mirror of
https://github.com/YunoHost-Apps/django_example_ynh.git
synced 2024-09-03 18:26:21 +02:00
init
This commit is contained in:
commit
f578f144a3
45 changed files with 3108 additions and 0 deletions
21
.editorconfig
Normal file
21
.editorconfig
Normal file
|
@ -0,0 +1,21 @@
|
||||||
|
# see http://editorconfig.org
|
||||||
|
root = true
|
||||||
|
|
||||||
|
[*]
|
||||||
|
indent_style = space
|
||||||
|
indent_size = 4
|
||||||
|
end_of_line = lf
|
||||||
|
charset = utf-8
|
||||||
|
trim_trailing_whitespace = true
|
||||||
|
insert_final_newline = true
|
||||||
|
|
||||||
|
[*.py]
|
||||||
|
line_length = 119
|
||||||
|
|
||||||
|
[{Makefile,**.mk}]
|
||||||
|
indent_style = tab
|
||||||
|
insert_final_newline = false
|
||||||
|
|
||||||
|
[*.yml]
|
||||||
|
indent_style = tab
|
||||||
|
indent_size = 4
|
7
.flake8
Normal file
7
.flake8
Normal file
|
@ -0,0 +1,7 @@
|
||||||
|
#
|
||||||
|
# Move to pyproject.toml after: https://gitlab.com/pycqa/flake8/-/issues/428
|
||||||
|
#
|
||||||
|
[flake8]
|
||||||
|
exclude = .pytest_cache, .tox, dist, htmlcov, */migrations/*, volumes
|
||||||
|
#ignore = E402
|
||||||
|
max-line-length = 119
|
20
.github/workflows/package_linter.yml
vendored
Normal file
20
.github/workflows/package_linter.yml
vendored
Normal file
|
@ -0,0 +1,20 @@
|
||||||
|
name: YunoHost apps package linter
|
||||||
|
|
||||||
|
on:
|
||||||
|
schedule:
|
||||||
|
- cron: '0 8 * * *'
|
||||||
|
push:
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
test:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
- uses: actions/checkout@v2
|
||||||
|
|
||||||
|
- name: 'Clone YunoHost apps package linter'
|
||||||
|
run: |
|
||||||
|
git clone --depth=1 https://github.com/YunoHost/package_linter ~/package_linter
|
||||||
|
|
||||||
|
- name: 'Run linter'
|
||||||
|
run: |
|
||||||
|
~/package_linter/package_linter.py .
|
41
.github/workflows/pytest.yml
vendored
Normal file
41
.github/workflows/pytest.yml
vendored
Normal file
|
@ -0,0 +1,41 @@
|
||||||
|
name: pytest
|
||||||
|
|
||||||
|
on:
|
||||||
|
schedule:
|
||||||
|
- cron: '0 8 * * *'
|
||||||
|
push:
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
test:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
strategy:
|
||||||
|
max-parallel: 2
|
||||||
|
matrix:
|
||||||
|
python-version: [3.9, 3.8, 3.7]
|
||||||
|
steps:
|
||||||
|
- uses: actions/checkout@v1
|
||||||
|
- name: 'Set up Python ${{ matrix.python-version }}'
|
||||||
|
uses: actions/setup-python@v1
|
||||||
|
with:
|
||||||
|
python-version: '${{ matrix.python-version }}'
|
||||||
|
|
||||||
|
- name: 'Install package'
|
||||||
|
run: |
|
||||||
|
pip3 install poetry
|
||||||
|
make install
|
||||||
|
|
||||||
|
- name: 'List installed packages'
|
||||||
|
run: |
|
||||||
|
poetry run pip freeze
|
||||||
|
|
||||||
|
- name: 'Run tests with Python v${{ matrix.python-version }}'
|
||||||
|
run: |
|
||||||
|
poetry run pytest
|
||||||
|
|
||||||
|
- name: 'Upload coverage report'
|
||||||
|
run: bash <(curl -s https://codecov.io/bash)
|
||||||
|
|
||||||
|
- name: 'Run linters'
|
||||||
|
if: matrix.python-version == '3.8'
|
||||||
|
run: |
|
||||||
|
make lint
|
11
.gitignore
vendored
Normal file
11
.gitignore
vendored
Normal file
|
@ -0,0 +1,11 @@
|
||||||
|
.*
|
||||||
|
!.github
|
||||||
|
!.editorconfig
|
||||||
|
!.flake8
|
||||||
|
!.gitignore
|
||||||
|
__pycache__
|
||||||
|
secret.txt
|
||||||
|
/local_test/
|
||||||
|
/dist/
|
||||||
|
/poetry.lock
|
||||||
|
*.log
|
674
LICENSE
Normal file
674
LICENSE
Normal file
|
@ -0,0 +1,674 @@
|
||||||
|
GNU GENERAL PUBLIC LICENSE
|
||||||
|
Version 3, 29 June 2007
|
||||||
|
|
||||||
|
Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
|
||||||
|
Everyone is permitted to copy and distribute verbatim copies
|
||||||
|
of this license document, but changing it is not allowed.
|
||||||
|
|
||||||
|
Preamble
|
||||||
|
|
||||||
|
The GNU General Public License is a free, copyleft license for
|
||||||
|
software and other kinds of works.
|
||||||
|
|
||||||
|
The licenses for most software and other practical works are designed
|
||||||
|
to take away your freedom to share and change the works. By contrast,
|
||||||
|
the GNU General Public License is intended to guarantee your freedom to
|
||||||
|
share and change all versions of a program--to make sure it remains free
|
||||||
|
software for all its users. We, the Free Software Foundation, use the
|
||||||
|
GNU General Public License for most of our software; it applies also to
|
||||||
|
any other work released this way by its authors. You can apply it to
|
||||||
|
your programs, too.
|
||||||
|
|
||||||
|
When we speak of free software, we are referring to freedom, not
|
||||||
|
price. Our General Public Licenses are designed to make sure that you
|
||||||
|
have the freedom to distribute copies of free software (and charge for
|
||||||
|
them if you wish), that you receive source code or can get it if you
|
||||||
|
want it, that you can change the software or use pieces of it in new
|
||||||
|
free programs, and that you know you can do these things.
|
||||||
|
|
||||||
|
To protect your rights, we need to prevent others from denying you
|
||||||
|
these rights or asking you to surrender the rights. Therefore, you have
|
||||||
|
certain responsibilities if you distribute copies of the software, or if
|
||||||
|
you modify it: responsibilities to respect the freedom of others.
|
||||||
|
|
||||||
|
For example, if you distribute copies of such a program, whether
|
||||||
|
gratis or for a fee, you must pass on to the recipients the same
|
||||||
|
freedoms that you received. You must make sure that they, too, receive
|
||||||
|
or can get the source code. And you must show them these terms so they
|
||||||
|
know their rights.
|
||||||
|
|
||||||
|
Developers that use the GNU GPL protect your rights with two steps:
|
||||||
|
(1) assert copyright on the software, and (2) offer you this License
|
||||||
|
giving you legal permission to copy, distribute and/or modify it.
|
||||||
|
|
||||||
|
For the developers' and authors' protection, the GPL clearly explains
|
||||||
|
that there is no warranty for this free software. For both users' and
|
||||||
|
authors' sake, the GPL requires that modified versions be marked as
|
||||||
|
changed, so that their problems will not be attributed erroneously to
|
||||||
|
authors of previous versions.
|
||||||
|
|
||||||
|
Some devices are designed to deny users access to install or run
|
||||||
|
modified versions of the software inside them, although the manufacturer
|
||||||
|
can do so. This is fundamentally incompatible with the aim of
|
||||||
|
protecting users' freedom to change the software. The systematic
|
||||||
|
pattern of such abuse occurs in the area of products for individuals to
|
||||||
|
use, which is precisely where it is most unacceptable. Therefore, we
|
||||||
|
have designed this version of the GPL to prohibit the practice for those
|
||||||
|
products. If such problems arise substantially in other domains, we
|
||||||
|
stand ready to extend this provision to those domains in future versions
|
||||||
|
of the GPL, as needed to protect the freedom of users.
|
||||||
|
|
||||||
|
Finally, every program is threatened constantly by software patents.
|
||||||
|
States should not allow patents to restrict development and use of
|
||||||
|
software on general-purpose computers, but in those that do, we wish to
|
||||||
|
avoid the special danger that patents applied to a free program could
|
||||||
|
make it effectively proprietary. To prevent this, the GPL assures that
|
||||||
|
patents cannot be used to render the program non-free.
|
||||||
|
|
||||||
|
The precise terms and conditions for copying, distribution and
|
||||||
|
modification follow.
|
||||||
|
|
||||||
|
TERMS AND CONDITIONS
|
||||||
|
|
||||||
|
0. Definitions.
|
||||||
|
|
||||||
|
"This License" refers to version 3 of the GNU General Public License.
|
||||||
|
|
||||||
|
"Copyright" also means copyright-like laws that apply to other kinds of
|
||||||
|
works, such as semiconductor masks.
|
||||||
|
|
||||||
|
"The Program" refers to any copyrightable work licensed under this
|
||||||
|
License. Each licensee is addressed as "you". "Licensees" and
|
||||||
|
"recipients" may be individuals or organizations.
|
||||||
|
|
||||||
|
To "modify" a work means to copy from or adapt all or part of the work
|
||||||
|
in a fashion requiring copyright permission, other than the making of an
|
||||||
|
exact copy. The resulting work is called a "modified version" of the
|
||||||
|
earlier work or a work "based on" the earlier work.
|
||||||
|
|
||||||
|
A "covered work" means either the unmodified Program or a work based
|
||||||
|
on the Program.
|
||||||
|
|
||||||
|
To "propagate" a work means to do anything with it that, without
|
||||||
|
permission, would make you directly or secondarily liable for
|
||||||
|
infringement under applicable copyright law, except executing it on a
|
||||||
|
computer or modifying a private copy. Propagation includes copying,
|
||||||
|
distribution (with or without modification), making available to the
|
||||||
|
public, and in some countries other activities as well.
|
||||||
|
|
||||||
|
To "convey" a work means any kind of propagation that enables other
|
||||||
|
parties to make or receive copies. Mere interaction with a user through
|
||||||
|
a computer network, with no transfer of a copy, is not conveying.
|
||||||
|
|
||||||
|
An interactive user interface displays "Appropriate Legal Notices"
|
||||||
|
to the extent that it includes a convenient and prominently visible
|
||||||
|
feature that (1) displays an appropriate copyright notice, and (2)
|
||||||
|
tells the user that there is no warranty for the work (except to the
|
||||||
|
extent that warranties are provided), that licensees may convey the
|
||||||
|
work under this License, and how to view a copy of this License. If
|
||||||
|
the interface presents a list of user commands or options, such as a
|
||||||
|
menu, a prominent item in the list meets this criterion.
|
||||||
|
|
||||||
|
1. Source Code.
|
||||||
|
|
||||||
|
The "source code" for a work means the preferred form of the work
|
||||||
|
for making modifications to it. "Object code" means any non-source
|
||||||
|
form of a work.
|
||||||
|
|
||||||
|
A "Standard Interface" means an interface that either is an official
|
||||||
|
standard defined by a recognized standards body, or, in the case of
|
||||||
|
interfaces specified for a particular programming language, one that
|
||||||
|
is widely used among developers working in that language.
|
||||||
|
|
||||||
|
The "System Libraries" of an executable work include anything, other
|
||||||
|
than the work as a whole, that (a) is included in the normal form of
|
||||||
|
packaging a Major Component, but which is not part of that Major
|
||||||
|
Component, and (b) serves only to enable use of the work with that
|
||||||
|
Major Component, or to implement a Standard Interface for which an
|
||||||
|
implementation is available to the public in source code form. A
|
||||||
|
"Major Component", in this context, means a major essential component
|
||||||
|
(kernel, window system, and so on) of the specific operating system
|
||||||
|
(if any) on which the executable work runs, or a compiler used to
|
||||||
|
produce the work, or an object code interpreter used to run it.
|
||||||
|
|
||||||
|
The "Corresponding Source" for a work in object code form means all
|
||||||
|
the source code needed to generate, install, and (for an executable
|
||||||
|
work) run the object code and to modify the work, including scripts to
|
||||||
|
control those activities. However, it does not include the work's
|
||||||
|
System Libraries, or general-purpose tools or generally available free
|
||||||
|
programs which are used unmodified in performing those activities but
|
||||||
|
which are not part of the work. For example, Corresponding Source
|
||||||
|
includes interface definition files associated with source files for
|
||||||
|
the work, and the source code for shared libraries and dynamically
|
||||||
|
linked subprograms that the work is specifically designed to require,
|
||||||
|
such as by intimate data communication or control flow between those
|
||||||
|
subprograms and other parts of the work.
|
||||||
|
|
||||||
|
The Corresponding Source need not include anything that users
|
||||||
|
can regenerate automatically from other parts of the Corresponding
|
||||||
|
Source.
|
||||||
|
|
||||||
|
The Corresponding Source for a work in source code form is that
|
||||||
|
same work.
|
||||||
|
|
||||||
|
2. Basic Permissions.
|
||||||
|
|
||||||
|
All rights granted under this License are granted for the term of
|
||||||
|
copyright on the Program, and are irrevocable provided the stated
|
||||||
|
conditions are met. This License explicitly affirms your unlimited
|
||||||
|
permission to run the unmodified Program. The output from running a
|
||||||
|
covered work is covered by this License only if the output, given its
|
||||||
|
content, constitutes a covered work. This License acknowledges your
|
||||||
|
rights of fair use or other equivalent, as provided by copyright law.
|
||||||
|
|
||||||
|
You may make, run and propagate covered works that you do not
|
||||||
|
convey, without conditions so long as your license otherwise remains
|
||||||
|
in force. You may convey covered works to others for the sole purpose
|
||||||
|
of having them make modifications exclusively for you, or provide you
|
||||||
|
with facilities for running those works, provided that you comply with
|
||||||
|
the terms of this License in conveying all material for which you do
|
||||||
|
not control copyright. Those thus making or running the covered works
|
||||||
|
for you must do so exclusively on your behalf, under your direction
|
||||||
|
and control, on terms that prohibit them from making any copies of
|
||||||
|
your copyrighted material outside their relationship with you.
|
||||||
|
|
||||||
|
Conveying under any other circumstances is permitted solely under
|
||||||
|
the conditions stated below. Sublicensing is not allowed; section 10
|
||||||
|
makes it unnecessary.
|
||||||
|
|
||||||
|
3. Protecting Users' Legal Rights From Anti-Circumvention Law.
|
||||||
|
|
||||||
|
No covered work shall be deemed part of an effective technological
|
||||||
|
measure under any applicable law fulfilling obligations under article
|
||||||
|
11 of the WIPO copyright treaty adopted on 20 December 1996, or
|
||||||
|
similar laws prohibiting or restricting circumvention of such
|
||||||
|
measures.
|
||||||
|
|
||||||
|
When you convey a covered work, you waive any legal power to forbid
|
||||||
|
circumvention of technological measures to the extent such circumvention
|
||||||
|
is effected by exercising rights under this License with respect to
|
||||||
|
the covered work, and you disclaim any intention to limit operation or
|
||||||
|
modification of the work as a means of enforcing, against the work's
|
||||||
|
users, your or third parties' legal rights to forbid circumvention of
|
||||||
|
technological measures.
|
||||||
|
|
||||||
|
4. Conveying Verbatim Copies.
|
||||||
|
|
||||||
|
You may convey verbatim copies of the Program's source code as you
|
||||||
|
receive it, in any medium, provided that you conspicuously and
|
||||||
|
appropriately publish on each copy an appropriate copyright notice;
|
||||||
|
keep intact all notices stating that this License and any
|
||||||
|
non-permissive terms added in accord with section 7 apply to the code;
|
||||||
|
keep intact all notices of the absence of any warranty; and give all
|
||||||
|
recipients a copy of this License along with the Program.
|
||||||
|
|
||||||
|
You may charge any price or no price for each copy that you convey,
|
||||||
|
and you may offer support or warranty protection for a fee.
|
||||||
|
|
||||||
|
5. Conveying Modified Source Versions.
|
||||||
|
|
||||||
|
You may convey a work based on the Program, or the modifications to
|
||||||
|
produce it from the Program, in the form of source code under the
|
||||||
|
terms of section 4, provided that you also meet all of these conditions:
|
||||||
|
|
||||||
|
a) The work must carry prominent notices stating that you modified
|
||||||
|
it, and giving a relevant date.
|
||||||
|
|
||||||
|
b) The work must carry prominent notices stating that it is
|
||||||
|
released under this License and any conditions added under section
|
||||||
|
7. This requirement modifies the requirement in section 4 to
|
||||||
|
"keep intact all notices".
|
||||||
|
|
||||||
|
c) You must license the entire work, as a whole, under this
|
||||||
|
License to anyone who comes into possession of a copy. This
|
||||||
|
License will therefore apply, along with any applicable section 7
|
||||||
|
additional terms, to the whole of the work, and all its parts,
|
||||||
|
regardless of how they are packaged. This License gives no
|
||||||
|
permission to license the work in any other way, but it does not
|
||||||
|
invalidate such permission if you have separately received it.
|
||||||
|
|
||||||
|
d) If the work has interactive user interfaces, each must display
|
||||||
|
Appropriate Legal Notices; however, if the Program has interactive
|
||||||
|
interfaces that do not display Appropriate Legal Notices, your
|
||||||
|
work need not make them do so.
|
||||||
|
|
||||||
|
A compilation of a covered work with other separate and independent
|
||||||
|
works, which are not by their nature extensions of the covered work,
|
||||||
|
and which are not combined with it such as to form a larger program,
|
||||||
|
in or on a volume of a storage or distribution medium, is called an
|
||||||
|
"aggregate" if the compilation and its resulting copyright are not
|
||||||
|
used to limit the access or legal rights of the compilation's users
|
||||||
|
beyond what the individual works permit. Inclusion of a covered work
|
||||||
|
in an aggregate does not cause this License to apply to the other
|
||||||
|
parts of the aggregate.
|
||||||
|
|
||||||
|
6. Conveying Non-Source Forms.
|
||||||
|
|
||||||
|
You may convey a covered work in object code form under the terms
|
||||||
|
of sections 4 and 5, provided that you also convey the
|
||||||
|
machine-readable Corresponding Source under the terms of this License,
|
||||||
|
in one of these ways:
|
||||||
|
|
||||||
|
a) Convey the object code in, or embodied in, a physical product
|
||||||
|
(including a physical distribution medium), accompanied by the
|
||||||
|
Corresponding Source fixed on a durable physical medium
|
||||||
|
customarily used for software interchange.
|
||||||
|
|
||||||
|
b) Convey the object code in, or embodied in, a physical product
|
||||||
|
(including a physical distribution medium), accompanied by a
|
||||||
|
written offer, valid for at least three years and valid for as
|
||||||
|
long as you offer spare parts or customer support for that product
|
||||||
|
model, to give anyone who possesses the object code either (1) a
|
||||||
|
copy of the Corresponding Source for all the software in the
|
||||||
|
product that is covered by this License, on a durable physical
|
||||||
|
medium customarily used for software interchange, for a price no
|
||||||
|
more than your reasonable cost of physically performing this
|
||||||
|
conveying of source, or (2) access to copy the
|
||||||
|
Corresponding Source from a network server at no charge.
|
||||||
|
|
||||||
|
c) Convey individual copies of the object code with a copy of the
|
||||||
|
written offer to provide the Corresponding Source. This
|
||||||
|
alternative is allowed only occasionally and noncommercially, and
|
||||||
|
only if you received the object code with such an offer, in accord
|
||||||
|
with subsection 6b.
|
||||||
|
|
||||||
|
d) Convey the object code by offering access from a designated
|
||||||
|
place (gratis or for a charge), and offer equivalent access to the
|
||||||
|
Corresponding Source in the same way through the same place at no
|
||||||
|
further charge. You need not require recipients to copy the
|
||||||
|
Corresponding Source along with the object code. If the place to
|
||||||
|
copy the object code is a network server, the Corresponding Source
|
||||||
|
may be on a different server (operated by you or a third party)
|
||||||
|
that supports equivalent copying facilities, provided you maintain
|
||||||
|
clear directions next to the object code saying where to find the
|
||||||
|
Corresponding Source. Regardless of what server hosts the
|
||||||
|
Corresponding Source, you remain obligated to ensure that it is
|
||||||
|
available for as long as needed to satisfy these requirements.
|
||||||
|
|
||||||
|
e) Convey the object code using peer-to-peer transmission, provided
|
||||||
|
you inform other peers where the object code and Corresponding
|
||||||
|
Source of the work are being offered to the general public at no
|
||||||
|
charge under subsection 6d.
|
||||||
|
|
||||||
|
A separable portion of the object code, whose source code is excluded
|
||||||
|
from the Corresponding Source as a System Library, need not be
|
||||||
|
included in conveying the object code work.
|
||||||
|
|
||||||
|
A "User Product" is either (1) a "consumer product", which means any
|
||||||
|
tangible personal property which is normally used for personal, family,
|
||||||
|
or household purposes, or (2) anything designed or sold for incorporation
|
||||||
|
into a dwelling. In determining whether a product is a consumer product,
|
||||||
|
doubtful cases shall be resolved in favor of coverage. For a particular
|
||||||
|
product received by a particular user, "normally used" refers to a
|
||||||
|
typical or common use of that class of product, regardless of the status
|
||||||
|
of the particular user or of the way in which the particular user
|
||||||
|
actually uses, or expects or is expected to use, the product. A product
|
||||||
|
is a consumer product regardless of whether the product has substantial
|
||||||
|
commercial, industrial or non-consumer uses, unless such uses represent
|
||||||
|
the only significant mode of use of the product.
|
||||||
|
|
||||||
|
"Installation Information" for a User Product means any methods,
|
||||||
|
procedures, authorization keys, or other information required to install
|
||||||
|
and execute modified versions of a covered work in that User Product from
|
||||||
|
a modified version of its Corresponding Source. The information must
|
||||||
|
suffice to ensure that the continued functioning of the modified object
|
||||||
|
code is in no case prevented or interfered with solely because
|
||||||
|
modification has been made.
|
||||||
|
|
||||||
|
If you convey an object code work under this section in, or with, or
|
||||||
|
specifically for use in, a User Product, and the conveying occurs as
|
||||||
|
part of a transaction in which the right of possession and use of the
|
||||||
|
User Product is transferred to the recipient in perpetuity or for a
|
||||||
|
fixed term (regardless of how the transaction is characterized), the
|
||||||
|
Corresponding Source conveyed under this section must be accompanied
|
||||||
|
by the Installation Information. But this requirement does not apply
|
||||||
|
if neither you nor any third party retains the ability to install
|
||||||
|
modified object code on the User Product (for example, the work has
|
||||||
|
been installed in ROM).
|
||||||
|
|
||||||
|
The requirement to provide Installation Information does not include a
|
||||||
|
requirement to continue to provide support service, warranty, or updates
|
||||||
|
for a work that has been modified or installed by the recipient, or for
|
||||||
|
the User Product in which it has been modified or installed. Access to a
|
||||||
|
network may be denied when the modification itself materially and
|
||||||
|
adversely affects the operation of the network or violates the rules and
|
||||||
|
protocols for communication across the network.
|
||||||
|
|
||||||
|
Corresponding Source conveyed, and Installation Information provided,
|
||||||
|
in accord with this section must be in a format that is publicly
|
||||||
|
documented (and with an implementation available to the public in
|
||||||
|
source code form), and must require no special password or key for
|
||||||
|
unpacking, reading or copying.
|
||||||
|
|
||||||
|
7. Additional Terms.
|
||||||
|
|
||||||
|
"Additional permissions" are terms that supplement the terms of this
|
||||||
|
License by making exceptions from one or more of its conditions.
|
||||||
|
Additional permissions that are applicable to the entire Program shall
|
||||||
|
be treated as though they were included in this License, to the extent
|
||||||
|
that they are valid under applicable law. If additional permissions
|
||||||
|
apply only to part of the Program, that part may be used separately
|
||||||
|
under those permissions, but the entire Program remains governed by
|
||||||
|
this License without regard to the additional permissions.
|
||||||
|
|
||||||
|
When you convey a copy of a covered work, you may at your option
|
||||||
|
remove any additional permissions from that copy, or from any part of
|
||||||
|
it. (Additional permissions may be written to require their own
|
||||||
|
removal in certain cases when you modify the work.) You may place
|
||||||
|
additional permissions on material, added by you to a covered work,
|
||||||
|
for which you have or can give appropriate copyright permission.
|
||||||
|
|
||||||
|
Notwithstanding any other provision of this License, for material you
|
||||||
|
add to a covered work, you may (if authorized by the copyright holders of
|
||||||
|
that material) supplement the terms of this License with terms:
|
||||||
|
|
||||||
|
a) Disclaiming warranty or limiting liability differently from the
|
||||||
|
terms of sections 15 and 16 of this License; or
|
||||||
|
|
||||||
|
b) Requiring preservation of specified reasonable legal notices or
|
||||||
|
author attributions in that material or in the Appropriate Legal
|
||||||
|
Notices displayed by works containing it; or
|
||||||
|
|
||||||
|
c) Prohibiting misrepresentation of the origin of that material, or
|
||||||
|
requiring that modified versions of such material be marked in
|
||||||
|
reasonable ways as different from the original version; or
|
||||||
|
|
||||||
|
d) Limiting the use for publicity purposes of names of licensors or
|
||||||
|
authors of the material; or
|
||||||
|
|
||||||
|
e) Declining to grant rights under trademark law for use of some
|
||||||
|
trade names, trademarks, or service marks; or
|
||||||
|
|
||||||
|
f) Requiring indemnification of licensors and authors of that
|
||||||
|
material by anyone who conveys the material (or modified versions of
|
||||||
|
it) with contractual assumptions of liability to the recipient, for
|
||||||
|
any liability that these contractual assumptions directly impose on
|
||||||
|
those licensors and authors.
|
||||||
|
|
||||||
|
All other non-permissive additional terms are considered "further
|
||||||
|
restrictions" within the meaning of section 10. If the Program as you
|
||||||
|
received it, or any part of it, contains a notice stating that it is
|
||||||
|
governed by this License along with a term that is a further
|
||||||
|
restriction, you may remove that term. If a license document contains
|
||||||
|
a further restriction but permits relicensing or conveying under this
|
||||||
|
License, you may add to a covered work material governed by the terms
|
||||||
|
of that license document, provided that the further restriction does
|
||||||
|
not survive such relicensing or conveying.
|
||||||
|
|
||||||
|
If you add terms to a covered work in accord with this section, you
|
||||||
|
must place, in the relevant source files, a statement of the
|
||||||
|
additional terms that apply to those files, or a notice indicating
|
||||||
|
where to find the applicable terms.
|
||||||
|
|
||||||
|
Additional terms, permissive or non-permissive, may be stated in the
|
||||||
|
form of a separately written license, or stated as exceptions;
|
||||||
|
the above requirements apply either way.
|
||||||
|
|
||||||
|
8. Termination.
|
||||||
|
|
||||||
|
You may not propagate or modify a covered work except as expressly
|
||||||
|
provided under this License. Any attempt otherwise to propagate or
|
||||||
|
modify it is void, and will automatically terminate your rights under
|
||||||
|
this License (including any patent licenses granted under the third
|
||||||
|
paragraph of section 11).
|
||||||
|
|
||||||
|
However, if you cease all violation of this License, then your
|
||||||
|
license from a particular copyright holder is reinstated (a)
|
||||||
|
provisionally, unless and until the copyright holder explicitly and
|
||||||
|
finally terminates your license, and (b) permanently, if the copyright
|
||||||
|
holder fails to notify you of the violation by some reasonable means
|
||||||
|
prior to 60 days after the cessation.
|
||||||
|
|
||||||
|
Moreover, your license from a particular copyright holder is
|
||||||
|
reinstated permanently if the copyright holder notifies you of the
|
||||||
|
violation by some reasonable means, this is the first time you have
|
||||||
|
received notice of violation of this License (for any work) from that
|
||||||
|
copyright holder, and you cure the violation prior to 30 days after
|
||||||
|
your receipt of the notice.
|
||||||
|
|
||||||
|
Termination of your rights under this section does not terminate the
|
||||||
|
licenses of parties who have received copies or rights from you under
|
||||||
|
this License. If your rights have been terminated and not permanently
|
||||||
|
reinstated, you do not qualify to receive new licenses for the same
|
||||||
|
material under section 10.
|
||||||
|
|
||||||
|
9. Acceptance Not Required for Having Copies.
|
||||||
|
|
||||||
|
You are not required to accept this License in order to receive or
|
||||||
|
run a copy of the Program. Ancillary propagation of a covered work
|
||||||
|
occurring solely as a consequence of using peer-to-peer transmission
|
||||||
|
to receive a copy likewise does not require acceptance. However,
|
||||||
|
nothing other than this License grants you permission to propagate or
|
||||||
|
modify any covered work. These actions infringe copyright if you do
|
||||||
|
not accept this License. Therefore, by modifying or propagating a
|
||||||
|
covered work, you indicate your acceptance of this License to do so.
|
||||||
|
|
||||||
|
10. Automatic Licensing of Downstream Recipients.
|
||||||
|
|
||||||
|
Each time you convey a covered work, the recipient automatically
|
||||||
|
receives a license from the original licensors, to run, modify and
|
||||||
|
propagate that work, subject to this License. You are not responsible
|
||||||
|
for enforcing compliance by third parties with this License.
|
||||||
|
|
||||||
|
An "entity transaction" is a transaction transferring control of an
|
||||||
|
organization, or substantially all assets of one, or subdividing an
|
||||||
|
organization, or merging organizations. If propagation of a covered
|
||||||
|
work results from an entity transaction, each party to that
|
||||||
|
transaction who receives a copy of the work also receives whatever
|
||||||
|
licenses to the work the party's predecessor in interest had or could
|
||||||
|
give under the previous paragraph, plus a right to possession of the
|
||||||
|
Corresponding Source of the work from the predecessor in interest, if
|
||||||
|
the predecessor has it or can get it with reasonable efforts.
|
||||||
|
|
||||||
|
You may not impose any further restrictions on the exercise of the
|
||||||
|
rights granted or affirmed under this License. For example, you may
|
||||||
|
not impose a license fee, royalty, or other charge for exercise of
|
||||||
|
rights granted under this License, and you may not initiate litigation
|
||||||
|
(including a cross-claim or counterclaim in a lawsuit) alleging that
|
||||||
|
any patent claim is infringed by making, using, selling, offering for
|
||||||
|
sale, or importing the Program or any portion of it.
|
||||||
|
|
||||||
|
11. Patents.
|
||||||
|
|
||||||
|
A "contributor" is a copyright holder who authorizes use under this
|
||||||
|
License of the Program or a work on which the Program is based. The
|
||||||
|
work thus licensed is called the contributor's "contributor version".
|
||||||
|
|
||||||
|
A contributor's "essential patent claims" are all patent claims
|
||||||
|
owned or controlled by the contributor, whether already acquired or
|
||||||
|
hereafter acquired, that would be infringed by some manner, permitted
|
||||||
|
by this License, of making, using, or selling its contributor version,
|
||||||
|
but do not include claims that would be infringed only as a
|
||||||
|
consequence of further modification of the contributor version. For
|
||||||
|
purposes of this definition, "control" includes the right to grant
|
||||||
|
patent sublicenses in a manner consistent with the requirements of
|
||||||
|
this License.
|
||||||
|
|
||||||
|
Each contributor grants you a non-exclusive, worldwide, royalty-free
|
||||||
|
patent license under the contributor's essential patent claims, to
|
||||||
|
make, use, sell, offer for sale, import and otherwise run, modify and
|
||||||
|
propagate the contents of its contributor version.
|
||||||
|
|
||||||
|
In the following three paragraphs, a "patent license" is any express
|
||||||
|
agreement or commitment, however denominated, not to enforce a patent
|
||||||
|
(such as an express permission to practice a patent or covenant not to
|
||||||
|
sue for patent infringement). To "grant" such a patent license to a
|
||||||
|
party means to make such an agreement or commitment not to enforce a
|
||||||
|
patent against the party.
|
||||||
|
|
||||||
|
If you convey a covered work, knowingly relying on a patent license,
|
||||||
|
and the Corresponding Source of the work is not available for anyone
|
||||||
|
to copy, free of charge and under the terms of this License, through a
|
||||||
|
publicly available network server or other readily accessible means,
|
||||||
|
then you must either (1) cause the Corresponding Source to be so
|
||||||
|
available, or (2) arrange to deprive yourself of the benefit of the
|
||||||
|
patent license for this particular work, or (3) arrange, in a manner
|
||||||
|
consistent with the requirements of this License, to extend the patent
|
||||||
|
license to downstream recipients. "Knowingly relying" means you have
|
||||||
|
actual knowledge that, but for the patent license, your conveying the
|
||||||
|
covered work in a country, or your recipient's use of the covered work
|
||||||
|
in a country, would infringe one or more identifiable patents in that
|
||||||
|
country that you have reason to believe are valid.
|
||||||
|
|
||||||
|
If, pursuant to or in connection with a single transaction or
|
||||||
|
arrangement, you convey, or propagate by procuring conveyance of, a
|
||||||
|
covered work, and grant a patent license to some of the parties
|
||||||
|
receiving the covered work authorizing them to use, propagate, modify
|
||||||
|
or convey a specific copy of the covered work, then the patent license
|
||||||
|
you grant is automatically extended to all recipients of the covered
|
||||||
|
work and works based on it.
|
||||||
|
|
||||||
|
A patent license is "discriminatory" if it does not include within
|
||||||
|
the scope of its coverage, prohibits the exercise of, or is
|
||||||
|
conditioned on the non-exercise of one or more of the rights that are
|
||||||
|
specifically granted under this License. You may not convey a covered
|
||||||
|
work if you are a party to an arrangement with a third party that is
|
||||||
|
in the business of distributing software, under which you make payment
|
||||||
|
to the third party based on the extent of your activity of conveying
|
||||||
|
the work, and under which the third party grants, to any of the
|
||||||
|
parties who would receive the covered work from you, a discriminatory
|
||||||
|
patent license (a) in connection with copies of the covered work
|
||||||
|
conveyed by you (or copies made from those copies), or (b) primarily
|
||||||
|
for and in connection with specific products or compilations that
|
||||||
|
contain the covered work, unless you entered into that arrangement,
|
||||||
|
or that patent license was granted, prior to 28 March 2007.
|
||||||
|
|
||||||
|
Nothing in this License shall be construed as excluding or limiting
|
||||||
|
any implied license or other defenses to infringement that may
|
||||||
|
otherwise be available to you under applicable patent law.
|
||||||
|
|
||||||
|
12. No Surrender of Others' Freedom.
|
||||||
|
|
||||||
|
If conditions are imposed on you (whether by court order, agreement or
|
||||||
|
otherwise) that contradict the conditions of this License, they do not
|
||||||
|
excuse you from the conditions of this License. If you cannot convey a
|
||||||
|
covered work so as to satisfy simultaneously your obligations under this
|
||||||
|
License and any other pertinent obligations, then as a consequence you may
|
||||||
|
not convey it at all. For example, if you agree to terms that obligate you
|
||||||
|
to collect a royalty for further conveying from those to whom you convey
|
||||||
|
the Program, the only way you could satisfy both those terms and this
|
||||||
|
License would be to refrain entirely from conveying the Program.
|
||||||
|
|
||||||
|
13. Use with the GNU Affero General Public License.
|
||||||
|
|
||||||
|
Notwithstanding any other provision of this License, you have
|
||||||
|
permission to link or combine any covered work with a work licensed
|
||||||
|
under version 3 of the GNU Affero General Public License into a single
|
||||||
|
combined work, and to convey the resulting work. The terms of this
|
||||||
|
License will continue to apply to the part which is the covered work,
|
||||||
|
but the special requirements of the GNU Affero General Public License,
|
||||||
|
section 13, concerning interaction through a network will apply to the
|
||||||
|
combination as such.
|
||||||
|
|
||||||
|
14. Revised Versions of this License.
|
||||||
|
|
||||||
|
The Free Software Foundation may publish revised and/or new versions of
|
||||||
|
the GNU General Public License from time to time. Such new versions will
|
||||||
|
be similar in spirit to the present version, but may differ in detail to
|
||||||
|
address new problems or concerns.
|
||||||
|
|
||||||
|
Each version is given a distinguishing version number. If the
|
||||||
|
Program specifies that a certain numbered version of the GNU General
|
||||||
|
Public License "or any later version" applies to it, you have the
|
||||||
|
option of following the terms and conditions either of that numbered
|
||||||
|
version or of any later version published by the Free Software
|
||||||
|
Foundation. If the Program does not specify a version number of the
|
||||||
|
GNU General Public License, you may choose any version ever published
|
||||||
|
by the Free Software Foundation.
|
||||||
|
|
||||||
|
If the Program specifies that a proxy can decide which future
|
||||||
|
versions of the GNU General Public License can be used, that proxy's
|
||||||
|
public statement of acceptance of a version permanently authorizes you
|
||||||
|
to choose that version for the Program.
|
||||||
|
|
||||||
|
Later license versions may give you additional or different
|
||||||
|
permissions. However, no additional obligations are imposed on any
|
||||||
|
author or copyright holder as a result of your choosing to follow a
|
||||||
|
later version.
|
||||||
|
|
||||||
|
15. Disclaimer of Warranty.
|
||||||
|
|
||||||
|
THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
|
||||||
|
APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
|
||||||
|
HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
|
||||||
|
OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
|
||||||
|
THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||||
|
PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
|
||||||
|
IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
|
||||||
|
ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
|
||||||
|
|
||||||
|
16. Limitation of Liability.
|
||||||
|
|
||||||
|
IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
|
||||||
|
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
|
||||||
|
THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
|
||||||
|
GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
|
||||||
|
USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
|
||||||
|
DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
|
||||||
|
PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
|
||||||
|
EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
|
||||||
|
SUCH DAMAGES.
|
||||||
|
|
||||||
|
17. Interpretation of Sections 15 and 16.
|
||||||
|
|
||||||
|
If the disclaimer of warranty and limitation of liability provided
|
||||||
|
above cannot be given local legal effect according to their terms,
|
||||||
|
reviewing courts shall apply local law that most closely approximates
|
||||||
|
an absolute waiver of all civil liability in connection with the
|
||||||
|
Program, unless a warranty or assumption of liability accompanies a
|
||||||
|
copy of the Program in return for a fee.
|
||||||
|
|
||||||
|
END OF TERMS AND CONDITIONS
|
||||||
|
|
||||||
|
How to Apply These Terms to Your New Programs
|
||||||
|
|
||||||
|
If you develop a new program, and you want it to be of the greatest
|
||||||
|
possible use to the public, the best way to achieve this is to make it
|
||||||
|
free software which everyone can redistribute and change under these terms.
|
||||||
|
|
||||||
|
To do so, attach the following notices to the program. It is safest
|
||||||
|
to attach them to the start of each source file to most effectively
|
||||||
|
state the exclusion of warranty; and each file should have at least
|
||||||
|
the "copyright" line and a pointer to where the full notice is found.
|
||||||
|
|
||||||
|
<one line to give the program's name and a brief idea of what it does.>
|
||||||
|
Copyright (C) <year> <name of author>
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
|
Also add information on how to contact you by electronic and paper mail.
|
||||||
|
|
||||||
|
If the program does terminal interaction, make it output a short
|
||||||
|
notice like this when it starts in an interactive mode:
|
||||||
|
|
||||||
|
<program> Copyright (C) <year> <name of author>
|
||||||
|
This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
|
||||||
|
This is free software, and you are welcome to redistribute it
|
||||||
|
under certain conditions; type `show c' for details.
|
||||||
|
|
||||||
|
The hypothetical commands `show w' and `show c' should show the appropriate
|
||||||
|
parts of the General Public License. Of course, your program's commands
|
||||||
|
might be different; for a GUI interface, you would use an "about box".
|
||||||
|
|
||||||
|
You should also get your employer (if you work as a programmer) or school,
|
||||||
|
if any, to sign a "copyright disclaimer" for the program, if necessary.
|
||||||
|
For more information on this, and how to apply and follow the GNU GPL, see
|
||||||
|
<http://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
|
The GNU General Public License does not permit incorporating your program
|
||||||
|
into proprietary programs. If your program is a subroutine library, you
|
||||||
|
may consider it more useful to permit linking proprietary applications with
|
||||||
|
the library. If this is what you want to do, use the GNU Lesser General
|
||||||
|
Public License instead of this License. But first, please read
|
||||||
|
<http://www.gnu.org/philosophy/why-not-lgpl.html>.
|
59
Makefile
Normal file
59
Makefile
Normal file
|
@ -0,0 +1,59 @@
|
||||||
|
SHELL := /bin/bash
|
||||||
|
MAX_LINE_LENGTH := 119
|
||||||
|
|
||||||
|
all: help
|
||||||
|
|
||||||
|
help:
|
||||||
|
@awk 'BEGIN {FS = ":.*?## "} /^[a-zA-Z0-9 -]+:.*?## / {printf "\033[36m%-22s\033[0m %s\n", $$1, $$2}' $(MAKEFILE_LIST)
|
||||||
|
|
||||||
|
check-poetry:
|
||||||
|
@if [[ "$(shell poetry --version 2>/dev/null)" == *"Poetry"* ]] ; \
|
||||||
|
then \
|
||||||
|
echo "Poetry found, ok." ; \
|
||||||
|
else \
|
||||||
|
echo 'Please install poetry first, with e.g.:' ; \
|
||||||
|
echo 'make install-poetry' ; \
|
||||||
|
exit 1 ; \
|
||||||
|
fi
|
||||||
|
|
||||||
|
install-poetry: ## install or update poetry
|
||||||
|
pip3 install -U poetry
|
||||||
|
|
||||||
|
install: check-poetry ## install project via poetry
|
||||||
|
poetry install
|
||||||
|
|
||||||
|
update: install-poetry ## update the sources and installation
|
||||||
|
poetry update
|
||||||
|
|
||||||
|
lint: ## Run code formatters and linter
|
||||||
|
poetry run flynt --fail-on-change --line_length=${MAX_LINE_LENGTH} django_ynh
|
||||||
|
poetry run isort --check-only .
|
||||||
|
poetry run flake8 django_ynh
|
||||||
|
|
||||||
|
fix-code-style: ## Fix code formatting
|
||||||
|
poetry run flynt --line_length=${MAX_LINE_LENGTH} django_ynh
|
||||||
|
poetry run black --verbose --safe --line-length=${MAX_LINE_LENGTH} --skip-string-normalization django_ynh django_ynh_tests
|
||||||
|
poetry run isort .
|
||||||
|
|
||||||
|
tox-listenvs: check-poetry ## List all tox test environments
|
||||||
|
poetry run tox --listenvs
|
||||||
|
|
||||||
|
tox: check-poetry ## Run pytest via tox with all environments
|
||||||
|
poetry run tox
|
||||||
|
|
||||||
|
pytest: check-poetry ## Run pytest
|
||||||
|
poetry run pytest
|
||||||
|
|
||||||
|
publish: ## Release new version to PyPi
|
||||||
|
poetry run publish
|
||||||
|
|
||||||
|
local-test: check-poetry ## Run local_test.py to run the project locally
|
||||||
|
poetry run ./local_test.py
|
||||||
|
|
||||||
|
local-diff-settings: ## Run "manage.py diffsettings" with local test
|
||||||
|
poetry run python3 local_test/opt_yunohost/manage.py diffsettings
|
||||||
|
|
||||||
|
|
||||||
|
##############################################################################
|
||||||
|
|
||||||
|
.PHONY: help check-poetry install-poetry install update local-test
|
131
README.md
Normal file
131
README.md
Normal file
|
@ -0,0 +1,131 @@
|
||||||
|
# django_ynh
|
||||||
|
|
||||||
|
Current state is broken, because we are **planing** ;)
|
||||||
|
|
||||||
|
[![Integration level](https://dash.yunohost.org/integration/django_ynh.svg)](https://dash.yunohost.org/appci/app/django_ynh) ![](https://ci-apps.yunohost.org/ci/badges/django_ynh.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/django_ynh.maintain.svg)
|
||||||
|
[![Install django_ynh with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=django_ynh)
|
||||||
|
|
||||||
|
> *This package allows you to install django_ynh quickly and simply on a YunoHost server.
|
||||||
|
If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/install) to learn how to install it.*
|
||||||
|
|
||||||
|
Pull requests welcome ;)
|
||||||
|
|
||||||
|
## Overview
|
||||||
|
|
||||||
|
Glue code to package django projects as yunohost apps.
|
||||||
|
|
||||||
|
## SSO authentication
|
||||||
|
|
||||||
|
[SSOwat](https://github.com/YunoHost/SSOwat) is fully supported:
|
||||||
|
|
||||||
|
* First user (`$YNH_APP_ARG_ADMIN`) will be created as Django's super user
|
||||||
|
* All new users will be created as normal users
|
||||||
|
* Login via SSO is fully supported
|
||||||
|
* User Email, First / Last name will be updated from SSO data
|
||||||
|
|
||||||
|
|
||||||
|
## Links
|
||||||
|
|
||||||
|
* Report a bug about this package: https://github.com/YunoHost-Apps/django_ynh
|
||||||
|
* YunoHost website: https://yunohost.org/
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
# Developer info
|
||||||
|
|
||||||
|
## package installation / debugging
|
||||||
|
|
||||||
|
Please send your pull request to https://github.com/YunoHost-Apps/django_ynh
|
||||||
|
|
||||||
|
Try 'main' branch, e.g.:
|
||||||
|
```bash
|
||||||
|
sudo yunohost app install https://github.com/YunoHost-Apps/django_ynh/tree/master --debug
|
||||||
|
or
|
||||||
|
sudo yunohost app upgrade django_ynh -u https://github.com/YunoHost-Apps/django_ynh/tree/master --debug
|
||||||
|
```
|
||||||
|
|
||||||
|
Try 'testing' branch, e.g.:
|
||||||
|
```bash
|
||||||
|
sudo yunohost app install https://github.com/YunoHost-Apps/django_ynh/tree/testing --debug
|
||||||
|
or
|
||||||
|
sudo yunohost app upgrade django_ynh -u https://github.com/YunoHost-Apps/django_ynh/tree/testing --debug
|
||||||
|
```
|
||||||
|
|
||||||
|
To remove call e.g.:
|
||||||
|
```bash
|
||||||
|
sudo yunohost app remove django_ynh
|
||||||
|
```
|
||||||
|
|
||||||
|
Backup / remove / restore cycle, e.g.:
|
||||||
|
```bash
|
||||||
|
yunohost backup create --apps django_ynh
|
||||||
|
yunohost backup list
|
||||||
|
archives:
|
||||||
|
- django_ynh-pre-upgrade1
|
||||||
|
- 20201223-163434
|
||||||
|
yunohost app remove django_ynh
|
||||||
|
yunohost backup restore 20201223-163434 --apps django_ynh
|
||||||
|
```
|
||||||
|
|
||||||
|
Debug installation, e.g.:
|
||||||
|
```bash
|
||||||
|
root@yunohost:~# ls -la /var/www/django_ynh/
|
||||||
|
total 18
|
||||||
|
drwxr-xr-x 4 root root 4 Dec 8 08:36 .
|
||||||
|
drwxr-xr-x 6 root root 6 Dec 8 08:36 ..
|
||||||
|
drwxr-xr-x 2 root root 2 Dec 8 08:36 media
|
||||||
|
drwxr-xr-x 7 root root 8 Dec 8 08:40 static
|
||||||
|
|
||||||
|
root@yunohost:~# ls -la /opt/yunohost/django_ynh/
|
||||||
|
total 58
|
||||||
|
drwxr-xr-x 5 django_ynh django_ynh 11 Dec 8 08:39 .
|
||||||
|
drwxr-xr-x 3 root root 3 Dec 8 08:36 ..
|
||||||
|
-rw-r--r-- 1 django_ynh django_ynh 460 Dec 8 08:39 gunicorn.conf.py
|
||||||
|
-rw-r--r-- 1 django_ynh django_ynh 0 Dec 8 08:39 local_settings.py
|
||||||
|
-rwxr-xr-x 1 django_ynh django_ynh 274 Dec 8 08:39 manage.py
|
||||||
|
-rw-r--r-- 1 django_ynh django_ynh 171 Dec 8 08:39 secret.txt
|
||||||
|
drwxr-xr-x 6 django_ynh django_ynh 6 Dec 8 08:37 venv
|
||||||
|
-rw-r--r-- 1 django_ynh django_ynh 115 Dec 8 08:39 wsgi.py
|
||||||
|
-rw-r--r-- 1 django_ynh django_ynh 4737 Dec 8 08:39 django_ynh.settings.py
|
||||||
|
|
||||||
|
root@yunohost:~# cd /opt/yunohost/django_ynh/
|
||||||
|
root@yunohost:/opt/yunohost/django_ynh# source venv/bin/activate
|
||||||
|
(venv) root@yunohost:/opt/yunohost/django_ynh# ./manage.py check
|
||||||
|
django_ynh v0.8.2 (Django v2.2.17)
|
||||||
|
DJANGO_SETTINGS_MODULE='django_ynh.settings'
|
||||||
|
PROJECT_PATH:/opt/yunohost/django_ynh/venv/lib/python3.7/site-packages
|
||||||
|
BASE_PATH:/opt/yunohost/django_ynh
|
||||||
|
System check identified no issues (0 silenced).
|
||||||
|
|
||||||
|
root@yunohost:~# tail -f /var/log/django_ynh/django_ynh.log
|
||||||
|
root@yunohost:~# cat /etc/systemd/system/django_ynh.service
|
||||||
|
|
||||||
|
root@yunohost:~# systemctl reload-or-restart django_ynh
|
||||||
|
root@yunohost:~# journalctl --unit=django_ynh --follow
|
||||||
|
```
|
||||||
|
|
||||||
|
## local test
|
||||||
|
|
||||||
|
For quicker developing of django_ynh in the context of YunoHost app,
|
||||||
|
it's possible to run the Django developer server with the settings
|
||||||
|
and urls made for YunoHost installation.
|
||||||
|
|
||||||
|
e.g.:
|
||||||
|
```bash
|
||||||
|
~$ git clone https://github.com/YunoHost-Apps/django_ynh.git
|
||||||
|
~$ cd django_ynh/
|
||||||
|
~/django_ynh$ make
|
||||||
|
install-poetry install or update poetry
|
||||||
|
install install django_ynh via poetry
|
||||||
|
update update the sources and installation
|
||||||
|
local-test Run local_test.py to run django_ynh locally
|
||||||
|
~/django_ynh$ make install-poetry
|
||||||
|
~/django_ynh$ make install
|
||||||
|
~/django_ynh$ make local-test
|
||||||
|
```
|
||||||
|
|
||||||
|
Notes:
|
||||||
|
|
||||||
|
* SQlite database will be used
|
||||||
|
* A super user with username `test` and password `test` is created
|
||||||
|
* The page is available under `http://127.0.0.1:8000/app_path/`
|
33
check_process
Normal file
33
check_process
Normal file
|
@ -0,0 +1,33 @@
|
||||||
|
# See here for more information
|
||||||
|
# https://github.com/YunoHost/package_check#syntax-check_process-file
|
||||||
|
|
||||||
|
# Move this file from check_process.default to check_process when you have filled it.
|
||||||
|
|
||||||
|
;; Test complet
|
||||||
|
; Manifest
|
||||||
|
domain="domain.tld" (DOMAIN)
|
||||||
|
path="/path" (PATH)
|
||||||
|
admin="john" (USER)
|
||||||
|
is_public=1 (PUBLIC|public=1|private=0)
|
||||||
|
password="pass"
|
||||||
|
port="666" (PORT)
|
||||||
|
; Checks
|
||||||
|
pkg_linter=1
|
||||||
|
setup_sub_dir=1
|
||||||
|
setup_root=1
|
||||||
|
setup_nourl=0
|
||||||
|
setup_private=1
|
||||||
|
setup_public=1
|
||||||
|
upgrade=1
|
||||||
|
backup_restore=1
|
||||||
|
multi_instance=1
|
||||||
|
port_already_use=0
|
||||||
|
change_url=1
|
||||||
|
;;; Options
|
||||||
|
Email=
|
||||||
|
Notification=none
|
||||||
|
;;; Upgrade options
|
||||||
|
; commit=CommitHash
|
||||||
|
name=Name and date of the commit.
|
||||||
|
manifest_arg=domain=DOMAIN&path=PATH&admin=USER&language=fr&is_public=1&password=pass&port=666&
|
||||||
|
|
17
conf/django_ynh.service
Normal file
17
conf/django_ynh.service
Normal file
|
@ -0,0 +1,17 @@
|
||||||
|
[Unit]
|
||||||
|
Description=django_ynh application server
|
||||||
|
After=redis.service postgresql.service
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
User=__APP__
|
||||||
|
Group=__APP__
|
||||||
|
WorkingDirectory=__FINALPATH__/
|
||||||
|
|
||||||
|
ExecStart=__FINALPATH__/venv/bin/gunicorn --config __FINALPATH__/gunicorn.conf.py wsgi
|
||||||
|
|
||||||
|
StandardOutput=syslog
|
||||||
|
StandardError=syslog
|
||||||
|
SyslogIdentifier=__APP__-server
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
20
conf/gunicorn.conf.py
Normal file
20
conf/gunicorn.conf.py
Normal file
|
@ -0,0 +1,20 @@
|
||||||
|
"""
|
||||||
|
Configuration for Gunicorn
|
||||||
|
"""
|
||||||
|
import multiprocessing
|
||||||
|
|
||||||
|
|
||||||
|
bind = '127.0.0.1:__PORT__'
|
||||||
|
|
||||||
|
# https://docs.gunicorn.org/en/latest/settings.html#workers
|
||||||
|
workers = multiprocessing.cpu_count() * 2 + 1
|
||||||
|
|
||||||
|
# https://docs.gunicorn.org/en/latest/settings.html#logging
|
||||||
|
loglevel = 'info'
|
||||||
|
|
||||||
|
# https://docs.gunicorn.org/en/latest/settings.html#logging
|
||||||
|
accesslog = '__LOG_FILE__'
|
||||||
|
errorlog = '__LOG_FILE__'
|
||||||
|
|
||||||
|
# https://docs.gunicorn.org/en/latest/settings.html#pidfile
|
||||||
|
pidfile = '__FINAL_HOME_PATH__/gunicorn.pid'
|
14
conf/manage.py
Executable file
14
conf/manage.py
Executable file
|
@ -0,0 +1,14 @@
|
||||||
|
#!/usr/bin/env python3
|
||||||
|
|
||||||
|
import os
|
||||||
|
import sys
|
||||||
|
|
||||||
|
|
||||||
|
def main():
|
||||||
|
os.environ['DJANGO_SETTINGS_MODULE'] = 'django_ynh.settings'
|
||||||
|
from django.core.management import execute_from_command_line
|
||||||
|
execute_from_command_line(sys.argv)
|
||||||
|
|
||||||
|
|
||||||
|
if __name__ == '__main__':
|
||||||
|
main()
|
24
conf/nginx.conf
Normal file
24
conf/nginx.conf
Normal file
|
@ -0,0 +1,24 @@
|
||||||
|
|
||||||
|
location __PATH__/static/ {
|
||||||
|
# Django static files
|
||||||
|
alias __PUBLIC_PATH__/static/;
|
||||||
|
expires 30d;
|
||||||
|
}
|
||||||
|
|
||||||
|
location / {
|
||||||
|
# https://github.com/benoitc/gunicorn/blob/master/examples/nginx.conf
|
||||||
|
|
||||||
|
proxy_http_version 1.1;
|
||||||
|
proxy_set_header Host $host;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
proxy_set_header X-Forwarded-Protocol $scheme;
|
||||||
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
|
proxy_set_header X-Scheme $scheme;
|
||||||
|
|
||||||
|
proxy_read_timeout 30;
|
||||||
|
proxy_send_timeout 30;
|
||||||
|
proxy_connect_timeout 30;
|
||||||
|
proxy_redirect off;
|
||||||
|
|
||||||
|
proxy_pass http://127.0.0.1:__PORT__/;
|
||||||
|
}
|
19
conf/urls.py
Normal file
19
conf/urls.py
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
from django.conf import settings
|
||||||
|
from django.conf.urls import static
|
||||||
|
from django.contrib import admin
|
||||||
|
from django.urls import path
|
||||||
|
|
||||||
|
from django_ynh.views.debug import request_media_debug_view
|
||||||
|
|
||||||
|
|
||||||
|
# settings.PATH_URL is the $YNH_APP_ARG_PATH
|
||||||
|
# Prefix all urls with "PATH_URL":
|
||||||
|
urlpatterns = [
|
||||||
|
path(f'{settings.PATH_URL}/', admin.site.urls),
|
||||||
|
]
|
||||||
|
|
||||||
|
if settings.SERVE_FILES:
|
||||||
|
urlpatterns += static.static(settings.STATIC_URL, document_root=settings.STATIC_ROOT)
|
||||||
|
|
||||||
|
if settings.DEBUG:
|
||||||
|
urlpatterns.append(path(f'{settings.PATH_URL}/debug/', request_media_debug_view))
|
12
conf/wsgi.py
Normal file
12
conf/wsgi.py
Normal file
|
@ -0,0 +1,12 @@
|
||||||
|
"""
|
||||||
|
WSGI config
|
||||||
|
"""
|
||||||
|
import os
|
||||||
|
|
||||||
|
|
||||||
|
os.environ['DJANGO_SETTINGS_MODULE'] = 'django_ynh.settings'
|
||||||
|
|
||||||
|
from django.core.wsgi import get_wsgi_application
|
||||||
|
|
||||||
|
|
||||||
|
application = get_wsgi_application()
|
174
conf/ynh_settings.py
Normal file
174
conf/ynh_settings.py
Normal file
|
@ -0,0 +1,174 @@
|
||||||
|
################################################################################
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
# Please do not modify this file, it will be reset at the next update.
|
||||||
|
# You can edit the file __FINAL_HOME_PATH__/local_settings.py and add/modify the settings you need.
|
||||||
|
# The parameters you add in local_settings.py will overwrite these,
|
||||||
|
# but you can use the options and documentation in this file to find out what can be done.
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
################################################################################
|
||||||
|
|
||||||
|
from pathlib import Path as __Path
|
||||||
|
|
||||||
|
|
||||||
|
DEBUG = False
|
||||||
|
|
||||||
|
# -----------------------------------------------------------------------------
|
||||||
|
|
||||||
|
FINAL_HOME_PATH = __Path('__FINAL_HOME_PATH__') # /opt/yunohost/$app
|
||||||
|
assert FINAL_HOME_PATH.is_dir(), f'Directory not exists: {FINAL_HOME_PATH}'
|
||||||
|
|
||||||
|
FINAL_WWW_PATH = __Path('__FINAL_WWW_PATH__') # /var/www/$app
|
||||||
|
assert FINAL_WWW_PATH.is_dir(), f'Directory not exists: {FINAL_WWW_PATH}'
|
||||||
|
|
||||||
|
LOG_FILE = __Path('__LOG_FILE__') # /var/log/$app/django_ynh.log
|
||||||
|
assert LOG_FILE.is_file(), f'File not exists: {LOG_FILE}'
|
||||||
|
|
||||||
|
PATH_URL = '__PATH_URL__' # $YNH_APP_ARG_PATH
|
||||||
|
PATH_URL = PATH_URL.strip('/')
|
||||||
|
|
||||||
|
# -----------------------------------------------------------------------------
|
||||||
|
|
||||||
|
ROOT_URLCONF = 'django_ynh.urls' # /opt/yunohost/django_ynh/urls.py
|
||||||
|
|
||||||
|
# -----------------------------------------------------------------------------
|
||||||
|
|
||||||
|
# Keep ModelBackend around for per-user permissions and superuser
|
||||||
|
AUTHENTICATION_BACKENDS = (
|
||||||
|
'axes.backends.AxesBackend', # AxesBackend should be the first backend!
|
||||||
|
|
||||||
|
# Authenticate via SSO and nginx 'HTTP_REMOTE_USER' header:
|
||||||
|
'django_ynh.sso_auth.auth_backend.SSOwatUserBackend',
|
||||||
|
|
||||||
|
# Fallback to normal Django model backend:
|
||||||
|
'django.contrib.auth.backends.ModelBackend',
|
||||||
|
)
|
||||||
|
LOGIN_REDIRECT_URL = None
|
||||||
|
LOGIN_URL = '/yunohost/sso/'
|
||||||
|
LOGOUT_REDIRECT_URL = '/yunohost/sso/'
|
||||||
|
# /yunohost/sso/?action=logout
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
# -----------------------------------------------------------------------------
|
||||||
|
|
||||||
|
|
||||||
|
ADMINS = (
|
||||||
|
('__ADMIN__', '__ADMINMAIL__'),
|
||||||
|
)
|
||||||
|
|
||||||
|
MANAGERS = ADMINS
|
||||||
|
|
||||||
|
DATABASES = {
|
||||||
|
'default': {
|
||||||
|
'ENGINE': 'django.db.backends.postgresql',
|
||||||
|
'NAME': '__APP__',
|
||||||
|
'USER': '__APP__',
|
||||||
|
'PASSWORD': '__DB_PWD__',
|
||||||
|
'HOST': '127.0.0.1',
|
||||||
|
'PORT': '5432', # Default Postgres Port
|
||||||
|
'CONN_MAX_AGE': 600,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
# Title of site to use
|
||||||
|
SITE_TITLE = '__APP__'
|
||||||
|
|
||||||
|
# Site domain
|
||||||
|
SITE_DOMAIN = '__DOMAIN__'
|
||||||
|
|
||||||
|
# Subject of emails includes site title
|
||||||
|
EMAIL_SUBJECT_PREFIX = f'[{SITE_TITLE}] '
|
||||||
|
|
||||||
|
|
||||||
|
# E-mail address that error messages come from.
|
||||||
|
SERVER_EMAIL = 'noreply@__DOMAIN__'
|
||||||
|
|
||||||
|
# Default email address to use for various automated correspondence from
|
||||||
|
# the site managers. Used for registration emails.
|
||||||
|
DEFAULT_FROM_EMAIL = '__ADMINMAIL__'
|
||||||
|
|
||||||
|
# List of URLs your site is supposed to serve
|
||||||
|
ALLOWED_HOSTS = ['__DOMAIN__']
|
||||||
|
|
||||||
|
# _____________________________________________________________________________
|
||||||
|
# Configuration for caching
|
||||||
|
CACHES = {
|
||||||
|
'default': {
|
||||||
|
'BACKEND': 'django_redis.cache.RedisCache',
|
||||||
|
'LOCATION': 'redis://127.0.0.1:6379/__REDIS_DB__',
|
||||||
|
# If redis is running on same host as django_ynh, you might
|
||||||
|
# want to use unix sockets instead:
|
||||||
|
# 'LOCATION': 'unix:///var/run/redis/redis.sock?db=1',
|
||||||
|
'OPTIONS': {
|
||||||
|
'CLIENT_CLASS': 'django_redis.client.DefaultClient',
|
||||||
|
},
|
||||||
|
'KEY_PREFIX': '__APP__',
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
# _____________________________________________________________________________
|
||||||
|
# Static files (CSS, JavaScript, Images)
|
||||||
|
|
||||||
|
if PATH_URL:
|
||||||
|
STATIC_URL = f'/{PATH_URL}/static/'
|
||||||
|
MEDIA_URL = f'/{PATH_URL}/media/'
|
||||||
|
else:
|
||||||
|
# Installed to domain root, without a path prefix?
|
||||||
|
STATIC_URL = '/static/'
|
||||||
|
MEDIA_URL = '/media/'
|
||||||
|
|
||||||
|
STATIC_ROOT = str(FINAL_WWW_PATH / 'static')
|
||||||
|
MEDIA_ROOT = str(FINAL_WWW_PATH / 'media')
|
||||||
|
|
||||||
|
# _____________________________________________________________________________
|
||||||
|
# django-ckeditor
|
||||||
|
|
||||||
|
CKEDITOR_BASEPATH = STATIC_URL + 'ckeditor/ckeditor/'
|
||||||
|
|
||||||
|
# _____________________________________________________________________________
|
||||||
|
# Django-dbbackup
|
||||||
|
|
||||||
|
DBBACKUP_STORAGE_OPTIONS['location'] = str(FINAL_HOME_PATH / 'backups')
|
||||||
|
|
||||||
|
# -----------------------------------------------------------------------------
|
||||||
|
|
||||||
|
LOGGING = {
|
||||||
|
'version': 1,
|
||||||
|
'disable_existing_loggers': True,
|
||||||
|
'formatters': {
|
||||||
|
'verbose': {
|
||||||
|
'format': '{asctime} {levelname} {name} {module}.{funcName} {message}',
|
||||||
|
'style': '{',
|
||||||
|
},
|
||||||
|
},
|
||||||
|
'handlers': {
|
||||||
|
'mail_admins': {
|
||||||
|
'level': 'ERROR',
|
||||||
|
'formatter': 'verbose',
|
||||||
|
'class': 'django.utils.log.AdminEmailHandler',
|
||||||
|
'include_html': True,
|
||||||
|
},
|
||||||
|
'log_file': {
|
||||||
|
'level': 'DEBUG',
|
||||||
|
'class': 'logging.handlers.WatchedFileHandler',
|
||||||
|
'formatter': 'verbose',
|
||||||
|
'filename': str(LOG_FILE),
|
||||||
|
},
|
||||||
|
},
|
||||||
|
'loggers': {
|
||||||
|
'': {'handlers': ['log_file', 'mail_admins'], 'level': 'INFO', 'propagate': False},
|
||||||
|
'django': {'handlers': ['log_file', 'mail_admins'], 'level': 'INFO', 'propagate': False},
|
||||||
|
'axes': {'handlers': ['log_file', 'mail_admins'], 'level': 'WARNING', 'propagate': False},
|
||||||
|
'django_tools': {'handlers': ['log_file', 'mail_admins'], 'level': 'INFO', 'propagate': False},
|
||||||
|
'inventory': {'handlers': ['log_file', 'mail_admins'], 'level': 'INFO', 'propagate': False},
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
# -----------------------------------------------------------------------------
|
||||||
|
|
||||||
|
try:
|
||||||
|
from local_settings import * # noqa
|
||||||
|
except ImportError:
|
||||||
|
pass
|
1
django_ynh/__init__.py
Normal file
1
django_ynh/__init__.py
Normal file
|
@ -0,0 +1 @@
|
||||||
|
__version__ = '0.1.0alpha0'
|
42
django_ynh/create_superuser.py
Normal file
42
django_ynh/create_superuser.py
Normal file
|
@ -0,0 +1,42 @@
|
||||||
|
#!/usr/bin/env python3
|
||||||
|
import argparse
|
||||||
|
import os
|
||||||
|
import sys
|
||||||
|
|
||||||
|
|
||||||
|
def main():
|
||||||
|
os.environ['DJANGO_SETTINGS_MODULE'] = 'django_ynh.settings'
|
||||||
|
|
||||||
|
parser = argparse.ArgumentParser(description='Create or update Django super user.')
|
||||||
|
parser.add_argument('--username')
|
||||||
|
parser.add_argument('--email')
|
||||||
|
parser.add_argument('--password')
|
||||||
|
|
||||||
|
args = parser.parse_args()
|
||||||
|
username = args.username
|
||||||
|
email = args.email or ''
|
||||||
|
password = args.password
|
||||||
|
|
||||||
|
import django
|
||||||
|
|
||||||
|
django.setup()
|
||||||
|
|
||||||
|
from django.contrib.auth import get_user_model
|
||||||
|
|
||||||
|
User = get_user_model()
|
||||||
|
user = User.objects.filter(username=username).first()
|
||||||
|
if user:
|
||||||
|
print('Update existing user and set his password.', file=sys.stderr)
|
||||||
|
user.is_active = True
|
||||||
|
user.is_staff = True
|
||||||
|
user.is_superuser = True
|
||||||
|
user.set_password(password)
|
||||||
|
user.email = email
|
||||||
|
user.save()
|
||||||
|
else:
|
||||||
|
print('Create new super user', file=sys.stderr)
|
||||||
|
User.objects.create_superuser(username=username, email=email, password=password)
|
||||||
|
|
||||||
|
|
||||||
|
if __name__ == '__main__':
|
||||||
|
main()
|
0
django_ynh/sso_auth/__init__.py
Normal file
0
django_ynh/sso_auth/__init__.py
Normal file
69
django_ynh/sso_auth/auth_backend.py
Normal file
69
django_ynh/sso_auth/auth_backend.py
Normal file
|
@ -0,0 +1,69 @@
|
||||||
|
"""
|
||||||
|
remote user authentication backend
|
||||||
|
|
||||||
|
Note: SSOwat/nginx add authentication headers:
|
||||||
|
|
||||||
|
'HTTP_AUTHORIZATION': 'Basic XXXXXXXXXXXXXXXX='
|
||||||
|
'HTTP_AUTH_USER': 'username'
|
||||||
|
'HTTP_REMOTE_USER': 'username'
|
||||||
|
|
||||||
|
Basic auth contains "{username}:{plaintext-password}"
|
||||||
|
|
||||||
|
and we get SSOwat cookies like:
|
||||||
|
|
||||||
|
'HTTP_COOKIE': 'SSOwAuthUser=username; '
|
||||||
|
'SSOwAuthHash=593876aa66...99e69f88af1e; '
|
||||||
|
'SSOwAuthExpire=1609227697.998; '
|
||||||
|
|
||||||
|
* Login a user via HTTP_REMOTE_USER header, but check also username in:
|
||||||
|
* SSOwAuthUser
|
||||||
|
* HTTP_AUTH_USER
|
||||||
|
* HTTP_AUTHORIZATION (Basic auth)
|
||||||
|
* Create new users
|
||||||
|
* Update Email, First / Last name for existing users
|
||||||
|
"""
|
||||||
|
|
||||||
|
import logging
|
||||||
|
|
||||||
|
from django.contrib.auth.backends import RemoteUserBackend
|
||||||
|
|
||||||
|
from django_ynh.sso_auth.user_profile import update_user_profile
|
||||||
|
|
||||||
|
|
||||||
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
||||||
|
class SSOwatUserBackend(RemoteUserBackend):
|
||||||
|
"""
|
||||||
|
Authentication backend via SSO/nginx header
|
||||||
|
"""
|
||||||
|
|
||||||
|
create_unknown_user = True
|
||||||
|
|
||||||
|
def authenticate(self, request, remote_user):
|
||||||
|
logger.info('Remote user authenticate: %r', remote_user)
|
||||||
|
return super().authenticate(request, remote_user)
|
||||||
|
|
||||||
|
def configure_user(self, request, user):
|
||||||
|
"""
|
||||||
|
Configure a user after creation and return the updated user.
|
||||||
|
Setup a normal, non-superuser
|
||||||
|
"""
|
||||||
|
logger.warning('Configure user %s', user)
|
||||||
|
|
||||||
|
user.set_unusable_password() # Always login via SSO
|
||||||
|
user.is_staff = True
|
||||||
|
user.is_superuser = False
|
||||||
|
user.save()
|
||||||
|
|
||||||
|
# TODO: Add user in "normal" user group:
|
||||||
|
# django_ynh_user_group = get_or_create_normal_user_group()[0]
|
||||||
|
# user.groups.set([django_ynh_user_group])
|
||||||
|
|
||||||
|
update_user_profile(request)
|
||||||
|
|
||||||
|
return user
|
||||||
|
|
||||||
|
def user_can_authenticate(self, user):
|
||||||
|
logger.warning('Remote user login: %s', user)
|
||||||
|
return True
|
75
django_ynh/sso_auth/auth_middleware.py
Normal file
75
django_ynh/sso_auth/auth_middleware.py
Normal file
|
@ -0,0 +1,75 @@
|
||||||
|
import base64
|
||||||
|
import logging
|
||||||
|
|
||||||
|
from axes.exceptions import AxesBackendPermissionDenied
|
||||||
|
from django.contrib.auth.middleware import RemoteUserMiddleware
|
||||||
|
|
||||||
|
|
||||||
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
||||||
|
class SSOwatRemoteUserMiddleware(RemoteUserMiddleware):
|
||||||
|
"""
|
||||||
|
Middleware to login a user HTTP_REMOTE_USER header.
|
||||||
|
Use Django Axes if something is wrong.
|
||||||
|
Update exising user informations.
|
||||||
|
"""
|
||||||
|
|
||||||
|
header = 'HTTP_REMOTE_USER'
|
||||||
|
force_logout_if_no_header = True
|
||||||
|
|
||||||
|
def process_request(self, request):
|
||||||
|
# Keep the information if the user is already logged in
|
||||||
|
was_authenticated = request.user.is_authenticated
|
||||||
|
|
||||||
|
super().process_request(request) # login remote user
|
||||||
|
|
||||||
|
if not request.user.is_authenticated:
|
||||||
|
# Not logged in -> nothing to verify here
|
||||||
|
return
|
||||||
|
|
||||||
|
# Check SSOwat cookie informations:
|
||||||
|
try:
|
||||||
|
username = request.COOKIES['SSOwAuthUser']
|
||||||
|
except KeyError:
|
||||||
|
logger.error('SSOwAuthUser cookie missing!')
|
||||||
|
|
||||||
|
# emits a signal indicating user login failed, which is processed by
|
||||||
|
# axes.signals.log_user_login_failed which logs and flags the failed request.
|
||||||
|
raise AxesBackendPermissionDenied('Cookie missing')
|
||||||
|
|
||||||
|
logger.info('SSOwat username from cookies: %r', username)
|
||||||
|
if username != request.user.username:
|
||||||
|
raise AxesBackendPermissionDenied('Wrong username')
|
||||||
|
|
||||||
|
# Compare with HTTP_AUTH_USER
|
||||||
|
try:
|
||||||
|
username = request.META['HTTP_AUTH_USER']
|
||||||
|
except KeyError:
|
||||||
|
logger.error('HTTP_AUTH_USER missing!')
|
||||||
|
raise AxesBackendPermissionDenied('No HTTP_AUTH_USER')
|
||||||
|
|
||||||
|
if username != request.user.username:
|
||||||
|
raise AxesBackendPermissionDenied('Wrong HTTP_AUTH_USER username')
|
||||||
|
|
||||||
|
# Also check 'HTTP_AUTHORIZATION', but only the username ;)
|
||||||
|
try:
|
||||||
|
auth = request.META['HTTP_AUTHORIZATION']
|
||||||
|
except KeyError:
|
||||||
|
logger.error('HTTP_AUTHORIZATION missing!')
|
||||||
|
raise AxesBackendPermissionDenied('No HTTP_AUTHORIZATION')
|
||||||
|
|
||||||
|
scheme, creds = auth.split(' ', 1)
|
||||||
|
if scheme.lower() != 'basic':
|
||||||
|
logger.error('HTTP_AUTHORIZATION with %r not supported', scheme)
|
||||||
|
raise AxesBackendPermissionDenied('HTTP_AUTHORIZATION scheme not supported')
|
||||||
|
|
||||||
|
creds = str(base64.b64decode(creds), encoding='utf-8')
|
||||||
|
username = creds.split(':', 1)[0]
|
||||||
|
if username != request.user.username:
|
||||||
|
raise AxesBackendPermissionDenied('Wrong HTTP_AUTHORIZATION username')
|
||||||
|
|
||||||
|
if not was_authenticated:
|
||||||
|
# First request, after login -> update user informations
|
||||||
|
logger.info('Remote used was logged in')
|
||||||
|
update_user_profile(request)
|
61
django_ynh/sso_auth/user_profile.py
Normal file
61
django_ynh/sso_auth/user_profile.py
Normal file
|
@ -0,0 +1,61 @@
|
||||||
|
import base64
|
||||||
|
import logging
|
||||||
|
|
||||||
|
from axes.exceptions import AxesBackendPermissionDenied
|
||||||
|
from django.contrib.auth.backends import RemoteUserBackend as OriginRemoteUserBackend
|
||||||
|
from django.contrib.auth.middleware import RemoteUserMiddleware as OriginRemoteUserMiddleware
|
||||||
|
from django.core.exceptions import ValidationError
|
||||||
|
from inventory.permissions import get_or_create_normal_user_group
|
||||||
|
|
||||||
|
|
||||||
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
||||||
|
def update_user_profile(request):
|
||||||
|
"""
|
||||||
|
Update existing user information:
|
||||||
|
* Email
|
||||||
|
* First / Last name
|
||||||
|
"""
|
||||||
|
user = request.user
|
||||||
|
assert user.is_authenticated
|
||||||
|
|
||||||
|
update_fields = []
|
||||||
|
|
||||||
|
if not user.password:
|
||||||
|
# Empty password is not valid, so we can't save the model, because of full_clean() call
|
||||||
|
logger.info('Set unusable password for user: %s', user)
|
||||||
|
user.set_unusable_password()
|
||||||
|
update_fields.append('password')
|
||||||
|
|
||||||
|
email = request.META.get('HTTP_EMAIL')
|
||||||
|
if email and user.email != email:
|
||||||
|
logger.info('Update email: %r -> %r', user.email, email)
|
||||||
|
user.email = email
|
||||||
|
update_fields.append('email')
|
||||||
|
|
||||||
|
raw_username = request.META.get('HTTP_NAME')
|
||||||
|
if raw_username:
|
||||||
|
if ' ' in raw_username:
|
||||||
|
first_name, last_name = raw_username.split(' ', 1)
|
||||||
|
else:
|
||||||
|
first_name = ''
|
||||||
|
last_name = raw_username
|
||||||
|
|
||||||
|
if user.first_name != first_name:
|
||||||
|
logger.info('Update first name: %r -> %r', user.first_name, first_name)
|
||||||
|
user.first_name = first_name
|
||||||
|
update_fields.append('first_name')
|
||||||
|
|
||||||
|
if user.last_name != last_name:
|
||||||
|
logger.info('Update last name: %r -> %r', user.last_name, last_name)
|
||||||
|
user.last_name = last_name
|
||||||
|
update_fields.append('last_name')
|
||||||
|
|
||||||
|
if update_fields:
|
||||||
|
try:
|
||||||
|
user.full_clean()
|
||||||
|
except ValidationError:
|
||||||
|
logger.exception('Can not update user: %s', user)
|
||||||
|
else:
|
||||||
|
user.save(update_fields=update_fields)
|
15
django_ynh/views.py
Normal file
15
django_ynh/views.py
Normal file
|
@ -0,0 +1,15 @@
|
||||||
|
import pprint
|
||||||
|
|
||||||
|
from django.http import HttpResponse
|
||||||
|
from django.shortcuts import redirect
|
||||||
|
|
||||||
|
|
||||||
|
def request_media_debug_view(request):
|
||||||
|
""" debug request.META """
|
||||||
|
if not request.user.is_authenticated:
|
||||||
|
return redirect('admin:index')
|
||||||
|
|
||||||
|
meta = pprint.pformat(request.META)
|
||||||
|
html = f'<html><body>request.META: <pre>{meta}</pre></body></html>'
|
||||||
|
|
||||||
|
return HttpResponse(html)
|
0
django_ynh_tests/__init__.py
Normal file
0
django_ynh_tests/__init__.py
Normal file
0
django_ynh_tests/test_app/__init__.py
Normal file
0
django_ynh_tests/test_app/__init__.py
Normal file
0
django_ynh_tests/test_app/management/__init__.py
Normal file
0
django_ynh_tests/test_app/management/__init__.py
Normal file
|
@ -0,0 +1,39 @@
|
||||||
|
import os
|
||||||
|
|
||||||
|
from django.contrib.auth import get_user_model
|
||||||
|
from django.core.management import BaseCommand, call_command
|
||||||
|
|
||||||
|
|
||||||
|
class Command(BaseCommand):
|
||||||
|
"""
|
||||||
|
Expand django.contrib.staticfiles runserver
|
||||||
|
"""
|
||||||
|
|
||||||
|
help = "Setup test project and run django developer server"
|
||||||
|
|
||||||
|
def verbose_call(self, command, *args, **kwargs):
|
||||||
|
self.stderr.write("_" * 79)
|
||||||
|
self.stdout.write(f"Call {command!r} with: {args!r} {kwargs!r}")
|
||||||
|
call_command(command, *args, **kwargs)
|
||||||
|
|
||||||
|
def handle(self, *args, **options):
|
||||||
|
|
||||||
|
if "RUN_MAIN" not in os.environ:
|
||||||
|
# RUN_MAIN added by auto reloader, see: django/utils/autoreload.py
|
||||||
|
|
||||||
|
# Create migrations for our test app
|
||||||
|
# But these migrations should never commit!
|
||||||
|
# On changes: Just delete the SQLite file and start fresh ;)
|
||||||
|
self.verbose_call("makemigrations")
|
||||||
|
|
||||||
|
self.verbose_call("migrate")
|
||||||
|
|
||||||
|
# django.contrib.staticfiles.management.commands.collectstatic.Command
|
||||||
|
self.verbose_call("collectstatic", interactive=False, link=True)
|
||||||
|
|
||||||
|
User = get_user_model()
|
||||||
|
qs = User.objects.filter(is_active=True, is_superuser=True)
|
||||||
|
if qs.count() == 0:
|
||||||
|
self.verbose_call("createsuperuser")
|
||||||
|
|
||||||
|
self.verbose_call("runserver", use_threading=False, use_reloader=True, verbosity=2)
|
1
django_ynh_tests/test_app/models.py
Normal file
1
django_ynh_tests/test_app/models.py
Normal file
|
@ -0,0 +1 @@
|
||||||
|
# no models ;)
|
0
django_ynh_tests/test_project/__init__.py
Normal file
0
django_ynh_tests/test_project/__init__.py
Normal file
18
django_ynh_tests/test_project/manage.py
Executable file
18
django_ynh_tests/test_project/manage.py
Executable file
|
@ -0,0 +1,18 @@
|
||||||
|
#!/usr/bin/env python3
|
||||||
|
import sys
|
||||||
|
|
||||||
|
|
||||||
|
def main():
|
||||||
|
try:
|
||||||
|
from django.core.management import execute_from_command_line
|
||||||
|
except ImportError as exc:
|
||||||
|
raise ImportError(
|
||||||
|
"Couldn't import Django. Are you sure it's installed and "
|
||||||
|
"available on your PYTHONPATH environment variable? Did you "
|
||||||
|
"forget to activate a virtual environment?"
|
||||||
|
) from exc
|
||||||
|
execute_from_command_line(sys.argv)
|
||||||
|
|
||||||
|
|
||||||
|
if __name__ == '__main__':
|
||||||
|
main()
|
28
django_ynh_tests/test_project/publish.py
Normal file
28
django_ynh_tests/test_project/publish.py
Normal file
|
@ -0,0 +1,28 @@
|
||||||
|
"""
|
||||||
|
Helper to publish this Project to PyPi
|
||||||
|
"""
|
||||||
|
|
||||||
|
from pathlib import Path
|
||||||
|
|
||||||
|
from poetry_publish.publish import poetry_publish
|
||||||
|
from poetry_publish.utils.subprocess_utils import verbose_check_call
|
||||||
|
|
||||||
|
import django_ynh
|
||||||
|
|
||||||
|
|
||||||
|
PACKAGE_ROOT = Path(django_ynh.__file__).parent.parent
|
||||||
|
|
||||||
|
|
||||||
|
def publish():
|
||||||
|
"""
|
||||||
|
Publish to PyPi
|
||||||
|
Call this via:
|
||||||
|
$ poetry run publish
|
||||||
|
"""
|
||||||
|
verbose_check_call('poetry', 'check')
|
||||||
|
|
||||||
|
# TODO:
|
||||||
|
# verbose_check_call('make', 'pytest') # don't publish if tests fail
|
||||||
|
# verbose_check_call('make', 'fix-code-style') # don't publish if code style wrong
|
||||||
|
|
||||||
|
poetry_publish(package_root=PACKAGE_ROOT, version=django_ynh.__version__)
|
104
django_ynh_tests/test_project/settings.py
Normal file
104
django_ynh_tests/test_project/settings.py
Normal file
|
@ -0,0 +1,104 @@
|
||||||
|
from pathlib import Path
|
||||||
|
|
||||||
|
|
||||||
|
BASE_DIR = Path(__file__).parent.parent
|
||||||
|
|
||||||
|
|
||||||
|
SECRET_KEY = 'Only a test project!'
|
||||||
|
|
||||||
|
|
||||||
|
DEBUG = True
|
||||||
|
|
||||||
|
ALLOWED_HOSTS = []
|
||||||
|
|
||||||
|
|
||||||
|
INSTALLED_APPS = [
|
||||||
|
'django.contrib.admin',
|
||||||
|
'django.contrib.auth',
|
||||||
|
'django.contrib.contenttypes',
|
||||||
|
'django.contrib.sessions',
|
||||||
|
'django.contrib.messages',
|
||||||
|
'django.contrib.staticfiles',
|
||||||
|
'django_ynh', # <<<<
|
||||||
|
]
|
||||||
|
|
||||||
|
MIDDLEWARE = [
|
||||||
|
'django.middleware.security.SecurityMiddleware',
|
||||||
|
'django.contrib.sessions.middleware.SessionMiddleware',
|
||||||
|
'django.middleware.common.CommonMiddleware',
|
||||||
|
'django.middleware.csrf.CsrfViewMiddleware',
|
||||||
|
'django.contrib.auth.middleware.AuthenticationMiddleware',
|
||||||
|
'django_ynh.sso_auth.auth_middleware.SSOwatRemoteUserMiddleware', # <<<<
|
||||||
|
'django.contrib.messages.middleware.MessageMiddleware',
|
||||||
|
'django.middleware.clickjacking.XFrameOptionsMiddleware',
|
||||||
|
]
|
||||||
|
|
||||||
|
ROOT_URLCONF = 'django_ynh_tests.test_project.urls'
|
||||||
|
|
||||||
|
TEMPLATES = [
|
||||||
|
{
|
||||||
|
'BACKEND': 'django.template.backends.django.DjangoTemplates',
|
||||||
|
'DIRS': [],
|
||||||
|
'APP_DIRS': True,
|
||||||
|
'OPTIONS': {
|
||||||
|
'context_processors': [
|
||||||
|
'django.template.context_processors.debug',
|
||||||
|
'django.template.context_processors.request',
|
||||||
|
'django.contrib.auth.context_processors.auth',
|
||||||
|
'django.contrib.messages.context_processors.messages',
|
||||||
|
],
|
||||||
|
},
|
||||||
|
},
|
||||||
|
]
|
||||||
|
|
||||||
|
WSGI_APPLICATION = 'django_ynh_tests.test_project.wsgi.application'
|
||||||
|
|
||||||
|
|
||||||
|
DATABASES = {
|
||||||
|
'default': {
|
||||||
|
'ENGINE': 'django.db.backends.sqlite3',
|
||||||
|
'NAME': BASE_DIR / 'db.sqlite3',
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
AUTH_PASSWORD_VALIDATORS = [] # Just a test project, so no restrictions
|
||||||
|
|
||||||
|
|
||||||
|
LANGUAGE_CODE = 'en-us'
|
||||||
|
TIME_ZONE = 'UTC'
|
||||||
|
USE_I18N = True
|
||||||
|
USE_L10N = True
|
||||||
|
USE_TZ = True
|
||||||
|
LOCALE_PATHS = (BASE_DIR.parent / 'django_ynh' / 'locale',)
|
||||||
|
|
||||||
|
|
||||||
|
STATIC_URL = '/static/'
|
||||||
|
STATIC_ROOT = BASE_DIR / 'static'
|
||||||
|
|
||||||
|
MEDIA_URL = '/media/'
|
||||||
|
MEDIA_ROOT = BASE_DIR / 'media'
|
||||||
|
|
||||||
|
|
||||||
|
INTERNAL_IPS = [
|
||||||
|
'127.0.0.1',
|
||||||
|
]
|
||||||
|
|
||||||
|
LOGGING = {
|
||||||
|
'version': 1,
|
||||||
|
'disable_existing_loggers': False,
|
||||||
|
'formatters': {
|
||||||
|
'verbose': {
|
||||||
|
'format': '{asctime} {levelname} {name} {module}.{funcName} {message}',
|
||||||
|
'style': '{',
|
||||||
|
},
|
||||||
|
},
|
||||||
|
'handlers': {'console': {'class': 'logging.StreamHandler', 'formatter': 'verbose'}},
|
||||||
|
'loggers': {
|
||||||
|
'django': {'handlers': ['console'], 'level': 'INFO', 'propagate': False},
|
||||||
|
'django.auth': {'handlers': ['console'], 'level': 'DEBUG', 'propagate': False},
|
||||||
|
'django.security': {'handlers': ['console'], 'level': 'DEBUG', 'propagate': False},
|
||||||
|
'django.request': {'handlers': ['console'], 'level': 'DEBUG', 'propagate': False},
|
||||||
|
'django_ynh': {'handlers': ['console'], 'level': 'DEBUG', 'propagate': False},
|
||||||
|
},
|
||||||
|
}
|
11
django_ynh_tests/test_project/urls.py
Normal file
11
django_ynh_tests/test_project/urls.py
Normal file
|
@ -0,0 +1,11 @@
|
||||||
|
import debug_toolbar
|
||||||
|
from django.contrib import admin
|
||||||
|
from django.urls import include, path
|
||||||
|
from django.views.generic import RedirectView
|
||||||
|
|
||||||
|
|
||||||
|
urlpatterns = [
|
||||||
|
path('admin/', admin.site.urls),
|
||||||
|
path('', RedirectView.as_view(url='/admin/')),
|
||||||
|
path('__debug__/', include(debug_toolbar.urls)),
|
||||||
|
]
|
9
django_ynh_tests/test_project/wsgi.py
Normal file
9
django_ynh_tests/test_project/wsgi.py
Normal file
|
@ -0,0 +1,9 @@
|
||||||
|
"""
|
||||||
|
WSGI config
|
||||||
|
"""
|
||||||
|
|
||||||
|
|
||||||
|
from django.core.wsgi import get_wsgi_application
|
||||||
|
|
||||||
|
|
||||||
|
application = get_wsgi_application()
|
155
local_test.py
Executable file
155
local_test.py
Executable file
|
@ -0,0 +1,155 @@
|
||||||
|
#!/usr/bin/env python3
|
||||||
|
|
||||||
|
"""
|
||||||
|
Start django_ynh in YunoHost setup locally.
|
||||||
|
Note:
|
||||||
|
You can only run this script, if you are in a activated django_ynh venv!
|
||||||
|
see README for details ;)
|
||||||
|
"""
|
||||||
|
|
||||||
|
import os
|
||||||
|
import shlex
|
||||||
|
import subprocess
|
||||||
|
import sys
|
||||||
|
from pathlib import Path
|
||||||
|
|
||||||
|
|
||||||
|
os.environ['DJANGO_SETTINGS_MODULE'] = 'django_ynh.settings'
|
||||||
|
|
||||||
|
try:
|
||||||
|
import inventory_project # noqa
|
||||||
|
except ImportError as err:
|
||||||
|
raise ImportError(
|
||||||
|
'Couldn\'t import django_ynh. Did you '
|
||||||
|
'forget to activate a virtual environment?'
|
||||||
|
) from err
|
||||||
|
|
||||||
|
|
||||||
|
BASE_PATH = Path(__file__).parent.absolute()
|
||||||
|
TEST_PATH = BASE_PATH / 'local_test'
|
||||||
|
CONF_PATH = BASE_PATH / 'conf'
|
||||||
|
|
||||||
|
FINAL_HOME_PATH = TEST_PATH / 'opt_yunohost'
|
||||||
|
FINAL_WWW_PATH = TEST_PATH / 'var_www'
|
||||||
|
LOG_FILE = TEST_PATH / 'var_log_django_ynh.log'
|
||||||
|
|
||||||
|
MANAGE_PY_FILE = CONF_PATH / 'manage.py'
|
||||||
|
CREATE_SUPERUSER_FILE = CONF_PATH / 'create_superuser.py'
|
||||||
|
SETTINGS_FILE = CONF_PATH / 'django_ynh.settings.py'
|
||||||
|
URLS_FILE = CONF_PATH / 'ynh_urls.py'
|
||||||
|
|
||||||
|
REPLACES = {
|
||||||
|
'__FINAL_HOME_PATH__': str(FINAL_HOME_PATH),
|
||||||
|
'__FINAL_WWW_PATH__': str(FINAL_WWW_PATH),
|
||||||
|
'__LOG_FILE__': str(TEST_PATH / 'var_log_django_ynh.log'),
|
||||||
|
|
||||||
|
'__PATH_URL__': 'app_path',
|
||||||
|
'__DOMAIN__': '127.0.0.1',
|
||||||
|
|
||||||
|
'django.db.backends.postgresql': 'django.db.backends.sqlite3',
|
||||||
|
"'NAME': '__APP__',": f"'NAME': '{TEST_PATH / 'test_db.sqlite'}',",
|
||||||
|
|
||||||
|
'django_redis.cache.RedisCache': 'django.core.cache.backends.dummy.DummyCache',
|
||||||
|
|
||||||
|
'DEBUG = False': 'DEBUG = True',
|
||||||
|
|
||||||
|
# Just use the default logging setup from django_ynh project:
|
||||||
|
'LOGGING = {': 'HACKED_DEACTIVATED_LOGGING = {',
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
def verbose_check_call(command, verbose=True, **kwargs):
|
||||||
|
""" 'verbose' version of subprocess.check_call() """
|
||||||
|
if verbose:
|
||||||
|
print('_' * 100)
|
||||||
|
msg = f'Call: {command!r}'
|
||||||
|
verbose_kwargs = ', '.join(f'{k}={v!r}' for k, v in sorted(kwargs.items()))
|
||||||
|
if verbose_kwargs:
|
||||||
|
msg += f' (kwargs: {verbose_kwargs})'
|
||||||
|
print(f'{msg}\n', flush=True)
|
||||||
|
|
||||||
|
env = os.environ.copy()
|
||||||
|
env['PYTHONUNBUFFERED'] = '1'
|
||||||
|
|
||||||
|
popenargs = shlex.split(command)
|
||||||
|
subprocess.check_call(
|
||||||
|
popenargs,
|
||||||
|
universal_newlines=True,
|
||||||
|
env=env,
|
||||||
|
**kwargs
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
def call_manage_py(args):
|
||||||
|
verbose_check_call(
|
||||||
|
command=f'{sys.executable} manage.py {args}',
|
||||||
|
cwd=FINAL_HOME_PATH,
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
def copy_patch(src_file, replaces=None):
|
||||||
|
dst_file = FINAL_HOME_PATH / src_file.name
|
||||||
|
print(f'{src_file.relative_to(BASE_PATH)} -> {dst_file.relative_to(BASE_PATH)}')
|
||||||
|
|
||||||
|
with src_file.open('r') as f:
|
||||||
|
content = f.read()
|
||||||
|
|
||||||
|
if replaces:
|
||||||
|
for old, new in replaces.items():
|
||||||
|
content = content.replace(old, new)
|
||||||
|
|
||||||
|
with dst_file.open('w') as f:
|
||||||
|
f.write(content)
|
||||||
|
|
||||||
|
|
||||||
|
def main():
|
||||||
|
print('-' * 100)
|
||||||
|
|
||||||
|
assert BASE_PATH.is_dir()
|
||||||
|
assert CONF_PATH.is_dir()
|
||||||
|
assert SETTINGS_FILE.is_file()
|
||||||
|
assert URLS_FILE.is_file()
|
||||||
|
|
||||||
|
for p in (TEST_PATH, FINAL_HOME_PATH, FINAL_WWW_PATH):
|
||||||
|
if p.is_dir():
|
||||||
|
print(f'Already exists: "{p.relative_to(BASE_PATH)}", ok.')
|
||||||
|
else:
|
||||||
|
print(f'Create: "{p.relative_to(BASE_PATH)}"')
|
||||||
|
p.mkdir(parents=True, exist_ok=True)
|
||||||
|
|
||||||
|
LOG_FILE.touch(exist_ok=True)
|
||||||
|
|
||||||
|
# conf/manage.py -> local_test/manage.py
|
||||||
|
copy_patch(src_file=MANAGE_PY_FILE)
|
||||||
|
|
||||||
|
# conf/create_superuser.py -> local_test/opt_yunohost/create_superuser.py
|
||||||
|
copy_patch(src_file=CREATE_SUPERUSER_FILE)
|
||||||
|
|
||||||
|
# conf/django_ynh.settings.py -> local_test/django_ynh.settings.py
|
||||||
|
copy_patch(src_file=SETTINGS_FILE, replaces=REPLACES)
|
||||||
|
|
||||||
|
# conf/ynh_urls.py -> local_test/ynh_urls.py
|
||||||
|
copy_patch(src_file=URLS_FILE, replaces=REPLACES)
|
||||||
|
|
||||||
|
with Path(FINAL_HOME_PATH / 'local_settings.py').open('w') as f:
|
||||||
|
f.write('# Only for local test run\n')
|
||||||
|
f.write('SERVE_FILES=True # used in src/inventory_project/urls.py\n')
|
||||||
|
|
||||||
|
# call "local_test/manage.py" via subprocess:
|
||||||
|
call_manage_py('check --deploy')
|
||||||
|
call_manage_py('migrate --no-input')
|
||||||
|
call_manage_py('collectstatic --no-input')
|
||||||
|
|
||||||
|
verbose_check_call(
|
||||||
|
command=f'{sys.executable} create_superuser.py --username="test" --password="test"',
|
||||||
|
cwd=FINAL_HOME_PATH,
|
||||||
|
)
|
||||||
|
|
||||||
|
try:
|
||||||
|
call_manage_py('runserver --nostatic')
|
||||||
|
except KeyboardInterrupt:
|
||||||
|
print('\nBye ;)')
|
||||||
|
|
||||||
|
|
||||||
|
if __name__ == '__main__':
|
||||||
|
main()
|
68
manifest.json
Normal file
68
manifest.json
Normal file
|
@ -0,0 +1,68 @@
|
||||||
|
{
|
||||||
|
"name": "django_ynh",
|
||||||
|
"id": "django_ynh",
|
||||||
|
"packaging_format": 1,
|
||||||
|
"description": {
|
||||||
|
"en": "Glue code to package django projects as yunohost apps."
|
||||||
|
},
|
||||||
|
"version": "0.1.0~ynh1",
|
||||||
|
"url": "https://github.com/jedie/django_ynh",
|
||||||
|
"license": "GPL-3.0",
|
||||||
|
"maintainer": {
|
||||||
|
"name": "Jens Diemer",
|
||||||
|
"email": "django_ynh@jensdiemer.de"
|
||||||
|
},
|
||||||
|
"previous_maintainers": [],
|
||||||
|
"requirements": {
|
||||||
|
"yunohost": ">= 4.0"
|
||||||
|
},
|
||||||
|
"multi_instance": true,
|
||||||
|
"services": [
|
||||||
|
"nginx"
|
||||||
|
],
|
||||||
|
"arguments": {
|
||||||
|
"install" : [
|
||||||
|
{
|
||||||
|
"name": "domain",
|
||||||
|
"type": "domain",
|
||||||
|
"ask": {
|
||||||
|
"en": "Choose a domain for django_ynh",
|
||||||
|
"fr": "Choisissez un domaine pour django_ynh"
|
||||||
|
},
|
||||||
|
"example": "domain.org"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "path",
|
||||||
|
"type": "path",
|
||||||
|
"ask": {
|
||||||
|
"en": "Choose a path for django_ynh",
|
||||||
|
"fr": "Choisissez un chemin pour django_ynh"
|
||||||
|
},
|
||||||
|
"example": "/django_ynh",
|
||||||
|
"default": "/django_ynh"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "admin",
|
||||||
|
"type": "user",
|
||||||
|
"ask": {
|
||||||
|
"en": "Choose an admin user for django_ynh",
|
||||||
|
"fr": "Choisissez l'administrateur pour django_ynh"
|
||||||
|
},
|
||||||
|
"example": "johndoe"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "is_public",
|
||||||
|
"type": "boolean",
|
||||||
|
"ask": {
|
||||||
|
"en": "Should django_ynh be public accessible?",
|
||||||
|
"fr": "django_ynh doit-il être accessible au public ?"
|
||||||
|
},
|
||||||
|
"help": {
|
||||||
|
"en": "Any YunoHost user and anonymous people from the web will be able to access the application",
|
||||||
|
"fr": "Tout utilisateur YunoHost et les personnes anonymes pourront accéder à l'application"
|
||||||
|
},
|
||||||
|
"default": false
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
}
|
99
pyproject.toml
Normal file
99
pyproject.toml
Normal file
|
@ -0,0 +1,99 @@
|
||||||
|
[tool.poetry]
|
||||||
|
name = "django_ynh"
|
||||||
|
version = "0.1.0alpha0"
|
||||||
|
description = "Glue code to package django projects as yunohost apps."
|
||||||
|
authors = ["JensDiemer <git@jensdiemer.de>"]
|
||||||
|
license = "GPL"
|
||||||
|
readme = "README.md"
|
||||||
|
packages = [
|
||||||
|
{ include = "django_ynh" },
|
||||||
|
]
|
||||||
|
|
||||||
|
|
||||||
|
[tool.poetry.dependencies]
|
||||||
|
python = ">=3.7,<4.0.0"
|
||||||
|
django = "*"
|
||||||
|
django-axes = "*" # https://github.com/jazzband/django-axes
|
||||||
|
psycopg2-binary = "*"
|
||||||
|
django-redis = "*"
|
||||||
|
|
||||||
|
[tool.poetry.dev-dependencies]
|
||||||
|
poetry-publish = "*" # https://github.com/jedie/poetry-publish
|
||||||
|
tox = "*"
|
||||||
|
pytest = "*"
|
||||||
|
pytest-randomly = "*"
|
||||||
|
pytest-cov = "*"
|
||||||
|
pytest-django = "*"
|
||||||
|
coveralls = "*"
|
||||||
|
isort = "*"
|
||||||
|
flake8 = "*"
|
||||||
|
flynt = "*"
|
||||||
|
black = "*"
|
||||||
|
pyupgrade = "*"
|
||||||
|
|
||||||
|
[build-system]
|
||||||
|
requires = ["poetry-core>=1.0.0"]
|
||||||
|
build-backend = "poetry.core.masonry.api"
|
||||||
|
|
||||||
|
[tool.poetry.scripts]
|
||||||
|
publish = "django_ynh_tests.test_project.publish:publish"
|
||||||
|
|
||||||
|
[tool.isort]
|
||||||
|
# https://pycqa.github.io/isort/docs/configuration/config_files/#pyprojecttoml-preferred-format
|
||||||
|
atomic=true
|
||||||
|
line_length=120
|
||||||
|
case_sensitive=false
|
||||||
|
skip_glob=["*/htmlcov/*","*/migrations/*","*/volumes/*"]
|
||||||
|
multi_line_output=3
|
||||||
|
include_trailing_comma=true
|
||||||
|
known_first_party=["django_ynh","django_ynh_project","django_ynh_tests"]
|
||||||
|
no_lines_before="LOCALFOLDER"
|
||||||
|
default_section="THIRDPARTY"
|
||||||
|
sections=["FUTURE","STDLIB","THIRDPARTY","FIRSTPARTY","LOCALFOLDER"]
|
||||||
|
lines_after_imports=2
|
||||||
|
|
||||||
|
|
||||||
|
[tool.pytest.ini_options]
|
||||||
|
# https://docs.pytest.org/en/latest/customize.html#pyproject-toml
|
||||||
|
minversion = "6.0"
|
||||||
|
DJANGO_SETTINGS_MODULE="django_ynh_project.settings.tests"
|
||||||
|
norecursedirs = ".* .git __pycache__ coverage* dist htmlcov volumes"
|
||||||
|
# sometimes helpfull "addopts" arguments:
|
||||||
|
# -vv
|
||||||
|
# --verbose
|
||||||
|
# --capture=no
|
||||||
|
# --trace-config
|
||||||
|
# --full-trace
|
||||||
|
# -p no:warnings
|
||||||
|
addopts = """
|
||||||
|
--import-mode=importlib
|
||||||
|
--reuse-db
|
||||||
|
--nomigrations
|
||||||
|
--cov=.
|
||||||
|
--cov-report term-missing
|
||||||
|
--cov-report html
|
||||||
|
--cov-report xml
|
||||||
|
--no-cov-on-fail
|
||||||
|
--showlocals
|
||||||
|
--doctest-modules
|
||||||
|
--failed-first
|
||||||
|
--last-failed-no-failures all
|
||||||
|
--new-first
|
||||||
|
-p no:randomly
|
||||||
|
"""
|
||||||
|
|
||||||
|
|
||||||
|
[tool.tox]
|
||||||
|
# https://tox.readthedocs.io/en/latest/example/basic.html#pyproject-toml-tox-legacy-ini
|
||||||
|
legacy_tox_ini = """
|
||||||
|
[tox]
|
||||||
|
isolated_build = True
|
||||||
|
envlist = py39,py38,py37
|
||||||
|
skip_missing_interpreters = True
|
||||||
|
|
||||||
|
[testenv]
|
||||||
|
passenv = *
|
||||||
|
whitelist_externals = pytest
|
||||||
|
commands =
|
||||||
|
pytest --workers auto --tests-per-worker 1 --pyargs django_ynh django_ynh_project
|
||||||
|
"""
|
92
scripts/_common.sh
Normal file
92
scripts/_common.sh
Normal file
|
@ -0,0 +1,92 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# RETRIEVE ARGUMENTS FROM THE MANIFEST
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
domain=$YNH_APP_ARG_DOMAIN
|
||||||
|
path_url=$YNH_APP_ARG_PATH
|
||||||
|
|
||||||
|
admin=$YNH_APP_ARG_ADMIN
|
||||||
|
is_public=$YNH_APP_ARG_IS_PUBLIC
|
||||||
|
app=$YNH_APP_INSTANCE_NAME
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# SET CONSTANTS
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
public_path=/var/www/$app
|
||||||
|
final_path=/opt/yunohost/$app
|
||||||
|
log_path=/var/log/$app
|
||||||
|
log_file="${log_path}/django_ynh.log"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# COMMON VARIABLES
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
# dependencies used by the app
|
||||||
|
pkg_dependencies="build-essential python3-dev python3-pip python3-venv git \
|
||||||
|
postgresql postgresql-contrib"
|
||||||
|
|
||||||
|
# django_ynh's version for PIP and settings file
|
||||||
|
django_ynh_version="0.8.2"
|
||||||
|
|
||||||
|
# Extra python packages:
|
||||||
|
pypi_extras="django-redis"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# Redis HELPERS
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
# get the first available redis database
|
||||||
|
#
|
||||||
|
# usage: ynh_redis_get_free_db
|
||||||
|
# | returns: the database number to use
|
||||||
|
ynh_redis_get_free_db() {
|
||||||
|
local result max db
|
||||||
|
result=$(redis-cli INFO keyspace)
|
||||||
|
|
||||||
|
# get the num
|
||||||
|
max=$(cat /etc/redis/redis.conf | grep ^databases | grep -Eow "[0-9]+")
|
||||||
|
|
||||||
|
db=0
|
||||||
|
# default Debian setting is 15 databases
|
||||||
|
for i in $(seq 0 "$max")
|
||||||
|
do
|
||||||
|
if ! echo "$result" | grep -q "db$i"
|
||||||
|
then
|
||||||
|
db=$i
|
||||||
|
break 1
|
||||||
|
fi
|
||||||
|
db=-1
|
||||||
|
done
|
||||||
|
|
||||||
|
test "$db" -eq -1 && ynh_die "No available Redis databases..."
|
||||||
|
|
||||||
|
echo "$db"
|
||||||
|
}
|
||||||
|
|
||||||
|
# Create a master password and set up global settings
|
||||||
|
# Please always call this script in install and restore scripts
|
||||||
|
#
|
||||||
|
# usage: ynh_redis_remove_db database
|
||||||
|
# | arg: database - the database to erase
|
||||||
|
ynh_redis_remove_db() {
|
||||||
|
local db=$1
|
||||||
|
redis-cli -n "$db" flushall
|
||||||
|
}
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
# Execute a command as another user
|
||||||
|
# usage: ynh_exec_as USER COMMAND [ARG ...]
|
||||||
|
ynh_exec_as() {
|
||||||
|
local USER=$1
|
||||||
|
shift 1
|
||||||
|
|
||||||
|
if [[ $USER = $(whoami) ]]; then
|
||||||
|
eval "$@"
|
||||||
|
else
|
||||||
|
sudo -u "$USER" "$@"
|
||||||
|
fi
|
||||||
|
}
|
69
scripts/backup
Executable file
69
scripts/backup
Executable file
|
@ -0,0 +1,69 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# GENERIC START
|
||||||
|
#=================================================
|
||||||
|
# IMPORT GENERIC HELPERS
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
source ../settings/scripts/_common.sh
|
||||||
|
source /usr/share/yunohost/helpers
|
||||||
|
|
||||||
|
ynh_abort_if_errors
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# LOAD SETTINGS
|
||||||
|
#=================================================
|
||||||
|
ynh_print_info --message="Loading installation settings..."
|
||||||
|
|
||||||
|
app=$YNH_APP_INSTANCE_NAME
|
||||||
|
|
||||||
|
public_path=$(ynh_app_setting_get --app="$app" --key=public_path)
|
||||||
|
final_path=$(ynh_app_setting_get --app="$app" --key=final_path)
|
||||||
|
db_name=$(ynh_app_setting_get --app="$app" --key=db_name)
|
||||||
|
|
||||||
|
domain=$(ynh_app_setting_get --app="$app" --key=domain)
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# DECLARE DATA AND CONF FILES TO BACKUP
|
||||||
|
#=================================================
|
||||||
|
ynh_print_info --message="Declaring files to be backed up..."
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# BACKUP THE APP MAIN DIR
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
ynh_backup --src_path="$final_path"
|
||||||
|
ynh_backup --src_path="$public_path"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# BACKUP THE NGINX CONFIGURATION
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# BACKUP THE PostgreSQL DATABASE
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
ynh_psql_dump_db --database="$db_name" > db.sql
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# SPECIFIC BACKUP
|
||||||
|
#=================================================
|
||||||
|
# BACKUP LOGROTATE
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
ynh_backup --src_path="/etc/logrotate.d/$app"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# BACKUP SYSTEMD
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
ynh_backup --src_path="/etc/systemd/system/$app.service"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# END OF SCRIPT
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)."
|
160
scripts/change_url
Normal file
160
scripts/change_url
Normal file
|
@ -0,0 +1,160 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# GENERIC STARTING
|
||||||
|
#=================================================
|
||||||
|
# IMPORT GENERIC HELPERS
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
source _common.sh
|
||||||
|
source /usr/share/yunohost/helpers
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# RETRIEVE ARGUMENTS
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
old_domain=$YNH_APP_OLD_DOMAIN
|
||||||
|
old_path=$YNH_APP_OLD_PATH
|
||||||
|
|
||||||
|
new_domain=$YNH_APP_NEW_DOMAIN
|
||||||
|
new_path=$YNH_APP_NEW_PATH
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# LOAD SETTINGS
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Loading installation settings..."
|
||||||
|
|
||||||
|
admin=$(ynh_app_setting_get --app="$app" --key=admin)
|
||||||
|
is_public=$(ynh_app_setting_get --app="$app" --key=is_public)
|
||||||
|
public_path=$(ynh_app_setting_get --app="$app" --key=public_path)
|
||||||
|
final_path=$(ynh_app_setting_get --app="$app" --key=final_path)
|
||||||
|
log_path=$(ynh_app_setting_get --app="$app" --key=log_path)
|
||||||
|
|
||||||
|
port=$(ynh_app_setting_get --app="$app" --key=port)
|
||||||
|
db_pwd=$(ynh_app_setting_get --app="$app" --key=psqlpwd)
|
||||||
|
admin_mail=$(ynh_user_get_info "$admin" mail)
|
||||||
|
redis_db=$(ynh_app_setting_get --app="$app" --key=redis_db)
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=40
|
||||||
|
|
||||||
|
# Backup the current version of the app
|
||||||
|
ynh_backup_before_upgrade
|
||||||
|
ynh_clean_setup () {
|
||||||
|
# Remove the new domain config file, the remove script won't do it as it doesn't know yet its location.
|
||||||
|
ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
|
||||||
|
|
||||||
|
# restore it if the upgrade fails
|
||||||
|
ynh_restore_upgradebackup
|
||||||
|
}
|
||||||
|
# Exit if an error occurs during the execution of the script
|
||||||
|
ynh_abort_if_errors
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# CHECK WHICH PARTS SHOULD BE CHANGED
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
change_domain=0
|
||||||
|
if [ "$old_domain" != "$new_domain" ]
|
||||||
|
then
|
||||||
|
change_domain=1
|
||||||
|
fi
|
||||||
|
|
||||||
|
change_path=0
|
||||||
|
if [ "$old_path" != "$new_path" ]
|
||||||
|
then
|
||||||
|
change_path=1
|
||||||
|
fi
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# STANDARD MODIFICATIONS
|
||||||
|
#=================================================
|
||||||
|
# STOP SYSTEMD SERVICE
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Stopping systemd services..."
|
||||||
|
|
||||||
|
ynh_systemd_action --service_name="$app" --action="stop"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# STANDARD MODIFICATIONS
|
||||||
|
#=================================================
|
||||||
|
# MODIFY URL IN NGINX CONF
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Updating nginx web server configuration..."
|
||||||
|
|
||||||
|
nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
|
||||||
|
|
||||||
|
# Change the path in the nginx config file
|
||||||
|
if [ $change_path -eq 1 ]
|
||||||
|
then
|
||||||
|
# Make a backup of the original nginx config file if modified
|
||||||
|
ynh_backup_if_checksum_is_different --file="$nginx_conf_path"
|
||||||
|
# Set global variables for nginx helper
|
||||||
|
domain="$old_domain"
|
||||||
|
path_url="$new_path"
|
||||||
|
# Create a dedicated nginx config
|
||||||
|
ynh_add_nginx_config "public_path" "port"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Change the domain for nginx
|
||||||
|
if [ $change_domain -eq 1 ]
|
||||||
|
then
|
||||||
|
# Delete file checksum for the old conf file location
|
||||||
|
ynh_delete_file_checksum --file="$nginx_conf_path"
|
||||||
|
mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf
|
||||||
|
# Store file checksum for the new config file location
|
||||||
|
ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
|
||||||
|
fi
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# SPECIFIC MODIFICATIONS
|
||||||
|
#=================================================
|
||||||
|
# MODIFY SETTINGS
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Modify django_ynh's config file..."
|
||||||
|
|
||||||
|
# save old settings file
|
||||||
|
settings="$final_path/django_ynh.settings.py"
|
||||||
|
ynh_backup_if_checksum_is_different --file="$settings"
|
||||||
|
|
||||||
|
cp "../conf/django_ynh.settings.py" "$settings"
|
||||||
|
|
||||||
|
ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="$settings"
|
||||||
|
ynh_replace_string --match_string="__DB_PWD__" --replace_string="$db_pwd" --target_file="$settings"
|
||||||
|
ynh_replace_string --match_string="__ADMIN__" --replace_string="$admin" --target_file="$settings"
|
||||||
|
ynh_replace_string --match_string="__ADMINMAIL__" --replace_string="$admin_mail" --target_file="$settings"
|
||||||
|
ynh_replace_string --match_string="__FINAL_HOME_PATH__" --replace_string="$final_path" --target_file="$settings"
|
||||||
|
ynh_replace_string --match_string="__FINAL_WWW_PATH__" --replace_string="$public_path" --target_file="$settings"
|
||||||
|
ynh_replace_string --match_string="__LOG_FILE__" --replace_string="$log_file" --target_file="$settings"
|
||||||
|
ynh_replace_string --match_string="__REDIS_DB__" --replace_string="$redis_db" --target_file="$settings"
|
||||||
|
|
||||||
|
# Difference to install/upgrade scripts: Use $new_domain and $new_path here:
|
||||||
|
ynh_replace_string --match_string="__DOMAIN__" --replace_string="$new_domain" --target_file="$settings"
|
||||||
|
ynh_replace_string --match_string="__PATH_URL__" --replace_string="$new_path" --target_file="$settings"
|
||||||
|
|
||||||
|
# Recalculate and store the config file checksum into the app settings
|
||||||
|
ynh_store_file_checksum --file="$settings"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# GENERIC FINALISATION
|
||||||
|
#=================================================
|
||||||
|
# START SYSTEMD SERVICE
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Starting systemd services..." --weight=5
|
||||||
|
|
||||||
|
ynh_systemd_action --service_name="$app" --action="start"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# RELOAD NGINX
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Reloading nginx web server..."
|
||||||
|
|
||||||
|
ynh_systemd_action --service_name=nginx --action=reload
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# END OF SCRIPT
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
ynh_script_progression --message="Change of URL completed for $app" --last
|
253
scripts/install
Executable file
253
scripts/install
Executable file
|
@ -0,0 +1,253 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# IMPORT GENERIC HELPERS
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
source _common.sh
|
||||||
|
source /usr/share/yunohost/helpers
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# MANAGE SCRIPT FAILURE
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
# Exit if an error occurs during the execution of the script
|
||||||
|
ynh_abort_if_errors
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Validating installation parameters..."
|
||||||
|
|
||||||
|
# Path for e.g. "static" files, served by nginx:
|
||||||
|
test ! -e "$public_path" || ynh_die --message="This path already contains a folder"
|
||||||
|
|
||||||
|
# Path for own config files, e.g.: Django's settings.py:
|
||||||
|
test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
|
||||||
|
|
||||||
|
# Register (book) web path
|
||||||
|
ynh_webpath_register --app="$app" --domain="$domain" --path_url="$path_url"
|
||||||
|
|
||||||
|
mkdir -p "$public_path/media" "$public_path/static"
|
||||||
|
mkdir -p "$final_path"
|
||||||
|
|
||||||
|
mkdir -p "$log_path"
|
||||||
|
touch "${log_file}"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# STORE SETTINGS FROM MANIFEST
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Storing installation settings..."
|
||||||
|
|
||||||
|
ynh_app_setting_set --app="$app" --key=admin --value="$admin"
|
||||||
|
ynh_app_setting_set --app="$app" --key=is_public --value="$is_public"
|
||||||
|
ynh_app_setting_set --app="$app" --key=public_path --value="$public_path"
|
||||||
|
ynh_app_setting_set --app="$app" --key=final_path --value="$final_path"
|
||||||
|
ynh_app_setting_set --app="$app" --key=log_path --value="$log_file"
|
||||||
|
|
||||||
|
ynh_app_setting_set --app="$app" --key=domain --value="$domain"
|
||||||
|
ynh_app_setting_set --app="$app" --key=path --value="$path_url"
|
||||||
|
|
||||||
|
# Find a free port
|
||||||
|
port=$(ynh_find_port --port=8000)
|
||||||
|
# Set port as application setting
|
||||||
|
# https://github.com/YunoHost/yunohost/blob/dev/data/helpers.d/setting
|
||||||
|
ynh_app_setting_set --app="$app" --key=port --value="$port"
|
||||||
|
|
||||||
|
db_pwd=$(ynh_app_setting_get --app="$app" --key=psqlpwd)
|
||||||
|
admin_mail=$(ynh_user_get_info --username="$admin" --key=mail)
|
||||||
|
redis_db=$(ynh_redis_get_free_db)
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# STANDARD MODIFICATIONS
|
||||||
|
#=================================================
|
||||||
|
# INSTALL DEPENDENCIES
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Installing dependencies..." --weight=40
|
||||||
|
|
||||||
|
ynh_exec_warn_less ynh_install_app_dependencies "$pkg_dependencies"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# CREATE A PostgreSQL DATABASE
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Creating a PostgreSQL database..."
|
||||||
|
|
||||||
|
db_name=$(ynh_sanitize_dbid --db_name="$app")
|
||||||
|
db_user=$db_name
|
||||||
|
ynh_app_setting_set --app="$app" --key=db_name --value="$db_name"
|
||||||
|
|
||||||
|
ynh_psql_test_if_first_run
|
||||||
|
|
||||||
|
# Initialize database and store postgres password for upgrade
|
||||||
|
ynh_psql_setup_db --db_user="$db_user" --db_name="$db_name"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# NGINX CONFIGURATION
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Configuring nginx web server..."
|
||||||
|
|
||||||
|
# Create a dedicated nginx config
|
||||||
|
# https://github.com/YunoHost/yunohost/blob/dev/data/helpers.d/nginx
|
||||||
|
ynh_add_nginx_config "public_path" "port"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# CREATE DEDICATED USER
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Configuring system user..."
|
||||||
|
|
||||||
|
# A home directory for venv and settings etc.
|
||||||
|
ynh_system_user_create --username="$app" --home_dir="$final_path" --use_shell
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# PIP INSTALLATION
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Install django_ynh using PIP..." --weight=80
|
||||||
|
|
||||||
|
python3 -m venv "${final_path}/venv"
|
||||||
|
chown -R "$app" "$final_path"
|
||||||
|
|
||||||
|
#run source in a 'sub shell'
|
||||||
|
(
|
||||||
|
set +o nounset
|
||||||
|
source "${final_path}/venv/bin/activate"
|
||||||
|
set -o nounset
|
||||||
|
ynh_exec_as $app $final_path/venv/bin/pip install --upgrade pip
|
||||||
|
ynh_exec_as $app $final_path/venv/bin/pip install --upgrade setuptools wheel psycopg2-binary
|
||||||
|
ynh_exec_as $app $final_path/venv/bin/pip install --upgrade django_ynh=="$django_ynh_version"
|
||||||
|
ynh_exec_as $app $final_path/venv/bin/pip install --upgrade ${pypi_extras}
|
||||||
|
)
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# copy config files
|
||||||
|
# ================================================
|
||||||
|
ynh_script_progression --message="Create django_ynh configuration file..."
|
||||||
|
|
||||||
|
cp ../conf/create_superuser.py "$final_path/create_superuser.py"
|
||||||
|
chmod +x "$final_path/create_superuser.py"
|
||||||
|
|
||||||
|
gunicorn_conf="$final_path/gunicorn.conf.py"
|
||||||
|
cp "../conf/gunicorn.conf.py" "$gunicorn_conf"
|
||||||
|
ynh_replace_string --match_string="__FINAL_HOME_PATH__" --replace_string="$final_path" --target_file="$gunicorn_conf"
|
||||||
|
ynh_replace_string --match_string="__LOG_FILE__" --replace_string="$log_file" --target_file="$gunicorn_conf"
|
||||||
|
ynh_replace_string --match_string="__PORT__" --replace_string="$port" --target_file="$gunicorn_conf"
|
||||||
|
ynh_store_file_checksum --file="$gunicorn_conf"
|
||||||
|
|
||||||
|
cp ../conf/manage.py "$final_path/manage.py"
|
||||||
|
chmod +x "$final_path/manage.py"
|
||||||
|
|
||||||
|
cp ../conf/wsgi.py "$final_path/wsgi.py"
|
||||||
|
|
||||||
|
settings="$final_path/django_ynh.settings.py"
|
||||||
|
cp "../conf/django_ynh.settings.py" "$settings"
|
||||||
|
|
||||||
|
ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="$settings"
|
||||||
|
ynh_replace_string --match_string="__DB_PWD__" --replace_string="$db_pwd" --target_file="$settings"
|
||||||
|
ynh_replace_string --match_string="__ADMIN__" --replace_string="$admin" --target_file="$settings"
|
||||||
|
ynh_replace_string --match_string="__ADMINMAIL__" --replace_string="$admin_mail" --target_file="$settings"
|
||||||
|
ynh_replace_string --match_string="__FINAL_HOME_PATH__" --replace_string="$final_path" --target_file="$settings"
|
||||||
|
ynh_replace_string --match_string="__FINAL_WWW_PATH__" --replace_string="$public_path" --target_file="$settings"
|
||||||
|
ynh_replace_string --match_string="__LOG_FILE__" --replace_string="$log_file" --target_file="$settings"
|
||||||
|
ynh_replace_string --match_string="__REDIS_DB__" --replace_string="$redis_db" --target_file="$settings"
|
||||||
|
|
||||||
|
ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$settings"
|
||||||
|
ynh_replace_string --match_string="__PATH_URL__" --replace_string="$path_url" --target_file="$settings"
|
||||||
|
|
||||||
|
# Calculate and store the config file checksum into the app settings
|
||||||
|
ynh_store_file_checksum --file="$settings"
|
||||||
|
|
||||||
|
ynh_app_setting_set --app="$app" --key=redis_db --value="$redis_db"
|
||||||
|
|
||||||
|
touch "$final_path/local_settings.py"
|
||||||
|
|
||||||
|
cp "../conf/ynh_authenticate.py" "$final_path/ynh_authenticate.py"
|
||||||
|
cp "../conf/ynh_urls.py" "$final_path/ynh_urls.py"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# MIGRATE / COLLECTSTATIC / CREATEADMIN
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="migrate/collectstatic/createadmin..." --weight=10
|
||||||
|
|
||||||
|
(
|
||||||
|
set +o nounset
|
||||||
|
source "${final_path}/venv/bin/activate"
|
||||||
|
set -o nounset
|
||||||
|
cd "${final_path}"
|
||||||
|
|
||||||
|
# Just for debugging:
|
||||||
|
./manage.py diffsettings
|
||||||
|
|
||||||
|
./manage.py migrate --no-input
|
||||||
|
./manage.py collectstatic --no-input
|
||||||
|
./create_superuser.py --username="$admin" --email="$admin_mail" --password="django_ynh"
|
||||||
|
|
||||||
|
# Check the configuration
|
||||||
|
# This may fail in some cases with errors, etc., but the app works and the user can fix issues later.
|
||||||
|
./manage.py check --deploy || true
|
||||||
|
)
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# SETUP LOGROTATE
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Configuring log rotation..."
|
||||||
|
|
||||||
|
# Use logrotate to manage app-specific logfile(s)
|
||||||
|
ynh_use_logrotate "$log_file"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# INTEGRATE SERVICE IN YUNOHOST
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Integrating service in YunoHost..."
|
||||||
|
|
||||||
|
yunohost service add $app --description="Web based management to catalog things" --log="${log_file}"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# GENERIC FINALIZATION
|
||||||
|
#=================================================
|
||||||
|
# SECURE FILES AND DIRECTORIES
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
# Set permissions to app files
|
||||||
|
chown -R "$app" "$log_path"
|
||||||
|
chown -R "$app" "$public_path"
|
||||||
|
chown -R "$app" "$final_path"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# SETUP SYSTEMD
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Configuring a systemd service..."
|
||||||
|
|
||||||
|
# https://github.com/YunoHost/yunohost/blob/dev/data/helpers.d/systemd
|
||||||
|
ynh_add_systemd_config --service="$app" --template="django_ynh.service"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# SETUP SSOWAT
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Configuring SSOwat..."
|
||||||
|
|
||||||
|
# Make app public if necessary or protect it
|
||||||
|
if [ $is_public -eq 1 ]
|
||||||
|
then
|
||||||
|
# Everyone can access the app.
|
||||||
|
# The "main" permission is automatically created before the install script.
|
||||||
|
ynh_permission_update --permission "main" --add "visitors"
|
||||||
|
fi
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# Start django_ynh via systemd
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Starting django_ynh's services..." --weight=5
|
||||||
|
|
||||||
|
ynh_systemd_action --service_name="$app" --action="start"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# RELOAD NGINX
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Reloading nginx web server..."
|
||||||
|
|
||||||
|
ynh_systemd_action --service_name="nginx" --action="reload"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# END OF SCRIPT
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
ynh_script_progression --message="Installation of $app completed" --last
|
103
scripts/remove
Executable file
103
scripts/remove
Executable file
|
@ -0,0 +1,103 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# GENERIC START
|
||||||
|
#=================================================
|
||||||
|
# IMPORT GENERIC HELPERS
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
source _common.sh
|
||||||
|
source /usr/share/yunohost/helpers
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# LOAD SETTINGS
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Loading installation settings..."
|
||||||
|
|
||||||
|
domain=$(ynh_app_setting_get --app="$app" --key=domain)
|
||||||
|
db_name=$(ynh_app_setting_get --app="$app" --key=db_name)
|
||||||
|
db_user=$db_name
|
||||||
|
public_path=$(ynh_app_setting_get --app="$app" --key=public_path)
|
||||||
|
final_path=$(ynh_app_setting_get --app="$app" --key=final_path)
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# STANDARD REMOVE
|
||||||
|
#=================================================
|
||||||
|
# REMOVE SERVICE FROM ADMIN PANEL
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
# Remove a service from the admin panel, added by `yunohost service add`
|
||||||
|
if yunohost service status "$app" >/dev/null 2>&1
|
||||||
|
then
|
||||||
|
ynh_script_progression --message="Removing $app service integration..."
|
||||||
|
yunohost service remove "$app"
|
||||||
|
fi
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# STOP django_ynh'S SERVICES
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Stopping and removing systemd services..." --weight=5
|
||||||
|
|
||||||
|
ynh_remove_systemd_config --service="$app"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# REMOVE THE PostgreSQL DATABASE
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Removing the PostgreSQL database..."
|
||||||
|
|
||||||
|
# Remove a database if it exists, along with the associated user
|
||||||
|
ynh_psql_remove_db --db_user=$db_user --db_name=$db_name
|
||||||
|
|
||||||
|
##=================================================
|
||||||
|
## REMOVE REDIS DB
|
||||||
|
##=================================================
|
||||||
|
|
||||||
|
ynh_redis_remove_db
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# REMOVE DEPENDENCIES
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Removing dependencies..." --weight=10
|
||||||
|
|
||||||
|
# Remove metapackage and its dependencies
|
||||||
|
ynh_exec_warn_less ynh_remove_app_dependencies
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# REMOVE APP MAIN DIR
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Removing app main directory..."
|
||||||
|
|
||||||
|
# Remove the app directory securely
|
||||||
|
ynh_secure_remove --file="$public_path"
|
||||||
|
ynh_secure_remove --file="$final_path"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# REMOVE NGINX CONFIGURATION
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Removing nginx web server configuration..."
|
||||||
|
|
||||||
|
# Remove the dedicated nginx config
|
||||||
|
ynh_remove_nginx_config
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# REMOVE LOGROTATE CONFIGURATION
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Removing logrotate configuration..."
|
||||||
|
|
||||||
|
# Remove the app-specific logrotate config
|
||||||
|
ynh_remove_logrotate
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# GENERIC FINALIZATION
|
||||||
|
#=================================================
|
||||||
|
# REMOVE DEDICATED USER
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Removing the dedicated system user..."
|
||||||
|
|
||||||
|
# Delete a system user
|
||||||
|
ynh_system_user_delete --username="$app"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# END OF SCRIPT
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Removal of $app completed" --last
|
137
scripts/restore
Executable file
137
scripts/restore
Executable file
|
@ -0,0 +1,137 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# GENERIC START
|
||||||
|
#=================================================
|
||||||
|
# IMPORT GENERIC HELPERS
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
source ../settings/scripts/_common.sh
|
||||||
|
source /usr/share/yunohost/helpers
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# MANAGE SCRIPT FAILURE
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
ynh_abort_if_errors
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# LOAD SETTINGS
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Loading settings..."
|
||||||
|
|
||||||
|
public_path=$(ynh_app_setting_get --app="$app" --key=public_path)
|
||||||
|
final_path=$(ynh_app_setting_get --app="$app" --key=final_path)
|
||||||
|
db_name=$(ynh_app_setting_get --app="$app" --key=db_name)
|
||||||
|
db_user=$db_name
|
||||||
|
db_pwd=$(ynh_app_setting_get --app="$app" --key=psqlpwd)
|
||||||
|
|
||||||
|
domain=$(ynh_app_setting_get --app="$app" --key=domain)
|
||||||
|
path_url=$(ynh_app_setting_get --app="$app" --key=path)
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# CHECK IF THE APP CAN BE RESTORED
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Validating restoration parameters..."
|
||||||
|
|
||||||
|
ynh_webpath_available --domain=$domain --path_url=$path_url \
|
||||||
|
|| ynh_die --message="Path not available: ${domain}${path_url}"
|
||||||
|
test ! -d $final_path \
|
||||||
|
|| ynh_die --message="There is already a directory: $final_path "
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# STANDARD RESTORATION STEPS
|
||||||
|
#=================================================
|
||||||
|
# RESTORE THE NGINX CONFIGURATION
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# RESTORE THE APP MAIN DIR
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Restoring the app main directory..."
|
||||||
|
|
||||||
|
ynh_restore_file --origin_path="$public_path"
|
||||||
|
ynh_restore_file --origin_path="$final_path"
|
||||||
|
|
||||||
|
touch "$final_path/local_settings.py"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# RECREATE THE DEDICATED USER
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Recreating the dedicated system user..."
|
||||||
|
|
||||||
|
# Create the dedicated user (if not existing)
|
||||||
|
ynh_system_user_create --username=$app --home_dir="$final_path" --use_shell
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# RESTORE USER RIGHTS
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
# Restore permissions on app files
|
||||||
|
chown -R "$app" "$public_path"
|
||||||
|
chown -R "$app" "$final_path"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# SPECIFIC RESTORATION
|
||||||
|
#=================================================
|
||||||
|
# REINSTALL DEPENDENCIES
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Reinstalling dependencies..." --weight=40
|
||||||
|
|
||||||
|
ynh_exec_warn_less ynh_install_app_dependencies "$pkg_dependencies"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# RESTORE THE PostgreSQL DATABASE
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Restoring the PostgreSQL database..." --weight=5
|
||||||
|
|
||||||
|
ynh_psql_test_if_first_run
|
||||||
|
ynh_psql_setup_db --db_user="$db_user" --db_name="$db_name" --db_pwd="$db_pwd"
|
||||||
|
ynh_psql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# RESTORE SYSTEMD
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Restoring the systemd configuration..."
|
||||||
|
|
||||||
|
ynh_restore_file --origin_path="/etc/systemd/system/$app.service"
|
||||||
|
systemctl enable $app.service --quiet
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# INTEGRATE SERVICE IN YUNOHOST
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Integrating service in YunoHost..."
|
||||||
|
|
||||||
|
yunohost service add $app --description="Web based management to catalog things" --log="${log_file}"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# RESTORE THE LOGROTATE CONFIGURATION
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
mkdir -p "$log_path"
|
||||||
|
touch "${log_file}"
|
||||||
|
chown -R "$app" "$log_path"
|
||||||
|
ynh_restore_file --origin_path="/etc/logrotate.d/$app"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# GENERIC FINALIZATION
|
||||||
|
#=================================================
|
||||||
|
# START django_ynh
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Starting a systemd service..." --weight=5
|
||||||
|
|
||||||
|
ynh_systemd_action --service_name="$app" --action="start"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# RELOAD NGINX
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Reloading nginx web server..."
|
||||||
|
|
||||||
|
ynh_systemd_action --service_name="nginx" --action="reload"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# END OF SCRIPT
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Restoration completed for $app" --last
|
222
scripts/upgrade
Executable file
222
scripts/upgrade
Executable file
|
@ -0,0 +1,222 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# IMPORT GENERIC HELPERS
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
source _common.sh
|
||||||
|
source /usr/share/yunohost/helpers
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# LOAD SETTINGS
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Loading installation settings..."
|
||||||
|
|
||||||
|
admin=$(ynh_app_setting_get --app="$app" --key=admin)
|
||||||
|
is_public=$(ynh_app_setting_get --app="$app" --key=is_public)
|
||||||
|
public_path=$(ynh_app_setting_get --app="$app" --key=public_path)
|
||||||
|
final_path=$(ynh_app_setting_get --app="$app" --key=final_path)
|
||||||
|
log_path=$(ynh_app_setting_get --app="$app" --key=log_path)
|
||||||
|
|
||||||
|
domain=$(ynh_app_setting_get --app="$app" --key=domain)
|
||||||
|
path_url=$(ynh_app_setting_get --app="$app" --key=path)
|
||||||
|
|
||||||
|
port=$(ynh_app_setting_get --app="$app" --key=port)
|
||||||
|
db_pwd=$(ynh_app_setting_get --app="$app" --key=psqlpwd)
|
||||||
|
admin_mail=$(ynh_user_get_info "$admin" mail)
|
||||||
|
redis_db=$(ynh_app_setting_get --app="$app" --key=redis_db)
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=40
|
||||||
|
|
||||||
|
# Backup the current version of the app
|
||||||
|
ynh_backup_before_upgrade
|
||||||
|
ynh_clean_setup () {
|
||||||
|
# restore it if the upgrade fails
|
||||||
|
ynh_restore_upgradebackup
|
||||||
|
}
|
||||||
|
# Exit if an error occurs during the execution of the script
|
||||||
|
ynh_abort_if_errors
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# STANDARD UPGRADE STEPS
|
||||||
|
#=================================================
|
||||||
|
# STOP SYSTEMD SERVICE
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Stopping systemd services..." --weight=5
|
||||||
|
|
||||||
|
ynh_systemd_action --service_name="$app" --action="stop"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# NGINX CONFIGURATION
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Upgrading nginx web server configuration..."
|
||||||
|
|
||||||
|
# Create a dedicated nginx config
|
||||||
|
# https://github.com/YunoHost/yunohost/blob/dev/data/helpers.d/nginx
|
||||||
|
ynh_add_nginx_config "public_path" "port"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# SPECIFIC UPGRADE
|
||||||
|
#=================================================
|
||||||
|
# Update dependencies
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Upgrading dependencies..."
|
||||||
|
|
||||||
|
ynh_exec_warn_less ynh_install_app_dependencies "$pkg_dependencies"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# CREATE DEDICATED USER
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Making sure dedicated system user exists..."
|
||||||
|
|
||||||
|
# Create a system user
|
||||||
|
ynh_system_user_create --username="$app" --home_dir="$final_path" --use_shell
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# SETUP SYSTEMD
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Configuring a systemd service..."
|
||||||
|
|
||||||
|
ynh_add_systemd_config --service="$app" --template="django_ynh.service"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# UPGRADE django_ynh
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
ynh_script_progression --message="Install django_ynh using PIP..." --weight=15
|
||||||
|
|
||||||
|
python3 -m venv "${final_path}/venv"
|
||||||
|
chown -R "$app" "$final_path"
|
||||||
|
|
||||||
|
#run source in a 'sub shell'
|
||||||
|
(
|
||||||
|
set +o nounset
|
||||||
|
source "${final_path}/venv/bin/activate"
|
||||||
|
set -o nounset
|
||||||
|
ynh_exec_as $app $final_path/venv/bin/pip install --upgrade pip
|
||||||
|
ynh_exec_as $app $final_path/venv/bin/pip install --upgrade setuptools wheel psycopg2-binary
|
||||||
|
ynh_exec_as $app $final_path/venv/bin/pip install --upgrade django_ynh=="$django_ynh_version"
|
||||||
|
ynh_exec_as $app $final_path/venv/bin/pip install --upgrade ${pypi_extras}
|
||||||
|
)
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# copy config files
|
||||||
|
# ================================================
|
||||||
|
ynh_script_progression --message="Create django_ynh configuration file..."
|
||||||
|
|
||||||
|
ynh_backup_if_checksum_is_different --file="$final_path/create_superuser.py"
|
||||||
|
cp ../conf/create_superuser.py "$final_path/create_superuser.py"
|
||||||
|
chmod +x "$final_path/create_superuser.py"
|
||||||
|
|
||||||
|
gunicorn_conf="$final_path/gunicorn.conf.py"
|
||||||
|
ynh_backup_if_checksum_is_different --file="$gunicorn_conf"
|
||||||
|
cp "../conf/gunicorn.conf.py" "$gunicorn_conf"
|
||||||
|
ynh_replace_string --match_string="__FINAL_HOME_PATH__" --replace_string="$final_path" --target_file="$gunicorn_conf"
|
||||||
|
ynh_replace_string --match_string="__LOG_FILE__" --replace_string="$log_file" --target_file="$gunicorn_conf"
|
||||||
|
ynh_replace_string --match_string="__PORT__" --replace_string="$port" --target_file="$gunicorn_conf"
|
||||||
|
ynh_store_file_checksum --file="$gunicorn_conf"
|
||||||
|
|
||||||
|
ynh_backup_if_checksum_is_different --file="$final_path/manage.py"
|
||||||
|
cp ../conf/manage.py "$final_path/manage.py"
|
||||||
|
chmod +x "$final_path/manage.py"
|
||||||
|
|
||||||
|
ynh_backup_if_checksum_is_different --file="$final_path/wsgi.py"
|
||||||
|
cp ../conf/wsgi.py "$final_path/wsgi.py"
|
||||||
|
|
||||||
|
# save old settings file
|
||||||
|
settings="$final_path/django_ynh.settings.py"
|
||||||
|
ynh_backup_if_checksum_is_different --file="$settings"
|
||||||
|
|
||||||
|
cp "../conf/django_ynh.settings.py" "$settings"
|
||||||
|
|
||||||
|
ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="$settings"
|
||||||
|
ynh_replace_string --match_string="__DB_PWD__" --replace_string="$db_pwd" --target_file="$settings"
|
||||||
|
ynh_replace_string --match_string="__ADMIN__" --replace_string="$admin" --target_file="$settings"
|
||||||
|
ynh_replace_string --match_string="__ADMINMAIL__" --replace_string="$admin_mail" --target_file="$settings"
|
||||||
|
ynh_replace_string --match_string="__FINAL_HOME_PATH__" --replace_string="$final_path" --target_file="$settings"
|
||||||
|
ynh_replace_string --match_string="__FINAL_WWW_PATH__" --replace_string="$public_path" --target_file="$settings"
|
||||||
|
ynh_replace_string --match_string="__LOG_FILE__" --replace_string="$log_file" --target_file="$settings"
|
||||||
|
ynh_replace_string --match_string="__REDIS_DB__" --replace_string="$redis_db" --target_file="$settings"
|
||||||
|
|
||||||
|
ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$settings"
|
||||||
|
ynh_replace_string --match_string="__PATH_URL__" --replace_string="$path_url" --target_file="$settings"
|
||||||
|
|
||||||
|
# Recalculate and store the config file checksum into the app settings
|
||||||
|
ynh_store_file_checksum --file="$settings"
|
||||||
|
|
||||||
|
touch "$final_path/local_settings.py"
|
||||||
|
|
||||||
|
cp "../conf/ynh_authenticate.py" "$final_path/ynh_authenticate.py"
|
||||||
|
cp "../conf/ynh_urls.py" "$final_path/ynh_urls.py"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# MIGRATE django_ynh
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="migrate/collectstatic/createadmin..." --weight=10
|
||||||
|
|
||||||
|
(
|
||||||
|
set +o nounset
|
||||||
|
source "${final_path}/venv/bin/activate"
|
||||||
|
set -o nounset
|
||||||
|
cd "${final_path}"
|
||||||
|
|
||||||
|
# Just for debugging:
|
||||||
|
./manage.py diffsettings
|
||||||
|
|
||||||
|
./manage.py migrate --no-input
|
||||||
|
./manage.py collectstatic --no-input
|
||||||
|
./create_superuser.py --username="$admin" --email="$admin_mail" --password="django_ynh"
|
||||||
|
|
||||||
|
# Check the configuration
|
||||||
|
# This may fail in some cases with errors, etc., but the app works and the user can fix issues later.
|
||||||
|
./manage.py check --deploy || true
|
||||||
|
)
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# SETUP LOGROTATE
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Upgrading logrotate configuration..."
|
||||||
|
|
||||||
|
# Use logrotate to manage app-specific logfile(s)
|
||||||
|
ynh_use_logrotate --non-append
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# INTEGRATE SERVICE IN YUNOHOST
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Integrating service in YunoHost..."
|
||||||
|
|
||||||
|
yunohost service add $app --description="Web based management to catalog things" --log="${log_file}"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# GENERIC FINALIZATION
|
||||||
|
#=================================================
|
||||||
|
# SECURE FILES AND DIRECTORIES
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
# Set permissions to app files
|
||||||
|
chown -R "$app" "$log_path"
|
||||||
|
chown -R "$app" "$public_path"
|
||||||
|
chown -R "$app" "$final_path"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# Start django_ynh via systemd
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Starting django_ynh's services..." --weight=5
|
||||||
|
|
||||||
|
ynh_systemd_action --service_name="$app" --action="start"
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# RELOAD NGINX
|
||||||
|
#=================================================
|
||||||
|
ynh_script_progression --message="Reloading nginx web server..."
|
||||||
|
|
||||||
|
ynh_systemd_action --service_name=nginx --action=reload
|
||||||
|
|
||||||
|
#=================================================
|
||||||
|
# END OF SCRIPT
|
||||||
|
#=================================================
|
||||||
|
|
||||||
|
ynh_script_progression --message="Upgrade of $app completed" --last
|
Loading…
Reference in a new issue