diff --git a/conf/systemd.service b/conf/systemd.service index 69594fa..64d5fb4 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -7,9 +7,9 @@ Type=simple User=__APP__ Group=__APP__ WorkingDirectory=__INSTALL_DIR__ -Environment=PATH=__YNH_NODE_LOAD_PATH__ +Environment=PATH=PATH=__PATH_WITH_NODEJS__ Environment=NODE_ENV=production -ExecStart=__YNH_NPM__ start +ExecStart=__NODEJS_DIR__/npm start Restart=always # Sandboxing options to harden security diff --git a/manifest.toml b/manifest.toml index dec6f5e..1e4fdf5 100644 --- a/manifest.toml +++ b/manifest.toml @@ -19,7 +19,8 @@ cpe = "cpe:2.3:a:xwiki:cryptpad" fund = "https://opencollective.com/cryptpad/contribute?language=fr" [integration] -yunohost = ">= 11.2" +yunohost = ">= 11.2.29" +helpers_version = "2.1" architectures = "all" multi_instance = false @@ -59,6 +60,7 @@ ram.runtime = "50M" [resources.system_user] [resources.install_dir] + group = "www-data:r-x" [resources.permissions] main.url = "/" diff --git a/scripts/_common.sh b/scripts/_common.sh index 447f5df..9d81477 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -1,19 +1,7 @@ #!/bin/bash #================================================= -# COMMON VARIABLES +# COMMON VARIABLES AND CUSTOM HELPERS #================================================= nodejs_version="16.14.2" - -#================================================= -# PERSONAL HELPERS -#================================================= - -#================================================= -# EXPERIMENTAL HELPERS -#================================================= - -#================================================= -# FUTURE OFFICIAL HELPERS -#================================================= diff --git a/scripts/backup b/scripts/backup index 38d96c5..50e701d 100644 --- a/scripts/backup +++ b/scripts/backup @@ -1,36 +1,26 @@ #!/bin/bash -#================================================= -# GENERIC START -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - -# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers -#================================================= -# DECLARE DATA AND CONF FILES TO BACKUP -#================================================= -ynh_print_info --message="Declaring files to be backed up..." +ynh_print_info "Declaring files to be backed up..." #================================================= # BACKUP THE APP MAIN DIR #================================================= -ynh_backup --src_path="$install_dir" +ynh_backup "$install_dir" #================================================= # SYSTEM CONFIGURATION #================================================= -ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" +ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf" -ynh_backup --src_path="/etc/systemd/system/$app.service" +ynh_backup "/etc/systemd/system/$app.service" #================================================= # END OF SCRIPT #================================================= -ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." +ynh_print_info "Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." diff --git a/scripts/change_url b/scripts/change_url index 5d35e69..7052d85 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -1,41 +1,31 @@ #!/bin/bash -#================================================= -# GENERIC STARTING -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - source _common.sh source /usr/share/yunohost/helpers -#================================================= -# STANDARD MODIFICATIONS #================================================= # STOP SYSTEMD SERVICE #================================================= -ynh_script_progression --message="Stopping a systemd service..." --weight=1 +ynh_script_progression "Stopping $app's systemd service..." -ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log" +ynh_systemctl --service=$app --action="stop" #================================================= # MODIFY URL IN NGINX CONF #================================================= -ynh_script_progression --message="Updating NGINX web server configuration..." --weight=1 +ynh_script_progression "Updating NGINX web server configuration..." -ynh_change_url_nginx_config +ynh_config_change_url_nginx -#================================================= -# GENERIC FINALISATION #================================================= # START SYSTEMD SERVICE #================================================= -ynh_script_progression --message="Starting a systemd service..." --weight=1 +ynh_script_progression "Starting $app's systemd service..." -ynh_systemd_action --service_name=$app --action="start" --log_path=systemd --line_match="server available" +ynh_systemctl --service=$app --action="start" --log_path=systemd --wait_until="server available" #================================================= # END OF SCRIPT #================================================= -ynh_script_progression --message="Change of URL completed for $app" --last +ynh_script_progression "Change of URL completed for $app" diff --git a/scripts/install b/scripts/install index 5c064c3..6ca2d02 100644 --- a/scripts/install +++ b/scripts/install @@ -1,11 +1,5 @@ #!/bin/bash -#================================================= -# GENERIC START -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - source _common.sh source /usr/share/yunohost/helpers @@ -32,12 +26,12 @@ if [[ $domain == *".local" ]]; then sandboxdomain=sandbox-$domain fi -ynh_app_setting_set --app=$app --key=sandboxdomain --value=$sandboxdomain +ynh_app_setting_set --key=sandboxdomain --value=$sandboxdomain -ynh_script_progression --message="Setting up sandobx domain: $sandboxdomain" --weight=1 +ynh_script_progression "Setting up sandobx domain : $sandboxdomain" # We don't test that in CI -if ! [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then +if ! ynh_in_ci_tests; then yunohost domain add $sandboxdomain yunohost domain config set $sandboxdomain -a "mail_in=0&mail_out=0" fi @@ -45,65 +39,54 @@ fi #================================================= # INSTALL DEPENDENCIES #================================================= -ynh_script_progression --message="Installing dependencies..." --weight=20 +ynh_script_progression "Installing dependencies..." -ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version +ynh_nodejs_install #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= -ynh_script_progression --message="Setting up source files..." --weight=10 +ynh_script_progression "Setting up source files..." -# Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$install_dir" -chmod -R o-rwx "$install_dir" -chown -R $app:$app "$install_dir" - #================================================= # SYSTEM CONFIGURATION #================================================= -ynh_script_progression --message="Adding system configurations related to $app..." --weight=1 +ynh_script_progression "Adding system configurations related to $app..." -# Create a dedicated NGINX config -ynh_add_nginx_config +ynh_config_add_nginx -# Create a dedicated systemd config -ynh_add_systemd_config +ynh_config_add_systemd yunohost service add $app --description="Zero Knowledge realtime collaborative editor" --log="/var/log/$app/$app.log" #================================================= # ADD A CONFIGURATION #================================================= -ynh_script_progression --message="Adding a configuration file..." --weight=1 +ynh_script_progression "Adding $app's configuration..." -ynh_add_config --template="config.js" --destination="$install_dir/config/config.js" - -chmod 600 "$install_dir/config/config.js" -chown $app "$install_dir/config/config.js" +ynh_config_add --template="config.js" --destination="$install_dir/config/config.js" #================================================= # INSTALL CRYPTPAD #================================================= -ynh_script_progression --message="Building $app... (this will take some time and resources!)" --weight=60 +ynh_script_progression "Building $app... (this will take some time and resources!)" pushd "$install_dir" - ynh_use_nodejs - ynh_exec_warn_less npm install --allow-root - ynh_exec_warn_less npm install -g bower - ynh_exec_warn_less bower install --allow-root - ynh_exec_warn_less bower update --allow-root - ynh_exec_warn_less npm run build + ynh_hide_warnings npm install --allow-root + ynh_hide_warnings npm install -g bower + ynh_hide_warnings bower install --allow-root + ynh_hide_warnings bower update --allow-root + ynh_hide_warnings npm run build popd #================================================= # START SYSTEMD SERVICE #================================================= -ynh_script_progression --message="Starting a systemd service..." --weight=2 +ynh_script_progression "Starting $app's systemd service..." -# Start a systemd service -ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" +ynh_systemctl --service=$app --action="start" --log_path="systemd" #================================================= # SETUP SSOWAT @@ -111,7 +94,7 @@ ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" # We authorize access to sandbox domain # We don't test that in CI -if ! [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then +if ! ynh_in_ci_tests; then ynh_permission_url --permission="main" --add_url=$sandboxdomain --auth_header=true fi @@ -126,12 +109,12 @@ chgrp -R www-data $install_dir #================================================= # We don't test that in CI -if ! [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then - ynh_add_config --template="/etc/nginx/conf.d/$domain.d/cryptpad.conf" --destination="/etc/nginx/conf.d/$sandboxdomain.d/cryptpad.conf" +if ! ynh_in_ci_tests; then + ynh_config_add --template="/etc/nginx/conf.d/$domain.d/cryptpad.conf" --destination="/etc/nginx/conf.d/$sandboxdomain.d/cryptpad.conf" fi #================================================= # END OF SCRIPT #================================================= -ynh_script_progression --message="Installation of $app completed" --last +ynh_script_progression "Installation of $app completed" diff --git a/scripts/remove b/scripts/remove index a7f6a3e..3ac0b44 100644 --- a/scripts/remove +++ b/scripts/remove @@ -1,43 +1,35 @@ #!/bin/bash -#================================================= -# GENERIC START -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - source _common.sh source /usr/share/yunohost/helpers #================================================= # REMOVE SYSTEM CONFIGURATIONS #================================================= -# REMOVE SYSTEMD SERVICE -#================================================= -ynh_script_progression --message="Removing system configurations related to $app..." --weight=1 +# REMOVE SYSTEMD SERVICE -# Remove the service from the list of services known by YunoHost (added from `yunohost service add`) -if ynh_exec_warn_less yunohost service status $app >/dev/null +#================================================= +ynh_script_progression "Removing system configurations related to $app..." + +if ynh_hide_warnings yunohost service status $app >/dev/null then - ynh_script_progression --message="Removing $app service integration..." --weight=3 + ynh_script_progression "Removing $app service integration..." yunohost service remove $app fi -# Remove the dedicated systemd config -ynh_remove_systemd_config +ynh_config_remove_systemd -# Remove the dedicated NGINX config -ynh_remove_nginx_config +ynh_config_remove_nginx -ynh_remove_nodejs +ynh_nodejs_remove #================================================= # REMOVE SANDBOX DOMAIN #================================================= # We don't test that in CI -if ! [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then - +if ! ynh_in_ci_tests; then + # if the main domain for the app is a root domain, we create a correct sandbox subdomain if [[ $domain == *"."* ]]; then sandboxdomain=sandbox.$domain @@ -50,14 +42,14 @@ if ! [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then if [[ $domain == *".local" ]]; then sandboxdomain=sandbox-$domain fi - - ynh_script_progression --message="Removing sandbox domain : $sandboxdomain" --weight=1 - + + ynh_script_progression "Removing sandbox domain : $sandboxdomain" + if yunohost domain list | grep -q $sandboxdomain then #if domain exist we remove it yunohost domain remove $sandboxdomain # we clean the nginx configuration we added - ynh_secure_remove --file="/etc/nginx/conf.d/$sandboxdomain.d/" + ynh_safe_rm "/etc/nginx/conf.d/$sandboxdomain.d/" fi fi @@ -65,4 +57,4 @@ fi # END OF SCRIPT #================================================= -ynh_script_progression --message="Removal of $app completed" --last +ynh_script_progression "Removal of $app completed" diff --git a/scripts/restore b/scripts/restore index b8a266e..9e7d616 100644 --- a/scripts/restore +++ b/scripts/restore @@ -1,25 +1,14 @@ #!/bin/bash -#================================================= -# GENERIC START -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - -# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers #================================================= # RESTORE THE APP MAIN DIR #================================================= -ynh_script_progression --message="Restoring the app main directory..." --weight=6 +ynh_script_progression "Restoring the app main directory..." -ynh_restore_file --origin_path="$install_dir" - -chmod -R o-rwx "$install_dir" -chown -R $app:$app "$install_dir" -chmod 600 "$install_dir/config/config.js" +ynh_restore "$install_dir" #================================================= # APPLY FOLDER GROUP RIGHTS FOR WWW-DATA @@ -30,38 +19,33 @@ chgrp -R www-data $install_dir #================================================= # REINSTALL DEPENDENCIES #================================================= -ynh_script_progression --message="Reinstalling dependencies..." --weight=7 +ynh_script_progression "Reinstalling dependencies..." -# Define and install dependencies -ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version +ynh_nodejs_install #================================================= # RESTORE SYSTEM CONFIGURATIONS #================================================= -# RESTORE THE PHP-FPM CONFIGURATION -#================================================= -ynh_script_progression --message="Restoring system configurations related to $app..." --weight=1 +ynh_script_progression "Restoring system configurations related to $app..." -ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" +ynh_restore "/etc/nginx/conf.d/$domain.d/$app.conf" -ynh_restore_file --origin_path="/etc/systemd/system/$app.service" +ynh_restore "/etc/systemd/system/$app.service" systemctl enable $app.service --quiet yunohost service add $app --description="Zero Knowledge realtime collaborative editor" --log="/var/log/$app/$app.log" -#================================================= -# GENERIC FINALIZATION #================================================= # RELOAD NGINX AND PHP-FPM OR THE APP SERVICE #================================================= -ynh_script_progression --message="Reloading NGINX web server and $app's service..." --weight=1 +ynh_script_progression "Reloading NGINX web server and $app's service..." -ynh_systemd_action --service_name=$app --action="start" --log_path=systemd --line_match="server available" +ynh_systemctl --service=$app --action="start" --log_path=systemd --wait_until="server available" -ynh_systemd_action --service_name=nginx --action=reload +ynh_systemctl --service=nginx --action=reload #================================================= # END OF SCRIPT #================================================= -ynh_script_progression --message="Restoration completed for $app" --last +ynh_script_progression "Restoration completed for $app" diff --git a/scripts/upgrade b/scripts/upgrade index 8f85586..67bdc7b 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -1,47 +1,28 @@ #!/bin/bash -#================================================= -# GENERIC START -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - source _common.sh source /usr/share/yunohost/helpers #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading installation settings..." --weight=1 +ynh_script_progression "Loading installation settings..." email=$(ynh_user_get_info --username=$admin --key=mail) -#================================================= -# UPGRADE DEPENDENCIES -#================================================= -ynh_script_progression --message="Upgrading dependencies..." --weight=6 - -ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version - -#================================================= -# STANDARD UPGRADE STEPS #================================================= # STOP SYSTEMD SERVICE #================================================= -ynh_script_progression --message="Stopping a systemd service..." --weight=1 +ynh_script_progression "Stopping $app's systemd service..." -ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log" +ynh_systemctl --service=$app --action="stop" #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= -ynh_script_progression --message="Upgrading source files..." --weight=1 +ynh_script_progression "Upgrading source files..." -# Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$install_dir" #--keep="config/config.js" - -chmod -R o-rwx "$install_dir" -chown -R $app:$app "$install_dir" #================================================= # APPLY FOLDER GROUP RIGHTS FOR WWW-DATA @@ -66,10 +47,10 @@ if [[ $domain == *".local" ]]; then sandboxdomain=sandbox-$domain fi -ynh_script_progression --message="Setting up sandobx domain: $sandboxdomain" --weight=1 +ynh_script_progression "Setting up sandobx domain: $sandboxdomain" # We don't test that in CI -if ! [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then +if ! ynh_in_ci_tests; then # If sandboxdomain doesn't exist, create it if ! yunohost domain list --output-as json | jq -r .domains[] | grep -q "^$sandboxdomain\$"; then yunohost domain add $sandboxdomain @@ -80,60 +61,57 @@ fi #================================================= # NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=1 +ynh_script_progression "Upgrading NGINX web server configuration..." -# Create a dedicated NGINX config -ynh_add_nginx_config +ynh_config_add_nginx -# Create a dedicated systemd config -ynh_add_systemd_config +ynh_nodejs_install + +ynh_config_add_systemd yunohost service add $app --description="Zero Knowledge realtime collaborative editor" --log="/var/log/$app/$app.log" #================================================= # INSTALL CRYPTPAD #================================================= -ynh_script_progression --message="Building $app... (this will take some time and resources!)" --weight=60 +ynh_script_progression "Building $app... (this will take some time and resources!)" -pushd "$install_dir" - ynh_exec_warn_less npm install --allow-root - ynh_exec_warn_less npm install -g bower - ynh_exec_warn_less bower update --allow-root - ynh_exec_warn_less npm i - ynh_exec_warn_less npm run build +pushd "$install_dir" + ynh_hide_warnings npm install --allow-root + ynh_hide_warnings npm install -g bower + ynh_hide_warnings bower update --allow-root + ynh_hide_warnings npm i + ynh_hide_warnings npm run build popd #================================================= # ADD UPGRADED CONFIG WITH SANDBOX #================================================= -ynh_script_progression --message="Updating a configuration file..." --weight=1 +ynh_script_progression "Updating configuration..." -ynh_add_config --template="config.js" --destination="$install_dir/config/config.js" - -chmod 600 "$install_dir/config/config.js" -chown $app "$install_dir/config/config.js" +ynh_config_add --template="config.js" --destination="$install_dir/config/config.js" #================================================= # START SYSTEMD SERVICE #================================================= -ynh_script_progression --message="Starting a systemd service..." --weight=1 +ynh_script_progression "Starting $app's systemd service..." -ynh_systemd_action --service_name=$app --action="start" --log_path=systemd --line_match="server available" +ynh_systemctl --service=$app --action="start" --log_path=systemd --wait_until="server available" #================================================= # COPY NGINX CONF IN SANDBOX DOMAIN #================================================= # We don't test that in CI -if ! [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then +if ! ynh_in_ci_tests; then if [ -n "$sandboxdomain" ]; then - ynh_add_config --template="nginx.conf" --destination="/etc/nginx/conf.d/$sandboxdomain.d/$app.conf" + ynh_config_add --template="nginx.conf" --destination="/etc/nginx/conf.d/$sandboxdomain.d/$app.conf" fi fi # We authorize access to sandbox domain # We don't test that in CI -if ! [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then +if ! ynh_in_ci_tests; then ynh_permission_url --permission="main" --add_url=$sandboxdomain --auth_header=true fi @@ -141,4 +119,4 @@ fi # END OF SCRIPT #================================================= -ynh_script_progression --message="Upgrade of $app completed" --last +ynh_script_progression "Upgrade of $app completed"