diff --git a/check_process b/check_process index ada23fa..60c41e7 100644 --- a/check_process +++ b/check_process @@ -6,18 +6,16 @@ ;; Test complet ; Manifest domain="domain.tld" (DOMAIN) - path="/path" (PATH) admin="john" (USER) - is_public=1 (PUBLIC|public=1|private=0) ; Checks pkg_linter=1 setup_sub_dir=0 setup_root=1 setup_nourl=0 setup_private=0 - setup_public=1 - upgrade=0 - backup_restore=0 + setup_public=0 + upgrade=1 + backup_restore=1 multi_instance=0 port_already_use=0 change_url=0 diff --git a/scripts/backup b/scripts/backup new file mode 100644 index 0000000..5db9688 --- /dev/null +++ b/scripts/backup @@ -0,0 +1,80 @@ +#!/bin/bash + +#================================================= +# GENERIC START +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts +source ../settings/scripts/_common.sh +source /usr/share/yunohost/helpers + +#================================================= +# MANAGE SCRIPT FAILURE +#================================================= + +ynh_abort_if_errors + +#================================================= +# LOAD SETTINGS +#================================================= +ynh_print_info --message="Loading installation settings..." + +app=$YNH_APP_INSTANCE_NAME + +final_path=$(ynh_app_setting_get --app=$app --key=final_path) +domain=$(ynh_app_setting_get --app=$app --key=domain) +db_name=$(ynh_app_setting_get --app=$app --key=db_name) +phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) + +#================================================= +# DECLARE DATA AND CONF FILES TO BACKUP +#================================================= +ynh_print_info --message="Declaring files to be backed up..." + +#================================================= +# BACKUP THE APP MAIN DIR +#================================================= + +ynh_backup --src_path="$final_path" + +#================================================= +# BACKUP THE COTURN CONFIGURATION +#================================================= + +ynh_backup --src_path="/etc/turnserver.conf" + +#================================================= +# BACKUP THE COTURN DATAPATH +#================================================= + +ynh_backup --src_path="/home/yunohost.app/$app" + +#================================================= +# SPECIFIC BACKUP +#================================================= +# BACKUP LOGROTATE +#================================================= + +ynh_backup --src_path="/var/log/$app" + +#================================================= +# BACKUP SYSTEMD +#================================================= + +ynh_backup --src_path="/etc/systemd/system/$app.service" + +#================================================= +# BACKUP VARIOUS FILES +#================================================= + +ynh_backup --src_path="/etc/cron.d/$app" + +ynh_backup --src_path="/etc/$app/" + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." diff --git a/scripts/install b/scripts/install index b62c548..71d3712 100644 --- a/scripts/install +++ b/scripts/install @@ -131,16 +131,6 @@ ynh_print_ON public_ip4="$(curl ip.yunohost.org)" || true public_ip6="$(curl ipv6.yunohost.org)" || true -# if [ -n "$public_ip4" ] && ynh_validate_ip4 --ip_address="$public_ip4" -# then -# echo "external-ip=$public_ip4" >> "$coturn_config_path" -# fi - -# if [ -n "$public_ip6" ] && ynh_validate_ip6 --ip_address="$public_ip6" -# then -# echo "external-ip=$public_ip6" >> "$coturn_config_path" -# fi - if ( [[ -n "$public_ip4" ]] && ynh_validate_ip4 --ip_address="$public_ip4" || [[ -n "$public_ip6" ]] && ynh_validate_ip6 --ip_address="$public_ip6" ) then echo "external-ip=${public_ip4}/${public_ip6}" >> "$coturn_config_path" diff --git a/scripts/restore b/scripts/restore new file mode 100644 index 0000000..49e0ab9 --- /dev/null +++ b/scripts/restore @@ -0,0 +1,145 @@ +#!/bin/bash + +#================================================= +# GENERIC START +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +source ../settings/scripts/_common.sh +source /usr/share/yunohost/helpers + +#================================================= +# MANAGE SCRIPT FAILURE +#================================================= + +ynh_abort_if_errors + +#================================================= +# LOAD SETTINGS +#================================================= +ynh_script_progression --message="Loading installation settings..." --weight=1 + +app=$YNH_APP_INSTANCE_NAME + +domain=$(ynh_app_setting_get --app=$app --key=domain) +final_path=$(ynh_app_setting_get --app=$app --key=final_path) + +#================================================= +# CHECK IF THE APP CAN BE RESTORED +#================================================= +ynh_script_progression --message="Validating restoration parameters..." --weight=1 + +ynh_webpath_available --domain=$domain --path_url=$path_url \ + || ynh_die --message="Path not available: ${domain}" +test ! -d $final_path \ + || ynh_die --message="There is already a directory: $final_path " + +#================================================= +# INSTALL DEPENDENCIES +#================================================= +ynh_script_progression --message="Installing dependencies..." --weight=5 + +ynh_install_app_dependencies $pkg_dependencies + +#================================================= +# RESTORE COTURN CONFIGURATION +#================================================= +ynh_script_progression --message="Restoring Coturn configuration..." --weight=1 + +ynh_restore_file --origin_path="/etc/turnserver.conf" + +#================================================= +# BACKUP THE COTURN DATAPATH +#================================================= +ynh_script_progression --message="Restoring Coturn Datapath..." --weight=1 + +ynh_restore_file --origin_path="/home/yunohost.app/$app" + +#================================================= +# RECREATE THE DEDICATED USER +#================================================= +ynh_script_progression --message="Recreating the dedicated system user..." --weight=1 + +# Create the dedicated user (if not existing) +ynh_system_user_create --username=turnserver +adduser turnserver ssl-cert + +#================================================= +# CREATE A DH FILE +#================================================= +ynh_script_progression --message="Creating a dhparam file..." --weight=3 + +# WARNING : theses command are used in INSTALL, UPGRADE, RESTORE +# For any update do it in all files + +# Make dhparam cert for Coturn if it doesn't exist +if [ ! -e /etc/ssl/private/dh2048.pem ] +then + ynh_exec_warn_less openssl dhparam -out /etc/ssl/private/dh2048.pem -outform PEM -2 2048 -dsaparam + chown root:ssl-cert /etc/ssl/private/dh2048.pem + chmod 640 /etc/ssl/private/dh2048.pem +fi + +#================================================= +# RESTORE USER RIGHTS +#================================================= + +# Restore permissions on app files +# Set permissions to app files +chown root: -R $data_path +chown -R turnserver:root /var/log/$app +chown turnserver:root /etc/turnserver.conf +setfacl -R -m user:turnserver:rwX /var/log/$app + +#================================================= +# SPECIFIC RESTORATION +#================================================= +# REINSTALL DEPENDENCIES +#================================================= +ynh_script_progression --message="Reinstalling dependencies..." --weight=1 + +# Define and install dependencies +ynh_install_app_dependencies $pkg_dependencies + +#================================================= +# RESTORE SYSTEMD +#================================================= +ynh_script_progression --message="Restoring the systemd configuration..." --weight=1 + +ynh_restore_file --origin_path="/etc/systemd/system/$app.service" +systemctl enable $app.service --quiet + +#================================================= +# INTEGRATE SERVICE IN YUNOHOST +#================================================= +ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 + +yunohost service add $app --description="Coturn TURN server" --log="/var/log/$app/$app.log" --needs_exposed_ports $turnserver_tls_port + +#================================================= +# OPEN THE PORT +#================================================= + +# Ouvre le port dans le firewall +ynh_exec_warn_less yunohost firewall allow Both $turnserver_tls_port +ynh_exec_warn_less yunohost firewall allow Both $turnserver_alt_tls_port + +#================================================= +# START SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Starting a systemd service..." --weight=1 + +ynh_systemd_action --service_name=$app --action=start --log_path="/var/log/$app/$app.log" + +#================================================= +# RESTORE THE LOGROTATE CONFIGURATION +#================================================= + +ynh_restore_file --origin_path="/var/log/$app" + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Restoration completed for $app" --last diff --git a/scripts/upgrade b/scripts/upgrade new file mode 100644 index 0000000..2eaddf6 --- /dev/null +++ b/scripts/upgrade @@ -0,0 +1,186 @@ +#!/bin/bash + +#================================================= +# GENERIC START +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +source _common.sh +source /usr/share/yunohost/helpers + +#================================================= +# LOAD SETTINGS +#================================================= +ynh_script_progression --message="Loading installation settings..." --time --weight=1 + +app=$YNH_APP_INSTANCE_NAME + +domain=$(ynh_app_setting_get --app=$app --key=domain) +final_path=$(ynh_app_setting_get --app=$app --key=final_path) +turnserver_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_tls_port) +turnserver_alt_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_alt_tls_port) +cli_port=$(ynh_app_setting_get --app=$app --key=cli_port) +turnserver_pwd=$(ynh_app_setting_get --app=$app --key=turnserver_pwd) + +#================================================= +# CHECK VERSION +#================================================= + +upgrade_type=$(ynh_check_app_version_changed) + +#================================================= +# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +#================================================= +ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=1 + +# Backup the current version of the app +ynh_backup_before_upgrade +ynh_clean_setup () { + # Restore it if the upgrade fails + ynh_restore_upgradebackup +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + +#================================================= +# STANDARD UPGRADE STEPS +#================================================= +# STOP SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Stopping a systemd service..." --weight=1 + +ynh_systemd_action --service_name=$app --action=stop --log_path="/var/log/$app/$app.log" + +#================================================= +# UPGRADE DEPENDENCIES +#================================================= +ynh_script_progression --message="Upgrading dependencies..." --weight=1 + +ynh_install_app_dependencies $pkg_dependencies + +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 + +# Create a dedicated user (if not existing) +ynh_system_user_create --username=turnserver +adduser turnserver ssl-cert + +#================================================= +# SETUP SYSTEMD +#================================================= +ynh_script_progression --message="Configuring a systemd service..." --weight=1 + +mkdir -p /var/log/$app +# Create systemd service for turnserver +cp ../conf/default.coturn /etc/default/coturn +# Create a dedicated systemd config +ynh_add_systemd_config + +#================================================= +# SET COTURN CONFIG +#================================================= +ynh_script_progression --message="Configuring Coturn..." --weight=1 + +# WARNING: theses command are used in INSTALL, UPGRADE +# For any update do it in all files + +coturn_config_path="/etc/turnserver.conf" + +ynh_backup_if_checksum_is_different --file="$coturn_config_path" + +cp ../conf/turnserver.conf "$coturn_config_path" + +ynh_replace_string --match_string=__APP__ --replace_string=$app --target_file="$coturn_config_path" +ynh_replace_string --match_string=__DOMAIN__ --replace_string=$domain --target_file="$coturn_config_path" +ynh_replace_string --match_string=__TLS_PORT__ --replace_string=$turnserver_tls_port --target_file="$coturn_config_path" +ynh_replace_string --match_string=__TLS_ALT_PORT__ --replace_string=$turnserver_alt_tls_port --target_file="$coturn_config_path" +ynh_replace_string --match_string=__CLI_PORT__ --replace_string=$cli_port --target_file="$coturn_config_path" +ynh_print_OFF +ynh_replace_string --match_string=__TURNPWD__ --replace_string=$turnserver_pwd --target_file="$coturn_config_path" +ynh_print_ON + +# Get public IP and set as external IP for coturn +# note: '|| true' is used to ignore the errors if we can't get the public ipv4 or ipv6 +public_ip4="$(curl ip.yunohost.org)" || true +public_ip6="$(curl ipv6.yunohost.org)" || true + +if ( [[ -n "$public_ip4" ]] && ynh_validate_ip4 --ip_address="$public_ip4" || [[ -n "$public_ip6" ]] && ynh_validate_ip6 --ip_address="$public_ip6" ) +then + echo "external-ip=${public_ip4}/${public_ip6}" >> "$coturn_config_path" +fi + +ynh_store_file_checksum --file="$coturn_config_path" + +#================================================= +# ADD SCRIPT FOR COTURN CRON +#================================================= + +# WARNING : theses command are used in INSTALL, UPGRADE +# For any update do it in all files +data_path="/home/yunohost.app/$app" +mkdir -p $data_path +cp -f ../sources/Coturn_config_rotate.sh $data_path/ +ynh_replace_string --match_string="__APP__" --replace_string=$app --target_file=$data_path/Coturn_config_rotate.sh +chmod +x $data_path/Coturn_config_rotate.sh + +#================================================= +# SET COTURN CRON +#================================================= + +cp -f ../conf/cron_coturn /etc/cron.d/$app +ynh_replace_string --match_string="__DATA_PATH__" --replace_string=$data_path --target_file=/etc/cron.d/$app + +#================================================= +# MIGRATION 3 : USE STANDARD ACCESS FOR CERTIFCATE +#================================================= + +# Fix issue about certificates access +if [ ! $(grep "ssl-cert:x:[0-9]*:.*$app" /etc/group) ] +then + ynh_script_progression --message="Use standard access for certificate..." --weight=1 + + adduser turnserver ssl-cert +fi + +#================================================= +# SETUP LOGROTATE +#================================================= +ynh_script_progression --message="Configuring log rotation..." --weight=1 + +ynh_use_logrotate --logfile "/var/log/$app" + +#================================================= +# GENERIC FINALIZATION +#================================================= +# SECURE FILES AND DIRECTORIES +#================================================= + +# Set permissions to app files +chown root: -R $data_path +chown -R turnserver:root /var/log/$app +chown turnserver:root /etc/turnserver.conf +setfacl -R -m user:turnserver:rwX /var/log/$app + +#================================================= +# INTEGRATE SERVICE IN YUNOHOST +#================================================= +ynh_script_progression --message="Integrating service in YunoHost..." --weight=2 + +yunohost service add $app --description="Coturn TURN server" --log="/var/log/$app/$app.log" --needs_exposed_ports $turnserver_tls_port + +#================================================= +# START SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Starting a systemd service..." --weight=1 + +# Start a systemd service +ynh_systemd_action --service_name=$app --action=restart --log_path="/var/log/$app/$app.log" + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Upgrade of Coturn completed" --last