YunoHost-Apps/dendrite_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/dendrite_ynh.git synced 2024-09-03 18:25:58 +02:00
Code Issues Activity Actions

Apply last example_ynh

Browse source
This commit is contained in:
yalh76 2022-09-26 01:18:29 +02:00
parent c5f6df4c3b
commit a5674ff303
10 changed files with 101 additions and 93 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
.github/workflows/updater.sh vendored
View file

@ -24,24 +24,25 @@ asset_url=$(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r
# Sometimes the release name starts with a "v", so let's filter it out.
# You may need more tweaks here if the upstream repository has different naming conventions.
if [[ ${version:0:1} == "v" || ${version:0:1} == "V" ]]; then
version=${version:1}
version=${version:1}
fi
# Setting up the environment variables
echo "Current version: $current_version"
echo "Latest release from upstream: $version"
echo "VERSION=$version" >> $GITHUB_ENV
echo "REPO=$repo" >> $GITHUB_ENV
# For the time being, let's assume the script will fail
echo "PROCEED=false" >> $GITHUB_ENV
# Proceed only if the retrieved version is greater than the current one
if ! dpkg --compare-versions "$current_version" "lt" "$version" ; then
echo "::warning ::No new version available"
exit 0
echo "::warning ::No new version available"
exit 0
# Proceed only if a PR for this new version does not already exist
elif git ls-remote -q --exit-code --heads https://github.com/$GITHUB_REPOSITORY.git ci-auto-update-v$version ; then
echo "::warning ::A branch already exists for this update"
exit 0
echo "::warning ::A branch already exists for this update"
exit 0
fi
#=================================================
@ -71,6 +72,7 @@ SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=
SOURCE_EXTRACT=true
EOT
echo "... conf/$src.src updated"

3
check_process
View file

@ -12,7 +12,8 @@
setup_private=0
setup_public=1
upgrade=1
# upgrade=1 from_commit=CommitHash
# 0.9.9~ynh1
upgrade=1 from_commit=15f4690bafea6454b1777a00658f9839e7ea77c0
backup_restore=1
multi_instance=0
port_already_use=0

1
conf/app.src
View file

@ -4,3 +4,4 @@ SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=
SOURCE_EXTRACT=true

4
conf/systemd.service
View file

@ -13,7 +13,7 @@ StandardError=inherit
LimitNOFILE=65535
# Sandboxing options to harden security
# Depending on specificities of your service/app, you may need to tweak these
# Depending on specificities of your service/app, you may need to tweak these
# .. but this should be a good baseline
# Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html
NoNewPrivileges=yes
@ -40,7 +40,7 @@ CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_WAKE_ALARM
CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG
CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE
CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW
CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG
CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG
[Install]
WantedBy=multi-user.target

2
scripts/_common.sh
View file

@ -4,7 +4,7 @@
# COMMON VARIABLES
#=================================================
# dependencies used by the app
# dependencies used by the app (must be on a single line)
pkg_dependencies="postgresql postgresql-contrib"
GO_VERSION="1.18"

12
scripts/backup
View file

@ -63,19 +63,19 @@ ynh_backup --src_path="/etc/logrotate.d/$app"
ynh_backup --src_path="/etc/systemd/system/$app.service"
#=================================================
# BACKUP VARIOUS FILES
#=================================================
if yunohost --output-as plain domain list | grep -q "^$server_name$"
then
ynh_backup --src_path="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf"
fi
#=================================================
# BACKUP VARIOUS FILES
# BACKUP THE POSTGRESQL DATABASE
#=================================================
#=================================================
# BACKUP THE PSQL DATABASE
#=================================================
ynh_print_info --message="Backing up the PSQL database..."
ynh_print_info --message="Backing up the PostgreSQL database..."
ynh_psql_dump_db --database="$db_name" > db.sql

43
scripts/install
View file

@ -15,7 +15,7 @@ source /usr/share/yunohost/helpers
#=================================================
ynh_clean_setup () {
ynh_clean_check_starting
true
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
@ -78,15 +78,6 @@ ynh_app_setting_set --app=$app --key=tls_port --value=$tls_port
# Open TLS port
ynh_exec_warn_less yunohost firewall allow TCP $tls_port
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Configuring system user..." --weight=1
# Create a system user
# It needs to be created before using the ynh_install_go helper
ynh_system_user_create --username=$app --use_shell --groups="ssl-cert"
#=================================================
# INSTALL DEPENDENCIES
#=================================================
@ -196,22 +187,6 @@ ynh_add_systemd_config
#=================================================
# GENERIC FINALIZATION
#=================================================
# SETUP PERMISSIONS
#=================================================
ynh_script_progression --message="Configuring permissions..." --weight=1
ynh_permission_update --permission=main --show_tile=false
ynh_permission_create --permission=server_api --url=$domain/_matrix \
--label="Server access for client apps." --show_tile=false --allowed=visitors \
--auth_header=false --protected=true
if yunohost --output-as plain domain list | grep -q "^$server_name$"; then
ynh_permission_create --permission=server_client_infos --url=$server_name/.well-known/matrix \
--label="Server info for clients. (well-known)" --show_tile=false --allowed=visitors \
--auth_header=false --protected=true
fi
#=================================================
# SETUP LOGROTATE
#=================================================
@ -241,6 +216,22 @@ ynh_script_progression --message="Starting a systemd service..." --weight=1
# Start a systemd service
ynh_systemd_action --service_name=$app --action="start" --line_match="Starting external Monolith listener" --log_path="/var/log/$app/Monolith.log"
#=================================================
# SETUP SSOWAT
#=================================================
ynh_script_progression --message="Configuring permissions..." --weight=1
ynh_permission_update --permission=main --show_tile=false
ynh_permission_create --permission=server_api --url=$domain/_matrix \
--label="Server access for client apps." --show_tile=false --allowed=visitors \
--auth_header=false --protected=true
if yunohost --output-as plain domain list | grep -q "^$server_name$"; then
ynh_permission_create --permission=server_client_infos --url=$server_name/.well-known/matrix \
--label="Server info for clients. (well-known)" --show_tile=false --allowed=visitors \
--auth_header=false --protected=true
fi
#=================================================
# RELOAD NGINX
#=================================================

6
scripts/remove
View file

@ -55,7 +55,7 @@ ynh_remove_logrotate
#=================================================
# REMOVE THE POSTGRESQL DATABASE
#=================================================
ynh_script_progression --message="Removing the PostgreSQL database" --weight=2
ynh_script_progression --message="Removing the PostgreSQL database..." --weight=2
# Remove a database if it exists, along with the associated user
ynh_psql_remove_db --db_user=$db_user --db_name=$db_name
@ -90,8 +90,8 @@ ynh_remove_app_dependencies
if yunohost firewall list | grep -q "\- $tls_port$"
then
ynh_script_progression --message="Closing port $tls_port..." --weight=1
ynh_exec_warn_less yunohost firewall disallow TCP $tls_port
ynh_script_progression --message="Closing port $tls_port..." --weight=1
ynh_exec_warn_less yunohost firewall disallow TCP $tls_port
fi
#=================================================

45
scripts/restore
View file

@ -15,7 +15,7 @@ source /usr/share/yunohost/helpers
#=================================================
ynh_clean_setup () {
ynh_clean_check_starting
true
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
@ -54,20 +54,12 @@ ynh_script_progression --message="Recreating the dedicated system user..." --wei
# Create the dedicated user (if not existing)
ynh_system_user_create --username=$app --home_dir="$final_path" --groups="ssl-cert"
#=================================================
# RESTORE ALL CONFIG AND DATA
#=================================================
ynh_script_progression --message="Restoring directory and configuration..." --weight=10
mkdir -p /var/log/$app
chown -R $app:root /var/log/$app
ynh_restore
#=================================================
# RESTORE THE APP MAIN DIR
#=================================================
ynh_script_progression --message="Restoring the app main directory permissions..." --weight=1
ynh_script_progression --message="Restoring the app main directory..." --weight=1
ynh_restore_file --origin_path="$final_path"
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
@ -83,6 +75,13 @@ ynh_script_progression --message="Reinstalling dependencies..." --weight=3
# Define and install dependencies
ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies
#=================================================
# RESTORE THE NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the NGINX web server configuration..." --weight=1
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# RESTORE THE POSTGRESQL DATABASE
#=================================================
@ -93,13 +92,33 @@ ynh_psql_test_if_first_run
ynh_psql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd
ynh_psql_execute_file_as_root --file="./db.sql" --database=$db_name
#=================================================
# RESTORE VARIOUS FILES
#=================================================
ynh_script_progression --message="Restoring various files..." --weight=1
if yunohost --output-as plain domain list | grep -q "^$server_name$"
then
ynh_restore_file --origin_path="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf"
fi
#=================================================
# RESTORE SYSTEMD
#=================================================
ynh_script_progression --message="Enabling the systemd service..." --weight=1
ynh_script_progression --message="Restoring the systemd configuration..." --weight=1
ynh_restore_file --origin_path="/etc/systemd/system/$app.service"
systemctl enable $app.service --quiet
#=================================================
# RESTORE THE LOGROTATE CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the logrotate configuration..." --weight=1
mkdir -p /var/log/$app
chown -R $app:root /var/log/$app
ynh_restore_file --origin_path="/etc/logrotate.d/$app"
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================

66
scripts/upgrade
View file

@ -31,7 +31,7 @@ registration=$(ynh_app_setting_get --app=$app --key=registration)
#=================================================
# CHECK VERSION
#=================================================
ynh_script_progression --message="Checking version..."
ynh_script_progression --message="Checking version..." --weight=1
upgrade_type=$(ynh_check_app_version_changed)
@ -43,7 +43,6 @@ ynh_script_progression --message="Backing up the app before upgrading (may take
# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
ynh_clean_check_starting
# Restore it if the upgrade fails
ynh_restore_upgradebackup
}
@ -85,6 +84,28 @@ else
ynh_app_setting_set --app=$app --key=registration --value=0
fi
if ! ynh_permission_exists --permission=server_api; then
ynh_permission_create --permission=server_api --url=$domain/_matrix \
--label="Server access for client apps." --show_tile=false --allowed=visitors \
--auth_header=false --protected=true
else
ynh_permission_url --permission=server_api --url=$domain/_matrix --remove_url=$server_name/.well-known/matrix \
--auth_header=false
ynh_permission_update --permission=server_api --label="Server access for client apps." --show_tile=false \
--protected=true
fi
if yunohost --output-as plain domain list | grep -q "^$server_name"'$' && ! ynh_permission_exists --permission=server_client_infos; then
ynh_permission_create --permission=server_client_infos --url=$server_name/.well-known/matrix \
--label="Server info for clients. (well-known)" --show_tile=false --allowed=visitors \
--auth_header=false --protected=true
elif yunohost --output-as plain domain list | grep -q "^$server_name"'$'; then
ynh_permission_url --permission=server_client_infos --url=$server_name/.well-known/matrix \
--auth_header=false
ynh_permission_update --permission=server_client_infos --label="Server info for clients. (well-known)" --show_tile=false \
--protected=true
fi
#=================================================
# CREATE DEDICATED USER
#=================================================
@ -109,6 +130,13 @@ chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:root "$final_path"
#=================================================
# UPGRADE DEPENDENCIES
#=================================================
ynh_script_progression --message="Upgrading dependencies..." --weight=1
ynh_exec_warn_less ynh_install_app_dependencies "$pkg_dependencies"
#=================================================
# NGINX CONFIGURATION
#=================================================
@ -123,13 +151,6 @@ then
ynh_add_config --template="server_name.conf" --destination="/etc/nginx/conf.d/${server_name}.d/${app}_server_name.conf"
fi
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Upgrading dependencies..." --weight=1
ynh_exec_warn_less ynh_install_app_dependencies "$pkg_dependencies"
#=================================================
# SPECIFIC UPGRADE
#=================================================
@ -178,33 +199,6 @@ ynh_add_systemd_config
#=================================================
# GENERIC FINALIZATION
#=================================================
# SETUP PERMISSIONS
#=================================================
ynh_script_progression --message="Configuring permissions..." --weight=1
if ! ynh_permission_exists --permission=server_api; then
ynh_permission_create --permission=server_api --url=$domain/_matrix \
--label="Server access for client apps." --show_tile=false --allowed=visitors \
--auth_header=false --protected=true
else
ynh_permission_url --permission=server_api --url=$domain/_matrix --remove_url=$server_name/.well-known/matrix \
--auth_header=false
ynh_permission_update --permission=server_api --label="Server access for client apps." --show_tile=false \
--protected=true
fi
if yunohost --output-as plain domain list | grep -q "^$server_name"'$' && ! ynh_permission_exists --permission=server_client_infos; then
ynh_permission_create --permission=server_client_infos --url=$server_name/.well-known/matrix \
--label="Server info for clients. (well-known)" --show_tile=false --allowed=visitors \
--auth_header=false --protected=true
elif yunohost --output-as plain domain list | grep -q "^$server_name"'$'; then
ynh_permission_url --permission=server_client_infos --url=$server_name/.well-known/matrix \
--auth_header=false
ynh_permission_update --permission=server_client_infos --label="Server info for clients. (well-known)" --show_tile=false \
--protected=true
fi
#=================================================
# SETUP LOGROTATE
#=================================================