YunoHost-Apps/dato_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/dato_ynh.git synced 2024-09-03 18:16:33 +02:00
Code Issues Activity Actions
dato_ynh/scripts/install

274 lines
11 KiB
Bash
Executable file
Raw Blame History

#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
ynh_clean_setup () {
ynh_clean_check_starting
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================
domain=$YNH_APP_ARG_DOMAIN
path_url="/" # not customizable, so not using: path_url=$YNH_APP_ARG_PATH
is_public=$YNH_APP_ARG_IS_PUBLIC
app=$YNH_APP_INSTANCE_NAME
# autosynchronization variables
autosynchronize=$YNH_APP_ARG_AUTOSYNCHRONIZE
couch_url=$YNH_APP_ARG_COUCH_URL
couch_admin_name=$YNH_APP_ARG_COUCH_ADMIN_NAME
couch_admin_password=$YNH_APP_ARG_COUCH_ADMIN_PASSWORD
couch_datoadmin_name=$YNH_APP_ARG_COUCH_DATOADMIN_NAME
couch_datoadmin_password=$YNH_APP_ARG_COUCH_DATOADMIN_PASSWORD
admin_email=$YNH_APP_ARG_ADMIN_EMAIL
# make sure autosynchronize variable is a boolean
if [[
"$autosynchronize" == "true" ||
"$autosynchronize" == "yes" ||
"$autosynchronize" == "1"
]] && [[ "$couch_url" != "none" ]]
then
autosynchronize=true
else
autosynchronize=false
fi
#=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#=================================================
ynh_script_progression --message="Validating installation parameters..." --weight=1
# dato provides an internal webserver, setup it's installation path
final_path=/opt/yunohost/$app
test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
# Register (book) web path
ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
ynh_script_progression --message="Storing installation settings..." --weight=1
ynh_app_setting_set --app=$app --key=domain --value=$domain
ynh_app_setting_set --app=$app --key=admin_email --value=$admin_email
ynh_app_setting_set --app=$app --key=autosynchronize --value=$autosynchronize
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
ynh_app_setting_set --app=$app --key=couch_url --value=$couch_url
ynh_app_setting_set --app=$app --key=couch_admin_name --value=$couch_admin_name
ynh_app_setting_set --app=$app --key=couch_admin_password --value=$couch_admin_password
ynh_app_setting_set --app=$app --key=admin_email --value=$admin_email
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# FIND AND OPEN A PORT
#=================================================
ynh_script_progression --message="Finding an available port..." --weight=1
# Find an available port
port=$(ynh_find_port --port=9559)
ynh_app_setting_set --app=$app --key=port --value=$port
#=================================================
# INSTALL DEPENDENCIES
#=================================================
ynh_script_progression --message="Installing dependencies..." --weight=6
ynh_install_app_dependencies $pkg_dependencies
ynh_install_nodejs --nodejs_version=$nodejs_version
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Configuring system user..." --weight=1
# Create a system user
ynh_system_user_create --username=$app --home_dir=$final_path
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression --message="Setting up source files..." --weight=2
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$final_path"
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring NGINX web server..." --weight=1
# Create a dedicated NGINX config
ynh_add_nginx_config
#=================================================
# SPECIFIC SETUP
#=================================================
# BUILD NODE DEPENDENCIES
#=================================================
ynh_script_progression --message="Building node dependencies..." --weight=90
chown -R "$app":"$app" $final_path
pushd "$final_path"
ynh_use_nodejs
sudo -u $app env $ynh_node_load_PATH npm install --loglevel warn
# ynh_exec_as $app PATH="$nodejs_path:$PATH" "$nodejs_path/npm" install --loglevel warn
popd
#=================================================
# SETUP SYSTEMD
#=================================================
ynh_script_progression --message="Configuring a systemd service..." --weight=2
# Create a dedicated systemd config
ynh_add_systemd_config
#=================================================
# GENERATE CONFIG FILES
#=================================================
ynh_script_progression --message="Generating dato config files..." --weight=3
dato_setup_config_files
#=================================================
# CUSTOMIZE SETUP FOR AUTOSYNCHRONIZATION
#=================================================
if [[ $autosynchronize == true ]]; then
#=================================================
# CUSTOMIZE COUCHDB SETTINGS
#=================================================
ynh_script_progression --message="Customizing couch config..." --weight=2
# make sure that couchdb has CORS enabled and that it accepts requests from dato domain
ynh_add_config --template="../conf/couch.ini" --destination="/opt/couchdb/etc/local.d/$app.ini"
#=================================================
# SETUP A COUCHDB DATO ADMIN USER
#=================================================
ynh_script_progression --message="Setting up admin user in couch..." --weight=2
# figure out couch url with password
couch_pw_url=$(echo "$couch_url" | sed -En "s+^https?://+https://$couch_admin_name:$couch_admin_password@+p")
# add admin user to couch users database
addDatoAdmin_curlResult=$(curl -X PUT "$couch_pw_url/_users/org.couchdb.user:$couch_datoadmin_name" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-d "{\"name\": \"$couch_datoadmin_name\", \"password\": \"$couch_datoadmin_password\", \"roles\": [\"dato-admin\"], \"type\": \"user\"}" 2> /dev/null)
# display error message if there was an error creating dato admin user in couch
if [[ $addDatoAdmin_curlResult != '{"ok":true,'* ]]; then
ynh_print_err --message="There was an error creating the dato admin user for in couch. You will probably have to do it manually (check the last section of this page for instructions: https://squeak.eauchat.org/apps/dato/?setups)."
ynh_print_err --message="Here is the error message from couchdb:"
ynh_print_err --message="$addDatoAdmin_curlResult"
ynh_print_err --message="Please make sure that your couchdb instance is accessible from the url you provided, with a proper SSL certificate (not a self-signed one), otherwise you will not be able to login to dato!"
fi
# modify _users db _security document
usersSecDoc=$(curl -X GET "$couch_pw_url/_users/_security")
usersSecDocModified=$(echo $usersSecDoc | jq '.members.roles += ["dato", "dato-admin"]')
usersSecDocChange_curlResult=$(curl -X PUT "$couch_pw_url/_users/_security" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-d "$usersSecDocModified" 2> /dev/null)
# display error message if there was an error modifying _users db _security document
if [[ $usersSecDocChange_curlResult != '{"ok":true,'* ]]; then
ynh_print_err --message="There was an error enabling dato users to access their user profile in couch. You will have to do it manually (check the 'Configure couchdb so that it accepts requests from dato' section in the following page for instructions: https://squeak.eauchat.org/apps/dato/?setups)."
ynh_print_err --message="Here is the error message from couchdb:"
ynh_print_err --message="$usersSecDocChange_curlResult"
fi
fi
#=================================================
# GENERIC FINALIZATION
#=================================================
# SECURE FILES AND DIRECTORIES
#=================================================
# Set permissions to app files (let dato write right only to what it needs to modify)
chown -R root: $final_path
[ -d "$final_path/dist" ] || mkdir "$final_path/dist"
chown -R $app:$app $final_path/dist $final_path/global $final_path/config
#=================================================
# SETUP LOGROTATE
#=================================================
ynh_script_progression --message="Configuring log rotation..." --weight=1
# Use logrotate to manage application logfile(s)
ynh_use_logrotate
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
yunohost service add $app --description="Data storage with a convenient and flexible interface" --log="/var/log/$app/$app.log"
#=================================================
# START SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Starting a systemd service..." --weight=60
# Start a systemd service
ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="electrode server listening on port" --timeout=600
#=================================================
# SETUP SSOWAT
#=================================================
ynh_script_progression --message="Configuring permissions..." --weight=1
# Make app public if necessary
if [ $is_public -eq 1 ]
then
# Everyone can access the app.
# The "main" permission is automatically created before the install script.
ynh_permission_update --permission="main" --add="visitors"
fi
# TODO: could consider using the following to further protect the admin panel with additional yunohost login
# # Only the admin can access the admin panel of the app (if the app has an admin panel)
# ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin
# # Everyone can access to the api part
# # We don't want to display the tile in the sso so we put --show_tile="false"
# # And we don't want that the YunoHost Admin can remove visitors group to this permission, so we put --protected="true"
# ynh_permission_create --permission="api" --url "/api" --allowed="visitors" --show_tile="false" --protected="true"
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=2
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Installation of $app completed" --last
Reference in a new issue View git blame Copy permalink