diff --git a/check_process b/check_process index 8373ca4..88f8583 100644 --- a/check_process +++ b/check_process @@ -1,17 +1,16 @@ ;; Test complet ; Manifest domain="domain.tld" - path="/path" - admin="john" is_public=1 ; Checks pkg_linter=1 - setup_sub_dir=1 + setup_sub_dir=0 setup_root=1 setup_nourl=0 setup_private=1 setup_public=1 upgrade=1 + # 0.7~ynh1 upgrade=1 from_commit=bb833bf6d91735f09c9f5f362f38636e86be5337 backup_restore=1 multi_instance=0 @@ -19,7 +18,3 @@ ;;; Options Email= Notification=none -;;; Upgrade options - ; commit=bb833bf6d91735f09c9f5f362f38636e86be5337 - name=Merge pull request #6 from YunoHost-Apps/testing - manifest_arg=domain=DOMAIN&path=PATH&admin=USER&language=fr&is_public=1&password=pass&port=666& \ No newline at end of file diff --git a/conf/nginx.conf b/conf/nginx.conf index 4dccb14..638add7 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,4 +1,5 @@ -location / { +#sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; +location __PATH__/ { proxy_pass http://127.0.0.1:__PORT__/; proxy_http_version 1.1; @@ -8,5 +9,5 @@ location / { proxy_set_header Host $host; # Include SSOWAT user panel. - include conf.d/yunohost_panel.conf.inc; + #include conf.d/yunohost_panel.conf.inc; } diff --git a/conf/systemd.service b/conf/systemd.service index faef750..be57bc8 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -14,7 +14,7 @@ StartLimitInterval=60s StartLimitBurst=3 # Sandboxing options to harden security -# Depending on specificities of your service/app, you may need to tweak these +# Depending on specificities of your service/app, you may need to tweak these # .. but this should be a good baseline # Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html NoNewPrivileges=yes @@ -41,7 +41,7 @@ CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_WAKE_ALARM CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW -CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG +CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG [Install] WantedBy=multi-user.target diff --git a/doc/DESCRITION.md b/doc/DESCRIPTION.md similarity index 100% rename from doc/DESCRITION.md rename to doc/DESCRIPTION.md diff --git a/doc/DISCLAIMER.md b/doc/DISCLAIMER.md new file mode 100644 index 0000000..e69de29 diff --git a/manifest.json b/manifest.json index 7422cfc..9e0b87e 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "Web-based IRC graphical client", "fr": "Client graphique IRC" }, - "version": "0.7~ynh3", + "version": "0.7~ynh4", "url": "https://github.com/khlieng/dispatch", "upstream": { "license": "AGPL-3.0-only", @@ -25,7 +25,7 @@ "nginx" ], "arguments": { - "install" : [ + "install": [ { "name": "domain", "type": "domain" diff --git a/scripts/backup b/scripts/backup index d104a02..889bc9c 100644 --- a/scripts/backup +++ b/scripts/backup @@ -6,6 +6,7 @@ # IMPORT GENERIC HELPERS #================================================= +# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers @@ -13,6 +14,9 @@ source /usr/share/yunohost/helpers # MANAGE SCRIPT FAILURE #================================================= +ynh_clean_setup () { + true +} # Exit if an error occurs during the execution of the script ynh_abort_if_errors diff --git a/scripts/change_url b/scripts/change_url index 3f3a284..5baad4b 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -31,17 +31,18 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path) port=$(ynh_app_setting_get --app=$app --key=port) #================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP #================================================= -ynh_script_progression --message="Backing up $app before changing its URL (may take a while)..." --weight=1 +ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=1 # Backup the current version of the app ynh_backup_before_upgrade ynh_clean_setup () { + ynh_clean_check_starting # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location. ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" - # restore it if the upgrade fails + # Restore it if the upgrade fails ynh_restore_upgradebackup } # Exit if an error occurs during the execution of the script @@ -70,7 +71,7 @@ fi #================================================= ynh_script_progression --message="Stopping a systemd service..." --weight=1 -ynh_systemd_action --service_name=$app --action=stop --log_path="systemd" +ynh_systemd_action --service_name=$app --action="stop" --log_path="systemd" #================================================= # MODIFY URL IN NGINX CONF @@ -109,7 +110,7 @@ fi ynh_script_progression --message="Starting a systemd service..." --weight=1 # Start a systemd service -ynh_systemd_action --service_name=$app --action=start --log_path="systemd" +ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="Listening on port" #================================================= # RELOAD NGINX diff --git a/scripts/install b/scripts/install index e2b373b..e9690b3 100644 --- a/scripts/install +++ b/scripts/install @@ -13,6 +13,9 @@ source /usr/share/yunohost/helpers # MANAGE SCRIPT FAILURE #================================================= +ynh_clean_setup () { + ynh_clean_check_starting +} # Exit if an error occurs during the execution of the script ynh_abort_if_errors @@ -23,7 +26,6 @@ ynh_abort_if_errors domain=$YNH_APP_ARG_DOMAIN path_url="/" is_public=$YNH_APP_ARG_IS_PUBLIC -architecture=$YNH_ARCH app=$YNH_APP_INSTANCE_NAME @@ -63,7 +65,7 @@ ynh_app_setting_set --app=$app --key=port --value=$port ynh_script_progression --message="Configuring system user..." --weight=1 # Create a system user -ynh_system_user_create --username=$app --home_dir=$final_path +ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE @@ -71,12 +73,9 @@ ynh_system_user_create --username=$app --home_dir=$final_path ynh_script_progression --message="Setting up source files..." --weight=4 ynh_app_setting_set --app=$app --key=final_path --value=$final_path - # Download, check integrity, uncompress and patch the source from app.src -ynh_setup_source --dest_dir=$final_path --source_id="$architecture" - -mkdir "$final_path/.dispatch" -ynh_add_config --template="../conf/config.default.toml" --destination="$final_path/.dispatch/config.toml" +ynh_setup_source --dest_dir="$final_path" --source_id="$YNH_ARCH" +mkdir -p "$final_path/.dispatch" chmod 750 "$final_path" chmod -R o-rwx "$final_path" @@ -87,16 +86,31 @@ chown -R $app:www-data "$final_path" #================================================= ynh_script_progression --message="Configuring NGINX web server..." --weight=3 -# Create a dedicated nginx config +# Create a dedicated NGINX config ynh_add_nginx_config +#================================================= +# SPECIFIC SETUP +#================================================= +# ADD A CONFIGURATION +#================================================= +ynh_script_progression --message="Adding a configuration file..." + +ynh_add_config --template="../conf/config.default.toml" --destination="$final_path/.dispatch/config.toml" + +chmod 400 "$final_path/.dispatch/config.toml" +chown $app:$app "$final_path/.dispatch/config.toml" + #================================================= # SETUP SYSTEMD #================================================= ynh_script_progression --message="Configuring a systemd service..." --weight=1 +# Create a dedicated systemd config ynh_add_systemd_config +#================================================= +# GENERIC FINALIZATION #================================================= # SETUP LOGROTATE #================================================= @@ -118,16 +132,18 @@ yunohost service add $app --description="Web-based IRC client" --log="/var/log/$ ynh_script_progression --message="Starting a systemd service..." --weight=2 # Start a systemd service -ynh_systemd_action --service_name=$app --action=start --log_path="systemd" --line_match="Listening on port" +ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="Listening on port" #================================================= # SETUP SSOWAT #================================================= ynh_script_progression --message="Configuring permissions..." --weight=1 -# Make app public if necessary or protect it +# Make app public if necessary if [ $is_public -eq 1 ] then + # Everyone can access the app. + # The "main" permission is automatically created before the install script. ynh_permission_update --permission="main" --add="visitors" fi diff --git a/scripts/remove b/scripts/remove index 983d8ba..83c3227 100644 --- a/scripts/remove +++ b/scripts/remove @@ -29,7 +29,7 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path) # Remove the service from the list of services known by YunoHost (added from `yunohost service add`) if ynh_exec_warn_less yunohost service status $app >/dev/null then - ynh_script_progression --message="Removing $app service..." --weight=1 + ynh_script_progression --message="Removing $app service integration..." --weight=1 yunohost service remove $app fi @@ -52,7 +52,7 @@ ynh_remove_logrotate #================================================= # REMOVE APP MAIN DIR #================================================= -ynh_script_progression --message="Removing $app main directory..." --weight=6 +ynh_script_progression --message="Removing app main directory..." --weight=6 # Remove the app directory securely ynh_secure_remove --file="$final_path" diff --git a/scripts/restore b/scripts/restore index 35a28e2..c3232ff 100644 --- a/scripts/restore +++ b/scripts/restore @@ -6,6 +6,7 @@ # IMPORT GENERIC HELPERS #================================================= +# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers @@ -22,7 +23,7 @@ ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading settings..." --weight=1 +ynh_script_progression --message="Loading installation settings..." --weight=1 app=$YNH_APP_INSTANCE_NAME @@ -35,29 +36,23 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path) #================================================= ynh_script_progression --message="Validating restoration parameters..." --weight=2 -test ! -d $final_path || ynh_die --message="There is already a directory: $final_path " +test ! -d $final_path \ + || ynh_die --message="There is already a directory: $final_path " #================================================= # STANDARD RESTORATION STEPS -#================================================= -# RESTORE THE NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Restoring the NGINX configuration..." --weight=1 - -ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" - #================================================= # RECREATE THE DEDICATED USER #================================================= ynh_script_progression --message="Recreating the dedicated system user..." --weight=1 # Create the dedicated user (if not existing) -ynh_system_user_create --username=$app --home_dir=$final_path +ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= # RESTORE THE APP MAIN DIR #================================================= -ynh_script_progression --message="Restoring $app main directory..." --weight=4 +ynh_script_progression --message="Restoring the app main directory..." --weight=4 ynh_restore_file --origin_path="$final_path" @@ -67,6 +62,13 @@ chown -R $app:www-data "$final_path" #================================================= # SPECIFIC RESTORATION +#================================================= +# RESTORE THE NGINX CONFIGURATION +#================================================= +ynh_script_progression --message="Restoring the NGINX web server configuration..." --weight=1 + +ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" + #================================================= # RESTORE SYSTEMD #================================================= @@ -94,7 +96,7 @@ yunohost service add $app --description="Web-based IRC client" --log="/var/log/$ #================================================= ynh_script_progression --message="Starting a systemd service..." --weight=1 -ynh_systemd_action --service_name=$app --action=start --log_path=systemd --line_match="Listening on port" +ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="Listening on port" #================================================= # GENERIC FINALIZATION diff --git a/scripts/upgrade b/scripts/upgrade index af79ffa..8ac3f9b 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -20,7 +20,6 @@ domain=$(ynh_app_setting_get --app=$app --key=domain) path_url=$(ynh_app_setting_get --app=$app --key=path) final_path=$(ynh_app_setting_get --app=$app --key=final_path) port=$(ynh_app_setting_get --app=$app --key=port) -architecture=$YNH_ARCH #================================================= # CHECK VERSION @@ -29,6 +28,30 @@ ynh_script_progression --message="Checking version..." upgrade_type=$(ynh_check_app_version_changed) +#================================================= +# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +#================================================= +ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=4 + +# Backup the current version of the app +ynh_backup_before_upgrade +ynh_clean_setup () { + ynh_clean_check_starting + # Restore it if the upgrade fails + ynh_restore_upgradebackup +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + +#================================================= +# STANDARD UPGRADE STEPS +#================================================= +# STOP SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Stopping a systemd service..." --weight=1 + +ynh_systemd_action --service_name=$app --action="stop" --log_path="systemd" + #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= @@ -41,36 +64,13 @@ if ynh_legacy_permissions_exists; then ynh_app_setting_delete --app=$app --key=is_public fi -#================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP -#================================================= -ynh_script_progression --message="Backing up $app before upgrading (may take a while)..." --weight=4 - -# Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { - # restore it if the upgrade fails - ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# STANDARD UPGRADE STEPS -#================================================= -# STOP SYSTEMD SERVICE -#================================================= -ynh_script_progression --message="Stopping a systemd service..." --weight=1 - -ynh_systemd_action --service_name=$app --action=stop --log_path=systemd - #================================================= # CREATE DEDICATED USER #================================================= ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 # Create a dedicated user (if not existing) -ynh_system_user_create --username=$app --home_dir=$final_path +ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE @@ -81,7 +81,7 @@ then ynh_script_progression --message="Upgrading source files..." --weight=5 # Download, check integrity, uncompress and patch the source from app.src - ynh_setup_source --dest_dir=$final_path --source_id="$architecture" --keep="$final_path/.dispatch/config.toml" + ynh_setup_source --dest_dir=$final_path --source_id="$YNH_ARCH" --keep=".dispatch/config.toml" fi chmod 750 "$final_path" @@ -93,17 +93,31 @@ chown -R $app:www-data "$final_path" #================================================= ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=2 -# Create a dedicated nginx config +# Create a dedicated NGINX config ynh_add_nginx_config +#================================================= +# SPECIFIC UPGRADE +#================================================= +# UPDATE A CONFIG FILE +#================================================= +ynh_script_progression --message="Updating a configuration file..." + +ynh_add_config --template="../conf/config.default.toml" --destination="$final_path/.dispatch/config.toml" + +chmod 400 "$final_path/.dispatch/config.toml" +chown $app:$app "$final_path/.dispatch/config.toml" + #================================================= # SETUP SYSTEMD #================================================= -ynh_script_progression --message="Configuring a systemd service..." --weight=2 +ynh_script_progression --message="Upgrading systemd configuration..." --weight=2 # Create a dedicated systemd config ynh_add_systemd_config +#================================================= +# GENERIC FINALIZATION #================================================= # SETUP LOGROTATE #================================================= @@ -124,7 +138,7 @@ yunohost service add $app --description="Web-based IRC client" --log="/var/log/$ #================================================= ynh_script_progression --message="Starting a systemd service..." --weight=1 -ynh_systemd_action --service_name=$app --action=start --log_path=systemd --line_match="Listening on port" +ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --line_match="Listening on port" #================================================= # RELOAD NGINX