YunoHost-Apps/domoticz_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/domoticz_ynh.git synced 2024-09-03 18:26:17 +02:00
Code Issues Activity Actions

Merge pull request #23 from YunoHost-Apps/convertv2_permissions

Browse source 
Convertv2 permissions
This commit is contained in:
Krakinou 2024-01-21 22:54:05 +01:00 committed by GitHub
commit de5ee09292
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
16 changed files with 41 additions and 40 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
README.md
View file

@ -30,7 +30,7 @@ For example this system can be used with:
* And more... * And more...
The MQTT broker Mosquitto is integrated into the package and requires its own domain or subdomain. It's an optional setting: during install if you set the same domain as your main app domain, it won't be installed. The MQTT broker Mosquitto is integrated into the package and requires its own domain or subdomain. It's an optional setting.
You may also install the [Mosquitto package](https://github.com/YunoHost-Apps/mosquitto_ynh) without using the one provided by domoticz_ynh. You may also install the [Mosquitto package](https://github.com/YunoHost-Apps/mosquitto_ynh) without using the one provided by domoticz_ynh.
**Shipped version:** 2024.2~ynh1 **Shipped version:** 2024.2~ynh1

2
README_fr.md
View file

@ -29,7 +29,7 @@ Il peut par exemple être utilisé avec :
* des voltmètres * des voltmètres
* Et bien d'autres * Et bien d'autres
Le broker MQTT Mosquitto est intégré au package et nécessite un sous-domaine ou un domaine distinct. Il est optionnel : si vous indiquez lors de l'installation le même domaine que le domaine principal, il ne sera pas installé. Le broker MQTT Mosquitto est intégré au package et nécessite un sous-domaine ou un domaine distinct. Il est optionnel.
Vous pouvez également installer le [package pour Mosquitto](https://github.com/YunoHost-Apps/mosquitto_ynh) sans utiliser celui de domoticz_ynh. Vous pouvez également installer le [package pour Mosquitto](https://github.com/YunoHost-Apps/mosquitto_ynh) sans utiliser celui de domoticz_ynh.

1
doc/ADMIN.md
View file

@ -4,6 +4,7 @@
During installation, a [MQTT](https://en.wikipedia.org/wiki/MQTT) broker, [Mosquitto](https://mosquitto.org/), is installed at the same time as Domoticz. During installation, a [MQTT](https://en.wikipedia.org/wiki/MQTT) broker, [Mosquitto](https://mosquitto.org/), is installed at the same time as Domoticz.
This broker requires a dedicated domain or subdomain to work (ex : mqtt.your.domain.tld): creating this domain prior installation is a prerequisite This broker requires a dedicated domain or subdomain to work (ex : mqtt.your.domain.tld): creating this domain prior installation is a prerequisite
You may also install the [Mosquitto package](https://github.com/YunoHost-Apps/mosquitto_ynh) without using the one provided by domoticz_ynh.
#### Adding in Domoticz #### Adding in Domoticz

1
doc/ADMIN_fr.md
View file

@ -4,6 +4,7 @@
À l'installation, un broker [MQTT](https://fr.wikipedia.org/wiki/MQTT), [Mosquitto](https://mosquitto.org/), est installé en même temps que Domoticz. À l'installation, un broker [MQTT](https://fr.wikipedia.org/wiki/MQTT), [Mosquitto](https://mosquitto.org/), est installé en même temps que Domoticz.
Ce broker nécessite un domaine ou un sous-domaine particulier pour fonctionner (ex : mqtt.your.domain.tld) : il est nécessaire de créer ce domaine auparavant. Ce broker nécessite un domaine ou un sous-domaine particulier pour fonctionner (ex : mqtt.your.domain.tld) : il est nécessaire de créer ce domaine auparavant.
Vous pouvez également installer le [package pour Mosquitto](https://github.com/YunoHost-Apps/mosquitto_ynh) sans utiliser celui de domoticz_ynh.
#### Ajout dans Domoticz #### Ajout dans Domoticz

2
doc/DESCRIPTION.md
View file

@ -12,5 +12,5 @@ For example this system can be used with:
* And more... * And more...
The MQTT broker Mosquitto is integrated into the package and requires its own domain or subdomain. It's an optional setting: during install if you set the same domain as your main app domain, it won't be installed. The MQTT broker Mosquitto is integrated into the package and requires its own domain or subdomain. It's an optional setting.
You may also install the [Mosquitto package](https://github.com/YunoHost-Apps/mosquitto_ynh) without using the one provided by domoticz_ynh. You may also install the [Mosquitto package](https://github.com/YunoHost-Apps/mosquitto_ynh) without using the one provided by domoticz_ynh.

2
doc/DESCRIPTION_fr.md
View file

@ -11,7 +11,7 @@ Il peut par exemple être utilisé avec :
* des voltmètres * des voltmètres
* Et bien d'autres * Et bien d'autres
Le broker MQTT Mosquitto est intégré au package et nécessite un sous-domaine ou un domaine distinct. Il est optionnel : si vous indiquez lors de l'installation le même domaine que le domaine principal, il ne sera pas installé. Le broker MQTT Mosquitto est intégré au package et nécessite un sous-domaine ou un domaine distinct. Il est optionnel.
Vous pouvez également installer le [package pour Mosquitto](https://github.com/YunoHost-Apps/mosquitto_ynh) sans utiliser celui de domoticz_ynh. Vous pouvez également installer le [package pour Mosquitto](https://github.com/YunoHost-Apps/mosquitto_ynh) sans utiliser celui de domoticz_ynh.

4
doc/PRE_INSTALL.md
View file

@ -1,4 +1,6 @@
## Mosquitto Broker ## Mosquitto Broker
During installation, a [MQTT](https://en.wikipedia.org/wiki/MQTT) broker, [Mosquitto](https://mosquitto.org/), may be installed at the same time as Domoticz. It's an optional setting: during install if you set the same domain as your main app domain, it won't be installed. During installation, a [MQTT](https://en.wikipedia.org/wiki/MQTT) broker, [Mosquitto](https://mosquitto.org/), may be installed at the same time as Domoticz.
This broker requires a dedicated domain or subdomain to work (ex: mqtt.your.domain.tld) : creating this domain prior installation is a prerequisite. This broker requires a dedicated domain or subdomain to work (ex: mqtt.your.domain.tld) : creating this domain prior installation is a prerequisite.
It's an optional setting: during install if you set, for the MQTT domain, the same domain as your main app domain or enter an empty domain, the broker won't be installed.

4
doc/PRE_INSTALL_fr.md
View file

@ -1,4 +1,6 @@
## Broker MQTT Mosquitto ## Broker MQTT Mosquitto
À l'installation, un broker [MQTT](https://fr.wikipedia.org/wiki/MQTT), [Mosquitto](https://mosquitto.org/), peut être installé en même temps que Domoticz. Il est optionnel et si vous indiquez lors de l'installation le même domaine que le domaine principal, il ne sera pas installé. À l'installation, un broker [MQTT](https://fr.wikipedia.org/wiki/MQTT), [Mosquitto](https://mosquitto.org/), peut être installé en même temps que Domoticz.
Ce broker nécessite un domaine ou un sous-domaine particulier pour fonctionner (ex : mqtt.your.domain.tld) : il est nécessaire de créer ce domaine auparavant. Ce broker nécessite un domaine ou un sous-domaine particulier pour fonctionner (ex : mqtt.your.domain.tld) : il est nécessaire de créer ce domaine auparavant.
Il est optionnel et si vous indiquez lors de l'installation un domaine vide ou le même domaine que le domaine principal pour le domaine MQTT, le broker ne sera pas installé.

6
doc/PRE_UPGRADE.d/2023.1~ynh1.md
View file

@ -1,3 +1,9 @@
###
BEWARE! If you did not activate the Mosquitto Broker within this package, please run following command prior to upgrade:
````yunohost app setting $app mqtt_domain -v your.$app.domain.tld````
Failure to do so may break the app.
If you did activate the Mosquitto broker, you can proceed safely.
###Changelog ###Changelog
- Move to packaging v2 - Move to packaging v2
- From now on, upgrade of the upstream app will not be handled into the app anymore: a new package version will be published for a new Domoticz version. Internal upgrade is disabled (although you may still use the command line) - From now on, upgrade of the upstream app will not be handled into the app anymore: a new package version will be published for a new Domoticz version. Internal upgrade is disabled (although you may still use the command line)

13
manifest.toml
View file

@ -46,8 +46,8 @@ ram.runtime = "50M"
[install.mqtt_domain] [install.mqtt_domain]
ask.fr = "Domaine MQTT" ask.fr = "Domaine MQTT"
ask.en = "MQTT domain" ask.en = "MQTT domain"
help.fr = "Domaine pour le serveur MQTT. Remettez le domaine principal si vous ne souhaitez pas l'utiliser. Lire la documentation pour plus d'informations" help.fr = "Domaine pour le serveur MQTT. Remettez le domaine principal ou à vide si vous ne souhaitez pas l'utiliser. Lire la documentation pour plus d'informations"
help.en = "MQTT server domain. Set the main domain if you don't wish to use it. See the doc for more info" help.en = "MQTT server domain. Set blank or the main domain if you don't wish to use it. See the doc for more info"
type = "domain" type = "domain"
optional = true optional = true
@ -75,12 +75,17 @@ ram.runtime = "50M"
[resources.permissions] [resources.permissions]
main.url = "/" main.url = "/"
main.auth_header=false main.auth_header = false
api.url = "/_api/__APP_" api.url = "__DOMAIN__/api_/__APP__"
api.show_tile = false api.show_tile = false
api.allowed = "visitors" api.allowed = "visitors"
#Permission will be removed by the install script if not needed
mqtt.url = "__MQTT_DOMAIN__/"
mqtt.show_tile = false
mqtt.allowed = "visitors"
[resources.ports] [resources.ports]
main.default = 8080 main.default = 8080
#to be checked if it can become conditionnal #to be checked if it can become conditionnal

4
scripts/change_url
View file

@ -14,11 +14,7 @@ source /usr/share/yunohost/helpers
#================================================= #=================================================
ynh_script_progression --message="Loading installation settings..." ynh_script_progression --message="Loading installation settings..."
# Needed for helper "ynh_add_nginx_config"
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
port=$(ynh_app_setting_get --app=$app --key=port)
old_api=$(ynh_app_setting_get --app=$app --key=api_path) old_api=$(ynh_app_setting_get --app=$app --key=api_path)
if [ "$new_path" == "/" ]; then if [ "$new_path" == "/" ]; then
new_api=/api_/$app new_api=/api_/$app
else else

16
scripts/install
View file

@ -84,6 +84,9 @@ if [ "$domain" != "$mqtt_domain" ]; then
mosquitto_passwd -U "/etc/mosquitto/conf.d/"$app"_credentials" mosquitto_passwd -U "/etc/mosquitto/conf.d/"$app"_credentials"
ynh_print_info --message="The credential to the mosquitto server has been saved in the settings of the app" ynh_print_info --message="The credential to the mosquitto server has been saved in the settings of the app"
else
#If no MQTT have been set, we delete the mqtt permission.
ynh_permission_delete --permission="mqtt"
fi fi
@ -160,19 +163,6 @@ fi
# Create a dedicated Fail2Ban config # Create a dedicated Fail2Ban config
ynh_add_fail2ban_config --logpath="$log_file" --failregex="^.*Error: Failed login attempt from <HOST>.*$" --max_retry=5 ynh_add_fail2ban_config --logpath="$log_file" --failregex="^.*Error: Failed login attempt from <HOST>.*$" --max_retry=5
#Not required in 2023.1 anymore
#ynh_print_info --message="If you wish for Fail2ban to work, set up your local address in Setup/Settings/System/Local Networks as per documentation"
#=================================================
# SETUP SSOWAT
#=================================================
ynh_script_progression --message="Configuring permissions..."
#API & MQTT should stay publicly accessible.
#ynh_permission_create --permission="domoticz_API" --label="api" --url="$domain$api_path" --allowed="visitors" --show_tile="false" --protected="true"
[[ "$domain" != "$mqtt_domain" ]] && ynh_permission_create --permission="domoticz_MQTT" --label="MQTT" --url="$mqtt_domain" --allowed="visitors" --show_tile="false" --protected="true"
#================================================= #=================================================
# END OF SCRIPT # END OF SCRIPT

2
scripts/remove
View file

@ -23,8 +23,6 @@ if [ "$domain" != "$mqtt_domain" ]; then
ynh_secure_remove --file="/etc/nginx/conf.d/"$mqtt_domain".d/mqtt_"$app".conf" ynh_secure_remove --file="/etc/nginx/conf.d/"$mqtt_domain".d/mqtt_"$app".conf"
yunohost tools regen-conf postfix yunohost tools regen-conf postfix
ynh_secure_remove --file="/var/log/mosquitto" ynh_secure_remove --file="/var/log/mosquitto"
fi fi
ynh_script_progression --message="Removing system configurations related to $app..." --weight=1 ynh_script_progression --message="Removing system configurations related to $app..." --weight=1

3
scripts/restore
View file

@ -70,6 +70,9 @@ chown -R "$app":"$app" "$install_dir"
if [ "$domain" != "$mqtt_domain" ]; then if [ "$domain" != "$mqtt_domain" ]; then
ynh_script_progression --message="Reinstalling up mosquitto..." --weight=5 ynh_script_progression --message="Reinstalling up mosquitto..." --weight=5
ynh_restore_file --origin_path="/etc/mosquitto/conf.d" --not_mandatory ynh_restore_file --origin_path="/etc/mosquitto/conf.d" --not_mandatory
else
#If no MQTT have been set, we delete the mqtt permission.
ynh_permission_delete --permission="mqtt"
fi fi
#================================================= #=================================================

14
scripts/upgrade
View file

@ -61,15 +61,6 @@ if [[ -z "${mqtt_domain+x}" ]]; then
ynh_app_setting_set --app="$app" --key=mqtt_domain --value="$mqtt_domain" ynh_app_setting_set --app="$app" --key=mqtt_domain --value="$mqtt_domain"
fi fi
# Create the permission "domoticz_MQTT" only if it doesn't exist.
if [ "$domain" != "$mqtt_domain" ]; then
if ! ynh_permission_exists --permission="domoticz_MQTT"
then
# API Authorization with dedicated URL
ynh_permission_create --permission="domoticz_MQTT" --label="MQTT" --url="$mqtt_domain" --allowed="visitors" --show_tile="false" --protected="true"
fi
fi
#remove unwanted log folder #remove unwanted log folder
if [ -d "/var/log/$app/$app" ]; then if [ -d "/var/log/$app/$app" ]; then
ynh_secure_remove "/var/log/$app/$app" ynh_secure_remove "/var/log/$app/$app"
@ -131,6 +122,9 @@ if [ "$domain" != "$mqtt_domain" ]; then
ynh_print_info --message="The credential to the mosquitto server has been saved in the settings of the app" ynh_print_info --message="The credential to the mosquitto server has been saved in the settings of the app"
fi fi
else
#If no MQTT have been set, we delete the mqtt permission.
ynh_permission_delete --permission="mqtt"
fi fi
#================================================= #=================================================
@ -190,8 +184,6 @@ fi
# Create a dedicated Fail2Ban config # Create a dedicated Fail2Ban config
ynh_add_fail2ban_config --logpath="$log_file" --failregex="^.*Error: Failed login attempt from <HOST>.*$" --max_retry=5 ynh_add_fail2ban_config --logpath="$log_file" --failregex="^.*Error: Failed login attempt from <HOST>.*$" --max_retry=5
#not required in 2023.1 anymore
#ynh_print_info --message="If you wish for Fail2ban to work, set up your local address in Setup/Settings/System/Local Networks as per documentation"
#================================================= #=================================================
# INTEGRATE SERVICE IN YUNOHOST # INTEGRATE SERVICE IN YUNOHOST

5
tests.toml
View file

@ -8,6 +8,11 @@ test_format = 1.0
yunohost domain add mqtt.domain.tld yunohost domain add mqtt.domain.tld
""" """
preupgrade = """
set -euxo pipefail
yunohost app setting domoticz mqtt_domain -v sub.domain.tld
"""
args.mqtt_domain="sub.domain.tld" args.mqtt_domain="sub.domain.tld"
test_upgrade_from.a96510c.name = "2024.2" test_upgrade_from.a96510c.name = "2024.2"
test_upgrade_from.a96510c.args.mqtt_domain="sub.domain.tld" test_upgrade_from.a96510c.args.mqtt_domain="sub.domain.tld"