diff --git a/.github/ISSUE_TEMPLATE.md b/.github/ISSUE_TEMPLATE.md index 2729a6b..651f7a6 100644 --- a/.github/ISSUE_TEMPLATE.md +++ b/.github/ISSUE_TEMPLATE.md @@ -8,7 +8,7 @@ about: When creating a bug report, please use the following template to provide 1. *Read this whole template first.* 2. *Determine if you are on the right place:* - *If you were performing an action on the app from the webadmin or the CLI (install, update, backup, restore, change_url...), you are on the right place!* - - *Otherwise, the issue may be due to the app itself. Refer to its documentation or repository for help.* + - *Otherwise, the issue may be due to Discourse itself. Refer to its documentation or repository for help.* - *When in doubt, post here and we will figure it out together.* 3. *Delete the italic comments as you write over them below, and remove this guide.* --- diff --git a/README.md b/README.md index d070ecc..9f9510d 100644 --- a/README.md +++ b/README.md @@ -1,99 +1,99 @@ - - -# Discourse for YunoHost - -[![Integration level](https://dash.yunohost.org/integration/discourse.svg)](https://dash.yunohost.org/appci/app/discourse) ![](https://ci-apps.yunohost.org/ci/badges/discourse.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/discourse.maintain.svg) -[![Install Discourse with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=discourse) - -*[Lire ce readme en français.](./README_fr.md)* - -> *This package allows you to install Discourse quickly and simply on a YunoHost server. -If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/install) to learn how to install it.* - -## Overview - -Discussion platform - -**Shipped version:** 2.7.0~ynh1 - -**Demo:** https://try.discourse.org - -## Screenshots - -![](./doc/screenshots/screenshot.png) - -## Disclaimers / important information - -## Configuration - -Use the admin panel of your Discourse to configure this app. - -### Configuring "Reply-By-Email" - -* You should create a dedicated YunoHost user for Discourse whose mailbox will be used by the *Discourse* application. You can do this with `yunohost user create response`, for example. You should ensure that the email address is configured to be on your Discourse domain. - -* You should then configure your Discourse `/var/www/discourse/config/discourse.conf` file with the correct SMTP configuration values. Please see [this comment](https://github.com/YunoHost-Apps/discourse_ynh/issues/2#issuecomment-409510325) for an explanation of what values to change. Please be aware, when you update the application, you will have to re-apply this configuration. - -* You must enable the POP3 configuration for *Dovecot*. See [this thread](https://forum.yunohost.org/t/how-to-enable-pop3-in-yunohost/1662/2) on how to do that. You can validate your configuration with `systemctl restart dovecot && dovecot -n`. Don't forget to open the ports you need (`995` is the default). You can validate that with `nmap -p 995 yunohostdomain.org`. - -* You should then configure the Pop3 polling in the Discourse admin interface. Please see [this comment](https://meta.discourse.org/t/set-up-reply-via-email-support/14003) for how to do so. You will need to follow step 5 in that comment. You can specify your main Yunohost domain for the `pop3_polling_host`. - -You should now be able to start testing. Try using the `/admin/email` "Send Test Email" and then view the "Sent" or "Skipped" etc. tabs. You should see a report on what happened with the email. You may also want to look in `/var/www/discourse/log/production.log` as well as `/var/www/mail.err`. You should perhaps also use [Rainloop](https://github.com/YunoHost-Apps/rainloop_ynh) or another Yunohost email client application to quickly test that both your user and the dedicated Yunohost Discourse user (`response@...`) is receiving mail. - -### "Reply-By-Email" and mail forwarding - -If you use the administration UI in YunoHost to setup a mail forwarding address for your users then you may face the problem whereby your users are replying by email from the forwarded email address and the *Discourse* software is not able to understand how to receive that email. - -For example, your user has email address `foo@myyunohostdomain.org` and all mail is forwarded to `foo@theirexternalmail.com`. *Discourse* receives replies from `foo@theirexternalmail.com` but cannot understand how to deliver this to the user account with `foo@myyunohostdomain.org` configured. - -Their is on-going work to allow for [multiple email addresses for one user](https://meta.discourse.org/t/additional-email-address-per-user-account-support/59847) in Discourse development but at current major version (2.3 as of 2019-08-06), there is no web interface for this functionality. It is possible to set it up via the command-line interface but it is **experimental** and you should not undertake this work unless you take some time to understand what it is you are going to do. - -Here's how to setup a secondary mail address for a user account: - -```bash -$ cd /var/www/discourse -$ RAILS_ENV=production /opt/rbenv/versions/2.6.0/bin/bundle exec rails c -$ UserEmail.create!(user: User.find_by_username("foo"), email: "foo@theirexternalmail.com") -``` - -Discourse can now receive mail from `foo@theirexternalmail.com` and give it to the user account with mail address `foo@myyunohostdomain.org`. - -#### Multi-user support - -Supported, with LDAP and SSO. - -![Login Popup](https://raw.githubusercontent.com/jonmbake/screenshots/master/discourse-ldap-auth/login.png) - -Default administrator and YunoHost users must login using LDAP: -* click on the "with LDAP" button -* use your YunoHost credentials - -When disabling Local Login and other authentication services, clicking the `Login` or `Sign Up` button will directly bring up the LDAP Login popup. - -![Disable Local](https://raw.githubusercontent.com/jonmbake/screenshots/master/discourse-ldap-auth/disable_local.png) - -![LDAP Login Popup](https://raw.githubusercontent.com/jonmbake/screenshots/master/discourse-ldap-auth/ldap_popup.png) - - -## Documentation and resources - -* Official app website: http://Discourse.org -* Upstream app code repository: https://github.com/discourse/discourse -* YunoHost documentation for this app: https://yunohost.org/app_discourse -* Report a bug: https://github.com/YunoHost-Apps/discourse_ynh/issues - -## Developer info - -Please send your pull request to the [testing branch](https://github.com/YunoHost-Apps/discourse_ynh/tree/testing). - -To try the testing branch, please proceed like that. -``` -sudo yunohost app install https://github.com/YunoHost-Apps/discourse_ynh/tree/testing --debug -or -sudo yunohost app upgrade discourse -u https://github.com/YunoHost-Apps/discourse_ynh/tree/testing --debug -``` - -**More info regarding app packaging:** https://yunohost.org/packaging_apps \ No newline at end of file + + +# Discourse for YunoHost + +[![Integration level](https://dash.yunohost.org/integration/discourse.svg)](https://dash.yunohost.org/appci/app/discourse) ![](https://ci-apps.yunohost.org/ci/badges/discourse.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/discourse.maintain.svg) +[![Install Discourse with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=discourse) + +*[Lire ce readme en français.](./README_fr.md)* + +> *This package allows you to install Discourse quickly and simply on a YunoHost server. +If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/install) to learn how to install it.* + +## Overview + +Discussion platform + +**Shipped version:** 2.7.0~ynh1 + +**Demo:** https://try.discourse.org + +## Screenshots + +![](./doc/screenshots/screenshot.png) + +## Disclaimers / important information + +## Configuration + +Use the admin panel of your Discourse to configure this app. + +### Configuring "Reply-By-Email" + +* You should create a dedicated YunoHost user for Discourse whose mailbox will be used by the *Discourse* application. You can do this with `yunohost user create response`, for example. You should ensure that the email address is configured to be on your Discourse domain. + +* You should then configure your Discourse `/var/www/discourse/config/discourse.conf` file with the correct SMTP configuration values. Please see [this comment](https://github.com/YunoHost-Apps/discourse_ynh/issues/2#issuecomment-409510325) for an explanation of what values to change. Please be aware, when you update the application, you will have to re-apply this configuration. + +* You must enable the POP3 configuration for *Dovecot*. See [this thread](https://forum.yunohost.org/t/how-to-enable-pop3-in-yunohost/1662/2) on how to do that. You can validate your configuration with `systemctl restart dovecot && dovecot -n`. Don't forget to open the ports you need (`995` is the default). You can validate that with `nmap -p 995 yunohostdomain.org`. + +* You should then configure the Pop3 polling in the Discourse admin interface. Please see [this comment](https://meta.discourse.org/t/set-up-reply-via-email-support/14003) for how to do so. You will need to follow step 5 in that comment. You can specify your main Yunohost domain for the `pop3_polling_host`. + +You should now be able to start testing. Try using the `/admin/email` "Send Test Email" and then view the "Sent" or "Skipped" etc. tabs. You should see a report on what happened with the email. You may also want to look in `/var/www/discourse/log/production.log` as well as `/var/www/mail.err`. You should perhaps also use [Rainloop](https://github.com/YunoHost-Apps/rainloop_ynh) or another Yunohost email client application to quickly test that both your user and the dedicated Yunohost Discourse user (`response@...`) is receiving mail. + +### "Reply-By-Email" and mail forwarding + +If you use the administration UI in YunoHost to setup a mail forwarding address for your users then you may face the problem whereby your users are replying by email from the forwarded email address and the *Discourse* software is not able to understand how to receive that email. + +For example, your user has email address `foo@myyunohostdomain.org` and all mail is forwarded to `foo@theirexternalmail.com`. *Discourse* receives replies from `foo@theirexternalmail.com` but cannot understand how to deliver this to the user account with `foo@myyunohostdomain.org` configured. + +Their is on-going work to allow for [multiple email addresses for one user](https://meta.discourse.org/t/additional-email-address-per-user-account-support/59847) in Discourse development but at current major version (2.3 as of 2019-08-06), there is no web interface for this functionality. It is possible to set it up via the command-line interface but it is **experimental** and you should not undertake this work unless you take some time to understand what it is you are going to do. + +Here's how to setup a secondary mail address for a user account: + +```bash +$ cd /var/www/discourse +$ RAILS_ENV=production /opt/rbenv/versions/2.6.0/bin/bundle exec rails c +$ UserEmail.create!(user: User.find_by_username("foo"), email: "foo@theirexternalmail.com") +``` + +Discourse can now receive mail from `foo@theirexternalmail.com` and give it to the user account with mail address `foo@myyunohostdomain.org`. + +#### Multi-user support + +Supported, with LDAP and SSO. + +![Login Popup](https://raw.githubusercontent.com/jonmbake/screenshots/master/discourse-ldap-auth/login.png) + +Default administrator and YunoHost users must login using LDAP: +* click on the "with LDAP" button +* use your YunoHost credentials + +When disabling Local Login and other authentication services, clicking the `Login` or `Sign Up` button will directly bring up the LDAP Login popup. + +![Disable Local](https://raw.githubusercontent.com/jonmbake/screenshots/master/discourse-ldap-auth/disable_local.png) + +![LDAP Login Popup](https://raw.githubusercontent.com/jonmbake/screenshots/master/discourse-ldap-auth/ldap_popup.png) + + +## Documentation and resources + +* Official app website: http://Discourse.org +* Upstream app code repository: https://github.com/discourse/discourse +* YunoHost documentation for this app: https://yunohost.org/app_discourse +* Report a bug: https://github.com/YunoHost-Apps/discourse_ynh/issues + +## Developer info + +Please send your pull request to the [testing branch](https://github.com/YunoHost-Apps/discourse_ynh/tree/testing). + +To try the testing branch, please proceed like that. +``` +sudo yunohost app install https://github.com/YunoHost-Apps/discourse_ynh/tree/testing --debug +or +sudo yunohost app upgrade discourse -u https://github.com/YunoHost-Apps/discourse_ynh/tree/testing --debug +``` + +**More info regarding app packaging:** https://yunohost.org/packaging_apps diff --git a/check_process b/check_process index fe5c36d..654ee04 100644 --- a/check_process +++ b/check_process @@ -29,3 +29,5 @@ Notification=none manifest_arg=domain=DOMAIN&path=PATH&admin=USER&is_public=1& ; commit=086de718f49a506c66498d2f7610f5fd0ce07d50 name=2.3.10~ynh1 + ; commit=b2e6633e0145c7eed2eb8c645ca7dbbd6c26fc06 + name=2.6.0~ynh1 diff --git a/conf/systemd.service b/conf/systemd.service index 1962bc5..655e184 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -14,7 +14,7 @@ Environment=RAILS_ENV=production Environment=UNICORN_SIDEKIQS=1 Environment=LD_PRELOAD=__LIBJEMALLOC__ Environment=UNICORN_LISTENER=__FINALPATH__/tmp/sockets/unicorn.sock -ExecStart=__RBENVROOT__/shims/bundle exec unicorn --config config/unicorn.conf.rb -E production +ExecStart=__RBENV_ROOT__/shims/bundle exec unicorn --config config/unicorn.conf.rb -E production Restart=always RestartSec=10 diff --git a/manifest.json b/manifest.json index 663b43b..82a7f42 100644 --- a/manifest.json +++ b/manifest.json @@ -32,7 +32,7 @@ { "name": "domain", "type": "domain", - "example": "domain.org" + "example": "example.com" }, { "name": "path", @@ -43,7 +43,7 @@ { "name": "admin", "type": "user", - "example": "homer" + "example": "johndoe" }, { "name": "is_public", diff --git a/scripts/_common.sh b/scripts/_common.sh index ecc6bb3..e3c326c 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -4,7 +4,7 @@ # COMMON VARIABLES #================================================= -pkg_dependencies="g++ libjemalloc1|libjemalloc2 libjemalloc-dev zlib1g-dev libreadline-dev libpq-dev libssl-dev libyaml-dev libcurl4-openssl-dev libapr1-dev libxslt1-dev libxml2-dev vim imagemagick postgresql postgresql-server-dev-all postgresql-contrib optipng jhead jpegoptim gifsicle brotli" +pkg_dependencies="g++ libjemalloc1|libjemalloc2 libjemalloc-dev zlib1g-dev libreadline-dev libpq-dev libssl-dev libyaml-dev libcurl4-dev libapr1-dev libxslt1-dev libxml2-dev vim imagemagick postgresql postgresql-server-dev-all postgresql-contrib optipng jhead jpegoptim gifsicle brotli" RUBY_VERSION="2.7.1" @@ -163,46 +163,89 @@ ynh_maintenance_mode_OFF () { # RUBY HELPER #================================================= +ynh_ruby_try_bash_extension() { + if [ -x src/configure ]; then + src/configure && make -C src || { + ynh_print_info --message="Optional bash extension failed to build, but things will still work normally." + } + fi +} + rbenv_install_dir="/opt/rbenv" +ruby_version_path="$rbenv_install_dir/versions" # RBENV_ROOT is the directory of rbenv, it needs to be loaded as a environment variable. export RBENV_ROOT="$rbenv_install_dir" -# Install ruby version management +# Load the version of Ruby for an app, and set variables. # -# [internal] +# ynh_use_ruby has to be used in any app scripts before using Ruby for the first time. +# This helper will provide alias and variables to use in your scripts. # -# usage: ynh_install_rbenv -ynh_install_rbenv () { - echo "Installation of rbenv - ruby version management" >&2 - # Build an app.src for rbenv - mkdir -p "../conf" - echo "SOURCE_URL=https://github.com/rbenv/rbenv/archive/v1.1.2.tar.gz -SOURCE_SUM=80ad89ffe04c0b481503bd375f05c212bbc7d44ef5f5e649e0acdf25eba86736" > "../conf/rbenv.src" - # Download and extract rbenv - ynh_setup_source "$rbenv_install_dir" rbenv +# To use gem or Ruby, use the alias `ynh_gem` and `ynh_ruby` +# Those alias will use the correct version installed for the app +# For example: use `ynh_gem install` instead of `gem install` +# +# With `sudo` or `ynh_exec_as`, use instead the fallback variables `$ynh_gem` and `$ynh_ruby` +# And propagate $PATH to sudo with $ynh_ruby_load_path +# Exemple: `ynh_exec_as $app $ynh_ruby_load_path $ynh_gem install` +# +# $PATH contains the path of the requested version of Ruby. +# However, $PATH is duplicated into $ruby_path to outlast any manipulation of $PATH +# You can use the variable `$ynh_ruby_load_path` to quickly load your Ruby version +# in $PATH for an usage into a separate script. +# Exemple: $ynh_ruby_load_path $final_path/script_that_use_gem.sh` +# +# +# Finally, to start a Ruby service with the correct version, 2 solutions +# Either the app is dependent of Ruby or gem, but does not called it directly. +# In such situation, you need to load PATH +# `Environment="__YNH_RUBY_LOAD_ENV_PATH__"` +# `ExecStart=__FINALPATH__/my_app` +# You will replace __YNH_RUBY_LOAD_ENV_PATH__ with $ynh_ruby_load_path +# +# Or Ruby start the app directly, then you don't need to load the PATH variable +# `ExecStart=__YNH_RUBY__ my_app run` +# You will replace __YNH_RUBY__ with $ynh_ruby +# +# +# one other variable is also available +# - $ruby_path: The absolute path to Ruby binaries for the chosen version. +# +# usage: ynh_use_ruby +# +# Requires YunoHost version 2.7.12 or higher. +ynh_use_ruby () { + ruby_version=$(ynh_app_setting_get --app=$app --key=ruby_version) - # Build an app.src for ruby-build - mkdir -p "../conf" - echo "SOURCE_URL=https://github.com/rbenv/ruby-build/archive/v20200520.tar.gz -SOURCE_SUM=52be6908a94fbd4a94f5064e8b19d4a3baa4b773269c3884165518d83bcc8922" > "../conf/ruby-build.src" - # Download and extract ruby-build - ynh_setup_source "$rbenv_install_dir/plugins/ruby-build" ruby-build + # Get the absolute path of this version of Ruby + ruby_path="$ruby_version_path/$YNH_APP_INSTANCE_NAME/bin" - (cd $rbenv_install_dir - ./src/configure && make -C src) + # Allow alias to be used into bash script + shopt -s expand_aliases -# Create shims directory if needed -if [ ! -d $rbenv_install_dir/shims ] ; then - mkdir $rbenv_install_dir/shims -fi + # Create an alias for the specific version of Ruby and a variable as fallback + ynh_ruby="$ruby_path/ruby" + alias ynh_ruby="$ynh_ruby" + # And gem + ynh_gem="$ruby_path/gem" + alias ynh_gem="$ynh_gem" + + # Load the path of this version of Ruby in $PATH + if [[ :$PATH: != *":$ruby_path"* ]]; then + PATH="$ruby_path:$PATH" + fi + # Create an alias to easily load the PATH + ynh_ruby_load_path="PATH=$PATH" + + # Sets the local application-specific Ruby version + pushd $final_path + $rbenv_install_dir/bin/rbenv local $ruby_version + popd } -# Install a specific version of ruby +# Install a specific version of Ruby # -# ynh_install_ruby will install the version of ruby provided as argument by using rbenv. -# -# rbenv (ruby version management) stores the target ruby version in a .ruby_version file created in the target folder (using rbenv local ) -# It then uses that information for every ruby user that uses rbenv provided ruby command +# ynh_install_ruby will install the version of Ruby provided as argument by using rbenv. # # This helper creates a /etc/profile.d/rbenv.sh that configures PATH environment for rbenv # for every LOGIN user, hence your user must have a defined shell (as opposed to /usr/sbin/nologin) @@ -212,142 +255,215 @@ fi # When not possible (e.g. in systemd service definition), please use direct path # to rbenv shims (e.g. $RBENV_ROOT/shims/bundle) # -# usage: ynh_install_ruby ruby_version user +# usage: ynh_install_ruby --ruby_version=ruby_version # | arg: -v, --ruby_version= - Version of ruby to install. -# If possible, prefer to use major version number (e.g. 8 instead of 8.10.0). -# The crontab will handle the update of minor versions when needed. +# +# Requires YunoHost version 2.7.12 or higher. ynh_install_ruby () { - # Declare an array to define the options of this helper. - declare -Ar args_array=( [v]=ruby_version= ) - # Use rbenv, https://github.com/rbenv/rbenv to manage the ruby versions - local ruby_version - # Manage arguments with getopts - ynh_handle_getopts_args "$@" + # Declare an array to define the options of this helper. + local legacy_args=v + local -A args_array=( [v]=ruby_version= ) + local ruby_version + # Manage arguments with getopts + ynh_handle_getopts_args "$@" - # Create $rbenv_install_dir - mkdir -p "$rbenv_install_dir/plugins/ruby-build" + # Load rbenv path in PATH + local CLEAR_PATH="$rbenv_install_dir/bin:$PATH" - # Load rbenv path in PATH - CLEAR_PATH="$rbenv_install_dir/bin:$PATH" + # Remove /usr/local/bin in PATH in case of Ruby prior installation + PATH=$(echo $CLEAR_PATH | sed 's@/usr/local/bin:@@') - # Remove /usr/local/bin in PATH in case of ruby prior installation - PATH=$(echo $CLEAR_PATH | sed 's@/usr/local/bin:@@') + # Move an existing Ruby binary, to avoid to block rbenv + test -x /usr/bin/ruby && mv /usr/bin/ruby /usr/bin/ruby_rbenv - # Move an existing ruby binary, to avoid to block rbenv - test -x /usr/bin/ruby && mv /usr/bin/ruby /usr/bin/ruby_rbenv + # Install or update rbenv + rbenv="$(command -v rbenv $rbenv_install_dir/bin/rbenv | grep "$rbenv_install_dir/bin/rbenv" | head -1)" + if [ -n "$rbenv" ]; then + ynh_print_info --message="rbenv already seems installed in \`$rbenv'." + pushd "${rbenv%/*/*}" + if git remote -v 2>/dev/null | grep "https://github.com/rbenv/rbenv.git"; then + ynh_print_info --message="Trying to update with git..." + git pull -q --tags origin master + ynh_ruby_try_bash_extension + else + ynh_print_info --message="Reinstalling rbenv with git..." + cd .. + ynh_secure_remove --file=$rbenv_install_dir + mkdir -p $rbenv_install_dir + cd $rbenv_install_dir + git init -q + git remote add -f -t master origin https://github.com/rbenv/rbenv.git > /dev/null 2>&1 + git checkout -q -b master origin/master + ynh_ruby_try_bash_extension + rbenv=$rbenv_install_dir/bin/rbenv + fi + popd + else + ynh_print_info --message="Installing rbenv with git..." + mkdir -p $rbenv_install_dir + pushd $rbenv_install_dir + git init -q + git remote add -f -t master origin https://github.com/rbenv/rbenv.git > /dev/null 2>&1 + git checkout -q -b master origin/master + ynh_ruby_try_bash_extension + rbenv=$rbenv_install_dir/bin/rbenv + popd + fi - # If rbenv is not previously setup, install it - if ! type rbenv > /dev/null 2>&1 - then - ynh_install_rbenv - elif dpkg --compare-versions "$($rbenv_install_dir/bin/rbenv --version | cut -d" " -f2)" lt "1.1.2" - then - ynh_install_rbenv - elif dpkg --compare-versions "$($rbenv_install_dir/plugins/ruby-build/bin/ruby-build --version | cut -d" " -f2)" lt "20200520" - then - ynh_install_rbenv - fi + ruby_build="$(command -v "$rbenv_install_dir"/plugins/*/bin/rbenv-install rbenv-install | head -1)" + if [ -n "$ruby_build" ]; then + ynh_print_info --message="\`rbenv install' command already available in \`$ruby_build'." + pushd "${ruby_build%/*/*}" + if git remote -v 2>/dev/null | grep "https://github.com/rbenv/ruby-build.git"; then + ynh_print_info --message="Trying to update rbenv with git..." + git pull -q origin master + fi + popd + else + ynh_print_info --message="Installing ruby-build with git..." + mkdir -p "${rbenv_install_dir}/plugins" + git clone -q https://github.com/rbenv/ruby-build.git "${rbenv_install_dir}/plugins/ruby-build" + fi - # Restore /usr/local/bin in PATH (if needed) - PATH=$CLEAR_PATH + rbenv_alias="$(command -v "$rbenv_install_dir"/plugins/*/bin/rbenv-alias rbenv-alias | head -1)" + if [ -n "$rbenv_alias" ]; then + ynh_print_info --message="\`rbenv alias' command already available in \`$rbenv_alias'." + pushd "${rbenv_alias%/*/*}" + if git remote -v 2>/dev/null | grep "https://github.com/tpope/rbenv-aliases.git"; then + ynh_print_info --message="Trying to update rbenv-aliases with git..." + git pull -q origin master + fi + popd + else + ynh_print_info --message="Installing rbenv-aliases with git..." + mkdir -p "${rbenv_install_dir}/plugins" + git clone -q https://github.com/tpope/rbenv-aliases.git "${rbenv_install_dir}/plugins/rbenv-aliase" + fi - # And replace the old ruby binary - test -x /usr/bin/ruby_rbenv && mv /usr/bin/ruby_rbenv /usr/bin/ruby + rbenv_latest="$(command -v "$rbenv_install_dir"/plugins/*/bin/rbenv-latest rbenv-latest | head -1)" + if [ -n "$rbenv_latest" ]; then + ynh_print_info --message="\`rbenv latest' command already available in \`$rbenv_latest'." + pushd "${rbenv_latest%/*/*}" + if git remote -v 2>/dev/null | grep "https://github.com/momo-lab/xxenv-latest.git"; then + ynh_print_info --message="Trying to update xxenv-latest with git..." + git pull -q origin master + fi + popd + else + ynh_print_info --message="Installing xxenv-latest with git..." + mkdir -p "${rbenv_install_dir}/plugins" + git clone -q https://github.com/momo-lab/xxenv-latest.git "${rbenv_install_dir}/plugins/xxenv-latest" + fi - # Install the requested version of ruby - CONFIGURE_OPTS="--disable-install-doc --with-jemalloc" MAKE_OPTS="-j2" rbenv install --skip-existing $ruby_version + # Enable caching + mkdir -p "${rbenv_install_dir}/cache" - # Store the ID of this app and the version of ruby requested for it - echo "$YNH_APP_ID:$ruby_version" | tee --append "$rbenv_install_dir/ynh_app_version" + # Create shims directory if needed + mkdir -p "${rbenv_install_dir}/shims" - # Store ruby_version into the config of this app - ynh_app_setting_set $app ruby_version $ruby_version + # Restore /usr/local/bin in PATH + PATH=$CLEAR_PATH - # Set environment for ruby users - echo "#rbenv + # And replace the old Ruby binary + test -x /usr/bin/ruby_rbenv && mv /usr/bin/ruby_rbenv /usr/bin/ruby + + # Install the requested version of Ruby + local final_ruby_version=$(rbenv latest --print $ruby_version) + if ! [ -n "$final_ruby_version" ]; then + final_ruby_version=$ruby_version + fi + ynh_print_info --message="Installing Ruby-$final_ruby_version" + CONFIGURE_OPTS="--disable-install-doc --with-jemalloc" MAKE_OPTS="-j2" rbenv install --skip-existing $final_ruby_version > /dev/null 2>&1 + + # Store ruby_version into the config of this app + ynh_app_setting_set --app=$YNH_APP_INSTANCE_NAME --key=ruby_version --value=$final_ruby_version + + # Remove app virtualenv + if `rbenv alias --list | grep --quiet "$YNH_APP_INSTANCE_NAME " 1>/dev/null 2>&1` + then + rbenv alias $YNH_APP_INSTANCE_NAME --remove + fi + + # Create app virtualenv + rbenv alias $YNH_APP_INSTANCE_NAME $final_ruby_version + + # Cleanup Ruby versions + ynh_cleanup_ruby + + # Set environment for Ruby users + echo "#rbenv export RBENV_ROOT=$rbenv_install_dir export PATH=\"$rbenv_install_dir/bin:$PATH\" eval \"\$(rbenv init -)\" #rbenv" > /etc/profile.d/rbenv.sh - # Load the right environment for the Installation - eval "$(rbenv init -)" - - (cd $final_path - rbenv local $ruby_version) + # Load the environment + eval "$(rbenv init -)" } -# Remove the version of ruby used by the app. +# Remove the version of Ruby used by the app. # -# This helper will check if another app uses the same version of ruby, -# if not, this version of ruby will be removed. -# If no other app uses ruby, rbenv will be also removed. +# This helper will also cleanup Ruby versions # # usage: ynh_remove_ruby ynh_remove_ruby () { - ruby_version=$(ynh_app_setting_get $app ruby_version) + local ruby_version=$(ynh_app_setting_get --app=$YNH_APP_INSTANCE_NAME --key=ruby_version) - # Remove the line for this app - sed --in-place "/$YNH_APP_ID:$ruby_version/d" "$rbenv_install_dir/ynh_app_version" + # Load rbenv path in PATH + local CLEAR_PATH="$rbenv_install_dir/bin:$PATH" - # If no other app uses this version of ruby, remove it. - if ! grep --quiet "$ruby_version" "$rbenv_install_dir/ynh_app_version" - then - $rbenv_install_dir/bin/rbenv uninstall --force $ruby_version - fi + # Remove /usr/local/bin in PATH in case of Ruby prior installation + PATH=$(echo $CLEAR_PATH | sed 's@/usr/local/bin:@@') - # Remove rbenv environment configuration - rm /etc/profile.d/rbenv.sh + rbenv alias $YNH_APP_INSTANCE_NAME --remove - # If no other app uses rbenv, remove rbenv and dedicated group - if [ ! -s "$rbenv_install_dir/ynh_app_version" ] - then - ynh_secure_remove "$rbenv_install_dir" - fi + # Remove the line for this app + ynh_app_setting_delete --app=$YNH_APP_INSTANCE_NAME --key=ruby_version + + # Cleanup Ruby versions + ynh_cleanup_ruby } -# Remove the version of ruby used by the app. +# Remove no more needed versions of Ruby used by the app. # -# This helper will check if another app uses the same version of ruby, -# if not, this version of ruby will be removed. -# If no other app uses ruby, rbenv will be also removed. +# This helper will check what Ruby version are no more required, +# and uninstall them +# If no app uses Ruby, rbenv will be also removed. # -# usage: ynh_remove_ruby -ynh_remove_ruby () { - ruby_version=$(ynh_app_setting_get $app ruby_version) +# usage: ynh_cleanup_ruby +ynh_cleanup_ruby () { - # Remove the line for this app - sed --in-place "/$YNH_APP_ID:$ruby_version/d" "$rbenv_install_dir/ynh_app_version" + # List required Ruby versions + local installed_apps=$(yunohost app list | grep -oP 'id: \K.*$') + local required_ruby_versions="" + for installed_app in $installed_apps + do + local installed_app_ruby_version=$(ynh_app_setting_get --app=$installed_app --key="ruby_version") + if [[ $installed_app_ruby_version ]] + then + required_ruby_versions="${installed_app_ruby_version}\n${required_ruby_versions}" + fi + done + + # Remove no more needed Ruby versions + local installed_ruby_versions=$(rbenv versions --bare --skip-aliases | grep -Ev '/') + for installed_ruby_version in $installed_ruby_versions + do + if ! `echo ${required_ruby_versions} | grep "${installed_ruby_version}" 1>/dev/null 2>&1` + then + ynh_print_info --message="Removing of Ruby-$installed_ruby_version" + $rbenv_install_dir/bin/rbenv uninstall --force $installed_ruby_version + fi + done - # If no other app uses this version of ruby, remove it. - if ! grep --quiet "$ruby_version" "$rbenv_install_dir/ynh_app_version" - then - $rbenv_install_dir/bin/rbenv uninstall --force $ruby_version - fi - - # Remove rbenv environment configuration - rm /etc/profile.d/rbenv.sh - - # If no other app uses rbenv, remove rbenv and dedicated group - if [ ! -s "$rbenv_install_dir/ynh_app_version" ] - then - ynh_secure_remove "$rbenv_install_dir" - fi -} - -# Returns true if upstream version is up to date -# -# This helper should be used to avoid an upgrade of the upstream version -# when it's not needed (but yet allowing to upgrade other parts of the -# YunoHost application (e.g. nginx conf) -# -# usage: ynh_is_upstream_up_to_date (returns a boolean) -ynh_is_upstream_up_to_date () { - local version=$(ynh_read_manifest "/etc/yunohost/apps/$YNH_APP_INSTANCE_NAME/manifest.json" "version" || echo 1.0) - version="${version/~ynh*/}" - local last_version=$(ynh_read_manifest "../manifest.json" "version" || echo 1.0) - last_version="${last_version/~ynh*/}" - [ "$version" = "$last_version" ] + # If none Ruby version is required + if [[ ! $required_ruby_versions ]] + then + # Remove rbenv environment configuration + ynh_print_info --message="Removing of rbenv-$rbenv_version" + ynh_secure_remove --file="$rbenv_install_dir" + ynh_secure_remove --file="/etc/profile.d/rbenv.sh" + fi } #================================================= diff --git a/scripts/backup b/scripts/backup index 18653c8..1f4c370 100644 --- a/scripts/backup +++ b/scripts/backup @@ -6,7 +6,7 @@ # IMPORT GENERIC HELPERS #================================================= -#Keep this path for calling _common.sh inside the execution's context of backup and restore scripts +# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers @@ -15,7 +15,6 @@ source /usr/share/yunohost/helpers #================================================= ynh_clean_setup () { - # Clean remainings not handled by remove script ynh_clean_check_starting } # Exit if an error occurs during the execution of the script diff --git a/scripts/change_url b/scripts/change_url index b163620..1a5dbd5 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -36,9 +36,9 @@ db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd) unicorn_workers=$(ynh_app_setting_get --app=$app --key=unicorn_workers) #================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP #================================================= -ynh_script_progression --message="Backing up the app before changing its url (may take a while)..." +ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." # Backup the current version of the app ynh_backup_before_upgrade @@ -46,7 +46,7 @@ ynh_clean_setup () { # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location. ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" - # restore it if the upgrade fails + # Restore it if the upgrade fails ynh_restore_upgradebackup } # Exit if an error occurs during the execution of the script @@ -80,19 +80,19 @@ ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app #================================================= # MODIFY URL IN NGINX CONF #================================================= -ynh_script_progression --message="Updating nginx web server configuration..." +ynh_script_progression --message="Updating NGINX web server configuration..." nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf -# Change the path in the nginx config file +# Change the path in the NGINX config file if [ $change_path -eq 1 ] then - # Make a backup of the original nginx config file if modified + # Make a backup of the original NGINX config file if modified ynh_backup_if_checksum_is_different --file="$nginx_conf_path" - # Set global variables for nginx helper + # Set global variables for NGINX helper domain="$old_domain" path_url="$new_path" - # Create a dedicated nginx config + # Create a dedicated NGINX config ynh_add_nginx_config # Reference: https://meta.discourse.org/t/subfolder-support-with-docker/30507?u=falco&source_topic_id=54191 if [ "$path_url" != "/" ] ; then @@ -101,14 +101,14 @@ then ynh_store_file_checksum --file="/etc/nginx/conf.d/$domain.d/$app.conf" fi -# Change the domain for nginx +# Change the domain for NGINX if [ $change_domain -eq 1 ] then - # Delete file checksum for the old conf file location - ynh_delete_file_checksum --file="$nginx_conf_path" - mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf - # Store file checksum for the new config file location - ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" + # Delete file checksum for the old conf file location + ynh_delete_file_checksum --file="$nginx_conf_path" + mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf + # Store file checksum for the new config file location + ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" fi #================================================= @@ -128,8 +128,9 @@ ynh_store_file_checksum --file="$discourse_config_file" ynh_psql_connect_as --user=$db_user --password=$db_pwd --database=$db_name <<< "UPDATE site_settings SET value = replace(value, '${old_path%/}/images/', '${new_path%/}/images/'); UPDATE site_settings SET value = '${new_path}' WHERE name='long_polling_base_url';" +ynh_use_ruby # Remap URLs in forum posts -exec_login_as $app RAILS_ENV=production bundle exec script/discourse remap ${old_path%/}/uploads ${new_path%/}/uploads <<< "YES +exec_login_as $app RAILS_ENV=production bin/bundle exec script/discourse remap ${old_path%/}/uploads ${new_path%/}/uploads <<< "YES # " rake_exec="exec_login_as $app RAILS_ENV=production bin/rake" @@ -153,7 +154,7 @@ ynh_systemd_action --service_name=$app --action="start" --log_path="$final_path/ #================================================= # RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading nginx web server..." +ynh_script_progression --message="Reloading NGINX web server..." ynh_systemd_action --service_name=nginx --action=reload diff --git a/scripts/install b/scripts/install index b34934f..474a44f 100644 --- a/scripts/install +++ b/scripts/install @@ -62,6 +62,15 @@ ynh_app_setting_set --app=$app --key=admin --value=$admin ynh_script_progression --message="Installing dependencies..." ynh_install_app_dependencies $pkg_dependencies +ynh_install_ruby --ruby_version=$RUBY_VERSION + +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Configuring system user..." + +# Create a system user +ynh_system_user_create --username=$app --home_dir="$final_path" --use_shell #================================================= # CREATE A POSTGRESQL DATABASE @@ -86,11 +95,11 @@ ynh_script_progression --message="Setting up source files..." # Specific actions on ARM architecture if [ -n "$(uname -m | grep arm)" ] ; then - # Unapply commit cf9b4a789b855b5199e98a13424e409854a8e848 that breaks ARM - # compatibility by pointing to a recent libv8 version - # This is due to this libv8 issue (https://github.com/cowboyd/libv8/issues/261) - # that prevents it from being compiled on ARM hence no binary gem is available yet - cp ../sources/patches_arm/* ../sources/patches + # Unapply commit cf9b4a789b855b5199e98a13424e409854a8e848 that breaks ARM + # compatibility by pointing to a recent libv8 version + # This is due to this libv8 issue (https://github.com/cowboyd/libv8/issues/261) + # that prevents it from being compiled on ARM hence no binary gem is available yet + cp ../sources/patches_arm/* ../sources/patches fi ynh_app_setting_set --app=$app --key=final_path --value=$final_path @@ -101,35 +110,24 @@ ynh_setup_source --dest_dir="$final_path" mkdir -p "$final_path/plugins/discourse-ldap-auth" ynh_setup_source --dest_dir="$final_path/plugins/discourse-ldap-auth" --source_id=ldap-auth -#================================================= -# INSTALL RUBY -#================================================= -ynh_script_progression --message="Installing Ruby..." - -ynh_install_ruby --ruby_version=$RUBY_VERSION +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" #================================================= # NGINX CONFIGURATION #================================================= ynh_script_progression --message="Configuring NGINX web server..." -# Create a dedicated nginx config +# Create a dedicated NGINX config ynh_add_nginx_config # Reference: https://meta.discourse.org/t/subfolder-support-with-docker/30507?u=falco&source_topic_id=54191 if [ "$path_url" != "/" ] ; then - ynh_replace_string --match_string='$proxy_add_x_forwarded_for' --replace_string='$http_your_original_ip_header' --target_file="/etc/nginx/conf.d/$domain.d/$app.conf" + ynh_replace_string --match_string='$proxy_add_x_forwarded_for' --replace_string='$http_your_original_ip_header' --target_file="/etc/nginx/conf.d/$domain.d/$app.conf" fi ynh_store_file_checksum --file="/etc/nginx/conf.d/$domain.d/$app.conf" -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." - -# Create a system user -ynh_system_user_create --username=$app --home_dir=$final_path --use_shell - #================================================= # SPECIFIC SETUP #================================================= @@ -188,39 +186,40 @@ echo "svgo: false" > $final_path/.image_optim.yml ynh_script_progression --message="Setting up Unicorn..." # Set a secret value -cp ../conf/secrets.yml "$final_path/config/secrets.yml" -ynh_replace_string --match_string="__SECRET__" --replace_string="$(ynh_string_random)" --target_file="$final_path/config/secrets.yml" -# Calculate and store the config file checksum -ynh_store_file_checksum --file="$final_path/config/secrets.yml" +secret="$(ynh_string_random)" +ynh_add_config --template="../conf/secrets.yml" --destination="$final_path/config/secrets.yml" # Set permissions to app files -chown -R $app: $final_path +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" pushd "$final_path" - # Install bundler, a gems installer - gem install bundler - # Install without documentation - exec_as $app echo "gem: --no-ri --no-rdoc" >> "$final_path/.gemrc" + ynh_use_ruby + # Install bundler, a gems installer + ynh_gem install bundler + # Install without documentation + exec_as $app echo "gem: --no-ri --no-rdoc" >> "$final_path/.gemrc" popd # Specific actions on ARM architecture if [ -n "$(uname -m | grep arm)" ] ; then - # Define the platform specifically to retrieve binaries - # for libv8 because it currently doesn't compile on ARM devices - exec_login_as $app bundle config specific_platform arm-linux + # Define the platform specifically to retrieve binaries + # for libv8 because it currently doesn't compile on ARM devices + exec_login_as $app bin/bundle config specific_platform arm-linux fi # Install dependencies -exec_login_as $app bundle config set path 'vendor/bundle' -exec_login_as $app bundle config set with 'development' -exec_login_as $app MAKEFLAGS=-j2 bundle install --jobs 2 +exec_login_as $app bin/bundle config set path 'vendor/bundle' +exec_login_as $app bin/bundle config set with 'development' +exec_login_as $app MAKEFLAGS=-j2 bin/bundle install --jobs 2 # On ARM architecture, replace bundled libpsl by system native libpsl # because the provided binary isn't compatible if [ -n "$(uname -m | grep arm)" ] ; then - (cd $final_path/vendor/bundle/ruby/*/gems/mini_suffix-*/vendor - rm libpsl.so - ln -s $(ldconfig -p | grep libpsl | awk 'END {print $NF}') libpsl.so) + (cd $final_path/vendor/bundle/ruby/*/gems/mini_suffix-*/vendor + rm libpsl.so + ln -s $(ldconfig -p | grep libpsl | awk 'END {print $NF}') libpsl.so) fi #================================================= @@ -281,7 +280,7 @@ patch -p1 < $YNH_CWD/../conf/ldap-auth-fix-subfolder.patch) #================================================= ynh_script_progression --message="Configuring a systemd service..." -ynh_replace_string --match_string="__RBENVROOT__" --replace_string="$RBENV_ROOT" --target_file="../conf/systemd.service" +ynh_replace_string --match_string="__RBENV_ROOT__" --replace_string="$RBENV_ROOT" --target_file="../conf/systemd.service" # We assume for the moment that ARM devices are only dual core, so # we restrict the number of workers to 2 (the default is 3) @@ -317,11 +316,9 @@ mkdir -p "public/forum" cd public/forum && ln -s ../uploads && ln -s ../backups ) -# Set permissions to app files -chown -R $app: $final_path - -# Restrict rights to log directory (needed by logrotate) -chmod g-w $final_path/log +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" #================================================= # SETUP LOGROTATE @@ -356,14 +353,13 @@ ynh_script_progression --message="Configuring permissions..." # Make app public if necessary if [ $is_public -eq 1 ] then - # unprotected_uris allows SSO credentials to be passed anyway. ynh_permission_update --permission="main" --add="visitors" fi #================================================= # RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading nginx web server..." +ynh_script_progression --message="Reloading NGINX web server..." ynh_systemd_action --service_name=nginx --action=reload diff --git a/scripts/remove b/scripts/remove index 73a031d..9f8a08c 100644 --- a/scripts/remove +++ b/scripts/remove @@ -28,10 +28,10 @@ redis_db=$(ynh_app_setting_get --app=$app --key=redis_db) # REMOVE SERVICE INTEGRATION IN YUNOHOST #================================================= -# Remove the service from the list of services known by Yunohost (added from `yunohost service add`) +# Remove the service from the list of services known by YunoHost (added from `yunohost service add`) if ynh_exec_warn_less yunohost service status $app >/dev/null then - ynh_script_progression --message="Removing $app service..." + ynh_script_progression --message="Removing $app service integration..." yunohost service remove $app fi @@ -84,9 +84,9 @@ ynh_secure_remove --file="$final_path" #================================================= # REMOVE NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Removing nginx web server configuration..." +ynh_script_progression --message="Removing NGINX web server configuration..." -# Remove the dedicated nginx config +# Remove the dedicated NGINX config ynh_remove_nginx_config #================================================= diff --git a/scripts/restore b/scripts/restore index 8317aed..22feb02 100644 --- a/scripts/restore +++ b/scripts/restore @@ -6,7 +6,7 @@ # IMPORT GENERIC HELPERS #================================================= -#Keep this path for calling _common.sh inside the execution's context of backup and restore scripts +# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers @@ -15,7 +15,6 @@ source /usr/share/yunohost/helpers #================================================= ynh_clean_setup () { - # Clean remainings not handled by remove script ynh_clean_check_starting } # Exit if an error occurs during the execution of the script @@ -24,7 +23,7 @@ ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading settings..." +ynh_script_progression --message="Loading installation settings..." app=$YNH_APP_INSTANCE_NAME @@ -52,10 +51,18 @@ check_memory_requirements #================================================= # RESTORE THE NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Restoring the nginx configuration..." +ynh_script_progression --message="Restoring the NGINX web server configuration..." ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" +#================================================= +# RECREATE THE DEDICATED USER +#================================================= +ynh_script_progression --message="Recreating the dedicated system user..." + +# Create the dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" --use_shell + #================================================= # RESTORE THE APP MAIN DIR #================================================= @@ -63,21 +70,9 @@ ynh_script_progression --message="Restoring the app main directory..." ynh_restore_file --origin_path="$final_path" -#================================================= -# RECREATE THE DEDICATED USER -#================================================= -ynh_script_progression --message="Recreating the dedicated system user..." - -# Create the dedicated user (if not existing) -ynh_system_user_create --username=$app --home_dir=$final_path --use_shell - -#================================================= -# RESTORE USER RIGHTS -#================================================= -ynh_script_progression --message="Restoring user rights..." - -# Restore permissions on app files -chown -R $app: $final_path +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" #================================================= # SPECIFIC RESTORATION @@ -88,12 +83,6 @@ ynh_script_progression --message="Reinstalling dependencies..." # Define and install dependencies ynh_install_app_dependencies $pkg_dependencies - -#================================================= -# INSTALL RUBY -#================================================= -ynh_script_progression --message="Install Ruby..." - ynh_install_ruby --ruby_version=$RUBY_VERSION #================================================= @@ -101,8 +90,10 @@ ynh_install_ruby --ruby_version=$RUBY_VERSION #================================================= ynh_script_progression --message="Reinstall Bundle Gem..." -(cd "$final_path" -gem install bundler) +pushd "$final_path" + ynh_use_ruby + ynh_gem install bundler +popd #================================================= # RESTORE THE POSTGRESQL DATABASE @@ -124,8 +115,7 @@ ynh_psql_execute_file_as_root --file="./db.sql" --database="$db_name" ynh_script_progression --message="Restoring the systemd configuration..." ynh_restore_file --origin_path="/etc/systemd/system/$app.service" -systemctl daemon-reload -systemctl enable $app.service +systemctl enable $app.service --quiet #================================================= # INTEGRATE SERVICE IN YUNOHOST @@ -150,7 +140,7 @@ ynh_systemd_action --service_name=$app --action="start" --log_path="$final_path/ #================================================= # RESTORE THE LOGROTATE CONFIGURATION #================================================= -ynh_script_progression --message="Restoring logrotate configuration..." +ynh_script_progression --message="Restoring the logrotate configuration..." ynh_restore_file --origin_path="/etc/logrotate.d/$app" @@ -159,7 +149,7 @@ ynh_restore_file --origin_path="/etc/logrotate.d/$app" #================================================= # RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading nginx web server..." +ynh_script_progression --message="Reloading NGINX web server..." ynh_systemd_action --service_name=nginx --action=reload diff --git a/scripts/upgrade b/scripts/upgrade index a951952..bb7afcd 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -69,7 +69,8 @@ ynh_script_progression --message="Backing up the app before upgrading (may take # Backup the current version of the app ynh_backup_before_upgrade ynh_clean_setup () { - # restore it if the upgrade fails + ynh_clean_check_starting + # Restore it if the upgrade fails ynh_restore_upgradebackup } # Exit if an error occurs during the execution of the script @@ -91,6 +92,14 @@ ynh_script_progression --message="Stopping a systemd service..." ynh_systemd_action --service_name=$app --action="stop" --log_path="$final_path/log/unicorn.stderr.log" +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Making sure dedicated system user exists..." + +# Create a dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" --use_shell + #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -154,17 +163,21 @@ then ynh_setup_source --dest_dir="$final_path/plugins/discourse-ldap-auth" --source_id=ldap-auth fi +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + #================================================= # NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Upgrading nginx web server configuration..." +ynh_script_progression --message="Upgrading NGINX web server configuration..." -# Create a dedicated nginx config +# Create a dedicated NGINX config ynh_add_nginx_config # Reference: https://meta.discourse.org/t/subfolder-support-with-docker/30507?u=falco&source_topic_id=54191 if [ "$path_url" != "/" ] ; then - ynh_replace_string --match_string='$proxy_add_x_forwarded_for' --replace_string='$http_your_original_ip_header' --target_file="/etc/nginx/conf.d/$domain.d/$app.conf" + ynh_replace_string --match_string='$proxy_add_x_forwarded_for' --replace_string='$http_your_original_ip_header' --target_file="/etc/nginx/conf.d/$domain.d/$app.conf" fi ynh_store_file_checksum --file="/etc/nginx/conf.d/$domain.d/$app.conf" @@ -173,22 +186,9 @@ ynh_store_file_checksum --file="/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= ynh_script_progression --message="Upgrading dependencies..." -ynh_install_app_dependencies "$pkg_dependencies" - -#================================================= -# INSTALL RUBY -#================================================= -ynh_script_progression --message="Installing Ruby..." - +ynh_install_app_dependencies $pkg_dependencies ynh_install_ruby --ruby_version=$RUBY_VERSION - -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Making sure dedicated system user exists..." - -# Create a dedicated user (if not existing) -ynh_system_user_create --username=$app --home_dir=$final_path --use_shell +ynh_use_ruby #================================================= # SPECIFIC UPGRADE @@ -259,49 +259,43 @@ then # Make a backup of the original config file if modified ynh_backup_if_checksum_is_different "$unicorn_config_file" - # Calculate and store the config file checksum + # Calculate and store the config file checksum ynh_store_file_checksum --file="$unicorn_config_file" - secret_config_file="$final_path/config/secrets.yml" - # Make a backup of the original config file if modified - ynh_backup_if_checksum_is_different "$secret_config_file" - - # Set a secret value - cp ../conf/secrets.yml "$final_path/config/secrets.yml" - ynh_replace_string --match_string="__SECRET__" --replace_string="$(ynh_string_random)" --target_file="$secret_config_file" - - # Calculate and store the config file checksum - ynh_store_file_checksum --file="$secret_config_file" + secret="$(ynh_string_random)" + ynh_add_config --template="../conf/secrets.yml" --destination="$final_path/config/secrets.yml" # Set permissions to app files - chown -R $app: $final_path + chmod 750 "$final_path" + chmod -R o-rwx "$final_path" + chown -R $app:www-data "$final_path" - ( - cd "$final_path" + pushd "$final_path" # Install bundler, a gems installer - gem install bundler + ynh_gem install bundler # Install without documentation exec_as $app echo "gem: --no-ri --no-rdoc" >> "$final_path/.gemrc" - ) + popd + # Specific actions on ARM architecture if [ -n "$(uname -m | grep arm)" ] ; then - # Define the platform specifically to retrieve binaries - # for libv8 because it currently doesn't compile on ARM devices - exec_login_as $app bundle config specific_platform arm-linux + # Define the platform specifically to retrieve binaries + # for libv8 because it currently doesn't compile on ARM devices + exec_login_as $app bin/bundle config specific_platform arm-linux fi # Install dependencies - exec_login_as $app bundle config set path 'vendor/bundle' - exec_login_as $app bundle config set with 'development' - exec_login_as $app MAKEFLAGS=-j2 bundle install --jobs 2 + exec_login_as $app bin/bundle config set path 'vendor/bundle' + exec_login_as $app bin/bundle config set with 'development' + exec_login_as $app MAKEFLAGS=-j2 bin/bundle install --jobs 2 # On ARM architecture, replace bundled libpsl by system native libpsl # because the provided binary isn't compatible if [ -n "$(uname -m | grep arm)" ] ; then - ( - cd $final_path/vendor/bundle/ruby/*/gems/mini_suffix-*/vendor - rm libpsl.so - ln -s $(ldconfig -p | grep libpsl | awk 'END {print $NF}') libpsl.so - ) + ( + cd $final_path/vendor/bundle/ruby/*/gems/mini_suffix-*/vendor + rm libpsl.so + ln -s $(ldconfig -p | grep libpsl | awk 'END {print $NF}') libpsl.so + ) fi fi @@ -338,11 +332,12 @@ fi #================================================= # SETUP SYSTEMD #================================================= + if [ "$upgrade_type" == "UPGRADE_APP" ] then ynh_script_progression --message="Configuring a systemd service..." - ynh_replace_string --match_string="__RBENVROOT__" --replace_string="$RBENV_ROOT" --target_file="../conf/systemd.service" + ynh_replace_string --match_string="__RBENV_ROOT__" --replace_string="$RBENV_ROOT" --target_file="../conf/systemd.service" additional_env="UNICORN_WORKERS=$unicorn_workers" ynh_replace_string --match_string="__ADDITIONAL_ENV__" --replace_string="$additional_env" --target_file="../conf/systemd.service" @@ -376,9 +371,19 @@ mkdir -p "$final_path/tmp/sockets" ) # Set permissions to app files -chown -R $app: $final_path -# Restrict rights to log directory (needed by logrotate) -chmod g-w $final_path/log +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + +#================================================= +# SETUP LOGROTATE +#================================================= +ynh_script_progression --message="Upgrading logrotate configuration..." + +# Use logrotate to manage app-specific logfile(s) +ynh_use_logrotate --logfile="$final_path/log/unicorn.stderr.log" +ynh_use_logrotate --logfile="$final_path/log/unicorn.stdout.log" +ynh_use_logrotate --logfile="$final_path/log/production.log" #================================================= # INTEGRATE SERVICE IN YUNOHOST @@ -392,7 +397,6 @@ yunohost service add $app --log "$final_path/log/unicorn.stderr.log" "$final_pat #================================================= ynh_script_progression --message="Starting a systemd service..." -# Wait for discourse to be fully started ynh_systemd_action --service_name=$app --action="start" --log_path="$final_path/log/unicorn.stderr.log" --line_match="INFO -- : worker=$((unicorn_workers-1)) ready" #================================================= @@ -405,7 +409,7 @@ ynh_maintenance_mode_OFF #================================================= # RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading nginx web server..." +ynh_script_progression --message="Reloading NGINX web server..." ynh_systemd_action --service_name=nginx --action=reload