1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/code-server_ynh.git synced 2024-09-03 18:16:28 +02:00

Merge pull request #8 from Tagadda/upgrade

Upgrade to 4.0.1
This commit is contained in:
Tagada 2022-01-27 16:16:34 +01:00 committed by GitHub
commit cb998fd36d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
22 changed files with 543 additions and 404 deletions

134
.github/workflows/updater.sh vendored Executable file
View file

@ -0,0 +1,134 @@
#!/bin/bash
#=================================================
# PACKAGE UPDATING HELPER
#=================================================
# This script is meant to be run by GitHub Actions
# The YunoHost-Apps organisation offers a template Action to run this script periodically
# Since each app is different, maintainers can adapt its contents so as to perform
# automatic actions when a new upstream release is detected.
#=================================================
# FETCHING LATEST RELEASE AND ITS ASSETS
#=================================================
# Fetching information
current_version=$(cat manifest.json | jq -j '.version|split("~")[0]')
repo=$(cat manifest.json | jq -j '.upstream.code|split("https://github.com/")[1]')
# Some jq magic is needed, because the latest upstream release is not always the latest version (e.g. security patches for older versions)
version=$(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '.[] | select( .prerelease != true ) | .tag_name' | sort -V | tail -1)
assets=($(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '[ .[] | select(.tag_name=="'$version'").assets[].browser_download_url ] | join(" ") | @sh' | tr -d "'"))
# Later down the script, we assume the version has only digits and dots
# Sometimes the release name starts with a "v", so let's filter it out.
# You may need more tweaks here if the upstream repository has different naming conventions.
if [[ ${version:0:1} == "v" || ${version:0:1} == "V" ]]; then
version=${version:1}
fi
# Setting up the environment variables
echo "Current version: $current_version"
echo "Latest release from upstream: $version"
echo "VERSION=$version" >> $GITHUB_ENV
# For the time being, let's assume the script will fail
echo "PROCEED=false" >> $GITHUB_ENV
# Proceed only if the retrieved version is greater than the current one
if ! dpkg --compare-versions "$current_version" "lt" "$version" ; then
echo "::warning ::No new version available"
exit 0
# Proceed only if a PR for this new version does not already exist
elif git ls-remote -q --exit-code --heads https://github.com/$GITHUB_REPOSITORY.git ci-auto-update-v$version ; then
echo "::warning ::A branch already exists for this update"
exit 0
fi
# Each release can hold multiple assets (e.g. binaries for different architectures, source code, etc.)
echo "${#assets[@]} available asset(s)"
#=================================================
# UPDATE SOURCE FILES
#=================================================
# Here we use the $assets variable to get the resources published in the upstream release.
# Here is an example for Grav, it has to be adapted in accordance with how the upstream releases look like.
# Let's loop over the array of assets URLs
for asset_url in ${assets[@]}; do
echo "Handling asset at $asset_url"
# Assign the asset to a source file in conf/ directory
# Here we base the source file name upon a unique keyword in the assets url (arch)
# Leave $src empty to ignore the asset
case $asset_url in
*"linux-amd64.tar.gz")
src="amd64"
;;
*"linux-arm64.tar.gz")
src="arm64"
;;
*)
src=""
;;
esac
# If $src is not empty, let's process the asset
if [ ! -z "$src" ]; then
# Create the temporary directory
tempdir="$(mktemp -d)"
# Download sources and calculate checksum
filename=${asset_url##*/}
curl --silent -4 -L $asset_url -o "$tempdir/$filename"
checksum=$(sha256sum "$tempdir/$filename" | head -c 64)
# Delete temporary directory
rm -rf $tempdir
# Get extension
if [[ $filename == *.tar.gz ]]; then
extension=tar.gz
else
extension=${filename##*.}
fi
# Rewrite source file
cat <<EOT > conf/$src.src
SOURCE_URL=$asset_url
SOURCE_SUM=$checksum
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=$extension
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=
SOURCE_EXTRACT=true
EOT
echo "... conf/$src.src updated"
else
echo "... asset ignored"
fi
done
#=================================================
# SPECIFIC UPDATE STEPS
#=================================================
# Any action on the app's source code can be done.
# The GitHub Action workflow takes care of committing all changes after this script ends.
#=================================================
# GENERIC FINALIZATION
#=================================================
# Replace new version in manifest
echo "$(jq -s --indent 4 ".[] | .version = \"$version~ynh1\"" manifest.json)" > manifest.json
# No need to update the README, yunohost-bot takes care of it
# The Action will proceed only if the PROCEED environment variable is set to true
echo "PROCEED=true" >> $GITHUB_ENV
exit 0

View file

@ -17,7 +17,7 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in
Run VS Code on your server and access it in the browser Run VS Code on your server and access it in the browser
**Shipped version:** 3.12.0~ynh1 **Shipped version:** 4.0.1~ynh1
@ -27,17 +27,16 @@ Run VS Code on your server and access it in the browser
## Disclaimers / important information ## Disclaimers / important information
### Installation
* The package does not create a dedicated system user, rather during installation you are asked what user you want code-server to run as. **Don't give access to users you don't fully trust!**
### Limitations ### Limitations
* Requires a dedicated domain * Requires a dedicated domain
* Single-user, no LDAP * Single-user, no LDAP
* Subdomains for services on ports (like 8080.code-server-domain.tld) are not supported * Subdomains for services on ports (like 8080.code-server-domain.tld) are not supported
### Other info
* The package does not create a dedicated system user, rather during installation you are asked what user you want code-server to run as. **Don't give access to users you don't fully trust!**
* You can optionally set a password required to access code-server. **Don't leave this blank if you have allowed public access!**
## Documentation and resources ## Documentation and resources
* Official app website: https://github.com/cdr/code-server * Official app website: https://github.com/cdr/code-server

View file

@ -13,7 +13,7 @@ Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour
Lancez VS Code sur votre serveur et accédez-y depuis votre navigateur Lancez VS Code sur votre serveur et accédez-y depuis votre navigateur
**Version incluse :** 3.12.0~ynh1 **Version incluse :** 4.0.1~ynh1
@ -23,17 +23,16 @@ Lancez VS Code sur votre serveur et accédez-y depuis votre navigateur
## Avertissements / informations importantes ## Avertissements / informations importantes
### Installation
* Le paquet ne crée pas d'utilisateur système dédié; on vous demandera pendant l'installation quel utilisateur vous voulez que cod-serveur éxecute en tant que. **Ne donnez pas accès à des utilisateurs en lesquels vous n'avez pas complètement confiance !**
### Limitations ### Limitations
* Nécessite un domaine dédié * Nécessite un domaine dédié
* Un seul utilisateur seulement, pas de LDAP * Un seul utilisateur seulement, pas de LDAP
* Les sous-domaines pour les services sur les ports (like 8080.code-server-domain.tld) ne sont pas pris en charge * Les sous-domaines pour les services sur les ports (like 8080.code-server-domain.tld) ne sont pas pris en charge
### Other info
* Le paquet ne crée pas d'utilisateur système dédié; on vous demandera pendant l'installation quel utilisateur vous voulez que cod-serveur éxecute en tant que. **Ne donnez pas accès à des utilisateurs en lesquels vous n'avez pas complètement confiance !**
* Vous pouvez demander un mot de passe pour accéder à code-server (facultatif). **Ne laissez pas le champ mot-de-passe vide si vous avez permis l'accès public !**
## Documentations et ressources ## Documentations et ressources
* Site officiel de l'app : https://github.com/cdr/code-server * Site officiel de l'app : https://github.com/cdr/code-server

View file

@ -1,26 +1,16 @@
# See here for more information
# https://github.com/YunoHost/package_check#syntax-check_process-file
# Move this file from check_process.default to check_process when you have filled it.
;; Test complet ;; Test complet
; Manifest ; Manifest
domain="domain.tld" domain="domain.tld"
admin="john" admin="john"
is_public=1
password="pass"
extension_service_url=
extension_item_url=
enable_proposed_api=
; Checks ; Checks
pkg_linter=1 pkg_linter=1
setup_sub_dir=0 setup_sub_dir=0
setup_root=1 setup_root=1
setup_nourl=0 setup_nourl=0
setup_private=1 setup_private=0
setup_public=1 setup_public=0
upgrade=1 upgrade=1
upgrade=0 from_commit=CommitHash upgrade=1 from_commit=9bd092ceafb213964c0bfe135538d91b888f1284
backup_restore=1 backup_restore=1
multi_instance=1 multi_instance=1
port_already_use=0 port_already_use=0
@ -29,7 +19,6 @@
Email= Email=
Notification=none Notification=none
;;; Upgrade options ;;; Upgrade options
; commit=CommitHash ; commit=9bd092ceafb213964c0bfe135538d91b888f1284
name=Name and date of the commit. name=3.11.0~ynh1
manifest_arg=domain=DOMAIN&admin=USER&is_public=1&password=pass& manifest_arg=domain=domain.tld&admin=john&is_public=1&password=pass&extension_service_url=&extension_item_url=&enable_proposed_api=

7
conf/amd64.src Normal file
View file

@ -0,0 +1,7 @@
SOURCE_URL=https://github.com/coder/code-server/releases/download/v4.0.1/code-server-4.0.1-linux-amd64.tar.gz
SOURCE_SUM=5fe6d26e9d19e685946f0f392d9c822e5303a800cac3ac54a6a2c26104d239fd
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=
SOURCE_EXTRACT=true

7
conf/arm64.src Normal file
View file

@ -0,0 +1,7 @@
SOURCE_URL=https://github.com/coder/code-server/releases/download/v4.0.1/code-server-4.0.1-linux-amd64.tar.gz
SOURCE_SUM=5fe6d26e9d19e685946f0f392d9c822e5303a800cac3ac54a6a2c26104d239fd
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=
SOURCE_EXTRACT=true

View file

@ -1,2 +1 @@
SERVICE_URL=__EXTENSION_SERVICE_URL__ EXTENSIONS_GALLERY='__EXTENSIONS_GALLERY__'
ITEM_URL=__EXTENSION_ITEM_URL__

View file

@ -1,9 +1,7 @@
bind-addr: 127.0.0.1:__PORT__ bind-addr: 127.0.0.1:__PORT__
auth: __AUTH__ auth: __AUTH__
hashed-password: __HASHED_PASSWORD__
cert: false cert: false
disable-telemetry: true disable-telemetry: true
disable-update-check: true disable-update-check: true
user-data-dir: __DATA_PATH__/user-data user-data-dir: __DATADIR__/user-data
extensions-dir: __DATA_PATH__/extensions extensions-dir: __DATADIR__/extensions
__ENABLE_PROPOSED_API_STRING__

View file

@ -1,5 +1,5 @@
[Unit] [Unit]
Description=Run VS Code on your server and access it in the browser Description=VS Code Server
After=network.target After=network.target
[Service] [Service]
@ -8,9 +8,39 @@ User=__ADMIN__
Group=__ADMIN__ Group=__ADMIN__
WorkingDirectory=/home/__ADMIN__/ WorkingDirectory=/home/__ADMIN__/
EnvironmentFile=__FINALPATH__/code-server.env EnvironmentFile=__FINALPATH__/code-server.env
ExecStart=/usr/bin/env bash -l -c "__FINALPATH__/release-standalone/bin/code-server --config __FINALPATH__/config.yaml" ExecStart=__FINALPATH__/bin/code-server --config __FINALPATH__/config.yaml
StandardOutput=append:/var/log/__APP__/__APP__.log StandardOutput=append:/var/log/__APP__/__APP__.log
StandardError=inherit StandardError=inherit
# Sandboxing options to harden security
# Depending on specificities of your service/app, you may need to tweak these
# .. but this should be a good baseline
# Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html
NoNewPrivileges=yes
PrivateTmp=yes
PrivateDevices=yes
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
RestrictNamespaces=yes
RestrictRealtime=yes
DevicePolicy=closed
ProtectSystem=full
ProtectControlGroups=yes
ProtectKernelModules=yes
ProtectKernelTunables=yes
LockPersonality=yes
SystemCallFilter=~@clock @debug @module @mount @obsolete @reboot @setuid @swap
# Denying access to capabilities that should not be relevant for webapps
# Doc: https://man7.org/linux/man-pages/man7/capabilities.7.html
CapabilityBoundingSet=~CAP_RAWIO CAP_MKNOD
CapabilityBoundingSet=~CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE
CapabilityBoundingSet=~CAP_SYS_BOOT CAP_SYS_TIME CAP_SYS_MODULE CAP_SYS_PACCT
CapabilityBoundingSet=~CAP_LEASE CAP_LINUX_IMMUTABLE CAP_IPC_LOCK
CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_WAKE_ALARM
CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG
CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE
CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW
CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target

44
config_panel.toml Normal file
View file

@ -0,0 +1,44 @@
version = "1.0"
## (optional) i18n property let you internationalize questions, however this feature
## is only available in core configuration panel (like yunohost domain config).
## So in app config panel this key is ignored for now, but you can internationalize
## by using a lang dictionary (see property name bellow)
# i18n = "prefix_translation_key"
[main]
name = "Main configuration"
services = ["__APP__"]
[main.auth]
name = "Authentication"
[main.auth.auth]
ask = "Auth type"
type = "select"
choices = ["none", "password"]
default = "none"
optional = false
bind = ":/opt/yunohost/__APP__/config.yaml"
[main.auth.password]
ask = "Password"
type = "password"
optional = true
visible = "auth == 'password'"
[main.extensions]
name = "Extensions"
optional = false
[main.extensions.extensions_gallery]
ask = "Extensions Gallery"
type = "string"
example = "{\"serviceUrl\": \"https://open-vsx.org/vscode/gallery\",\"itemUrl\": \"https://open-vsx.org/vscode/item\"}"
optional = false
bind = ":/opt/yunohost/__APP__/code-server.env"
[main.extensions.enable_proposed_api]
ask = "Enable Proposed API"
type = "tags"
optional = true

View file

View file

@ -1,10 +1,15 @@
### Installation
* The package does not create a dedicated system user, rather during installation you are asked what user you want code-server to run as. **Don't give access to users you don't fully trust!**
### Limitations ### Limitations
* Requires a dedicated domain * Requires a dedicated domain
* Single-user, no LDAP * Single-user, no LDAP
* Subdomains for services on ports (like 8080.code-server-domain.tld) are not supported * Subdomains for services on ports (like 8080.code-server-domain.tld) are not supported
### Other info ### Extensions
* The package does not create a dedicated system user, rather during installation you are asked what user you want code-server to run as. **Don't give access to users you don't fully trust!** This application uses [Open VSX Registry](https://open-vsx.org/). You can change this setting from the web admin config panel.
* You can optionally set a password required to access code-server. **Don't leave this blank if you have allowed public access!**
See https://coder.com/docs/code-server/latest/FAQ#how-do-i-use-my-own-extensions-marketplace

View file

@ -1,10 +1,9 @@
### Installation
* Le paquet ne crée pas d'utilisateur système dédié; on vous demandera pendant l'installation quel utilisateur vous voulez que cod-serveur éxecute en tant que. **Ne donnez pas accès à des utilisateurs en lesquels vous n'avez pas complètement confiance !**
### Limitations ### Limitations
* Nécessite un domaine dédié * Nécessite un domaine dédié
* Un seul utilisateur seulement, pas de LDAP * Un seul utilisateur seulement, pas de LDAP
* Les sous-domaines pour les services sur les ports (like 8080.code-server-domain.tld) ne sont pas pris en charge * Les sous-domaines pour les services sur les ports (like 8080.code-server-domain.tld) ne sont pas pris en charge
### Other info
* Le paquet ne crée pas d'utilisateur système dédié; on vous demandera pendant l'installation quel utilisateur vous voulez que cod-serveur éxecute en tant que. **Ne donnez pas accès à des utilisateurs en lesquels vous n'avez pas complètement confiance !**
* Vous pouvez demander un mot de passe pour accéder à code-server (facultatif). **Ne laissez pas le champ mot-de-passe vide si vous avez permis l'accès public !**

View file

@ -6,22 +6,20 @@
"en": "Run VS Code on your server and access it in the browser", "en": "Run VS Code on your server and access it in the browser",
"fr": "Lancez VS Code sur votre serveur et accédez-y depuis votre navigateur" "fr": "Lancez VS Code sur votre serveur et accédez-y depuis votre navigateur"
}, },
"version": "3.12.0~ynh1", "version": "4.0.1~ynh1",
"url": "https://github.com/cdr/code-server", "url": "https://github.com/coder/code-server",
"upstream": { "upstream": {
"license": "mit", "license": "MIT",
"website": "https://github.com/cdr/code-server", "admindoc": "https://coder.com/docs/code-server/latest",
"admindoc": "https://github.com/cdr/code-server/tree/main/docs", "userdoc": "https://coder.com/docs/code-server/latest/FAQ",
"userdoc": "https://github.com/cdr/code-server/tree/main/docs", "code": "https://github.com/coder/code-server"
"code": "https://github.com/cdr/code-server"
}, },
"license": "MIT", "license": "MIT",
"maintainer": { "maintainer": {
"name": "Jules Bertholet", "name": "Tagada"
"email": "jules.bertholet@gmail.com"
}, },
"requirements": { "requirements": {
"yunohost": ">= 4.1.3" "yunohost": ">= 4.3.1.8"
}, },
"multi_instance": true, "multi_instance": true,
"services": [ "services": [
@ -31,52 +29,11 @@
"install" : [ "install" : [
{ {
"name": "domain", "name": "domain",
"type": "domain", "type": "domain"
"example": "example.com"
}, },
{ {
"name": "admin", "name": "admin",
"type": "user", "type": "user"
"example": "johndoe"
},
{
"name": "is_public",
"type": "boolean",
"default": true
},
{
"name": "password",
"type": "password",
"example": "Choose a password",
"optional": true
},
{
"name": "extension_service_url",
"type": "string",
"ask": {
"en": "Choose a custom extension gallery serviceUrl (https://github.com/VSCodium/vscodium/blob/master/DOCS.md#extensions--marketplace)",
"fr": "choisir un serviceUrl de galerie d'extensions personnalisé (https://github.com/VSCodium/vscodium/blob/master/DOCS.md#extensions--marketplace)"
},
"optional": true
},
{
"name": "extension_item_url",
"type": "string",
"ask": {
"en": "Choose a custom extension gallery itemUrl (https://github.com/VSCodium/vscodium/blob/master/DOCS.md#extensions--marketplace)",
"fr": "choisir un itemUrl de galerie d'extensions personnalisé (https://github.com/VSCodium/vscodium/blob/master/DOCS.md#extensions--marketplace)"
},
"optional": true
},
{
"name": "enable_proposed_api",
"type": "string",
"ask": {
"en": "Choose a list of extensions that can access proposed APIs (https://github.com/VSCodium/vscodium/blob/master/DOCS.md#proprietary-extensions)",
"fr": "choisir une liste d'extensions qui peuvent accéder aux APIs proposées (https://github.com/VSCodium/vscodium/blob/master/DOCS.md#proprietary-extensions)"
},
"optional": true,
"example": "extension.id, another.extension.id"
} }
] ]
} }

View file

@ -4,108 +4,12 @@
# COMMON VARIABLES # COMMON VARIABLES
#================================================= #=================================================
# dependencies used by the app extensions_gallery="{\"serviceUrl\": \"https://open-vsx.org/vscode/gallery\",\"itemUrl\": \"https://open-vsx.org/vscode/item\"}"
pkg_dependencies="git jq build-essential nodejs g++ gettext-base rsync"
#================================================= #=================================================
# PERSONAL HELPERS # PERSONAL HELPERS
#================================================= #=================================================
function install_dependencies {
ynh_install_app_dependencies $pkg_dependencies
ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ stable main" --package="yarn" --key="https://dl.yarnpkg.com/debian/pubkey.gpg"
}
function setup_source {
if [ ! -d "$final_path/.git" ]; then
git clone https://github.com/cdr/code-server/ "$final_path" --no-checkout 2>&1
fi
pushd "$final_path"
git fetch --all 2>&1
git reset --hard 2>&1
git checkout 798dc0baf284416dbbf951e4ef596beeab6cb6c4 2>&1
popd
ynh_replace_special_string -m "throw new Error('compilation requires 4GB of RAM')" -r "console.log('compilation requires 4GB of RAM')" -f "$final_path/lib/vscode/build/lib/compilation.js"
ynh_replace_special_string -m "throw new Error('compilation requires 4GB of RAM')" -r "console.log('compilation requires 4GB of RAM')" -f "$final_path/lib/vscode/build/lib/compilation.ts"
set_permissions
}
function set_permissions {
chown -R root:$admin "$final_path"
chmod -R g=u,g-w,o-rwx "$final_path"
mkdir -p "$data_path"/{user-data,extensions}
chown -R $admin:$admin "$data_path"
chmod -R g=u,g-w,o-rwx "$data_path"
mkdir -p "/var/log/$app"
chown -R root:root "/var/log/$app"
chmod -R g=u,g-w,o-rwx "/var/log/$app"
}
function set_node_vars {
ynh_exec_warn_less ynh_install_nodejs --nodejs_version=14
ynh_use_nodejs
node_path=$nodejs_path:$(sudo -u $admin sh -c 'echo $PATH')
}
function build_app {
set_node_vars
pushd "$final_path"
chown -R $admin:$admin "$final_path"
sudo -u $admin touch $final_path/.yarnrc
sudo -u $admin env "PATH=$node_path" yarn --cache-folder "$final_path/yarn-cache" --use-yarnrc "$final_path/.yarnrc" config set python python3 2>&1
sudo -u $admin env "PATH=$node_path" yarn --cache-folder "$final_path/yarn-cache" --use-yarnrc "$final_path/.yarnrc" install 2>&1
sudo -u $admin env "PATH=$node_path" yarn --cache-folder "$final_path/yarn-cache" --use-yarnrc "$final_path/.yarnrc" build 2>&1
sudo -u $admin env "PATH=$node_path" yarn --cache-folder "$final_path/yarn-cache" --use-yarnrc "$final_path/.yarnrc" build:vscode 2>&1
sudo -u $admin env "PATH=$node_path" yarn --cache-folder "$final_path/yarn-cache" --use-yarnrc "$final_path/.yarnrc" release 2>&1
cd release
sudo -u $admin env "PATH=$node_path" yarn --cache-folder "$final_path/yarn-cache" --use-yarnrc "$final_path/.yarnrc" install --production 2>&1
cd ..
sudo -u $admin env "PATH=$node_path" yarn --cache-folder "$final_path/yarn-cache" --use-yarnrc "$final_path/.yarnrc" release:standalone 2>&1
popd
set_permissions
}
function add_configs {
if [ ! -z "$hashed_password" ]; then
auth="password"
else
auth="none"
fi
if [ ! -z "$enable_proposed_api" ]; then
enable_proposed_api_string="enable-proposed-api: [ $enable_proposed_api ]"
else
enable_proposed_api_string=""
fi
ynh_add_config --template="config.yaml" --destination="$final_path/config.yaml"
ynh_add_config --template="code-server.env" --destination="$final_path/code-server.env"
set_permissions
}
function load_settings {
app=$YNH_APP_INSTANCE_NAME
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
data_path=$(ynh_app_setting_get --app=$app --key=data_path)
domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app=$app --key=path)
admin=$(ynh_app_setting_get --app=$app --key=admin)
hashed_password=$(ynh_app_setting_get --app=$app --key=hashed_password)
extension_service_url=$(ynh_app_setting_get --app=$app --key=extension_service_url)
extension_item_url=$(ynh_app_setting_get --app=$app --key=extension_item_url)
enable_proposed_api=$(ynh_app_setting_get --app=$app --key=enable_proposed_api)
port=$(ynh_app_setting_get --app=$app --key=port)
}
#================================================= #=================================================
# EXPERIMENTAL HELPERS # EXPERIMENTAL HELPERS
#================================================= #=================================================

View file

@ -15,6 +15,7 @@ source /usr/share/yunohost/helpers
#================================================= #=================================================
ynh_clean_setup () { ynh_clean_setup () {
### Remove this function if there's nothing to clean before calling the remove script.
true true
} }
# Exit if an error occurs during the execution of the script # Exit if an error occurs during the execution of the script
@ -25,7 +26,11 @@ ynh_abort_if_errors
#================================================= #=================================================
ynh_print_info --message="Loading installation settings..." ynh_print_info --message="Loading installation settings..."
load_settings app=$YNH_APP_INSTANCE_NAME
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
domain=$(ynh_app_setting_get --app=$app --key=domain)
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
#================================================= #=================================================
# DECLARE DATA AND CONF FILES TO BACKUP # DECLARE DATA AND CONF FILES TO BACKUP
@ -39,10 +44,10 @@ ynh_print_info --message="Declaring files to be backed up..."
ynh_backup --src_path="$final_path" ynh_backup --src_path="$final_path"
#================================================= #=================================================
# BACKUP THE APP DATA DIR # BACKUP THE DATA DIR
#================================================= #=================================================
ynh_backup --src_path="$data_path" --is_big ynh_backup --src_path="$datadir" --is_big
#================================================= #=================================================
# BACKUP THE NGINX CONFIGURATION # BACKUP THE NGINX CONFIGURATION
@ -50,13 +55,6 @@ ynh_backup --src_path="$data_path" --is_big
ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# BACKUP FAIL2BAN CONFIGURATION
#=================================================
ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf"
ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf"
#================================================= #=================================================
# SPECIFIC BACKUP # SPECIFIC BACKUP
#================================================= #=================================================

View file

@ -24,14 +24,15 @@ app=$YNH_APP_INSTANCE_NAME
#================================================= #=================================================
# LOAD SETTINGS # LOAD SETTINGS
#================================================= #=================================================
ynh_script_progression --message="Loading installation settings..." --weight=1 ynh_script_progression --message="Loading installation settings..." --time --weight=1
load_settings # Needed for helper "ynh_add_nginx_config"
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
#================================================= #=================================================
# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP # BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP
#================================================= #=================================================
ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=50 ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --time --weight=1
# Backup the current version of the app # Backup the current version of the app
ynh_backup_before_upgrade ynh_backup_before_upgrade
@ -55,21 +56,19 @@ then
change_domain=1 change_domain=1
fi fi
change_path=0
#================================================= #=================================================
# STANDARD MODIFICATIONS # STANDARD MODIFICATIONS
#================================================= #=================================================
# STOP SYSTEMD SERVICE # STOP SYSTEMD SERVICE
#================================================= #=================================================
ynh_script_progression --message="Stopping a systemd service..." --weight=1 ynh_script_progression --message="Stopping a systemd service..." --time --weight=1
ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log" ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log"
#================================================= #=================================================
# MODIFY URL IN NGINX CONF # MODIFY URL IN NGINX CONF
#================================================= #=================================================
ynh_script_progression --message="Updating NGINX web server configuration..." --weight=1 ynh_script_progression --message="Updating NGINX web server configuration..." --time --weight=1
nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
@ -83,19 +82,25 @@ then
ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
fi fi
#=================================================
# SPECIFIC MODIFICATIONS
#=================================================
# ...
#=================================================
#================================================= #=================================================
# GENERIC FINALISATION # GENERIC FINALISATION
#================================================= #=================================================
# START SYSTEMD SERVICE # START SYSTEMD SERVICE
#================================================= #=================================================
ynh_script_progression --message="Starting a systemd service..." --weight=1 ynh_script_progression --message="Starting a systemd service..." --time --weight=1
ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" --line_match=" HTTP server listening on " ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
#================================================= #=================================================
# RELOAD NGINX # RELOAD NGINX
#================================================= #=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=1 ynh_script_progression --message="Reloading NGINX web server..." --time --weight=1
ynh_systemd_action --service_name=nginx --action=reload ynh_systemd_action --service_name=nginx --action=reload
@ -103,4 +108,4 @@ ynh_systemd_action --service_name=nginx --action=reload
# END OF SCRIPT # END OF SCRIPT
#================================================= #=================================================
ynh_script_progression --message="Change of URL completed for $app" --last ynh_script_progression --message="Change of URL completed for $app" --time --last

65
scripts/config Normal file
View file

@ -0,0 +1,65 @@
#!/bin/bash
#=================================================
# GENERIC STARTING
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source /usr/share/yunohost/helpers
ynh_abort_if_errors
#=================================================
# RETRIEVE ARGUMENTS
#=================================================
final_path=$(ynh_app_setting_get $app final_path)
#=================================================
# SPECIFIC GETTERS FOR TOML SHORT KEY
#=================================================
get__password() {
echo ""
}
get__enable_proposed_api() {
echo "$(awk '/enable-proposed-api:/ {print $2}' $final_path/config.yaml)"
}
#=================================================
# SPECIFIC VALIDATORS FOR TOML SHORT KEYS
#=================================================
#=================================================
# SPECIFIC SETTERS FOR TOML SHORT KEYS
#=================================================
set__password() {
if [ $password ]
then
hashed_password="$(printf "$password" | sha256sum | cut -d' ' -f1)"
sed -i "/hashed-password:.*/d" "$final_path/config.yaml"
echo "hashed-password: $hashed_password" >> "$final_path/config.yaml"
ynh_store_file_checksum --file="$final_path/config.yaml"
ynh_app_setting_set $app hashed_password "$hashed_password"
fi
}
set__enable_proposed_api() {
sed -i "/enable-proposed-api:.*/d" "$final_path/config.yaml"
echo "enable-proposed-api: $enable_proposed_api" >> "$final_path/config.yaml"
ynh_store_file_checksum --file="$final_path/config.yaml"
ynh_app_setting_set $app enable_proposed_api "$enable_proposed_api"
}
#=================================================
# GENERIC FINALIZATION
#=================================================
ynh_app_config_run $1

View file

@ -24,13 +24,8 @@ ynh_abort_if_errors
#================================================= #=================================================
domain=$YNH_APP_ARG_DOMAIN domain=$YNH_APP_ARG_DOMAIN
path_url='/'
admin=$YNH_APP_ARG_ADMIN admin=$YNH_APP_ARG_ADMIN
is_public=$YNH_APP_ARG_IS_PUBLIC auth="none"
password=$YNH_APP_ARG_PASSWORD
extension_service_url=$YNH_APP_ARG_EXTENSION_SERVICE_URL
extension_item_url=$YNH_APP_ARG_EXTENSION_ITEM_URL
enable_proposed_api=$YNH_APP_ARG_ENABLE_PROPOSED_API
app=$YNH_APP_INSTANCE_NAME app=$YNH_APP_INSTANCE_NAME
@ -41,31 +36,18 @@ ynh_script_progression --message="Validating installation parameters..." --weigh
final_path=/opt/yunohost/$app final_path=/opt/yunohost/$app
test ! -e "$final_path" || ynh_die --message="This path already contains a folder" test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
data_path=/home/yunohost.app/$app
test ! -e "$data_path" || ynh_die --message="This path already contains a folder"
# Register (book) web path # Register (book) web path
ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url ynh_webpath_register --app=$app --domain=$domain --path_url="/"
#================================================= #=================================================
# STORE SETTINGS FROM MANIFEST # STORE SETTINGS FROM MANIFEST
#================================================= #=================================================
ynh_script_progression --message="Storing installation settings..." --weight=1 ynh_script_progression --message="Storing installation settings..." --weight=2
ynh_app_setting_set --app=$app --key=domain --value=$domain ynh_app_setting_set --app=$app --key=domain --value=$domain
ynh_app_setting_set --app=$app --key=path --value=$path_url
ynh_app_setting_set --app=$app --key=admin --value=$admin ynh_app_setting_set --app=$app --key=admin --value=$admin
if [ ! -z "$password" ]; then ynh_app_setting_set --app=$app --key=auth --value=$auth
auth="password"
hashed_password="$(printf "$password" | sha256sum | cut -d' ' -f1)"
else
auth="none"
hashed_password=""
fi
ynh_app_setting_set --app=$app --key=hashed_password --value=$hashed_password
ynh_app_setting_set --app=$app --key=extension_service_url --value="$extension_service_url"
ynh_app_setting_set --app=$app --key=extension_item_url --value="$extension_item_url"
ynh_app_setting_set --app=$app --key=enable_proposed_api --value="$enable_proposed_api"
#================================================= #=================================================
# STANDARD MODIFICATIONS # STANDARD MODIFICATIONS
@ -75,30 +57,26 @@ ynh_app_setting_set --app=$app --key=enable_proposed_api --value="$enable_propos
ynh_script_progression --message="Finding an available port..." --weight=1 ynh_script_progression --message="Finding an available port..." --weight=1
# Find an available port # Find an available port
port=$(ynh_find_port --port=8080) port=$(ynh_find_port --port=8095)
ynh_app_setting_set --app=$app --key=port --value=$port ynh_app_setting_set --app=$app --key=port --value=$port
#=================================================
# INSTALL DEPENDENCIES
#=================================================
ynh_script_progression --message="Installing dependencies..." --weight=30
install_dependencies
#================================================= #=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE # DOWNLOAD, CHECK AND UNPACK SOURCE
#================================================= #=================================================
ynh_script_progression --message="Setting up source files..." --weight=25 ynh_script_progression --message="Setting up source files..." --weight=5
ynh_app_setting_set --app=$app --key=final_path --value=$final_path ynh_app_setting_set --app=$app --key=final_path --value=$final_path
ynh_app_setting_set --app=$app --key=data_path --value=$data_path # Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$final_path" --source_id="$YNH_ARCH"
setup_source chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R root:$admin "$final_path"
#================================================= #=================================================
# NGINX CONFIGURATION # NGINX CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Configuring NGINX web server..." --weight=1 ynh_script_progression --message="Configuring NGINX web server..." --weight=5
# Create a dedicated NGINX config # Create a dedicated NGINX config
ynh_add_nginx_config ynh_add_nginx_config
@ -106,23 +84,42 @@ ynh_add_nginx_config
#================================================= #=================================================
# SPECIFIC SETUP # SPECIFIC SETUP
#================================================= #=================================================
# BUILD APP # ...
#================================================= #=================================================
ynh_script_progression --message="Compiling code-server... (this will take a long time)" --weight=200
build_app
#================================================= #=================================================
# ADD CONFIGURATIONS # CREATE DATA DIRECTORY
#================================================= #=================================================
ynh_script_progression --message="Adding a configuration file..." --weight=1 ynh_script_progression --message="Creating a data directory..." --weight=2
add_configs datadir=/home/yunohost.app/$app
ynh_app_setting_set --app=$app --key=datadir --value=$datadir
mkdir -p $datadir/{user-data,extensions}
chmod 750 "$datadir"
chmod -R o-rwx "$datadir"
chown -R $admin:$admin "$datadir"
#=================================================
# ADD A CONFIGURATION
#=================================================
ynh_script_progression --message="Adding a configuration file..." --weight=2
ynh_add_config --template="config.yaml" --destination="$final_path/config.yaml"
chmod 440 "$final_path/config.yaml"
chown root:$admin "$final_path/config.yaml"
ynh_add_config --template="code-server.env" --destination="$final_path/code-server.env"
chmod 440 "$final_path/code-server.env"
chown root:$admin "$final_path/code-server.env"
#================================================= #=================================================
# SETUP SYSTEMD # SETUP SYSTEMD
#================================================= #=================================================
ynh_script_progression --message="Configuring a systemd service..." --weight=1 ynh_script_progression --message="Configuring a systemd service..." --weight=2
# Create a dedicated systemd config # Create a dedicated systemd config
ynh_add_systemd_config ynh_add_systemd_config
@ -132,8 +129,7 @@ ynh_add_systemd_config
#================================================= #=================================================
# SETUP LOGROTATE # SETUP LOGROTATE
#================================================= #=================================================
ynh_script_progression --message="Configuring log rotation..." --weight=1 ynh_script_progression --message="Configuring log rotation..." --weight=2
# Use logrotate to manage application logfile(s) # Use logrotate to manage application logfile(s)
ynh_use_logrotate ynh_use_logrotate
@ -142,7 +138,7 @@ ynh_use_logrotate
#================================================= #=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
yunohost service add $app --description="Server for accessing VS Code from the browser" --log="/var/log/$app/$app.log" yunohost service add $app --description="VS Code Server" --log="/var/log/$app/$app.log"
#================================================= #=================================================
# START SYSTEMD SERVICE # START SYSTEMD SERVICE
@ -150,33 +146,20 @@ yunohost service add $app --description="Server for accessing VS Code from the b
ynh_script_progression --message="Starting a systemd service..." --weight=1 ynh_script_progression --message="Starting a systemd service..." --weight=1
# Start a systemd service # Start a systemd service
ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" --line_match=" HTTP server listening on " ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
#=================================================
# SETUP FAIL2BAN
#=================================================
ynh_script_progression --message="Configuring Fail2Ban..." --weight=1
# Create a dedicated Fail2Ban config
ynh_add_fail2ban_config --logpath="/var/log/$app/$app.log" --failregex='^Failed login attempt {"xForwardedFor":"<HOST>"'
#================================================= #=================================================
# SETUP SSOWAT # SETUP SSOWAT
#================================================= #=================================================
ynh_script_progression --message="Configuring permissions..." --weight=1 ynh_script_progression --message="Configuring permissions..." --weight=1
# Make app public if necessary ynh_permission_update --permission="main" --remove="all_users"
if [ $is_public -eq 1 ] ynh_permission_update --permission="main" --add=$admin
then
# Everyone can access the app.
# The "main" permission is automatically created before the install script.
ynh_permission_update --permission="main" --add="visitors"
fi
#================================================= #=================================================
# RELOAD NGINX # RELOAD NGINX
#================================================= #=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=1 ynh_script_progression --message="Reloading NGINX web server..." --weight=2
ynh_systemd_action --service_name=nginx --action=reload ynh_systemd_action --service_name=nginx --action=reload

View file

@ -12,9 +12,14 @@ source /usr/share/yunohost/helpers
#================================================= #=================================================
# LOAD SETTINGS # LOAD SETTINGS
#================================================= #=================================================
ynh_script_progression --message="Loading installation settings..." --weight=1 ynh_script_progression --message="Loading installation settings..." --weight=1
load_settings app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
port=$(ynh_app_setting_get --app=$app --key=port)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
#================================================= #=================================================
# STANDARD REMOVE # STANDARD REMOVE
@ -25,7 +30,7 @@ load_settings
# Remove the service from the list of services known by YunoHost (added from `yunohost service add`) # Remove the service from the list of services known by YunoHost (added from `yunohost service add`)
if ynh_exec_warn_less yunohost service status $app >/dev/null if ynh_exec_warn_less yunohost service status $app >/dev/null
then then
ynh_script_progression --message="Removing $app service integration..." --weight=1 ynh_script_progression --message="Removing $app service integration..." --weight=2
yunohost service remove $app yunohost service remove $app
fi fi
@ -38,20 +43,12 @@ ynh_script_progression --message="Stopping and removing the systemd service..."
ynh_remove_systemd_config ynh_remove_systemd_config
#================================================= #=================================================
# REMOVE DEPENDENCIES # REMOVE LOGROTATE CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Removing dependencies..." --weight=5 ynh_script_progression --message="Removing logrotate configuration..." --weight=2
# Remove metapackage and its dependencies # Remove the app-specific logrotate config
ynh_remove_app_dependencies ynh_remove_logrotate
#=================================================
# REMOVE NODE.JS
#=================================================
ynh_script_progression --message="Removing Node.js version..." --weight=5
# Remove metapackage and its dependencies
ynh_remove_nodejs
#================================================= #=================================================
# REMOVE APP MAIN DIR # REMOVE APP MAIN DIR
@ -62,12 +59,15 @@ ynh_script_progression --message="Removing app main directory..." --weight=1
ynh_secure_remove --file="$final_path" ynh_secure_remove --file="$final_path"
#================================================= #=================================================
# REMOVE APP DATA DIR # REMOVE DATA DIR
#================================================= #=================================================
ynh_script_progression --message="Removing app data directory..." --weight=1
# Remove the app directory securely # Remove the data directory if --purge option is used
ynh_secure_remove --file="$data_path" if [ "${YNH_APP_PURGE:-0}" -eq 1 ]
then
ynh_script_progression --message="Removing app data directory..." --weight=1
ynh_secure_remove --file="$datadir"
fi
#================================================= #=================================================
# REMOVE NGINX CONFIGURATION # REMOVE NGINX CONFIGURATION
@ -77,34 +77,22 @@ ynh_script_progression --message="Removing NGINX web server configuration..." --
# Remove the dedicated NGINX config # Remove the dedicated NGINX config
ynh_remove_nginx_config ynh_remove_nginx_config
#=================================================
# REMOVE LOGROTATE CONFIGURATION
#=================================================
ynh_script_progression --message="Removing logrotate configuration..." --weight=1
# Remove the app-specific logrotate config
ynh_remove_logrotate
#=================================================
# REMOVE FAIL2BAN CONFIGURATION
#=================================================
ynh_script_progression --message="Removing Fail2ban configuration..." --weight=1
# Remove the dedicated Fail2Ban config
ynh_remove_fail2ban_config
#================================================= #=================================================
# SPECIFIC REMOVE # SPECIFIC REMOVE
#================================================= #=================================================
# REMOVE VARIOUS FILES # REMOVE VARIOUS FILES
#================================================= #=================================================
ynh_script_progression --message="Removing log files..." --weight=1 ynh_script_progression --message="Removing various files..." --weight=1
# Remove the log files # Remove the log files
ynh_secure_remove --file="/var/log/$app" ynh_secure_remove --file="/var/log/$app"
#================================================= #=================================================
# GENERIC FINALIZATION # GENERIC FINALIZATION
#=================================================
# ...
#=================================================
#================================================= #=================================================
# END OF SCRIPT # END OF SCRIPT
#================================================= #=================================================

View file

@ -15,6 +15,7 @@ source /usr/share/yunohost/helpers
#================================================= #=================================================
ynh_clean_setup () { ynh_clean_setup () {
#### Remove this function if there's nothing to clean before calling the remove script.
true true
} }
# Exit if an error occurs during the execution of the script # Exit if an error occurs during the execution of the script
@ -23,112 +24,96 @@ ynh_abort_if_errors
#================================================= #=================================================
# LOAD SETTINGS # LOAD SETTINGS
#================================================= #=================================================
ynh_script_progression --message="Loading installation settings..." --weight=1 ynh_script_progression --message="Loading installation settings..." --time --weight=1
load_settings app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
admin=$(ynh_app_setting_get --app=$app --key=admin)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
#================================================= #=================================================
# CHECK IF THE APP CAN BE RESTORED # CHECK IF THE APP CAN BE RESTORED
#================================================= #=================================================
ynh_script_progression --message="Validating restoration parameters..." --weight=1 ynh_script_progression --message="Validating restoration parameters..." --time --weight=1
ynh_webpath_available --domain=$domain --path_url=$path_url \
|| ynh_die --message="Path not available: ${domain}${path_url}"
test ! -d $final_path \ test ! -d $final_path \
|| ynh_die --message="There is already a directory: $final_path " || ynh_die --message="There is already a directory: $final_path "
test ! -d $data_path \ ynh_user_exists --username=$admin || ynh_die --message="User $admin doesn't exist "
|| ynh_die --message="There is already a directory: $data_path "
#================================================= #=================================================
# STANDARD RESTORATION STEPS # STANDARD RESTORATION STEPS
#================================================= #=================================================
# RESTORE THE NGINX CONFIGURATION # RESTORE THE NGINX CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Restoring the NGINX configuration..." --weight=1 ynh_script_progression --message="Restoring the NGINX configuration..." --time --weight=1
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#================================================= #=================================================
# RESTORE THE APP MAIN DIR # RESTORE THE APP MAIN DIR
#================================================= #=================================================
ynh_script_progression --message="Restoring the app main directory..." --weight=1 ynh_script_progression --message="Restoring the app main directory..." --time --weight=1
ynh_restore_file --origin_path="$final_path" ynh_restore_file --origin_path="$final_path"
#================================================= chmod 750 "$final_path"
# RESTORE THE APP DATA DIR chmod -R o-rwx "$final_path"
#================================================= chown -R root:$admin "$final_path"
ynh_script_progression --message="Restoring the app data directory..." --weight=1
ynh_restore_file --origin_path="$data_path" --not_mandatory
#================================================= #=================================================
# RESTORE LOG FILES # RESTORE THE DATA DIRECTORY
#================================================= #=================================================
ynh_script_progression --message="Restoring the log files..." --weight=1 ynh_script_progression --message="Restoring the data directory..." --time --weight=1
ynh_restore_file --origin_path="/var/log/$app" ynh_restore_file --origin_path="$datadir" --not_mandatory
#================================================= mkdir -p $datadir/{user-data,extensions}
# RESTORE FAIL2BAN CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the Fail2Ban configuration..." --weight=1
ynh_restore_file "/etc/fail2ban/jail.d/$app.conf" chmod 750 "$datadir"
ynh_restore_file "/etc/fail2ban/filter.d/$app.conf" chmod -R o-rwx "$datadir"
ynh_systemd_action --action=restart --service_name=fail2ban chown -R $admin:$admin "$datadir"
#================================================= #=================================================
# SPECIFIC RESTORATION # SPECIFIC RESTORATION
#=================================================
# REINSTALL DEPENDENCIES
#=================================================
ynh_script_progression --message="Reinstalling dependencies..." --weight=15
install_dependencies
#================================================= #=================================================
# RESTORE SYSTEMD # RESTORE SYSTEMD
#================================================= #=================================================
ynh_script_progression --message="Restoring the systemd configuration..." --weight=1 ynh_script_progression --message="Restoring the systemd configuration..." --time --weight=1
ynh_restore_file --origin_path="/etc/systemd/system/$app.service" ynh_restore_file --origin_path="/etc/systemd/system/$app.service"
systemctl enable $app.service --quiet systemctl enable $app.service --quiet
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
yunohost service add $app --description="Server for accessing VS Code from the browser" --log="/var/log/$app/$app.log"
#================================================= #=================================================
# RESTORE THE LOGROTATE CONFIGURATION # RESTORE THE LOGROTATE CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Restoring the logrotate configuration..." --weight=1 ynh_script_progression --message="Restoring the logrotate configuration..." --time --weight=1
mkdir -p "/var/log/$app"
ynh_restore_file --origin_path="/etc/logrotate.d/$app" ynh_restore_file --origin_path="/etc/logrotate.d/$app"
#================================================= #=================================================
# SET PERMISSIONS # INTEGRATE SERVICE IN YUNOHOST
#================================================= #=================================================
ynh_script_progression --message="Securing files and directories..." --weight=1 ynh_script_progression --message="Integrating service in YunoHost..." --time --weight=1
set_permissions yunohost service add $app --description="VS Code Server" --log="/var/log/$app/$app.log"
#================================================= #=================================================
# START SYSTEMD SERVICE # START SYSTEMD SERVICE
#================================================= #=================================================
ynh_script_progression --message="Starting a systemd service..." --weight=1 ynh_script_progression --message="Starting a systemd service..." --time --weight=1
ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" --line_match=" HTTP server listening on " ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
#================================================= #=================================================
# GENERIC FINALIZATION # GENERIC FINALIZATION
#================================================= #=================================================
# RELOAD NGINX # RELOAD NGINX AND PHP-FPM
#================================================= #=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=1 ynh_script_progression --message="Reloading NGINX web server and PHP-FPM..." --time --weight=1
ynh_systemd_action --service_name=nginx --action=reload ynh_systemd_action --service_name=nginx --action=reload
@ -136,4 +121,4 @@ ynh_systemd_action --service_name=nginx --action=reload
# END OF SCRIPT # END OF SCRIPT
#================================================= #=================================================
ynh_script_progression --message="Restoration completed for $app" --last ynh_script_progression --message="Restoration completed for $app" --time --last

View file

@ -12,9 +12,19 @@ source /usr/share/yunohost/helpers
#================================================= #=================================================
# LOAD SETTINGS # LOAD SETTINGS
#================================================= #=================================================
ynh_script_progression --message="Loading installation settings..." --weight=1 ynh_script_progression --message="Loading installation settings..." --time --weight=1
load_settings app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
admin=$(ynh_app_setting_get --app=$app --key=admin)
port=$(ynh_app_setting_get --app=$app --key=port)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
auth=$(ynh_app_setting_get --app=$app --key=auth)
hashed_password=$(ynh_app_setting_get --app=$app --key=hashed_password)
enable_proposed_api=$(ynh_app_setting_get --app=$app --key="enable_proposed_api")
extensions_gallery=$(ynh_app_setting_get --app=$app --key="extensions_gallery")
#================================================= #=================================================
# CHECK VERSION # CHECK VERSION
@ -25,7 +35,7 @@ upgrade_type=$(ynh_check_app_version_changed)
#================================================= #=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#================================================= #=================================================
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=50 ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --time --weight=1
# Backup the current version of the app # Backup the current version of the app
ynh_backup_before_upgrade ynh_backup_before_upgrade
@ -41,60 +51,102 @@ ynh_abort_if_errors
#================================================= #=================================================
# STOP SYSTEMD SERVICE # STOP SYSTEMD SERVICE
#================================================= #=================================================
ynh_script_progression --message="Stopping a systemd service..." --weight=1 ynh_script_progression --message="Stopping a systemd service..." --time --weight=1
ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log" ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log"
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
ynh_script_progression --message="Ensuring downward compatibility..." --time --weight=1
if ynh_compare_current_package_version -c le -v "3.11.0~ynh1"
then
extension_service_url=$(ynh_app_setting_get --app=$app --key="extension_service_url")
extension_item_url=$(ynh_app_setting_get --app=$app --key="extension_item_url")
if [ "$extension_service_url" ] && [ "$extension_item_url" ]
then
extensions_gallery="{\"serviceUrl\": \"$extension_service_url\",\"itemUrl\": \"$extension_item_url\"}"
ynh_app_setting_set --app=$app --key="extensions_gallery" --value="$extensions_gallery"
ynh_app_setting_delete --app=$app --key="extension_service_url"
ynh_app_setting_delete --app=$app --key="extension_item_url"
fi
if [ "$enable_proposed_api" ]
then
ynh_print_warn --message="Custom enable-proposed-api. You have to enable again them through application config panel."
ynh_print_warn --message="enable-proposed-api was set to: $enable_proposed_api"
ynh_app_setting_delete --app=$app --key="enable_proposed_api"
fi
if [ "$hashed_password" ]
then
auth="password"
else
auth="none"
fi
ynh_app_setting_set --app=$app --key="auth" --value=$auth
ynh_remove_fail2ban_config
ynh_secure_remove --file=$final_path
mkdir -p $final_path
fi
#================================================= #=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE # DOWNLOAD, CHECK AND UNPACK SOURCE
#================================================= #=================================================
if [ "$upgrade_type" == "UPGRADE_APP" ] if [ "$upgrade_type" == "UPGRADE_APP" ]
then then
ynh_script_progression --message="Upgrading source files..." --weight=5 ynh_script_progression --message="Upgrading source files..." --time --weight=1
setup_source # Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$final_path" --source_id="$YNH_ARCH"
fi fi
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R root:$admin "$final_path"
#================================================= #=================================================
# NGINX CONFIGURATION # NGINX CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=1 ynh_script_progression --message="Upgrading NGINX web server configuration..." --time --weight=1
# Create a dedicated NGINX config # Create a dedicated NGINX config
ynh_add_nginx_config ynh_add_nginx_config
#=================================================
# UPGRADE DEPENDENCIES
#=================================================
ynh_script_progression --message="Upgrading dependencies..." --weight=15
install_dependencies
#================================================= #=================================================
# SPECIFIC UPGRADE # SPECIFIC UPGRADE
#================================================= #=================================================
# BUILD APP # ...
#================================================= #=================================================
if [ "$upgrade_type" == "UPGRADE_APP" ] #=================================================
then # UPDATE A CONFIG FILE
ynh_script_progression --message="Compiling code-server..." --weight=600 #=================================================
ynh_script_progression --message="Updating a configuration file..." --time --weight=1
build_app ynh_add_config --template="config.yaml" --destination="$final_path/config.yaml"
ynh_add_config --template="code-server.env" --destination="$final_path/code-server.env"
if [ "$auth" == "password" ]
then
echo "hashed-password: $hashed_password" >> "$final_path/config.yaml"
fi fi
#================================================= chmod 440 "$final_path/config.yaml" "$final_path/code-server.env"
# UPDATE CONFIG FILES chown root:$admin "$final_path/config.yaml" "$final_path/code-server.env"
#=================================================
ynh_script_progression --message="Updating a configuration file..." --weight=1
add_configs
#================================================= #=================================================
# SETUP SYSTEMD # SETUP SYSTEMD
#================================================= #=================================================
ynh_script_progression --message="Upgrading systemd configuration..." --weight=1 ynh_script_progression --message="Upgrading systemd configuration..." --time --weight=1
# Create a dedicated systemd config # Create a dedicated systemd config
ynh_add_systemd_config ynh_add_systemd_config
@ -104,7 +156,7 @@ ynh_add_systemd_config
#================================================= #=================================================
# SETUP LOGROTATE # SETUP LOGROTATE
#================================================= #=================================================
ynh_script_progression --message="Upgrading logrotate configuration..." --weight=1 ynh_script_progression --message="Upgrading logrotate configuration..." --time --weight=1
# Use logrotate to manage app-specific logfile(s) # Use logrotate to manage app-specific logfile(s)
ynh_use_logrotate --non-append ynh_use_logrotate --non-append
@ -112,29 +164,21 @@ ynh_use_logrotate --non-append
#================================================= #=================================================
# INTEGRATE SERVICE IN YUNOHOST # INTEGRATE SERVICE IN YUNOHOST
#================================================= #=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 ynh_script_progression --message="Integrating service in YunoHost..." --time --weight=1
yunohost service add $app --description="Server for accessing VS Code from the browser" --log="/var/log/$app/$app.log" yunohost service add $app --description="VS Code Server" --log="/var/log/$app/$app.log"
#================================================= #=================================================
# START SYSTEMD SERVICE # START SYSTEMD SERVICE
#================================================= #=================================================
ynh_script_progression --message="Starting a systemd service..." --weight=1 ynh_script_progression --message="Starting a systemd service..." --time --weight=1
ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" --line_match=" HTTP server listening on " ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
#=================================================
# UPGRADE FAIL2BAN
#=================================================
ynh_script_progression --message="Reconfiguring Fail2Ban..." --weight=1
# Create a dedicated Fail2Ban config
ynh_add_fail2ban_config --logpath="/var/log/$app/$app.log" --failregex='^Failed login attempt {"xForwardedFor":"<HOST>"'
#================================================= #=================================================
# RELOAD NGINX # RELOAD NGINX
#================================================= #=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=1 ynh_script_progression --message="Reloading NGINX web server..." --time --weight=1
ynh_systemd_action --service_name=nginx --action=reload ynh_systemd_action --service_name=nginx --action=reload
@ -142,4 +186,4 @@ ynh_systemd_action --service_name=nginx --action=reload
# END OF SCRIPT # END OF SCRIPT
#================================================= #=================================================
ynh_script_progression --message="Upgrade of $app completed" --last ynh_script_progression --message="Upgrade of $app completed" --time --last