diff --git a/README.md b/README.md index 37bb18f..b57ca08 100644 --- a/README.md +++ b/README.md @@ -19,10 +19,6 @@ A networked place to store posted web documents. This is meant to allow for dist ![distbin-screenshot2](https://user-images.githubusercontent.com/30271971/52230927-e99d3b80-28b8-11e9-9e5d-439bf0feca8d.png) -## License - -**LICENSE:** Apache-2.0 - ## Demo * [Official demo](https://distbin.com/) diff --git a/check_process b/check_process index 8aeebc6..037e415 100644 --- a/check_process +++ b/check_process @@ -26,7 +26,7 @@ Level 3=auto # Level 4: If the app supports LDAP and SSOwat, turn level 4 to '1' and add a link to an issue or a part of your code to show it. # If the app does not use LDAP nor SSOwat, and can't use them, turn level 4 to 'na' and explain as well. - # no ldap support + # https://github.com/YunoHost-Apps/distbin_ynh/issues/18 Level 4=na Level 5=auto Level 6=auto diff --git a/conf/.env b/conf/.env new file mode 100644 index 0000000..1453925 --- /dev/null +++ b/conf/.env @@ -0,0 +1,14 @@ +# The path to NODEJS +PATH=__NODEJS_PATH__ + +# The port used by the application +PORT=__PORT__ + +# The directory where is store the database +DB_DIR=__FINALPATH__/distbin-db + +# The external URL +EXTERNAL_URL=https://__DOMAIN_URI__ + +# The Node Environnement +NODE_ENV=production \ No newline at end of file diff --git a/conf/nginx.conf b/conf/nginx.conf index 37c135d..a0af4cb 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -12,25 +12,6 @@ location __PATH__/ { proxy_set_header Host $host; proxy_buffering off; -### Example PHP configuration (remove it if not used) - #index index.php; - - # Common parameter to increase upload size limit in conjunction with dedicated php-fpm file - #client_max_body_size 50M; - - #try_files $uri $uri/ index.php; - #location ~ [^/]\.php(/|$) { - #fastcgi_split_path_info ^(.+?\.php)(/.*)$; - #fastcgi_pass unix:/var/run/php5-fpm-__NAME__.sock; - - #fastcgi_index index.php; - #include fastcgi_params; - #fastcgi_param REMOTE_USER $remote_user; - #fastcgi_param PATH_INFO $fastcgi_path_info; - #fastcgi_param SCRIPT_FILENAME $request_filename; - #} -### End of PHP configuration part - # Include SSOWAT user panel. include conf.d/yunohost_panel.conf.inc; } diff --git a/conf/php-fpm.conf b/conf/php-fpm.conf index 58ab5e2..ab5dca9 100644 --- a/conf/php-fpm.conf +++ b/conf/php-fpm.conf @@ -1,10 +1,11 @@ ; Start a new pool named 'www'. -; the variable $pool can we used in any directive and will be replaced by the +; the variable $pool can be used in any directive and will be replaced by the ; pool name ('www' here) [__NAMETOCHANGE__] ; Per pool prefix ; It only applies on the following directives: +; - 'access.log' ; - 'slowlog' ; - 'listen' (unixsocket) ; - 'chroot' @@ -24,28 +25,35 @@ group = __USER__ ; The address on which to accept FastCGI requests. ; Valid syntaxes are: -; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific address on +; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on ; a specific port; -; 'port' - to listen on a TCP socket to all addresses on a -; specific port; +; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on +; a specific port; +; 'port' - to listen on a TCP socket to all addresses +; (IPv6 and IPv4-mapped) on a specific port; ; '/path/to/unix/socket' - to listen on a unix socket. ; Note: This value is mandatory. -listen = /var/run/php5-fpm-__NAMETOCHANGE__.sock +listen = /var/run/php/php7.0-fpm-__NAMETOCHANGE__.sock -; Set listen(2) backlog. A value of '-1' means unlimited. -; Default Value: 128 (-1 on FreeBSD and OpenBSD) -;listen.backlog = 128 +; Set listen(2) backlog. +; Default Value: 511 (-1 on FreeBSD and OpenBSD) +;listen.backlog = 511 ; Set permissions for unix socket, if one is used. In Linux, read/write ; permissions must be set in order to allow connections from a web server. Many -; BSD-derived systems allow connections regardless of permissions. +; BSD-derived systems allow connections regardless of permissions. ; Default Values: user and group are set as the running user ; mode is set to 0660 listen.owner = www-data listen.group = www-data ;listen.mode = 0660 - -; List of ipv4 addresses of FastCGI clients which are allowed to connect. +; When POSIX Access Control Lists are supported you can set them using +; these options, value is a comma separated list of user/group names. +; When set, listen.owner and listen.group are ignored +;listen.acl_users = +;listen.acl_groups = + +; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect. ; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original ; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address ; must be separated by a comma. If this value is left blank, connections will be @@ -59,7 +67,13 @@ listen.group = www-data ; - The pool processes will inherit the master process priority ; unless it specified otherwise ; Default Value: no set -; priority = -19 +; process.priority = -19 + +; Set the process dumpable flag (PR_SET_DUMPABLE prctl) even if the process user +; or group is differrent than the master process user. It allows to create process +; core dump and ptrace the process for the pool user. +; Default Value: no +; process.dumpable = yes ; Choose how the process manager will control the number of child processes. ; Possible Values: @@ -96,7 +110,7 @@ pm = dynamic ; forget to tweak pm.* to fit your needs. ; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' ; Note: This value is mandatory. -pm.max_children = 10 +pm.max_children = 5 ; The number of child processes created on startup. ; Note: Used only when pm is set to 'dynamic' @@ -117,12 +131,12 @@ pm.max_spare_servers = 3 ; Note: Used only when pm is set to 'ondemand' ; Default Value: 10s ;pm.process_idle_timeout = 10s; - + ; The number of requests each child process should execute before respawning. ; This can be useful to work around memory leaks in 3rd party libraries. For ; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. ; Default Value: 0 -pm.max_requests = 500 +;pm.max_requests = 500 ; The URI to view the FPM status page. If this value is not set, no URI will be ; recognized as a status page. It shows the following informations: @@ -170,7 +184,7 @@ pm.max_requests = 500 ; ; By default the status page only outputs short status. Passing 'full' in the ; query string will also return status for each pool process. -; Example: +; Example: ; http://www.foo.bar/status?full ; http://www.foo.bar/status?json&full ; http://www.foo.bar/status?html&full @@ -215,7 +229,7 @@ pm.max_requests = 500 ; last request memory: 0 ; ; Note: There is a real-time FPM status monitoring sample web page available -; It's available in: ${prefix}/share/fpm/status.html +; It's available in: /usr/share/php/7.0/fpm/status.html ; ; Note: The value must start with a leading slash (/). The value can be ; anything, but it may not be a good idea to use the .php extension or it @@ -275,7 +289,7 @@ pm.max_requests = 500 ; - %{megabytes}M ; - %{mega}M ; %n: pool name -; %o: ouput header +; %o: output header ; it must be associated with embraces to specify the name of the header: ; - %{Content-Type}o ; - %{X-Powered-By}o @@ -283,7 +297,7 @@ pm.max_requests = 500 ; - .... ; %p: PID of the child that serviced the request ; %P: PID of the parent of the child that serviced the request -; %q: the query string +; %q: the query string ; %Q: the '?' character if query string exists ; %r: the request URI (without the query string, see %q and %Q) ; %R: remote IP address @@ -291,47 +305,51 @@ pm.max_requests = 500 ; %t: server time the request was received ; it can accept a strftime(3) format: ; %d/%b/%Y:%H:%M:%S %z (default) +; The strftime(3) format must be encapsuled in a %{}t tag +; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t ; %T: time the log has been written (the request has finished) ; it can accept a strftime(3) format: ; %d/%b/%Y:%H:%M:%S %z (default) +; The strftime(3) format must be encapsuled in a %{}t tag +; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t ; %u: remote user ; ; Default: "%R - %u %t \"%m %r\" %s" ;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%" - + ; The log file for slow requests ; Default Value: not set ; Note: slowlog is mandatory if request_slowlog_timeout is set -slowlog = /var/log/nginx/__NAMETOCHANGE__.slow.log - +;slowlog = log/$pool.log.slow + ; The timeout for serving a single request after which a PHP backtrace will be ; dumped to the 'slowlog' file. A value of '0s' means 'off'. ; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) ; Default Value: 0 -request_slowlog_timeout = 5s - +;request_slowlog_timeout = 0 + ; The timeout for serving a single request after which the worker process will ; be killed. This option should be used when the 'max_execution_time' ini option ; does not stop script execution for some reason. A value of '0' means 'off'. ; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) ; Default Value: 0 request_terminate_timeout = 1d - + ; Set open file descriptor rlimit. ; Default Value: system defined value ;rlimit_files = 1024 - + ; Set max core size rlimit. ; Possible Values: 'unlimited' or an integer greater or equal to 0 ; Default Value: system defined value ;rlimit_core = 0 - + ; Chroot to this directory at the start. This value must be defined as an ; absolute path. When this value is not set, chroot is not used. ; Note: you can prefix with '$prefix' to chroot to the pool prefix or one ; of its subdirectories. If the pool prefix is not set, the global prefix ; will be used instead. -; Note: chrooting is a great security feature and should be used whenever +; Note: chrooting is a great security feature and should be used whenever ; possible. However, all PHP paths will be relative to the chroot ; (error_log, sessions.save_path, ...). ; Default Value: not set @@ -347,16 +365,25 @@ chdir = __FINALPATH__ ; Note: on highloaded environement, this can cause some delay in the page ; process time (several ms). ; Default Value: no -catch_workers_output = yes +;catch_workers_output = yes + +; Clear environment in FPM workers +; Prevents arbitrary environment variables from reaching FPM worker processes +; by clearing the environment in workers before env vars specified in this +; pool configuration are added. +; Setting to "no" will make all environment variables available to PHP code +; via getenv(), $_ENV and $_SERVER. +; Default Value: yes +;clear_env = no ; Limits the extensions of the main script FPM will allow to parse. This can ; prevent configuration mistakes on the web server side. You should only limit ; FPM to .php extensions to prevent malicious users to use other extensions to -; exectute php code. +; execute php code. ; Note: set an empty value to allow all extensions. ; Default Value: .php -;security.limit_extensions = .php .php3 .php4 .php5 - +;security.limit_extensions = .php .php3 .php4 .php5 .php7 + ; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from ; the current environment. ; Default Value: clean env @@ -370,7 +397,7 @@ catch_workers_output = yes ; overwrite the values previously defined in the php.ini. The directives are the ; same as the PHP SAPI: ; php_value/php_flag - you can set classic ini defines which can -; be overwritten from PHP call 'ini_set'. +; be overwritten from PHP call 'ini_set'. ; php_admin_value/php_admin_flag - these directives won't be overwritten by ; PHP call 'ini_set' ; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no. diff --git a/conf/systemd.service b/conf/systemd.service index 92ec11a..4c9bd16 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -6,13 +6,9 @@ After=network.target Type=simple User=__APP__ Group=__APP__ -Environment="PATH=__NODEJS_PATH__" -Environment="PORT=__PORT__" -Environment="DB_DIR=__FINALPATH__/db" -Environment="EXTERNAL_URL=https://__DOMAIN_URI__" -Environment="NODE_ENV=production" -WorkingDirectory=__FINALPATH__/ -ExecStart=/bin/sh -c '__FINALPATH__/node_modules/.bin/ts-node --project __FINALPATH__/tsconfig.json __FINALPATH__/bin/server.ts >> /var/log/__APP__/__APP__.log 2>&1' +EnvironmentFile=__FINALPATH__/.env +WorkingDirectory=__FINALPATH__ +ExecStart=/bin/sh -c 'node ./dist/bin/server >> /var/log/__APP__/__APP__.log 2>&1' [Install] WantedBy=multi-user.target diff --git a/manifest.json b/manifest.json index 49777fb..d24337c 100644 --- a/manifest.json +++ b/manifest.json @@ -6,14 +6,14 @@ "en": "Distributed pastebin with ActivityPub.", "fr": "Pastebin distribué utilisant le protocole ActivityPub." }, - "version": "1.0~ynh3", + "version": "1.0~ynh4", "url": "https://example.com", "license": "Apache-2.0", "maintainer": { "name": "yalh76" }, "requirements": { - "yunohost": ">= 2.7.14" + "yunohost": ">= 3.4" }, "multi_instance": true, "services": [ diff --git a/scripts/_common.sh b/scripts/_common.sh index bb04a03..b905339 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -1,13 +1,13 @@ #!/bin/bash -# ============= FUTURE YUNOHOST HELPER ============= -# Delete a file checksum from the app settings -# -# $app should be defined when calling this helper -# -# usage: ynh_remove_file_checksum file -# | arg: file - The file for which the checksum will be deleted -ynh_delete_file_checksum () { - local checksum_setting_name=checksum_${1//[\/ ]/_} # Replace all '/' and ' ' by '_' - ynh_app_setting_delete $app $checksum_setting_name -} \ No newline at end of file +#================================================= +# PERSONAL HELPERS +#================================================= + +#================================================= +# EXPERIMENTAL HELPERS +#================================================= + +#================================================= +# FUTURE OFFICIAL HELPERS +#================================================= diff --git a/scripts/backup b/scripts/backup index a9bbfaf..394d696 100644 --- a/scripts/backup +++ b/scripts/backup @@ -24,6 +24,7 @@ ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= +ynh_print_info "Loading installation settings..." app=$YNH_APP_INSTANCE_NAME @@ -36,24 +37,28 @@ domain=$(ynh_app_setting_get $app domain) #================================================= # BACKUP THE APP MAIN DIR #================================================= +ynh_print_info "Backing up the main app directory..." ynh_backup "$final_path" #================================================= # BACKUP THE NGINX CONFIGURATION #================================================= +ynh_print_info "Backing up nginx web server configuration..." ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= # BACKUP THE PHP-FPM CONFIGURATION #================================================= +ynh_print_info "Backing up php-fpm configuration..." -#ynh_backup "/etc/php5/fpm/pool.d/$app.conf" +#ynh_backup "/etc/php/7.0/fpm/pool.d/$app.conf" #================================================= # BACKUP THE MYSQL DATABASE #================================================= +ynh_print_info "Backing up the PostgreSQL database..." #ynh_mysql_dump_db "$db_name" > db.sql @@ -62,12 +67,14 @@ ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= # BACKUP LOGROTATE #================================================= +ynh_print_info "Backing up logrotate configuration..." ynh_backup "/etc/logrotate.d/$app" #================================================= # BACKUP SYSTEMD #================================================= +ynh_print_info "Backing up systemd configuration..." ynh_backup "/etc/systemd/system/$app.service" @@ -76,3 +83,9 @@ ynh_backup "/etc/systemd/system/$app.service" #================================================= #ynh_backup "/etc/cron.d/$app" + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_print_info "Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." diff --git a/scripts/change_url b/scripts/change_url index 4775517..3d678fc 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -24,6 +24,7 @@ app=$YNH_APP_INSTANCE_NAME #================================================= # LOAD SETTINGS #================================================= +ynh_print_info "Loading installation settings..." # Needed for helper "ynh_add_nginx_config" final_path=$(ynh_app_setting_get $app final_path) @@ -62,6 +63,7 @@ fi #================================================= # MODIFY URL IN NGINX CONF #================================================= +ynh_print_info "Updating nginx web server configuration..." nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf @@ -90,13 +92,42 @@ fi #================================================= # SPECIFIC MODIFICATIONS #================================================= -# ... +# STOP SERVICE #================================================= +ynh_systemd_action --action=stop --service_name=$app + +#================================================= +# MODIFY A CONFIG FILE +#================================================= + +# Change the URL in the configuration file +ynh_replace_string "EXTERNAL_URL=.*" "EXTERNAL_URL=https://$new_domain$new_path" "$final_path/.env" + +### Verify the checksum of a file, stored by `ynh_store_file_checksum` in the install script. +### And create a backup of this file if the checksum is different. So the file will be backed up if the admin had modified it. +ynh_backup_if_checksum_is_different "$final_path/.env" +# Recalculate and store the checksum of the file for the next upgrade. +ynh_store_file_checksum "$final_path/.env" + +#================================================= +# START SERVICE +#================================================= + +ynh_systemd_action --action=start --service_name=$app + + #================================================= # GENERIC FINALISATION #================================================= # RELOAD NGINX #================================================= +ynh_print_info "Reloading nginx web server..." systemctl reload nginx + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_print_info "Change of URL completed for $app" diff --git a/scripts/install b/scripts/install index 53c6e8f..bfacf8c 100644 --- a/scripts/install +++ b/scripts/install @@ -47,6 +47,7 @@ app=$YNH_APP_INSTANCE_NAME #================================================= # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS #================================================= +ynh_print_info "Validating installation parameters..." ### If the app uses nginx as web server (written in HTML/PHP in most cases), the final path should be "/var/www/$app". ### If the app provides an internal web server (or uses another application server such as uwsgi), the final path should be "/opt/yunohost/$app" @@ -62,6 +63,7 @@ ynh_webpath_register $app $domain $path_url #================================================= # STORE SETTINGS FROM MANIFEST #================================================= +ynh_print_info "Storing installation settings..." ynh_app_setting_set $app domain $domain ynh_app_setting_set $app path $path_url @@ -74,6 +76,7 @@ ynh_app_setting_set $app is_public $is_public #================================================= # FIND AND OPEN A PORT #================================================= +ynh_print_info "Configuring firewall ..." ### Use these lines if you have to open a port for the application ### `ynh_find_port` will find the first available port starting from the given port. @@ -83,12 +86,13 @@ ynh_app_setting_set $app is_public $is_public # Find a free port port=$(ynh_find_port 8095) # Open this port -#yunohost firewall allow --no-upnp TCP $port 2>&1 +#ynh_exec_warn_less yunohost firewall allow --no-upnp TCP $port ynh_app_setting_set $app port $port #================================================= # INSTALL DEPENDENCIES #================================================= +ynh_print_info "Installing dependencies ..." ### `ynh_install_app_dependencies` allows you to add any "apt" dependencies to the package. ### Those deb packages will be installed as dependencies of this package. @@ -97,11 +101,13 @@ ynh_app_setting_set $app port $port ### - As well as the section "REINSTALL DEPENDENCIES" in the restore script ### - And the section "UPGRADE DEPENDENCIES" in the upgrade script +ynh_install_app_dependencies ca-certificates ynh_install_nodejs 8 #================================================= # CREATE A MYSQL DATABASE #================================================= +ynh_print_info "Creating a mysql database ..." ### Use these lines if you need a database for the application. ### `ynh_mysql_setup_db` will create a database, an associated user and a ramdom password. @@ -119,6 +125,7 @@ ynh_install_nodejs 8 #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= +ynh_print_info "Setting up source files ..." ### `ynh_setup_source` is used to install an app from a zip or tar.gz file, ### downloaded from an upstream source, like a git repository. @@ -132,6 +139,7 @@ git clone https://github.com/gobengo/distbin "$final_path" #================================================= # NGINX CONFIGURATION #================================================= +ynh_print_info "Configuring nginx web server..." ### `ynh_add_nginx_config` will use the file conf/nginx.conf @@ -141,6 +149,7 @@ ynh_add_nginx_config #================================================= # CREATE DEDICATED USER #================================================= +ynh_print_info "Configuring system user ..." # Create a system user ynh_system_user_create "$app" "$final_path" @@ -148,6 +157,7 @@ ynh_system_user_create "$app" "$final_path" #================================================= # PHP-FPM CONFIGURATION #================================================= +ynh_print_info "Configuring php-fpm ..." ### `ynh_add_fpm_config` is used to set up a PHP config. ### You can remove it if your app doesn't use PHP. @@ -176,7 +186,7 @@ chown -R "$app":"$app" "/var/log/$app" # CREATE DB FOLDER #================================================= -mkdir -p "$final_path/db" +mkdir -p "$final_path/distbin-db" #================================================= # MAKE SETUP @@ -185,15 +195,20 @@ mkdir -p "$final_path/db" chown -R "$app":"$app" "$final_path" pushd $final_path ynh_use_nodejs - sudo -u $app env PATH=$PATH:$nodejs_path npm add hoek@^4.2.1 --save --production - sudo -u $app env PATH=$PATH:$nodejs_path npm install ts-node - sudo -u $app env PATH=$PATH:$nodejs_path npm install --production - sudo -u $app env PATH=$PATH:$nodejs_path npm audit fix + sudo -u $app env PATH=$PATH npm install --ignore-scripts + sudo -u $app env PATH=$PATH npm run build + cp package* dist/ popd +pushd $final_path/dist + sudo -u $app env PATH=$PATH npm install --ignore-scripts --production +popd + + #================================================= # SETUP SYSTEMD #================================================= +ynh_print_info "Configuring a systemd service ..." ### `ynh_systemd_config` is used to configure a systemd script for an app. ### It can be used for apps that use sysvinit (with adaptation) or systemd. @@ -207,9 +222,6 @@ popd ### - And the section "SETUP SYSTEMD" in the upgrade script # Create a dedicated systemd config -ynh_replace_string "__NODEJS_PATH__" "$nodejs_path" "../conf/systemd.service" -ynh_replace_string "__PORT__" "$port" "../conf/systemd.service" -ynh_replace_string "__DOMAIN_URI__" "$domain$path_url" "../conf/systemd.service" ynh_add_systemd_config #================================================= @@ -225,6 +237,7 @@ ynh_add_systemd_config #chown -R $app: $final_path # Set the app as temporarily public for curl call +#ynh_print_info "Configuring ssowat ..." #ynh_app_setting_set $app skipped_uris "/" # Reload SSOwat config #yunohost app ssowatconf @@ -233,6 +246,7 @@ ynh_add_systemd_config #systemctl reload nginx # Installation with curl +#ynh_print_info "Finalizing install ..." #ynh_local_curl "/INSTALL_PATH" "key1=value1" "key2=value2" "key3=value3" # Remove the public access @@ -248,7 +262,12 @@ ynh_add_systemd_config ### `ynh_replace_string` is used to replace a string in a file. ### (It's compatible with sed regular expressions syntax) -#ynh_replace_string "match_string" "replace_string" "$final_path/CONFIG_FILE" +cp "../conf/.env" "$final_path/.env" + +ynh_replace_string "__NODEJS_PATH__" "$nodejs_path" "$final_path/.env" +ynh_replace_string "__PORT__" "$port" "$final_path/.env" +ynh_replace_string "__DOMAIN_URI__" "$domain$path_url" "$final_path/.env" +ynh_replace_string "__FINALPATH__" "$final_path" "$final_path/.env" #================================================= # STORE THE CONFIG FILE CHECKSUM @@ -259,7 +278,7 @@ ynh_add_systemd_config ### you can make a backup of this file before modifying it again if the admin had modified it. # Calculate and store the config file checksum into the app settings -#ynh_store_file_checksum "$final_path/package.json" +ynh_store_file_checksum "$final_path/.env" #================================================= # GENERIC FINALIZATION @@ -272,11 +291,12 @@ ynh_add_systemd_config ### that really need such authorization. # Set permissions to app files -#chown -R root: $final_path +chown -R "$app":"$app" "$final_path" #================================================= # SETUP LOGROTATE #================================================= +ynh_print_info "Configuring log rotation ..." ### `ynh_use_logrotate` is used to configure a logrotate configuration for the logs of this app. ### Use this helper only if there is effectively a log file for this app. @@ -308,6 +328,7 @@ yunohost service add $app --description "$app daemon for distbin" --log "/var/lo #================================================= # SETUP SSOWAT #================================================= +ynh_print_info "Configuring SSOwat ..." # Make app public if necessary if [ $is_public -eq 1 ] @@ -319,6 +340,7 @@ fi #================================================= # RELOAD NGINX #================================================= +ynh_print_info "Reloading nginx web server..." systemctl reload nginx @@ -327,3 +349,9 @@ systemctl reload nginx #================================================= ynh_systemd_action --action=start --service_name=$app --line_match="http://localhost:" + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_print_info "Installation of $app completed" diff --git a/scripts/remove b/scripts/remove index fa659eb..3300beb 100644 --- a/scripts/remove +++ b/scripts/remove @@ -13,6 +13,7 @@ source /usr/share/yunohost/helpers #================================================= # LOAD SETTINGS #================================================= +ynh_print_info "Loading installation settings..." app=$YNH_APP_INSTANCE_NAME @@ -30,35 +31,39 @@ final_path=$(ynh_app_setting_get $app final_path) # Remove a service from the admin panel, added by `yunohost service add` if yunohost service status | grep -q $app then - echo "Remove $app service" + ynh_print_info "Removing $app service" yunohost service remove $app fi #================================================= # STOP AND REMOVE SERVICE #================================================= +ynh_print_info "Stopping and removing the systemd service" # Remove the dedicated systemd config ynh_remove_systemd_config -#================================================= -# REMOVE DEPENDENCIES -#================================================= - -# Remove metapackage and its dependencies -ynh_remove_nodejs -ynh_remove_app_dependencies - #================================================= # REMOVE THE MYSQL DATABASE #================================================= +ynh_print_info "Removing the PostgreSQL database" # Remove a database if it exists, along with the associated user #ynh_mysql_remove_db $db_name $db_name +#================================================= +# REMOVE DEPENDENCIES +#================================================= +ynh_print_info "Removing dependencies" + +# Remove metapackage and its dependencies +ynh_remove_app_dependencies +ynh_remove_nodejs + #================================================= # REMOVE APP MAIN DIR #================================================= +ynh_print_info "Removing app main directory" # Remove the app directory securely ynh_secure_remove "$final_path" @@ -66,6 +71,7 @@ ynh_secure_remove "$final_path" #================================================= # REMOVE NGINX CONFIGURATION #================================================= +ynh_print_info "Removing nginx web server configuration" # Remove the dedicated nginx config ynh_remove_nginx_config @@ -73,6 +79,7 @@ ynh_remove_nginx_config #================================================= # REMOVE PHP-FPM CONFIGURATION #================================================= +ynh_print_info "Removing php-fpm configuration" # Remove the dedicated php-fpm config #ynh_remove_fpm_config @@ -80,6 +87,7 @@ ynh_remove_nginx_config #================================================= # REMOVE LOGROTATE CONFIGURATION #================================================= +ynh_print_info "Removing logrotate configuration" # Remove the app-specific logrotate config ynh_remove_logrotate @@ -87,11 +95,12 @@ ynh_remove_logrotate #================================================= # CLOSE A PORT #================================================= +ynh_print_info "Close ports" if yunohost firewall list | grep -q "\- $port$" then - echo "Close port $port" >&2 - yunohost firewall disallow TCP $port 2>&1 + ynh_print_info "Closing port $port" + ynh_exec_warn_less yunohost firewall disallow TCP $port fi #================================================= @@ -114,6 +123,13 @@ ynh_secure_remove "/var/log/$app/" #================================================= # REMOVE DEDICATED USER #================================================= +ynh_print_info "Removing the dedicated system user" # Delete a system user ynh_system_user_delete $app + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_print_info "Removal of $app completed" diff --git a/scripts/restore b/scripts/restore index 831ccd5..2fb865b 100644 --- a/scripts/restore +++ b/scripts/restore @@ -24,6 +24,7 @@ ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= +ynh_print_info "Loading settings..." app=$YNH_APP_INSTANCE_NAME @@ -35,6 +36,7 @@ final_path=$(ynh_app_setting_get $app final_path) #================================================= # CHECK IF THE APP CAN BE RESTORED #================================================= +ynh_print_info "Validating restoration parameters..." ynh_webpath_available $domain $path_url \ || ynh_die "Path not available: ${domain}${path_url}" @@ -52,20 +54,14 @@ ynh_restore_file "/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= # RESTORE THE APP MAIN DIR #================================================= +ynh_print_info "Restoring the app main directory..." ynh_restore_file "$final_path" -#================================================= -# RESTORE THE MYSQL DATABASE -#================================================= - -#db_pwd=$(ynh_app_setting_get $app mysqlpwd) -#ynh_mysql_setup_db $db_name $db_name $db_pwd -#ynh_mysql_connect_as $db_name $db_pwd $db_name < ./db.sql - #================================================= # RECREATE THE DEDICATED USER #================================================= +ynh_print_info "Recreating the dedicated system user..." # Create the dedicated user (if not existing) ynh_system_user_create "$app" "$final_path" @@ -84,21 +80,32 @@ chown -R $app:$app /var/log/$app # RESTORE THE PHP-FPM CONFIGURATION #================================================= -#ynh_restore_file "/etc/php5/fpm/pool.d/$app.conf" +#ynh_restore_file "/etc/php/7.0/fpm/pool.d/$app.conf" #================================================= # SPECIFIC RESTORATION #================================================= # REINSTALL DEPENDENCIES #================================================= +ynh_print_info "Reinstalling dependencies..." # Define and install dependencies -#ynh_install_app_dependencies +ynh_install_app_dependencies ca-certificates ynh_install_nodejs 8 +#================================================= +# RESTORE THE MYSQL DATABASE +#================================================= +ynh_print_info "Restoring the PostgreSQL database..." + +#db_pwd=$(ynh_app_setting_get $app mysqlpwd) +#ynh_mysql_setup_db $db_name $db_name $db_pwd +#ynh_mysql_connect_as $db_name $db_pwd $db_name < ./db.sql + #================================================= # RESTORE SYSTEMD #================================================= +ynh_print_info "Restoring the systemd configuration..." ynh_restore_file "/etc/systemd/system/$app.service" systemctl enable $app.service @@ -127,8 +134,9 @@ ynh_restore_file "/etc/logrotate.d/$app" #================================================= # RELOAD NGINX AND PHP-FPM #================================================= +ynh_print_info "Reloading nginx web server and php-fpm..." -#systemctl reload php5-fpm +#systemctl reload php7.0-fpm systemctl reload nginx #================================================= @@ -143,3 +151,9 @@ chown -R "$app":"$app" "/var/log/$app" #================================================= ynh_systemd_action --action=start --service_name=$app --line_match="http://localhost:" + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_print_info "Restoration completed for $app" diff --git a/scripts/upgrade b/scripts/upgrade index f20e274..b3d0197 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -13,6 +13,7 @@ source /usr/share/yunohost/helpers #================================================= # LOAD SETTINGS #================================================= +ynh_print_info "Loading installation settings..." app=$YNH_APP_INSTANCE_NAME @@ -28,6 +29,7 @@ port=$(ynh_app_setting_get $app port) #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= +ynh_print_info "Ensuring downward compatibility..." # Fix is_public as a boolean value if [ "$is_public" = "Yes" ]; then @@ -53,6 +55,7 @@ fi #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= +ynh_print_info "Backing up the app before upgrading (may take a while)..." # Backup the current version of the app ynh_backup_before_upgrade @@ -64,12 +67,6 @@ ynh_clean_setup () { # Exit if an error occurs during the execution of the script ynh_abort_if_errors -#================================================= -# STOP SERVICE -#================================================= - -ynh_systemd_action --action=stop --service_name=$app - #================================================= # CHECK THE PATH #================================================= @@ -77,22 +74,31 @@ ynh_systemd_action --action=stop --service_name=$app # Normalize the URL path syntax path_url=$(ynh_normalize_url_path $path_url) +#================================================= +# STOP SERVICE +#================================================= + +ynh_systemd_action --action=stop --service_name=$app + #================================================= # STANDARD UPGRADE STEPS #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= +ynh_print_info "Upgrading source files..." # Download, check integrity, uncompress and patch the source from app.src# #ynh_setup_source "$final_path" pushd $final_path - git pull + git reset --hard + git pull --quiet popd #================================================= # NGINX CONFIGURATION #================================================= +ynh_print_info "Upgrading nginx web server configuration..." # Create a dedicated nginx config ynh_add_nginx_config @@ -100,13 +106,15 @@ ynh_add_nginx_config #================================================= # UPGRADE DEPENDENCIES #================================================= +ynh_print_info "Upgrading dependencies..." -#ynh_install_app_dependencies deb1 deb2 +ynh_install_app_dependencies ca-certificates ynh_install_nodejs 8 #================================================= # CREATE DEDICATED USER #================================================= +ynh_print_info "Making sure dedicated system user exists..." # Create a dedicated user (if not existing) ynh_system_user_create "$app" "$final_path" @@ -114,19 +122,22 @@ ynh_system_user_create "$app" "$final_path" #================================================= # PHP-FPM CONFIGURATION #================================================= +ynh_print_info "Upgrading php-fpm configuration..." # Create a dedicated php-fpm config #ynh_add_fpm_config #================================================= # SPECIFIC UPGRADE -#================================================= - #================================================= # CREATE DB FOLDER #================================================= -mkdir -p "$final_path/db" +DIRECTORY="$final_path/db" +#Move old db +if [ -d "$DIRECTORY" ]; then + mv "$final_path/db" "$final_path/distbin-db" +fi #================================================= # MAKE INSTALL @@ -135,20 +146,39 @@ mkdir -p "$final_path/db" chown -R "$app":"$app" "$final_path" pushd $final_path ynh_use_nodejs - sudo -u $app env PATH=$PATH:$nodejs_path npm update --production - sudo -u $app env PATH=$PATH:$nodejs_path npm install --production - sudo -u $app env PATH=$PATH:$nodejs_path npm audit fix + sudo -u $app env PATH=$PATH npm install --ignore-scripts + sudo -u $app env PATH=$PATH npm run build + cp package* dist/ popd +pushd $final_path/dist + sudo -u $app env PATH=$PATH npm install --ignore-scripts --production +popd + +#================================================= +# MODIFY A CONFIG FILE +#================================================= + +### `ynh_replace_string` is used to replace a string in a file. +### (It's compatible with sed regular expressions syntax) + +cp "../conf/.env" "$final_path/.env" + +ynh_replace_string "__NODEJS_PATH__" "$nodejs_path" "$final_path/.env" +ynh_replace_string "__PORT__" "$port" "$final_path/.env" +ynh_replace_string "__DOMAIN_URI__" "$domain$path_url" "$final_path/.env" +ynh_replace_string "__FINALPATH__" "$final_path" "$final_path/.env" + ### Verify the checksum of a file, stored by `ynh_store_file_checksum` in the install script. ### And create a backup of this file if the checksum is different. So the file will be backed up if the admin had modified it. -#ynh_backup_if_checksum_is_different "$final_path/CONFIG_FILE" +ynh_backup_if_checksum_is_different "$final_path/.env" # Recalculate and store the checksum of the file for the next upgrade. -#ynh_store_file_checksum "$final_path/CONFIG_FILE" +ynh_store_file_checksum "$final_path/.env" #================================================= # SETUP LOGROTATE #================================================= +ynh_print_info "Upgrading logrotate configuration..." # Use logrotate to manage app-specific logfile(s) ynh_use_logrotate --non-append @@ -156,11 +186,9 @@ ynh_use_logrotate --non-append #================================================= # SETUP SYSTEMD #================================================= +ynh_print_info "Upgrading systemd configuration..." # Create a dedicated systemd config -ynh_replace_string "__NODEJS_PATH__" "$nodejs_path" "../conf/systemd.service" -ynh_replace_string "__PORT__" "$port" "../conf/systemd.service" -ynh_replace_string "__DOMAIN_URI__" "$domain$path_url" "../conf/systemd.service" ynh_add_systemd_config #================================================= @@ -179,6 +207,7 @@ chown -R $app:$app /var/log/$app #================================================= # SETUP SSOWAT #================================================= +ynh_print_info "Upgrading SSOwat configuration..." # Make app public if necessary if [ $is_public -eq 1 ] @@ -190,6 +219,7 @@ fi #================================================= # RELOAD NGINX #================================================= +ynh_print_info "Reloading nginx web server..." systemctl reload nginx @@ -198,3 +228,9 @@ systemctl reload nginx #================================================= ynh_systemd_action --action=start --service_name=$app --line_match="http://localhost:" + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_print_info "Upgrade of $app completed"