YunoHost-Apps/cryptpad_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/cryptpad_ynh.git synced 2024-09-03 18:26:14 +02:00
Code Issues Activity Actions

Apply example_ynh

Browse source
This commit is contained in:
yalh76 2022-09-23 23:43:29 +02:00
parent 8db1794377
commit 9fd892aee2
10 changed files with 83 additions and 74 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

86
.github/workflows/updater.sh vendored
View file

@ -9,9 +9,6 @@
# Since each app is different, maintainers can adapt its contents so as to perform # Since each app is different, maintainers can adapt its contents so as to perform
# automatic actions when a new upstream release is detected. # automatic actions when a new upstream release is detected.
# Remove this exit command when you are ready to run this Action
#exit 1
#================================================= #=================================================
# FETCHING LATEST RELEASE AND ITS ASSETS # FETCHING LATEST RELEASE AND ITS ASSETS
#================================================= #=================================================
@ -23,25 +20,29 @@ repo=$(cat manifest.json | jq -j '.upstream.code|split("https://github.com/")[1]
version=$(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '.[] | select( .prerelease != true ) | .tag_name' | sort -V | tail -1) version=$(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '.[] | select( .prerelease != true ) | .tag_name' | sort -V | tail -1)
assets=($(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '[ .[] | select(.tag_name=="'$version'").assets[].browser_download_url ] | join(" ") | @sh' | tr -d "'")) assets=($(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '[ .[] | select(.tag_name=="'$version'").assets[].browser_download_url ] | join(" ") | @sh' | tr -d "'"))
# Later down the script, we assume the version has only digits and dots
# Sometimes the release name starts with a "v", so let's filter it out.
# You may need more tweaks here if the upstream repository has different naming conventions.
if [[ ${version:0:1} == "v" || ${version:0:1} == "V" ]]; then if [[ ${version:0:1} == "v" || ${version:0:1} == "V" ]]; then
version=${version:1} version=${version:1}
fi fi
# Setting up the environment variables # Setting up the environment variables
echo "Current version: $current_version" echo "Current version: $current_version"
echo "Latest release from upstream: $version" echo "Latest release from upstream: $version"
echo "VERSION=$version" >> $GITHUB_ENV echo "VERSION=$version" >> $GITHUB_ENV
echo "REPO=$repo" >> $GITHUB_ENV
# For the time being, let's assume the script will fail # For the time being, let's assume the script will fail
echo "PROCEED=false" >> $GITHUB_ENV echo "PROCEED=false" >> $GITHUB_ENV
# Proceed only if the retrieved version is greater than the current one # Proceed only if the retrieved version is greater than the current one
if ! dpkg --compare-versions "$current_version" "lt" "$version" ; then if ! dpkg --compare-versions "$current_version" "lt" "$version" ; then
echo "::warning ::No new version available" echo "::warning ::No new version available"
exit 0 exit 0
# Proceed only if a PR for this new version does not already exist # Proceed only if a PR for this new version does not already exist
elif git ls-remote -q --exit-code --heads https://github.com/$GITHUB_REPOSITORY.git ci-auto-update-v$version ; then elif git ls-remote -q --exit-code --heads https://github.com/$GITHUB_REPOSITORY.git ci-auto-update-v$version ; then
echo "::warning ::A branch already exists for this update" echo "::warning ::A branch already exists for this update"
exit 0 exit 0
fi fi
# Each release can hold multiple assets (e.g. binaries for different architectures, source code, etc.) # Each release can hold multiple assets (e.g. binaries for different architectures, source code, etc.)
@ -57,53 +58,56 @@ echo "${#assets[@]} available asset(s)"
# Let's loop over the array of assets URLs # Let's loop over the array of assets URLs
for asset_url in ${assets[@]}; do for asset_url in ${assets[@]}; do
echo "Handling asset at $asset_url" echo "Handling asset at $asset_url"
# Assign the asset to a source file in conf/ directory # Assign the asset to a source file in conf/ directory
# Here we base the source file name upon a unique keyword in the assets url (admin vs. update) # Here we base the source file name upon a unique keyword in the assets url (admin vs. update)
# Leave $src empty to ignore the asset # Leave $src empty to ignore the asset
case $asset_url in case $asset_url in
*".tar.gz") *".tar.gz")
src="app" src="app"
;; ;;
esac *)
src=""
;;
esac
# If $src is not empty, let's process the asset # If $src is not empty, let's process the asset
if [ ! -z "$src" ]; then if [ ! -z "$src" ]; then
# Create the temporary directory # Create the temporary directory
tempdir="$(mktemp -d)" tempdir="$(mktemp -d)"
# Download sources and calculate checksum # Download sources and calculate checksum
filename=${asset_url##*/} filename=${asset_url##*/}
curl --silent -4 -L $asset_url -o "$tempdir/$filename" curl --silent -4 -L $asset_url -o "$tempdir/$filename"
checksum=$(sha256sum "$tempdir/$filename" | head -c 64) checksum=$(sha256sum "$tempdir/$filename" | head -c 64)
# Delete temporary directory # Delete temporary directory
rm -rf $tempdir rm -rf $tempdir
# Get extension # Get extension
if [[ $filename == *.tar.gz ]]; then if [[ $filename == *.tar.gz ]]; then
extension=tar.gz extension=tar.gz
else else
extension=${filename##*.} extension=${filename##*.}
fi fi
# Rewrite source file # Rewrite source file
cat <<EOT > conf/$src.src cat <<EOT > conf/$src.src
SOURCE_URL=$asset_url SOURCE_URL=$asset_url
SOURCE_SUM=$checksum SOURCE_SUM=$checksum
SOURCE_SUM_PRG=sha256sum SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=$extension SOURCE_FORMAT=$extension
SOURCE_IN_SUBDIR=true SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=cryptpad.tar.gz SOURCE_FILENAME=
SOURCE_EXTRACT=true
EOT EOT
echo "... conf/$src.src updated" echo "... conf/$src.src updated"
else
echo "... asset ignored"
fi
else
echo "... asset ignored"
fi
done done
#================================================= #=================================================

3
check_process
View file

@ -20,6 +20,3 @@
;;; Options ;;; Options
Email= Email=
Notification=none Notification=none
;;; Upgrade options
; commit=2a54cd03f90c93b07150a64644ffc7f208110a18
name=update to 4.10.0

3
conf/app.src
View file

@ -3,4 +3,5 @@ SOURCE_SUM=e529b484c297f73227f991971189c51f64da1ab53fc78334d1fb08e320d4385e
SOURCE_SUM_PRG=sha256sum SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=cryptpad.tar.gz SOURCE_FILENAME=
SOURCE_EXTRACT=true

5
conf/systemd.service
View file

@ -13,7 +13,7 @@ ExecStart=__YNH_NPM__ start
Restart=always Restart=always
# Sandboxing options to harden security # Sandboxing options to harden security
# Depending on specificities of your service/app, you may need to tweak these # Depending on specificities of your service/app, you may need to tweak these
# .. but this should be a good baseline # .. but this should be a good baseline
# Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html # Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html
NoNewPrivileges=yes NoNewPrivileges=yes
@ -40,8 +40,7 @@ CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_WAKE_ALARM
CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG
CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE
CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW
CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target

6
manifest.json
View file

@ -32,11 +32,7 @@
"install": [ "install": [
{ {
"name": "domain", "name": "domain",
"type": "domain", "type": "domain"
"help": {
"en": "CryptPad needs to be installed in a dedicated domain or sub-domain.",
"fr": "CryptPad doit être installé dans un domaine ou sous-domaine dédié."
}
}, },
{ {
"name": "is_public", "name": "is_public",

5
scripts/_common.sh
View file

@ -4,7 +4,10 @@
# COMMON VARIABLES # COMMON VARIABLES
#================================================= #=================================================
nodejs_version="14" nodejs_version=14
# dependencies used by the app (must be on a single line)
pkg_dependencies=""
#================================================= #=================================================
# PERSONAL HELPERS # PERSONAL HELPERS

12
scripts/install
View file

@ -14,7 +14,7 @@ source /usr/share/yunohost/helpers
#================================================= #=================================================
ynh_clean_setup () { ynh_clean_setup () {
ynh_clean_check_starting true
} }
# Exit if an error occurs during the execution of the script # Exit if an error occurs during the execution of the script
ynh_abort_if_errors ynh_abort_if_errors
@ -27,10 +27,11 @@ domain=$YNH_APP_ARG_DOMAIN
path_url="/" path_url="/"
is_public=$YNH_APP_ARG_IS_PUBLIC is_public=$YNH_APP_ARG_IS_PUBLIC
admin=$YNH_APP_ARG_ADMIN admin=$YNH_APP_ARG_ADMIN
email=$(ynh_user_get_info --username=$admin --key=mail)
app=$YNH_APP_INSTANCE_NAME app=$YNH_APP_INSTANCE_NAME
email=$(ynh_user_get_info --username=$admin --key=mail)
#================================================= #=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#================================================= #=================================================
@ -45,7 +46,7 @@ ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
#================================================= #=================================================
# STORE SETTINGS FROM MANIFEST # STORE SETTINGS FROM MANIFEST
#================================================= #=================================================
ynh_script_progression --message="Storing installation settings..." ynh_script_progression --message="Storing installation settings..." --weight=1
ynh_app_setting_set --app=$app --key=domain --value=$domain ynh_app_setting_set --app=$app --key=domain --value=$domain
ynh_app_setting_set --app=$app --key=path --value=$path_url ynh_app_setting_set --app=$app --key=path --value=$path_url
@ -71,6 +72,7 @@ ynh_app_setting_set --app=$app --key=porti --value=$porti
#================================================= #=================================================
ynh_script_progression --message="Installing dependencies..." --weight=20 ynh_script_progression --message="Installing dependencies..." --weight=20
ynh_install_app_dependencies $pkg_dependencies
ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version
#================================================= #=================================================
@ -105,7 +107,7 @@ ynh_add_nginx_config
#================================================= #=================================================
# ADD A CONFIGURATION # ADD A CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Adding a configuration file..." ynh_script_progression --message="Adding a configuration file..." --weight=1
ynh_add_config --template="../conf/config.js" --destination="$final_path/config/config.js" ynh_add_config --template="../conf/config.js" --destination="$final_path/config/config.js"
@ -158,6 +160,8 @@ ynh_script_progression --message="Configuring permissions..." --weight=1
# Make app public if necessary # Make app public if necessary
if [ $is_public -eq 1 ] if [ $is_public -eq 1 ]
then then
# Everyone can access the app.
# The "main" permission is automatically created before the install script.
ynh_permission_update --permission="main" --add="visitors" ynh_permission_update --permission="main" --add="visitors"
fi fi

2
scripts/remove
View file

@ -62,6 +62,8 @@ ynh_remove_nginx_config
#================================================= #=================================================
ynh_script_progression --message="Removing dependencies..." --weight=3 ynh_script_progression --message="Removing dependencies..." --weight=3
# Remove metapackage and its dependencies
ynh_remove_app_dependencies
ynh_remove_nodejs ynh_remove_nodejs
#================================================= #=================================================

17
scripts/restore
View file

@ -15,7 +15,7 @@ source /usr/share/yunohost/helpers
#================================================= #=================================================
ynh_clean_setup () { ynh_clean_setup () {
ynh_clean_check_starting true
} }
# Exit if an error occurs during the execution of the script # Exit if an error occurs during the execution of the script
ynh_abort_if_errors ynh_abort_if_errors
@ -41,13 +41,6 @@ test ! -d $final_path \
#================================================= #=================================================
# STANDARD RESTORATION STEPS # STANDARD RESTORATION STEPS
#=================================================
# RESTORE THE NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the NGINX web server configuration..."
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#================================================= #=================================================
# RECREATE THE DEDICATED USER # RECREATE THE DEDICATED USER
#================================================= #=================================================
@ -74,8 +67,16 @@ chmod 600 "$final_path/config/config.js"
ynh_script_progression --message="Reinstalling dependencies..." --weight=7 ynh_script_progression --message="Reinstalling dependencies..." --weight=7
# Define and install dependencies # Define and install dependencies
ynh_install_app_dependencies $pkg_dependencies
ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version
#=================================================
# RESTORE THE NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the NGINX web server configuration..." --weight=1
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#================================================= #=================================================
# RESTORE SYSTEMD # RESTORE SYSTEMD
#================================================= #=================================================

18
scripts/upgrade
View file

@ -27,7 +27,7 @@ porti=$(ynh_app_setting_get --app=$app --key=porti)
#================================================= #=================================================
# CHECK VERSION # CHECK VERSION
#================================================= #=================================================
ynh_script_progression --message="Checking version..." ynh_script_progression --message="Checking version..." --weight=1
upgrade_type=$(ynh_check_app_version_changed) upgrade_type=$(ynh_check_app_version_changed)
@ -39,7 +39,6 @@ ynh_script_progression --message="Backing up the app before upgrading (may take
# Backup the current version of the app # Backup the current version of the app
ynh_backup_before_upgrade ynh_backup_before_upgrade
ynh_clean_setup () { ynh_clean_setup () {
ynh_clean_check_starting
# Restore it if the upgrade fails # Restore it if the upgrade fails
ynh_restore_upgradebackup ynh_restore_upgradebackup
} }
@ -97,6 +96,14 @@ then
chown -R $app:$app "$final_path" chown -R $app:$app "$final_path"
fi fi
#=================================================
# UPGRADE DEPENDENCIES
#=================================================
ynh_script_progression --message="Upgrading dependencies..." --weight=6
ynh_install_app_dependencies $pkg_dependencies
ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version
#================================================= #=================================================
# NGINX CONFIGURATION # NGINX CONFIGURATION
#================================================= #=================================================
@ -106,12 +113,7 @@ ynh_script_progression --message="Upgrading NGINX web server configuration..." -
ynh_add_nginx_config ynh_add_nginx_config
#================================================= #=================================================
# UPGRADE DEPENDENCIES # SPECIFIC UPGRADE
#=================================================
ynh_script_progression --message="Upgrading dependencies..." --weight=6
ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version
#================================================= #=================================================
# INSTALL CRYPTPAD # INSTALL CRYPTPAD
#================================================= #=================================================