mirror of
https://github.com/YunoHost-Apps/cryptpad_ynh.git
synced 2024-09-03 18:26:14 +02:00
Repackage to upstream v.3.18.1 (#40)
* version 3.2.0 * different corrections
This commit is contained in:
parent
36b96b6428
commit
c2d942a86f
17 changed files with 863 additions and 653 deletions
81
README.md
81
README.md
|
@ -1,28 +1,73 @@
|
||||||
Cryptad for Yunohost
|
# CryptPad for YunoHost
|
||||||
------------------------
|
|
||||||
|
|
||||||
[![Integration level](https://dash.yunohost.org/integration/cryptpad.svg)](https://dash.yunohost.org/appci/app/cryptpad)
|
[![Integration level](https://dash.yunohost.org/integration/cryptpad.svg)](https://dash.yunohost.org/appci/app/cryptpad) ![](https://ci-apps.yunohost.org/ci/badges/cryptpad.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/cryptpad.maintain.svg)
|
||||||
[![Install Cryptad with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=cryptpad)
|
[![Install CryptPad with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=cryptpad)
|
||||||
|
|
||||||
**Shipped version:** 3.2.0
|
*[Lire ce readme en français.](./README_fr.md)*
|
||||||
|
|
||||||
|
> *This package allows you to install CryptPad quickly and simply on a YunoHost server.
|
||||||
|
If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/install) to learn how to install it.*
|
||||||
|
|
||||||
|
## Overview
|
||||||
|
CryptPad is a Zero Knowledge realtime collaborative editor. You can share access to a document simply by sharing the link.
|
||||||
|
|
||||||
|
**Shipped version:** 3.18.1
|
||||||
|
|
||||||
|
## Screenshots
|
||||||
|
|
||||||
|
![](https://github.com/xwiki-labs/cryptpad/raw/master/screenshot.png)
|
||||||
|
|
||||||
## Demo
|
## Demo
|
||||||
https://cryptpad.fr/
|
|
||||||
|
|
||||||
## Known limitations / Limitations connues
|
* [Official demo](https://cryptpad.fr/)
|
||||||
- Installation possible only on a domain root (Cryptpad limitation)
|
|
||||||
- Can't login via SSO (due to this [Cryptpad limitation](https://github.com/xwiki-labs/cryptpad/issues/116))
|
|
||||||
|
|
||||||
|
## Configuration
|
||||||
|
|
||||||
## Links / Liens
|
* How to configure this app: From an admin panel, a plain file with SSH.
|
||||||
- Package URL/URL du Paquet: https://github.com/YunoHost-Apps/cryptpad_ynh
|
|
||||||
- Official Website/Site Officiel: https://cryptpad.fr/
|
|
||||||
- Github: https://github.com/xwiki-labs/cryptpad
|
|
||||||
- Package status:
|
|
||||||
- [Last weekly report](https://forum.yunohost.org/t/rapport-hebdomadaire-dintegration-continue/2297)
|
|
||||||
- [Last continuous integration test](https://ci-apps.yunohost.org/jenkins/job/cryptpad%20%28Community%29/lastBuild/consoleFull)
|
|
||||||
|
|
||||||
|
## Documentation
|
||||||
|
|
||||||
## Tricks :
|
* Official documentation: https://cryptpad.fr/what-is-cryptpad.html
|
||||||
|
* YunoHost documentation: If specific documentation is needed, feel free to contribute.
|
||||||
|
|
||||||
- To increase space for user in cryptpad, you can set up it in the config.js file in the root folder (/var/www/cryptpad/config.js), and then restart the cryptpad service (`sudo service cryptpad restart`).
|
## YunoHost specific features
|
||||||
|
|
||||||
|
#### Multi-user support
|
||||||
|
|
||||||
|
* Are LDAP and HTTP auth supported? **No**
|
||||||
|
* Can the app be used by multiple users? **Yes**
|
||||||
|
|
||||||
|
#### Supported architectures
|
||||||
|
|
||||||
|
* x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/cryptpad%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/cryptpad/)
|
||||||
|
* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/cryptpad%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/cryptpad/)
|
||||||
|
|
||||||
|
## Limitations
|
||||||
|
|
||||||
|
* Installation possible only on a root domain (CryptPad limitation)
|
||||||
|
* Can't login via SSO (due to this [Cryptpad limitation](https://github.com/xwiki-labs/cryptpad/issues/116))
|
||||||
|
|
||||||
|
## Additional information
|
||||||
|
|
||||||
|
* To increase space for CryptPad users, you can modify `/var/www/cryptpad/config.js`, and restart the CryptPad service with `sudo service cryptpad restart`.
|
||||||
|
|
||||||
|
## Links
|
||||||
|
|
||||||
|
* Report a bug: https://github.com/YunoHost-Apps/cryptpad_ynh/issues
|
||||||
|
* App website: https://cryptpad.fr/
|
||||||
|
* Upstream app repository: https://github.com/xwiki-labs/cryptpad
|
||||||
|
* YunoHost website: https://yunohost.org/
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
Developer info
|
||||||
|
----------------
|
||||||
|
|
||||||
|
Please send your pull request to the [testing branch](https://github.com/YunoHost-Apps/cryptpad_ynh/tree/testing).
|
||||||
|
|
||||||
|
To try the testing branch, please proceed like that.
|
||||||
|
```
|
||||||
|
sudo yunohost app install https://github.com/YunoHost-Apps/cryptpad_ynh/tree/testing --debug
|
||||||
|
or
|
||||||
|
sudo yunohost app upgrade cryptpad -u https://github.com/YunoHost-Apps/cryptpad_ynh/tree/testing --debug
|
||||||
|
```
|
||||||
|
|
73
README_fr.md
Normal file
73
README_fr.md
Normal file
|
@ -0,0 +1,73 @@
|
||||||
|
# CryptPad pour YunoHost
|
||||||
|
|
||||||
|
[![Integration level](https://dash.yunohost.org/integration/cryptpad.svg)](https://dash.yunohost.org/appci/app/cryptpad) ![](https://ci-apps.yunohost.org/ci/badges/cryptpad.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/cryptpad.maintain.svg)
|
||||||
|
[![Installer CryptPad avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=cryptpad)
|
||||||
|
|
||||||
|
*[Read this readme in english.](./README.md)*
|
||||||
|
|
||||||
|
> *Ce package vous permet d'installer CryptPad rapidement et simplement sur un serveur YunoHost.
|
||||||
|
Si vous n'avez pas YunoHost, consultez [le guide](https://yunohost.org/#/install) pour apprendre comment l'installer.*
|
||||||
|
|
||||||
|
## Vue d'ensemble
|
||||||
|
CryptPad est un éditeur de documents chiffrés collaboratifs en temps réel. Vous pouvez partager l'accès à un document simplement en partageant le lien.
|
||||||
|
|
||||||
|
**Version incluse :** 3.18.1
|
||||||
|
|
||||||
|
## Captures d'écran
|
||||||
|
|
||||||
|
![](https://github.com/xwiki-labs/cryptpad/raw/master/screenshot.png)
|
||||||
|
|
||||||
|
## Démo
|
||||||
|
|
||||||
|
* [Démo officielle](https://cryptpad.fr/)
|
||||||
|
|
||||||
|
## Configuration
|
||||||
|
|
||||||
|
Comment configurer cette application : via le panneau d'administration ainsi que le fichier de configuration `/var/www/cryptpad/config.js`.
|
||||||
|
|
||||||
|
## Documentation
|
||||||
|
|
||||||
|
* Official documentation : https://cryptpad.fr/what-is-cryptpad.html
|
||||||
|
* YunoHost documentation : If specific documentation is needed, feel free to contribute.
|
||||||
|
|
||||||
|
## YunoHost specific features
|
||||||
|
|
||||||
|
#### Support multi-utilisateur
|
||||||
|
|
||||||
|
* L'authentification LDAP et HTTP est-elle prise en charge ? **Non**
|
||||||
|
* L'application peut-elle être utilisée par plusieurs utilisateurs ? **Oui**
|
||||||
|
|
||||||
|
#### Architectures supportées
|
||||||
|
|
||||||
|
* x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/cryptpad%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/cryptpad/)
|
||||||
|
* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/cryptpad%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/cryptpad/)
|
||||||
|
|
||||||
|
## Limitations
|
||||||
|
|
||||||
|
* Nécessite un sous-domaine / domaine dédié. (limitation de CryptPad)
|
||||||
|
* Impossible de se connecter via SSO (cf [limitation de CryptPad](https://github.com/xwiki-labs/cryptpad/issues/116))
|
||||||
|
|
||||||
|
## Informations additionnelles
|
||||||
|
|
||||||
|
* Pour augmenter l'espace pour l'utilisateur dans le CryptPad, vous pouvez configurer le fichier `config.js` dans le dossier `/var/www/cryptpad/config.js`, puis redémarrez le service CryptPad `sudo service cryptpad restart`.
|
||||||
|
|
||||||
|
## Liens
|
||||||
|
|
||||||
|
* Signaler un bug : https://github.com/YunoHost-Apps/cryptpad_ynh/issues
|
||||||
|
* Site de l'application : https://cryptpad.fr/
|
||||||
|
* Dépôt de l'application principale : https://github.com/xwiki-labs/cryptpad
|
||||||
|
* Site web YunoHost: https://yunohost.org/
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
Informations pour les développeurs
|
||||||
|
----------------
|
||||||
|
|
||||||
|
Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/cryptpad_ynh/tree/testing).
|
||||||
|
|
||||||
|
Pour essayer la branche testing, procédez comme suit.
|
||||||
|
```
|
||||||
|
sudo yunohost app install https://github.com/YunoHost-Apps/cryptpad_ynh/tree/testing --debug
|
||||||
|
ou
|
||||||
|
sudo yunohost app upgrade cryptpad -u https://github.com/YunoHost-Apps/cryptpad_ynh/tree/testing --debug
|
||||||
|
```
|
|
@ -3,8 +3,8 @@
|
||||||
; Manifest
|
; Manifest
|
||||||
domain="domain.tld" (DOMAIN)
|
domain="domain.tld" (DOMAIN)
|
||||||
path="/path" (PATH)
|
path="/path" (PATH)
|
||||||
|
admin="john" (USER)
|
||||||
is_public="1" (PUBLIC|public=1|private=0)
|
is_public="1" (PUBLIC|public=1|private=0)
|
||||||
email="example@example.io" (EMAIL)
|
|
||||||
; Checks
|
; Checks
|
||||||
pkg_linter=1
|
pkg_linter=1
|
||||||
setup_sub_dir=0
|
setup_sub_dir=0
|
||||||
|
@ -17,7 +17,7 @@
|
||||||
multi_instance=0
|
multi_instance=0
|
||||||
incorrect_path=0
|
incorrect_path=0
|
||||||
port_already_use=1
|
port_already_use=1
|
||||||
change_url=0
|
change_url=1
|
||||||
;;; Levels
|
;;; Levels
|
||||||
Level 1=auto
|
Level 1=auto
|
||||||
Level 2=auto
|
Level 2=auto
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
SOURCE_URL=https://github.com/xwiki-labs/cryptpad/archive/3.2.0.tar.gz
|
SOURCE_URL=https://github.com/xwiki-labs/cryptpad/archive/3.18.1.tar.gz
|
||||||
SOURCE_SUM=4f7576401e506aa24c032be675539b671ace27c5453b40edfe39f84daa0fcbfc
|
SOURCE_SUM=6aad512ffd04632b94dc47c17f59781c484508dd6bcf4675bda945d74e66ef6b
|
||||||
SOURCE_SUM_PRG=sha256sum
|
SOURCE_SUM_PRG=sha256sum
|
||||||
SOURCE_FORMAT=tar.gz
|
SOURCE_FORMAT=tar.gz
|
||||||
SOURCE_IN_SUBDIR=true
|
SOURCE_IN_SUBDIR=true
|
||||||
SOURCE_FILENAME=
|
SOURCE_FILENAME=cryptpad-3.18.1.tar.gz
|
||||||
|
|
431
conf/config.js
431
conf/config.js
|
@ -1,189 +1,203 @@
|
||||||
/*@flow*/
|
/* globals module */
|
||||||
/*
|
|
||||||
globals module
|
/* DISCLAIMER:
|
||||||
|
|
||||||
|
There are two recommended methods of running a CryptPad instance:
|
||||||
|
|
||||||
|
1. Using a standalone nodejs server without HTTPS (suitable for local development)
|
||||||
|
2. Using NGINX to serve static assets and to handle HTTPS for API server's websocket traffic
|
||||||
|
|
||||||
|
We do not officially recommend or support Apache, Docker, Kubernetes, Traefik, or any other configuration.
|
||||||
|
Support requests for such setups should be directed to their authors.
|
||||||
|
|
||||||
|
If you're having difficulty difficulty configuring your instance
|
||||||
|
we suggest that you join the project's IRC/Matrix channel.
|
||||||
|
|
||||||
|
If you don't have any difficulty configuring your instance and you'd like to
|
||||||
|
support us for the work that went into making it pain-free we are quite happy
|
||||||
|
to accept donations via our opencollective page: https://opencollective.com/cryptpad
|
||||||
|
|
||||||
*/
|
*/
|
||||||
var _domain = 'http://localhost:__PORT__/';
|
|
||||||
|
|
||||||
// You can `kill -USR2` the node process and it will write out a heap dump.
|
|
||||||
// If your system doesn't support dumping, comment this out and install with
|
|
||||||
// `npm install --production`
|
|
||||||
// See: https://strongloop.github.io/strongloop.com/strongblog/how-to-heap-snapshots/
|
|
||||||
|
|
||||||
// to enable this feature, uncomment the line below:
|
|
||||||
// require('heapdump');
|
|
||||||
|
|
||||||
// we prepend a space because every usage expects it
|
|
||||||
// requiring admins to preserve it is unnecessarily confusing
|
|
||||||
var domain = ' ' + _domain;
|
|
||||||
|
|
||||||
// Content-Security-Policy
|
|
||||||
var baseCSP = [
|
|
||||||
"default-src 'none'",
|
|
||||||
"style-src 'unsafe-inline' 'self' " + domain,
|
|
||||||
"font-src 'self' data:" + domain,
|
|
||||||
|
|
||||||
/* child-src is used to restrict iframes to a set of allowed domains.
|
|
||||||
* connect-src is used to restrict what domains can connect to the websocket.
|
|
||||||
*
|
|
||||||
* it is recommended that you configure these fields to match the
|
|
||||||
* domain which will serve your CryptPad instance.
|
|
||||||
*/
|
|
||||||
"child-src blob: *",
|
|
||||||
// IE/Edge
|
|
||||||
"frame-src blob: *",
|
|
||||||
|
|
||||||
/* this allows connections over secure or insecure websockets
|
|
||||||
if you are deploying to production, you'll probably want to remove
|
|
||||||
the ws://* directive, and change '*' to your domain
|
|
||||||
*/
|
|
||||||
"connect-src 'self' ws: wss: blob:" + domain,
|
|
||||||
|
|
||||||
// data: is used by codemirror
|
|
||||||
"img-src 'self' data: blob:" + domain,
|
|
||||||
"media-src * blob:",
|
|
||||||
|
|
||||||
// for accounts.cryptpad.fr authentication and cross-domain iframe sandbox
|
|
||||||
"frame-ancestors *",
|
|
||||||
""
|
|
||||||
];
|
|
||||||
|
|
||||||
|
|
||||||
module.exports = {
|
module.exports = {
|
||||||
|
/* CryptPad is designed to serve its content over two domains.
|
||||||
|
* Account passwords and cryptographic content is handled on the 'main' domain,
|
||||||
|
* while the user interface is loaded on a 'sandbox' domain
|
||||||
|
* which can only access information which the main domain willingly shares.
|
||||||
|
*
|
||||||
|
* In the event of an XSS vulnerability in the UI (that's bad)
|
||||||
|
* this system prevents attackers from gaining access to your account (that's good).
|
||||||
|
*
|
||||||
|
* Most problems with new instances are related to this system blocking access
|
||||||
|
* because of incorrectly configured sandboxes. If you only see a white screen
|
||||||
|
* when you try to load CryptPad, this is probably the cause.
|
||||||
|
*
|
||||||
|
* PLEASE READ THE FOLLOWING COMMENTS CAREFULLY.
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
/* httpUnsafeOrigin is the URL that clients will enter to load your instance.
|
||||||
|
* Any other URL that somehow points to your instance is supposed to be blocked.
|
||||||
|
* The default provided below assumes you are loading CryptPad from a server
|
||||||
|
* which is running on the same machine, using port 3000.
|
||||||
|
*
|
||||||
|
* In a production instance this should be available ONLY over HTTPS
|
||||||
|
* using the default port for HTTPS (443) ie. https://cryptpad.fr
|
||||||
|
* In such a case this should be handled by NGINX, as documented in
|
||||||
|
* cryptpad/docs/example.nginx.conf (see the $main_domain variable)
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
httpUnsafeOrigin: 'http://127.0.0.1:__PORT__',
|
||||||
|
|
||||||
|
/* httpSafeOrigin is the URL that is used for the 'sandbox' described above.
|
||||||
|
* If you're testing or developing with CryptPad on your local machine then
|
||||||
|
* it is appropriate to leave this blank. The default behaviour is to serve
|
||||||
|
* the main domain over port 3000 and to serve the content over port 3001.
|
||||||
|
*
|
||||||
|
* This is not appropriate in a production environment where invasive networks
|
||||||
|
* may filter traffic going over abnormal ports.
|
||||||
|
* To correctly configure your production instance you must provide a URL
|
||||||
|
* with a different domain (a subdomain is sufficient).
|
||||||
|
* It will be used to load the UI in our 'sandbox' system.
|
||||||
|
*
|
||||||
|
* This value corresponds to the $sandbox_domain variable
|
||||||
|
* in the example nginx file.
|
||||||
|
*
|
||||||
|
* CUSTOMIZE AND UNCOMMENT THIS FOR PRODUCTION INSTALLATIONS.
|
||||||
|
*/
|
||||||
|
// httpSafeOrigin: "https://some-other-domain.xyz",
|
||||||
|
|
||||||
|
/* httpAddress specifies the address on which the nodejs server
|
||||||
|
* should be accessible. By default it will listen on 127.0.0.1
|
||||||
|
* (IPv4 localhost on most systems). If you want it to listen on
|
||||||
|
* all addresses, including IPv6, set this to '::'.
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
httpAddress: '::',
|
||||||
|
|
||||||
|
/* httpPort specifies on which port the nodejs server should listen.
|
||||||
|
* By default it will serve content over port 3000, which is suitable
|
||||||
|
* for both local development and for use with the provided nginx example,
|
||||||
|
* which will proxy websocket traffic to your node server.
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
httpPort: __PORT__,
|
||||||
|
|
||||||
|
/* httpSafePort allows you to specify an alternative port from which
|
||||||
|
* the node process should serve sandboxed assets. The default value is
|
||||||
|
* that of your httpPort + 1. You probably don't need to change this.
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
httpSafePort: __PORTI__,
|
||||||
|
|
||||||
|
/* CryptPad will launch a child process for every core available
|
||||||
|
* in order to perform CPU-intensive tasks in parallel.
|
||||||
|
* Some host environments may have a very large number of cores available
|
||||||
|
* or you may want to limit how much computing power CryptPad can take.
|
||||||
|
* If so, set 'maxWorkers' to a positive integer.
|
||||||
|
*/
|
||||||
|
// maxWorkers: 4,
|
||||||
|
|
||||||
/* =====================
|
/* =====================
|
||||||
* Admin
|
* Admin
|
||||||
* ===================== */
|
* ===================== */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* CryptPad now contains an administration panel. Its access is restricted to specific
|
* CryptPad contains an administration panel. Its access is restricted to specific
|
||||||
* users using the following list.
|
* users using the following list.
|
||||||
* To give access to the admin panel to a user account, just add their user id,
|
* To give access to the admin panel to a user account, just add their user id,
|
||||||
* which can be found on the settings page for registered users.
|
* which can be found on the settings page for registered users.
|
||||||
* Entries should be strings separated by a comma.
|
* Entries should be strings separated by a comma.
|
||||||
*/
|
*/
|
||||||
|
/*
|
||||||
adminKeys: [
|
adminKeys: [
|
||||||
//"https://my.awesome.website/user/#/1/cryptpad-user1/YZgXQxKR0Rcb6r6CmxHPdAGLVludrAF2lEnkbx1vVOo=",
|
//"https://my.awesome.website/user/#/1/cryptpad-user1/YZgXQxKR0Rcb6r6CmxHPdAGLVludrAF2lEnkbx1vVOo=",
|
||||||
],
|
],
|
||||||
|
*/
|
||||||
|
|
||||||
/* =====================
|
/* CryptPad's administration panel includes a "support" tab
|
||||||
* Infra setup
|
* wherein administrators with a secret key can view messages
|
||||||
* ===================== */
|
* sent from users via the encrypted forms on the /support/ page
|
||||||
|
|
||||||
// the address you want to bind to, :: means all ipv4 and ipv6 addresses
|
|
||||||
// this may not work on all operating systems
|
|
||||||
httpAddress: '::',
|
|
||||||
|
|
||||||
// the port on which your httpd will listen
|
|
||||||
httpPort: __PORT__,
|
|
||||||
|
|
||||||
// This is for allowing the cross-domain iframe to function when developing
|
|
||||||
httpSafePort: __PORTI__,
|
|
||||||
|
|
||||||
// This is for deployment in production, CryptPad uses a separate origin (domain) to host the
|
|
||||||
// cross-domain iframe. It can simply host the same content as CryptPad.
|
|
||||||
// httpSafeOrigin: "https://some-other-domain.xyz",
|
|
||||||
|
|
||||||
httpUnsafeOrigin: domain,
|
|
||||||
|
|
||||||
/* your server's websocket url is configurable
|
|
||||||
* (default: '/cryptpad_websocket')
|
|
||||||
*
|
*
|
||||||
* websocketPath can be relative, of the form '/path/to/websocket'
|
* To enable this functionality:
|
||||||
* or absolute, specifying a particular URL
|
* run `node ./scripts/generate-admin-keys.js`
|
||||||
|
* save the public key in your config in the value below
|
||||||
|
* add the private key via the admin panel
|
||||||
|
* and back it up in a secure manner
|
||||||
*
|
*
|
||||||
* 'wss://cryptpad.fr:3000/cryptpad_websocket'
|
|
||||||
*/
|
*/
|
||||||
websocketPath: '/cryptpad_websocket',
|
// supportMailboxPublicKey: "",
|
||||||
|
|
||||||
/* CryptPad can be configured to send customized HTTP Headers
|
/* We're very proud that CryptPad is available to the public as free software!
|
||||||
* These settings may vary widely depending on your needs
|
* We do, however, still need to pay our bills as we develop the platform.
|
||||||
* Examples are provided below
|
|
||||||
*/
|
|
||||||
httpHeaders: {
|
|
||||||
"X-XSS-Protection": "1; mode=block",
|
|
||||||
"X-Content-Type-Options": "nosniff",
|
|
||||||
"Access-Control-Allow-Origin": "*"
|
|
||||||
},
|
|
||||||
|
|
||||||
contentSecurity: baseCSP.join('; ') +
|
|
||||||
"script-src 'self'" + domain,
|
|
||||||
|
|
||||||
// CKEditor and OnlyOffice require significantly more lax content security policy in order to function.
|
|
||||||
padContentSecurity: baseCSP.join('; ') +
|
|
||||||
"script-src 'self' 'unsafe-eval' 'unsafe-inline'" + domain,
|
|
||||||
|
|
||||||
/* it is recommended that you serve CryptPad over https
|
|
||||||
* the filepaths below are used to configure your certificates
|
|
||||||
*/
|
|
||||||
//privKeyAndCertFiles: [
|
|
||||||
// '/etc/apache2/ssl/my_secret.key',
|
|
||||||
// '/etc/apache2/ssl/my_public_cert.crt',
|
|
||||||
// '/etc/apache2/ssl/my_certificate_authorities_cert_chain.ca'
|
|
||||||
//],
|
|
||||||
|
|
||||||
/* Main pages
|
|
||||||
* add exceptions to the router so that we can access /privacy.html
|
|
||||||
* and other odd pages
|
|
||||||
*/
|
|
||||||
mainPages: [
|
|
||||||
'index',
|
|
||||||
'privacy',
|
|
||||||
'terms',
|
|
||||||
'about',
|
|
||||||
'contact',
|
|
||||||
'what-is-cryptpad',
|
|
||||||
'features',
|
|
||||||
'faq',
|
|
||||||
'maintenance'
|
|
||||||
],
|
|
||||||
|
|
||||||
/* =====================
|
|
||||||
* Subscriptions
|
|
||||||
* ===================== */
|
|
||||||
|
|
||||||
/* Limits, Donations, Subscriptions and Contact
|
|
||||||
*
|
*
|
||||||
* By default, CryptPad limits every registered user to 50MB of storage. It also shows a
|
* By default CryptPad will prompt users to consider donating to
|
||||||
* subscribe button which allows them to upgrade to a paid account. We handle payment,
|
* our OpenCollective campaign. We publish the state of our finances periodically
|
||||||
* and keep 50% of the proceeds to fund ongoing development.
|
* so you can decide for yourself whether our expenses are reasonable.
|
||||||
*
|
*
|
||||||
* You can:
|
* You can disable any solicitations for donations by setting 'removeDonateButton' to true,
|
||||||
* A: leave things as they are
|
* but we'd appreciate it if you didn't!
|
||||||
* B: disable accounts but display a donate button
|
|
||||||
* C: hide any reference to paid accounts or donation
|
|
||||||
*
|
|
||||||
* If you chose A then there's nothing to do.
|
|
||||||
* If you chose B, set 'allowSubscriptions' to false.
|
|
||||||
* If you chose C, set 'removeDonateButton' to true
|
|
||||||
*/
|
*/
|
||||||
allowSubscriptions: false,
|
removeDonateButton: true,
|
||||||
removeDonateButton: false,
|
|
||||||
|
/* CryptPad will display a point of contact for your instance on its contact page
|
||||||
|
* (/contact.html) if you provide it below.
|
||||||
|
*/
|
||||||
|
adminEmail: "__ADMIN_MAIL__",
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* By default, CryptPad also contacts our accounts server once a day to check for changes in
|
* By default, CryptPad contacts one of our servers once a day.
|
||||||
* the people who have accounts. This check-in will also send the version of your CryptPad
|
* This check-in will also send some very basic information about your instance including its
|
||||||
* instance and your email so we can reach you if we are aware of a serious problem. We will
|
* version and the adminEmail so we can reach you if we are aware of a serious problem.
|
||||||
* never sell it or send you marketing mail. If you want to block this check-in and remain
|
* We will never sell it or send you marketing mail.
|
||||||
* completely invisible, set this and allowSubscriptions both to false.
|
|
||||||
*/
|
|
||||||
adminEmail: '__ADMIN_EMAIL__',
|
|
||||||
|
|
||||||
/* Sales coming from your server will be identified by your domain
|
|
||||||
*
|
*
|
||||||
* If you are using CryptPad in a business context, please consider taking a support contract
|
* If you want to block this check-in and remain set 'blockDailyCheck' to true.
|
||||||
* by contacting sales@cryptpad.fr
|
|
||||||
*/
|
*/
|
||||||
myDomain: _domain,
|
blockDailyCheck: true,
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* If you are using CryptPad internally and you want to increase the per-user storage limit,
|
* By default users get 50MB of storage by registering on an instance.
|
||||||
* change the following value.
|
* You can set this value to whatever you want.
|
||||||
*
|
*
|
||||||
* Please note: This limit is what makes people subscribe and what pays for CryptPad
|
* hint: 50MB is 50 * 1024 * 1024
|
||||||
* development. Running a public instance that provides a "better deal" than cryptpad.fr
|
|
||||||
* is effectively using the project against itself.
|
|
||||||
*/
|
*/
|
||||||
defaultStorageLimit: 50 * 1024 * 1024,
|
//defaultStorageLimit: 50 * 1024 * 1024,
|
||||||
|
|
||||||
|
|
||||||
|
/* =====================
|
||||||
|
* STORAGE
|
||||||
|
* ===================== */
|
||||||
|
|
||||||
|
/* Pads that are not 'pinned' by any registered user can be set to expire
|
||||||
|
* after a configurable number of days of inactivity (default 90 days).
|
||||||
|
* The value can be changed or set to false to remove expiration.
|
||||||
|
* Expired pads can then be removed using a cron job calling the
|
||||||
|
* `evict-inactive.js` script with node
|
||||||
|
*
|
||||||
|
* defaults to 90 days if nothing is provided
|
||||||
|
*/
|
||||||
|
//inactiveTime: 90, // days
|
||||||
|
|
||||||
|
/* CryptPad archives some data instead of deleting it outright.
|
||||||
|
* This archived data still takes up space and so you'll probably still want to
|
||||||
|
* remove these files after a brief period.
|
||||||
|
*
|
||||||
|
* cryptpad/scripts/evict-inactive.js is intended to be run daily
|
||||||
|
* from a crontab or similar scheduling service.
|
||||||
|
*
|
||||||
|
* The intent with this feature is to provide a safety net in case of accidental
|
||||||
|
* deletion. Set this value to the number of days you'd like to retain
|
||||||
|
* archived data before it's removed permanently.
|
||||||
|
*
|
||||||
|
* defaults to 15 days if nothing is provided
|
||||||
|
*/
|
||||||
|
//archiveRetentionTime: 15,
|
||||||
|
|
||||||
|
/* Max Upload Size (bytes)
|
||||||
|
* this sets the maximum size of any one file uploaded to the server.
|
||||||
|
* anything larger than this size will be rejected
|
||||||
|
* defaults to 20MB if no value is provided
|
||||||
|
*/
|
||||||
|
//maxUploadSize: 20 * 1024 * 1024,
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* CryptPad allows administrators to give custom limits to their friends.
|
* CryptPad allows administrators to give custom limits to their friends.
|
||||||
|
@ -193,8 +207,8 @@ module.exports = {
|
||||||
*
|
*
|
||||||
* hint: 1GB is 1024 * 1024 * 1024 bytes
|
* hint: 1GB is 1024 * 1024 * 1024 bytes
|
||||||
*/
|
*/
|
||||||
|
/*
|
||||||
customLimits: {
|
customLimits: {
|
||||||
/*
|
|
||||||
"https://my.awesome.website/user/#/1/cryptpad-user1/YZgXQxKR0Rcb6r6CmxHPdAGLVludrAF2lEnkbx1vVOo=": {
|
"https://my.awesome.website/user/#/1/cryptpad-user1/YZgXQxKR0Rcb6r6CmxHPdAGLVludrAF2lEnkbx1vVOo=": {
|
||||||
limit: 20 * 1024 * 1024 * 1024,
|
limit: 20 * 1024 * 1024 * 1024,
|
||||||
plan: 'insider',
|
plan: 'insider',
|
||||||
|
@ -205,70 +219,15 @@ module.exports = {
|
||||||
plan: 'insider',
|
plan: 'insider',
|
||||||
note: 'storage space donated by my.awesome.website'
|
note: 'storage space donated by my.awesome.website'
|
||||||
}
|
}
|
||||||
*/
|
|
||||||
},
|
},
|
||||||
|
*/
|
||||||
|
|
||||||
/* =====================
|
/* Users with premium accounts (those with a plan included in their customLimit)
|
||||||
* STORAGE
|
* can benefit from an increased upload size limit. By default they are restricted to the same
|
||||||
* ===================== */
|
* upload size as any other registered user.
|
||||||
|
|
||||||
/* By default the CryptPad server will run scheduled tasks every five minutes
|
|
||||||
* If you want to run scheduled tasks in a separate process (like a crontab)
|
|
||||||
* you can disable this behaviour by setting the following value to true
|
|
||||||
*/
|
|
||||||
disableIntegratedTasks: false,
|
|
||||||
|
|
||||||
/* Pads that are not 'pinned' by any registered user can be set to expire
|
|
||||||
* after a configurable number of days of inactivity (default 90 days).
|
|
||||||
* The value can be changed or set to false to remove expiration.
|
|
||||||
* Expired pads can then be removed using a cron job calling the
|
|
||||||
* `delete-inactive.js` script with node
|
|
||||||
*/
|
|
||||||
inactiveTime: 90, // days
|
|
||||||
|
|
||||||
/* CryptPad can be configured to remove inactive data which has not been pinned.
|
|
||||||
* Deletion of data is always risky and as an operator you have the choice to
|
|
||||||
* archive data instead of deleting it outright. Set this value to true if
|
|
||||||
* you want your server to archive files and false if you want to keep using
|
|
||||||
* the old behaviour of simply removing files.
|
|
||||||
*
|
*
|
||||||
* WARNING: this is not implemented universally, so at the moment this will
|
|
||||||
* only apply to the removal of 'channels' due to inactivity.
|
|
||||||
*/
|
*/
|
||||||
retainData: true,
|
//premiumUploadSize: 100 * 1024 * 1024,
|
||||||
|
|
||||||
/* As described above, CryptPad offers the ability to archive some data
|
|
||||||
* instead of deleting it outright. This archived data still takes up space
|
|
||||||
* and so you'll probably still want to remove these files after a brief period.
|
|
||||||
* The intent with this feature is to provide a safety net in case of accidental
|
|
||||||
* deletion. Set this value to the number of days you'd like to retain
|
|
||||||
* archived data before it's removed permanently.
|
|
||||||
*
|
|
||||||
* If 'retainData' is set to false, there will never be any archived data
|
|
||||||
* to remove.
|
|
||||||
*/
|
|
||||||
archiveRetentionTime: 15,
|
|
||||||
|
|
||||||
/* Max Upload Size (bytes)
|
|
||||||
* this sets the maximum size of any one file uploaded to the server.
|
|
||||||
* anything larger than this size will be rejected
|
|
||||||
*/
|
|
||||||
maxUploadSize: 20 * 1024 * 1024,
|
|
||||||
|
|
||||||
/* =====================
|
|
||||||
* HARDWARE RELATED
|
|
||||||
* ===================== */
|
|
||||||
|
|
||||||
/* CryptPad's file storage adaptor closes unused files after a configurable
|
|
||||||
* number of milliseconds (default 30000 (30 seconds))
|
|
||||||
*/
|
|
||||||
channelExpirationMs: 30000,
|
|
||||||
|
|
||||||
/* CryptPad's file storage adaptor is limited by the number of open files.
|
|
||||||
* When the adaptor reaches openFileLimit, it will clean up older files
|
|
||||||
*/
|
|
||||||
openFileLimit: 2048,
|
|
||||||
|
|
||||||
|
|
||||||
/* =====================
|
/* =====================
|
||||||
* DATABASE VOLUMES
|
* DATABASE VOLUMES
|
||||||
|
@ -295,12 +254,12 @@ module.exports = {
|
||||||
* Pin requests are stored in a pin-store. The location of this store is
|
* Pin requests are stored in a pin-store. The location of this store is
|
||||||
* defined here.
|
* defined here.
|
||||||
*/
|
*/
|
||||||
pinPath: './pins',
|
pinPath: './data/pins',
|
||||||
|
|
||||||
/* if you would like the list of scheduled tasks to be stored in
|
/* if you would like the list of scheduled tasks to be stored in
|
||||||
a custom location, change the path below:
|
a custom location, change the path below:
|
||||||
*/
|
*/
|
||||||
taskPath: './tasks',
|
taskPath: './data/tasks',
|
||||||
|
|
||||||
/* if you would like users' authenticated blocks to be stored in
|
/* if you would like users' authenticated blocks to be stored in
|
||||||
a custom location, change the path below:
|
a custom location, change the path below:
|
||||||
|
@ -315,7 +274,7 @@ module.exports = {
|
||||||
/* CryptPad stores incomplete blobs in a 'staging' area until they are
|
/* CryptPad stores incomplete blobs in a 'staging' area until they are
|
||||||
* fully uploaded. Set its location here.
|
* fully uploaded. Set its location here.
|
||||||
*/
|
*/
|
||||||
blobStagingPath: './blobstage',
|
blobStagingPath: './data/blobstage',
|
||||||
|
|
||||||
/* CryptPad supports logging events directly to the disk in a 'logs' directory
|
/* CryptPad supports logging events directly to the disk in a 'logs' directory
|
||||||
* Set its location here, or set it to false (or nothing) if you'd rather not log
|
* Set its location here, or set it to false (or nothing) if you'd rather not log
|
||||||
|
@ -356,42 +315,6 @@ module.exports = {
|
||||||
*/
|
*/
|
||||||
logFeedback: false,
|
logFeedback: false,
|
||||||
|
|
||||||
/* You can get a repl for debugging the server if you want it.
|
|
||||||
* to enable this, specify the debugReplName and then you can
|
|
||||||
* connect to it with `nc -U /tmp/repl/<your name>.sock`
|
|
||||||
* If you run multiple cryptpad servers, you need to use different
|
|
||||||
* repl names.
|
|
||||||
*/
|
|
||||||
//debugReplName: "cryptpad"
|
|
||||||
|
|
||||||
/* =====================
|
|
||||||
* DEPRECATED
|
|
||||||
* ===================== */
|
|
||||||
/*
|
|
||||||
You have the option of specifying an alternative storage adaptor.
|
|
||||||
These status of these alternatives are specified in their READMEs,
|
|
||||||
which are available at the following URLs:
|
|
||||||
|
|
||||||
mongodb: a noSQL database
|
|
||||||
https://github.com/xwiki-labs/cryptpad-mongo-store
|
|
||||||
amnesiadb: in memory storage
|
|
||||||
https://github.com/xwiki-labs/cryptpad-amnesia-store
|
|
||||||
leveldb: a simple, fast, key-value store
|
|
||||||
https://github.com/xwiki-labs/cryptpad-level-store
|
|
||||||
sql: an adaptor for a variety of sql databases via knexjs
|
|
||||||
https://github.com/xwiki-labs/cryptpad-sql-store
|
|
||||||
|
|
||||||
For the most up to date solution, use the default storage adaptor.
|
|
||||||
*/
|
|
||||||
storage: './storage/file',
|
|
||||||
|
|
||||||
/* CryptPad's socket server can be extended to respond to RPC calls
|
|
||||||
* you can configure it to respond to custom RPC calls if you like.
|
|
||||||
* provide the path to your RPC module here, or `false` if you would
|
|
||||||
* like to disable the RPC interface completely
|
|
||||||
*/
|
|
||||||
rpc: './rpc.js',
|
|
||||||
|
|
||||||
/* CryptPad supports verbose logging
|
/* CryptPad supports verbose logging
|
||||||
* (false by default)
|
* (false by default)
|
||||||
*/
|
*/
|
||||||
|
|
|
@ -1,24 +1,21 @@
|
||||||
location __PATH__/ {
|
location ^~ / {
|
||||||
|
# Force usage of https
|
||||||
try_files $uri $uri/index.html;
|
|
||||||
|
|
||||||
if ($scheme = http) {
|
if ($scheme = http) {
|
||||||
rewrite ^ https://$server_name$request_uri? permanent;
|
rewrite ^ https://$server_name$request_uri? permanent;
|
||||||
}
|
}
|
||||||
|
proxy_pass http://127.0.0.1:__PORT__;
|
||||||
proxy_pass http://localhost:__PORT__/;
|
proxy_redirect off;
|
||||||
add_header X-Frame-Options SAMEORIGIN;
|
|
||||||
proxy_set_header Host $host;
|
proxy_set_header Host $host;
|
||||||
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
|
proxy_set_header X-Forwarded-Proto $scheme;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
proxy_set_header X-Forwarded-Host $server_name;
|
||||||
|
|
||||||
proxy_http_version 1.1;
|
proxy_http_version 1.1;
|
||||||
proxy_set_header Upgrade $http_upgrade;
|
proxy_set_header Upgrade $http_upgrade;
|
||||||
proxy_set_header Connection upgrade;
|
proxy_set_header Connection "upgrade";
|
||||||
|
|
||||||
# Include SSOWAT user panel.
|
# Include SSOWAT user panel.
|
||||||
include conf.d/yunohost_panel.conf.inc;
|
include conf.d/yunohost_panel.conf.inc;
|
||||||
|
more_clear_input_headers 'Accept-Encoding';
|
||||||
}
|
}
|
||||||
|
|
||||||
## TODO fix in the code so that we don't need this
|
|
||||||
location ~ ^/(register|login|settings|user|pad|drive|poll|slide|code|whiteboard)$ {
|
|
||||||
rewrite ^(.*)$ $1/ redirect;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
[Unit]
|
[Unit]
|
||||||
Description=CryptPad service
|
Description=Zero Knowledge realtime collaborative editor.
|
||||||
After=syslog.target network.target
|
After=syslog.target network.target
|
||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
|
@ -7,8 +7,9 @@ Type=simple
|
||||||
User=__APP__
|
User=__APP__
|
||||||
Group=__APP__
|
Group=__APP__
|
||||||
WorkingDirectory=__FINALPATH__
|
WorkingDirectory=__FINALPATH__
|
||||||
|
Environment=PATH=__ENV_PATH__
|
||||||
Environment=NODE_ENV=production
|
Environment=NODE_ENV=production
|
||||||
ExecStart=__NODE__/node server | tee /var/log/__APP__/cryptpad.log
|
ExecStart=__YNH_NPM__ start
|
||||||
Restart=always
|
Restart=always
|
||||||
|
|
||||||
[Install]
|
[Install]
|
||||||
|
|
46
issue_template.md
Normal file
46
issue_template.md
Normal file
|
@ -0,0 +1,46 @@
|
||||||
|
---
|
||||||
|
name: Bug report
|
||||||
|
about: Create a report to help us debug, it would be nice to fill the template as much as you can to help us, help you and help us all.
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
**How to post a meaningful bug report**
|
||||||
|
1. *Read this whole template first.*
|
||||||
|
2. *Determine if you are on the right place:*
|
||||||
|
- *If you were performing an action on the app from the webadmin or the CLI (install, update, backup, restore, change url...), you are on the right place!*
|
||||||
|
- *Otherwise, the issue may be due to CryptPad itself. Refer to its documentation or repository for help.*
|
||||||
|
- *If you have a doubt, post here, we will figure it out together.*
|
||||||
|
3. *Delete the italic comments as you write over them below, and remove this guide.*
|
||||||
|
---
|
||||||
|
|
||||||
|
**Describe the bug**
|
||||||
|
*A clear and concise description of what the bug is.*
|
||||||
|
|
||||||
|
**Versions**
|
||||||
|
- Hardware: *VPS bought online / Old laptop or computer / Raspberry Pi at home / Internet Cube with VPN / Other ARM board / ...*
|
||||||
|
- YunoHost version: x.x.x
|
||||||
|
- I have access to my server: *Through SSH | through the webadmin | direct access via keyboard / screen | ...*
|
||||||
|
- Are you in a special context or did you perform some particular tweaking on your YunoHost instance ?: *no / yes*
|
||||||
|
- If yes, please explain:
|
||||||
|
- Using, or trying to install package version/branch:
|
||||||
|
- If upgrading, current package version: *can be found in the admin, or with `yunohost app info cryptpad`*
|
||||||
|
|
||||||
|
**To Reproduce**
|
||||||
|
*Steps to reproduce the behavior.*
|
||||||
|
- *If you performed a command from the CLI, the command itself is enough. For example:*
|
||||||
|
```sh
|
||||||
|
sudo yunohost app install cryptpad
|
||||||
|
```
|
||||||
|
- *If you used the webadmin, please perform the equivalent command from the CLI first.*
|
||||||
|
- *If the error occurs in your browser, explain what you did:*
|
||||||
|
1. *Go to '...'*
|
||||||
|
2. *Click on '....'*
|
||||||
|
3. *Scroll down to '....'*
|
||||||
|
4. *See error*
|
||||||
|
|
||||||
|
**Expected behavior**
|
||||||
|
*A clear and concise description of what you expected to happen. You can remove this section if the command above is enough to understand your intent.*
|
||||||
|
|
||||||
|
**Logs**
|
||||||
|
*After a failed command, YunoHost makes the log available to you, but also to others, thanks to `yunohost log display [log name] --share`. The actual command, with the correct log name, is displayed at the end of the failed attempt in the CLI. Execute it and copy here the share link it outputs.*
|
||||||
|
*If applicable and useful, add screenshots to help explain your problem.*
|
|
@ -3,10 +3,10 @@
|
||||||
"id": "cryptpad",
|
"id": "cryptpad",
|
||||||
"packaging_format": 1,
|
"packaging_format": 1,
|
||||||
"description": {
|
"description": {
|
||||||
"en": "Encrypted Pad",
|
"en": "Zero Knowledge realtime collaborative editor",
|
||||||
"fr": "Créateur de pad chiffré."
|
"fr": "Éditeur chiffré collaboratif en temps réel."
|
||||||
},
|
},
|
||||||
"version": "2.16.0",
|
"version": "3.18.1~ynh1",
|
||||||
"url": "https://cryptpad.fr/",
|
"url": "https://cryptpad.fr/",
|
||||||
"license": "AGPL-3.0-or-later",
|
"license": "AGPL-3.0-or-later",
|
||||||
"maintainer": {
|
"maintainer": {
|
||||||
|
@ -15,7 +15,7 @@
|
||||||
"url": "https://frju365.yunohost.support"
|
"url": "https://frju365.yunohost.support"
|
||||||
},
|
},
|
||||||
"requirements": {
|
"requirements": {
|
||||||
"yunohost": ">= 3.0.0"
|
"yunohost": ">= 3.8.1"
|
||||||
},
|
},
|
||||||
"multi_instance": false,
|
"multi_instance": false,
|
||||||
"services": [
|
"services": [
|
||||||
|
@ -30,33 +30,33 @@
|
||||||
"en": "Choose a domain name for CryptPad",
|
"en": "Choose a domain name for CryptPad",
|
||||||
"fr": "Choisissez un nom de domaine pour CryptPad"
|
"fr": "Choisissez un nom de domaine pour CryptPad"
|
||||||
},
|
},
|
||||||
"example": "example.com"
|
"example": "cryptpad.example.com"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "path",
|
"name": "path",
|
||||||
"type": "path",
|
"type": "path",
|
||||||
"ask": {
|
"ask": {
|
||||||
"en": "Choose a path for CryptPad, only / is allowed.",
|
"en": "Choose a path for CryptPad, requires a dedicated sub-domain/domain.",
|
||||||
"fr": "Choisissez un chemin pour CryptPad, seul / est autorisé."
|
"fr": "Choisissez un chemin pour CryptPad, nécessite un sous-domaine/domaine dédié."
|
||||||
},
|
},
|
||||||
"example": "/",
|
"example": "/",
|
||||||
"default": "/"
|
"default": "/"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "email",
|
"name": "admin",
|
||||||
"type": "email",
|
"type": "user",
|
||||||
"ask": {
|
"ask": {
|
||||||
"en": "Choose an email for the admin user.",
|
"en": "Choose an admin user",
|
||||||
"fr": "Choisissez une adresse mail pour l'administrateur"
|
"fr": "Choisissez l’administrateur"
|
||||||
},
|
},
|
||||||
"example": "example@example.tld"
|
"example": "johndoe"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "is_public",
|
"name": "is_public",
|
||||||
"type": "boolean",
|
"type": "boolean",
|
||||||
"ask": {
|
"ask": {
|
||||||
"en": "Is it a public site? ",
|
"en": "Is it a public site?",
|
||||||
"fr": "Est-ce un site publique ? "
|
"fr": "Est-ce un site publique ?"
|
||||||
},
|
},
|
||||||
"default": true
|
"default": true
|
||||||
}
|
}
|
||||||
|
|
18
pull_request_template.md
Normal file
18
pull_request_template.md
Normal file
|
@ -0,0 +1,18 @@
|
||||||
|
## Problem
|
||||||
|
- *Description of why you made this PR*
|
||||||
|
|
||||||
|
## Solution
|
||||||
|
- *And how do you fix that problem*
|
||||||
|
|
||||||
|
## PR Status
|
||||||
|
- [ ] Code finished.
|
||||||
|
- [ ] Tested with Package_check.
|
||||||
|
- [ ] Fix or enhancement tested.
|
||||||
|
- [ ] Upgrade from last version tested.
|
||||||
|
- [ ] Can be reviewed and tested.
|
||||||
|
|
||||||
|
## Package_check results
|
||||||
|
---
|
||||||
|
*If you have access to [App Continuous Integration for packagers](https://yunohost.org/#/packaging_apps_ci) you can provide a link to the package_check results like below, replacing '-NUM-' in this link by the PR number and USERNAME by your username on the ci-apps-dev. Or you provide a screenshot or a pastebin of the results*
|
||||||
|
|
||||||
|
[![Build Status](https://ci-apps-dev.yunohost.org/jenkins/job/cryptpad_ynh%20PR-NUM-%20(USERNAME)/badge/icon)](https://ci-apps-dev.yunohost.org/jenkins/job/cryptpad_ynh%20PR-NUM-%20(USERNAME)/)
|
|
@ -3,83 +3,17 @@
|
||||||
#=================================================
|
#=================================================
|
||||||
# COMMON VARIABLES
|
# COMMON VARIABLES
|
||||||
#=================================================
|
#=================================================
|
||||||
nodejs_version=6
|
|
||||||
|
nodejs_version=12
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
|
# PERSONAL HELPERS
|
||||||
# Start or restart a service and follow its booting
|
|
||||||
#
|
|
||||||
# usage: ynh_check_starting "Line to match" [Log file] [Timeout] [Service name]
|
|
||||||
#
|
|
||||||
# | arg: Line to match - The line to find in the log to attest the service have finished to boot.
|
|
||||||
# | arg: Log file - The log file to watch
|
|
||||||
# | arg: Service name
|
|
||||||
# /var/log/$app/$app.log will be used if no other log is defined.
|
|
||||||
# | arg: Timeout - The maximum time to wait before ending the watching. Defaut 300 seconds.
|
|
||||||
ynh_check_starting () {
|
|
||||||
local line_to_match="$1"
|
|
||||||
local service_name="${4:-$app}"
|
|
||||||
local app_log="${2:-/var/log/$service_name/$service_name.log}"
|
|
||||||
local timeout=${3:-300}
|
|
||||||
|
|
||||||
ynh_clean_check_starting () {
|
|
||||||
# Stop the execution of tail.
|
|
||||||
kill -s 15 $pid_tail 2>&1
|
|
||||||
ynh_secure_remove "$templog" 2>&1
|
|
||||||
}
|
|
||||||
|
|
||||||
echo "Starting of $service_name" >&2
|
|
||||||
systemctl stop $service_name
|
|
||||||
local templog="$(mktemp)"
|
|
||||||
# Following the starting of the app in its log
|
|
||||||
tail -F -n0 "$app_log" > "$templog" &
|
|
||||||
# Get the PID of the tail command
|
|
||||||
local pid_tail=$!
|
|
||||||
systemctl start $service_name
|
|
||||||
|
|
||||||
local i=0
|
|
||||||
for i in `seq 1 $timeout`
|
|
||||||
do
|
|
||||||
# Read the log until the sentence is found, that means the app finished to start. Or run until the timeout
|
|
||||||
if grep --quiet "$line_to_match" "$templog"
|
|
||||||
then
|
|
||||||
echo "The service $service_name has correctly started." >&2
|
|
||||||
break
|
|
||||||
fi
|
|
||||||
echo -n "." >&2
|
|
||||||
sleep 1
|
|
||||||
done
|
|
||||||
if [ $i -eq $timeout ]
|
|
||||||
then
|
|
||||||
echo "The service $service_name didn't fully started before the timeout." >&2
|
|
||||||
fi
|
|
||||||
|
|
||||||
echo ""
|
|
||||||
ynh_clean_check_starting
|
|
||||||
}
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# EXPERIMENTAL HELPERS
|
||||||
|
#=================================================
|
||||||
|
|
||||||
# EXEC_LOGIN_AS Helper
|
#=================================================
|
||||||
|
# FUTURE OFFICIAL HELPERS
|
||||||
# Execute a command as another user with login
|
#=================================================
|
||||||
# (hence in user home dir, with prior loading of .profile, etc.)
|
|
||||||
# usage: exec_login_as USER COMMAND [ARG ...]
|
|
||||||
exec_login_as() {
|
|
||||||
local user=$1
|
|
||||||
shift 1
|
|
||||||
exec_as $user --login "$@"
|
|
||||||
}
|
|
||||||
# Execute a command as another user
|
|
||||||
# usage: exec_as USER COMMAND [ARG ...]
|
|
||||||
exec_as() {
|
|
||||||
local user=$1
|
|
||||||
shift 1
|
|
||||||
|
|
||||||
if [[ $user = $(whoami) ]]; then
|
|
||||||
eval "$@"
|
|
||||||
else
|
|
||||||
sudo -u "$user" "$@"
|
|
||||||
fi
|
|
||||||
}
|
|
|
@ -6,18 +6,17 @@
|
||||||
# IMPORT GENERIC HELPERS
|
# IMPORT GENERIC HELPERS
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
if [ ! -e _common.sh ]; then
|
#Keep this path for calling _common.sh inside the execution's context of backup and restore scripts
|
||||||
# Get the _common.sh file if it's not in the current directory
|
source ../settings/scripts/_common.sh
|
||||||
cp ../settings/scripts/_common.sh ./_common.sh
|
|
||||||
chmod a+rx _common.sh
|
|
||||||
fi
|
|
||||||
source _common.sh
|
|
||||||
source /usr/share/yunohost/helpers
|
source /usr/share/yunohost/helpers
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# MANAGE SCRIPT FAILURE
|
# MANAGE SCRIPT FAILURE
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
|
ynh_clean_setup () {
|
||||||
|
ynh_clean_check_starting
|
||||||
|
}
|
||||||
# Exit if an error occurs during the execution of the script
|
# Exit if an error occurs during the execution of the script
|
||||||
ynh_abort_if_errors
|
ynh_abort_if_errors
|
||||||
|
|
||||||
|
@ -26,31 +25,37 @@ ynh_abort_if_errors
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
app=$YNH_APP_INSTANCE_NAME
|
app=$YNH_APP_INSTANCE_NAME
|
||||||
domain=$(ynh_app_setting_get $app domain)
|
|
||||||
final_path=$(ynh_app_setting_get $app final_path)
|
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
||||||
|
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# STANDARD BACKUP STEPS
|
# DECLARE DATA AND CONF FILES TO BACKUP
|
||||||
#=================================================
|
#=================================================
|
||||||
# BACKUP APP MAIN DIR
|
ynh_print_info --message="Declaring files to be backed up..."
|
||||||
#=================================================
|
|
||||||
|
|
||||||
CHECK_SIZE "$final_path"
|
|
||||||
ynh_backup "$final_path" "sources"
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# BACKUP NGINX CONFIGURATION
|
# BACKUP THE APP MAIN DIR
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf" "nginx.conf"
|
ynh_backup --src_path="$final_path"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# BACKUP LOGROTATE CONFIGURATION
|
# BACKUP THE NGINX CONFIGURATION
|
||||||
#=================================================
|
|
||||||
ynh_backup "/etc/logrotate.d/$app" "logrotate"
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# BACKUP SYSTEMD CONFIGURATION
|
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
ynh_backup "/etc/systemd/system/$app.service" "systemd.service"
|
ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# SPECIFIC BACKUP
|
||||||
|
#=================================================
|
||||||
|
# BACKUP SYSTEMD
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
ynh_backup --src_path="/etc/systemd/system/$app.service"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# END OF SCRIPT
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)."
|
||||||
|
|
123
scripts/change_url
Normal file
123
scripts/change_url
Normal file
|
@ -0,0 +1,123 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# GENERIC STARTING
|
||||||
|
#=================================================
|
||||||
|
# IMPORT GENERIC HELPERS
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
source _common.sh
|
||||||
|
source /usr/share/yunohost/helpers
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# RETRIEVE ARGUMENTS
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
old_domain=$YNH_APP_OLD_DOMAIN
|
||||||
|
old_path=$YNH_APP_OLD_PATH
|
||||||
|
|
||||||
|
new_domain=$YNH_APP_NEW_DOMAIN
|
||||||
|
new_path=$YNH_APP_NEW_PATH
|
||||||
|
|
||||||
|
app=$YNH_APP_INSTANCE_NAME
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# LOAD SETTINGS
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Loading installation settings..." --weight=1
|
||||||
|
|
||||||
|
# Needed for helper "ynh_add_nginx_config"
|
||||||
|
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Backing up the app before changing its url (may take a while)..." --weight=2
|
||||||
|
|
||||||
|
# Backup the current version of the app
|
||||||
|
ynh_backup_before_upgrade
|
||||||
|
ynh_clean_setup () {
|
||||||
|
# Remove the new domain config file, the remove script won't do it as it doesn't know yet its location.
|
||||||
|
ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
|
||||||
|
|
||||||
|
# restore it if the upgrade fails
|
||||||
|
ynh_restore_upgradebackup
|
||||||
|
}
|
||||||
|
# Exit if an error occurs during the execution of the script
|
||||||
|
ynh_abort_if_errors
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# CHECK WHICH PARTS SHOULD BE CHANGED
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
change_domain=0
|
||||||
|
if [ "$old_domain" != "$new_domain" ]
|
||||||
|
then
|
||||||
|
change_domain=1
|
||||||
|
fi
|
||||||
|
|
||||||
|
change_path=0
|
||||||
|
if [ "$old_path" != "$new_path" ]
|
||||||
|
then
|
||||||
|
change_path=1
|
||||||
|
fi
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# STANDARD MODIFICATIONS
|
||||||
|
#=================================================
|
||||||
|
# STOP SYSTEMD SERVICE
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Stopping a systemd service..." --weight=1
|
||||||
|
|
||||||
|
ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# MODIFY URL IN NGINX CONF
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Updating nginx web server configuration..." --time --weight=1
|
||||||
|
|
||||||
|
nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
|
||||||
|
|
||||||
|
# Change the path in the nginx config file
|
||||||
|
if [ $change_path -eq 1 ]
|
||||||
|
then
|
||||||
|
# Make a backup of the original nginx config file if modified
|
||||||
|
ynh_backup_if_checksum_is_different --file="$nginx_conf_path"
|
||||||
|
# Set global variables for nginx helper
|
||||||
|
domain="$old_domain"
|
||||||
|
path_url="$new_path"
|
||||||
|
# Create a dedicated nginx config
|
||||||
|
ynh_add_nginx_config
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Change the domain for nginx
|
||||||
|
if [ $change_domain -eq 1 ]
|
||||||
|
then
|
||||||
|
# Delete file checksum for the old conf file location
|
||||||
|
ynh_delete_file_checksum --file="$nginx_conf_path"
|
||||||
|
mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf
|
||||||
|
# Store file checksum for the new config file location
|
||||||
|
ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
|
||||||
|
fi
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# GENERIC FINALISATION
|
||||||
|
#=================================================
|
||||||
|
# START SYSTEMD SERVICE
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Starting a systemd service..." --weight=1
|
||||||
|
|
||||||
|
ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="server available"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# RELOAD NGINX
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Reloading nginx web server..." --weight=1
|
||||||
|
|
||||||
|
ynh_systemd_action --service_name=nginx --action=reload
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# END OF SCRIPT
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
ynh_script_progression --message="Change of URL completed for $app" --last
|
156
scripts/install
156
scripts/install
|
@ -13,7 +13,11 @@ source /usr/share/yunohost/helpers
|
||||||
# MANAGE FAILURE OF THE SCRIPT
|
# MANAGE FAILURE OF THE SCRIPT
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
ynh_abort_if_errors # Active trap pour arrêter le script si une erreur est détectée.
|
ynh_clean_setup () {
|
||||||
|
ynh_clean_check_starting
|
||||||
|
}
|
||||||
|
# Exit if an error occurs during the execution of the script
|
||||||
|
ynh_abort_if_errors
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# RETRIEVE ARGUMENTS FROM THE MANIFEST
|
# RETRIEVE ARGUMENTS FROM THE MANIFEST
|
||||||
|
@ -21,78 +25,80 @@ ynh_abort_if_errors # Active trap pour arrêter le script si une erreur est dét
|
||||||
|
|
||||||
domain=$YNH_APP_ARG_DOMAIN
|
domain=$YNH_APP_ARG_DOMAIN
|
||||||
is_public=$YNH_APP_ARG_IS_PUBLIC
|
is_public=$YNH_APP_ARG_IS_PUBLIC
|
||||||
path_url=$YNH_APP_ARG_PATH
|
path_url="/"
|
||||||
admin_email=$YNH_APP_ARG_EMAIL
|
admin=$YNH_APP_ARG_ADMIN
|
||||||
|
|
||||||
app=$YNH_APP_INSTANCE_NAME
|
app=$YNH_APP_INSTANCE_NAME
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# CHECK IF THE APP CAN BE INSTALLED WITH THIS ARGS
|
# CHECK IF THE APP CAN BE INSTALLED WITH THIS ARGS
|
||||||
#=================================================
|
#=================================================
|
||||||
|
ynh_script_progression --message="Validating installation parameters..." --weight=1
|
||||||
|
|
||||||
final_path=/var/www/$app
|
final_path=/var/www/$app
|
||||||
test ! -e "$final_path" || ynh_die "This path already contains a folder"
|
test ! -e "$final_path" || ynh_die "This path already contains a folder"
|
||||||
|
|
||||||
# Normalize the url path syntax
|
|
||||||
path_url=$(ynh_normalize_url_path $path_url)
|
|
||||||
|
|
||||||
# Check web path availability
|
|
||||||
ynh_webpath_available $domain $path_url
|
|
||||||
# Register (book) web path
|
# Register (book) web path
|
||||||
ynh_webpath_register $app $domain $path_url
|
ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# STORE SETTINGS FROM MANIFEST
|
# STORE SETTINGS FROM MANIFEST
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
ynh_app_setting_set $app domain "$domain"
|
ynh_app_setting_set --app=$app --key=domain --value=$domain
|
||||||
ynh_app_setting_set $app is_public "$is_public"
|
ynh_app_setting_set --app=$app --key=is_public --value=$is_public
|
||||||
ynh_app_setting_set $app path_url "$path_url"
|
ynh_app_setting_set --app=$app --key=path_url --value=$path_url
|
||||||
|
ynh_app_setting_set --app=$app --key=admin --value=$admin
|
||||||
|
|
||||||
|
admin_mail=$(ynh_user_get_info "$admin" 'mail')
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# STANDARD MODIFICATIONS
|
# STANDARD MODIFICATIONS
|
||||||
#=================================================
|
#=================================================
|
||||||
# FIND AND OPEN A PORT
|
# FIND AND OPEN A PORT
|
||||||
#=================================================
|
#=================================================
|
||||||
|
ynh_script_progression --message="Configuring firewall..." --weight=1
|
||||||
|
|
||||||
# Find a free port
|
# Find an available port
|
||||||
port=$(ynh_find_port 4000)
|
port=$(ynh_find_port --port=3000)
|
||||||
# Open this port
|
ynh_app_setting_set --app=$app --key=port --value=$port
|
||||||
yunohost firewall allow --no-upnp TCP $port 2>&1
|
|
||||||
ynh_app_setting_set $app port $port
|
|
||||||
|
|
||||||
porti=$(ynh_find_port 5000)
|
|
||||||
# Open this port
|
|
||||||
yunohost firewall allow --no-upnp TCP $porti 2>&1
|
|
||||||
ynh_app_setting_set $app porti $porti
|
|
||||||
|
|
||||||
|
# Find an available port
|
||||||
|
porti=$(ynh_find_port --port=$(($port + 1)))
|
||||||
|
ynh_app_setting_set --app=$app --key=porti --value=$porti
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# INSTALL NODEJS
|
# INSTALL NODEJS & YARN
|
||||||
#=================================================
|
#=================================================
|
||||||
|
ynh_script_progression --message="Installing dependencies..." --weight=20
|
||||||
|
|
||||||
ynh_install_nodejs $nodejs_version
|
# Install Nodejs
|
||||||
|
ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version
|
||||||
|
|
||||||
|
# Install Yarn
|
||||||
|
ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ stable main" --package="yarn" --key="https://dl.yarnpkg.com/debian/pubkey.gpg"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# CREATE DEDICATED USER
|
# CREATE DEDICATED USER
|
||||||
#=================================================
|
#=================================================
|
||||||
|
ynh_script_progression --message="Configuring system user..." --weight=1
|
||||||
|
|
||||||
# Create a system user
|
# Create a system user
|
||||||
ynh_system_user_create $app
|
ynh_system_user_create --username=$app
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# SPECIFIC SETUP
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
||||||
#=================================================
|
#=================================================
|
||||||
|
ynh_script_progression --message="Setting up source files..." --weight=10
|
||||||
|
|
||||||
ynh_app_setting_set $app final_path $final_path
|
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
|
||||||
# Download, check integrity, uncompress and patch the source from app.src
|
# Download, check integrity, uncompress and patch the source from app.src
|
||||||
ynh_setup_source "$final_path"
|
ynh_setup_source --dest_dir="$final_path"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# NGINX CONFIGURATION
|
# NGINX CONFIGURATION
|
||||||
#=================================================
|
#=================================================
|
||||||
|
ynh_script_progression --message="Configuring nginx web server..." --weight=1
|
||||||
|
|
||||||
# Create a dedicated nginx config
|
# Create a dedicated nginx config
|
||||||
ynh_add_nginx_config
|
ynh_add_nginx_config
|
||||||
|
@ -100,93 +106,87 @@ ynh_add_nginx_config
|
||||||
#=================================================
|
#=================================================
|
||||||
# SETUP SYSTEMD
|
# SETUP SYSTEMD
|
||||||
#=================================================
|
#=================================================
|
||||||
|
ynh_script_progression --message="Configuring a systemd service..." --weight=1
|
||||||
|
|
||||||
|
ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="../conf/systemd.service"
|
||||||
|
ynh_replace_string --match_string="__FINALPATH__" --replace_string="$final_path" --target_file="../conf/systemd.service"
|
||||||
|
ynh_replace_string --match_string="__ENV_PATH__" --replace_string="$PATH" --target_file="../conf/systemd.service"
|
||||||
|
ynh_replace_string --match_string="__YNH_NPM__" --replace_string="$ynh_npm" --target_file="../conf/systemd.service"
|
||||||
|
|
||||||
# Create a dedicated systemd config
|
|
||||||
ynh_add_systemd_config
|
ynh_add_systemd_config
|
||||||
ynh_replace_string "__NODEJS__" "$nodejs_version" "/etc/systemd/system/$app.service"
|
|
||||||
ynh_replace_string "__ENV_PATH__" "$PATH" "/etc/systemd/system/$app.service"
|
|
||||||
ynh_replace_string "__NODE__" "$nodejs_path" "/etc/systemd/system/$app.service"
|
|
||||||
systemctl daemon-reload
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# Créer le dossier de log
|
# CONFIGURE CONFIG.JS
|
||||||
#=================================================
|
|
||||||
|
|
||||||
mkdir -p /var/log/$app
|
|
||||||
touch /var/log/$app/cryptpad.log
|
|
||||||
install_log=/var/log/$app/installation.log
|
|
||||||
touch $install_log
|
|
||||||
chown $app: -R /var/log/$app
|
|
||||||
chown admin: -R $install_log
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# CONFIGURE SERVER.JS
|
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
# Copy default configuration file
|
# Copy default configuration file
|
||||||
mv "../conf/config.js" "$final_path/config/config.js"
|
mv "../conf/config.js" "$final_path/config/config.js"
|
||||||
ynh_replace_string "_domain = 'http://localhost:3000/'" "_domain = 'https://$domain$path_url'" "$final_path/config/config.js"
|
|
||||||
# Set service port
|
|
||||||
ynh_replace_string "__PORT__" "$port" "$final_path/config/config.js"
|
|
||||||
ynh_replace_string "__PORTI__" "$porti" "$final_path/config/config.js"
|
|
||||||
|
|
||||||
# Tune CSP to allow for YunoHost tile
|
ynh_replace_string --match_string="__PORT__" --replace_string="$port" --target_file="$final_path/config/config.js"
|
||||||
#ynh_replace_string "\"script-src 'self'\"" "\"script-src 'self' 'unsafe-eval'\"" "$final_path/config.js"
|
ynh_replace_string --match_string="__PORTI__" --replace_string="$porti" --target_file="$final_path/config/config.js"
|
||||||
# Remove donate button
|
ynh_replace_string --match_string="__ADMIN_MAIL__" --replace_string="$admin_mail" --target_file="$final_path/config/config.js"
|
||||||
ynh_replace_string "removeDonateButton: false" "removeDonateButton: true" "$final_path/config/config.js"
|
|
||||||
# Disable analytics unsolicited communications
|
|
||||||
ynh_replace_string "__ADMIN_EMAIL_" "$admin_email" "$final_path/config/config.js"
|
|
||||||
# Store file checksum to detected user modifications on upgrade
|
# Store file checksum to detected user modifications on upgrade
|
||||||
ynh_store_file_checksum "$final_path/config/config.js"
|
ynh_store_file_checksum "$final_path/config/config.js"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# INSTALL CRYPTPAD
|
# INSTALL CRYPTPAD
|
||||||
#=================================================
|
#=================================================
|
||||||
|
ynh_script_progression --message="Building $app... (this will take some time and resources!)" --weight=60
|
||||||
|
|
||||||
script_dir="$PWD"
|
pushd "$final_path" || ynh_die
|
||||||
pushd "$final_path"
|
|
||||||
npm install --allow-root
|
|
||||||
npm install -g bower --allow-root
|
|
||||||
bower install --allow-root
|
|
||||||
popd
|
|
||||||
|
|
||||||
#=================================================
|
ynh_use_nodejs
|
||||||
# INSTALL CRYPTPAD
|
ynh_exec_warn_less yarn install --allow-root
|
||||||
#=================================================
|
yarn global add bower
|
||||||
|
bower install --allow-root
|
||||||
|
|
||||||
script_dir="$PWD"
|
popd || ynh_die
|
||||||
pushd "$final_path"
|
|
||||||
npm install --allow-root
|
|
||||||
npm install -g bower --allow-root
|
|
||||||
bower install --allow-root
|
|
||||||
popd
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# Set some permissions
|
# Set some permissions
|
||||||
#=================================================
|
#=================================================
|
||||||
|
ynh_script_progression --message="Securing files and directories..." --weight=1
|
||||||
|
|
||||||
chown $app:$app $final_path -R
|
chown -R $app:$app $final_path
|
||||||
chown $app:$app /var/log/$app/cryptpad.log
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# ENABLE SERVICE IN ADMIN PANEL
|
# INTEGRATE SERVICE IN ADMIN PANEL
|
||||||
#=================================================
|
#=================================================
|
||||||
|
ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
|
||||||
|
|
||||||
# Ajoute le service au monitoring de Yunohost.
|
# Ajoute le service au monitoring de Yunohost.
|
||||||
yunohost service add $app --log "/var/log/$app/$app.log"
|
yunohost service add $app --log "/var/log/$app/$app.log"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# START SYSTEMD SERVICE
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Starting a systemd service..." --weight=2
|
||||||
|
|
||||||
|
# Start a systemd service
|
||||||
|
ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="server available"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# SETUP SSOWAT
|
# SETUP SSOWAT
|
||||||
#=================================================
|
#=================================================
|
||||||
|
ynh_script_progression --message="Configuring SSOwat..." --weight=1
|
||||||
|
|
||||||
if [ $is_public -eq 1 ];
|
# Make app public if necessary
|
||||||
|
if [ $is_public -eq 1 ]
|
||||||
then
|
then
|
||||||
ynh_app_setting_set "$app" unprotected_uris "/"
|
# unprotected_uris allows SSO credentials to be passed anyway.
|
||||||
|
ynh_permission_update --permission "main" --add visitors
|
||||||
fi
|
fi
|
||||||
|
|
||||||
ynh_check_starting "loading rpc module..." "/var/log/$app/cryptpad.log" "15"
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# RELOAD NGINX
|
# RELOAD NGINX
|
||||||
#=================================================
|
#=================================================
|
||||||
|
ynh_script_progression --message="Reloading nginx web server..." --weight=1
|
||||||
|
|
||||||
systemctl reload nginx
|
ynh_systemd_action --service_name=nginx --action=reload
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# END OF SCRIPT
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
ynh_script_progression --message="Installation of $app completed" --last
|
||||||
|
|
|
@ -12,64 +12,70 @@ source /usr/share/yunohost/helpers
|
||||||
#=================================================
|
#=================================================
|
||||||
# LOAD SETTINGS
|
# LOAD SETTINGS
|
||||||
#=================================================
|
#=================================================
|
||||||
|
ynh_script_progression --message="Loading installation settings..." --weight=1
|
||||||
|
|
||||||
app=$YNH_APP_INSTANCE_NAME
|
app=$YNH_APP_INSTANCE_NAME
|
||||||
port=$(ynh_app_setting_get $app port)
|
|
||||||
# Retrieve app settings
|
port=$(ynh_app_setting_get --app=$app --key=port)
|
||||||
domain=$(ynh_app_setting_get $app domain)
|
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
||||||
final_path=$(ynh_app_setting_get $app final_path)
|
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# STANDARD REMOVE
|
# STANDARD REMOVE
|
||||||
|
#=================================================
|
||||||
|
# REMOVE SERVICE INTEGRATION IN YUNOHOST
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
# Remove the service from the list of services known by Yunohost (added from `yunohost service add`)
|
||||||
|
if ynh_exec_warn_less yunohost service status $app >/dev/null
|
||||||
|
then
|
||||||
|
ynh_script_progression --message="Removing $app service..." --weight=3
|
||||||
|
yunohost service remove $app
|
||||||
|
fi
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# STOP AND REMOVE SERVICE
|
# STOP AND REMOVE SERVICE
|
||||||
#=================================================
|
#=================================================
|
||||||
|
ynh_script_progression --message="Stopping and removing the systemd service..." --weight=2
|
||||||
|
|
||||||
# Remove the dedicated systemd config
|
# Remove the dedicated systemd config
|
||||||
ynh_remove_systemd_config
|
ynh_remove_systemd_config
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# REMOVE SERVICE FROM ADMIN PANEL
|
|
||||||
#=================================================
|
|
||||||
|
|
||||||
# Remove a service from the admin panel, added by `yunohost service add`
|
|
||||||
if yunohost service status | grep -q $app
|
|
||||||
then
|
|
||||||
echo "Remove $app service"
|
|
||||||
yunohost service remove $app
|
|
||||||
fi
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# REMOVE NODEJS
|
# REMOVE NODEJS
|
||||||
#=================================================
|
#=================================================
|
||||||
|
ynh_script_progression --message="Removing dependencies..." --weight=3
|
||||||
|
|
||||||
ynh_remove_nodejs
|
ynh_remove_nodejs
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# REMOVE APP MAIN DIR
|
# REMOVE APP MAIN DIR
|
||||||
#=================================================
|
#=================================================
|
||||||
|
ynh_script_progression --message="Removing app main directory..." --weight=3
|
||||||
|
|
||||||
# Remove the app directory securely
|
# Remove the app directory securely
|
||||||
ynh_secure_remove "$final_path"
|
ynh_secure_remove --file="$final_path"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# REMOVE NGINX CONFIGURATION
|
# REMOVE NGINX CONFIGURATION
|
||||||
#=================================================
|
#=================================================
|
||||||
|
ynh_script_progression --message="Removing nginx web server configuration..." --weight=1
|
||||||
|
|
||||||
# Remove the dedicated nginx config
|
# Remove the dedicated nginx config
|
||||||
ynh_remove_nginx_config
|
ynh_remove_nginx_config
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# REMOVE THE LOGROTATE CONFIG
|
|
||||||
#=================================================
|
|
||||||
|
|
||||||
ynh_remove_logrotate # Remove the app-specific logrotate config
|
|
||||||
ynh_secure_remove "/var/log/$app/"
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# GENERIC FINALIZATION
|
# GENERIC FINALIZATION
|
||||||
#=================================================
|
#=================================================
|
||||||
# REMOVE DEDICATED USER
|
# REMOVE DEDICATED USER
|
||||||
#=================================================
|
#=================================================
|
||||||
|
ynh_script_progression --message="Removing the dedicated system user..." --weight=1
|
||||||
|
|
||||||
ynh_system_user_delete $app
|
# Delete a system user
|
||||||
|
ynh_system_user_delete --username=$app
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# END OF SCRIPT
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
ynh_script_progression --message="Removal of $app completed" --last
|
||||||
|
|
|
@ -6,12 +6,8 @@
|
||||||
# IMPORT GENERIC HELPERS
|
# IMPORT GENERIC HELPERS
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
if [ ! -e _common.sh ]; then
|
#Keep this path for calling _common.sh inside the execution's context of backup and restore scripts
|
||||||
# Get the _common.sh file if it's not in the current directory
|
source ../settings/scripts/_common.sh
|
||||||
cp ../settings/scripts/_common.sh ./_common.sh
|
|
||||||
chmod a+rx _common.sh
|
|
||||||
fi
|
|
||||||
source _common.sh
|
|
||||||
source /usr/share/yunohost/helpers
|
source /usr/share/yunohost/helpers
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
|
@ -19,7 +15,6 @@ source /usr/share/yunohost/helpers
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
ynh_clean_setup () {
|
ynh_clean_setup () {
|
||||||
# Nettoyage des résidus d'installation non pris en charge par le script remove.
|
|
||||||
ynh_clean_check_starting
|
ynh_clean_check_starting
|
||||||
}
|
}
|
||||||
# Exit if an error occurs during the execution of the script
|
# Exit if an error occurs during the execution of the script
|
||||||
|
@ -28,81 +23,98 @@ ynh_abort_if_errors
|
||||||
#=================================================
|
#=================================================
|
||||||
# LOAD SETTINGS
|
# LOAD SETTINGS
|
||||||
#=================================================
|
#=================================================
|
||||||
|
ynh_script_progression --message="Loading installation settings..." --weight=1
|
||||||
|
|
||||||
app=$YNH_APP_INSTANCE_NAME
|
app=$YNH_APP_INSTANCE_NAME
|
||||||
|
|
||||||
domain=$(ynh_app_setting_get $app domain)
|
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
||||||
path_url=$(ynh_app_setting_get $app path)
|
path_url=$(ynh_app_setting_get --app=$app --key=path)
|
||||||
is_public=$(ynh_app_setting_get $app is_public)
|
is_public=$(ynh_app_setting_get --app=$app --key=is_public)
|
||||||
final_path=$(ynh_app_setting_get $app final_path)
|
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# CHECK IF THE APP CAN BE RESTORED
|
# CHECK IF THE APP CAN BE RESTORED
|
||||||
#=================================================
|
#=================================================
|
||||||
|
ynh_script_progression --message="Validating restoration parameters..." --weight=1
|
||||||
|
|
||||||
ynh_webpath_available $domain $path_url \
|
ynh_webpath_available --domain=$domain --path_url=$path_url \
|
||||||
|| ynh_die "Path not available: ${domain}${path_url}"
|
|| ynh_die --message="Path not available: ${domain}${path_url}"
|
||||||
test ! -d $final_path \
|
test ! -d $final_path \
|
||||||
|| ynh_die "There is already a directory: $final_path "
|
|| ynh_die --message="There is already a directory: $final_path "
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# STANDARD RESTORE STEPS
|
# STANDARD RESTORATION STEPS
|
||||||
#=================================================
|
#=================================================
|
||||||
# RESTORE OF THE NGINX CONFIGURATION
|
# RESTORE THE NGINX CONFIGURATION
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
ynh_restore_file "/etc/nginx/conf.d/$domain.d/$app.conf"
|
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# RESTORE OF THE MAIN DIR OF THE APP
|
# RESTORE THE APP MAIN DIR
|
||||||
#=================================================
|
#=================================================
|
||||||
|
ynh_script_progression --message="Restoring the app main directory..." --weight=6
|
||||||
|
|
||||||
ynh_restore_file "$final_path"
|
ynh_restore_file --origin_path="$final_path"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# RECREATE THE DEDICATED USER
|
# RECREATE THE DEDICATED USER
|
||||||
#=================================================
|
#=================================================
|
||||||
|
ynh_script_progression --message="Recreating the dedicated system user..." --weight=1
|
||||||
|
|
||||||
ynh_system_user_create $app $final_path # Recreate the dedicated user, if it doesn't exist
|
# Create the dedicated user (if not existing)
|
||||||
|
ynh_system_user_create --username=$app
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# SPECIFIC RESTORE
|
# RESTORE USER RIGHTS
|
||||||
#=================================================
|
|
||||||
# HANDLE LOG FILES AND LOGROTATE
|
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
mkdir -p /var/log/$app
|
# Restore permissions on app files
|
||||||
touch /var/log/$app/etherpad.log
|
chown -R $app:$app $final_path
|
||||||
install_log=/var/log/$app/installation.log
|
|
||||||
touch $install_log
|
|
||||||
chown $app -R /var/log/$app
|
|
||||||
chown admin -R $install_log
|
|
||||||
|
|
||||||
# Restore logrotate configuration
|
|
||||||
ynh_restore_file "/etc/logrotate.d/$app"
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# INSTALL NODEJS
|
# REINSTALL DEPENDENCIES
|
||||||
#=================================================
|
#=================================================
|
||||||
|
ynh_script_progression --message="Reinstalling dependencies..." --weight=7
|
||||||
|
|
||||||
ynh_install_nodejs $nodejs_version
|
# Install Nodejs
|
||||||
|
ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version
|
||||||
|
|
||||||
#=================================================
|
# Install Yarn
|
||||||
# ENABLE SERVICE IN ADMIN PANEL
|
ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ stable main" --package="yarn" --key="https://dl.yarnpkg.com/debian/pubkey.gpg"
|
||||||
#=================================================
|
|
||||||
|
|
||||||
yunohost service add $app --log "/var/log/$app/etherpad.log"
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# RESTORE SYSTEMD
|
# RESTORE SYSTEMD
|
||||||
#=================================================
|
#=================================================
|
||||||
|
ynh_script_progression --message="Restoring the systemd configuration..." --weight=1
|
||||||
|
|
||||||
ynh_restore_file "/etc/systemd/system/$app.service"
|
ynh_restore_file --origin_path="/etc/systemd/system/$app.service"
|
||||||
## Démarrage auto du service
|
|
||||||
systemctl enable $app.service
|
systemctl enable $app.service
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# RELOAD NGINX
|
# INTEGRATE SERVICE IN YUNOHOST
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
systemctl reload nginx
|
yunohost service add $app --description "Zero Knowledge realtime collaborative editor" --log "/var/log/$app/$app.log"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# START SYSTEMD SERVICE
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Starting a systemd service..." --weight=1
|
||||||
|
|
||||||
|
ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="server available"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# GENERIC FINALIZATION
|
||||||
|
#=================================================
|
||||||
|
# RELOAD NGINX
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Reloading nginx web server..." --weight=1
|
||||||
|
|
||||||
|
ynh_systemd_action --service_name=nginx --action=reload
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# END OF SCRIPT
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
ynh_script_progression --message="Restoration completed for $app" --last
|
||||||
|
|
217
scripts/upgrade
217
scripts/upgrade
|
@ -1,7 +1,5 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
# Exit on command errors and treat unset variables as an error
|
|
||||||
set -eu
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# GENERIC STARTING
|
# GENERIC STARTING
|
||||||
#=================================================
|
#=================================================
|
||||||
|
@ -23,146 +21,175 @@ DESTDIR="/var/www/$app"
|
||||||
"The destination directory '$DESTDIR' does not exist.\
|
"The destination directory '$DESTDIR' does not exist.\
|
||||||
The app is not correctly installed, you should remove it first."
|
The app is not correctly installed, you should remove it first."
|
||||||
|
|
||||||
# Retrieve arguments
|
#=================================================
|
||||||
domain=$(ynh_app_setting_get "$app" domain)
|
# LOAD SETTINGS
|
||||||
path_url=$(ynh_normalize_url_path "$(ynh_app_setting_get "$app" path_url)")
|
#=================================================
|
||||||
final_path=$(ynh_app_setting_get "$app" final_path)
|
ynh_script_progression --message="Loading installation settings..." --weight=1
|
||||||
is_public=$(ynh_app_setting_get "$app" is_public)
|
|
||||||
port=$(ynh_app_setting_get "$app" port)
|
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
||||||
|
path_url=$(ynh_app_setting_get --app=$app --key=path_url)
|
||||||
|
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||||
|
is_public=$(ynh_app_setting_get --app=$app --key=is_public)
|
||||||
|
admin=$(ynh_app_setting_get --app=$app --key=admin)
|
||||||
|
admin_mail=$(ynh_user_get_info "$admin" 'mail')
|
||||||
|
port=$(ynh_app_setting_get --app=$app --key=port)
|
||||||
|
porti=$(ynh_app_setting_get --app=$app --key=porti)
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# MANAGE SCRIPT FAILURE
|
# CHECK VERSION
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
# Use prior backup and restore on error only if backup feature
|
upgrade_type=$(ynh_check_app_version_changed)
|
||||||
# exists on installed instance
|
|
||||||
if [ -f "/etc/yunohost/apps/$app/scripts/backup" ] ; then
|
#=================================================
|
||||||
ynh_backup_before_upgrade # Backup the current version of the app
|
# ENSURE DOWNWARD COMPATIBILITY
|
||||||
ynh_clean_setup () {
|
#=================================================
|
||||||
ynh_restore_upgradebackup
|
ynh_script_progression --message="Ensuring downward compatibility..." --weight=2
|
||||||
}
|
|
||||||
ynh_abort_if_errors # Stop script if an error is detected
|
# Fix is_public as a boolean value
|
||||||
|
if [ "$is_public" = "Yes" ]; then
|
||||||
|
ynh_app_setting_set --app=$app --key=is_public --value=1
|
||||||
|
is_public=1
|
||||||
|
elif [ "$is_public" = "No" ]; then
|
||||||
|
ynh_app_setting_set --app=$app --key=is_public --value=0
|
||||||
|
is_public=0
|
||||||
|
fi
|
||||||
|
|
||||||
|
# If final_path doesn't exist, create it
|
||||||
|
if [ -z "$final_path" ]; then
|
||||||
|
final_path=/var/www/$app
|
||||||
|
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
|
||||||
fi
|
fi
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# INSTALL NODEJS
|
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_install_nodejs $nodejs_version
|
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=1
|
||||||
|
|
||||||
|
# Backup the current version of the app
|
||||||
|
ynh_backup_before_upgrade
|
||||||
|
ynh_clean_setup () {
|
||||||
|
# restore it if the upgrade fails
|
||||||
|
ynh_restore_upgradebackup
|
||||||
|
}
|
||||||
|
# Exit if an error occurs during the execution of the script
|
||||||
|
ynh_abort_if_errors
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# CREATE DEDICATED USER
|
# STANDARD UPGRADE STEPS
|
||||||
#=================================================
|
#=================================================
|
||||||
|
# STOP SYSTEMD SERVICE
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Stopping a systemd service..." --weight=1
|
||||||
|
|
||||||
ynh_system_user_create $app
|
ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log"
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# SPECIFIC SETUP
|
|
||||||
#=================================================
|
|
||||||
# HANDLE LOG FILES AND LOGROTATE
|
|
||||||
#=================================================
|
|
||||||
|
|
||||||
# Setup logrotate
|
|
||||||
ynh_use_logrotate /var/log/${app}/*.log --non-append
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
final_path=/var/www/$app
|
if [ "$upgrade_type" == "UPGRADE_APP" ]
|
||||||
ynh_app_setting_set $app final_path $final_path
|
then
|
||||||
ynh_setup_source $final_path
|
ynh_script_progression --message="Upgrading source files..." --weight=1
|
||||||
|
|
||||||
# Set files ownership during installation
|
# Download, check integrity, uncompress and patch the source from app.src
|
||||||
sudo chown $app: $final_path -R
|
ynh_setup_source --dest_dir="$final_path"
|
||||||
sudo chmod 755 $final_path -R
|
fi
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# Modify Nginx configuration file and copy it to Nginx conf directory
|
# NGINX CONFIGURATION
|
||||||
#=================================================
|
#=================================================
|
||||||
|
ynh_script_progression --message="Upgrading nginx web server configuration..." --weight=1
|
||||||
|
|
||||||
|
# Create a dedicated nginx config
|
||||||
ynh_add_nginx_config
|
ynh_add_nginx_config
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# ADD SYSTEMD SERVICE
|
# INSTALL NODEJS
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Upgrading dependencies..." --weight=6
|
||||||
|
|
||||||
|
# Install Nodejs
|
||||||
|
ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$nodejs_version
|
||||||
|
|
||||||
|
# Install Yarn
|
||||||
|
ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ stable main" --package="yarn" --key="https://dl.yarnpkg.com/debian/pubkey.gpg"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# CREATE DEDICATED USER
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1
|
||||||
|
|
||||||
|
# Create a dedicated user (if not existing)
|
||||||
|
ynh_system_user_create --username=$app
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# CONFIGURE CONFIG.JS
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
ynh_replace_string "__NODE__" "$nodejs_path" "../conf/systemd.service"
|
ynh_backup_if_checksum_is_different "$final_path/config/config.js"
|
||||||
ynh_replace_string "__NODEJS__" "$nodejs_version" "../conf/systemd.service"
|
|
||||||
ynh_replace_string "__ENV_PATH__" "$PATH" "../conf/systemd.service"
|
|
||||||
ynh_add_systemd_config
|
|
||||||
|
|
||||||
|
# Copy default configuration file
|
||||||
|
mv "../conf/config.js" "$final_path/config/config.js"
|
||||||
|
|
||||||
|
ynh_replace_string --match_string="__PORT__" --replace_string="$port" --target_file="$final_path/config/config.js"
|
||||||
|
ynh_replace_string --match_string="__PORTI__" --replace_string="$porti" --target_file="$final_path/config/config.js"
|
||||||
|
ynh_replace_string --match_string="__ADMIN_MAIL__" --replace_string="$admin_mail" --target_file="$final_path/config/config.js"
|
||||||
|
|
||||||
|
# Store file checksum to detected user modifications on upgrade
|
||||||
|
ynh_store_file_checksum "$final_path/config/config.js"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# INSTALL CRYPTPAD
|
# INSTALL CRYPTPAD
|
||||||
#=================================================
|
#=================================================
|
||||||
|
ynh_script_progression --message="Building $app... (this will take some time and resources!)" --weight=60
|
||||||
|
|
||||||
script_dir="$PWD"
|
pushd "$final_path" || ynh_die
|
||||||
pushd "$final_path"
|
|
||||||
chown -R $app: $final_path
|
ynh_use_nodejs
|
||||||
npm install
|
ynh_exec_warn_less yarn install --allow-root
|
||||||
npm install -g bower
|
yarn global add bower
|
||||||
exec_login_as $app cd $final_path && env PATH=$PATH bower install
|
bower install --allow-root
|
||||||
popd
|
|
||||||
|
popd || ynh_die
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# CONFIGURE SERVER.JS
|
# SETUP SYSTEMD
|
||||||
#=================================================
|
#=================================================
|
||||||
|
ynh_script_progression --message="Upgrading systemd configuration..." --weight=1
|
||||||
|
|
||||||
# Backup configuration file if changed
|
ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="../conf/systemd.service"
|
||||||
ynh_backup_if_checksum_is_different "$final_path/config.js"
|
ynh_replace_string --match_string="__FINALPATH__" --replace_string="$final_path" --target_file="../conf/systemd.service"
|
||||||
|
ynh_replace_string --match_string="__ENV_PATH__" --replace_string="$PATH" --target_file="../conf/systemd.service"
|
||||||
|
ynh_replace_string --match_string="__YNH_NPM__" --replace_string="$ynh_npm" --target_file="../conf/systemd.service"
|
||||||
|
|
||||||
# Copy default configuration file
|
# Create a dedicated systemd config
|
||||||
sudo mv "$final_path/config.example.js" "$final_path/config.js"
|
ynh_add_systemd_config
|
||||||
|
|
||||||
# Set service port
|
|
||||||
ynh_replace_string "httpPort: 3000" "httpPort: $port" "$final_path/config.js"
|
|
||||||
# Tune CSP to allow for YunoHost tile
|
|
||||||
ynh_replace_string "\"script-src 'self'\"" "\"script-src 'self' 'unsafe-eval'\"" "$final_path/config.js"
|
|
||||||
# Remove donate button
|
|
||||||
ynh_replace_string "removeDonateButton: false" "removeDonateButton: true" "$final_path/config.js"
|
|
||||||
# Disable analytics unsolicited communications
|
|
||||||
ynh_replace_string "adminEmail: 'i.did.not.read.my.config@cryptpad.fr'" "adminEmail: false" "$final_path/config.js"
|
|
||||||
|
|
||||||
# Store file checksum to detected user modifications on upgrade
|
|
||||||
ynh_store_file_checksum "$final_path/config.js"
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# SET FILES OWNERSHIP
|
# SECURE FILES AND DIRECTORIES
|
||||||
#=================================================
|
#=================================================
|
||||||
|
ynh_script_progression --message="Upgrading systemd configuration..." --weight=1
|
||||||
|
|
||||||
sudo chown -R root: $final_path
|
# Set permissions on app files
|
||||||
sudo chown -R $app: $final_path/datastore $final_path/pins $final_path/blob $final_path/blobstage
|
chown -R $app:$app $final_path
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# INSTALL MODULES FOR CRYPTPAD
|
# START SYSTEMD SERVICE
|
||||||
#=================================================
|
#=================================================
|
||||||
|
ynh_script_progression --message="Starting a systemd service..." --weight=1
|
||||||
|
|
||||||
#npm install cryptpad-level-store;
|
ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="server available"
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# ENABLE SERVICE IN ADMIN PANEL
|
|
||||||
#=================================================
|
|
||||||
|
|
||||||
# Ajoute le service au monitoring de Yunohost.
|
|
||||||
sudo yunohost service add $app --log "/var/log/$app/$app.log"
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# START CRYPTPAD IN BACKGROUND
|
|
||||||
#=================================================
|
|
||||||
|
|
||||||
sudo systemctl start $app
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# SETUP SSOWAT
|
|
||||||
#=================================================
|
|
||||||
|
|
||||||
if [ $is_public -eq 1 ];
|
|
||||||
then
|
|
||||||
ynh_app_setting_set "$app" unprotected_uris "/"
|
|
||||||
fi
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# RELOAD NGINX
|
# RELOAD NGINX
|
||||||
#=================================================
|
#=================================================
|
||||||
sudo systemctl restart php5-fpm
|
ynh_script_progression --message="Reloading nginx web server..." --weight=1
|
||||||
sudo systemctl reload nginx
|
|
||||||
|
ynh_systemd_action --service_name=nginx --action=reload
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# END OF SCRIPT
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
ynh_script_progression --message="Upgrade of $app completed" --last
|
||||||
|
|
Loading…
Reference in a new issue