diff --git a/README.md b/README.md index f0fbcb2..5e0cdce 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,13 @@ -# coin_ynh -Member dashboard for non profit isp +coin_ynh +=============== + +Coin for YunoHost + + +More information on https://code.ffdn.org/FFDN/coin + +## Install + +``` +yunohost app install https://github.com/YunoHost-Apps/coin_ynh -a "domain=adherents.arn-fai.net&path=/&email=contact@arn-fai.net&isp_name=ARN&isp_site=//arn-fai.net&admin=ljf" +``` diff --git a/check_process b/check_process new file mode 100644 index 0000000..e2116e3 --- /dev/null +++ b/check_process @@ -0,0 +1,35 @@ +;; Test complet sans multisite + auto_remove=1 + ; Manifest + domain="domain.tld" (DOMAIN) + path="/path" (PATH) + admin="john" (USER) + email="john@example.com" + ; Checks + pkg_linter=1 + setup_sub_dir=0 + setup_root=1 + setup_nourl=0 + setup_private=0 + setup_public=1 + upgrade=1 + backup_restore=1 + multi_instance=0 + wrong_user=1 + wrong_path=1 + incorrect_path=1 + corrupt_source=0 + fail_download_source=0 + port_already_use=0 + final_path_already_use=0 +;;; Levels + Level 1=auto + Level 2=auto + Level 3=auto + Level 4=1 + Level 5=auto + Level 6=auto + Level 7=auto + Level 8=0 + Level 9=0 + Level 10=0 diff --git a/conf/app.src b/conf/app.src new file mode 100644 index 0000000..d3625ba --- /dev/null +++ b/conf/app.src @@ -0,0 +1,5 @@ +SOURCE_URL=https://code.ffdn.org/FFDN/coin/archive/87a63df9409728e402301690a16aae2ad693c7ff.tar.gz +SOURCE_FILENAME=coin-2017-04-08.tar.gz +SOURCE_FORMAT=tar.gz +SOURCE_SUM=be9c152a35bc45c14cb80bfb9d6912ecfaab001a669dc56e8a3ace45c199612c +SOURCE_SUM_PRG=sha256sum diff --git a/conf/gunicorn.service b/conf/gunicorn.service new file mode 100644 index 0000000..65206c2 --- /dev/null +++ b/conf/gunicorn.service @@ -0,0 +1,16 @@ +[Unit] +Description=YNH_APP_INSTANCE_NAME gunicorn daemon +After=network.target + +[Service] +PIDFile=/run/gunicorn/YNH_APP_INSTANCE_NAME-pid +User=YNH_APP_INSTANCE_NAME +Group=www-data +WorkingDirectory=/opt/YNH_APP_INSTANCE_NAME +ExecStart=/opt/YNH_APP_INSTANCE_NAME/venv/bin/gunicorn -c /opt/YNH_APP_INSTANCE_NAME/gunicorn_config.py YNH_APP_INSTANCE_NAME.wsgi +ExecReload=/bin/kill -s HUP $MAINPID +ExecStop=/bin/kill -s TERM $MAINPID +PrivateTmp=true + +[Install] +WantedBy=multi-user.target diff --git a/conf/gunicorn_config.py b/conf/gunicorn_config.py new file mode 100644 index 0000000..0cab25c --- /dev/null +++ b/conf/gunicorn_config.py @@ -0,0 +1,11 @@ +command = '/opt/YNH_APP_INSTANCE_NAME/venv/bin/gunicorn' +pythonpath = '/opt/YNH_APP_INSTANCE_NAME' +workers = 4 +user = 'YNH_APP_INSTANCE_NAME' +bind = 'unix:/opt/YNH_APP_INSTANCE_NAME/sock' +pid = '/run/gunicorn/YNH_APP_INSTANCE_NAME-pid' +errorlog = '/var/log/YNH_APP_INSTANCE_NAME/error.log' +accesslog = '/var/log/YNH_APP_INSTANCE_NAME/access.log' +access_log_format = '%({X-Real-IP}i)s %({X-Forwarded-For}i)s %(h)s %(l)s %(u)s %(t)s "%(r)s" %(s)s %(b)s "%(f)s" "%(a)s"' +loglevel = 'warning' +capture_output = True diff --git a/conf/local.py b/conf/local.py new file mode 100644 index 0000000..3d2417a --- /dev/null +++ b/conf/local.py @@ -0,0 +1,93 @@ +# -*- coding: utf-8 -*- +from __future__ import unicode_literals +import os + +DEBUG = TEMPLATE_DEBUG = True + +ALLOWED_HOSTS= ['YNH_APP_ARG_DOMAIN'] + +URL_PREFIX='YNH_APP_PREFIX' +STATIC_ROOT='YNH_APP_STATIC_ROOT' +NOTIFICATION_EMAILS=['YNH_APP_ARG_EMAIL'] +DEFAULT_FROM_EMAIL='notifier@YNH_APP_ARG_DOMAIN' +SITE_URL="https://YNH_APP_ARG_DOMAINYNH_APP_ARG_PATH" +SECRET_KEY = 'YNH_APP_SECRET_KEY' +ISP={ + 'NAME':'YNH_APP_ARG_ISP_NAME', + 'SITE':'YNH_APP_ARG_ISP_SITE', + 'EMAIL':'YNH_APP_ARG_EMAIL', +} +SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https') + +PROJECT_DIR = os.path.abspath(os.path.dirname(__file__)) + +DATABASES = { + 'default': { + 'ENGINE': 'django.db.backends.sqlite3', + 'NAME': './coin.db', + #'NAME': 'YNH_DB_NAME', + #'USER': 'YNH_DB_USER', + #'PASSWORD': 'YNH_DB_PASSWORD', + #'HOST': '', # Empty for localhost through domain sockets + #'PORT': '', # Empty for default + }, +} + + + + +DEFAULT_FROM_EMAIL = "YNH_APP_ARG_EMAIL" + +FEEDS = (('isp', 'http://www.illyse.net/feed/', 3), + ('ffdn', 'http://www.ffdn.org/fr/rss.xml', 3)) + + + + + + + + + + + + + + + + + + + + + +# Tous accés +# paramétrer SSO en protect_uris +# OU +# Pas d'accès +# hook +# paramétrer SSO en protect_uris +import ldap +from django_auth_ldap.config import LDAPSearch, PosixGroupType +AUTHENTICATION_BACKENDS = ( + 'django_auth_ldap.backend.LDAPBackend', + 'django.contrib.auth.backends.ModelBackend', +) +AUTH_LDAP_SERVER_URI = "ldap://localhost:389" +AUTH_LDAP_USER_SEARCH = LDAPSearch("uid=YNH_APP_ARG_ADMIN,ou=users,dc=yunohost,dc=org", ldap.SCOPE_SUBTREE, "(uid=%(user)s)") +AUTH_LDAP_USER_FLAGS_BY_GROUP = { + "is_active": "cn=sftpusers,ou=groups,dc=yunohost,dc=org", + "is_staff": "cn=sftpusers,ou=groups,dc=yunohost,dc=org", + "is_superuser": "cn=sftpusers,ou=groups,dc=yunohost,dc=org" +} +AUTH_LDAP_GROUP_SEARCH = LDAPSearch("ou=groups,dc=yunohost,dc=org", ldap.SCOPE_SUBTREE, "(objectClass=posixGroup)") +AUTH_LDAP_GROUP_TYPE = PosixGroupType() +AUTH_LDAP_ALWAYS_UPDATE_USER = True +AUTH_LDAP_AUTHORIZE_ALL_USERS = True +AUTH_LDAP_FIND_GROUP_PERMS = True +#AUTH_LDAP_CACHE_GROUPS = True +#AUTH_LDAP_GROUP_CACHE_TIMEOUT = 300 +#import logging +#logger = logging.getLogger('django_auth_ldap') +#logger.addHandler(logging.StreamHandler()) +#logger.setLevel(logging.DEBUG) diff --git a/conf/nginx.conf b/conf/nginx.conf new file mode 100644 index 0000000..0ade741 --- /dev/null +++ b/conf/nginx.conf @@ -0,0 +1,30 @@ +location PATHTOCHANGE { + if ($scheme = http) { + rewrite ^ https://$server_name$request_uri? permanent; + } + try_files $uri @YNH_APP_INSTANCE_NAME; +} +location /protected/ { + internal; + alias /opt/YNH_APP_INSTANCE_NAME/YNH_APP_INSTANCE_NAME/smedia/; +} + +location PATHTOCHANGE/media { + alias /opt/YNH_APP_INSTANCE_NAME/media; +} + +location PATHTOCHANGE/static { + alias /opt/YNH_APP_INSTANCE_NAME/static; +} + +location PATHTOCHANGE/assets { + alias /opt/YNH_APP_INSTANCE_NAME/static; +} + +location @YNH_APP_INSTANCE_NAME { + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_pass http://unix:/opt/YNH_APP_INSTANCE_NAME/sock; +} diff --git a/manifest.json b/manifest.json new file mode 100644 index 0000000..ce88846 --- /dev/null +++ b/manifest.json @@ -0,0 +1,78 @@ +{ + "name": "Coin", + "id": "coin", + "packaging_format": 1, + "description": { + "en": "Member dashboard for non profit isp.", + "fr": "Coin est un Outil pour un Internet Neutre." + }, + "maintainer": { + "name": "ljf", + "email": "ljf+yunohost@grimaud.me" + }, + "requirements": { + "yunohost": ">> 2.5.0" + }, + "version": "20170408", + "multi_instance": "false", + "services": [ + "nginx" + ], + "arguments": { + "install" : [ + { + "name": "domain", + "type": "domain", + "ask": { + "en": "Choose a domain for Coin", + "fr": "Choisissez un nom de domaine pour Coin" + }, + "example": "domain.org" + }, + { + "name": "path", + "type": "path", + "ask": { + "en": "Choose a path for Coin", + "fr": "Choisissez l'adresse pour Coin" + }, + "example": "/coin", + "default": "/coin" + }, + { + "name": "admin", + "type": "user", + "ask": { + "en": "Choose the Coin administrator (must be an existing YunoHost user)", + "fr": "Choisissez l'administrateur de Coin (doit être un utilisateur YunoHost)" + }, + "example": "johndoe" + }, + { + "name": "email", + "type": "email", + "ask": { + "en": "Choose email were send notification", + "fr": "Choisissez l'email vers lequel envoyer les notifications" + }, + "example": "admin@example.tld" + }, + { + "name": "isp_name", + "ask": { + "en": "Enter your ISP name", + "fr": "Indiquez le nom de votre FAI" + }, + "example": "My ISP" + }, + { + "name": "isp_site", + "ask": { + "en": "Enter the address of your ISP website", + "fr": "Saisissez l'adresse du siteweb de votre FAI" + }, + "example": "//www.exemple.tld" + } + ] + } +} diff --git a/scripts/.install.swp b/scripts/.install.swp new file mode 100644 index 0000000..c362485 Binary files /dev/null and b/scripts/.install.swp differ diff --git a/scripts/backup b/scripts/backup new file mode 100644 index 0000000..eb5832a --- /dev/null +++ b/scripts/backup @@ -0,0 +1,20 @@ +#!/bin/bash + +# Exit on command errors and treat unset variables as an error +set -eu + +# See comments in install script +app=$YNH_APP_INSTANCE_NAME + +# Source YunoHost helpers +. /usr/share/yunohost/helpers + +# Backup sources & data +ynh_backup "/opt/$app" "sources" + +# Copy NGINX configuration +domain=$(ynh_app_setting_get "$app" domain) +ynh_backup "/etc/nginx/conf.d/${domain}.d/${app}.conf" "nginx.conf" + +# Copy Gunicorn pool configuration +ynh_backup "/etc/systemd/system/$app.service" "gunicorn.service" diff --git a/scripts/common.sh b/scripts/common.sh new file mode 100644 index 0000000..55e8e94 --- /dev/null +++ b/scripts/common.sh @@ -0,0 +1,7 @@ + +function install_dependencies() +{ + # Dependencies + ynh_install_app_dependencies gunicorn python-dev python-pip libldap2-dev libpq-dev libsasl2-dev libjpeg-dev libxml2-dev libxslt1-dev libffi-dev python-cairo libpango1.0-0 #libmysqlclient-dev +} + diff --git a/scripts/future.sh b/scripts/future.sh new file mode 100644 index 0000000..ecdfd29 --- /dev/null +++ b/scripts/future.sh @@ -0,0 +1,172 @@ +#====================================================================== +# data/helpers.d/package +#====================================================================== + +# Define and install dependencies with a equivs control file +# This helper can/should only be called once per app +# +# usage: ynh_install_app_dependencies dep [dep [...]] +# | arg: dep - the package name to install in dependence +ynh_install_app_dependencies () { + local old_dir=$(pwd) + dependencies=$@ + manifest_path="../manifest.json" + if [ ! -e "$manifest_path" ]; then + manifest_path="../settings/manifest.json" # Into the restore script, the manifest is not at the same place + fi + version=$(sudo python3 -c "import sys, json;print(json.load(open(\"$manifest_path\"))['version'])") # Retrieve the version number in the manifest file. + dep_app=${app//_/-} # Replace all '_' by '-' + + if ynh_package_is_installed "${dep_app}-ynh-deps"; then + echo "A package named ${dep_app}-ynh-deps is already installed" >&2 + else + cat > ./${dep_app}-ynh-deps.control << EOF # Make a control file for equivs-build +Section: misc +Priority: optional +Package: ${dep_app}-ynh-deps +Version: ${version} +Depends: ${dependencies// /, } +Architecture: all +Description: Fake package for ${app} (YunoHost app) dependencies + This meta-package is only responsible of installing its dependencies. +EOF + ynh_package_install_from_equivs ./${dep_app}-ynh-deps.control \ + || ynh_die "Unable to install dependencies" # Install the fake package and its dependencies + ynh_app_setting_set $app apt_dependencies $dependencies + fi + cd $old_dir +} + +# Remove fake package and its dependencies +# +# Dependencies will removed only if no other package need them. +# +# usage: ynh_remove_app_dependencies +ynh_remove_app_dependencies () { + dep_app=${app//_/-} # Replace all '_' by '-' + ynh_package_autoremove ${dep_app}-ynh-deps # Remove the fake package and its dependencies if they not still used. +} + +#===================================================================== +# data/helpers.d/filesystem +#===================================================================== + +# Remove a file or a directory securely +# +# usage: ynh_secure_remove path_to_remove +# | arg: path_to_remove - File or directory to remove +ynh_secure_remove () { + path_to_remove=$1 + forbidden_path=" \ + /var/www \ + /home/yunohost.app" + + if [[ "$forbidden_path" =~ "$path_to_remove" \ + # Match all paths or subpaths in $forbidden_path + || "$path_to_remove" =~ ^/[[:alnum:]]+$ \ + # Match all first level paths from / (Like /var, /root, etc...) + || "${path_to_remove:${#path_to_remove}-1}" = "/" ]] + # Match if the path finishes by /. Because it seems there is an empty variable + then + echo "Avoid deleting $path_to_remove." >&2 + else + if [ -e "$path_to_remove" ] + then + sudo rm -R "$path_to_remove" + else + echo "$path_to_remove wasn't deleted because it doesn't exist." >&2 + fi + fi +} + +#===================================================================== +# data/helpers.d/utils +#===================================================================== + +# Download and uncompress the source from app.src +# +# The file conf/app.src need to contains: +# +# SOURCE_URL=Address to download the app archive +# SOURCE_SUM=Control sum +# SOURCE_FORMAT=tar.gz # (Optional) default value: tar.gz +# SOURCE_IN_SUBDIR=false # (Optional) Put false if source are directly in the archive root +# SOURCE_FILENAME="example.tar.gz" (Optionnal) default value: ${src_id}.${src_format} +# +# +# usage: ynh_setup_source dest_dir [source_id] +# | arg: dest_dir - Directory where to setup sources +# | arg: source_id - Name of the app, if the package contains more than one app +ynh_setup_source () { + local dest_dir=$1 + local src_id=${2:-app} # If the argument is not given, source_id equal "app" + # Load value from configuration file (see above for a small doc about this file + # format) + local src_url=$(grep 'SOURCE_URL=' "../conf/${src_id}.src" | cut -d= -f2-) + local src_sum=$(grep 'SOURCE_SUM=' "../conf/${src_id}.src" | cut -d= -f2-) + local src_sumprg=$(grep 'SOURCE_SUM_PRG=' "../conf/${src_id}.src" | cut -d= -f2-) + local src_format=$(grep 'SOURCE_FORMAT=' "../conf/${src_id}.src" | cut -d= -f2-) + local src_in_subdir=$(grep 'SOURCE_IN_SUBDIR=' "../conf/${src_id}.src" | cut -d= -f2-) + local src_filename=$(grep 'SOURCE_FILENAME=' "../conf/${src_id}.src" | cut -d= -f2-) + + # Default value + src_sumprg=${src_sumprg:-sha256sum} + src_in_subdir=${src_in_subdir:-true} + src_format=$(echo "$src_format" | tr '[:upper:]' '[:lower:]') + if [ "$src_filename" = "" ] ; then + src_filename="${src_id}.${src_format}" + fi + local local_src="/opt/yunohost-apps-src/${YNH_APP_ID}/${src_filename}" + + if test -e "$local_src" + then # Use the local source file if it is present + cp $local_src $src_filename + else # If not, download the source + wget -nv -O $src_filename $src_url + fi + + # Check the control sum + echo "${src_sum} ${src_filename}" | ${src_sumprg} -c --status \ + || ynh_die "Corrupt source" + + # Extract source into the app dir + sudo mkdir -p "$dest_dir" + if [ "$src_format" = "zip" ] + then # Zip format + # Using of a temp directory, because unzip doesn't manage --strip-components + if $src_in_subdir ; then + local tmp_dir=$(mktemp -d) + unzip -quo $src_filename -d "$tmp_dir" + sudo cp -a $tmp_dir/*/. "$dest_dir" + ynh_secure_remove "$tmp_dir" + else + unzip -quo $src_filename -d "$dest_dir" + fi + else + local strip="" + if $src_in_subdir ; then + strip="--strip-components 1" + fi + if [[ "$src_format" =~ ^tar.gz|tar.bz2|tar.xz$ ]] ; then + sudo tar -xf $src_filename -C "$dest_dir" $strip + else + ynh_die "Archive format unrecognized." + fi + fi + + # Apply patches + if (( $(find ../sources/patches/ -type f -name "${src_id}-*.patch" 2> /dev/null | wc -l) > "0" )); then + local old_dir=$(pwd) + (cd "$dest_dir" \ + && for p in $old_dir/../sources/patches/${src_id}-*.patch; do \ + sudo patch -p1 < $p; done) \ + || ynh_die "Unable to apply patches" + cd $old_dir + fi + + # Add supplementary files + if test -e "../sources/extra_files"; then + sudo cp -a ../sources/extra_files/. "$dest_dir" + fi + +} diff --git a/scripts/install b/scripts/install new file mode 100644 index 0000000..18a5a14 --- /dev/null +++ b/scripts/install @@ -0,0 +1,155 @@ +#!/bin/bash + +# Exit on command errors and treat unset variables as an error +set -eu + +# Source YunoHost helpers +source /usr/share/yunohost/helpers +source future.sh +source common.sh + +readonly app=$YNH_APP_INSTANCE_NAME + +# Retrieve arguments +readonly domain=$YNH_APP_ARG_DOMAIN +readonly path=$YNH_APP_ARG_PATH +readonly admin=$YNH_APP_ARG_ADMIN +readonly email=$YNH_APP_ARG_EMAIL + + +readonly isp_name=$YNH_APP_ARG_ISP_NAME +readonly isp_site=$YNH_APP_ARG_ISP_SITE +readonly secret=$(ynh_string_random 24) # A bug don't allow to do random string bigger than 24 + + +# Check if admin exists +ynh_user_exists $admin \ + || ynh_die "Wrong admin" + +function configure_app() +{ + # Check domain/path availability + sudo yunohost app checkurl "${domain}${path}" -a "$app" \ + || ynh_die "Path not available: ${domain}${path}" + + ynh_app_setting_set "$app" admin "$admin" + ynh_app_setting_set "$app" email "$email" + ynh_app_setting_set "$app" isp_name "$isp_name" + ynh_app_setting_set "$app" isp_site "$isp_site" + ynh_app_setting_set "$app" secret "$secret" +} + +function init_db() +{ + # Generate random password + db_name=$app + db_user=$app + db_pwd=$(ynh_string_random) + + # Initialize database and store mysql password for upgrade + ynh_mysql_create_db $db_name $db_user $db_pwd + ynh_app_setting_set "$app" mysqlpassword "$db_pwd" +} + +function install_from_sources() +{ + $final_path/venv/bin/pip install "pip>=1.5.6" + + $final_path/venv/bin/pip install gunicorn + $final_path/venv/bin/pip install -r $final_path/requirements.txt + $final_path/venv/bin/pip install django-auth-ldap + #$final_path/venv/bin/pip install mysqlclient + + prefix="${path#"/"}/" + prefix=${prefix%"/"} + # Configuration Django + sed -i "s@YNH_APP_ARG_ADMIN@$admin@g" ../conf/local.py + sed -i "s@YNH_APP_ARG_DOMAIN@$domain@g" ../conf/local.py + sed -i "s@YNH_APP_ARG_PATH@$path@g" ../conf/local.py + sed -i "s@YNH_APP_PREFIX@$prefix@g" ../conf/local.py + sed -i "s#YNH_APP_ARG_EMAIL#$email#g" ../conf/local.py + sed -i "s#YNH_APP_SECRET_KEY#$secret#g" ../conf/local.py + sed -i "s#YNH_APP_ARG_ISP_NAME#$isp_name#g" ../conf/local.py + sed -i "s#YNH_APP_ARG_ISP_SITE#$isp_site#g" ../conf/local.py + sed -i "s#YNH_APP_STATIC_ROOT#$final_path/static#g" ../conf/local.py +# sed -i "s#YNH_DB_NAME#$db_name#g" ../conf/local.py +# sed -i "s#YNH_DB_USER#$db_user#g" ../conf/local.py +# sed -i "s#YNH_DB_PASSWORD#$db_pwd#g" ../conf/local.py + sudo cp ../conf/local.py $final_path/$app/settings_local.py + + # Set production + sudo ln -s $final_path/$app/static $final_path/static + + # Set permissions + sudo useradd $app -d $final_path || echo "User already exists" + sudo chown -R $app:www-data $final_path + + + pushd $final_path + $final_path/venv/bin/python manage.py migrate --noinput + $final_path/venv/bin/python manage.py collectstatic --noinput + popd + # Set permissions to directory + sudo chown $app:www-data -R $final_path +} + +function configure_log() +{ + # Log folder + sudo mkdir -p /var/log/$app + sudo chown -R $app /var/log/$app + sudo chgrp -R www-data /var/log/$app +} + +function configure_gunicorn() +{ + # Service gunicorn + sudo sed -i "s@YNH_APP_INSTANCE_NAME@$app@g" ../conf/gunicorn_config.py + sudo sed -i "s@YNH_APP_INSTANCE_NAME@$app@g" ../conf/gunicorn.service + sudo cp ../conf/gunicorn.service /etc/systemd/system/$app.service + sudo systemctl daemon-reload + sudo cp ../conf/gunicorn_config.py /opt/$app/ +} + +function configure_nginx_and_ssowat() +{ + # Reload Nginx and regenerate SSOwat conf + sudo yunohost app addaccess $app -u $admin + + # Modify Nginx configuration file and copy it to Nginx conf directory + sed -i "s@PATHTOCHANGE@$path@g" ../conf/nginx.conf + sed -i "s@ALIASTOCHANGE@$final_path/@g" ../conf/nginx.conf + sed -i "s@YNH_APP_INSTANCE_NAME@$app@g" ../conf/nginx.conf + sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf + + ## Reload Nginx and regenerate SSOwat conf + sudo service nginx reload + sudo systemctl start $app + sudo systemctl enable $app + sudo yunohost service add $app -l /var/log/gunicorn/$app.log + + ynh_app_setting_set "$app" skipped_uris "/" + sudo yunohost app ssowatconf +} + +configure_app +#init_db +install_dependencies + + + # Copy files to the right place + final_path=/opt/$app + ynh_setup_source $final_path + + # Install venv + pip install virtualenv + virtualenv $final_path/venv + set +o nounset + source $final_path/venv/bin/activate + set -o nounset + + +install_from_sources +configure_log +configure_gunicorn +configure_nginx_and_ssowat diff --git a/scripts/remove b/scripts/remove new file mode 100644 index 0000000..812357d --- /dev/null +++ b/scripts/remove @@ -0,0 +1,42 @@ +#!/bin/bash +set -u + +# Source YunoHost helpers +source /usr/share/yunohost/helpers +source future.sh +source common.sh + +# Retrieve app settings +APP=$YNH_APP_INSTANCE_NAME +app=$APP +DOMAIN=$(ynh_app_setting_get "$APP" domain) + +# FIXME FIXME FIXME +# Add tests that stuff actually exists before removing them + +# Remove mysql table +ynh_mysql_drop_user $app +ynh_mysql_drop_db $app + +# Remove dependencies +ynh_remove_app_dependencies + +# Remove nginx configuration file +sudo rm -f /etc/nginx/conf.d/$DOMAIN.d/$APP.conf + +# Remove services + +sudo service $APP stop +sudo killall $APP +sudo yunohost service remove $APP +sudo rm -f /etc/systemd/system/$APP.service +sudo systemctl daemon-reload + +# Remove sources +ynh_secure_remove /opt/$APP + +# Delete system user +ynh_system_user_delete $APP + +# Reload nginx service +sudo service nginx reload diff --git a/scripts/restore b/scripts/restore new file mode 100644 index 0000000..c3d4fc8 --- /dev/null +++ b/scripts/restore @@ -0,0 +1,74 @@ +#!/bin/bash + +# Exit on command errors and treat unset variables as an error +set -eu + +# See comments in install script +app=$YNH_APP_INSTANCE_NAME + +# Source YunoHost helpers +. /usr/share/yunohost/helpers + +# Retrieve old app settings +domain=$(ynh_app_setting_get "$app" domain) +path=$(ynh_app_setting_get "$app" path) +admin=$(ynh_app_setting_get "$app" admin) +email=$(ynh_app_setting_get "$app" email) +isp_name=$(ynh_app_setting_get "$app" isp_name) +isp_site=$(ynh_app_setting_get "$app" isp_site) +secret=$(ynh_app_setting_get "$app" secret) + +# Check domain/path availability +sudo yunohost app checkurl $domain$path -a $app \ + || ynh_die "Path not available: ${domain}${path}" + + +final_path=/opt/$app +if [ -d $final_path ]; then + ynh_die "There is already a directory: $final_path " +fi + +conf=/etc/nginx/conf.d/$domain.d/$app.conf +if [ -f $conf ]; then + ynh_die "There is already a nginx conf file at this path: $conf " +fi + +gunicorn_path=/etc/systemd/system/$app.service +if [ -f $gunicorn_path ]; then + ynh_die "There is already a gunicorn service file at this path: $gunicorn_path " +fi + +# Dependences +ynh_package_install python3-pip python3-virtualenv + +# Restore sources & data +sudo cp -a ./sources $final_path + + +# Set permissions +sudo chown -R www-data:www-data $final_path + +# Restore conf files +sudo cp -a ./nginx.conf $conf +sudo cp -a ./gunicorn.service $gunicorn_path +sudo chown root: $gunicorn_path +sudo chmod 644 $gunicorn_path + +# Set Administrator +if ynh_user_exists $admin; then + sudo yunohost app addaccess $app -u $admin +fi + +# Log folder +sudo mkdir -p /var/log/$app +sudo chown -R $app /var/log/$app +sudo chgrp -R www-data /var/log/$app + +# Reload Nginx +sudo service nginx reload +sudo systemctl start $app +sudo systemctl enable $app +sudo yunohost service add $app -l /var/log/gunicorn/$app.log + +ynh_app_setting_set "$app" skipped_uris "/" +sudo yunohost app ssowatconf diff --git a/scripts/upgrade b/scripts/upgrade new file mode 100644 index 0000000..a9bf588 --- /dev/null +++ b/scripts/upgrade @@ -0,0 +1 @@ +#!/bin/bash