1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/domoticz_ynh.git synced 2024-09-03 18:26:17 +02:00
domoticz_ynh/scripts/install
2023-06-01 23:25:39 +02:00

185 lines
6.7 KiB
Bash
Executable file
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/bin/bash
#=================================================
# GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# STORE SETTINGS
#=================================================
ynh_script_progression --message="Storing installation settings..."
#Will be used in restore script to check that we're restoring on the same OS/Board type
OS=`lowercase \`uname -s\``
mach=`uname -m`
if [ "${mach}" = "armv6l" ]
then
mach="armv7l"
fi
ynh_app_setting_set --app="$app" --key=OS --value="$OS"
ynh_app_setting_set --app="$app" --key=mach --value="$mach"
#path used by api to read/update domoticz
#Set dedicated variables
if [ "$path" == "/" ]; then
api_path=/api_/"$app"
else
api_path=/api_"$path"
fi
ynh_app_setting_set --app="$app" --key=api_path --value="$api_path"
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Configuring system user..."
#allow user to access USB / serial port to communicate with tools (RFXtrx, Z-wave dongle, etc.) & i2c bus
if grep dialout -q < /etc/group; then
usermod -a -G dialout "$app"
fi
if grep i2c -q < /etc/group; then
usermod -a -G i2c "$app"
fi
if grep gpio -q < /etc/group; then
usermod -a -G gpio "$app"
fi
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression --message="Setting up source files..." --weight=5
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$install_dir"
#Create the database file
if [ ! -f "$install_dir"/domoticz.db ]; then
touch "$install_dir"/domoticz.db
chmod 640 "$install_dir"/domoticz.db
fi
chmod 750 "$install_dir"
chmod -R o-rwx "$install_dir"
chown -R "$app":"$app" "$install_dir"
#=================================================
# SET MOSQUITTO SETTINGS
#=================================================
if [ "$domain" != "$mqtt_domain" ]; then
ynh_script_progression --message="Setting up mosquitto..." --weight=5
#Setting up conf file for access
ynh_add_config --template="../conf/domoticz_mosquitto.conf" --destination="/etc/mosquitto/conf.d/"$app"_mosquitto.conf"
chmod 644 /etc/mosquitto/conf.d/"$app"_mosquitto.conf
#Setting up user&pwd for mqtt access
ynh_app_setting_set --app="$app" --key=mqtt_user --value=$(ynh_string_random --length=8)
ynh_app_setting_set --app="$app" --key=mqtt_pwd --value=$(ynh_string_random)
echo $(ynh_app_setting_get --app="$app" --key=mqtt_user):$(ynh_app_setting_get --app="$app" --key=mqtt_pwd) > "/etc/mosquitto/conf.d/"$app"_credentials"
mosquitto_passwd -U "/etc/mosquitto/conf.d/"$app"_credentials"
ynh_print_info --message="The credential to the mosquitto server has been saved in the settings of the app"
fi
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring NGINX web server..." --weight=2
[[ "$domain" != "$mqtt_domain" ]] && ynh_add_config --template="../conf/mqtt_nginx.conf" --destination="/etc/nginx/conf.d/"$mqtt_domain".d/mqtt_"$app".conf"
#Set Hook for nginx domain
cp -R ../sources/hooks/conf_regen/95-nginx_domoticz /usr/share/yunohost/hooks/conf_regen/
# Create a dedicated NGINX config
ynh_add_config --template="api_nginx.conf" --destination="/etc/nginx/conf.d/"$domain".d/api_"$app".conf"
ynh_add_nginx_config
#=================================================
# SPECIFIC SETUP
#=================================================
# SETUP SYSTEMD
#=================================================
ynh_script_progression --message="Configuring a systemd service..."
# Create a dedicated systemd config
ynh_add_systemd_config
#=================================================
# GENERIC FINALIZATION
#=================================================
# SETUP LOGROTATE
#=================================================
ynh_script_progression --message="Configuring log rotation..."
mkdir -p /var/log/"$app"
chown -R domoticz: /var/log/"$app"
# Use logrotate to manage application logfile(s)
ynh_use_logrotate
[[ "$domain" != "$mqtt_domain" ]] && ynh_use_logrotate --logfile="/var/log/mosquitto"
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..."
yunohost service add "$app" --description="Domotique open sources" --log="/var/log/$app/$app.log"
[[ "$domain" != "$mqtt_domain" ]] && yunohost service add mosquitto --description="Serveur MQTT pour domoticz" --log="/var/log/mosquitto/mosquitto.log"
#=================================================
# START SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Starting a systemd service..."
# Start a systemd service
ynh_systemd_action --service_name="$app" --action="start"
#Restarting mosquitto to take changes into account
[[ "$domain" != "$mqtt_domain" ]] && ynh_systemd_action --service_name=mosquitto --action="restart"
#=================================================
# SETUP FAIL2BAN
#=================================================
ynh_script_progression --message="Configuring Fail2Ban..." --weight=8
# Make sure a log file exists (mostly for CI tests)
log_file=/var/log/$app/$app.log
if [ ! -f "$log_file" ]; then
touch "$log_file"
chown $app: "$log_file"
fi
# Create a dedicated Fail2Ban config
ynh_add_fail2ban_config --logpath="$log_file" --failregex="^.*Error: Failed login attempt from <HOST>.*$" --max_retry=5
#Not required in 2023.1 anymore
#ynh_print_info --message="If you wish for Fail2ban to work, set up your local address in Setup/Settings/System/Local Networks as per documentation"
#=================================================
# SETUP SSOWAT
#=================================================
ynh_script_progression --message="Configuring permissions..."
#API & MQTT should stay publicly accessible.
#ynh_permission_create --permission="domoticz_API" --label="api" --url="$domain$api_path" --allowed="visitors" --show_tile="false" --protected="true"
[[ "$domain" != "$mqtt_domain" ]] && ynh_permission_create --permission="domoticz_MQTT" --label="MQTT" --url="$mqtt_domain" --allowed="visitors" --show_tile="false" --protected="true"
#=================================================
# END OF SCRIPT
#=================================================
ynh_script_progression --message="Installation of $app completed" --last