mirror of
https://github.com/YunoHost-Apps/dont-code_ynh.git
synced 2024-09-03 18:26:34 +02:00
Working install / remove
This commit is contained in:
parent
51de1cc8e8
commit
52e6dcc7a0
8 changed files with 167 additions and 74 deletions
9
conf/.env
Normal file
9
conf/.env
Normal file
|
@ -0,0 +1,9 @@
|
|||
quarkus_http_host=127.0.0.1
|
||||
|
||||
quarkus_mongodb_projects_connection_string=mongodb://localhost:27017
|
||||
projects_database_name=dontCodeProjects
|
||||
|
||||
quarkus_mongodb_data_connection_string=mongodb://localhost:27017
|
||||
data_database_name=dontCodeData
|
||||
document_directory=__DOCUMENT_PATH__
|
||||
document_external_url=__DOCUMENT_URL__
|
6
conf/app.src
Normal file
6
conf/app.src
Normal file
|
@ -0,0 +1,6 @@
|
|||
SOURCE_URL=https://github.com/dont-code/release/releases/download/v0.2.10/dont-code-release-runners.zip
|
||||
SOURCE_SUM=f20bfa0423d48015a3507b0555d30d57fa594657a4bca55ad869fca8fbad125d
|
||||
SOURCE_SUM_PRG=sha256sum
|
||||
SOURCE_FORMAT=zip
|
||||
SOURCE_IN_SUBDIR=false
|
||||
SOURCE_EXTRACT=true
|
|
@ -0,0 +1 @@
|
|||
__PUBLIC_KEY__
|
|
@ -1,28 +1,54 @@
|
|||
#sub_path_only rewrite ^__PATH__$ __PATH__/ permanent;
|
||||
|
||||
location __PATH__/ {
|
||||
|
||||
# Path to source
|
||||
alias __FINALPATH__/;
|
||||
|
||||
### Example PHP configuration (remove it if not used)
|
||||
index index.php;
|
||||
|
||||
# Common parameter to increase upload size limit in conjunction with dedicated php-fpm file
|
||||
#client_max_body_size 50M;
|
||||
|
||||
try_files $uri $uri/ index.php;
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
|
||||
fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock;
|
||||
|
||||
fastcgi_index index.php;
|
||||
include fastcgi_params;
|
||||
fastcgi_param REMOTE_USER $remote_user;
|
||||
fastcgi_param PATH_INFO $fastcgi_path_info;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
location __PATH__/ide {
|
||||
proxy_pass http://localhost:__PORT_IDE__/ide;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "Upgrade";
|
||||
proxy_set_header Host $host;
|
||||
proxy_read_timeout 86400s;
|
||||
proxy_send_timeout 86400s;
|
||||
}
|
||||
### End of PHP configuration part
|
||||
|
||||
# Include SSOWAT user panel.
|
||||
include conf.d/yunohost_panel.conf.inc;
|
||||
location __PATH__/preview {
|
||||
proxy_pass http://localhost:__PORT_PREVIEW__/preview;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "Upgrade";
|
||||
proxy_set_header Host $host;
|
||||
proxy_read_timeout 86400s;
|
||||
proxy_send_timeout 86400s;
|
||||
|
||||
}
|
||||
|
||||
location __PATH__/project {
|
||||
proxy_pass http://localhost:__PORT_PROJECT__/project;
|
||||
proxy_set_header Host $host;
|
||||
proxy_read_timeout 86400s;
|
||||
proxy_send_timeout 86400s;
|
||||
}
|
||||
|
||||
location __PATH__/data {
|
||||
proxy_pass http://localhost:__PORT_DATA__/data;
|
||||
proxy_set_header Host $host;
|
||||
proxy_read_timeout 86400s;
|
||||
proxy_send_timeout 86400s;
|
||||
}
|
||||
|
||||
location __PATH__/documents {
|
||||
proxy_pass http://localhost:__PORT_DATA__/documents;
|
||||
proxy_set_header Host $host;
|
||||
proxy_read_timeout 86400s;
|
||||
proxy_send_timeout 86400s;
|
||||
client_max_body_size 15M;
|
||||
}
|
||||
|
||||
location __PATH__/demo_project {
|
||||
proxy_pass http://localhost:__PORT_PROJECT__/project;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header DbName "dontCodeDemoProjects";
|
||||
proxy_read_timeout 86400s;
|
||||
proxy_send_timeout 86400s;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,14 +1,16 @@
|
|||
[Unit]
|
||||
Description=Small description of the service
|
||||
Description=Dont-code __SERVICE_NAME__ service
|
||||
After=network.target
|
||||
Requires=__MONGODB_SERVICENAME__.service
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
User=__APP__
|
||||
Group=__APP__
|
||||
Environment="quarkus_http_port=__PORT__"
|
||||
WorkingDirectory=__FINALPATH__/
|
||||
ExecStart=__FINALPATH__/script
|
||||
StandardOutput=append:/var/log/__APP__/__APP__.log
|
||||
ExecStart=__YNH_JAVA__ -jar __SERVICE_NAME__-services-runner.jar
|
||||
StandardOutput=append:/var/log/__APP__/__SERVICE_NAME__-__APP__.log
|
||||
StandardError=inherit
|
||||
|
||||
# Sandboxing options to harden security
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{
|
||||
"name": "Dont-code Services",
|
||||
"id": "dont-code-services",
|
||||
"name": "Dont-Code Services",
|
||||
"id": "dont-code",
|
||||
"packaging_format": 1,
|
||||
"description": {
|
||||
"en": "Install services and databases needed to support Dont-code platform",
|
||||
|
@ -44,9 +44,10 @@
|
|||
{
|
||||
"name": "public_key",
|
||||
"type": "string",
|
||||
"optional": "true",
|
||||
"ask": {
|
||||
"en": "This public_key allows you to update the services through ssh (as part of delivery process)",
|
||||
"fr": "Fournir ici une clef publique qui permettra de mettre à jour les services (via une deploiement automatique)"
|
||||
"en": "SSH Public key to allow service updates as part of delivery process, leave empty to disable.",
|
||||
"fr": "Clef publique SSH permettant la mise à jour des services via une deploiement automatique, inactif si non renseigné."
|
||||
}
|
||||
},
|
||||
{
|
||||
|
|
|
@ -22,6 +22,8 @@ ynh_clean_setup () {
|
|||
# Exit if an error occurs during the execution of the script
|
||||
ynh_abort_if_errors
|
||||
|
||||
SERVICES_LIST=(ide preview project data)
|
||||
|
||||
#=================================================
|
||||
# RETRIEVE ARGUMENTS FROM THE MANIFEST
|
||||
#=================================================
|
||||
|
@ -75,7 +77,7 @@ ynh_app_setting_set --app=$app --key=path --value=$path_url
|
|||
#=================================================
|
||||
# FIND AND OPEN A PORT
|
||||
#=================================================
|
||||
ynh_script_progression --message="Finding an available port..." --weight=1
|
||||
ynh_script_progression --message="Finding an available ports..." --weight=1
|
||||
|
||||
### Use these lines if you have to open a port for the application
|
||||
### `ynh_find_port` will find the first available port starting from the given port.
|
||||
|
@ -83,8 +85,17 @@ ynh_script_progression --message="Finding an available port..." --weight=1
|
|||
### - Remove the section "CLOSE A PORT" in the remove script
|
||||
|
||||
# Find an available port
|
||||
port=$(ynh_find_port --port=8095)
|
||||
ynh_app_setting_set --app=$app --key=port --value=$port
|
||||
port_preview=$(ynh_find_port --port=8081)
|
||||
ynh_app_setting_set --app=$app --key=port_preview --value=$port_preview
|
||||
port_ide=$(ynh_find_port --port=8082)
|
||||
ynh_app_setting_set --app=$app --key=port_ide --value=$port_ide
|
||||
port_project=$(ynh_find_port --port=8083)
|
||||
ynh_app_setting_set --app=$app --key=port_project --value=$port_project
|
||||
port_data=$(ynh_find_port --port=8084)
|
||||
ynh_app_setting_set --app=$app --key=port_data --value=$port_data
|
||||
|
||||
# define the list of port in the same order than the list of services
|
||||
PORT_LIST=($port_ide $port_preview $port_project $port_data)
|
||||
|
||||
# Optional: Expose this port publicly
|
||||
# (N.B.: you only need to do this if the app actually needs to expose the port publicly.
|
||||
|
@ -121,27 +132,26 @@ ynh_install_mongo --mongo_version=6.0
|
|||
ynh_script_progression --message="Configuring system user..." --weight=1
|
||||
|
||||
# Create a system user
|
||||
ynh_system_user_create --username=$app --home_dir="$final_path" --use-shell --groups="ssh.app"
|
||||
|
||||
ynh_system_user_create --username=$app --home_dir="$final_path" --use_shell --groups="ssh.app"
|
||||
|
||||
#=================================================
|
||||
# CREATE A Mongo DATABASE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Creating a Mongo database..." --weight=1
|
||||
ynh_script_progression --message="Creating the Mongo databases..." --weight=1
|
||||
|
||||
### Use these lines if you need a database for the application.
|
||||
### `ynh_mysql_setup_db` will create a database, an associated user and a ramdom password.
|
||||
### The password will be stored as 'mysqlpwd' into the app settings,
|
||||
### and will be available as $db_pwd
|
||||
### If you're not using these lines:
|
||||
### - Remove the section "BACKUP THE MYSQL DATABASE" in the backup script
|
||||
### - Remove also the section "REMOVE THE MYSQL DATABASE" in the remove script
|
||||
### - As well as the section "RESTORE THE MYSQL DATABASE" in the restore script
|
||||
# No need to create the database for data and demoProjects, and the user is not used
|
||||
|
||||
db_name=$(ynh_sanitize_dbid --db_name=$app-projects)
|
||||
db_user=$db_name
|
||||
ynh_app_setting_set --app=$app --key=db_name --value=$db_name
|
||||
ynh_mongo_setup_db --db_user=$db_user --db_name=$db_name
|
||||
#db_project_name=$(ynh_sanitize_dbid --db_name="${app}-projects")
|
||||
#db_demo_project_name=$(ynh_sanitize_dbid --db_name="${app}-demo-projects")
|
||||
#db_data_name=$(ynh_sanitize_dbid --db_name="${app}-data")
|
||||
db_user=$(ynh_sanitize_dbid --db_name="${app}")
|
||||
#ynh_app_setting_set --app=$app --key=db_project_name --value=$db_project_name
|
||||
#ynh_app_setting_set --app=$app --key=db_demo_project_name --value=$db_demo_project_name
|
||||
#ynh_app_setting_set --app=$app --key=db_data_name --value=$db_data_name
|
||||
#ynh_app_setting_set --app=$app --key=db_user --value=$db_user
|
||||
|
||||
#We should probably enable databases to the user, but for now, we connect through admin
|
||||
ynh_mongo_setup_db --db_user=$db_user --db_name=dontCodeProjects
|
||||
|
||||
#=================================================
|
||||
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
||||
|
@ -166,17 +176,18 @@ chmod -R o-rwx "$final_path"
|
|||
chown -R $app:$app "$final_path"
|
||||
|
||||
# Download, check integrity, uncompress and patch the source from app.src
|
||||
# ynh_setup_source --dest_dir="$final_path"
|
||||
ynh_setup_source --dest_dir="$final_path"
|
||||
|
||||
if [ -n "$public_key" ]
|
||||
then
|
||||
#enable ssh access to the files for updates
|
||||
#todo: Secure it more with https://github.com/YunoHost-Apps/ssh_chroot_dir_ynh
|
||||
mkdir $final_path .ssh
|
||||
ynh_add_config --template="authorized_keys" --destination=".ssh/authorized_keys"
|
||||
mkdir --parents $final_path/.ssh
|
||||
ynh_add_config --template="authorized_keys" --destination="$final_path/.ssh/authorized_keys"
|
||||
ynh_app_setting_set --app=$app --key=public_key --value=$public_key
|
||||
chown -R $app:$app "$final_path/.ssh"
|
||||
chmod 700 "$final_path/.ssh"
|
||||
chmod 600 "$final_path/.ssh/authorized-keys"
|
||||
chmod 600 "$final_path/.ssh/authorized_keys"
|
||||
fi
|
||||
|
||||
|
||||
|
@ -193,8 +204,17 @@ ynh_add_nginx_config
|
|||
#=================================================
|
||||
# SPECIFIC SETUP
|
||||
#=================================================
|
||||
# ...
|
||||
# Create document storage
|
||||
#=================================================
|
||||
document_path=/var/www/$app/documents
|
||||
test ! -e "$document_path" || ynh_die --message="This path already contains a folder"
|
||||
mkdir --parents $document_path
|
||||
|
||||
chmod 750 "$document_path"
|
||||
chmod -R o-rwx "$document_path"
|
||||
chown -R $app:www-data "$document_path"
|
||||
|
||||
document_url=https://${domain}${path_url}/documents
|
||||
|
||||
#=================================================
|
||||
# DONT CREATE A DATA DIRECTORY
|
||||
|
@ -241,13 +261,13 @@ ynh_script_progression --message="Adding a configuration file..." --weight=1
|
|||
###
|
||||
### Check the documentation of `ynh_add_config` for more info.
|
||||
|
||||
# ynh_add_config --template="some_config_file" --destination="$final_path/some_config_file"
|
||||
ynh_add_config --template=".env" --destination="$final_path/.env"
|
||||
|
||||
# FIXME: this should be handled by the core in the future
|
||||
# You may need to use chmod 600 instead of 400,
|
||||
# for example if the app is expected to be able to modify its own config
|
||||
#chmod 400 "$final_path/some_config_file"
|
||||
#chown $app:$app "$final_path/some_config_file"
|
||||
chmod 400 "$final_path/.env"
|
||||
chown $app:$app "$final_path/.env"
|
||||
|
||||
### For more complex cases where you want to replace stuff using regexes,
|
||||
### you shoud rely on ynh_replace_string (which is basically a wrapper for sed)
|
||||
|
@ -272,8 +292,16 @@ ynh_script_progression --message="Configuring a systemd service..." --weight=1
|
|||
### - As well as the section "RESTORE SYSTEMD" in the restore script
|
||||
### - And the section "SETUP SYSTEMD" in the upgrade script
|
||||
|
||||
# Create a dedicated systemd config
|
||||
#ynh_add_systemd_config
|
||||
# Create a dedicated systemd config for each service
|
||||
|
||||
service_list_length=${#SERVICES_LIST[@]}
|
||||
for (( j=0; j<${service_list_length}; j++ ))
|
||||
do
|
||||
service_name=${SERVICES_LIST[$j]}
|
||||
port=${PORT_LIST[$j]}
|
||||
ynh_add_systemd_config --service="${app}-${service_name}"
|
||||
done
|
||||
|
||||
|
||||
#=================================================
|
||||
# GENERIC FINALIZATION
|
||||
|
@ -307,7 +335,10 @@ ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
|
|||
### - As well as the section "INTEGRATE SERVICE IN YUNOHOST" in the restore script
|
||||
### - And the section "INTEGRATE SERVICE IN YUNOHOST" in the upgrade script
|
||||
|
||||
yunohost service add $app --description="Dont-code platform services" --log="/var/log/$app/$app.log"
|
||||
for service_name in "${SERVICES_LIST[@]}"
|
||||
do
|
||||
yunohost service add "${app}-${service_name}" --description="Dont-code platform ${service_name} service" --log="/var/log/${app}/${service_name}-${app}.log"
|
||||
done
|
||||
|
||||
### Additional options starting with 3.8:
|
||||
###
|
||||
|
@ -328,7 +359,7 @@ yunohost service add $app --description="Dont-code platform services" --log="/va
|
|||
#=================================================
|
||||
# START SYSTEMD SERVICE
|
||||
#=================================================
|
||||
ynh_script_progression --message="Starting a systemd service..." --weight=1
|
||||
ynh_script_progression --message="Starting systemd services..." --weight=1
|
||||
|
||||
### `ynh_systemd_action` is used to start a systemd service for an app.
|
||||
### Only needed if you have configure a systemd service
|
||||
|
@ -339,7 +370,10 @@ ynh_script_progression --message="Starting a systemd service..." --weight=1
|
|||
### - And the section "STOP SYSTEMD SERVICE" and "START SYSTEMD SERVICE" in the change_url script
|
||||
|
||||
# Start a systemd service
|
||||
#ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
|
||||
for service_name in "${SERVICES_LIST[@]}"
|
||||
do
|
||||
ynh_systemd_action --service_name="${app}-${service_name}" --action="start" --log_path="/var/log/$app/$app.log"
|
||||
done
|
||||
|
||||
#=================================================
|
||||
# SETUP SSOWAT
|
||||
|
|
|
@ -19,23 +19,32 @@ ynh_script_progression --message="Loading installation settings..." --weight=1
|
|||
app=$YNH_APP_INSTANCE_NAME
|
||||
|
||||
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
||||
port=$(ynh_app_setting_get --app=$app --key=port)
|
||||
port_ide=$(ynh_app_setting_get --app=$app --key=port_ide)
|
||||
port_preview=$(ynh_app_setting_get --app=$app --key=port_preview)
|
||||
port_project=$(ynh_app_setting_get --app=$app --key=port_project)
|
||||
port_data=$(ynh_app_setting_get --app=$app --key=port_data)
|
||||
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
|
||||
db_user=$db_name
|
||||
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
||||
|
||||
SERVICES_LIST=(ide preview project data)
|
||||
PORT_LIST=($port_ide $port_preview $port_project $port_data)
|
||||
|
||||
#=================================================
|
||||
# STANDARD REMOVE
|
||||
#=================================================
|
||||
# REMOVE SERVICE INTEGRATION IN YUNOHOST
|
||||
#=================================================
|
||||
ynh_script_progression --message="Removing $app services..." --weight=1
|
||||
|
||||
# Remove the service from the list of services known by YunoHost (added from `yunohost service add`)
|
||||
if ynh_exec_warn_less yunohost service status $app >/dev/null
|
||||
for service_name in "${SERVICES_LIST[@]}"
|
||||
do
|
||||
if ynh_exec_warn_less yunohost service status "${app}-${service_name}" >/dev/null
|
||||
then
|
||||
ynh_script_progression --message="Removing $app service integration..." --weight=1
|
||||
yunohost service remove $app
|
||||
yunohost service remove "${app}-${service_name}"
|
||||
fi
|
||||
done
|
||||
|
||||
#=================================================
|
||||
# STOP AND REMOVE SERVICE
|
||||
|
@ -43,7 +52,10 @@ fi
|
|||
ynh_script_progression --message="Stopping and removing the systemd service..." --weight=1
|
||||
|
||||
# Remove the dedicated systemd config
|
||||
#ynh_remove_systemd_config
|
||||
for service_name in "${SERVICES_LIST[@]}"
|
||||
do
|
||||
ynh_remove_systemd_config --service="${app}-${service_name}"
|
||||
done
|
||||
|
||||
#=================================================
|
||||
# REMOVE LOGROTATE CONFIGURATION
|
||||
|
@ -59,7 +71,9 @@ ynh_remove_logrotate
|
|||
ynh_script_progression --message="Removing the Mongo database..." --weight=1
|
||||
|
||||
# Remove a database if it exists, along with the associated user
|
||||
ynh_mongo_remove_db --db_user=$db_user --db_name=$db_name
|
||||
ynh_mongo_remove_db --db_user=$db_user --db_name=dontCodeProjects
|
||||
ynh_mongo_remove_db --db_user=$db_user --db_name=dontCodeDemoProjects
|
||||
ynh_mongo_remove_db --db_user=$db_user --db_name=dontCodeData
|
||||
|
||||
# Remove mongo itself if not used anymore
|
||||
ynh_remove_mongo
|
||||
|
@ -89,14 +103,17 @@ ynh_script_progression --message="Removing dependencies..." --weight=1
|
|||
ynh_remove_app_dependencies
|
||||
|
||||
#=================================================
|
||||
# CLOSE A PORT
|
||||
# CLOSE ALL PORTS
|
||||
#=================================================
|
||||
|
||||
for port in "${PORT_LIST[@]}"
|
||||
do
|
||||
if yunohost firewall list | grep -q "\- $port$"
|
||||
then
|
||||
ynh_script_progression --message="Closing port $port..." --weight=1
|
||||
ynh_exec_warn_less yunohost firewall disallow TCP $port
|
||||
fi
|
||||
done
|
||||
|
||||
#=================================================
|
||||
# SPECIFIC REMOVE
|
||||
|
@ -105,9 +122,6 @@ fi
|
|||
#=================================================
|
||||
ynh_script_progression --message="Removing various files..." --weight=1
|
||||
|
||||
# Remove the app directory securely
|
||||
ynh_secure_remove --file="$final_path"
|
||||
|
||||
# Remove the log files
|
||||
ynh_secure_remove --file="/var/log/$app"
|
||||
|
||||
|
|
Loading…
Reference in a new issue