Merge pull request #4 from YunoHost-Apps/testing

Testing

README_fr.md

@@ -0,0 +1,68 @@
+# Coturn server pour YunoHost
+
+[![Integration level](https://dash.yunohost.org/integration/coturn.svg)](https://dash.yunohost.org/appci/app/coturn) ![](https://ci-apps.yunohost.org/ci/badges/coturn.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/coturn.maintain.svg)  
+[![Installer Coturn avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=coturn)
+
+*[Read this readme in english.](./README.md)* 
+
+> *Ce package vous permet d'installer Coturn rapidement et simplement sur un serveur YunoHost.  
+Si vous n'avez pas YunoHost, consultez [le guide](https://yunohost.org/#/install) pour apprendre comment l'installer.*
+
+## Overview
+Serveur TURN et STUN pour VoIP. STUN (Session Traversal Utilities for NAT) et TURN (Traversal Using Relays around NAT) sont des protocoles qui peuvent être utilisés pour fournir une traversée NAT pour VoIP et WebRTC. Ce package fournit un serveur et une passerelle de traversée NAT du trafic multimédia VoIP. 
+
+**Version incluse :** 4.5.1.1
+
+## Configuration
+
+Vous devez installer coTURN à la racine ou un sous-domaine comme `turn.domain.lts`
+
+How to configure this app: a plain file with SSH.
+
+## Testing
+
+Pour les tests, vous pouvez utiliser l'outil de test Trickle-Ice. Accédez à la page [trickle-ice](https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice) et entrez les détails suivants.
+```
+TURN URI     : turn:<YOUR_PUBLIC_IP_ADDRESS>:5349
+TURN username: <YOUR_USERNAME>
+TURN password: <YOUR_PASSWORD>
+```
+
+## Documentation
+
+ * Documentation officielle : https://github.com/coturn/coturn/wiki
+ * Documentation YunoHost : Si une documentation spécifique est nécessaire, n'hésitez pas à contribuer.
+
+#### Support multi-utilisateur
+
+#### Architectures supportées
+
+* x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/coturn%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/coturn/)
+* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/coturn%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/coturn/)
+
+## Limitations
+
+* Limitations connues.
+
+## Informations additionnelles
+
+* Autres informations que vous souhaitez ajouter sur cette application.
+
+## Links
+
+ * Signaler un bug : https://github.com/YunoHost-Apps/coturn_ynh/issues
+ * Site de l'application : https://github.com/coturn/coturn
+ * Site web YunoHost : https://yunohost.org/
+
+---
+
+## Informations pour les développeurs
+
+Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/coturn_ynh/tree/testing).
+
+Pour essayer la branche testing, procédez comme suit.
+```
+sudo yunohost app install https://github.com/YunoHost-Apps/coturn_ynh/tree/testing --debug
+ou
+sudo yunohost app upgrade coturn -u https://github.com/YunoHost-Apps/coturn_ynh/tree/testing --debug
+```

check_process

@@ -6,18 +6,15 @@
 ;; Test complet
 	; Manifest
 		domain="domain.tld"	(DOMAIN)
-		path="/path"	(PATH)
-		admin="john"	(USER)
-		is_public=1	(PUBLIC|public=1|private=0)
 	; Checks
 		pkg_linter=1
 		setup_sub_dir=0
-		setup_root=1
-		setup_nourl=0
+		setup_root=0
+		setup_nourl=1
 		setup_private=0
-		setup_public=1
-		upgrade=0
-		backup_restore=0
+		setup_public=0
+		upgrade=1
+		backup_restore=1
 		multi_instance=0
 		port_already_use=0
 		change_url=0
@@ -27,4 +24,4 @@ Notification=none
 ;;; Upgrade options
 	; commit=CommitHash
 		name=Name and date of the commit.
-		manifest_arg=domain=DOMAIN&path=PATH&admin=USER&language=fr&is_public=1&password=pass&port=666&
+		manifest_arg=domain=DOMAIN&

conf/turnserver.conf

@@ -474,7 +474,7 @@ pkey=/etc/yunohost/certs/__DOMAIN__/key.pem
 # Allowed OpenSSL cipher list for TLS/DTLS connections.
 # Default value is "DEFAULT".
 #
-#cipher-list="DEFAULT"
+#cipher-list="ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384"
 
 # CA file in OpenSSL format.
 # Forces TURN server to verify the client SSL certificates.
@@ -670,12 +670,12 @@ pidfile="/var/run/turnserver.pid"
 # User name to run the process. After the initialization, the turnserver process
 # will attempt to change the current user ID to that user.
 #
-#proc-user=<user-name>
+proc-user=turnserver
 
 # Group name to run the process. After the initialization, the turnserver process
 # will attempt to change the current group ID to that group.
 #
-#proc-group=<group-name>
+proc-group=turnserver
 
 # Turn OFF the CLI support.
 # By default it is always ON.

manifest.json

@@ -8,7 +8,7 @@
     },
     "version": "4.5.1.1~ynh1",
     "url": "https://github.com/coturn/coturn",
-    "license": "",
+    "license": "BSD-3-Clause",
     "maintainer": {
         "name": "",
         "email": ""

scripts/backup

@@ -0,0 +1,65 @@
+#!/bin/bash
+
+#=================================================
+# GENERIC START
+#=================================================
+# IMPORT GENERIC HELPERS
+#=================================================
+
+# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts
+source ../settings/scripts/_common.sh
+source /usr/share/yunohost/helpers
+
+#=================================================
+# MANAGE SCRIPT FAILURE
+#=================================================
+
+ynh_abort_if_errors
+
+#=================================================
+# LOAD SETTINGS
+#=================================================
+ynh_print_info --message="Loading installation settings..."
+
+app=$YNH_APP_INSTANCE_NAME
+
+final_path=$(ynh_app_setting_get --app=$app --key=final_path)
+domain=$(ynh_app_setting_get --app=$app --key=domain)
+
+#=================================================
+# DECLARE DATA AND CONF FILES TO BACKUP
+#=================================================
+ynh_print_info --message="Declaring files to be backed up..."
+
+#=================================================
+# BACKUP THE COTURN CONFIGURATION
+#=================================================
+
+ynh_backup --src_path="/etc/turnserver.conf"
+
+#=================================================
+# BACKUP THE COTURN DATAPATH
+#=================================================
+
+ynh_backup --src_path="/home/yunohost.app/$app"
+
+#=================================================
+# SPECIFIC BACKUP
+#=================================================
+# BACKUP LOGROTATE
+#=================================================
+
+ynh_backup --src_path="/var/log/$app"
+ynh_backup --src_path="/etc/cron.d/$app"
+
+#=================================================
+# BACKUP SYSTEMD
+#=================================================
+
+ynh_backup --src_path="/etc/systemd/system/$app.service"
+
+#=================================================
+# END OF SCRIPT
+#=================================================
+
+ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)."

scripts/install

@@ -24,7 +24,6 @@ ynh_abort_if_errors
 #=================================================
 
 domain=$YNH_APP_ARG_DOMAIN
-path_url="/"
 
 app=$YNH_APP_INSTANCE_NAME
 
@@ -34,7 +33,6 @@ app=$YNH_APP_INSTANCE_NAME
 ynh_script_progression --message="Storing installation settings..." --weight=4
 
 ynh_app_setting_set --app=$app --key=domain --value=$domain
-ynh_app_setting_set --app=$app --key=path --value=$path_url
 ynh_app_setting_set --app=$app --key=no_sso --value true
 
 #=================================================
@@ -133,16 +131,6 @@ ynh_print_ON
 public_ip4="$(curl ip.yunohost.org)" || true
 public_ip6="$(curl ipv6.yunohost.org)" || true
 
-# if [ -n "$public_ip4" ] && ynh_validate_ip4 --ip_address="$public_ip4"
-# then
-#     echo "external-ip=$public_ip4" >> "$coturn_config_path"
-# fi
-
-# if [ -n "$public_ip6" ] && ynh_validate_ip6 --ip_address="$public_ip6"
-# then
-#     echo "external-ip=$public_ip6" >> "$coturn_config_path"
-# fi
-
 if ( [[ -n "$public_ip4" ]] && ynh_validate_ip4 --ip_address="$public_ip4" || [[ -n "$public_ip6" ]] && ynh_validate_ip6 --ip_address="$public_ip6" )
 then
     echo "external-ip=${public_ip4}/${public_ip6}" >> "$coturn_config_path"

scripts/restore

@@ -0,0 +1,137 @@
+#!/bin/bash
+
+#=================================================
+# GENERIC START
+#=================================================
+# IMPORT GENERIC HELPERS
+#=================================================
+
+source ../settings/scripts/_common.sh
+source /usr/share/yunohost/helpers
+
+#=================================================
+# MANAGE SCRIPT FAILURE
+#=================================================
+
+ynh_abort_if_errors
+
+#=================================================
+# LOAD SETTINGS
+#=================================================
+ynh_script_progression --message="Loading installation settings..." --weight=1
+
+app=$YNH_APP_INSTANCE_NAME
+
+domain=$(ynh_app_setting_get --app=$app --key=domain)
+final_path=$(ynh_app_setting_get --app=$app --key=final_path)
+turnserver_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_tls_port)
+turnserver_alt_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_alt_tls_port)
+
+#=================================================
+# INSTALL DEPENDENCIES
+#=================================================
+ynh_script_progression --message="Installing dependencies..." --weight=5
+
+ynh_install_app_dependencies $pkg_dependencies
+
+#=================================================
+# RESTORE COTURN CONFIGURATION
+#=================================================
+ynh_script_progression --message="Restoring Coturn configuration..." --weight=1
+
+ynh_restore_file --origin_path="/etc/turnserver.conf"
+
+#=================================================
+# RESTORE THE COTURN DATAPATH
+#=================================================
+ynh_script_progression --message="Restoring Coturn Datapath..." --weight=1
+
+ynh_restore_file --origin_path="/home/yunohost.app/$app"
+
+#=================================================
+# RESTORE LOG
+#=================================================
+
+ynh_restore_file --origin_path="/var/log/$app"
+
+#=================================================
+# RECREATE THE DEDICATED USER
+#=================================================
+ynh_script_progression --message="Recreating the dedicated system user..." --weight=1
+
+# Create the dedicated user (if not existing)
+ynh_system_user_create --username=turnserver
+adduser turnserver ssl-cert
+
+#=================================================
+# RECREATE A DH FILE
+#=================================================
+ynh_script_progression --message="Creating a dhparam file..." --weight=3
+
+# WARNING : theses command are used in INSTALL, UPGRADE, RESTORE
+# For any update do it in all files
+
+# Make dhparam cert for Coturn if it doesn't exist
+if [ ! -e /etc/ssl/private/dh2048.pem ]
+then
+    ynh_exec_warn_less openssl dhparam -out /etc/ssl/private/dh2048.pem -outform PEM -2 2048 -dsaparam
+    chown root:ssl-cert /etc/ssl/private/dh2048.pem
+    chmod 640 /etc/ssl/private/dh2048.pem
+fi
+
+#=================================================
+# RESTORE USER RIGHTS
+#=================================================
+
+# Restore permissions on app files
+# Set permissions to app files
+chown root: -R /home/yunohost.app/$app
+chown -R turnserver:root /var/log/$app
+chown turnserver:root /etc/turnserver.conf
+setfacl -R -m user:turnserver:rwX  /var/log/$app
+
+#=================================================
+# SPECIFIC RESTORATION
+#=================================================
+# REINSTALL DEPENDENCIES
+#=================================================
+ynh_script_progression --message="Reinstalling dependencies..." --weight=1
+
+# Define and install dependencies
+ynh_install_app_dependencies $pkg_dependencies
+
+#=================================================
+# RESTORE SYSTEMD
+#=================================================
+ynh_script_progression --message="Restoring the systemd configuration..." --weight=1
+
+ynh_restore_file --origin_path="/etc/systemd/system/$app.service"
+systemctl enable $app.service --quiet
+
+#=================================================
+# INTEGRATE SERVICE IN YUNOHOST
+#=================================================
+ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
+
+yunohost service add $app --description="Coturn TURN server" --log="/var/log/$app/$app.log" --needs_exposed_ports $turnserver_tls_port
+
+#=================================================
+# OPEN THE PORT
+#=================================================
+
+# Ouvre le port dans le firewall
+ynh_exec_warn_less yunohost firewall allow Both $turnserver_tls_port
+ynh_exec_warn_less yunohost firewall allow Both $turnserver_alt_tls_port
+
+#=================================================
+# START SYSTEMD SERVICE
+#=================================================
+ynh_script_progression --message="Starting a systemd service..." --weight=1
+
+ynh_systemd_action --service_name=$app --action=start --log_path="/var/log/$app/$app.log"
+
+#=================================================
+# END OF SCRIPT
+#=================================================
+
+ynh_script_progression --message="Restoration completed for $app" --last

scripts/upgrade

@@ -0,0 +1,186 @@
+#!/bin/bash
+
+#=================================================
+# GENERIC START
+#=================================================
+# IMPORT GENERIC HELPERS
+#=================================================
+
+source _common.sh
+source /usr/share/yunohost/helpers
+
+#=================================================
+# LOAD SETTINGS
+#=================================================
+ynh_script_progression --message="Loading installation settings..." --weight=1
+
+app=$YNH_APP_INSTANCE_NAME
+
+domain=$(ynh_app_setting_get --app=$app --key=domain)
+final_path=$(ynh_app_setting_get --app=$app --key=final_path)
+turnserver_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_tls_port)
+turnserver_alt_tls_port=$(ynh_app_setting_get --app=$app --key=turnserver_alt_tls_port)
+cli_port=$(ynh_app_setting_get --app=$app --key=cli_port)
+turnserver_pwd=$(ynh_app_setting_get --app=$app --key=turnserver_pwd)
+
+#=================================================
+# CHECK VERSION
+#=================================================
+
+upgrade_type=$(ynh_check_app_version_changed)
+
+#=================================================
+# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
+#=================================================
+ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=1
+
+# Backup the current version of the app
+ynh_backup_before_upgrade
+ynh_clean_setup () {
+	# Restore it if the upgrade fails
+	ynh_restore_upgradebackup
+}
+# Exit if an error occurs during the execution of the script
+ynh_abort_if_errors
+
+#=================================================
+# STANDARD UPGRADE STEPS
+#=================================================
+# STOP SYSTEMD SERVICE
+#=================================================
+ynh_script_progression --message="Stopping a systemd service..." --weight=1
+
+ynh_systemd_action --service_name=$app --action=stop --log_path="/var/log/$app/$app.log"
+
+#=================================================
+# UPGRADE DEPENDENCIES
+#=================================================
+ynh_script_progression --message="Upgrading dependencies..." --weight=1
+
+ynh_install_app_dependencies $pkg_dependencies
+
+#=================================================
+# CREATE DEDICATED USER
+#=================================================
+ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1
+
+# Create a dedicated user (if not existing)
+ynh_system_user_create --username=turnserver
+adduser turnserver ssl-cert
+
+#=================================================
+# SETUP SYSTEMD
+#=================================================
+ynh_script_progression --message="Configuring a systemd service..." --weight=1
+
+mkdir -p /var/log/$app
+# Create systemd service for turnserver
+cp ../conf/default.coturn /etc/default/coturn
+# Create a dedicated systemd config
+ynh_add_systemd_config
+
+#=================================================
+# SET COTURN CONFIG
+#=================================================
+ynh_script_progression --message="Configuring Coturn..." --weight=2
+
+# WARNING: theses command are used in INSTALL, UPGRADE
+# For any update do it in all files
+
+coturn_config_path="/etc/turnserver.conf"
+
+ynh_backup_if_checksum_is_different --file="$coturn_config_path"
+
+cp ../conf/turnserver.conf "$coturn_config_path"
+
+ynh_replace_string --match_string=__APP__ --replace_string=$app --target_file="$coturn_config_path"
+ynh_replace_string --match_string=__DOMAIN__ --replace_string=$domain --target_file="$coturn_config_path"
+ynh_replace_string --match_string=__TLS_PORT__ --replace_string=$turnserver_tls_port --target_file="$coturn_config_path"
+ynh_replace_string --match_string=__TLS_ALT_PORT__ --replace_string=$turnserver_alt_tls_port --target_file="$coturn_config_path"
+ynh_replace_string --match_string=__CLI_PORT__ --replace_string=$cli_port --target_file="$coturn_config_path"
+ynh_print_OFF
+ynh_replace_string --match_string=__TURNPWD__ --replace_string=$turnserver_pwd --target_file="$coturn_config_path"
+ynh_print_ON
+
+# Get public IP and set as external IP for coturn
+# note: '|| true' is used to ignore the errors if we can't get the public ipv4 or ipv6
+public_ip4="$(curl ip.yunohost.org)" || true
+public_ip6="$(curl ipv6.yunohost.org)" || true
+
+if ( [[ -n "$public_ip4" ]] && ynh_validate_ip4 --ip_address="$public_ip4" || [[ -n "$public_ip6" ]] && ynh_validate_ip6 --ip_address="$public_ip6" )
+then
+    echo "external-ip=${public_ip4}/${public_ip6}" >> "$coturn_config_path"
+fi
+
+ynh_store_file_checksum --file="$coturn_config_path"
+
+#=================================================
+# ADD SCRIPT FOR COTURN CRON
+#=================================================
+
+# WARNING : theses command are used in INSTALL, UPGRADE
+# For any update do it in all files
+data_path="/home/yunohost.app/$app"
+mkdir -p $data_path
+cp -f ../sources/Coturn_config_rotate.sh $data_path/
+ynh_replace_string --match_string="__APP__" --replace_string=$app --target_file=$data_path/Coturn_config_rotate.sh
+chmod +x $data_path/Coturn_config_rotate.sh
+
+#=================================================
+# SET COTURN CRON
+#=================================================
+
+cp -f ../conf/cron_coturn /etc/cron.d/$app
+ynh_replace_string --match_string="__DATA_PATH__" --replace_string=$data_path --target_file=/etc/cron.d/$app
+
+#=================================================
+# MIGRATION 3 : USE STANDARD ACCESS FOR CERTIFCATE
+#=================================================
+
+# Fix issue about certificates access
+# if [ ! $(grep "ssl-cert:x:[0-9]*:.*$app" /etc/group) ]
+# then
+#     ynh_script_progression --message="Use standard access for certificate..." --weight=1
+
+#     adduser turnserver ssl-cert
+# fi
+
+#=================================================
+# SETUP LOGROTATE
+#=================================================
+ynh_script_progression --message="Configuring log rotation..." --weight=5
+
+ynh_use_logrotate --logfile "/var/log/$app"
+
+#=================================================
+# GENERIC FINALIZATION
+#=================================================
+# SECURE FILES AND DIRECTORIES
+#=================================================
+
+# Set permissions to app files
+chown root: -R $data_path
+chown -R turnserver:root /var/log/$app
+chown turnserver:root /etc/turnserver.conf
+setfacl -R -m user:turnserver:rwX  /var/log/$app
+
+#=================================================
+# INTEGRATE SERVICE IN YUNOHOST
+#=================================================
+ynh_script_progression --message="Integrating service in YunoHost..." --weight=2
+
+yunohost service add $app --description="Coturn TURN server" --log="/var/log/$app/$app.log" --needs_exposed_ports $turnserver_tls_port
+
+#=================================================
+# START SYSTEMD SERVICE
+#=================================================
+ynh_script_progression --message="Starting a systemd service..." --weight=1
+
+# Start a systemd service
+ynh_systemd_action --service_name=$app --action=restart --log_path="/var/log/$app/$app.log"
+
+#=================================================
+# END OF SCRIPT
+#=================================================
+
+ynh_script_progression --message="Upgrade of Coturn completed" --last