From 3be837d749929112badf3f307ec98d2a94c5d54e Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Fri, 18 Dec 2020 22:56:28 +0100 Subject: [PATCH 01/19] Fix linter warnings --- README.md | 30 +++++++++++++++++++++--------- check_process | 3 --- manifest.json | 4 ++-- scripts/backup | 12 +++++++----- scripts/install | 1 + scripts/remove | 2 +- scripts/restore | 8 +++++++- scripts/upgrade | 16 ++++++++++++++++ 8 files changed, 55 insertions(+), 21 deletions(-) diff --git a/README.md b/README.md index ee29510..69dbede 100644 --- a/README.md +++ b/README.md @@ -1,19 +1,16 @@ -diaspora_ynh -========== +Diaspora for YunoHost -[![Integration level](https://dash.yunohost.org/integration/diaspora.svg)](https://dash.yunohost.org/appci/app/diaspora) ![](https://ci-apps.yunohost.org/ci/badges/diaspora.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/diaspora.maintain.svg)[![Shipped version](https://img.shields.io/github/v/release/yunohost-apps/diaspora_ynh)](https://github.com/yunohost-apps/diaspora_ynh/releases) - -[![Install diaspora with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=diaspora) +[![Integration level](https://dash.yunohost.org/integration/diaspora.svg)](https://dash.yunohost.org/appci/app/diaspora) ![](https://ci-apps.yunohost.org/ci/badges/diaspora.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/diaspora.maintain.svg)[![Shipped version](https://img.shields.io/github/v/release/yunohost-apps/diaspora_ynh)](https://github.com/yunohost-apps/diaspora_ynh/releases) +[![Install Diaspora with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=diaspora) ## Overview -> *This package allow you to install diaspora* quickly and simply on a YunoHost server. +> *This package allow you to install Diaspora quickly and simply on a YunoHost server. If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to know how to install and enjoy it.* **Shipped version:** 0.7.13.0 -Notes --------------- +## Notes Before installing, you have to: @@ -25,5 +22,20 @@ Installation effects: - Thank you for being patient as deployment time can take up to about 1 hour (raspberry pi). - The installation directory can take up to 900MB and app start time can be take 5 minutes +## Links -Report a bug: https://github.com/YunoHost-Apps/diaspora_ynh/issues + * Report a bug: https://github.com/YunoHost-Apps/diaspora_ynh/issues + * YunoHost website: https://yunohost.org/ + +--- + +## Developer info + +Please send your pull request to the [testing branch](https://github.com/YunoHost-Apps/diaspora_ynh/tree/testing). + +To try the testing branch, please proceed like that. +``` +sudo yunohost app install https://github.com/YunoHost-Apps/diaspora_ynh/tree/testing --debug +or +sudo yunohost app upgrade diaspora -u https://github.com/YunoHost-Apps/diaspora_ynh/tree/testing --debug +``` diff --git a/check_process b/check_process index 1537b65..1efa13e 100644 --- a/check_process +++ b/check_process @@ -16,9 +16,6 @@ multi_instance=1 port_already_use=0 change_url=0 # not supported upstream -;;; Levels - # If the level 5 (Package linter) is forced to 1. Please add justifications here. - Level 5=auto ;;; Options Email= Notification=none diff --git a/manifest.json b/manifest.json index 61d2445..664777c 100644 --- a/manifest.json +++ b/manifest.json @@ -8,13 +8,13 @@ "fr": "Service de réseau social distribué" }, "license": "AGPL-3.0", - "version": "0.7.14.0~ynh1", + "version": "0.7.14.0~ynh2", "maintainer": { "name": "rafi59", "email": "" }, "requirements": { - "yunohost": ">= 3.7.0" + "yunohost": ">= 3.8.1" }, "multi_instance": true, "services": [ diff --git a/scripts/backup b/scripts/backup index ca58642..53991c7 100644 --- a/scripts/backup +++ b/scripts/backup @@ -18,7 +18,7 @@ ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading installation settings..." +ynh_print_info --message="Loading installation settings..." app=$YNH_APP_INSTANCE_NAME @@ -30,18 +30,20 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path) # clean folder ynh_secure_remove --file="$final_path/backup" mkdir -p $final_path/backup + #================================================= # BACKUP DIASPORA DATABASE #================================================= -ynh_script_progression --message="Backup Diaspora DB..." --weight=10 + db_pass=$(ynh_app_setting_get --app=$app --key=psqlpwd) dump_file="$final_path/backup/$app.dump" pg_dump -d "dbname=$app user=$app password=$db_pass host=localhost" -Fc -f $dump_file ynh_backup --src_path="$dump_file" + #================================================= # BACKUP DIASPORA UPLOADS #================================================= -ynh_script_progression --message="Backup uploads..." --weight=10 + if [ -x $final_path/diaspora/public/uploads ]; then ynh_backup --src_path="$final_path/diaspora/public/uploads" else @@ -51,11 +53,11 @@ fi #================================================= # BACKUP CONF FILES #================================================= -ynh_script_progression --message="Backup configuration files of Diaspora..." + ynh_backup --src_path="$final_path/diaspora/config/database.yml" ynh_backup --src_path="$final_path/diaspora/config/diaspora.yml" #================================================= # END OF SCRIPT #================================================= -ynh_script_progression --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." --last +ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." diff --git a/scripts/install b/scripts/install index 4cf1c6c..b8d8e70 100755 --- a/scripts/install +++ b/scripts/install @@ -179,6 +179,7 @@ ynh_app_setting_set $app unprotected_uris "/" # CREATE AN ADMIN #================================================= ynh_script_progression --message="Create admin..." --weight=1 + pushd $final_path/diaspora sudo -u $app /bin/bash --login << EOF RAILS_ENV=production bundle exec rails console << END diff --git a/scripts/remove b/scripts/remove index 10c18b7..f107e3c 100644 --- a/scripts/remove +++ b/scripts/remove @@ -31,7 +31,7 @@ final_path=$(ynh_app_setting_get $app final_path) ynh_script_progression --message="Remove services" yunohost service remove $app.target systemctl stop ${app}.target ${app}_sidekiq.service ${app}_web.service -systemctl disable ${app}.target ${app}_sidekiq.service ${app}_web.service +systemctl disable ${app}.target ${app}_sidekiq.service ${app}_web.service --quiet ynh_secure_remove --file="/etc/systemd/system/${app}_web.service" ynh_secure_remove --file="/etc/systemd/system/${app}_sidekiq.service" ynh_secure_remove --file="/etc/tmpfiles.d/${app}.conf" diff --git a/scripts/restore b/scripts/restore index be8a532..3db15b8 100644 --- a/scripts/restore +++ b/scripts/restore @@ -51,6 +51,7 @@ can_remove_home=1 # Reinstall dependencies #================================================= ynh_script_progression --message="Reinstalling dependencies..." --weight=27 + ynh_install_app_dependencies $pkg_dependencies $ruby_build_dependencies # now that we have psql for sure, test db existence @@ -62,6 +63,7 @@ can_remove_db=1 # Restoring dedicated USER #================================================= ynh_script_progression --message="Restoring user..." --weight=1 + ynh_system_user_create --username=$app --home_dir=$final_path --use_shell can_remove_user=1 mkdir -p $final_path @@ -72,6 +74,7 @@ chown $app:www-data $final_path # INSTALL RVM AND RUBY FOR CURRENT USER #================================================= ynh_script_progression --message="Reinstalling rvm and ruby..." --weight=50 + source ./install_ruby #================================================= @@ -112,24 +115,27 @@ ynh_secure_remove --file=/tmp/diaspora.dump #================================================= # Bundle the ruby app #================================================= -ynh_script_progression --message="Precompile assets..." --weight=200 +ynh_script_progression --message="Precompile assets..." --weight=20 source ./bundle_app #================================================= # Restore nginx conf files #================================================= ynh_script_progression --message="Recreate nginx config from source" + ynh_add_nginx_config #================================================= # Restore services #================================================= ynh_script_progression --message="Restore services..." + source ./create_services #================================================= # ADVERTISE SERVICE IN ADMIN PANEL #================================================= + yunohost service add $app.target\ --log $final_path/diaspora/log/production.log \ $final_path/diaspora/log/unicorn-stderr.log\ diff --git a/scripts/upgrade b/scripts/upgrade index 0dbec14..ed8f224 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -14,6 +14,7 @@ source /usr/share/yunohost/helpers # LOAD SETTINGS #================================================= ynh_script_progression --message="Loading installation settings..." + app=$YNH_APP_INSTANCE_NAME # Retrieve arguments @@ -30,18 +31,21 @@ ynh_abort_if_errors # Check upgrade type #================================================= ynh_script_progression --message="Check upgrade type..." + upgrade_type=$(ynh_check_app_version_changed) #================================================= # Stop services #================================================= ynh_script_progression --message="Stop services..." + systemctl stop $app.target #================================================= # INSTALL DEPENDENCIES #================================================= ynh_script_progression --message="Installing dependencies..." + ynh_install_app_dependencies $pkg_dependencies $ruby_build_dependencies #================================================= @@ -86,10 +90,21 @@ then source ./bundle_app fi +#================================================= +# ADVERTISE SERVICE IN ADMIN PANEL +#================================================= +yunohost service add $app.target \ + --log $final_path/diaspora/log/production.log \ + $final_path/diaspora/log/unicorn-stderr.log\ + $final_path/diaspora/log/unicorn-stdout.log\ + $final_path/diaspora/log/sidekiq.log\ + --description "Diaspora service (unicorn web and sidekiq)" + #================================================= # restart services #================================================= ynh_script_progression --message="Recreate and start services..." + source ./create_services #================================================= @@ -97,6 +112,7 @@ source ./create_services #================================================= # Create a dedicated nginx config ynh_script_progression --message="configure nginx..." --weight=1 + ynh_add_nginx_config From e54d6277f94d86cda1dd20bcd5aa19e1c77e5b42 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Sun, 20 Dec 2020 17:38:11 +0100 Subject: [PATCH 02/19] Fix typos --- README.md | 4 ++-- scripts/install | 1 - 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 69dbede..2efa34d 100644 --- a/README.md +++ b/README.md @@ -1,11 +1,11 @@ -Diaspora for YunoHost +# Diaspora* for YunoHost [![Integration level](https://dash.yunohost.org/integration/diaspora.svg)](https://dash.yunohost.org/appci/app/diaspora) ![](https://ci-apps.yunohost.org/ci/badges/diaspora.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/diaspora.maintain.svg)[![Shipped version](https://img.shields.io/github/v/release/yunohost-apps/diaspora_ynh)](https://github.com/yunohost-apps/diaspora_ynh/releases) [![Install Diaspora with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=diaspora) ## Overview -> *This package allow you to install Diaspora quickly and simply on a YunoHost server. +> *This package allow you to install Diaspora* quickly and simply on a YunoHost server. If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to know how to install and enjoy it.* **Shipped version:** 0.7.13.0 diff --git a/scripts/install b/scripts/install index b8d8e70..4cf1c6c 100755 --- a/scripts/install +++ b/scripts/install @@ -179,7 +179,6 @@ ynh_app_setting_set $app unprotected_uris "/" # CREATE AN ADMIN #================================================= ynh_script_progression --message="Create admin..." --weight=1 - pushd $final_path/diaspora sudo -u $app /bin/bash --login << EOF RAILS_ENV=production bundle exec rails console << END From 0fdb415c45087a8f97e96f6c9625dbff5966eaae Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Sun, 20 Dec 2020 17:45:47 +0100 Subject: [PATCH 03/19] Add ynh_print_info for DB backup --- scripts/backup | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/backup b/scripts/backup index 53991c7..6a77eaf 100644 --- a/scripts/backup +++ b/scripts/backup @@ -34,6 +34,7 @@ mkdir -p $final_path/backup #================================================= # BACKUP DIASPORA DATABASE #================================================= +ynh_print_info --message="Backup Diaspora DB..." db_pass=$(ynh_app_setting_get --app=$app --key=psqlpwd) dump_file="$final_path/backup/$app.dump" From 9a608e6d6c2bb584f0e6c8bc92caeafbd7c62f76 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Mon, 21 Dec 2020 18:53:57 +0100 Subject: [PATCH 04/19] Add escape to * --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 2efa34d..69bb8c1 100644 --- a/README.md +++ b/README.md @@ -5,7 +5,7 @@ ## Overview -> *This package allow you to install Diaspora* quickly and simply on a YunoHost server. +> *This package allow you to install Diaspora\* quickly and simply on a YunoHost server. If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to know how to install and enjoy it.* **Shipped version:** 0.7.13.0 From f45513f1ab7de996fe225f1405c53663c1ef8cd0 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Mon, 21 Dec 2020 18:58:18 +0100 Subject: [PATCH 05/19] Set --weight --- scripts/restore | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/scripts/restore b/scripts/restore index 3db15b8..1256e4e 100644 --- a/scripts/restore +++ b/scripts/restore @@ -50,7 +50,7 @@ can_remove_home=1 #================================================= # Reinstall dependencies #================================================= -ynh_script_progression --message="Reinstalling dependencies..." --weight=27 +ynh_script_progression --message="Reinstalling dependencies..." --weight=5 ynh_install_app_dependencies $pkg_dependencies $ruby_build_dependencies @@ -73,7 +73,7 @@ chown $app:www-data $final_path #================================================= # INSTALL RVM AND RUBY FOR CURRENT USER #================================================= -ynh_script_progression --message="Reinstalling rvm and ruby..." --weight=50 +ynh_script_progression --message="Reinstalling rbenv and ruby..." --weight=10 source ./install_ruby @@ -82,14 +82,14 @@ source ./install_ruby #================================================= # Download, check integrity, unucompress and patch the source from app.src pushd $final_path -ynh_script_progression --message="Download the sources..." --weight=16 +ynh_script_progression --message="Download the sources..." --weight=5 sudo -u $app git clone https://github.com/diaspora/diaspora.git -b $current_tag popd #================================================= # Restore files #================================================= -ynh_script_progression --message="Restore the files" --weight=16 +ynh_script_progression --message="Restore the files" --weight=5 ynh_restore_file --origin_path=/var/www/diaspora/diaspora/config/database.yml ynh_restore_file --origin_path=/var/www/diaspora/diaspora/config/diaspora.yml ynh_restore_file --not_mandatory --origin_path=/var/www/diaspora/diaspora/public/uploads/ @@ -100,7 +100,7 @@ ynh_restore_file --origin_path=/var/www/diaspora/backup/diaspora.dump --dest_pat #================================================= # Restore database #================================================= -ynh_script_progression --message="Recreating and restoring database..." --weight=16 +ynh_script_progression --message="Recreating and restoring database..." --weight=5 db_name=$(ynh_sanitize_dbid $app) ynh_psql_test_if_first_run db_pass=$(ynh_app_setting_get --app=$app --key=psqlpwd) @@ -115,7 +115,7 @@ ynh_secure_remove --file=/tmp/diaspora.dump #================================================= # Bundle the ruby app #================================================= -ynh_script_progression --message="Precompile assets..." --weight=20 +ynh_script_progression --message="Precompile assets..." --weight=5 source ./bundle_app #================================================= From b2b458d3e0ccb50b48070cd46196c8f2d0dcc229 Mon Sep 17 00:00:00 2001 From: Yunohost-Bot <> Date: Mon, 15 Mar 2021 00:25:46 +0100 Subject: [PATCH 06/19] [autopatch] Autopatch to migrate to new permission system --- scripts/install | 4 ++-- scripts/upgrade | 10 ++++++++++ 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/scripts/install b/scripts/install index 4cf1c6c..4b15f9e 100755 --- a/scripts/install +++ b/scripts/install @@ -172,8 +172,8 @@ yunohost service add $app.target \ #================================================= # SETUP SSOWAT #================================================= -# unprotected_uris allows SSO credentials to be passed anyway. -ynh_app_setting_set $app unprotected_uris "/" + + #================================================= # CREATE AN ADMIN diff --git a/scripts/upgrade b/scripts/upgrade index ed8f224..cddcf5a 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -27,6 +27,16 @@ ynh_clean_setup() { } ynh_abort_if_errors +#================================================= +# Migrate legacy permissions to new system +#================================================= +if ynh_legacy_permissions_exists +then + ynh_legacy_permissions_delete_all + + ynh_app_setting_delete --app=$app --key=is_public +fi + #================================================= # Check upgrade type #================================================= From d1ca0b071db9eaf0a60e4ff07b2a1368f6fd0e60 Mon Sep 17 00:00:00 2001 From: Augustin Trancart Date: Mon, 21 Feb 2022 17:05:22 +0100 Subject: [PATCH 07/19] Remove upgrade from old versions because there are not installable any more --- check_process | 2 -- 1 file changed, 2 deletions(-) diff --git a/check_process b/check_process index 1efa13e..34c966d 100644 --- a/check_process +++ b/check_process @@ -10,8 +10,6 @@ setup_root=1 setup_nourl=0 upgrade=1 - upgrade=1 from_commit=0.7.13.0-ynh1 - upgrade=1 from_commit=0.7.13.0-ynh2 backup_restore=1 multi_instance=1 port_already_use=0 From 3e3cc64e83ddd852962a07b2f004ca73deded6fe Mon Sep 17 00:00:00 2001 From: Augustin Trancart Date: Mon, 21 Feb 2022 17:05:41 +0100 Subject: [PATCH 08/19] Harden systed security --- conf/diaspora_sidekiq.service | 30 ++++++++++++++++++++++++++++++ conf/diaspora_web.service | 31 +++++++++++++++++++++++++++++++ 2 files changed, 61 insertions(+) diff --git a/conf/diaspora_sidekiq.service b/conf/diaspora_sidekiq.service index 9283e2d..5b1fabf 100644 --- a/conf/diaspora_sidekiq.service +++ b/conf/diaspora_sidekiq.service @@ -9,5 +9,35 @@ WorkingDirectory=__FINALPATH__/diaspora ExecStart=/bin/bash -lc "bin/bundle exec sidekiq" Restart=always +# Sandboxing options to harden security +# Depending on specificities of your service/app, you may need to tweak these +# .. but this should be a good baseline +# Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html +NoNewPrivileges=yes +PrivateTmp=yes +PrivateDevices=yes +RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 +RestrictNamespaces=yes +RestrictRealtime=yes +DevicePolicy=closed +ProtectSystem=full +ProtectControlGroups=yes +ProtectKernelModules=yes +ProtectKernelTunables=yes +LockPersonality=yes +SystemCallFilter=~@clock @debug @module @mount @obsolete @reboot @setuid @swap + +# Denying access to capabilities that should not be relevant for webapps +# Doc: https://man7.org/linux/man-pages/man7/capabilities.7.html +CapabilityBoundingSet=~CAP_RAWIO CAP_MKNOD +CapabilityBoundingSet=~CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE +CapabilityBoundingSet=~CAP_SYS_BOOT CAP_SYS_TIME CAP_SYS_MODULE CAP_SYS_PACCT +CapabilityBoundingSet=~CAP_LEASE CAP_LINUX_IMMUTABLE CAP_IPC_LOCK +CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_WAKE_ALARM +CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG +CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE +CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW +CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG + [Install] WantedBy=__APP__.target diff --git a/conf/diaspora_web.service b/conf/diaspora_web.service index 973ffcc..8270564 100644 --- a/conf/diaspora_web.service +++ b/conf/diaspora_web.service @@ -11,5 +11,36 @@ ExecStart=/bin/bash -lc "bin/bundle exec unicorn -c config/unicorn.rb -E product ExecReload=/bin/kill -USR2 $MAINPID Restart=always +# Sandboxing options to harden security +# Depending on specificities of your service/app, you may need to tweak these +# .. but this should be a good baseline +# Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html +NoNewPrivileges=yes +PrivateTmp=yes +PrivateDevices=yes +RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 +RestrictNamespaces=yes +RestrictRealtime=yes +DevicePolicy=closed +ProtectSystem=full +ProtectControlGroups=yes +ProtectKernelModules=yes +ProtectKernelTunables=yes +LockPersonality=yes +SystemCallFilter=~@clock @debug @module @mount @obsolete @reboot @setuid @swap + +# Denying access to capabilities that should not be relevant for webapps +# Doc: https://man7.org/linux/man-pages/man7/capabilities.7.html +CapabilityBoundingSet=~CAP_RAWIO CAP_MKNOD +CapabilityBoundingSet=~CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE +CapabilityBoundingSet=~CAP_SYS_BOOT CAP_SYS_TIME CAP_SYS_MODULE CAP_SYS_PACCT +CapabilityBoundingSet=~CAP_LEASE CAP_LINUX_IMMUTABLE CAP_IPC_LOCK +CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_WAKE_ALARM +CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG +CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE +CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW +CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG + + [Install] WantedBy=__APP__.target From 18abcb72c1321f0db47a76a594c24ec59327d1fe Mon Sep 17 00:00:00 2001 From: Augustin Trancart Date: Mon, 21 Feb 2022 17:06:06 +0100 Subject: [PATCH 09/19] Synchronise manifest with example_ynh --- manifest.json | 103 ++++++++++++++++++++++++-------------------------- 1 file changed, 50 insertions(+), 53 deletions(-) diff --git a/manifest.json b/manifest.json index 664777c..e6f2fe1 100644 --- a/manifest.json +++ b/manifest.json @@ -1,55 +1,52 @@ { - "name": "Diaspora", - "id": "diaspora", - "url": "https://diasporafoundation.org", - "packaging_format": 1, - "description": { - "en": "Distributed social networking service", - "fr": "Service de réseau social distribué" - }, - "license": "AGPL-3.0", - "version": "0.7.14.0~ynh2", - "maintainer": { - "name": "rafi59", - "email": "" - }, - "requirements": { - "yunohost": ">= 3.8.1" - }, - "multi_instance": true, - "services": [ - "nginx", - "postgresql" - ], - "arguments": { - "install" : [ - { - "name": "domain", - "type": "domain", - "ask": { - "en": "Choose a domain for diaspora* (it needs its own domain)", - "fr": "Choisissez un domaine pour diaspora* (diaspora* a besoin de son propre domaine)" - }, - "example": "domain.org" - }, - { - "name": "admin", - "type": "user", - "ask": { - "en": "Choose the diaspora* administrator (must be an existing YunoHost user)", - "fr": "Choisissez l'administrateur de diaspora* (doit être un utilisateur YunoHost)" - }, - "example": "johndoe" - }, - { - "name": "admin_password", - "type": "password", - "ask": { - "en": "Admin password. Must contain at least 10 characters, one lowercase letter, one uppercase letter, one number, and one symbol (e.g. '~!@#$%^&*()').", - "fr": "Mot de passe pour l’administrateur. Doit contenir au moins 10 caractères, une majuscule, une minuscule, un chiffre, et une ponctuation (ex. '~!@#$%^&*()')." - }, - "optional": false - } - ] - } + "name": "Diaspora", + "id": "diaspora", + "packaging_format": 1, + "description": { + "en": "Distributed social networking service", + "fr": "Service de réseau social distribué" + }, + "version": "0.7.16.0~ynh1", + "url": "https://diasporafoundation.org", + "upstream": { + "license": "AGPL-3.0", + "website": "https://diasporafoundation.org/", + "admindoc": "https://wiki.diasporafoundation.org/FAQ_for_pod_maintainers", + "userdoc": "https://wiki.diasporafoundation.org/FAQ_for_users", + "code": "https://github.com/diaspora/diaspora" + }, + "license": "AGPL-3.0", + "maintainer": { + "name": "rafi59", + "email": "" + }, + "requirements": { + "yunohost": ">= 4.3.0" + }, + "multi_instance": true, + "services": [ + "nginx", + "postgresql" + ], + "arguments": { + "install" : [ + { + "name": "domain", + "type": "domain" + }, + { + "name": "admin", + "type": "user" + }, + { + "name": "admin_password", + "type": "password", + "ask": { + "en": "Admin password. Must contain at least 10 characters, one lowercase letter, one uppercase letter, one number, and one symbol (e.g. '~!@#$%^&*()').", + "fr": "Mot de passe pour l’administrateur. Doit contenir au moins 10 caractères, une majuscule, une minuscule, un chiffre, et une ponctuation (ex. '~!@#$%^&*()')." + }, + "optional": false + } + ] + } } From df9920f2104eeda7d0581e1a21913ccff9431934 Mon Sep 17 00:00:00 2001 From: Augustin Trancart Date: Mon, 21 Feb 2022 17:06:32 +0100 Subject: [PATCH 10/19] Upgrade diaspora to v0.7.16 --- scripts/_common.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/_common.sh b/scripts/_common.sh index 5d5224d..75ba982 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -2,4 +2,4 @@ pkg_dependencies="build-essential cmake libssl-dev libcurl4-dev libxml2-dev libxslt-dev imagemagick ghostscript curl libmagickwand-dev git libpq-dev redis-server nodejs postgresql bison " ruby_build_dependencies="bison libffi-dev libgdbm-dev libncurses5-dev libsqlite3-dev libyaml-dev pkg-config sqlite3 zlib1g-dev libgmp-dev libreadline-dev libssl-dev libjemalloc-dev" -current_tag="v0.7.14.0" +current_tag="v0.7.16.0" From 28af64c19caf692fe0bdf9edf099dfcb4bfe6d1b Mon Sep 17 00:00:00 2001 From: Augustin Trancart Date: Mon, 21 Feb 2022 17:06:48 +0100 Subject: [PATCH 11/19] Less logs from rails --- scripts/bundle_app | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/scripts/bundle_app b/scripts/bundle_app index c2c9c77..76b77c1 100644 --- a/scripts/bundle_app +++ b/scripts/bundle_app @@ -7,17 +7,20 @@ cd diaspora script/configure_bundler bin/bundle install --full-index --with=postgresql EOF +# for some reason rake logs a lot in stderr (tried --quiet, didn't change anything) +# redirecting it to stdout to have a saner log on yunohost side sudo -u $app --login << EOF cd diaspora -RAILS_ENV=production bundle exec rake db:migrate +RAILS_ENV=production bundle exec rake db:migrate 2>&1 EOF #================================================= # ASSETS PRECOMPILATION #================================================= + sudo -u $app --login << EOF cd diaspora -RAILS_ENV=production bin/rake assets:precompile +RAILS_ENV=production bin/rake assets:precompile 2>&1 EOF popd From 1cda0653e998e52ee8fd8f54eaaede1d37995ffc Mon Sep 17 00:00:00 2001 From: Augustin Trancart Date: Mon, 21 Feb 2022 17:07:08 +0100 Subject: [PATCH 12/19] Remove useless check --- scripts/install | 2 -- 1 file changed, 2 deletions(-) diff --git a/scripts/install b/scripts/install index 4b15f9e..9e683e1 100755 --- a/scripts/install +++ b/scripts/install @@ -45,8 +45,6 @@ final_path=/var/www/$app # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS #================================================= ynh_script_progression --message="Validating installation parameters..." --weight=1 -# Check web path availability -ynh_webpath_available --domain=$domain --path_url=/ # check path availability test ! -e "$final_path" || ynh_die "This path already contains a folder" can_remove_home=1 From c017b1639071605f2e5b293b04b99f52bc40858f Mon Sep 17 00:00:00 2001 From: Augustin Trancart Date: Mon, 21 Feb 2022 17:07:41 +0100 Subject: [PATCH 13/19] Adjust progress bar weight --- scripts/install | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/scripts/install b/scripts/install index 9e683e1..0b449bd 100755 --- a/scripts/install +++ b/scripts/install @@ -66,7 +66,7 @@ ynh_app_setting_set --app=$app --key=final_path --value=$final_path #================================================= # INSTALL DEPENDENCIES #================================================= -ynh_script_progression --message="Installing dependencies..." --weight=27 +ynh_script_progression --message="Installing dependencies..." --weight=5 ynh_install_app_dependencies $pkg_dependencies $ruby_build_dependencies #================================================= @@ -92,7 +92,7 @@ chown $app:www-data $final_path #================================================= # INSTALL RVM AND RUBY FOR CURRENT USER #================================================= -ynh_script_progression --message="Installing rvm and ruby..." --weight=240 +ynh_script_progression --message="Installing rvm and ruby... (will take a long time)" --weight=20 source ./install_ruby #================================================= @@ -100,7 +100,7 @@ source ./install_ruby #================================================= # Download, check integrity, unucompress and patch the source from app.src pushd $final_path -ynh_script_progression --message="Download the sources..." --weight=16 +ynh_script_progression --message="Download the sources..." --weight=10 sudo -u $app git clone https://github.com/diaspora/diaspora.git -b $current_tag popd @@ -140,7 +140,7 @@ ynh_store_file_checksum --file="$final_path/diaspora/config/database.yml" #================================================= # Bundle the ruby app #================================================= -ynh_script_progression --message="Precompile assets..." --weight=400 +ynh_script_progression --message="Precompile assets (will take a long time)..." --weight=40 source ./bundle_app #================================================= From d2a3fa7f6b09b703fba3a05f04386cc94525eebe Mon Sep 17 00:00:00 2001 From: Augustin Trancart Date: Mon, 21 Feb 2022 17:07:59 +0100 Subject: [PATCH 14/19] linter --- scripts/restore | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) diff --git a/scripts/restore b/scripts/restore index 1256e4e..ae81399 100644 --- a/scripts/restore +++ b/scripts/restore @@ -41,8 +41,6 @@ db_user=$db_name #================================================= ynh_script_progression --message="Validating restoration parameters..." -ynh_webpath_available --domain=$domain --path_url=/ \ - || ynh_die --message="Domain not available: ${domain}" test ! -d $final_path \ || ynh_die --message="There is already a directory: $final_path " can_remove_home=1 @@ -136,17 +134,11 @@ source ./create_services # ADVERTISE SERVICE IN ADMIN PANEL #================================================= -yunohost service add $app.target\ +yunohost service add $app.target \ --log $final_path/diaspora/log/production.log \ $final_path/diaspora/log/unicorn-stderr.log\ $final_path/diaspora/log/unicorn-stdout.log\ $final_path/diaspora/log/sidekiq.log\ --description "Diaspora service (unicorn web and sidekiq)" -#================================================= -# SETUP SSOWAT -#================================================= -# unprotected_uris allows SSO credentials to be passed anyway. -ynh_app_setting_set $app unprotected_uris "/" - popd From 9b8259edf8c41ac673ce4d6986078a1419506c99 Mon Sep 17 00:00:00 2001 From: Yunohost-Bot <> Date: Mon, 21 Feb 2022 16:08:35 +0000 Subject: [PATCH 15/19] Auto-update README --- README.md | 43 +++++++++++++++++++++++-------------------- README_fr.md | 40 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 63 insertions(+), 20 deletions(-) create mode 100644 README_fr.md diff --git a/README.md b/README.md index 69bb8c1..659b6d0 100644 --- a/README.md +++ b/README.md @@ -1,33 +1,34 @@ -# Diaspora* for YunoHost + -[![Integration level](https://dash.yunohost.org/integration/diaspora.svg)](https://dash.yunohost.org/appci/app/diaspora) ![](https://ci-apps.yunohost.org/ci/badges/diaspora.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/diaspora.maintain.svg)[![Shipped version](https://img.shields.io/github/v/release/yunohost-apps/diaspora_ynh)](https://github.com/yunohost-apps/diaspora_ynh/releases) +# Diaspora for YunoHost + +[![Integration level](https://dash.yunohost.org/integration/diaspora.svg)](https://dash.yunohost.org/appci/app/diaspora) ![](https://ci-apps.yunohost.org/ci/badges/diaspora.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/diaspora.maintain.svg) [![Install Diaspora with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=diaspora) +*[Lire ce readme en français.](./README_fr.md)* + +> *This package allows you to install Diaspora quickly and simply on a YunoHost server. +If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/install) to learn how to install it.* + ## Overview -> *This package allow you to install Diaspora\* quickly and simply on a YunoHost server. -If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to know how to install and enjoy it.* +Distributed social networking service -**Shipped version:** 0.7.13.0 +**Shipped version:** 0.7.16.0~ynh1 -## Notes -Before installing, you have to: -- get a dedicated domain (must install under web root like **https://diaspora.example.com/** not **https://example.com/diaspora/**) -- get a valid SSL certificate +## Documentation and resources -Installation effects: - -- Thank you for being patient as deployment time can take up to about 1 hour (raspberry pi). -- The installation directory can take up to 900MB and app start time can be take 5 minutes - -## Links - - * Report a bug: https://github.com/YunoHost-Apps/diaspora_ynh/issues - * YunoHost website: https://yunohost.org/ - ---- +* Official app website: https://diasporafoundation.org/ +* Official user documentation: https://wiki.diasporafoundation.org/FAQ_for_users +* Official admin documentation: https://wiki.diasporafoundation.org/FAQ_for_pod_maintainers +* Upstream app code repository: https://github.com/diaspora/diaspora +* YunoHost documentation for this app: https://yunohost.org/app_diaspora +* Report a bug: https://github.com/YunoHost-Apps/diaspora_ynh/issues ## Developer info @@ -39,3 +40,5 @@ sudo yunohost app install https://github.com/YunoHost-Apps/diaspora_ynh/tree/tes or sudo yunohost app upgrade diaspora -u https://github.com/YunoHost-Apps/diaspora_ynh/tree/testing --debug ``` + +**More info regarding app packaging:** https://yunohost.org/packaging_apps \ No newline at end of file diff --git a/README_fr.md b/README_fr.md new file mode 100644 index 0000000..04a4e50 --- /dev/null +++ b/README_fr.md @@ -0,0 +1,40 @@ +# Diaspora pour YunoHost + +[![Niveau d'intégration](https://dash.yunohost.org/integration/diaspora.svg)](https://dash.yunohost.org/appci/app/diaspora) ![](https://ci-apps.yunohost.org/ci/badges/diaspora.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/diaspora.maintain.svg) +[![Installer Diaspora avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=diaspora) + +*[Read this readme in english.](./README.md)* +*[Lire ce readme en français.](./README_fr.md)* + +> *Ce package vous permet d'installer Diaspora rapidement et simplement sur un serveur YunoHost. +Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.* + +## Vue d'ensemble + +Service de réseau social distribué + +**Version incluse :** 0.7.16.0~ynh1 + + + +## Documentations et ressources + +* Site officiel de l'app : https://diasporafoundation.org/ +* Documentation officielle utilisateur : https://wiki.diasporafoundation.org/FAQ_for_users +* Documentation officielle de l'admin : https://wiki.diasporafoundation.org/FAQ_for_pod_maintainers +* Dépôt de code officiel de l'app : https://github.com/diaspora/diaspora +* Documentation YunoHost pour cette app : https://yunohost.org/app_diaspora +* Signaler un bug : https://github.com/YunoHost-Apps/diaspora_ynh/issues + +## Informations pour les développeurs + +Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/diaspora_ynh/tree/testing). + +Pour essayer la branche testing, procédez comme suit. +``` +sudo yunohost app install https://github.com/YunoHost-Apps/diaspora_ynh/tree/testing --debug +ou +sudo yunohost app upgrade diaspora -u https://github.com/YunoHost-Apps/diaspora_ynh/tree/testing --debug +``` + +**Plus d'infos sur le packaging d'applications :** https://yunohost.org/packaging_apps \ No newline at end of file From debdef80292e07799b296420ee3ebc73a5ce5f89 Mon Sep 17 00:00:00 2001 From: Augustin Trancart Date: Mon, 28 Feb 2022 18:09:58 +0100 Subject: [PATCH 16/19] Add DISCLAIMER.md --- doc/DISCLAIMER.md | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 doc/DISCLAIMER.md diff --git a/doc/DISCLAIMER.md b/doc/DISCLAIMER.md new file mode 100644 index 0000000..e64a2cd --- /dev/null +++ b/doc/DISCLAIMER.md @@ -0,0 +1,3 @@ +- There is currently no LDAP integration +- the installation is very long, especially the frontend building step +- As upstream doesn't support it, there is no possibility to change the endpoint/url of diaspora\*. Please choose it carefully! From b58ed28550de09308b61beda0624f097cd6b4771 Mon Sep 17 00:00:00 2001 From: Augustin Trancart Date: Mon, 28 Feb 2022 18:15:38 +0100 Subject: [PATCH 17/19] Add DISCLAIMER_fr.md --- doc/DISCLAIMER_fr.md | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 doc/DISCLAIMER_fr.md diff --git a/doc/DISCLAIMER_fr.md b/doc/DISCLAIMER_fr.md new file mode 100644 index 0000000..3783723 --- /dev/null +++ b/doc/DISCLAIMER_fr.md @@ -0,0 +1,3 @@ +- Il n'y a pas d'intégration LDAP pour le moment. +- L'installation est très longue, en particulier l'étape de build du frontend. +- le projet amont ne supporte pas les changements d'url, ainsi l'application yunohost ne supporte pas non plus cette action. From 0f4e8639bc1cbbeed6cbd76c78de2b16183157d8 Mon Sep 17 00:00:00 2001 From: Augustin Trancart Date: Mon, 28 Feb 2022 18:15:58 +0100 Subject: [PATCH 18/19] Update README --- README.md | 6 ++++++ README_fr.md | 6 ++++++ 2 files changed, 12 insertions(+) diff --git a/README.md b/README.md index 659b6d0..60bdf2f 100644 --- a/README.md +++ b/README.md @@ -21,6 +21,12 @@ Distributed social networking service +## Disclaimers / important information + +- There is currently no LDAP integration +- the installation is very long, especially the frontend building step +- As upstream doesn't support it, there is no possibility to change the endpoint/url of diaspora\*. Please choose it carefully! + ## Documentation and resources * Official app website: https://diasporafoundation.org/ diff --git a/README_fr.md b/README_fr.md index 04a4e50..3661ad7 100644 --- a/README_fr.md +++ b/README_fr.md @@ -17,6 +17,12 @@ Service de réseau social distribué +## Avertissements / informations importantes + +- Il n'y a pas d'intégration LDAP pour le moment. +- L'installation est très longue, en particulier l'étape de build du frontend. +- le projet amont ne supporte pas les changements d'url, ainsi l'application yunohost ne supporte pas non plus cette action. + ## Documentations et ressources * Site officiel de l'app : https://diasporafoundation.org/ From 660659057df5adfbb52243a745874e76d0ca67b8 Mon Sep 17 00:00:00 2001 From: Augustin Trancart Date: Wed, 2 Mar 2022 09:13:11 +0100 Subject: [PATCH 19/19] update comment --- scripts/bundle_app | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/bundle_app b/scripts/bundle_app index 76b77c1..d3b5fbb 100644 --- a/scripts/bundle_app +++ b/scripts/bundle_app @@ -1,6 +1,6 @@ #!/bin/bash pushd $final_path/diaspora -echo 2.6.6 > .ruby-version # overwrite 2.4 default from diaspora because rbenv does not understand it +echo 2.6.6 > .ruby-version # overwrite 2.6 default from diaspora because rbenv does not understand it sudo -u $app --login << EOF gem install bundler:1.17.3 cd diaspora