diff --git a/conf/nginx.conf b/conf/nginx.conf index e8aea12..03afd4f 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -4,7 +4,7 @@ location / { proxy_set_header Host $http_host; proxy_set_header X-NginX-Proxy true; - proxy_pass http://localhost:9220; + proxy_pass http://127.0.0.1:9220; proxy_redirect off; # Socket.io support @@ -18,18 +18,18 @@ location / { access_by_lua_file /usr/share/ssowat/access.lua; location ~ \.(js|css|woff|woff2|ttf|png) { - proxy_pass http://localhost:9220; + proxy_pass http://127.0.0.1:9220; } location ~ /webmin { - proxy_pass http://localhost:9220$uri; + proxy_pass http://127.0.0.1:9220$uri; } location ~ ^/bma(.*)$ { - proxy_pass http://localhost:__PORT__$1$is_args$args; + proxy_pass http://127.0.0.1:__PORT__$1$is_args$args; } location /ws2p { - proxy_pass http://localhost:20901; + proxy_pass http://127.0.0.1:20901; } } diff --git a/doc/DISCLAIMER.md b/doc/ADMIN.md similarity index 100% rename from doc/DISCLAIMER.md rename to doc/ADMIN.md diff --git a/doc/DISCLAIMER_fr.md b/doc/ADMIN_fr.md similarity index 100% rename from doc/DISCLAIMER_fr.md rename to doc/ADMIN_fr.md diff --git a/doc/DESCRIPTION.md b/doc/DESCRIPTION.md index e69de29..c5d124a 100644 --- a/doc/DESCRIPTION.md +++ b/doc/DESCRIPTION.md @@ -0,0 +1 @@ +Crypto-currency software to operate Ğ1 libre currency \ No newline at end of file diff --git a/manifest.toml b/manifest.toml index 182a7a3..667b1f6 100644 --- a/manifest.toml +++ b/manifest.toml @@ -13,27 +13,23 @@ maintainers = ["Moul"] license = "AGPL-3.0-or-later" website = "https://duniter.org" code = "https://git.duniter.org/nodes/typescript/duniter" -cpe = "???" # FIXME: optional but recommended if relevant, this is meant to contain the Common Platform Enumeration, which is sort of a standard id for applications defined by the NIST. In particular, Yunohost may use this is in the future to easily track CVE (=security reports) related to apps. The CPE may be obtained by searching here: https://nvd.nist.gov/products/cpe/search. For example, for Nextcloud, the CPE is 'cpe:2.3:a:nextcloud:nextcloud' (no need to include the version number) -fund = "???" # FIXME: optional but recommended (or remove if irrelevant / not applicable). This is meant to be an URL where people can financially support this app, especially when its development is based on volunteers and/or financed by its community. YunoHost may later advertise it in the webadmin. [integration] -yunohost = ">= 11.0.0" -architectures = "all" # FIXME: can be replaced by a list of supported archs using the dpkg --print-architecture nomenclature (amd64/i386/armhf/arm64), for example: ["amd64", "i386"] +yunohost = ">= 11.1.19" +architectures = ["amd64", "armhf"] multi_instance = false -ldap = "?" # FIXME: replace with true, false, or "not_relevant". Not to confuse with the "sso" key : the "ldap" key corresponds to wether or not a user *can* login on the app using its YunoHost credentials. -sso = "?" # FIXME: replace with true, false, or "not_relevant". Not to confuse with the "ldap" key : the "sso" key corresponds to wether or not a user is *automatically logged-in* on the app when logged-in on the YunoHost portal. -disk = "50M" # FIXME: replace with an **estimate** minimum disk requirement. e.g. 20M, 400M, 1G, ... -ram.build = "50M" # FIXME: replace with an **estimate** minimum ram requirement. e.g. 50M, 400M, 1G, ... -ram.runtime = "50M" # FIXME: replace with an **estimate** minimum ram requirement. e.g. 50M, 400M, 1G, ... +ldap = false +sso = false +disk = "50M" +ram.build = "50M" +ram.runtime = "50M" [install] [install.domain] - # this is a generic question - ask strings are automatically handled by Yunohost's core type = "domain" full_domain = true [install.admin] - # this is a generic question - ask strings are automatically handled by Yunohost's core type = "user" [resources] @@ -45,6 +41,7 @@ ram.runtime = "50M" # FIXME: replace with an **estimate** minimum ram requiremen armhf.url = "https://git.duniter.org/nodes/typescript/duniter/uploads/8773273a64956cb02de555ec72e4d2bd/duniter-server-v1.8.5-linux-armv7l.deb" armhf.sha256 = "498e3a7766e167887de2d71dd43ffa6c1add11f976bf00e2a44ccc3cec5d5da0" + [resources.ports] [resources.system_user] @@ -54,3 +51,14 @@ ram.runtime = "50M" # FIXME: replace with an **estimate** minimum ram requiremen [resources.permissions] main.url = "/" + main.add_url = ["/webmin"] + + api.url = "/bma" + api.additional_urls = "/ws2p" + api.auth_header = false + api.allowed = "visitors" + + apis.url = "/bma" + apis.additional_urls = "/ws2p" + apis.auth_header = false + apis.allowed = "visitors" diff --git a/scripts/_common.sh b/scripts/_common.sh index 19df86b..0418752 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -4,12 +4,10 @@ # COMMON VARIABLES #================================================= -# dependencies used by the app -#REMOVEME? pkg_dependencies="deb1 deb2 php$YNH_DEFAULT_PHP_VERSION-deb1 php$YNH_DEFAULT_PHP_VERSION-deb2" - #================================================= # PERSONAL HELPERS #================================================= + CONFIGURE_DUNITER() { ynh_exec_as duniter duniter --home $data_dir config --bma --ipv4 127.0.0.1 --port $port --remoteh $domain --remotep 443 --noupnp ynh_exec_as duniter duniter --home $data_dir config --ws2p-host 127.0.0.1 --ws2p-port 20901 --ws2p-remote-host $domain --ws2p-remote-port 443 --ws2p-remote-path "/ws2p" --ws2p-noupnp diff --git a/scripts/backup b/scripts/backup index 898db33..4bc26f2 100644 --- a/scripts/backup +++ b/scripts/backup @@ -10,26 +10,6 @@ source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= - -#REMOVEME? ynh_clean_setup () { - true -} -# Exit if an error occurs during the execution of the script -#REMOVEME? ynh_abort_if_errors - -#================================================= -# LOAD SETTINGS -#================================================= -#REMOVEME? ynh_print_info --message="Loading installation settings…" - -#REMOVEME? app=$YNH_APP_INSTANCE_NAME - -#REMOVEME? domain=$(ynh_app_setting_get --app=$app --key=domain) -#REMOVEME? data_dir=$(ynh_app_setting_get --app=$app --key=data_dir) - #================================================= # DECLARE DATA AND CONF FILES TO BACKUP #================================================= diff --git a/scripts/change_url b/scripts/change_url index de68844..dbc5390 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -9,65 +9,6 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# RETRIEVE ARGUMENTS -#================================================= - -#REMOVEME? old_domain=$YNH_APP_OLD_DOMAIN -#REMOVEME? old_path=$YNH_APP_OLD_PATH - -#REMOVEME? new_domain=$YNH_APP_NEW_DOMAIN -#REMOVEME? new_path="/" - -#REMOVEME? app=$YNH_APP_INSTANCE_NAME - -#================================================= -# LOAD SETTINGS -#================================================= -#REMOVEME? ynh_script_progression --message="Loading installation settings…" - -#REMOVEME? # Needed for helper "ynh_add_nginx_config" -#REMOVEME? #REMOVEME? install_dir=$(ynh_app_setting_get --app=$app --key=install_dir) - -# Add settings here as needed by your application -#REMOVEME? #db_name=$(ynh_app_setting_get --app=$app --key=db_name) -#db_user=$db_name -#REMOVEME? #db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd) - -#================================================= -# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP -#================================================= -#REMOVEME? ynh_script_progression --message="Backing up the app before changing its URL (may take a while)…" - -# Backup the current version of the app -#REMOVEME? ynh_backup_before_upgrade -#REMOVEME? ynh_clean_setup () { - #REMOVEME? ynh_clean_check_starting - # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location. -#REMOVEME? ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" - - # Restore it if the upgrade fails -#REMOVEME? ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -#REMOVEME? ynh_abort_if_errors - -#================================================= -# CHECK WHICH PARTS SHOULD BE CHANGED -#================================================= - -#REMOVEME? change_domain=0 -#REMOVEME? if [ "$old_domain" != "$new_domain" ] -then - #REMOVEME? change_domain=1 -fi - -#REMOVEME? change_path=0 -#REMOVEME? if [ "$old_path" != "$new_path" ] -then - #REMOVEME? change_path=1 -fi - #================================================= # STANDARD MODIFICATIONS #================================================= @@ -84,36 +25,6 @@ ynh_script_progression --message="Updating NGINX web server configuration…" ynh_change_url_nginx_config -#REMOVEME? nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf - -# Change the path in the NGINX config file -if [ $change_path -eq 1 ] -then - # Make a backup of the original NGINX config file if modified -#REMOVEME? ynh_backup_if_checksum_is_different --file="$nginx_conf_path" - # Set global variables for NGINX helper -#REMOVEME? domain="$old_domain" -#REMOVEME? path="$new_path" - # Create a dedicated NGINX config -#REMOVEME? ynh_add_nginx_config -fi - -# Change the domain for NGINX -if [ $change_domain -eq 1 ] -then - # Delete file checksum for the old conf file location -#REMOVEME? ynh_delete_file_checksum --file="$nginx_conf_path" -#REMOVEME? mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf - # Store file checksum for the new config file location -#REMOVEME? ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" -fi - -#================================================= -# SPECIFIC MODIFICATIONS -#================================================= -# … -#================================================= - #================================================= # GENERIC FINALISATION #================================================= @@ -124,13 +35,6 @@ ynh_script_progression --message="Starting a systemd service…" # Start a systemd service ynh_systemd_action --service_name=$app --action="start" --log_path=systemd -#================================================= -# RELOAD NGINX -#================================================= -#REMOVEME? ynh_script_progression --message="Reloading NGINX web server…" - -#REMOVEME? #REMOVEME? ynh_systemd_action --service_name=nginx --action=reload - #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/install b/scripts/install index 1f6ac4d..4fc2052 100644 --- a/scripts/install +++ b/scripts/install @@ -9,62 +9,6 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= - -#REMOVEME? ynh_clean_setup () { - ynh_clean_check_starting -} -# Exit if an error occurs during the execution of the script -#REMOVEME? ynh_abort_if_errors - -#================================================= -# RETRIEVE ARGUMENTS FROM THE MANIFEST -#================================================= - -#REMOVEME? domain=$YNH_APP_ARG_DOMAIN -path="/" -#REMOVEME? admin=$YNH_APP_ARG_ADMIN - -#REMOVEME? app=$YNH_APP_INSTANCE_NAME -architecture=$YNH_ARCH - -#================================================= -# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS -#================================================= -#REMOVEME? ynh_script_progression --message="Validating installation parameters…" - -# Register (book) web path -#REMOVEME? ynh_webpath_register --app=$app --domain=$domain --path=$path - -#================================================= -# STORE SETTINGS FROM MANIFEST -#================================================= -#REMOVEME? ynh_script_progression --message="Storing installation settings…" - -#REMOVEME? ynh_app_setting_set --app=$app --key=domain --value=$domain -#REMOVEME? ynh_app_setting_set --app=$app --key=path --value=$path -#REMOVEME? ynh_app_setting_set --app=$app --key=admin --value=$admin - -#================================================= -# FIND AND OPEN A PORT -#================================================= -#REMOVEME? ynh_script_progression --message="Finding an available port…" - -# Find an available port -#REMOVEME? port=$(ynh_find_port --port=10901) -#REMOVEME? ynh_app_setting_set --app=$app --key=port --value=$port - -#================================================= -# CREATE DEDICATED USER -#================================================= -#REMOVEME? ynh_script_progression --message="Configuring system user…" - -# Create a system user -#REMOVEME? data_dir=/home/yunohost.app/$app -#REMOVEME? ynh_system_user_create --username=$app --home_dir=$data_dir --use_shell - #================================================= # NGINX CONFIGURATION #================================================= @@ -82,22 +26,9 @@ ynh_script_progression --message="Installation of Debian package of Duniter…" tempdir="$(mktemp -d)" -ynh_setup_source --dest_dir=$tempdir --source_id=$architecture +ynh_setup_source --dest_dir=$tempdir --source_id=$YNH_ARCH ynh_exec_warn_less dpkg -i $tempdir/duniter-server-v1.8.*-linux-*.deb -#================================================= -# CREATE DATA DIRECTORY -#================================================= -ynh_script_progression --message="Creating a data directory…" - -#REMOVEME? ynh_app_setting_set --app=$app --key=data_dir --value=$data_dir - -mkdir -p $data_dir - -chmod 750 "$data_dir" -chmod -R o-rwx "$data_dir" -chown -R $app:www-data "$data_dir" - #================================================= # CONFIGURE DUNITER #================================================= @@ -128,25 +59,6 @@ ynh_script_progression --message="Starting a systemd service…" # Start a systemd service ynh_systemd_action --service_name=$app --action="start" --log_path=systemd -#================================================= -# SETUP SSOWAT -#================================================= -#REMOVEME? ynh_script_progression --message="Configuring permissions…" - -# Change main group to protect sensitive sub-routes (client, API) to Duniter web admin interface, give access to choosen admin -#REMOVEME? ynh_permission_update --permission "main" --add "$admin" --remove "all_users" -ynh_permission_url --permission "main" --add_url "/webmin" - -# Create apis permission group to public to allow BMA and WS2P APIs accessible to visitors -#REMOVEME? ynh_permission_create --permission "apis" --url "/bma" --additional_urls "/ws2p" --auth_header=false --allowed "visitors" - -#================================================= -# RELOAD NGINX -#================================================= -#REMOVEME? ynh_script_progression --message="Reloading NGINX web server…" - -#REMOVEME? ynh_systemd_action --service_name=nginx --action=reload - #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/remove b/scripts/remove index 0772f22..de21869 100644 --- a/scripts/remove +++ b/scripts/remove @@ -9,24 +9,12 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# LOAD SETTINGS -#================================================= -#REMOVEME? ynh_script_progression --message="Loading installation settings…" - -#REMOVEME? app=$YNH_APP_INSTANCE_NAME - -#REMOVEME? domain=$(ynh_app_setting_get --app=$app --key=domain) -#REMOVEME? port=$(ynh_app_setting_get --app=$app --key=port) -#REMOVEME? data_dir=$(ynh_app_setting_get --app=$app --key=data_dir) - #================================================= # STANDARD REMOVE #================================================= # REMOVE SERVICE INTEGRATION IN YUNOHOST #================================================= -# Remove the service from the list of services known by YunoHost (added from `yunohost service add`) if ynh_exec_warn_less yunohost service status $app >/dev/null then ynh_script_progression --message="Removing $app service integration…" @@ -41,17 +29,6 @@ ynh_script_progression --message="Stopping and removing the systemd service…" # Remove the dedicated systemd config ynh_remove_systemd_config -#================================================= -# REMOVE DATA DIR -#================================================= - -# Remove the data directory if --purge option is used -if [ "${YNH_APP_PURGE:-0}" -eq 1 ] -then - ynh_script_progression --message="Removing app data directory…" -#REMOVEME? ynh_secure_remove --file="$data_dir" -fi - #================================================= # REMOVE NGINX CONFIGURATION #================================================= @@ -63,20 +40,10 @@ ynh_remove_nginx_config #================================================= # REMOVE DEPENDENCIES #================================================= -#REMOVEME? ynh_script_progression --message="Removing dependencies…" +ynh_script_progression --message="Removing dependencies…" dpkg -r duniter -#================================================= -# GENERIC FINALIZATION -#================================================= -# REMOVE DEDICATED USER -#================================================= -#REMOVEME? ynh_script_progression --message="Removing the dedicated system user…" - -# Delete a system user -#REMOVEME? ynh_system_user_delete --username=$app - #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/restore b/scripts/restore index a55dd38..a21fe41 100644 --- a/scripts/restore +++ b/scripts/restore @@ -10,29 +10,6 @@ source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= - -#REMOVEME? ynh_clean_setup () { - ynh_clean_check_starting -} -# Exit if an error occurs during the execution of the script -#REMOVEME? ynh_abort_if_errors - -#================================================= -# LOAD SETTINGS -#================================================= -#REMOVEME? ynh_script_progression --message="Loading installation settings…" - -#REMOVEME? app=$YNH_APP_INSTANCE_NAME - -#REMOVEME? domain=$(ynh_app_setting_get --app=$app --key=domain) -#REMOVEME? path=$(ynh_app_setting_get --app=$app --key=path) -#REMOVEME? data_dir=$(ynh_app_setting_get --app=$app --key=data_dir) -#REMOVEME? port=$(ynh_app_setting_get --app=$app --key=port) -architecture=$YNH_ARCH - #================================================= # STANDARD RESTORATION STEPS #================================================= @@ -42,14 +19,6 @@ ynh_script_progression --message="Restoring the NGINX web server configuration ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" -#================================================= -# RECREATE THE DEDICATED USER -#================================================= -#REMOVEME? ynh_script_progression --message="Recreating the dedicated system user…" - -# Create the dedicated user (if not existing) -#REMOVEME? ynh_system_user_create --username=$app --home_dir=$data_dir --use_shell - #================================================= # RESTORE THE DATA DIRECTORY #================================================= @@ -57,10 +26,6 @@ ynh_script_progression --message="Restoring the data directory…" ynh_restore_file --origin_path="$data_dir" --not_mandatory -mkdir -p $data_dir - -chmod 750 "$data_dir" -chmod -R o-rwx "$data_dir" chown -R $app:www-data "$data_dir" #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 6db0cd7..ba671da 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -9,42 +9,12 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# LOAD SETTINGS -#================================================= -#REMOVEME? ynh_script_progression --message="Loading installation settings…" - -#REMOVEME? app=$YNH_APP_INSTANCE_NAME - -#REMOVEME? domain=$(ynh_app_setting_get --app=$app --key=domain) -#REMOVEME? path=$(ynh_app_setting_get --app=$app --key=path) -#REMOVEME? admin=$(ynh_app_setting_get --app=$app --key=admin) -#REMOVEME? data_dir=$(ynh_app_setting_get --app=$app --key=data_dir) -#REMOVEME? port=$(ynh_app_setting_get --app=$app --key=port) -architecture=$YNH_ARCH - #================================================= # CHECK VERSION #================================================= -ynh_script_progression --message="Checking version…" upgrade_type=$(ynh_check_app_version_changed) -#================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP -#================================================= -#REMOVEME? ynh_script_progression --message="Backing up the app before upgrading (may take a while)…" - -# Backup the current version of the app -#REMOVEME? ynh_backup_before_upgrade -#REMOVEME? ynh_clean_setup () { - ynh_clean_check_starting - # Restore it if the upgrade fails -#REMOVEME? ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -#REMOVEME? ynh_abort_if_errors - #================================================= # STANDARD UPGRADE STEPS #================================================= @@ -54,27 +24,6 @@ ynh_script_progression --message="Stopping a systemd service…" ynh_systemd_action --service_name=$app --action="stop" --log_path=systemd -#================================================= -# ENSURE DOWNWARD COMPATIBILITY -#================================================= -ynh_script_progression --message="Ensuring downward compatibility…" - -# Cleaning legacy permissions -#REMOVEME? if ynh_legacy_permissions_exists; then -#REMOVEME? ynh_legacy_permissions_delete_all - - ynh_app_setting_delete --app=$app --key=is_public -fi - -#================================================= -# CREATE DEDICATED USER -#================================================= -#REMOVEME? ynh_script_progression --message="Making sure dedicated system user exists…" - -# Create a dedicated user (if not existing) -#REMOVEME? data_dir=/home/yunohost.app/$app -#REMOVEME? ynh_system_user_create --username=$app --home_dir=$data_dir --use_shell - #================================================= # NGINX CONFIGURATION #================================================= @@ -94,12 +43,13 @@ dpkg -r duniter tempdir="$(mktemp -d)" -ynh_setup_source --dest_dir=$tempdir --source_id=$architecture +ynh_setup_source --dest_dir=$tempdir --source_id=$YNH_ARCH ynh_exec_warn_less dpkg -i $tempdir/duniter-server-v1.8.*-linux-*.deb #================================================= # MOVE DUNITER DIRECTORY #================================================= + if [[ ! -d "${data_dir}" ]]; then ynh_script_progression --message="Moving data directory…" mv /root/.config/duniter $data_dir @@ -137,13 +87,6 @@ ynh_script_progression --message="Starting a systemd service…" ynh_systemd_action --service_name=$app --action="start" --log_path=systemd -#================================================= -# RELOAD NGINX -#================================================= -#REMOVEME? ynh_script_progression --message="Reloading NGINX web server…" - -#REMOVEME? ynh_systemd_action --service_name=nginx --action=reload - #================================================= # END OF SCRIPT #=================================================