From c6f57c3b7b009f5abb59db17cb3bdf58e8c88da2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Tue, 9 Jan 2024 09:09:27 +0100 Subject: [PATCH] v2 --- check_process | 26 ------ conf/app.src | 6 -- conf/nginx.conf | 5 - conf/systemd.service | 4 +- doc/{DISCLAIMER.md => ADMIN.md} | 0 manifest.json | 59 ------------ manifest.toml | 84 +++++++++++++++++ scripts/_common.sh | 2 - scripts/backup | 36 +------- scripts/change_url | 97 +------------------- scripts/install | 158 ++++---------------------------- scripts/remove | 92 ------------------- scripts/restore | 96 +------------------ scripts/upgrade | 101 +++----------------- scripts/ynh_install_go | 6 +- tests.toml | 15 +++ 16 files changed, 143 insertions(+), 644 deletions(-) delete mode 100644 check_process delete mode 100644 conf/app.src rename doc/{DISCLAIMER.md => ADMIN.md} (100%) delete mode 100644 manifest.json create mode 100644 manifest.toml create mode 100644 tests.toml diff --git a/check_process b/check_process deleted file mode 100644 index 7ce747b..0000000 --- a/check_process +++ /dev/null @@ -1,26 +0,0 @@ -# See here for more information -# https://github.com/YunoHost/package_check#syntax-check_process-file - -# Move this file from check_process.default to check_process when you have filled it. - -;; Test complet - ; Manifest - domain="domain.tld" - path="/path" - OIDC_name="Outline" - OIDC_secret="secret" - OIDC_callback="domain.tld/callback" - ; Checks - pkg_linter=1 - setup_sub_dir=1 - setup_root=1 - setup_nourl=0 - setup_public=1 - upgrade=1 - backup_restore=1 - multi_instance=1 - port_already_use=0 - change_url=1 -;;; Options -Email= -Notification=none diff --git a/conf/app.src b/conf/app.src deleted file mode 100644 index 80ee089..0000000 --- a/conf/app.src +++ /dev/null @@ -1,6 +0,0 @@ -SOURCE_URL=https://github.com/dexidp/dex/archive/refs/tags/v2.37.0.tar.gz -SOURCE_SUM=5140ecccac260855f375a40bb20120e644418d8e314c63667b0ee3e4ceace99f -SOURCE_SUM_PRG=sha256sum -SOURCE_FORMAT=tar.gz -SOURCE_EXTRACT=true -SOURCE_IN_SUBDIR=true diff --git a/conf/nginx.conf b/conf/nginx.conf index baa1a62..3a956e8 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -7,10 +7,6 @@ location ~ __PATH__/$ { location ~ __PATH__/.+ { - if ($scheme = http) { - rewrite ^ https://$server_name$request_uri? permanent; - } - proxy_pass http://127.0.0.1:__PORT__; proxy_redirect off; proxy_set_header Host $host; @@ -21,5 +17,4 @@ location ~ __PATH__/.+ { proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; - } \ No newline at end of file diff --git a/conf/systemd.service b/conf/systemd.service index 7bc9ab8..523c7c4 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -6,8 +6,8 @@ After=network.target Type=simple User=__APP__ Group=__APP__ -WorkingDirectory=__FINALPATH__/ -ExecStart=__FINALPATH__/bin/dex serve config.yaml +WorkingDirectory=__INSTALL_DIR__/ +ExecStart=__INSTALL_DIR__/bin/dex serve config.yaml StandardOutput=append:/var/log/__APP__/__APP__.log StandardError=inherit diff --git a/doc/DISCLAIMER.md b/doc/ADMIN.md similarity index 100% rename from doc/DISCLAIMER.md rename to doc/ADMIN.md diff --git a/manifest.json b/manifest.json deleted file mode 100644 index d302fda..0000000 --- a/manifest.json +++ /dev/null @@ -1,59 +0,0 @@ -{ - "name": "Dex", - "id": "dex", - "packaging_format": 1, - "description": { - "en": "OpenID Connect Provider based on YunoHost LDAP server", - "fr": "Connecteur OpenID basé sur le serveur LDAP YunoHost" - }, - "version": "2.37.0~ynh1", - "url": "https://github.com/YunoHost-Apps/dex_ynh", - "upstream": { - "license": "Apache-2.0", - "website": "https://dexidp.io", - "demo": "", - "admindoc": "https://dexidp.io/docs/", - "userdoc": "", - "code": "https://github.com/dexidp/dex" - }, - "license": "Apache-2.0", - "maintainer": { - "name": "Limezy" - }, - "requirements": { - "yunohost": ">= 11.0.9" - }, - "multi_instance": true, - "services": [ - "nginx" - ], - "arguments": { - "install": [ - { - "name": "domain", - "type": "domain" - }, - { - "name": "path", - "type": "path", - "example": "/dex", - "default": "/dex" - }, - { - "name": "OIDC_name", - "type": "string", - "ask": "Name of the app you want to connect to the OIDC auth flow" - }, - { - "name": "OIDC_secret", - "type": "string", - "ask": "OIDC secret of the app you want to connect to the OIDC auth flow" - }, - { - "name": "OIDC_callback", - "type": "string", - "ask": "Callback URI required by the app you want to connect to the OIDC auth flow" - } - ] - } -} diff --git a/manifest.toml b/manifest.toml new file mode 100644 index 0000000..fb225c6 --- /dev/null +++ b/manifest.toml @@ -0,0 +1,84 @@ +packaging_format = 2 + +id = "dex" +name = "Dex" +description.en = "OpenID Connect Provider based on YunoHost LDAP server" +description.fr = "Connecteur OpenID basé sur le serveur LDAP YunoHost" + +version = "2.37.0~ynh1" + +maintainers = ["Limezy"] + +[upstream] +license = "Apache-2.0" +website = "https://dexidp.io" +admindoc = "https://dexidp.io/docs/" +code = "https://github.com/YunoHost-Apps/dex_ynh" + +[integration] +yunohost = ">= 11.2" +architectures = "all" +multi_instance = true + +ldap = true + +sso = false + +disk = "50M" +ram.build = "50M" +ram.runtime = "50M" + +[install] + [install.domain] + type = "domain" + + [install.path] + type = "path" + default = "/dex" + + [install.init_main_permission] + type = "group" + default = "visitors" + + [install.OIDC_name] + ask.en = "Name of the app you want to connect to the OIDC auth flow" + ask.fr = "Nom de l'application que vous souhaitez connecter au flux d'authentification OIDC" + type = "string" + + + [install.OIDC_name] + ask.en = "OIDC secret of the app you want to connect to the OIDC auth flow" + ask.fr = "Secret OIDC de l'application que vous souhaitez connecter au flux d'authentification OIDC" + type = "string" + + [install.OIDC_callback] + ask.en = "Callback URI required by the app you want to connect to the OIDC auth flow" + ask.fr = "URI de rappel requis par l'application que vous souhaitez connecter au flux d'authentification OIDC" + type = "string" + + +[resources] + + [resources.sources] + + [resources.sources.main] + url = "https://github.com/dexidp/dex/archive/refs/tags/v2.37.0.tar.gz" + sha256 = "5140ecccac260855f375a40bb20120e644418d8e314c63667b0ee3e4ceace99f" + + autoupdate.strategy = "latest_github_tag" + + [resources.system_user] + + [resources.install_dir] + + [resources.data_dir] + + [resources.permissions] + main.url = "/" + + [resources.ports] + main.default = 5556 + + [resources.database] + # This will automatically provision/deprovison a MySQL DB and store the corresponding credentials in settings $db_user, $db_name, $db_pwd + type = "mysql" diff --git a/scripts/_common.sh b/scripts/_common.sh index 0538800..1caa48a 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -4,8 +4,6 @@ # COMMON VARIABLES #================================================= -# dependencies used by the app - GO_VERSION="1.19" #================================================= diff --git a/scripts/backup b/scripts/backup index 3d5ca02..737146f 100755 --- a/scripts/backup +++ b/scripts/backup @@ -10,32 +10,6 @@ source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= - -ynh_clean_setup () { - ### Remove this function if there's nothing to clean before calling the remove script. - true -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# LOAD SETTINGS -#================================================= -ynh_print_info --message="Loading installation settings..." - -app=$YNH_APP_INSTANCE_NAME - -domain=$(ynh_app_setting_get --app=$app --key=domain) -path_url=$(ynh_app_setting_get --app=$app --key=path) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -port=$(ynh_app_setting_get --app=$app --key=port) -oidc_name=$(ynh_app_setting_get --app=$app --key=oidc_name) -oidc_secret=$(ynh_app_setting_get --app=$app --key=oidc_secret) -oidc_callback=$(ynh_app_setting_get --app=$app --key=oidc_callback) - #================================================= # DECLARE DATA AND CONF FILES TO BACKUP #================================================= @@ -45,7 +19,7 @@ ynh_print_info --message="Declaring files to be backed up..." # BACKUP THE APP MAIN DIR #================================================= -ynh_backup --src_path="$final_path" +ynh_backup --src_path="$install_dir" #================================================= # BACKUP THE NGINX CONFIGURATION @@ -53,14 +27,6 @@ ynh_backup --src_path="$final_path" ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" - -#================================================= -# BACKUP FAIL2BAN CONFIGURATION -#================================================= - -#ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf" -#ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf" - #================================================= # SPECIFIC BACKUP #================================================= diff --git a/scripts/change_url b/scripts/change_url index be7d1e1..d4704ec 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -9,63 +9,6 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# RETRIEVE ARGUMENTS -#================================================= - -old_domain=$YNH_APP_OLD_DOMAIN -old_path=$YNH_APP_OLD_PATH - -new_domain=$YNH_APP_NEW_DOMAIN -new_path=$YNH_APP_NEW_PATH - -app=$YNH_APP_INSTANCE_NAME - -#================================================= -# LOAD SETTINGS -#================================================= -ynh_script_progression --message="Loading installation settings..." --weight=1 - -# Needed for helper "ynh_add_nginx_config" -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -port=$(ynh_app_setting_get --app=$app --key=port) -oidc_name=$(ynh_app_setting_get --app=$app --key=oidc_name) -oidc_secret=$(ynh_app_setting_get --app=$app --key=oidc_secret) -oidc_callback=$(ynh_app_setting_get --app=$app --key=oidc_callback) - -#================================================= -# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP -#================================================= -ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=1 - -# Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { - # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location. - ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" - - # Restore it if the upgrade fails - ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# CHECK WHICH PARTS SHOULD BE CHANGED -#================================================= - -change_domain=0 -if [ "$old_domain" != "$new_domain" ] -then - change_domain=1 -fi - -change_path=0 -if [ "$old_path" != "$new_path" ] -then - change_path=1 -fi - #================================================= # STANDARD MODIFICATIONS #================================================= @@ -80,43 +23,14 @@ ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app #================================================= ynh_script_progression --message="Updating NGINX web server configuration..." --weight=1 -nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf +ynh_change_url_nginx_config -# Change the path in the NGINX config file -if [ $change_path -eq 1 ] -then - # Make a backup of the original NGINX config file if modified - ynh_backup_if_checksum_is_different --file="$nginx_conf_path" - # Set global variables for NGINX helper - domain="$old_domain" - path_url="$new_path" - # Create a dedicated NGINX config - ynh_add_nginx_config -fi - -# Change the domain for NGINX -if [ $change_domain -eq 1 ] -then - # Delete file checksum for the old conf file location - ynh_delete_file_checksum --file="$nginx_conf_path" - mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf - # Store file checksum for the new config file location - ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" -fi - -#================================================= -# SPECIFIC MODIFICATIONS #================================================= # MODIFY URL IN YAML CONF #================================================= -# Make a backup of the original YAML config file if modified -ynh_backup_if_checksum_is_different --file="$final_path/config.yaml" -# Set global variables for YAML helper -domain="$new_domain" -path_url="$new_path" # Create a dedicated YAML config -ynh_add_config --template="config.yaml" --destination="$final_path/config.yaml" +ynh_add_config --template="config.yaml" --destination="$install_dir/config.yaml" #================================================= # GENERIC FINALISATION @@ -127,13 +41,6 @@ ynh_script_progression --message="Starting a systemd service..." --weight=1 ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." --weight=1 - -ynh_systemd_action --service_name=nginx --action=reload - #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/install b/scripts/install index cff8ba3..0c5954e 100755 --- a/scripts/install +++ b/scripts/install @@ -10,159 +10,64 @@ source _common.sh source ynh_install_go source /usr/share/yunohost/helpers -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= - -ynh_clean_setup () { - ### Remove this function if there's nothing to clean before calling the remove script. - true -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# RETRIEVE ARGUMENTS FROM THE MANIFEST -#================================================= - -domain=$YNH_APP_ARG_DOMAIN -path_url=$YNH_APP_ARG_PATH -is_public=1 - -oidc_name=$YNH_APP_ARG_OIDC_NAME -oidc_secret=$YNH_APP_ARG_OIDC_SECRET -oidc_callback=$YNH_APP_ARG_OIDC_CALLBACK - -app=$YNH_APP_INSTANCE_NAME - -#================================================= -# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS -#================================================= -ynh_script_progression --message="Validating installation parameters..." --weight=1 - -final_path=/opt/yunohost/$app -test ! -e "$final_path" || ynh_die --message="This path already contains a folder" - -# Register (book) web path -ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url - -#================================================= -# STORE SETTINGS FROM MANIFEST -#================================================= -ynh_script_progression --message="Storing installation settings..." --weight=1 - -ynh_app_setting_set --app=$app --key=domain --value=$domain -ynh_app_setting_set --app=$app --key=path --value=$path_url -ynh_app_setting_set --app=$app --key=oidc_name --value=$oidc_name -ynh_app_setting_set --app=$app --key=oidc_secret --value=$oidc_secret -ynh_app_setting_set --app=$app --key=oidc_callback --value=$oidc_callback - -#================================================= -# STANDARD MODIFICATIONS -#================================================= -# FIND AND OPEN A PORT -#================================================= -ynh_script_progression --message="Finding an available port..." --weight=1 - -# Find an available port -port=$(ynh_find_port --port=5556) -ynh_app_setting_set --app=$app --key=port --value=$port - -#================================================= -# INSTALL DEPENDENCIES -#================================================= -# ynh_script_progression --message="Installing dependencies..." --weight=1 - -# ynh_install_app_dependencies $pkg_dependencies - -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." --weight=1 - -# Create a system user -ynh_system_user_create --username=$app --home_dir="$final_path" - #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= ynh_script_progression --message="Setting up source files..." --weight=1 -ynh_app_setting_set --app=$app --key=final_path --value=$final_path -# Download, check integrity, uncompress and patch the source from app.src -ynh_setup_source --dest_dir="$final_path" +ynh_setup_source --dest_dir="$install_dir" -chmod 750 "$final_path" -chmod -R o-rwx "$final_path" -chown -R $app:www-data "$final_path" - -#================================================= -# NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Configuring NGINX web server..." --weight=1 - -# Create a dedicated NGINX config -ynh_add_nginx_config +chmod -R o-rwx "$install_dir" +chown -R $app:www-data "$install_dir" #================================================= # SPECIFIC SETUP #================================================= # BUILDING SOURCES AND SETTING UP THE SERVER #================================================= - ynh_script_progression --message="Building the sources (it will take some time)..." --weight=6 ynh_exec_warn_less ynh_install_go --go_version=$GO_VERSION -pushd "$final_path" +pushd "$install_dir" # Setup go exe and environnement ynh_use_go - export GOPATH="$final_path/go" - export GOCACHE="$final_path/go/.cache" + export GOPATH="$install_dir/go" + export GOCACHE="$install_dir/go/.cache" # Build server from source make build 2>&1 - ynh_secure_remove --file="$final_path/go" + ynh_secure_remove --file="$install_dir/go" popd ynh_remove_go -# Setup a nice Yunohost logo -cp ../sources/logo_dark.png "$final_path/web/themes/dark/logo.png" -cp ../sources/logo_light.png "$final_path/web/themes/light/logo.png" +# Setup a nice YunoHost logo +cp ../sources/logo_dark.png "$install_dir/web/themes/dark/logo.png" +cp ../sources/logo_light.png "$install_dir/web/themes/light/logo.png" #================================================= # ADD A CONFIGURATION #================================================= ynh_script_progression --message="Adding a configuration file..." --weight=1 -ynh_add_config --template="config.yaml" --destination="$final_path/config.yaml" +ynh_add_config --template="config.yaml" --destination="$install_dir/config.yaml" -chmod 400 "$final_path/config.yaml" -chown $app:$app "$final_path/config.yaml" +chmod 400 "$install_dir/config.yaml" +chown $app:$app "$install_dir/config.yaml" #================================================= # SETUP SYSTEMD #================================================= ynh_script_progression --message="Configuring a systemd service..." --weight=1 +# Create a dedicated NGINX config +ynh_add_nginx_config + ynh_add_systemd_config - -#================================================= -# GENERIC FINALIZATION -#================================================= -# SETUP LOGROTATE -#================================================= -ynh_script_progression --message="Configuring log rotation..." --weight=1 - # Use logrotate to manage application logfile(s) ynh_use_logrotate -#================================================= -# INTEGRATE SERVICE IN YUNOHOST -#================================================= -ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 - yunohost service add $app --description="OpenID Connect Provider" --log="/var/log/$app/$app.log" #================================================= @@ -173,37 +78,6 @@ ynh_script_progression --message="Starting a systemd service..." --weight=1 # Start a systemd service ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" -#================================================= -# SETUP FAIL2BAN -#================================================= -#ynh_script_progression --message="Configuring Fail2Ban..." --weight=1 - -# Create a dedicated Fail2Ban config -#ynh_add_fail2ban_config --logpath="/var/log/dex/dex.log" --failregex="ldap: invalid password for user" - -#================================================= -# SETUP SSOWAT -#================================================= -ynh_script_progression --message="Configuring permissions..." --weight=1 - -# Make app public if necessary -if [ $is_public -eq 1 ] -then - # Everyone can access the app. - # The "main" permission is automatically created before the install script. - ynh_permission_update --permission="main" --add="visitors" -fi - -ynh_permission_update --permission="main" --show_tile=false - - -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." --weight=1 - -ynh_systemd_action --service_name=nginx --action=reload - #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/remove b/scripts/remove index ce01d98..2644208 100755 --- a/scripts/remove +++ b/scripts/remove @@ -9,21 +9,6 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# LOAD SETTINGS -#================================================= -ynh_script_progression --message="Loading installation settings..." --weight=1 - -app=$YNH_APP_INSTANCE_NAME - -domain=$(ynh_app_setting_get --app=$app --key=domain) -path_url=$(ynh_app_setting_get --app=$app --key=path) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -port=$(ynh_app_setting_get --app=$app --key=port) -oidc_name=$(ynh_app_setting_get --app=$app --key=oidc_name) -oidc_secret=$(ynh_app_setting_get --app=$app --key=oidc_secret) -oidc_callback=$(ynh_app_setting_get --app=$app --key=oidc_callback) - #================================================= # STANDARD REMOVE #================================================= @@ -37,98 +22,21 @@ then yunohost service remove $app fi -#================================================= -# STOP AND REMOVE SERVICE -#================================================= -ynh_script_progression --message="Stopping and removing the systemd service..." --weight=1 - # Remove the dedicated systemd config ynh_remove_systemd_config -#================================================= -# REMOVE LOGROTATE CONFIGURATION -#================================================= -ynh_script_progression --message="Removing logrotate configuration..." --weight=1 - # Remove the app-specific logrotate config ynh_remove_logrotate -#================================================= -# REMOVE APP MAIN DIR -#================================================= -ynh_script_progression --message="Removing app main directory..." --weight=1 - -# Remove the app directory securely -ynh_secure_remove --file="$final_path" - -#================================================= -# REMOVE DATA DIR -#================================================= - -# Remove the data directory if --purge option is used -if [ "${YNH_APP_PURGE:-0}" -eq 1 ] -then - ynh_script_progression --message="Removing app data directory..." --weight=1 - ynh_secure_remove --file="$datadir" -fi - -#================================================= -# REMOVE NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Removing NGINX web server configuration..." --weight=1 - # Remove the dedicated NGINX config ynh_remove_nginx_config -#================================================= -# REMOVE DEPENDENCIES -#================================================= -# ynh_script_progression --message="Removing dependencies..." --weight=1 - -# Remove metapackage and its dependencies -# ynh_remove_app_dependencies - -#================================================= -# CLOSE A PORT -#================================================= - -if yunohost firewall list | grep -q "\- $port$" -then - ynh_script_progression --message="Closing port $port..." --weight=1 - ynh_exec_warn_less yunohost firewall disallow TCP $port -fi - -#================================================= -# REMOVE FAIL2BAN CONFIGURATION -#================================================= -#ynh_script_progression --message="Removing Fail2Ban configuration..." --weight=1 - -# Remove the dedicated Fail2Ban config -#ynh_remove_fail2ban_config - -#================================================= -# SPECIFIC REMOVE -#================================================= -# REMOVE VARIOUS FILES -#================================================= -ynh_script_progression --message="Removing various files..." --weight=1 - # Remove a directory securely ynh_secure_remove --file="/etc/$app" # Remove the log files ynh_secure_remove --file="/var/log/$app" -#================================================= -# GENERIC FINALIZATION -#================================================= -# REMOVE DEDICATED USER -#================================================= -ynh_script_progression --message="Removing the dedicated system user..." --weight=1 - -# Delete a system user -ynh_system_user_delete --username=$app - #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/restore b/scripts/restore index cbe9cec..8483539 100755 --- a/scripts/restore +++ b/scripts/restore @@ -10,110 +10,31 @@ source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= - -ynh_clean_setup () { - #### Remove this function if there's nothing to clean before calling the remove script. - true -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# LOAD SETTINGS -#================================================= -ynh_script_progression --message="Loading installation settings..." --weight=1 - -app=$YNH_APP_INSTANCE_NAME - -domain=$(ynh_app_setting_get --app=$app --key=domain) -path_url=$(ynh_app_setting_get --app=$app --key=path) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -port=$(ynh_app_setting_get --app=$app --key=port) -oidc_name=$(ynh_app_setting_get --app=$app --key=oidc_name) -oidc_secret=$(ynh_app_setting_get --app=$app --key=oidc_secret) -oidc_callback=$(ynh_app_setting_get --app=$app --key=oidc_callback) - -#================================================= -# CHECK IF THE APP CAN BE RESTORED -#================================================= -ynh_script_progression --message="Validating restoration parameters..." --weight=1 - -test ! -d $final_path \ - || ynh_die --message="There is already a directory: $final_path " - -#================================================= -# STANDARD RESTORATION STEPS -#================================================= -# RESTORE THE NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Restoring the NGINX web server configuration..." --weight=1 - -ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" - -#================================================= -# RECREATE THE DEDICATED USER -#================================================= -ynh_script_progression --message="Recreating the dedicated system user..." --weight=1 - -# Create the dedicated user (if not existing) -ynh_system_user_create --username=$app --home_dir="$final_path" - #================================================= # RESTORE THE APP MAIN DIR #================================================= ynh_script_progression --message="Restoring the app main directory..." --weight=1 -ynh_restore_file --origin_path="$final_path" +ynh_restore_file --origin_path="$install_dir" -chmod 750 "$final_path" -chmod -R o-rwx "$final_path" -chown -R $app:www-data "$final_path" - -#================================================= -# RESTORE FAIL2BAN CONFIGURATION -#================================================= -#ynh_script_progression --message="Restoring the Fail2Ban configuration..." --weight=1 - -#ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf" -#ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf" -#ynh_systemd_action --action=restart --service_name=fail2ban - -#================================================= -# SPECIFIC RESTORATION -#================================================= -# REINSTALL DEPENDENCIES -#================================================= -# ynh_script_progression --message="Reinstalling dependencies..." --weight=1 - -# Define and install dependencies -# ynh_install_app_dependencies $pkg_dependencies +chmod -R o-rwx "$install_dir" +chown -R $app:www-data "$install_dir" #================================================= # RESTORE SYSTEMD #================================================= ynh_script_progression --message="Restoring the systemd configuration..." --weight=1 +ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" + ynh_restore_file --origin_path="/etc/systemd/system/$app.service" systemctl enable $app.service --quiet -#================================================= -# RESTORE THE LOGROTATE CONFIGURATION -#================================================= -ynh_script_progression --message="Restoring the logrotate configuration..." --weight=1 - mkdir -p /var/log/$app chown -R $app:root /var/log/$app ynh_restore_file --origin_path="/etc/logrotate.d/$app" -#================================================= -# INTEGRATE SERVICE IN YUNOHOST -#================================================= -ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 - yunohost service add $app --description="OpenID Connect Provider" --log="/var/log/$app/$app.log" #================================================= @@ -123,13 +44,6 @@ ynh_script_progression --message="Starting a systemd service..." --weight=1 ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" -#================================================= -# GENERIC FINALIZATION -#================================================= -# RELOAD NGINX AND PHP-FPM -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." --weight=1 - ynh_systemd_action --service_name=nginx --action=reload #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index dad9b65..82ab9b9 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -10,41 +10,12 @@ source _common.sh source ynh_install_go source /usr/share/yunohost/helpers -#================================================= -# LOAD SETTINGS -#================================================= -ynh_script_progression --message="Loading installation settings..." --weight=1 - -app=$YNH_APP_INSTANCE_NAME - -domain=$(ynh_app_setting_get --app=$app --key=domain) -path_url=$(ynh_app_setting_get --app=$app --key=path) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -port=$(ynh_app_setting_get --app=$app --key=port) -oidc_name=$(ynh_app_setting_get --app=$app --key=oidc_name) -oidc_secret=$(ynh_app_setting_get --app=$app --key=oidc_secret) -oidc_callback=$(ynh_app_setting_get --app=$app --key=oidc_callback) - #================================================= # CHECK VERSION #================================================= upgrade_type=$(ynh_check_app_version_changed) -#================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP -#================================================= -ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=1 - -# Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { - # Restore it if the upgrade fails - ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - #================================================= # STANDARD UPGRADE STEPS #================================================= @@ -54,14 +25,6 @@ ynh_script_progression --message="Stopping a systemd service..." --weight=1 ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log" -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 - -# Create a dedicated user (if not existing) -ynh_system_user_create --username=$app --home_dir="$final_path" - #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -71,80 +34,61 @@ then ynh_script_progression --message="Upgrading source files..." --weight=1 # Download, check integrity, uncompress and patch the source from app.src - ynh_setup_source --dest_dir="$final_path" + ynh_setup_source --dest_dir="$install_dir" fi -chmod 750 "$final_path" -chmod -R o-rwx "$final_path" -chown -R $app:www-data "$final_path" - -#================================================= -# NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=1 - -# Create a dedicated NGINX config -ynh_add_nginx_config +chmod -R o-rwx "$install_dir" +chown -R $app:www-data "$install_dir" #================================================= # SPECIFIC UPGRADE #================================================= # BUILDING SOURCES AND SETTING UP THE SERVER #================================================= - ynh_script_progression --message="Building the sources (it will take some time)..." --weight=6 ynh_exec_warn_less ynh_install_go --go_version=$GO_VERSION -pushd "$final_path" +pushd "$install_dir" # Setup go exe and environnement ynh_use_go - export GOPATH="$final_path/go" - export GOCACHE="$final_path/go/.cache" + export GOPATH="$install_dir/go" + export GOCACHE="$install_dir/go/.cache" # Build server from source make build 2>&1 - ynh_secure_remove --file="$final_path/go" + ynh_secure_remove --file="$install_dir/go" popd ynh_remove_go # Setup a nice Yunohost logo -cp ../sources/logo_dark.png "$final_path/web/themes/dark/logo.png" -cp ../sources/logo_light.png "$final_path/web/themes/light/logo.png" +cp ../sources/logo_dark.png "$install_dir/web/themes/dark/logo.png" +cp ../sources/logo_light.png "$install_dir/web/themes/light/logo.png" #================================================= # UPDATE A CONFIG FILE #================================================= ynh_script_progression --message="Updating a configuration file..." --weight=1 -ynh_add_config --template="config.yaml" --destination="$final_path/config.yaml" +ynh_add_config --template="config.yaml" --destination="$install_dir/config.yaml" -chmod 400 "$final_path/config.yaml" -chown $app:$app "$final_path/config.yaml" +chmod 400 "$install_dir/config.yaml" +chown $app:$app "$install_dir/config.yaml" #================================================= # SETUP SYSTEMD #================================================= ynh_script_progression --message="Upgrading systemd configuration..." --weight=1 +# Create a dedicated NGINX config +ynh_add_nginx_config + # Create a dedicated systemd config ynh_add_systemd_config -#================================================= -# GENERIC FINALIZATION -#================================================= -# SETUP LOGROTATE -#================================================= -ynh_script_progression --message="Upgrading logrotate configuration..." --weight=1 - # Use logrotate to manage app-specific logfile(s) ynh_use_logrotate --non-append -#================================================= -# INTEGRATE SERVICE IN YUNOHOST -#================================================= -ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 - yunohost service add $app --description="OpenID Connect Provider" --log="/var/log/$app/$app.log" #================================================= @@ -154,21 +98,6 @@ ynh_script_progression --message="Starting a systemd service..." --weight=1 ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" -#================================================= -# UPGRADE FAIL2BAN -#================================================= -#ynh_script_progression --message="Reconfiguring Fail2Ban..." --weight=1 - -# Create a dedicated Fail2Ban config -#ynh_add_fail2ban_config --logpath="/var/log/dex/dex.log" --failregex="ldap: invalid password for user" - -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." --weight=1 - -ynh_systemd_action --service_name=nginx --action=reload - #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/ynh_install_go b/scripts/ynh_install_go index fbc412c..9b1e714 100644 --- a/scripts/ynh_install_go +++ b/scripts/ynh_install_go @@ -30,14 +30,14 @@ export GOENV_ROOT="$goenv_install_dir" # However, $PATH is duplicated into $go_path to outlast any manipulation of $PATH # You can use the variable `$ynh_go_load_path` to quickly load your Go version # in $PATH for an usage into a separate script. -# Exemple: $ynh_go_load_path $final_path/script_that_use_gem.sh` +# Exemple: $ynh_go_load_path $install_dir/script_that_use_gem.sh` # # # Finally, to start a Go service with the correct version, 2 solutions # Either the app is dependent of Go or gem, but does not called it directly. # In such situation, you need to load PATH # `Environment="__YNH_GO_LOAD_PATH__"` -# `ExecStart=__FINALPATH__/my_app` +# `ExecStart=__INSTALL_DIR__/my_app` # You will replace __YNH_GO_LOAD_PATH__ with $ynh_go_load_path # # Or Go start the app directly, then you don't need to load the PATH variable @@ -72,7 +72,7 @@ ynh_use_go () { ynh_go_load_path="PATH=$PATH" # Sets the local application-specific Go version - pushd $final_path + pushd $install_dir $goenv_install_dir/bin/goenv local $go_version popd } diff --git a/tests.toml b/tests.toml new file mode 100644 index 0000000..be7184a --- /dev/null +++ b/tests.toml @@ -0,0 +1,15 @@ +test_format = 1.0 + +[default] + + # ------------ + # Tests to run + # ------------ + + # ------------------------------- + # Default args to use for install + # ------------------------------- + + args.OIDC_name="Outline" + args.OIDC_secret="secret" + args.OIDC_callback="domain.tld/callback" \ No newline at end of file