](https://open-vsx.org/). You can change this setting from the web admin config panel.
|
||||||
* You can optionally set a password required to access code-server. **Don't leave this blank if you have allowed public access!**
|
|
||||||
|
See https://coder.com/docs/code-server/latest/FAQ#how-do-i-use-my-own-extensions-marketplace
|
||||||
|
|
||||||
## Documentation and resources
|
## Documentation and resources
|
||||||
|
|
||||||
* Official app website: https://github.com/cdr/code-server
|
* Official user documentation: https://coder.com/docs/code-server/latest/FAQ
|
||||||
* Official user documentation: https://github.com/cdr/code-server/tree/main/docs
|
* Official admin documentation: https://coder.com/docs/code-server/latest
|
||||||
* Official admin documentation: https://github.com/cdr/code-server/tree/main/docs
|
* Upstream app code repository: https://github.com/coder/code-server
|
||||||
* Upstream app code repository: https://github.com/cdr/code-server
|
|
||||||
* YunoHost documentation for this app: https://yunohost.org/app_code-server
|
* YunoHost documentation for this app: https://yunohost.org/app_code-server
|
||||||
* Report a bug: https://github.com/YunoHost-Apps/code-server_ynh/issues
|
* Report a bug: https://github.com/YunoHost-Apps/code-server_ynh/issues
|
||||||
|
|
||||||
|
|
18
README_fr.md
18
README_fr.md
|
@ -13,7 +13,7 @@ Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour
|
||||||
|
|
||||||
Lancez VS Code sur votre serveur et accédez-y depuis votre navigateur
|
Lancez VS Code sur votre serveur et accédez-y depuis votre navigateur
|
||||||
|
|
||||||
**Version incluse :** 3.11.0~ynh1
|
**Version incluse :** 4.0.1~ynh1
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
@ -23,23 +23,21 @@ Lancez VS Code sur votre serveur et accédez-y depuis votre navigateur
|
||||||
|
|
||||||
## Avertissements / informations importantes
|
## Avertissements / informations importantes
|
||||||
|
|
||||||
|
### Installation
|
||||||
|
|
||||||
|
* Le paquet ne crée pas d'utilisateur système dédié; on vous demandera pendant l'installation quel utilisateur vous voulez que cod-serveur éxecute en tant que. **Ne donnez pas accès à des utilisateurs en lesquels vous n'avez pas complètement confiance !**
|
||||||
|
|
||||||
### Limitations
|
### Limitations
|
||||||
|
|
||||||
* Nécessite un domaine dédié
|
* Nécessite un domaine dédié
|
||||||
* Un seul utilisateur seulement, pas de LDAP
|
* Un seul utilisateur seulement, pas de LDAP
|
||||||
* Les sous-domaines pour les services sur les ports (like 8080.code-server-domain.tld) ne sont pas pris en charge
|
* Les sous-domaines pour les services sur les ports (like 8080.code-server-domain.tld) ne sont pas pris en charge
|
||||||
|
|
||||||
### Other info
|
|
||||||
|
|
||||||
* Le paquet ne crée pas d'utilisateur système dédié; on vous demandera pendant l'installation quel utilisateur vous voulez que cod-serveur éxecute en tant que. **Ne donnez pas accès à des utilisateurs en lesquels vous n'avez pas complètement confiance !**
|
|
||||||
* Vous pouvez demander un mot de passe pour accéder à code-server (facultatif). **Ne laissez pas le champ mot-de-passe vide si vous avez permis l'accès public !**
|
|
||||||
|
|
||||||
## Documentations et ressources
|
## Documentations et ressources
|
||||||
|
|
||||||
* Site officiel de l'app : https://github.com/cdr/code-server
|
* Documentation officielle utilisateur : https://coder.com/docs/code-server/latest/FAQ
|
||||||
* Documentation officielle utilisateur : https://github.com/cdr/code-server/tree/main/docs
|
* Documentation officielle de l'admin : https://coder.com/docs/code-server/latest
|
||||||
* Documentation officielle de l'admin : https://github.com/cdr/code-server/tree/main/docs
|
* Dépôt de code officiel de l'app : https://github.com/coder/code-server
|
||||||
* Dépôt de code officiel de l'app : https://github.com/cdr/code-server
|
|
||||||
* Documentation YunoHost pour cette app : https://yunohost.org/app_code-server
|
* Documentation YunoHost pour cette app : https://yunohost.org/app_code-server
|
||||||
* Signaler un bug : https://github.com/YunoHost-Apps/code-server_ynh/issues
|
* Signaler un bug : https://github.com/YunoHost-Apps/code-server_ynh/issues
|
||||||
|
|
||||||
|
|
|
@ -1,26 +1,16 @@
|
||||||
# See here for more information
|
|
||||||
# https://github.com/YunoHost/package_check#syntax-check_process-file
|
|
||||||
|
|
||||||
# Move this file from check_process.default to check_process when you have filled it.
|
|
||||||
|
|
||||||
;; Test complet
|
;; Test complet
|
||||||
; Manifest
|
; Manifest
|
||||||
domain="domain.tld"
|
domain="domain.tld"
|
||||||
admin="john"
|
admin="john"
|
||||||
is_public=1
|
|
||||||
password="pass"
|
|
||||||
extension_service_url=
|
|
||||||
extension_item_url=
|
|
||||||
enable_proposed_api=
|
|
||||||
; Checks
|
; Checks
|
||||||
pkg_linter=1
|
pkg_linter=1
|
||||||
setup_sub_dir=0
|
setup_sub_dir=0
|
||||||
setup_root=1
|
setup_root=1
|
||||||
setup_nourl=0
|
setup_nourl=0
|
||||||
setup_private=1
|
setup_private=0
|
||||||
setup_public=1
|
setup_public=0
|
||||||
upgrade=1
|
upgrade=1
|
||||||
upgrade=0 from_commit=CommitHash
|
upgrade=1 from_commit=9bd092ceafb213964c0bfe135538d91b888f1284
|
||||||
backup_restore=1
|
backup_restore=1
|
||||||
multi_instance=1
|
multi_instance=1
|
||||||
port_already_use=0
|
port_already_use=0
|
||||||
|
@ -29,7 +19,6 @@
|
||||||
Email=
|
Email=
|
||||||
Notification=none
|
Notification=none
|
||||||
;;; Upgrade options
|
;;; Upgrade options
|
||||||
; commit=CommitHash
|
; commit=9bd092ceafb213964c0bfe135538d91b888f1284
|
||||||
name=Name and date of the commit.
|
name=3.11.0~ynh1
|
||||||
manifest_arg=domain=DOMAIN&admin=USER&is_public=1&password=pass&
|
manifest_arg=domain=domain.tld&admin=john&is_public=1&password=pass&extension_service_url=&extension_item_url=&enable_proposed_api=
|
||||||
|
|
||||||
|
|
7
conf/amd64.src
Normal file
7
conf/amd64.src
Normal file
|
@ -0,0 +1,7 @@
|
||||||
|
SOURCE_URL=https://github.com/coder/code-server/releases/download/v4.0.1/code-server-4.0.1-linux-amd64.tar.gz
|
||||||
|
SOURCE_SUM=5fe6d26e9d19e685946f0f392d9c822e5303a800cac3ac54a6a2c26104d239fd
|
||||||
|
SOURCE_SUM_PRG=sha256sum
|
||||||
|
SOURCE_FORMAT=tar.gz
|
||||||
|
SOURCE_IN_SUBDIR=true
|
||||||
|
SOURCE_FILENAME=
|
||||||
|
SOURCE_EXTRACT=true
|
7
conf/arm64.src
Normal file
7
conf/arm64.src
Normal file
|
@ -0,0 +1,7 @@
|
||||||
|
SOURCE_URL=https://github.com/coder/code-server/releases/download/v4.0.1/code-server-4.0.1-linux-amd64.tar.gz
|
||||||
|
SOURCE_SUM=5fe6d26e9d19e685946f0f392d9c822e5303a800cac3ac54a6a2c26104d239fd
|
||||||
|
SOURCE_SUM_PRG=sha256sum
|
||||||
|
SOURCE_FORMAT=tar.gz
|
||||||
|
SOURCE_IN_SUBDIR=true
|
||||||
|
SOURCE_FILENAME=
|
||||||
|
SOURCE_EXTRACT=true
|
|
@ -1,2 +1 @@
|
||||||
SERVICE_URL=__EXTENSION_SERVICE_URL__
|
EXTENSIONS_GALLERY='__EXTENSIONS_GALLERY__'
|
||||||
ITEM_URL=__EXTENSION_ITEM_URL__
|
|
||||||
|
|
|
@ -1,9 +1,7 @@
|
||||||
bind-addr: 127.0.0.1:__PORT__
|
bind-addr: 127.0.0.1:__PORT__
|
||||||
auth: __AUTH__
|
auth: __AUTH__
|
||||||
hashed-password: __HASHED_PASSWORD__
|
|
||||||
cert: false
|
cert: false
|
||||||
disable-telemetry: true
|
disable-telemetry: true
|
||||||
disable-update-check: true
|
disable-update-check: true
|
||||||
user-data-dir: __DATA_PATH__/user-data
|
user-data-dir: __DATADIR__/user-data
|
||||||
extensions-dir: __DATA_PATH__/extensions
|
extensions-dir: __DATADIR__/extensions
|
||||||
__ENABLE_PROPOSED_API_STRING__
|
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
[Unit]
|
[Unit]
|
||||||
Description=Run VS Code on your server and access it in the browser
|
Description=VS Code Server
|
||||||
After=network.target
|
After=network.target
|
||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
|
@ -8,9 +8,39 @@ User=__ADMIN__
|
||||||
Group=__ADMIN__
|
Group=__ADMIN__
|
||||||
WorkingDirectory=/home/__ADMIN__/
|
WorkingDirectory=/home/__ADMIN__/
|
||||||
EnvironmentFile=__FINALPATH__/code-server.env
|
EnvironmentFile=__FINALPATH__/code-server.env
|
||||||
ExecStart=/usr/bin/env bash -l -c "__FINALPATH__/release-standalone/bin/code-server --config __FINALPATH__/config.yaml"
|
ExecStart=__FINALPATH__/bin/code-server --config __FINALPATH__/config.yaml
|
||||||
StandardOutput=append:/var/log/__APP__/__APP__.log
|
StandardOutput=append:/var/log/__APP__/__APP__.log
|
||||||
StandardError=inherit
|
StandardError=inherit
|
||||||
|
|
||||||
|
# Sandboxing options to harden security
|
||||||
|
# Depending on specificities of your service/app, you may need to tweak these
|
||||||
|
# .. but this should be a good baseline
|
||||||
|
# Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html
|
||||||
|
NoNewPrivileges=yes
|
||||||
|
PrivateTmp=yes
|
||||||
|
PrivateDevices=yes
|
||||||
|
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
|
||||||
|
RestrictNamespaces=yes
|
||||||
|
RestrictRealtime=yes
|
||||||
|
DevicePolicy=closed
|
||||||
|
ProtectSystem=full
|
||||||
|
ProtectControlGroups=yes
|
||||||
|
ProtectKernelModules=yes
|
||||||
|
ProtectKernelTunables=yes
|
||||||
|
LockPersonality=yes
|
||||||
|
SystemCallFilter=~@clock @debug @module @mount @obsolete @reboot @setuid @swap
|
||||||
|
|
||||||
|
# Denying access to capabilities that should not be relevant for webapps
|
||||||
|
# Doc: https://man7.org/linux/man-pages/man7/capabilities.7.html
|
||||||
|
CapabilityBoundingSet=~CAP_RAWIO CAP_MKNOD
|
||||||
|
CapabilityBoundingSet=~CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE
|
||||||
|
CapabilityBoundingSet=~CAP_SYS_BOOT CAP_SYS_TIME CAP_SYS_MODULE CAP_SYS_PACCT
|
||||||
|
CapabilityBoundingSet=~CAP_LEASE CAP_LINUX_IMMUTABLE CAP_IPC_LOCK
|
||||||
|
CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_WAKE_ALARM
|
||||||
|
CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG
|
||||||
|
CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE
|
||||||
|
CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW
|
||||||
|
CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG
|
||||||
|
|
||||||
[Install]
|
[Install]
|
||||||
WantedBy=multi-user.target
|
WantedBy=multi-user.target
|
||||||
|
|
44
config_panel.toml
Normal file
44
config_panel.toml
Normal file
|
@ -0,0 +1,44 @@
|
||||||
|
version = "1.0"
|
||||||
|
|
||||||
|
## (optional) i18n property let you internationalize questions, however this feature
|
||||||
|
## is only available in core configuration panel (like yunohost domain config).
|
||||||
|
## So in app config panel this key is ignored for now, but you can internationalize
|
||||||
|
## by using a lang dictionary (see property name bellow)
|
||||||
|
# i18n = "prefix_translation_key"
|
||||||
|
|
||||||
|
[main]
|
||||||
|
name = "Main configuration"
|
||||||
|
services = ["__APP__"]
|
||||||
|
|
||||||
|
[main.auth]
|
||||||
|
name = "Authentication"
|
||||||
|
|
||||||
|
[main.auth.auth]
|
||||||
|
ask = "Auth type"
|
||||||
|
type = "select"
|
||||||
|
choices = ["none", "password"]
|
||||||
|
default = "none"
|
||||||
|
optional = false
|
||||||
|
bind = ":/opt/yunohost/__APP__/config.yaml"
|
||||||
|
|
||||||
|
[main.auth.password]
|
||||||
|
ask = "Password"
|
||||||
|
type = "password"
|
||||||
|
optional = true
|
||||||
|
visible = "auth == 'password'"
|
||||||
|
|
||||||
|
[main.extensions]
|
||||||
|
name = "Extensions"
|
||||||
|
optional = false
|
||||||
|
|
||||||
|
[main.extensions.extensions_gallery]
|
||||||
|
ask = "Extensions Gallery"
|
||||||
|
type = "string"
|
||||||
|
example = "{\"serviceUrl\": \"https://open-vsx.org/vscode/gallery\",\"itemUrl\": \"https://open-vsx.org/vscode/item\"}"
|
||||||
|
optional = false
|
||||||
|
bind = ":/opt/yunohost/__APP__/code-server.env"
|
||||||
|
|
||||||
|
[main.extensions.enable_proposed_api]
|
||||||
|
ask = "Enable Proposed API"
|
||||||
|
type = "tags"
|
||||||
|
optional = true
|
|
@ -1,10 +1,15 @@
|
||||||
|
### Installation
|
||||||
|
|
||||||
|
* The package does not create a dedicated system user, rather during installation you are asked what user you want code-server to run as. **Don't give access to users you don't fully trust!**
|
||||||
|
|
||||||
### Limitations
|
### Limitations
|
||||||
|
|
||||||
* Requires a dedicated domain
|
* Requires a dedicated domain
|
||||||
* Single-user, no LDAP
|
* Single-user, no LDAP
|
||||||
* Subdomains for services on ports (like 8080.code-server-domain.tld) are not supported
|
* Subdomains for services on ports (like 8080.code-server-domain.tld) are not supported
|
||||||
|
|
||||||
### Other info
|
### Extensions
|
||||||
|
|
||||||
* The package does not create a dedicated system user, rather during installation you are asked what user you want code-server to run as. **Don't give access to users you don't fully trust!**
|
This application uses [Open VSX Registry](https://open-vsx.org/). You can change this setting from the web admin config panel.
|
||||||
* You can optionally set a password required to access code-server. **Don't leave this blank if you have allowed public access!**
|
|
||||||
|
See https://coder.com/docs/code-server/latest/FAQ#how-do-i-use-my-own-extensions-marketplace
|
||||||
|
|
|
@ -1,10 +1,9 @@
|
||||||
|
### Installation
|
||||||
|
|
||||||
|
* Le paquet ne crée pas d'utilisateur système dédié; on vous demandera pendant l'installation quel utilisateur vous voulez que cod-serveur éxecute en tant que. **Ne donnez pas accès à des utilisateurs en lesquels vous n'avez pas complètement confiance !**
|
||||||
|
|
||||||
### Limitations
|
### Limitations
|
||||||
|
|
||||||
* Nécessite un domaine dédié
|
* Nécessite un domaine dédié
|
||||||
* Un seul utilisateur seulement, pas de LDAP
|
* Un seul utilisateur seulement, pas de LDAP
|
||||||
* Les sous-domaines pour les services sur les ports (like 8080.code-server-domain.tld) ne sont pas pris en charge
|
* Les sous-domaines pour les services sur les ports (like 8080.code-server-domain.tld) ne sont pas pris en charge
|
||||||
|
|
||||||
### Other info
|
|
||||||
|
|
||||||
* Le paquet ne crée pas d'utilisateur système dédié; on vous demandera pendant l'installation quel utilisateur vous voulez que cod-serveur éxecute en tant que. **Ne donnez pas accès à des utilisateurs en lesquels vous n'avez pas complètement confiance !**
|
|
||||||
* Vous pouvez demander un mot de passe pour accéder à code-server (facultatif). **Ne laissez pas le champ mot-de-passe vide si vous avez permis l'accès public !**
|
|
||||||
|
|
|
@ -6,22 +6,20 @@
|
||||||
"en": "Run VS Code on your server and access it in the browser",
|
"en": "Run VS Code on your server and access it in the browser",
|
||||||
"fr": "Lancez VS Code sur votre serveur et accédez-y depuis votre navigateur"
|
"fr": "Lancez VS Code sur votre serveur et accédez-y depuis votre navigateur"
|
||||||
},
|
},
|
||||||
"version": "3.11.0~ynh1",
|
"version": "4.0.1~ynh1",
|
||||||
"url": "https://github.com/cdr/code-server",
|
"url": "https://github.com/coder/code-server",
|
||||||
"upstream": {
|
"upstream": {
|
||||||
"license": "mit",
|
"license": "MIT",
|
||||||
"website": "https://github.com/cdr/code-server",
|
"admindoc": "https://coder.com/docs/code-server/latest",
|
||||||
"admindoc": "https://github.com/cdr/code-server/tree/main/docs",
|
"userdoc": "https://coder.com/docs/code-server/latest/FAQ",
|
||||||
"userdoc": "https://github.com/cdr/code-server/tree/main/docs",
|
"code": "https://github.com/coder/code-server"
|
||||||
"code": "https://github.com/cdr/code-server"
|
|
||||||
},
|
},
|
||||||
"license": "MIT",
|
"license": "MIT",
|
||||||
"maintainer": {
|
"maintainer": {
|
||||||
"name": "Jules Bertholet",
|
"name": "Tagada"
|
||||||
"email": "jules.bertholet@gmail.com"
|
|
||||||
},
|
},
|
||||||
"requirements": {
|
"requirements": {
|
||||||
"yunohost": ">= 4.1.3"
|
"yunohost": ">= 4.3.1.8"
|
||||||
},
|
},
|
||||||
"multi_instance": true,
|
"multi_instance": true,
|
||||||
"services": [
|
"services": [
|
||||||
|
@ -31,52 +29,11 @@
|
||||||
"install" : [
|
"install" : [
|
||||||
{
|
{
|
||||||
"name": "domain",
|
"name": "domain",
|
||||||
"type": "domain",
|
"type": "domain"
|
||||||
"example": "example.com"
|
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "admin",
|
"name": "admin",
|
||||||
"type": "user",
|
"type": "user"
|
||||||
"example": "johndoe"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "is_public",
|
|
||||||
"type": "boolean",
|
|
||||||
"default": true
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "password",
|
|
||||||
"type": "password",
|
|
||||||
"example": "Choose a password",
|
|
||||||
"optional": true
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "extension_service_url",
|
|
||||||
"type": "string",
|
|
||||||
"ask": {
|
|
||||||
"en": "Choose a custom extension gallery serviceUrl (https://github.com/VSCodium/vscodium/blob/master/DOCS.md#extensions--marketplace)",
|
|
||||||
"fr": "choisir un serviceUrl de galerie d'extensions personnalisé (https://github.com/VSCodium/vscodium/blob/master/DOCS.md#extensions--marketplace)"
|
|
||||||
},
|
|
||||||
"optional": true
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "extension_item_url",
|
|
||||||
"type": "string",
|
|
||||||
"ask": {
|
|
||||||
"en": "Choose a custom extension gallery itemUrl (https://github.com/VSCodium/vscodium/blob/master/DOCS.md#extensions--marketplace)",
|
|
||||||
"fr": "choisir un itemUrl de galerie d'extensions personnalisé (https://github.com/VSCodium/vscodium/blob/master/DOCS.md#extensions--marketplace)"
|
|
||||||
},
|
|
||||||
"optional": true
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "enable_proposed_api",
|
|
||||||
"type": "string",
|
|
||||||
"ask": {
|
|
||||||
"en": "Choose a list of extensions that can access proposed APIs (https://github.com/VSCodium/vscodium/blob/master/DOCS.md#proprietary-extensions)",
|
|
||||||
"fr": "choisir une liste d'extensions qui peuvent accéder aux APIs proposées (https://github.com/VSCodium/vscodium/blob/master/DOCS.md#proprietary-extensions)"
|
|
||||||
},
|
|
||||||
"optional": true,
|
|
||||||
"example": "extension.id, another.extension.id"
|
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
|
@ -4,108 +4,12 @@
|
||||||
# COMMON VARIABLES
|
# COMMON VARIABLES
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
# dependencies used by the app
|
extensions_gallery="{\"serviceUrl\": \"https://open-vsx.org/vscode/gallery\",\"itemUrl\": \"https://open-vsx.org/vscode/item\"}"
|
||||||
pkg_dependencies="git jq build-essential nodejs g++ gettext-base rsync"
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# PERSONAL HELPERS
|
# PERSONAL HELPERS
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
function install_dependencies {
|
|
||||||
ynh_install_app_dependencies $pkg_dependencies
|
|
||||||
ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ stable main" --package="yarn" --key="https://dl.yarnpkg.com/debian/pubkey.gpg"
|
|
||||||
}
|
|
||||||
|
|
||||||
function setup_source {
|
|
||||||
if [ ! -d "$final_path/.git" ]; then
|
|
||||||
git clone https://github.com/cdr/code-server/ "$final_path" --no-checkout 2>&1
|
|
||||||
fi
|
|
||||||
pushd "$final_path"
|
|
||||||
git fetch --all 2>&1
|
|
||||||
git reset --hard 2>&1
|
|
||||||
git checkout c04198697698dc72b5981fd1b70d6ecbd9b22caa 2>&1
|
|
||||||
popd
|
|
||||||
|
|
||||||
ynh_replace_special_string -m "throw new Error('compilation requires 4GB of RAM')" -r "console.log('compilation requires 4GB of RAM')" -f "$final_path/lib/vscode/build/lib/compilation.js"
|
|
||||||
ynh_replace_special_string -m "throw new Error('compilation requires 4GB of RAM')" -r "console.log('compilation requires 4GB of RAM')" -f "$final_path/lib/vscode/build/lib/compilation.ts"
|
|
||||||
|
|
||||||
set_permissions
|
|
||||||
}
|
|
||||||
|
|
||||||
function set_permissions {
|
|
||||||
chown -R root:$admin "$final_path"
|
|
||||||
chmod -R g=u,g-w,o-rwx "$final_path"
|
|
||||||
|
|
||||||
mkdir -p "$data_path"/{user-data,extensions}
|
|
||||||
chown -R $admin:$admin "$data_path"
|
|
||||||
chmod -R g=u,g-w,o-rwx "$data_path"
|
|
||||||
|
|
||||||
mkdir -p "/var/log/$app"
|
|
||||||
chown -R root:root "/var/log/$app"
|
|
||||||
chmod -R g=u,g-w,o-rwx "/var/log/$app"
|
|
||||||
}
|
|
||||||
|
|
||||||
function set_node_vars {
|
|
||||||
ynh_exec_warn_less ynh_install_nodejs --nodejs_version=14
|
|
||||||
ynh_use_nodejs
|
|
||||||
node_path=$nodejs_path:$(sudo -u $admin sh -c 'echo $PATH')
|
|
||||||
}
|
|
||||||
|
|
||||||
function build_app {
|
|
||||||
set_node_vars
|
|
||||||
|
|
||||||
pushd "$final_path"
|
|
||||||
chown -R $admin:$admin "$final_path"
|
|
||||||
sudo -u $admin touch $final_path/.yarnrc
|
|
||||||
sudo -u $admin env "PATH=$node_path" yarn --cache-folder "$final_path/yarn-cache" --use-yarnrc "$final_path/.yarnrc" config set python python3 2>&1
|
|
||||||
sudo -u $admin env "PATH=$node_path" yarn --cache-folder "$final_path/yarn-cache" --use-yarnrc "$final_path/.yarnrc" install 2>&1
|
|
||||||
sudo -u $admin env "PATH=$node_path" yarn --cache-folder "$final_path/yarn-cache" --use-yarnrc "$final_path/.yarnrc" build 2>&1
|
|
||||||
sudo -u $admin env "PATH=$node_path" yarn --cache-folder "$final_path/yarn-cache" --use-yarnrc "$final_path/.yarnrc" build:vscode 2>&1
|
|
||||||
sudo -u $admin env "PATH=$node_path" yarn --cache-folder "$final_path/yarn-cache" --use-yarnrc "$final_path/.yarnrc" release 2>&1
|
|
||||||
cd release
|
|
||||||
sudo -u $admin env "PATH=$node_path" yarn --cache-folder "$final_path/yarn-cache" --use-yarnrc "$final_path/.yarnrc" install --production 2>&1
|
|
||||||
cd ..
|
|
||||||
sudo -u $admin env "PATH=$node_path" yarn --cache-folder "$final_path/yarn-cache" --use-yarnrc "$final_path/.yarnrc" release:standalone 2>&1
|
|
||||||
popd
|
|
||||||
|
|
||||||
set_permissions
|
|
||||||
}
|
|
||||||
|
|
||||||
function add_configs {
|
|
||||||
if [ ! -z "$hashed_password" ]; then
|
|
||||||
auth="password"
|
|
||||||
else
|
|
||||||
auth="none"
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [ ! -z "$enable_proposed_api" ]; then
|
|
||||||
enable_proposed_api_string="enable-proposed-api: [ $enable_proposed_api ]"
|
|
||||||
else
|
|
||||||
enable_proposed_api_string=""
|
|
||||||
fi
|
|
||||||
|
|
||||||
ynh_add_config --template="config.yaml" --destination="$final_path/config.yaml"
|
|
||||||
|
|
||||||
ynh_add_config --template="code-server.env" --destination="$final_path/code-server.env"
|
|
||||||
|
|
||||||
set_permissions
|
|
||||||
}
|
|
||||||
|
|
||||||
function load_settings {
|
|
||||||
app=$YNH_APP_INSTANCE_NAME
|
|
||||||
|
|
||||||
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
|
||||||
data_path=$(ynh_app_setting_get --app=$app --key=data_path)
|
|
||||||
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
|
||||||
path_url=$(ynh_app_setting_get --app=$app --key=path)
|
|
||||||
admin=$(ynh_app_setting_get --app=$app --key=admin)
|
|
||||||
hashed_password=$(ynh_app_setting_get --app=$app --key=hashed_password)
|
|
||||||
extension_service_url=$(ynh_app_setting_get --app=$app --key=extension_service_url)
|
|
||||||
extension_item_url=$(ynh_app_setting_get --app=$app --key=extension_item_url)
|
|
||||||
enable_proposed_api=$(ynh_app_setting_get --app=$app --key=enable_proposed_api)
|
|
||||||
port=$(ynh_app_setting_get --app=$app --key=port)
|
|
||||||
}
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# EXPERIMENTAL HELPERS
|
# EXPERIMENTAL HELPERS
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
|
@ -15,6 +15,7 @@ source /usr/share/yunohost/helpers
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
ynh_clean_setup () {
|
ynh_clean_setup () {
|
||||||
|
### Remove this function if there's nothing to clean before calling the remove script.
|
||||||
true
|
true
|
||||||
}
|
}
|
||||||
# Exit if an error occurs during the execution of the script
|
# Exit if an error occurs during the execution of the script
|
||||||
|
@ -25,7 +26,11 @@ ynh_abort_if_errors
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_print_info --message="Loading installation settings..."
|
ynh_print_info --message="Loading installation settings..."
|
||||||
|
|
||||||
load_settings
|
app=$YNH_APP_INSTANCE_NAME
|
||||||
|
|
||||||
|
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||||
|
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
||||||
|
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# DECLARE DATA AND CONF FILES TO BACKUP
|
# DECLARE DATA AND CONF FILES TO BACKUP
|
||||||
|
@ -39,10 +44,10 @@ ynh_print_info --message="Declaring files to be backed up..."
|
||||||
ynh_backup --src_path="$final_path"
|
ynh_backup --src_path="$final_path"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# BACKUP THE APP DATA DIR
|
# BACKUP THE DATA DIR
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
ynh_backup --src_path="$data_path" --is_big
|
ynh_backup --src_path="$datadir" --is_big
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# BACKUP THE NGINX CONFIGURATION
|
# BACKUP THE NGINX CONFIGURATION
|
||||||
|
@ -50,13 +55,6 @@ ynh_backup --src_path="$data_path" --is_big
|
||||||
|
|
||||||
ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
|
ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# BACKUP FAIL2BAN CONFIGURATION
|
|
||||||
#=================================================
|
|
||||||
|
|
||||||
ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf"
|
|
||||||
ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf"
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# SPECIFIC BACKUP
|
# SPECIFIC BACKUP
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
|
@ -24,14 +24,15 @@ app=$YNH_APP_INSTANCE_NAME
|
||||||
#=================================================
|
#=================================================
|
||||||
# LOAD SETTINGS
|
# LOAD SETTINGS
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Loading installation settings..." --weight=1
|
ynh_script_progression --message="Loading installation settings..." --time --weight=1
|
||||||
|
|
||||||
load_settings
|
# Needed for helper "ynh_add_nginx_config"
|
||||||
|
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP
|
# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=50
|
ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --time --weight=1
|
||||||
|
|
||||||
# Backup the current version of the app
|
# Backup the current version of the app
|
||||||
ynh_backup_before_upgrade
|
ynh_backup_before_upgrade
|
||||||
|
@ -55,21 +56,19 @@ then
|
||||||
change_domain=1
|
change_domain=1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
change_path=0
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# STANDARD MODIFICATIONS
|
# STANDARD MODIFICATIONS
|
||||||
#=================================================
|
#=================================================
|
||||||
# STOP SYSTEMD SERVICE
|
# STOP SYSTEMD SERVICE
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Stopping a systemd service..." --weight=1
|
ynh_script_progression --message="Stopping a systemd service..." --time --weight=1
|
||||||
|
|
||||||
ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log"
|
ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# MODIFY URL IN NGINX CONF
|
# MODIFY URL IN NGINX CONF
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Updating NGINX web server configuration..." --weight=1
|
ynh_script_progression --message="Updating NGINX web server configuration..." --time --weight=1
|
||||||
|
|
||||||
nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
|
nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
|
||||||
|
|
||||||
|
@ -83,19 +82,25 @@ then
|
||||||
ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
|
ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# SPECIFIC MODIFICATIONS
|
||||||
|
#=================================================
|
||||||
|
# ...
|
||||||
|
#=================================================
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# GENERIC FINALISATION
|
# GENERIC FINALISATION
|
||||||
#=================================================
|
#=================================================
|
||||||
# START SYSTEMD SERVICE
|
# START SYSTEMD SERVICE
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Starting a systemd service..." --weight=1
|
ynh_script_progression --message="Starting a systemd service..." --time --weight=1
|
||||||
|
|
||||||
ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" --line_match=" HTTP server listening on "
|
ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# RELOAD NGINX
|
# RELOAD NGINX
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
|
ynh_script_progression --message="Reloading NGINX web server..." --time --weight=1
|
||||||
|
|
||||||
ynh_systemd_action --service_name=nginx --action=reload
|
ynh_systemd_action --service_name=nginx --action=reload
|
||||||
|
|
||||||
|
@ -103,4 +108,4 @@ ynh_systemd_action --service_name=nginx --action=reload
|
||||||
# END OF SCRIPT
|
# END OF SCRIPT
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
ynh_script_progression --message="Change of URL completed for $app" --last
|
ynh_script_progression --message="Change of URL completed for $app" --time --last
|
||||||
|
|
65
scripts/config
Normal file
65
scripts/config
Normal file
|
@ -0,0 +1,65 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# GENERIC STARTING
|
||||||
|
#=================================================
|
||||||
|
# IMPORT GENERIC HELPERS
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
source /usr/share/yunohost/helpers
|
||||||
|
|
||||||
|
ynh_abort_if_errors
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# RETRIEVE ARGUMENTS
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
final_path=$(ynh_app_setting_get $app final_path)
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# SPECIFIC GETTERS FOR TOML SHORT KEY
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
get__password() {
|
||||||
|
echo ""
|
||||||
|
}
|
||||||
|
|
||||||
|
get__enable_proposed_api() {
|
||||||
|
echo "$(awk '/enable-proposed-api:/ {print $2}' $final_path/config.yaml)"
|
||||||
|
}
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# SPECIFIC VALIDATORS FOR TOML SHORT KEYS
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# SPECIFIC SETTERS FOR TOML SHORT KEYS
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
set__password() {
|
||||||
|
if [ $password ]
|
||||||
|
then
|
||||||
|
hashed_password="$(printf "$password" | sha256sum | cut -d' ' -f1)"
|
||||||
|
|
||||||
|
sed -i "/hashed-password:.*/d" "$final_path/config.yaml"
|
||||||
|
|
||||||
|
echo "hashed-password: $hashed_password" >> "$final_path/config.yaml"
|
||||||
|
ynh_store_file_checksum --file="$final_path/config.yaml"
|
||||||
|
|
||||||
|
ynh_app_setting_set $app hashed_password "$hashed_password"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
set__enable_proposed_api() {
|
||||||
|
sed -i "/enable-proposed-api:.*/d" "$final_path/config.yaml"
|
||||||
|
|
||||||
|
echo "enable-proposed-api: $enable_proposed_api" >> "$final_path/config.yaml"
|
||||||
|
ynh_store_file_checksum --file="$final_path/config.yaml"
|
||||||
|
|
||||||
|
ynh_app_setting_set $app enable_proposed_api "$enable_proposed_api"
|
||||||
|
}
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# GENERIC FINALIZATION
|
||||||
|
#=================================================
|
||||||
|
ynh_app_config_run $1
|
107
scripts/install
107
scripts/install
|
@ -24,13 +24,8 @@ ynh_abort_if_errors
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
domain=$YNH_APP_ARG_DOMAIN
|
domain=$YNH_APP_ARG_DOMAIN
|
||||||
path_url='/'
|
|
||||||
admin=$YNH_APP_ARG_ADMIN
|
admin=$YNH_APP_ARG_ADMIN
|
||||||
is_public=$YNH_APP_ARG_IS_PUBLIC
|
auth="none"
|
||||||
password=$YNH_APP_ARG_PASSWORD
|
|
||||||
extension_service_url=$YNH_APP_ARG_EXTENSION_SERVICE_URL
|
|
||||||
extension_item_url=$YNH_APP_ARG_EXTENSION_ITEM_URL
|
|
||||||
enable_proposed_api=$YNH_APP_ARG_ENABLE_PROPOSED_API
|
|
||||||
|
|
||||||
app=$YNH_APP_INSTANCE_NAME
|
app=$YNH_APP_INSTANCE_NAME
|
||||||
|
|
||||||
|
@ -41,31 +36,18 @@ ynh_script_progression --message="Validating installation parameters..." --weigh
|
||||||
|
|
||||||
final_path=/opt/yunohost/$app
|
final_path=/opt/yunohost/$app
|
||||||
test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
|
test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
|
||||||
data_path=/home/yunohost.app/$app
|
|
||||||
test ! -e "$data_path" || ynh_die --message="This path already contains a folder"
|
|
||||||
|
|
||||||
# Register (book) web path
|
# Register (book) web path
|
||||||
ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
|
ynh_webpath_register --app=$app --domain=$domain --path_url="/"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# STORE SETTINGS FROM MANIFEST
|
# STORE SETTINGS FROM MANIFEST
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Storing installation settings..." --weight=1
|
ynh_script_progression --message="Storing installation settings..." --weight=2
|
||||||
|
|
||||||
ynh_app_setting_set --app=$app --key=domain --value=$domain
|
ynh_app_setting_set --app=$app --key=domain --value=$domain
|
||||||
ynh_app_setting_set --app=$app --key=path --value=$path_url
|
|
||||||
ynh_app_setting_set --app=$app --key=admin --value=$admin
|
ynh_app_setting_set --app=$app --key=admin --value=$admin
|
||||||
if [ ! -z "$password" ]; then
|
ynh_app_setting_set --app=$app --key=auth --value=$auth
|
||||||
auth="password"
|
|
||||||
hashed_password="$(printf "$password" | sha256sum | cut -d' ' -f1)"
|
|
||||||
else
|
|
||||||
auth="none"
|
|
||||||
hashed_password=""
|
|
||||||
fi
|
|
||||||
ynh_app_setting_set --app=$app --key=hashed_password --value=$hashed_password
|
|
||||||
ynh_app_setting_set --app=$app --key=extension_service_url --value="$extension_service_url"
|
|
||||||
ynh_app_setting_set --app=$app --key=extension_item_url --value="$extension_item_url"
|
|
||||||
ynh_app_setting_set --app=$app --key=enable_proposed_api --value="$enable_proposed_api"
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# STANDARD MODIFICATIONS
|
# STANDARD MODIFICATIONS
|
||||||
|
@ -75,30 +57,26 @@ ynh_app_setting_set --app=$app --key=enable_proposed_api --value="$enable_propos
|
||||||
ynh_script_progression --message="Finding an available port..." --weight=1
|
ynh_script_progression --message="Finding an available port..." --weight=1
|
||||||
|
|
||||||
# Find an available port
|
# Find an available port
|
||||||
port=$(ynh_find_port --port=8080)
|
port=$(ynh_find_port --port=8095)
|
||||||
ynh_app_setting_set --app=$app --key=port --value=$port
|
ynh_app_setting_set --app=$app --key=port --value=$port
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# INSTALL DEPENDENCIES
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Installing dependencies..." --weight=30
|
|
||||||
|
|
||||||
install_dependencies
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Setting up source files..." --weight=25
|
ynh_script_progression --message="Setting up source files..." --weight=5
|
||||||
|
|
||||||
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
|
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
|
||||||
ynh_app_setting_set --app=$app --key=data_path --value=$data_path
|
# Download, check integrity, uncompress and patch the source from app.src
|
||||||
|
ynh_setup_source --dest_dir="$final_path" --source_id="$YNH_ARCH"
|
||||||
|
|
||||||
setup_source
|
chmod 750 "$final_path"
|
||||||
|
chmod -R o-rwx "$final_path"
|
||||||
|
chown -R root:$admin "$final_path"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# NGINX CONFIGURATION
|
# NGINX CONFIGURATION
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Configuring NGINX web server..." --weight=1
|
ynh_script_progression --message="Configuring NGINX web server..." --weight=5
|
||||||
|
|
||||||
# Create a dedicated NGINX config
|
# Create a dedicated NGINX config
|
||||||
ynh_add_nginx_config
|
ynh_add_nginx_config
|
||||||
|
@ -106,23 +84,42 @@ ynh_add_nginx_config
|
||||||
#=================================================
|
#=================================================
|
||||||
# SPECIFIC SETUP
|
# SPECIFIC SETUP
|
||||||
#=================================================
|
#=================================================
|
||||||
# BUILD APP
|
# ...
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Compiling code-server... (this will take a long time)" --weight=200
|
|
||||||
|
|
||||||
build_app
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# ADD CONFIGURATIONS
|
# CREATE DATA DIRECTORY
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Adding a configuration file..." --weight=1
|
ynh_script_progression --message="Creating a data directory..." --weight=2
|
||||||
|
|
||||||
add_configs
|
datadir=/home/yunohost.app/$app
|
||||||
|
ynh_app_setting_set --app=$app --key=datadir --value=$datadir
|
||||||
|
|
||||||
|
mkdir -p $datadir/{user-data,extensions}
|
||||||
|
|
||||||
|
chmod 750 "$datadir"
|
||||||
|
chmod -R o-rwx "$datadir"
|
||||||
|
chown -R $admin:$admin "$datadir"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# ADD A CONFIGURATION
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Adding a configuration file..." --weight=2
|
||||||
|
|
||||||
|
ynh_add_config --template="config.yaml" --destination="$final_path/config.yaml"
|
||||||
|
|
||||||
|
chmod 440 "$final_path/config.yaml"
|
||||||
|
chown root:$admin "$final_path/config.yaml"
|
||||||
|
|
||||||
|
ynh_add_config --template="code-server.env" --destination="$final_path/code-server.env"
|
||||||
|
|
||||||
|
chmod 440 "$final_path/code-server.env"
|
||||||
|
chown root:$admin "$final_path/code-server.env"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# SETUP SYSTEMD
|
# SETUP SYSTEMD
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Configuring a systemd service..." --weight=1
|
ynh_script_progression --message="Configuring a systemd service..." --weight=2
|
||||||
|
|
||||||
# Create a dedicated systemd config
|
# Create a dedicated systemd config
|
||||||
ynh_add_systemd_config
|
ynh_add_systemd_config
|
||||||
|
@ -132,8 +129,7 @@ ynh_add_systemd_config
|
||||||
#=================================================
|
#=================================================
|
||||||
# SETUP LOGROTATE
|
# SETUP LOGROTATE
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Configuring log rotation..." --weight=1
|
ynh_script_progression --message="Configuring log rotation..." --weight=2
|
||||||
|
|
||||||
# Use logrotate to manage application logfile(s)
|
# Use logrotate to manage application logfile(s)
|
||||||
ynh_use_logrotate
|
ynh_use_logrotate
|
||||||
|
|
||||||
|
@ -142,7 +138,7 @@ ynh_use_logrotate
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
|
ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
|
||||||
|
|
||||||
yunohost service add $app --description="Server for accessing VS Code from the browser" --log="/var/log/$app/$app.log"
|
yunohost service add $app --description="VS Code Server" --log="/var/log/$app/$app.log"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# START SYSTEMD SERVICE
|
# START SYSTEMD SERVICE
|
||||||
|
@ -150,33 +146,20 @@ yunohost service add $app --description="Server for accessing VS Code from the b
|
||||||
ynh_script_progression --message="Starting a systemd service..." --weight=1
|
ynh_script_progression --message="Starting a systemd service..." --weight=1
|
||||||
|
|
||||||
# Start a systemd service
|
# Start a systemd service
|
||||||
ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" --line_match=" HTTP server listening on "
|
ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# SETUP FAIL2BAN
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Configuring Fail2Ban..." --weight=1
|
|
||||||
|
|
||||||
# Create a dedicated Fail2Ban config
|
|
||||||
ynh_add_fail2ban_config --logpath="/var/log/$app/$app.log" --failregex='^Failed login attempt {"xForwardedFor":"<HOST>"'
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# SETUP SSOWAT
|
# SETUP SSOWAT
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Configuring permissions..." --weight=1
|
ynh_script_progression --message="Configuring permissions..." --weight=1
|
||||||
|
|
||||||
# Make app public if necessary
|
ynh_permission_update --permission="main" --remove="all_users"
|
||||||
if [ $is_public -eq 1 ]
|
ynh_permission_update --permission="main" --add=$admin
|
||||||
then
|
|
||||||
# Everyone can access the app.
|
|
||||||
# The "main" permission is automatically created before the install script.
|
|
||||||
ynh_permission_update --permission="main" --add="visitors"
|
|
||||||
fi
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# RELOAD NGINX
|
# RELOAD NGINX
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
|
ynh_script_progression --message="Reloading NGINX web server..." --weight=2
|
||||||
|
|
||||||
ynh_systemd_action --service_name=nginx --action=reload
|
ynh_systemd_action --service_name=nginx --action=reload
|
||||||
|
|
||||||
|
|
|
@ -14,7 +14,12 @@ source /usr/share/yunohost/helpers
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Loading installation settings..." --weight=1
|
ynh_script_progression --message="Loading installation settings..." --weight=1
|
||||||
|
|
||||||
load_settings
|
app=$YNH_APP_INSTANCE_NAME
|
||||||
|
|
||||||
|
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
||||||
|
port=$(ynh_app_setting_get --app=$app --key=port)
|
||||||
|
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||||
|
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# STANDARD REMOVE
|
# STANDARD REMOVE
|
||||||
|
@ -25,7 +30,7 @@ load_settings
|
||||||
# Remove the service from the list of services known by YunoHost (added from `yunohost service add`)
|
# Remove the service from the list of services known by YunoHost (added from `yunohost service add`)
|
||||||
if ynh_exec_warn_less yunohost service status $app >/dev/null
|
if ynh_exec_warn_less yunohost service status $app >/dev/null
|
||||||
then
|
then
|
||||||
ynh_script_progression --message="Removing $app service integration..." --weight=1
|
ynh_script_progression --message="Removing $app service integration..." --weight=2
|
||||||
yunohost service remove $app
|
yunohost service remove $app
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
@ -38,20 +43,12 @@ ynh_script_progression --message="Stopping and removing the systemd service..."
|
||||||
ynh_remove_systemd_config
|
ynh_remove_systemd_config
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# REMOVE DEPENDENCIES
|
# REMOVE LOGROTATE CONFIGURATION
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Removing dependencies..." --weight=5
|
ynh_script_progression --message="Removing logrotate configuration..." --weight=2
|
||||||
|
|
||||||
# Remove metapackage and its dependencies
|
# Remove the app-specific logrotate config
|
||||||
ynh_remove_app_dependencies
|
ynh_remove_logrotate
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# REMOVE NODE.JS
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Removing Node.js version..." --weight=5
|
|
||||||
|
|
||||||
# Remove metapackage and its dependencies
|
|
||||||
ynh_remove_nodejs
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# REMOVE APP MAIN DIR
|
# REMOVE APP MAIN DIR
|
||||||
|
@ -62,12 +59,15 @@ ynh_script_progression --message="Removing app main directory..." --weight=1
|
||||||
ynh_secure_remove --file="$final_path"
|
ynh_secure_remove --file="$final_path"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# REMOVE APP DATA DIR
|
# REMOVE DATA DIR
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Removing app data directory..." --weight=1
|
|
||||||
|
|
||||||
# Remove the app directory securely
|
# Remove the data directory if --purge option is used
|
||||||
ynh_secure_remove --file="$data_path"
|
if [ "${YNH_APP_PURGE:-0}" -eq 1 ]
|
||||||
|
then
|
||||||
|
ynh_script_progression --message="Removing app data directory..." --weight=1
|
||||||
|
ynh_secure_remove --file="$datadir"
|
||||||
|
fi
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# REMOVE NGINX CONFIGURATION
|
# REMOVE NGINX CONFIGURATION
|
||||||
|
@ -77,34 +77,22 @@ ynh_script_progression --message="Removing NGINX web server configuration..." --
|
||||||
# Remove the dedicated NGINX config
|
# Remove the dedicated NGINX config
|
||||||
ynh_remove_nginx_config
|
ynh_remove_nginx_config
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# REMOVE LOGROTATE CONFIGURATION
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Removing logrotate configuration..." --weight=1
|
|
||||||
|
|
||||||
# Remove the app-specific logrotate config
|
|
||||||
ynh_remove_logrotate
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# REMOVE FAIL2BAN CONFIGURATION
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Removing Fail2ban configuration..." --weight=1
|
|
||||||
|
|
||||||
# Remove the dedicated Fail2Ban config
|
|
||||||
ynh_remove_fail2ban_config
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# SPECIFIC REMOVE
|
# SPECIFIC REMOVE
|
||||||
#=================================================
|
#=================================================
|
||||||
# REMOVE VARIOUS FILES
|
# REMOVE VARIOUS FILES
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Removing log files..." --weight=1
|
ynh_script_progression --message="Removing various files..." --weight=1
|
||||||
|
|
||||||
# Remove the log files
|
# Remove the log files
|
||||||
ynh_secure_remove --file="/var/log/$app"
|
ynh_secure_remove --file="/var/log/$app"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# GENERIC FINALIZATION
|
# GENERIC FINALIZATION
|
||||||
|
#=================================================
|
||||||
|
# ...
|
||||||
|
#=================================================
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# END OF SCRIPT
|
# END OF SCRIPT
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
|
@ -15,6 +15,7 @@ source /usr/share/yunohost/helpers
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
ynh_clean_setup () {
|
ynh_clean_setup () {
|
||||||
|
#### Remove this function if there's nothing to clean before calling the remove script.
|
||||||
true
|
true
|
||||||
}
|
}
|
||||||
# Exit if an error occurs during the execution of the script
|
# Exit if an error occurs during the execution of the script
|
||||||
|
@ -23,112 +24,96 @@ ynh_abort_if_errors
|
||||||
#=================================================
|
#=================================================
|
||||||
# LOAD SETTINGS
|
# LOAD SETTINGS
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Loading installation settings..." --weight=1
|
ynh_script_progression --message="Loading installation settings..." --time --weight=1
|
||||||
|
|
||||||
load_settings
|
app=$YNH_APP_INSTANCE_NAME
|
||||||
|
|
||||||
|
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
||||||
|
admin=$(ynh_app_setting_get --app=$app --key=admin)
|
||||||
|
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||||
|
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# CHECK IF THE APP CAN BE RESTORED
|
# CHECK IF THE APP CAN BE RESTORED
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Validating restoration parameters..." --weight=1
|
ynh_script_progression --message="Validating restoration parameters..." --time --weight=1
|
||||||
|
|
||||||
ynh_webpath_available --domain=$domain --path_url=$path_url \
|
|
||||||
|| ynh_die --message="Path not available: ${domain}${path_url}"
|
|
||||||
test ! -d $final_path \
|
test ! -d $final_path \
|
||||||
|| ynh_die --message="There is already a directory: $final_path "
|
|| ynh_die --message="There is already a directory: $final_path "
|
||||||
test ! -d $data_path \
|
ynh_user_exists --username=$admin || ynh_die --message="User $admin doesn't exist "
|
||||||
|| ynh_die --message="There is already a directory: $data_path "
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# STANDARD RESTORATION STEPS
|
# STANDARD RESTORATION STEPS
|
||||||
#=================================================
|
#=================================================
|
||||||
# RESTORE THE NGINX CONFIGURATION
|
# RESTORE THE NGINX CONFIGURATION
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Restoring the NGINX configuration..." --weight=1
|
ynh_script_progression --message="Restoring the NGINX configuration..." --time --weight=1
|
||||||
|
|
||||||
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
|
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# RESTORE THE APP MAIN DIR
|
# RESTORE THE APP MAIN DIR
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Restoring the app main directory..." --weight=1
|
ynh_script_progression --message="Restoring the app main directory..." --time --weight=1
|
||||||
|
|
||||||
ynh_restore_file --origin_path="$final_path"
|
ynh_restore_file --origin_path="$final_path"
|
||||||
|
|
||||||
#=================================================
|
chmod 750 "$final_path"
|
||||||
# RESTORE THE APP DATA DIR
|
chmod -R o-rwx "$final_path"
|
||||||
#=================================================
|
chown -R root:$admin "$final_path"
|
||||||
ynh_script_progression --message="Restoring the app data directory..." --weight=1
|
|
||||||
|
|
||||||
ynh_restore_file --origin_path="$data_path" --not_mandatory
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# RESTORE LOG FILES
|
# RESTORE THE DATA DIRECTORY
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Restoring the log files..." --weight=1
|
ynh_script_progression --message="Restoring the data directory..." --time --weight=1
|
||||||
|
|
||||||
ynh_restore_file --origin_path="/var/log/$app"
|
ynh_restore_file --origin_path="$datadir" --not_mandatory
|
||||||
|
|
||||||
#=================================================
|
mkdir -p $datadir/{user-data,extensions}
|
||||||
# RESTORE FAIL2BAN CONFIGURATION
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Restoring the Fail2Ban configuration..." --weight=1
|
|
||||||
|
|
||||||
ynh_restore_file "/etc/fail2ban/jail.d/$app.conf"
|
chmod 750 "$datadir"
|
||||||
ynh_restore_file "/etc/fail2ban/filter.d/$app.conf"
|
chmod -R o-rwx "$datadir"
|
||||||
ynh_systemd_action --action=restart --service_name=fail2ban
|
chown -R $admin:$admin "$datadir"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# SPECIFIC RESTORATION
|
# SPECIFIC RESTORATION
|
||||||
#=================================================
|
|
||||||
# REINSTALL DEPENDENCIES
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Reinstalling dependencies..." --weight=15
|
|
||||||
|
|
||||||
install_dependencies
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# RESTORE SYSTEMD
|
# RESTORE SYSTEMD
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Restoring the systemd configuration..." --weight=1
|
ynh_script_progression --message="Restoring the systemd configuration..." --time --weight=1
|
||||||
|
|
||||||
ynh_restore_file --origin_path="/etc/systemd/system/$app.service"
|
ynh_restore_file --origin_path="/etc/systemd/system/$app.service"
|
||||||
systemctl enable $app.service --quiet
|
systemctl enable $app.service --quiet
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# INTEGRATE SERVICE IN YUNOHOST
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
|
|
||||||
|
|
||||||
yunohost service add $app --description="Server for accessing VS Code from the browser" --log="/var/log/$app/$app.log"
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# RESTORE THE LOGROTATE CONFIGURATION
|
# RESTORE THE LOGROTATE CONFIGURATION
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Restoring the logrotate configuration..." --weight=1
|
ynh_script_progression --message="Restoring the logrotate configuration..." --time --weight=1
|
||||||
|
|
||||||
|
mkdir -p "/var/log/$app"
|
||||||
|
|
||||||
ynh_restore_file --origin_path="/etc/logrotate.d/$app"
|
ynh_restore_file --origin_path="/etc/logrotate.d/$app"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# SET PERMISSIONS
|
# INTEGRATE SERVICE IN YUNOHOST
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Securing files and directories..." --weight=1
|
ynh_script_progression --message="Integrating service in YunoHost..." --time --weight=1
|
||||||
|
|
||||||
set_permissions
|
yunohost service add $app --description="VS Code Server" --log="/var/log/$app/$app.log"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# START SYSTEMD SERVICE
|
# START SYSTEMD SERVICE
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Starting a systemd service..." --weight=1
|
ynh_script_progression --message="Starting a systemd service..." --time --weight=1
|
||||||
|
|
||||||
ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" --line_match=" HTTP server listening on "
|
ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# GENERIC FINALIZATION
|
# GENERIC FINALIZATION
|
||||||
#=================================================
|
#=================================================
|
||||||
# RELOAD NGINX
|
# RELOAD NGINX AND PHP-FPM
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
|
ynh_script_progression --message="Reloading NGINX web server and PHP-FPM..." --time --weight=1
|
||||||
|
|
||||||
ynh_systemd_action --service_name=nginx --action=reload
|
ynh_systemd_action --service_name=nginx --action=reload
|
||||||
|
|
||||||
|
@ -136,4 +121,4 @@ ynh_systemd_action --service_name=nginx --action=reload
|
||||||
# END OF SCRIPT
|
# END OF SCRIPT
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
ynh_script_progression --message="Restoration completed for $app" --last
|
ynh_script_progression --message="Restoration completed for $app" --time --last
|
||||||
|
|
126
scripts/upgrade
126
scripts/upgrade
|
@ -12,9 +12,19 @@ source /usr/share/yunohost/helpers
|
||||||
#=================================================
|
#=================================================
|
||||||
# LOAD SETTINGS
|
# LOAD SETTINGS
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Loading installation settings..." --weight=1
|
ynh_script_progression --message="Loading installation settings..." --time --weight=1
|
||||||
|
|
||||||
load_settings
|
app=$YNH_APP_INSTANCE_NAME
|
||||||
|
|
||||||
|
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
||||||
|
admin=$(ynh_app_setting_get --app=$app --key=admin)
|
||||||
|
port=$(ynh_app_setting_get --app=$app --key=port)
|
||||||
|
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||||
|
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
|
||||||
|
auth=$(ynh_app_setting_get --app=$app --key=auth)
|
||||||
|
hashed_password=$(ynh_app_setting_get --app=$app --key=hashed_password)
|
||||||
|
enable_proposed_api=$(ynh_app_setting_get --app=$app --key="enable_proposed_api")
|
||||||
|
extensions_gallery=$(ynh_app_setting_get --app=$app --key="extensions_gallery")
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# CHECK VERSION
|
# CHECK VERSION
|
||||||
|
@ -25,7 +35,7 @@ upgrade_type=$(ynh_check_app_version_changed)
|
||||||
#=================================================
|
#=================================================
|
||||||
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
|
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=50
|
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --time --weight=1
|
||||||
|
|
||||||
# Backup the current version of the app
|
# Backup the current version of the app
|
||||||
ynh_backup_before_upgrade
|
ynh_backup_before_upgrade
|
||||||
|
@ -41,60 +51,102 @@ ynh_abort_if_errors
|
||||||
#=================================================
|
#=================================================
|
||||||
# STOP SYSTEMD SERVICE
|
# STOP SYSTEMD SERVICE
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Stopping a systemd service..." --weight=1
|
ynh_script_progression --message="Stopping a systemd service..." --time --weight=1
|
||||||
|
|
||||||
ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log"
|
ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# ENSURE DOWNWARD COMPATIBILITY
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Ensuring downward compatibility..." --time --weight=1
|
||||||
|
|
||||||
|
if ynh_compare_current_package_version -c le -v "3.11.0~ynh1"
|
||||||
|
then
|
||||||
|
extension_service_url=$(ynh_app_setting_get --app=$app --key="extension_service_url")
|
||||||
|
extension_item_url=$(ynh_app_setting_get --app=$app --key="extension_item_url")
|
||||||
|
|
||||||
|
if [ "$extension_service_url" ] && [ "$extension_item_url" ]
|
||||||
|
then
|
||||||
|
extensions_gallery="{\"serviceUrl\": \"$extension_service_url\",\"itemUrl\": \"$extension_item_url\"}"
|
||||||
|
|
||||||
|
ynh_app_setting_set --app=$app --key="extensions_gallery" --value="$extensions_gallery"
|
||||||
|
|
||||||
|
ynh_app_setting_delete --app=$app --key="extension_service_url"
|
||||||
|
ynh_app_setting_delete --app=$app --key="extension_item_url"
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ "$enable_proposed_api" ]
|
||||||
|
then
|
||||||
|
ynh_print_warn --message="Custom enable-proposed-api. You have to enable again them through application config panel."
|
||||||
|
ynh_print_warn --message="enable-proposed-api was set to: $enable_proposed_api"
|
||||||
|
|
||||||
|
ynh_app_setting_delete --app=$app --key="enable_proposed_api"
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ "$hashed_password" ]
|
||||||
|
then
|
||||||
|
auth="password"
|
||||||
|
else
|
||||||
|
auth="none"
|
||||||
|
fi
|
||||||
|
ynh_app_setting_set --app=$app --key="auth" --value=$auth
|
||||||
|
|
||||||
|
ynh_remove_fail2ban_config
|
||||||
|
|
||||||
|
ynh_secure_remove --file=$final_path
|
||||||
|
mkdir -p $final_path
|
||||||
|
fi
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
if [ "$upgrade_type" == "UPGRADE_APP" ]
|
if [ "$upgrade_type" == "UPGRADE_APP" ]
|
||||||
then
|
then
|
||||||
ynh_script_progression --message="Upgrading source files..." --weight=5
|
ynh_script_progression --message="Upgrading source files..." --time --weight=1
|
||||||
|
|
||||||
setup_source
|
# Download, check integrity, uncompress and patch the source from app.src
|
||||||
|
ynh_setup_source --dest_dir="$final_path" --source_id="$YNH_ARCH"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
chmod 750 "$final_path"
|
||||||
|
chmod -R o-rwx "$final_path"
|
||||||
|
chown -R root:$admin "$final_path"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# NGINX CONFIGURATION
|
# NGINX CONFIGURATION
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=1
|
ynh_script_progression --message="Upgrading NGINX web server configuration..." --time --weight=1
|
||||||
|
|
||||||
# Create a dedicated NGINX config
|
# Create a dedicated NGINX config
|
||||||
ynh_add_nginx_config
|
ynh_add_nginx_config
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# UPGRADE DEPENDENCIES
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Upgrading dependencies..." --weight=15
|
|
||||||
|
|
||||||
install_dependencies
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# SPECIFIC UPGRADE
|
# SPECIFIC UPGRADE
|
||||||
#=================================================
|
#=================================================
|
||||||
# BUILD APP
|
# ...
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
if [ "$upgrade_type" == "UPGRADE_APP" ]
|
#=================================================
|
||||||
then
|
# UPDATE A CONFIG FILE
|
||||||
ynh_script_progression --message="Compiling code-server..." --weight=600
|
#=================================================
|
||||||
|
ynh_script_progression --message="Updating a configuration file..." --time --weight=1
|
||||||
|
|
||||||
build_app
|
ynh_add_config --template="config.yaml" --destination="$final_path/config.yaml"
|
||||||
|
ynh_add_config --template="code-server.env" --destination="$final_path/code-server.env"
|
||||||
|
|
||||||
|
if [ "$auth" == "password" ]
|
||||||
|
then
|
||||||
|
echo "hashed-password: $hashed_password" >> "$final_path/config.yaml"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
#=================================================
|
chmod 440 "$final_path/config.yaml" "$final_path/code-server.env"
|
||||||
# UPDATE CONFIG FILES
|
chown root:$admin "$final_path/config.yaml" "$final_path/code-server.env"
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Updating a configuration file..." --weight=1
|
|
||||||
|
|
||||||
add_configs
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# SETUP SYSTEMD
|
# SETUP SYSTEMD
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Upgrading systemd configuration..." --weight=1
|
ynh_script_progression --message="Upgrading systemd configuration..." --time --weight=1
|
||||||
|
|
||||||
# Create a dedicated systemd config
|
# Create a dedicated systemd config
|
||||||
ynh_add_systemd_config
|
ynh_add_systemd_config
|
||||||
|
@ -104,7 +156,7 @@ ynh_add_systemd_config
|
||||||
#=================================================
|
#=================================================
|
||||||
# SETUP LOGROTATE
|
# SETUP LOGROTATE
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Upgrading logrotate configuration..." --weight=1
|
ynh_script_progression --message="Upgrading logrotate configuration..." --time --weight=1
|
||||||
|
|
||||||
# Use logrotate to manage app-specific logfile(s)
|
# Use logrotate to manage app-specific logfile(s)
|
||||||
ynh_use_logrotate --non-append
|
ynh_use_logrotate --non-append
|
||||||
|
@ -112,29 +164,21 @@ ynh_use_logrotate --non-append
|
||||||
#=================================================
|
#=================================================
|
||||||
# INTEGRATE SERVICE IN YUNOHOST
|
# INTEGRATE SERVICE IN YUNOHOST
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
|
ynh_script_progression --message="Integrating service in YunoHost..." --time --weight=1
|
||||||
|
|
||||||
yunohost service add $app --description="Server for accessing VS Code from the browser" --log="/var/log/$app/$app.log"
|
yunohost service add $app --description="VS Code Server" --log="/var/log/$app/$app.log"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# START SYSTEMD SERVICE
|
# START SYSTEMD SERVICE
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Starting a systemd service..." --weight=1
|
ynh_script_progression --message="Starting a systemd service..." --time --weight=1
|
||||||
|
|
||||||
ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" --line_match=" HTTP server listening on "
|
ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# UPGRADE FAIL2BAN
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Reconfiguring Fail2Ban..." --weight=1
|
|
||||||
|
|
||||||
# Create a dedicated Fail2Ban config
|
|
||||||
ynh_add_fail2ban_config --logpath="/var/log/$app/$app.log" --failregex='^Failed login attempt {"xForwardedFor":"<HOST>"'
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# RELOAD NGINX
|
# RELOAD NGINX
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
|
ynh_script_progression --message="Reloading NGINX web server..." --time --weight=1
|
||||||
|
|
||||||
ynh_systemd_action --service_name=nginx --action=reload
|
ynh_systemd_action --service_name=nginx --action=reload
|
||||||
|
|
||||||
|
@ -142,4 +186,4 @@ ynh_systemd_action --service_name=nginx --action=reload
|
||||||
# END OF SCRIPT
|
# END OF SCRIPT
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
ynh_script_progression --message="Upgrade of $app completed" --last
|
ynh_script_progression --message="Upgrade of $app completed" --time --last
|
||||||
|
|
Loading…
Reference in a new issue