mirror of
https://github.com/YunoHost-Apps/coin_ynh.git
synced 2024-09-03 18:16:26 +02:00
[wip] Refactoring
This commit is contained in:
parent
5ce813cfbd
commit
8b19e8c364
11 changed files with 971 additions and 294 deletions
|
@ -1,11 +1,11 @@
|
|||
command = '/opt/YNH_APP_INSTANCE_NAME/venv/bin/gunicorn'
|
||||
pythonpath = '/opt/YNH_APP_INSTANCE_NAME'
|
||||
command = '/opt/__YNH_APP_INSTANCE_NAME__/venv/bin/gunicorn'
|
||||
pythonpath = '/opt/__YNH_APP_INSTANCE_NAME__'
|
||||
workers = 4
|
||||
user = 'YNH_APP_INSTANCE_NAME'
|
||||
bind = 'unix:/opt/YNH_APP_INSTANCE_NAME/sock'
|
||||
pid = '/run/gunicorn/YNH_APP_INSTANCE_NAME-pid'
|
||||
errorlog = '/var/log/YNH_APP_INSTANCE_NAME/error.log'
|
||||
accesslog = '/var/log/YNH_APP_INSTANCE_NAME/access.log'
|
||||
user = '__YNH_APP_INSTANCE_NAME__'
|
||||
bind = 'unix:/opt/__YNH_APP_INSTANCE_NAME__/sock'
|
||||
pid = '/run/gunicorn/__YNH_APP_INSTANCE_NAME__-pid'
|
||||
errorlog = '/var/log/__YNH_APP_INSTANCE_NAME__/error.log'
|
||||
accesslog = '/var/log/__YNH_APP_INSTANCE_NAME__/access.log'
|
||||
access_log_format = '%({X-Real-IP}i)s %({X-Forwarded-For}i)s %(h)s %(l)s %(u)s %(t)s "%(r)s" %(s)s %(b)s "%(f)s" "%(a)s"'
|
||||
loglevel = 'warning'
|
||||
capture_output = True
|
||||
|
|
93
conf/local.py.j2
Normal file
93
conf/local.py.j2
Normal file
|
@ -0,0 +1,93 @@
|
|||
# -*- coding: utf-8 -*-
|
||||
from __future__ import unicode_literals
|
||||
import os
|
||||
from settings_base import *
|
||||
|
||||
DEBUG = TEMPLATE_DEBUG = False
|
||||
|
||||
ALLOWED_HOSTS = ['{{ domain }}']
|
||||
|
||||
URL_PREFIX = '{{ prefix }}'
|
||||
STATIC_ROOT = '{{ final_path }}/static'
|
||||
NOTIFICATION_EMAILS = ['{{ email }}']
|
||||
DEFAULT_FROM_EMAIL = 'notifier@{{ domain }}'
|
||||
SITE_URL = "https://{{ domain }}{{ path_url }}"
|
||||
SECRET_KEY = '{{ secret }}'
|
||||
ISP = {
|
||||
'NAME': '{{ isp_name }}',
|
||||
'SITE': '{{ isp_site }}',
|
||||
'EMAIL': '{{ email }}',
|
||||
}
|
||||
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
|
||||
|
||||
PROJECT_DIR = os.path.abspath(os.path.dirname(__file__))
|
||||
|
||||
DATABASES = {
|
||||
'default': {
|
||||
'ENGINE': 'django.db.backends.postgresql_psycopg2',
|
||||
'NAME': '{{ db_name }}',
|
||||
'USER': '{{ db_user }}',
|
||||
'PASSWORD': '{{ db_pwd }}',
|
||||
'HOST': '', # Empty for localhost through domain sockets
|
||||
'PORT': '', # Empty for default
|
||||
},
|
||||
}
|
||||
|
||||
FEEDS = (('ffdn', 'http://www.ffdn.org/fr/rss.xml', 3))
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
# Tous accés
|
||||
# paramétrer SSO en protect_uris
|
||||
# OU
|
||||
# Pas d'accès
|
||||
# hook
|
||||
# paramétrer SSO en protect_uris
|
||||
import ldap
|
||||
from django_auth_ldap.config import LDAPSearch, PosixGroupType
|
||||
AUTHENTICATION_BACKENDS = (
|
||||
'django_auth_ldap.backend.LDAPBackend',
|
||||
'django.contrib.auth.backends.ModelBackend',
|
||||
)
|
||||
AUTH_LDAP_SERVER_URI = "ldap://localhost:389"
|
||||
AUTH_LDAP_USER_SEARCH = LDAPSearch("uid=YNH_APP_ARG_ADMIN,ou=users,dc=yunohost,dc=org", ldap.SCOPE_SUBTREE, "(uid=%(user)s)")
|
||||
AUTH_LDAP_USER_ATTR_MAP = {
|
||||
"username": "uid",
|
||||
"first_name": "givenName",
|
||||
"last_name": "sn",
|
||||
"email": "mail",
|
||||
}
|
||||
AUTH_LDAP_USER_FLAGS_BY_GROUP = {
|
||||
"is_active": "cn=sftpusers,ou=groups,dc=yunohost,dc=org",
|
||||
"is_staff": "cn=sftpusers,ou=groups,dc=yunohost,dc=org",
|
||||
"is_superuser": "cn=sftpusers,ou=groups,dc=yunohost,dc=org"
|
||||
}
|
||||
AUTH_LDAP_GROUP_SEARCH = LDAPSearch("ou=groups,dc=yunohost,dc=org", ldap.SCOPE_SUBTREE, "(objectClass=posixGroup)")
|
||||
AUTH_LDAP_GROUP_TYPE = PosixGroupType()
|
||||
AUTH_LDAP_ALWAYS_UPDATE_USER = True
|
||||
AUTH_LDAP_AUTHORIZE_ALL_USERS = True
|
||||
AUTH_LDAP_FIND_GROUP_PERMS = True
|
||||
#AUTH_LDAP_CACHE_GROUPS = True
|
||||
#AUTH_LDAP_GROUP_CACHE_TIMEOUT = 300
|
||||
#import logging
|
||||
#logger = logging.getLogger('django_auth_ldap')
|
||||
#logger.addHandler(logging.StreamHandler())
|
||||
#logger.setLevel(logging.DEBUG)
|
16
conf/systemd.service
Normal file
16
conf/systemd.service
Normal file
|
@ -0,0 +1,16 @@
|
|||
[Unit]
|
||||
Description=__APP__ gunicorn daemon
|
||||
After=network.target
|
||||
|
||||
[Service]
|
||||
PIDFile=/run/gunicorn/__APP__-pid
|
||||
User=__APP__
|
||||
Group=__APP__
|
||||
WorkingDirectory=__FINALPATH__/
|
||||
ExecStart=__FINALPATH__/venv/bin/gunicorn -c __FINALPATH__/gunicorn_config.py __APP__.wsgi
|
||||
ExecReload=/bin/kill -s HUP $MAINPID
|
||||
ExecStop=/bin/kill -s TERM $MAINPID
|
||||
PrivateTmp=true
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -14,10 +14,10 @@
|
|||
},
|
||||
"url": "https://code.ffdn.org/FFDN/coin/",
|
||||
"requirements": {
|
||||
"yunohost": ">> 3.0"
|
||||
"yunohost": ">= 3.6"
|
||||
},
|
||||
"version": "20180817~ynh4",
|
||||
"multi_instance": false,
|
||||
"version": "20180817~ynh5",
|
||||
"multi_instance": true,
|
||||
"services": [
|
||||
"nginx"
|
||||
],
|
||||
|
|
20
scripts/_common.sh
Normal file
20
scripts/_common.sh
Normal file
|
@ -0,0 +1,20 @@
|
|||
#!/bin/bash
|
||||
|
||||
#=================================================
|
||||
# COMMON VARIABLES
|
||||
#=================================================
|
||||
|
||||
# dependencies used by the app
|
||||
pkg_dependencies="gunicorn python-dev python-pip libldap2-dev libpq-dev libsasl2-dev libjpeg-dev libxml2-dev libxslt1-dev libffi-dev python-cairo libpango1.0-0 postgresql postgresql-contrib"
|
||||
|
||||
#=================================================
|
||||
# PERSONAL HELPERS
|
||||
#=================================================
|
||||
|
||||
#=================================================
|
||||
# EXPERIMENTAL HELPERS
|
||||
#=================================================
|
||||
|
||||
#=================================================
|
||||
# FUTURE OFFICIAL HELPERS
|
||||
#=================================================
|
|
@ -1,23 +1,85 @@
|
|||
#!/bin/bash
|
||||
|
||||
# Exit on command errors and treat unset variables as an error
|
||||
set -eu
|
||||
#=================================================
|
||||
# GENERIC START
|
||||
#=================================================
|
||||
# IMPORT GENERIC HELPERS
|
||||
#=================================================
|
||||
|
||||
#Keep this path for calling _common.sh inside the execution's context of backup and restore scripts
|
||||
source ../settings/scripts/_common.sh
|
||||
source /usr/share/yunohost/helpers
|
||||
|
||||
#=================================================
|
||||
# MANAGE SCRIPT FAILURE
|
||||
#=================================================
|
||||
|
||||
ynh_clean_setup () {
|
||||
### Remove this function if there's nothing to clean before calling the remove script.
|
||||
true
|
||||
}
|
||||
# Exit if an error occurs during the execution of the script
|
||||
ynh_abort_if_errors
|
||||
|
||||
#=================================================
|
||||
# LOAD SETTINGS
|
||||
#=================================================
|
||||
ynh_script_progression --message="Loading installation settings..." --time --weight=1
|
||||
|
||||
# See comments in install script
|
||||
app=$YNH_APP_INSTANCE_NAME
|
||||
|
||||
# Source YunoHost helpers
|
||||
. /usr/share/yunohost/helpers
|
||||
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
||||
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
|
||||
|
||||
# Backup sources & data
|
||||
ynh_backup "/opt/$app" "sources"
|
||||
#=================================================
|
||||
# STANDARD BACKUP STEPS
|
||||
#=================================================
|
||||
# STOP SYSTEMD SERVICE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Stopping a systemd service..." --time --weight=1
|
||||
|
||||
# Copy NGINX configuration
|
||||
domain=$(ynh_app_setting_get "$app" domain)
|
||||
ynh_backup "/etc/nginx/conf.d/${domain}.d/${app}.conf" "nginx.conf"
|
||||
ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log"
|
||||
|
||||
# Copy Gunicorn pool configuration
|
||||
ynh_backup "/etc/systemd/system/$app.service" "gunicorn.service"
|
||||
#=================================================
|
||||
# BACKUP THE APP MAIN DIR
|
||||
#=================================================
|
||||
ynh_script_progression --message="Backing up the main app directory..." --time --weight=1
|
||||
|
||||
# Backup database
|
||||
ynh_psql_dump_db "$app" > ${YNH_CWD}/dump.sql
|
||||
ynh_backup --src_path="$final_path"
|
||||
|
||||
#=================================================
|
||||
# BACKUP THE NGINX CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Backing up nginx web server configuration..." --time --weight=1
|
||||
|
||||
ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
|
||||
|
||||
#=================================================
|
||||
# BACKUP THE MYSQL DATABASE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Backing up the PSQL database..." --time --weight=1
|
||||
|
||||
ynh_psql_dump_db --database="$db_name" > db.sql
|
||||
|
||||
#=================================================
|
||||
# SPECIFIC BACKUP
|
||||
#=================================================
|
||||
# BACKUP SYSTEMD
|
||||
#=================================================
|
||||
ynh_script_progression --message="Backing up systemd configuration..." --time --weight=1
|
||||
|
||||
ynh_backup --src_path="/etc/systemd/system/$app.service"
|
||||
|
||||
#=================================================
|
||||
# START SYSTEMD SERVICE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Starting a systemd service..." --time --weight=1
|
||||
|
||||
ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
|
||||
|
||||
#=================================================
|
||||
# END OF SCRIPT
|
||||
#=================================================
|
||||
|
||||
ynh_script_progression --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." --time --last
|
||||
|
|
117
scripts/change_url
Normal file
117
scripts/change_url
Normal file
|
@ -0,0 +1,117 @@
|
|||
#!/bin/bash
|
||||
|
||||
#=================================================
|
||||
# GENERIC STARTING
|
||||
#=================================================
|
||||
# IMPORT GENERIC HELPERS
|
||||
#=================================================
|
||||
|
||||
source _common.sh
|
||||
source /usr/share/yunohost/helpers
|
||||
|
||||
#=================================================
|
||||
# RETRIEVE ARGUMENTS
|
||||
#=================================================
|
||||
|
||||
old_domain=$YNH_APP_OLD_DOMAIN
|
||||
old_path=$YNH_APP_OLD_PATH
|
||||
|
||||
new_domain=$YNH_APP_NEW_DOMAIN
|
||||
new_path=$YNH_APP_NEW_PATH
|
||||
|
||||
app=$YNH_APP_INSTANCE_NAME
|
||||
|
||||
#=================================================
|
||||
# LOAD SETTINGS
|
||||
#=================================================
|
||||
ynh_script_progression --message="Loading installation settings..." --time --weight=1
|
||||
|
||||
# Needed for helper "ynh_add_nginx_config"
|
||||
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||
|
||||
# Add settings here as needed by your application
|
||||
#db_name=$(ynh_app_setting_get --app=$app --key=db_name)
|
||||
#db_user=$db_name
|
||||
#db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd)
|
||||
|
||||
#=================================================
|
||||
# CHECK WHICH PARTS SHOULD BE CHANGED
|
||||
#=================================================
|
||||
|
||||
change_domain=0
|
||||
if [ "$old_domain" != "$new_domain" ]
|
||||
then
|
||||
change_domain=1
|
||||
fi
|
||||
|
||||
change_path=0
|
||||
if [ "$old_path" != "$new_path" ]
|
||||
then
|
||||
change_path=1
|
||||
fi
|
||||
|
||||
#=================================================
|
||||
# STANDARD MODIFICATIONS
|
||||
#=================================================
|
||||
# STOP SYSTEMD SERVICE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Stopping a systemd service..." --time --weight=1
|
||||
|
||||
ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log"
|
||||
|
||||
#=================================================
|
||||
# MODIFY URL IN NGINX CONF
|
||||
#=================================================
|
||||
ynh_script_progression --message="Updating nginx web server configuration..." --time --weight=1
|
||||
|
||||
nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
|
||||
|
||||
# Change the path in the nginx config file
|
||||
if [ $change_path -eq 1 ]
|
||||
then
|
||||
# Make a backup of the original nginx config file if modified
|
||||
ynh_backup_if_checksum_is_different --file="$nginx_conf_path"
|
||||
# Set global variables for nginx helper
|
||||
domain="$old_domain"
|
||||
path_url="$new_path"
|
||||
# Create a dedicated nginx config
|
||||
ynh_add_nginx_config
|
||||
fi
|
||||
|
||||
# Change the domain for nginx
|
||||
if [ $change_domain -eq 1 ]
|
||||
then
|
||||
# Delete file checksum for the old conf file location
|
||||
ynh_delete_file_checksum --file="$nginx_conf_path"
|
||||
mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf
|
||||
# Store file checksum for the new config file location
|
||||
ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
|
||||
fi
|
||||
|
||||
#=================================================
|
||||
# SPECIFIC MODIFICATIONS
|
||||
#=================================================
|
||||
# ...
|
||||
#=================================================
|
||||
|
||||
#=================================================
|
||||
# GENERIC FINALISATION
|
||||
#=================================================
|
||||
# START SYSTEMD SERVICE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Starting a systemd service..." --time --weight=1
|
||||
|
||||
ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
|
||||
|
||||
#=================================================
|
||||
# RELOAD NGINX
|
||||
#=================================================
|
||||
ynh_script_progression --message="Reloading nginx web server..." --time --weight=1
|
||||
|
||||
ynh_systemd_action --service_name=nginx --action=reload
|
||||
|
||||
#=================================================
|
||||
# END OF SCRIPT
|
||||
#=================================================
|
||||
|
||||
ynh_script_progression --message="Change of URL completed for $app" --time --last
|
327
scripts/install
327
scripts/install
|
@ -1,145 +1,228 @@
|
|||
#!/bin/bash
|
||||
|
||||
# Exit on command errors and treat unset variables as an error
|
||||
set -eu
|
||||
#=================================================
|
||||
# GENERIC START
|
||||
#=================================================
|
||||
# IMPORT GENERIC HELPERS
|
||||
#=================================================
|
||||
|
||||
# Source YunoHost helpers
|
||||
source _common.sh
|
||||
source /usr/share/yunohost/helpers
|
||||
source future.sh
|
||||
source common.sh
|
||||
|
||||
app=$YNH_APP_INSTANCE_NAME
|
||||
#=================================================
|
||||
# MANAGE SCRIPT FAILURE
|
||||
#=================================================
|
||||
|
||||
# Retrieve arguments
|
||||
domain=$YNH_APP_ARG_DOMAIN
|
||||
#readonly path=$YNH_APP_ARG_PATH
|
||||
path=/
|
||||
|
||||
readonly admin=$YNH_APP_ARG_ADMIN
|
||||
readonly email=$YNH_APP_ARG_EMAIL
|
||||
|
||||
|
||||
readonly isp_name=$YNH_APP_ARG_ISP_NAME
|
||||
readonly isp_site=$YNH_APP_ARG_ISP_SITE
|
||||
readonly secret=$(ynh_string_random 24) # A bug don't allow to do random string bigger than 24
|
||||
|
||||
|
||||
# Check if admin exists
|
||||
ynh_user_exists $admin \
|
||||
|| ynh_die "Wrong admin"
|
||||
|
||||
function configure_app()
|
||||
{
|
||||
# Check domain/path availability
|
||||
ynh_webpath_register "$app" "$domain" "$path"
|
||||
|
||||
ynh_app_setting_set "$app" admin "$admin"
|
||||
ynh_app_setting_set "$app" email "$email"
|
||||
ynh_app_setting_set "$app" isp_name "$isp_name"
|
||||
ynh_app_setting_set "$app" isp_site "$isp_site"
|
||||
ynh_app_setting_set "$app" secret "$secret"
|
||||
ynh_clean_setup () {
|
||||
### Remove this function if there's nothing to clean before calling the remove script.
|
||||
read
|
||||
}
|
||||
# Exit if an error occurs during the execution of the script
|
||||
ynh_abort_if_errors
|
||||
|
||||
function install_from_sources()
|
||||
{
|
||||
$final_path/venv/bin/pip install "pip>=1.5.6"
|
||||
#=================================================
|
||||
# RETRIEVE ARGUMENTS FROM THE MANIFEST
|
||||
#=================================================
|
||||
|
||||
export domain=$YNH_APP_ARG_DOMAIN
|
||||
export path_url=/
|
||||
export admin=$YNH_APP_ARG_ADMIN
|
||||
export email=$YNH_APP_ARG_EMAIL
|
||||
export isp_name=$YNH_APP_ARG_ISP_NAME
|
||||
export isp_site=$YNH_APP_ARG_ISP_SITE
|
||||
is_public=1
|
||||
export secret=$(ynh_string_random 24)
|
||||
|
||||
export app=$YNH_APP_INSTANCE_NAME
|
||||
|
||||
#=================================================
|
||||
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
|
||||
#=================================================
|
||||
ynh_script_progression --message="Validating installation parameters..." --time --weight=1
|
||||
|
||||
export final_path=/opt/$app
|
||||
test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
|
||||
|
||||
# Register (book) web path
|
||||
ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
|
||||
|
||||
#=================================================
|
||||
# STORE SETTINGS FROM MANIFEST
|
||||
#=================================================
|
||||
ynh_script_progression --message="Storing installation settings..." --time --weight=1
|
||||
|
||||
ynh_app_setting_set --app=$app --key=domain --value=$domain
|
||||
ynh_app_setting_set --app=$app --key=path --value=$path_url
|
||||
ynh_app_setting_set --app=$app --key=is_public --value=$is_public
|
||||
ynh_app_setting_set --app=$app --key=admin --value=$admin
|
||||
ynh_app_setting_set --app=$app --key=email --value=$email
|
||||
ynh_app_setting_set --app=$app --key=isp_name --value=$isp_name
|
||||
ynh_app_setting_set --app=$app --key=isp_site --value=$isp_site
|
||||
|
||||
#=================================================
|
||||
# STANDARD MODIFICATIONS
|
||||
#=================================================
|
||||
# INSTALL DEPENDENCIES
|
||||
#=================================================
|
||||
ynh_script_progression --message="Installing dependencies..." --time --weight=1
|
||||
|
||||
ynh_install_app_dependencies $pkg_dependencies
|
||||
|
||||
#=================================================
|
||||
# CREATE DATABASE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Creating a MySQL database..." --time --weight=1
|
||||
|
||||
ynh_psql_test_if_first_run
|
||||
|
||||
db_name=$(ynh_sanitize_dbid --db_name=$app)
|
||||
db_user=$db_name
|
||||
ynh_app_setting_set --app=$app --key=db_name --value=$db_name
|
||||
ynh_psql_setup_db --db_user=$db_user --db_name=$db_name
|
||||
|
||||
#=================================================
|
||||
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Setting up source files..." --time --weight=1
|
||||
|
||||
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
|
||||
# Download, check integrity, uncompress and patch the source from app.src
|
||||
ynh_setup_source --dest_dir="$final_path"
|
||||
|
||||
#=================================================
|
||||
# NGINX CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Configuring nginx web server..." --time --weight=1
|
||||
|
||||
# Create a dedicated nginx config
|
||||
ynh_add_nginx_config
|
||||
|
||||
#=================================================
|
||||
# CREATE DEDICATED USER
|
||||
#=================================================
|
||||
ynh_script_progression --message="Configuring system user..." --time --weight=1
|
||||
|
||||
# Create a system user
|
||||
ynh_system_user_create --username=$app
|
||||
|
||||
#=================================================
|
||||
# SPECIFIC SETUP
|
||||
#=================================================
|
||||
# PYTHON DEPENDENCIES
|
||||
#=================================================
|
||||
virtualenv "$final_path/venv"
|
||||
(
|
||||
set +o nounset
|
||||
source "${final_path}/venv/bin/activate"
|
||||
set -o nounset
|
||||
$final_path/venv/bin/pip install --upgrade pip
|
||||
$final_path/venv/bin/pip install gunicorn
|
||||
echo "django-auth-ldap<1.4" >> $final_path/requirements.txt
|
||||
$final_path/venv/bin/pip install -r $final_path/requirements.txt
|
||||
#$final_path/venv/bin/pip install mysqlclient
|
||||
)
|
||||
|
||||
prefix="${path#"/"}/"
|
||||
prefix=${prefix%"/"}
|
||||
# Configuration Django
|
||||
sed -i "s@YNH_APP_ARG_ADMIN@$admin@g" ../conf/local.py
|
||||
sed -i "s@YNH_APP_ARG_DOMAIN@$domain@g" ../conf/local.py
|
||||
sed -i "s@YNH_APP_ARG_PATH@$path@g" ../conf/local.py
|
||||
sed -i "s@YNH_APP_PREFIX@$prefix@g" ../conf/local.py
|
||||
sed -i "s#YNH_APP_ARG_EMAIL#$email#g" ../conf/local.py
|
||||
sed -i "s#YNH_APP_SECRET_KEY#$secret#g" ../conf/local.py
|
||||
sed -i "s#YNH_APP_ARG_ISP_NAME#$isp_name#g" ../conf/local.py
|
||||
sed -i "s#YNH_APP_ARG_ISP_SITE#$isp_site#g" ../conf/local.py
|
||||
sed -i "s#YNH_APP_STATIC_ROOT#$final_path/static#g" ../conf/local.py
|
||||
sed -i "s#YNH_DB_NAME#$db_name#g" ../conf/local.py
|
||||
sed -i "s#YNH_DB_USER#$db_user#g" ../conf/local.py
|
||||
sed -i "s#YNH_DB_PASSWORD#$db_pwd#g" ../conf/local.py
|
||||
sudo cp ../conf/local.py $final_path/$app/settings_local.py
|
||||
#=================================================
|
||||
# CONFIGURATION DJANGO
|
||||
#=================================================
|
||||
|
||||
# Set production
|
||||
sudo ln -s $final_path/$app/static $final_path/static
|
||||
export prefix="${path#"/"}/"
|
||||
prefix=${prefix%"/"}
|
||||
ynh_render_template ../conf/local.py.j2 "$final_path/app/setings_local.py"
|
||||
ynh_store_file_checksum --file="$final_path/app/settings_local.py"
|
||||
|
||||
# Set permissions
|
||||
sudo useradd $app -d $final_path || echo "User already exists"
|
||||
sudo chown -R $app:www-data $final_path
|
||||
#=================================================
|
||||
# SERVE STATIC FILES IN PRODUCTION MODE
|
||||
#=================================================
|
||||
ln -s $final_path/$app/static $final_path/static
|
||||
|
||||
#=================================================
|
||||
# SETUP DATABASE
|
||||
#=================================================
|
||||
# Set permissions
|
||||
chown -R $app:www-data $final_path
|
||||
|
||||
pushd $final_path
|
||||
$final_path/venv/bin/python manage.py migrate --noinput
|
||||
$final_path/venv/bin/python manage.py collectstatic --noinput
|
||||
popd
|
||||
|
||||
# Set permissions to directory
|
||||
chown $app:www-data -R $final_path
|
||||
|
||||
#================================================
|
||||
# CONFIGURE LOG DIR
|
||||
#================================================
|
||||
mkdir -p /var/log/$app
|
||||
chown -R $app /var/log/$app
|
||||
chgrp -R www-data /var/log/$app
|
||||
|
||||
#================================================
|
||||
# SETUP GUNICORN
|
||||
#================================================
|
||||
ynh_replace_string --match_string="__YNH_APP_INSTANCE_NAME__" --replace_string="$app" --target_file="../conf/gunicorn_config.py"
|
||||
cp ../conf/gunicorn_config.py $final_path/
|
||||
ynh_store_file_checksum --file="$final_path/gunicorn_config.py"
|
||||
|
||||
chown $app:www-data $final_path/gunicorn_config.py
|
||||
|
||||
#=================================================
|
||||
# SETUP SYSTEMD
|
||||
#=================================================
|
||||
ynh_script_progression --message="Configuring a systemd service..." --time --weight=1
|
||||
|
||||
# Create a dedicated systemd config
|
||||
ynh_add_systemd_config
|
||||
|
||||
|
||||
pushd $final_path
|
||||
$final_path/venv/bin/python manage.py migrate --noinput
|
||||
$final_path/venv/bin/python manage.py collectstatic --noinput
|
||||
popd
|
||||
# Set permissions to directory
|
||||
sudo chown $app:www-data -R $final_path
|
||||
}
|
||||
#=================================================
|
||||
# GENERIC FINALIZATION
|
||||
#=================================================
|
||||
# SECURE FILES AND DIRECTORIES
|
||||
#=================================================
|
||||
|
||||
function configure_log()
|
||||
{
|
||||
# Log folder
|
||||
sudo mkdir -p /var/log/$app
|
||||
sudo chown -R $app /var/log/$app
|
||||
sudo chgrp -R www-data /var/log/$app
|
||||
}
|
||||
### For security reason, any app should set the permissions to root: before anything else.
|
||||
### Then, if write authorization is needed, any access should be given only to directories
|
||||
### that really need such authorization.
|
||||
|
||||
function configure_gunicorn()
|
||||
{
|
||||
# Service gunicorn
|
||||
sudo sed -i "s@YNH_APP_INSTANCE_NAME@$app@g" ../conf/gunicorn_config.py
|
||||
sudo sed -i "s@YNH_APP_INSTANCE_NAME@$app@g" ../conf/gunicorn.service
|
||||
sudo cp ../conf/gunicorn.service /etc/systemd/system/$app.service
|
||||
sudo systemctl daemon-reload
|
||||
sudo cp ../conf/gunicorn_config.py /opt/$app/
|
||||
chown $app:www-data /opt/$app/gunicorn_config.py
|
||||
}
|
||||
|
||||
function configure_nginx_and_ssowat()
|
||||
{
|
||||
# Reload Nginx and regenerate SSOwat conf
|
||||
sudo yunohost app addaccess $app -u $admin
|
||||
|
||||
# Modify Nginx configuration file and copy it to Nginx conf directory
|
||||
sed -i "s@PATHTOCHANGE@$path@g" ../conf/nginx.conf
|
||||
sed -i "s@ALIASTOCHANGE@$final_path/@g" ../conf/nginx.conf
|
||||
sed -i "s@YNH_APP_INSTANCE_NAME@$app@g" ../conf/nginx.conf
|
||||
sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf
|
||||
|
||||
## Reload Nginx and regenerate SSOwat conf
|
||||
sudo service nginx reload
|
||||
sudo systemctl start $app
|
||||
sudo systemctl enable $app
|
||||
sudo yunohost service add $app -l /var/log/gunicorn/$app.log
|
||||
|
||||
ynh_app_setting_set "$app" skipped_uris "/"
|
||||
sudo yunohost app ssowatconf
|
||||
}
|
||||
|
||||
configure_app
|
||||
install_dependencies
|
||||
init_db
|
||||
# Set permissions to app files
|
||||
chown -R root: $final_path
|
||||
|
||||
|
||||
# Copy files to the right place
|
||||
final_path=/opt/$app
|
||||
ynh_setup_source $final_path
|
||||
|
||||
# Install venv
|
||||
pip install virtualenv
|
||||
virtualenv $final_path/venv
|
||||
set +o nounset
|
||||
source $final_path/venv/bin/activate
|
||||
set -o nounset
|
||||
#=================================================
|
||||
# ADVERTISE SERVICE IN ADMIN PANEL
|
||||
#=================================================
|
||||
|
||||
yunohost service add $app --description "$app daemon" --log "/var/log/$app/$app.log"
|
||||
|
||||
install_from_sources
|
||||
configure_log
|
||||
configure_gunicorn
|
||||
configure_nginx_and_ssowat
|
||||
#=================================================
|
||||
# START SYSTEMD SERVICE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Starting a systemd service..." --time --weight=1
|
||||
|
||||
# Start a systemd service
|
||||
ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
|
||||
|
||||
#=================================================
|
||||
# SETUP SSOWAT
|
||||
#=================================================
|
||||
ynh_script_progression --message="Configuring SSOwat..." --time --weight=1
|
||||
|
||||
# Make app public if necessary
|
||||
if [ $is_public -eq 1 ]
|
||||
then
|
||||
# unprotected_uris allows SSO credentials to be passed anyway.
|
||||
ynh_app_setting_set --app=$app --key=unprotected_uris --value="/"
|
||||
fi
|
||||
|
||||
#=================================================
|
||||
# RELOAD NGINX
|
||||
#=================================================
|
||||
ynh_script_progression --message="Reloading nginx web server..." --time --weight=1
|
||||
|
||||
ynh_systemd_action --service_name=nginx --action=reload
|
||||
|
||||
#=================================================
|
||||
# END OF SCRIPT
|
||||
#=================================================
|
||||
|
||||
ynh_script_progression --message="Installation of $app completed" --time --last
|
||||
|
|
121
scripts/remove
121
scripts/remove
|
@ -1,41 +1,108 @@
|
|||
#!/bin/bash
|
||||
set -u
|
||||
|
||||
# Source YunoHost helpers
|
||||
#=================================================
|
||||
# GENERIC START
|
||||
#=================================================
|
||||
# IMPORT GENERIC HELPERS
|
||||
#=================================================
|
||||
|
||||
source /usr/share/yunohost/helpers
|
||||
source future.sh
|
||||
source common.sh
|
||||
|
||||
# Retrieve app settings
|
||||
APP=$YNH_APP_INSTANCE_NAME
|
||||
app=$APP
|
||||
DOMAIN=$(ynh_app_setting_get "$APP" domain)
|
||||
#=================================================
|
||||
# LOAD SETTINGS
|
||||
#=================================================
|
||||
ynh_script_progression --message="Loading installation settings..." --time --weight=1
|
||||
|
||||
# FIXME FIXME FIXME
|
||||
# Add tests that stuff actually exists before removing them
|
||||
app=$YNH_APP_INSTANCE_NAME
|
||||
|
||||
# Remove mysql table
|
||||
ynh_psql_remove_db $app $app
|
||||
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
||||
port=$(ynh_app_setting_get --app=$app --key=port)
|
||||
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
|
||||
db_user=$db_name
|
||||
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||
|
||||
# Remove dependencies
|
||||
#=================================================
|
||||
# STANDARD REMOVE
|
||||
#=================================================
|
||||
# REMOVE SERVICE FROM ADMIN PANEL
|
||||
#=================================================
|
||||
|
||||
# Remove a service from the admin panel, added by `yunohost service add`
|
||||
if ynh_exec_warn_less yunohost service status $app >/dev/null
|
||||
then
|
||||
ynh_script_progression --message="Removing $app service..." --time --weight=1
|
||||
yunohost service remove $app
|
||||
fi
|
||||
|
||||
#=================================================
|
||||
# STOP AND REMOVE SERVICE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Stopping and removing the systemd service..." --time --weight=1
|
||||
|
||||
# Remove the dedicated systemd config
|
||||
ynh_remove_systemd_config
|
||||
|
||||
#=================================================
|
||||
# REMOVE THE DATABASE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Removing the database..." --time --weight=1
|
||||
|
||||
# Remove a database if it exists, along with the associated user
|
||||
ynh_psql_remove_db --db_user=$db_user --db_name=$db_name
|
||||
|
||||
#=================================================
|
||||
# REMOVE DEPENDENCIES
|
||||
#=================================================
|
||||
ynh_script_progression --message="Removing dependencies..." --time --weight=1
|
||||
|
||||
# Remove metapackage and its dependencies
|
||||
ynh_remove_app_dependencies
|
||||
|
||||
# Remove nginx configuration file
|
||||
sudo rm -f /etc/nginx/conf.d/$DOMAIN.d/$APP.conf
|
||||
#=================================================
|
||||
# REMOVE APP MAIN DIR
|
||||
#=================================================
|
||||
ynh_script_progression --message="Removing app main directory..." --time --weight=1
|
||||
|
||||
# Remove services
|
||||
# Remove the app directory securely
|
||||
ynh_secure_remove --file="$final_path"
|
||||
|
||||
sudo service $APP stop
|
||||
sudo killall $APP
|
||||
sudo yunohost service remove $APP
|
||||
sudo rm -f /etc/systemd/system/$APP.service
|
||||
sudo systemctl daemon-reload
|
||||
#=================================================
|
||||
# REMOVE NGINX CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Removing nginx web server configuration..." --time --weight=1
|
||||
|
||||
# Remove sources
|
||||
ynh_secure_remove /opt/$APP
|
||||
# Remove the dedicated nginx config
|
||||
ynh_remove_nginx_config
|
||||
|
||||
# Delete system user
|
||||
ynh_system_user_delete $APP
|
||||
#=================================================
|
||||
# REMOVE PHP-FPM CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Removing php-fpm configuration..." --time --weight=1
|
||||
|
||||
# Reload nginx service
|
||||
sudo service nginx reload
|
||||
# Remove the dedicated php-fpm config
|
||||
ynh_remove_fpm_config
|
||||
|
||||
#=================================================
|
||||
# SPECIFIC REMOVE
|
||||
#=================================================
|
||||
# REMOVE THE CRON FILE
|
||||
#=================================================
|
||||
|
||||
# Remove the log files
|
||||
ynh_secure_remove --file="/var/log/$app/"
|
||||
|
||||
#=================================================
|
||||
# GENERIC FINALIZATION
|
||||
#=================================================
|
||||
# REMOVE DEDICATED USER
|
||||
#=================================================
|
||||
ynh_script_progression --message="Removing the dedicated system user..." --time --weight=1
|
||||
|
||||
# Delete a system user
|
||||
ynh_system_user_delete --username=$app
|
||||
|
||||
#=================================================
|
||||
# END OF SCRIPT
|
||||
#=================================================
|
||||
|
||||
ynh_script_progression --message="Removal of $app completed" --time --last
|
||||
|
|
202
scripts/restore
202
scripts/restore
|
@ -1,86 +1,158 @@
|
|||
#!/bin/bash
|
||||
|
||||
# Exit on command errors and treat unset variables as an error
|
||||
set -eu
|
||||
#=================================================
|
||||
# GENERIC START
|
||||
#=================================================
|
||||
# IMPORT GENERIC HELPERS
|
||||
#=================================================
|
||||
|
||||
#Keep this path for calling _common.sh inside the execution's context of backup and restore scripts
|
||||
source ../settings/scripts/_common.sh
|
||||
source /usr/share/yunohost/helpers
|
||||
|
||||
#=================================================
|
||||
# MANAGE SCRIPT FAILURE
|
||||
#=================================================
|
||||
|
||||
ynh_clean_setup () {
|
||||
#### Remove this function if there's nothing to clean before calling the remove script.
|
||||
true
|
||||
}
|
||||
# Exit if an error occurs during the execution of the script
|
||||
ynh_abort_if_errors
|
||||
|
||||
#=================================================
|
||||
# LOAD SETTINGS
|
||||
#=================================================
|
||||
ynh_script_progression --message="Loading settings..." --time --weight=1
|
||||
|
||||
# See comments in install script
|
||||
app=$YNH_APP_INSTANCE_NAME
|
||||
|
||||
# Source YunoHost helpers
|
||||
. /usr/share/yunohost/helpers
|
||||
source ../settings/scripts/common.sh
|
||||
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
||||
path_url=$(ynh_app_setting_get --app=$app --key=path)
|
||||
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
|
||||
db_user=$db_name
|
||||
|
||||
# Retrieve old app settings
|
||||
domain=$(ynh_app_setting_get "$app" domain)
|
||||
path=$(ynh_app_setting_get "$app" path)
|
||||
admin=$(ynh_app_setting_get "$app" admin)
|
||||
email=$(ynh_app_setting_get "$app" email)
|
||||
isp_name=$(ynh_app_setting_get "$app" isp_name)
|
||||
isp_site=$(ynh_app_setting_get "$app" isp_site)
|
||||
secret=$(ynh_app_setting_get "$app" secret)
|
||||
db_pwd=$(ynh_app_setting_get "$app" psqlpassword)
|
||||
#=================================================
|
||||
# CHECK IF THE APP CAN BE RESTORED
|
||||
#=================================================
|
||||
ynh_script_progression --message="Validating restoration parameters..." --time --weight=1
|
||||
|
||||
# Check domain/path availability
|
||||
sudo yunohost app checkurl $domain$path -a $app \
|
||||
|| ynh_die "Path not available: ${domain}${path}"
|
||||
ynh_webpath_available --domain=$domain --path_url=$path_url \
|
||||
|| ynh_die --message="Path not available: ${domain}${path_url}"
|
||||
test ! -d $final_path \
|
||||
|| ynh_die --message="There is already a directory: $final_path "
|
||||
|
||||
#=================================================
|
||||
# STANDARD RESTORATION STEPS
|
||||
#=================================================
|
||||
# RESTORE THE NGINX CONFIGURATION
|
||||
#=================================================
|
||||
|
||||
final_path=/opt/$app
|
||||
if [ -d $final_path ]; then
|
||||
ynh_die "There is already a directory: $final_path "
|
||||
fi
|
||||
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
|
||||
|
||||
conf=/etc/nginx/conf.d/$domain.d/$app.conf
|
||||
if [ -f $conf ]; then
|
||||
ynh_die "There is already a nginx conf file at this path: $conf "
|
||||
fi
|
||||
#=================================================
|
||||
# RESTORE THE APP MAIN DIR
|
||||
#=================================================
|
||||
ynh_script_progression --message="Restoring the app main directory..." --time --weight=1
|
||||
|
||||
gunicorn_path=/etc/systemd/system/$app.service
|
||||
if [ -f $gunicorn_path ]; then
|
||||
ynh_die "There is already a gunicorn service file at this path: $gunicorn_path "
|
||||
fi
|
||||
ynh_restore_file --origin_path="$final_path"
|
||||
|
||||
# Dependences
|
||||
install_dependencies
|
||||
#=================================================
|
||||
# RECREATE THE DEDICATED USER
|
||||
#=================================================
|
||||
ynh_script_progression --message="Recreating the dedicated system user..." --time --weight=1
|
||||
|
||||
# Restore sources & data
|
||||
sudo cp -a ./sources $final_path
|
||||
# Create the dedicated user (if not existing)
|
||||
ynh_system_user_create --username=$app
|
||||
|
||||
# Create user
|
||||
useradd $app -d $final_path || echo "User already exists"
|
||||
#=================================================
|
||||
# RESTORE USER RIGHTS
|
||||
#=================================================
|
||||
|
||||
# Set permissions
|
||||
sudo chown -R $app:www-data $final_path
|
||||
# Restore permissions on app files
|
||||
chown -R root: $final_path
|
||||
|
||||
# Restore conf files
|
||||
sudo cp -a ./nginx.conf $conf
|
||||
sudo cp -a ./gunicorn.service $gunicorn_path
|
||||
sudo chown root: $gunicorn_path
|
||||
sudo chmod 644 $gunicorn_path
|
||||
#=================================================
|
||||
# RESTORE THE PHP-FPM CONFIGURATION
|
||||
#=================================================
|
||||
|
||||
# Set Administrator
|
||||
if ynh_user_exists $admin; then
|
||||
sudo yunohost app addaccess $app -u $admin
|
||||
fi
|
||||
ynh_restore_file --origin_path="/etc/php/7.0/fpm/pool.d/$app.conf"
|
||||
|
||||
# Restore database
|
||||
ynh_psql_test_if_first_run
|
||||
db_name=$app
|
||||
db_user=$app
|
||||
ynh_psql_create_db $db_name $db_user $db_pwd
|
||||
ynh_psql_execute_file_as_root "${YNH_CWD}/dump.sql" "$db_name"
|
||||
#=================================================
|
||||
# RESTORE FAIL2BAN CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Restoring the fail2ban configuration..." --time --weight=1
|
||||
|
||||
# Log folder
|
||||
sudo mkdir -p /var/log/$app
|
||||
sudo chown -R $app /var/log/$app
|
||||
sudo chgrp -R www-data /var/log/$app
|
||||
ynh_restore_file "/etc/fail2ban/jail.d/$app.conf"
|
||||
ynh_restore_file "/etc/fail2ban/filter.d/$app.conf"
|
||||
ynh_systemd_action --action=restart --service_name=fail2ban
|
||||
|
||||
# Reload Nginx
|
||||
sudo service nginx reload
|
||||
systemctl daemon-reload
|
||||
sudo systemctl start $app
|
||||
sudo systemctl enable $app
|
||||
sudo yunohost service add $app -l /var/log/gunicorn/$app.log
|
||||
#=================================================
|
||||
# SPECIFIC RESTORATION
|
||||
#=================================================
|
||||
# REINSTALL DEPENDENCIES
|
||||
#=================================================
|
||||
ynh_script_progression --message="Reinstalling dependencies..." --time --weight=1
|
||||
|
||||
ynh_app_setting_set "$app" skipped_uris "/"
|
||||
sudo yunohost app ssowatconf
|
||||
# Define and install dependencies
|
||||
ynh_install_app_dependencies $pkg_dependencies
|
||||
|
||||
#=================================================
|
||||
# RESTORE THE MYSQL DATABASE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Restoring the MySQL database..." --time --weight=1
|
||||
|
||||
db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd)
|
||||
ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd
|
||||
ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql
|
||||
|
||||
#=================================================
|
||||
# RESTORE SYSTEMD
|
||||
#=================================================
|
||||
ynh_script_progression --message="Restoring the systemd configuration..." --time --weight=1
|
||||
|
||||
ynh_restore_file --origin_path="/etc/systemd/system/$app.service"
|
||||
systemctl enable $app.service
|
||||
|
||||
#=================================================
|
||||
# ADVERTISE SERVICE IN ADMIN PANEL
|
||||
#=================================================
|
||||
|
||||
yunohost service add $app --log "/var/log/$app/$app.log"
|
||||
|
||||
#=================================================
|
||||
# START SYSTEMD SERVICE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Starting a systemd service..." --time --weight=1
|
||||
|
||||
ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
|
||||
|
||||
#=================================================
|
||||
# RESTORE THE CRON FILE
|
||||
#=================================================
|
||||
|
||||
ynh_restore_file --origin_path="/etc/cron.d/$app"
|
||||
|
||||
#=================================================
|
||||
# RESTORE THE LOGROTATE CONFIGURATION
|
||||
#=================================================
|
||||
|
||||
ynh_restore_file --origin_path="/etc/logrotate.d/$app"
|
||||
|
||||
#=================================================
|
||||
# GENERIC FINALIZATION
|
||||
#=================================================
|
||||
# RELOAD NGINX AND PHP-FPM
|
||||
#=================================================
|
||||
ynh_script_progression --message="Reloading nginx web server and php-fpm..." --time --weight=1
|
||||
|
||||
ynh_systemd_action --service_name=php7.0-fpm --action=reload
|
||||
ynh_systemd_action --service_name=nginx --action=reload
|
||||
|
||||
#=================================================
|
||||
# END OF SCRIPT
|
||||
#=================================================
|
||||
|
||||
ynh_script_progression --message="Restoration completed for $app" --time --last
|
||||
|
|
259
scripts/upgrade
259
scripts/upgrade
|
@ -1,75 +1,222 @@
|
|||
#!/bin/bash
|
||||
|
||||
#=================================================
|
||||
# GENERIC START
|
||||
#=================================================
|
||||
# IMPORT GENERIC HELPERS
|
||||
#=================================================
|
||||
|
||||
source _common.sh
|
||||
source /usr/share/yunohost/helpers
|
||||
source common.sh
|
||||
source future.sh
|
||||
|
||||
export app=$YNH_APP_INSTANCE_NAME
|
||||
user=$app
|
||||
#=================================================
|
||||
# LOAD SETTINGS
|
||||
#=================================================
|
||||
ynh_script_progression --message="Loading installation settings..." --time --weight=1
|
||||
|
||||
export domain=$(ynh_app_setting_get $app domain)
|
||||
export path=$(ynh_app_setting_get $app path)
|
||||
export admin=$(ynh_app_setting_get $app admin)
|
||||
export email=$(ynh_app_setting_get $app email)
|
||||
export isp_name=$(ynh_app_setting_get $app isp_name)
|
||||
export isp_site=$(ynh_app_setting_get $app isp_site)
|
||||
export secret=$(ynh_app_setting_get $app secret)
|
||||
version=$(ynh_read_json "/etc/yunohost/apps/$app/manifest.json" 'version' 2> /dev/null || echo '20170408')
|
||||
last_version=$(ynh_read_manifest 'version')
|
||||
app=$YNH_APP_INSTANCE_NAME
|
||||
|
||||
ynh_exit_if_up_to_date
|
||||
ynh_check_var "$app" "app name not set"
|
||||
ynh_user_exists "$admin" || err "User does not exist: $admin"
|
||||
ynh_normalize_url_path "$path"
|
||||
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
||||
path_url=$(ynh_app_setting_get --app=$app --key=path)
|
||||
admin=$(ynh_app_setting_get --app=$app --key=admin)
|
||||
is_public=$(ynh_app_setting_get --app=$app --key=is_public)
|
||||
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||
language=$(ynh_app_setting_get --app=$app --key=language)
|
||||
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
|
||||
|
||||
#if [ "${version}" = "20170408" ]; then
|
||||
#fi
|
||||
#=================================================
|
||||
# CHECK VERSION
|
||||
#=================================================
|
||||
|
||||
# Install new dependencies
|
||||
install_dependencies
|
||||
### This helper will compare the version of the currently installed app and the version of the upstream package.
|
||||
### $upgrade_type can have 2 different values
|
||||
### - UPGRADE_APP if the upstream app version has changed
|
||||
### - UPGRADE_PACKAGE if only the YunoHost package has changed
|
||||
### ynh_check_app_version_changed will stop the upgrade if the app is up to date.
|
||||
### UPGRADE_APP should be used to upgrade the core app only if there's an upgrade to do.
|
||||
upgrade_type=$(ynh_check_app_version_changed)
|
||||
|
||||
# Copy files to the right place
|
||||
final_path=/opt/$app
|
||||
[ -L ${final_path}/coin ] || ynh_setup_source $final_path
|
||||
#=================================================
|
||||
# ENSURE DOWNWARD COMPATIBILITY
|
||||
#=================================================
|
||||
ynh_script_progression --message="Ensuring downward compatibility..." --time --weight=1
|
||||
|
||||
set +o nounset
|
||||
source $final_path/venv/bin/activate
|
||||
set -o nounset
|
||||
$final_path/venv/bin/pip install -r $final_path/requirements.txt
|
||||
# Fix is_public as a boolean value
|
||||
if [ "$is_public" = "Yes" ]; then
|
||||
ynh_app_setting_set --app=$app --key=is_public --value=1
|
||||
is_public=1
|
||||
elif [ "$is_public" = "No" ]; then
|
||||
ynh_app_setting_set --app=$app --key=is_public --value=0
|
||||
is_public=0
|
||||
fi
|
||||
|
||||
# Set permissions
|
||||
useradd $app -d $final_path || echo "User already exists"
|
||||
chown -R $app:www-data $final_path
|
||||
# If db_name doesn't exist, create it
|
||||
if [ -z "$db_name" ]; then
|
||||
db_name=$(ynh_sanitize_dbid --db_name=$app)
|
||||
ynh_app_setting_set --app=$app --key=db_name --value=$db_name
|
||||
fi
|
||||
|
||||
pushd $final_path
|
||||
if [ "${version}" = "20170731" ]; then
|
||||
init_db
|
||||
ynh_app_setting_delete $app mysqlpassword
|
||||
$final_path/venv/bin/python manage.py dumpdata > /tmp/dump.json
|
||||
|
||||
cat >> /opt/$app/coin/settings_local.py <<EOF
|
||||
DATABASES = {
|
||||
'default': {
|
||||
'ENGINE': 'django.db.backends.postgresql_psycopg2',
|
||||
'NAME': '$db_name',
|
||||
'USER': '$db_user',
|
||||
'PASSWORD': '$db_pwd',
|
||||
'HOST': '', # Empty for localhost through domain sockets
|
||||
'PORT': '', # Empty for default
|
||||
},
|
||||
# If final_path doesn't exist, create it
|
||||
if [ -z "$final_path" ]; then
|
||||
final_path=/var/www/$app
|
||||
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
|
||||
fi
|
||||
|
||||
#=================================================
|
||||
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
|
||||
#=================================================
|
||||
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --time --weight=1
|
||||
|
||||
# Backup the current version of the app
|
||||
ynh_backup_before_upgrade
|
||||
ynh_clean_setup () {
|
||||
# restore it if the upgrade fails
|
||||
ynh_restore_upgradebackup
|
||||
}
|
||||
EOF
|
||||
# Exit if an error occurs during the execution of the script
|
||||
ynh_abort_if_errors
|
||||
|
||||
#=================================================
|
||||
# CHECK THE PATH
|
||||
#=================================================
|
||||
|
||||
# Normalize the URL path syntax
|
||||
# N.B. : this is for app installations before YunoHost 2.7
|
||||
# where this value might be something like /foo/ or foo/
|
||||
# instead of /foo ....
|
||||
# If nobody installed your app before 2.7, then you may
|
||||
# safely remove this line
|
||||
path_url=$(ynh_normalize_url_path --path_url=$path_url)
|
||||
|
||||
#=================================================
|
||||
# STANDARD UPGRADE STEPS
|
||||
#=================================================
|
||||
# STOP SYSTEMD SERVICE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Stopping a systemd service..." --time --weight=1
|
||||
|
||||
ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log"
|
||||
|
||||
#=================================================
|
||||
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
||||
#=================================================
|
||||
|
||||
if [ "$upgrade_type" == "UPGRADE_APP" ]
|
||||
then
|
||||
ynh_script_progression --message="Upgrading source files..." --time --weight=1
|
||||
|
||||
# Download, check integrity, uncompress and patch the source from app.src
|
||||
ynh_setup_source --dest_dir="$final_path"
|
||||
fi
|
||||
|
||||
$final_path/venv/bin/python manage.py migrate --noinput
|
||||
#=================================================
|
||||
# NGINX CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Upgrading nginx web server configuration..." --time --weight=1
|
||||
|
||||
if [ "${version}" = "20170731" ]; then
|
||||
$final_path/venv/bin/python manage.py loaddata /tmp/dump.json
|
||||
# Create a dedicated nginx config
|
||||
ynh_add_nginx_config
|
||||
|
||||
#=================================================
|
||||
# UPGRADE DEPENDENCIES
|
||||
#=================================================
|
||||
ynh_script_progression --message="Upgrading dependencies..." --time --weight=1
|
||||
|
||||
ynh_install_app_dependencies $pkg_dependencies
|
||||
|
||||
#=================================================
|
||||
# CREATE DEDICATED USER
|
||||
#=================================================
|
||||
ynh_script_progression --message="Making sure dedicated system user exists..." --time --weight=1
|
||||
|
||||
# Create a dedicated user (if not existing)
|
||||
ynh_system_user_create --username=$app
|
||||
|
||||
#=================================================
|
||||
# PHP-FPM CONFIGURATION
|
||||
#=================================================
|
||||
ynh_script_progression --message="Upgrading php-fpm configuration..." --time --weight=1
|
||||
|
||||
# Create a dedicated php-fpm config
|
||||
ynh_add_fpm_config
|
||||
|
||||
#=================================================
|
||||
# SPECIFIC UPGRADE
|
||||
#=================================================
|
||||
# ...
|
||||
#=================================================
|
||||
|
||||
#=================================================
|
||||
# STORE THE CONFIG FILE CHECKSUM
|
||||
#=================================================
|
||||
|
||||
### Verify the checksum of a file, stored by `ynh_store_file_checksum` in the install script.
|
||||
### And create a backup of this file if the checksum is different. So the file will be backed up if the admin had modified it.
|
||||
ynh_backup_if_checksum_is_different --file="$final_path/CONFIG_FILE"
|
||||
# Recalculate and store the checksum of the file for the next upgrade.
|
||||
ynh_store_file_checksum --file="$final_path/CONFIG_FILE"
|
||||
|
||||
#=================================================
|
||||
# SETUP LOGROTATE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Upgrading logrotate configuration..." --time --weight=1
|
||||
|
||||
# Use logrotate to manage app-specific logfile(s)
|
||||
ynh_use_logrotate --non-append
|
||||
|
||||
#=================================================
|
||||
# SETUP SYSTEMD
|
||||
#=================================================
|
||||
ynh_script_progression --message="Upgrading systemd configuration..." --time --weight=1
|
||||
|
||||
# Create a dedicated systemd config
|
||||
ynh_add_systemd_config
|
||||
|
||||
#=================================================
|
||||
# GENERIC FINALIZATION
|
||||
#=================================================
|
||||
# UPGRADE FAIL2BAN
|
||||
#=================================================
|
||||
ynh_script_progression --message="Reconfiguring fail2ban..." --time --weight=1
|
||||
|
||||
# Create a dedicated fail2ban config
|
||||
ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login"
|
||||
|
||||
#=================================================
|
||||
# SECURE FILES AND DIRECTORIES
|
||||
#=================================================
|
||||
|
||||
# Set permissions on app files
|
||||
chown -R root: $final_path
|
||||
|
||||
#=================================================
|
||||
# SETUP SSOWAT
|
||||
#=================================================
|
||||
ynh_script_progression --message="Upgrading SSOwat configuration..." --time --weight=1
|
||||
|
||||
# Make app public if necessary
|
||||
if [ $is_public -eq 1 ]
|
||||
then
|
||||
# unprotected_uris allows SSO credentials to be passed anyway
|
||||
ynh_app_setting_set --app=$app --key=unprotected_uris --value="/"
|
||||
fi
|
||||
|
||||
$final_path/venv/bin/python manage.py collectstatic --noinput
|
||||
popd
|
||||
#=================================================
|
||||
# START SYSTEMD SERVICE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Starting a systemd service..." --time --weight=1
|
||||
|
||||
# Set permissions to directory
|
||||
chown $app:www-data -R $final_path
|
||||
ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
|
||||
|
||||
[ -L ${final_path}/coin ] || service coin restart
|
||||
#=================================================
|
||||
# RELOAD NGINX
|
||||
#=================================================
|
||||
ynh_script_progression --message="Reloading nginx web server..." --time --weight=1
|
||||
|
||||
ynh_systemd_action --service_name=nginx --action=reload
|
||||
|
||||
#=================================================
|
||||
# END OF SCRIPT
|
||||
#=================================================
|
||||
|
||||
ynh_script_progression --message="Upgrade of $app completed" --time --last
|
||||
|
|
Loading…
Reference in a new issue