2021-03-11 00:34:24 +01:00
#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
ynh_clean_setup () {
ynh_clean_check_starting
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================
domain=$YNH_APP_ARG_DOMAIN
path_url="/" # not customizable, so not using: path_url=$YNH_APP_ARG_PATH
is_public=$YNH_APP_ARG_IS_PUBLIC
2021-08-05 23:28:50 +02:00
app=$YNH_APP_INSTANCE_NAME
2021-03-11 00:34:24 +01:00
# autosynchronization variables
autosynchronize=$YNH_APP_ARG_AUTOSYNCHRONIZE
couch_url=$YNH_APP_ARG_COUCH_URL
couch_admin_name=$YNH_APP_ARG_COUCH_ADMIN_NAME
couch_admin_password=$YNH_APP_ARG_COUCH_ADMIN_PASSWORD
couch_datoadmin_name=$YNH_APP_ARG_COUCH_DATOADMIN_NAME
couch_datoadmin_password=$YNH_APP_ARG_COUCH_DATOADMIN_PASSWORD
admin_email=$YNH_APP_ARG_ADMIN_EMAIL
# make sure autosynchronize variable is a boolean
if [[
"$autosynchronize" == "true" ||
"$autosynchronize" == "yes" ||
"$autosynchronize" == "1"
]] && [[ "$couch_url" != "none" ]]
then
autosynchronize=true
else
autosynchronize=false
fi
#=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#=================================================
ynh_script_progression --message="Validating installation parameters..." --weight=1
# dato provides an internal webserver, setup it's installation path
final_path=/opt/yunohost/$app
test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
# Register (book) web path
ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
ynh_script_progression --message="Storing installation settings..." --weight=1
ynh_app_setting_set --app=$app --key=domain --value=$domain
ynh_app_setting_set --app=$app --key=admin_email --value=$admin_email
ynh_app_setting_set --app=$app --key=autosynchronize --value=$autosynchronize
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
ynh_app_setting_set --app=$app --key=couch_url --value=$couch_url
ynh_app_setting_set --app=$app --key=couch_admin_name --value=$couch_admin_name
ynh_app_setting_set --app=$app --key=couch_admin_password --value=$couch_admin_password
ynh_app_setting_set --app=$app --key=admin_email --value=$admin_email
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# FIND AND OPEN A PORT
#=================================================
ynh_script_progression --message="Finding an available port..." --weight=1
# Find an available port
port=$(ynh_find_port --port=9559)
ynh_app_setting_set --app=$app --key=port --value=$port
#=================================================
# INSTALL DEPENDENCIES
#=================================================
ynh_script_progression --message="Installing dependencies..." --weight=6
ynh_install_app_dependencies $pkg_dependencies
2021-08-05 23:28:50 +02:00
ynh_install_nodejs --nodejs_version=$nodejs_version
2021-03-11 00:34:24 +01:00
#=================================================
2021-08-05 23:28:50 +02:00
# CREATE DEDICATED USER
2021-03-11 00:34:24 +01:00
#=================================================
2021-08-05 23:28:50 +02:00
ynh_script_progression --message="Configuring system user..." --weight=1
2021-03-11 00:34:24 +01:00
2021-08-05 23:28:50 +02:00
# Create a system user
ynh_system_user_create --username=$app --home_dir=$final_path
2021-03-11 00:34:24 +01:00
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression --message="Setting up source files..." --weight=2
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
2021-08-05 23:28:50 +02:00
# Download, check integrity, uncompress and patch the source from app.src
2021-03-11 00:34:24 +01:00
ynh_setup_source --dest_dir="$final_path"
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring NGINX web server..." --weight=1
# Create a dedicated NGINX config
ynh_add_nginx_config
#=================================================
# SPECIFIC SETUP
#=================================================
# BUILD NODE DEPENDENCIES
#=================================================
ynh_script_progression --message="Building node dependencies..." --weight=90
chown -R "$app":"$app" $final_path
pushd "$final_path"
ynh_use_nodejs
sudo -u $app env $ynh_node_load_PATH npm install --loglevel warn
# ynh_exec_as $app PATH="$nodejs_path:$PATH" "$nodejs_path/npm" install --loglevel warn
popd
#=================================================
# SETUP SYSTEMD
#=================================================
ynh_script_progression --message="Configuring a systemd service..." --weight=2
# Create a dedicated systemd config
2021-08-05 23:28:50 +02:00
ynh_add_systemd_config
2021-03-11 00:34:24 +01:00
#=================================================
# GENERATE CONFIG FILES
#=================================================
ynh_script_progression --message="Generating dato config files..." --weight=3
dato_setup_config_files
#=================================================
# CUSTOMIZE SETUP FOR AUTOSYNCHRONIZATION
#=================================================
if [[ $autosynchronize == true ]]; then
#=================================================
# CUSTOMIZE COUCHDB SETTINGS
#=================================================
ynh_script_progression --message="Customizing couch config..." --weight=2
# make sure that couchdb has CORS enabled and that it accepts requests from dato domain
ynh_add_config --template="../conf/couch.ini" --destination="/opt/couchdb/etc/local.d/$app.ini"
2021-09-09 19:42:21 +02:00
# restart couchdb service so that it takes into consideration the changes
yunohost service restart couchdb
2021-03-11 00:34:24 +01:00
#=================================================
# SETUP A COUCHDB DATO ADMIN USER
#=================================================
ynh_script_progression --message="Setting up admin user in couch..." --weight=2
# figure out couch url with password
couch_pw_url=$(echo "$couch_url" | sed -En "s+^https?://+https://$couch_admin_name:$couch_admin_password@+p")
# add admin user to couch users database
2021-09-09 09:52:36 +02:00
addDatoAdmin_curlResult=$(curl -X PUT "$couch_pw_url/_users/org.couchdb.user:$couch_datoadmin_name" \
2021-03-11 00:34:24 +01:00
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-d "{\"name\": \"$couch_datoadmin_name\", \"password\": \"$couch_datoadmin_password\", \"roles\": [\"dato-admin\"], \"type\": \"user\"}" 2> /dev/null)
# display error message if there was an error creating dato admin user in couch
2021-09-10 14:07:06 +02:00
if [[ $addDatoAdmin_curlResult != '{"ok":true'* ]]; then
2021-03-11 00:34:24 +01:00
ynh_print_err --message="There was an error creating the dato admin user for in couch. You will probably have to do it manually (check the last section of this page for instructions: https://squeak.eauchat.org/apps/dato/?setups)."
2021-03-11 09:16:24 +01:00
ynh_print_err --message="Here is the error message from couchdb:"
2021-09-09 09:52:36 +02:00
ynh_print_err --message="$addDatoAdmin_curlResult"
2021-03-11 00:34:24 +01:00
ynh_print_err --message="Please make sure that your couchdb instance is accessible from the url you provided, with a proper SSL certificate (not a self-signed one), otherwise you will not be able to login to dato!"
fi
2021-09-09 19:42:21 +02:00
# modify _users db _security document
usersSecDoc=$(curl -X GET "$couch_pw_url/_users/_security")
usersSecDocModified=$(echo $usersSecDoc | jq '.members.roles += ["dato", "dato-admin"]')
usersSecDocChange_curlResult=$(curl -X PUT "$couch_pw_url/_users/_security" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-d "$usersSecDocModified" 2> /dev/null)
# display error message if there was an error modifying _users db _security document
2021-09-10 14:07:06 +02:00
if [[ $usersSecDocChange_curlResult != '{"ok":true'* ]]; then
2021-09-09 19:42:21 +02:00
ynh_print_err --message="There was an error enabling dato users to access their user profile in couch. You will have to do it manually (check the 'Configure couchdb so that it accepts requests from dato' section in the following page for instructions: https://squeak.eauchat.org/apps/dato/?setups)."
ynh_print_err --message="Here is the error message from couchdb:"
ynh_print_err --message="$usersSecDocChange_curlResult"
fi
2021-09-09 09:52:36 +02:00
2021-03-11 00:34:24 +01:00
fi
#=================================================
# GENERIC FINALIZATION
#=================================================
# SECURE FILES AND DIRECTORIES
#=================================================
2021-03-31 13:51:58 +02:00
# Set permissions to app files (let dato write right only to what it needs to modify)
chown -R root: $final_path
[ -d "$final_path/dist" ] || mkdir "$final_path/dist"
chown -R $app:$app $final_path/dist $final_path/global $final_path/config
2021-03-11 00:34:24 +01:00
#=================================================
# SETUP LOGROTATE
#=================================================
ynh_script_progression --message="Configuring log rotation..." --weight=1
# Use logrotate to manage application logfile(s)
ynh_use_logrotate
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
yunohost service add $app --description="Data storage with a convenient and flexible interface" --log="/var/log/$app/$app.log"
#=================================================
# START SYSTEMD SERVICE
#=================================================
2021-08-05 23:28:50 +02:00
ynh_script_progression --message="Starting a systemd service..." --weight=60
2021-03-11 00:34:24 +01:00
2021-08-05 23:28:50 +02:00
# Start a systemd service
2021-03-12 19:37:43 +01:00
ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="electrode server listening on port" --timeout=600
2021-03-11 00:34:24 +01:00
#=================================================
# SETUP SSOWAT
#=================================================
ynh_script_progression --message="Configuring permissions..." --weight=1
# Make app public if necessary
if [ $is_public -eq 1 ]
then
# Everyone can access the app.
# The "main" permission is automatically created before the install script.
ynh_permission_update --permission="main" --add="visitors"
fi
# TODO: could consider using the following to further protect the admin panel with additional yunohost login
# # Only the admin can access the admin panel of the app (if the app has an admin panel)
# ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin
# # Everyone can access to the api part
# # We don't want to display the tile in the sso so we put --show_tile="false"
# # And we don't want that the YunoHost Admin can remove visitors group to this permission, so we put --protected="true"
# ynh_permission_create --permission="api" --url "/api" --allowed="visitors" --show_tile="false" --protected="true"
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=2
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Installation of $app completed" --last
