diff --git a/.github/workflows/updater.yml b/.github/workflows/updater.yml index fb72ba0..a56d7cb 100644 --- a/.github/workflows/updater.yml +++ b/.github/workflows/updater.yml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Fetch the source code - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Run the updater script @@ -33,7 +33,7 @@ jobs: - name: Create Pull Request id: cpr if: ${{ env.PROCEED == 'true' }} - uses: peter-evans/create-pull-request@v3 + uses: peter-evans/create-pull-request@v4 with: token: ${{ secrets.GITHUB_TOKEN }} commit-message: Update to version ${{ env.VERSION }} diff --git a/.kateproject b/.kateproject deleted file mode 100644 index d945148..0000000 --- a/.kateproject +++ /dev/null @@ -1,4 +0,0 @@ -{ -"name": "Element_ynh" -, "files": [ { "git": 1 } ] -} diff --git a/README.md b/README.md index 6dd6110..10d1fb4 100644 --- a/README.md +++ b/README.md @@ -6,6 +6,7 @@ It shall NOT be edited by hand. # Element for YunoHost [![Integration level](https://dash.yunohost.org/integration/element.svg)](https://dash.yunohost.org/appci/app/element) ![Working status](https://ci-apps.yunohost.org/ci/badges/element.status.svg) ![Maintenance status](https://ci-apps.yunohost.org/ci/badges/element.maintain.svg) + [![Install Element with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=element) *[Lire ce readme en français.](./README_fr.md)* @@ -17,7 +18,7 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in Element is a new type of messaging app. You choose where your messages are stored, putting you in control of your data. It gives you access to the Matrix open network, so you can talk to anyone. Element provides a new level of security, adding cross-signed device verification to default end-to-end encryption. -**Shipped version:** 1.11.20~ynh1 +**Shipped version:** 1.11.25~ynh1 **Demo:** https://app.element.io/ @@ -25,6 +26,7 @@ Element is a new type of messaging app. You choose where your messages are store ![Screenshot of Element](./doc/screenshots/homepage-all-platforms-1_1.png) + ## Disclaimers / important information ## YunoHost specific features diff --git a/README_fr.md b/README_fr.md index 4070b49..73d6c9f 100644 --- a/README_fr.md +++ b/README_fr.md @@ -6,6 +6,7 @@ It shall NOT be edited by hand. # Element pour YunoHost [![Niveau d’intégration](https://dash.yunohost.org/integration/element.svg)](https://dash.yunohost.org/appci/app/element) ![Statut du fonctionnement](https://ci-apps.yunohost.org/ci/badges/element.status.svg) ![Statut de maintenance](https://ci-apps.yunohost.org/ci/badges/element.maintain.svg) + [![Installer Element avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=element) *[Read this readme in english.](./README.md)* @@ -17,7 +18,7 @@ Si vous n’avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) po Element est un nouveau type d'application de messagerie. Vous choisissez où vos messages sont stockés, ce qui vous donne le contrôle de vos données. Il vous donne accès au réseau ouvert Matrix, vous pouvez donc parler à n'importe qui. Element offre un nouveau niveau de sécurité, en ajoutant la vérification des appareils par signature croisée au chiffrement de bout en bout par défaut. -**Version incluse :** 1.11.20~ynh1 +**Version incluse :** 1.11.25~ynh1 **Démo :** https://app.element.io/ @@ -25,28 +26,6 @@ Element est un nouveau type d'application de messagerie. Vous choisissez où vos ![Capture d’écran de Element](./doc/screenshots/homepage-all-platforms-1_1.png) -## Avertissements / informations importantes - -## Fonctionnalités spécifiques à YunoHost - -### Prise en charge multi-utilisateurs - -Cette application prend en charge le SSO. Si vous souhaitez utiliser le SSO, vous devez définir le chemin d'accès au serveur domestique par défaut car votre serveur domestique est installé sur votre instance YunoHost. - -## Informations supplémentaires - -### Note de sécurité importante - -Nous vous déconseillons d'exécuter Element à partir du même nom de domaine que votre Matrix -serveur domestique (Synapse). La raison en est le risque de XSS (cross-site-scripting) -vulnérabilités qui pourraient survenir si quelqu'un provoquait le chargement et le rendu d'Element -un utilisateur malveillant a généré du contenu à partir d'une API Matrix qui avait alors fait confiance -accès à Element (ou à d'autres applications) en raison du partage du même domaine. - -Nous avons mis en place des mesures d'atténuation grossières pour essayer de nous protéger contre ce -situation, mais ce n'est toujours pas une bonne pratique de le faire en premier lieu. Voir -https://github.com/vector-im/riot-web/issues/1977 pour plus de détails. - ## Documentations et ressources * Site officiel de l’app : diff --git a/check_process b/check_process deleted file mode 100644 index ec0f0de..0000000 --- a/check_process +++ /dev/null @@ -1,24 +0,0 @@ -;; Test complet - ; Manifest - domain="domain.tld" - path="/path" - default_home_server="matrix.org" - is_public=1 - ; Checks - pkg_linter=1 - setup_sub_dir=1 - setup_root=1 - setup_nourl=0 - setup_private=1 - setup_public=1 - upgrade=1 - upgrade=1 from_commit=34d457d13e526997fddb8348650674a7db2247be - backup_restore=1 - multi_instance=1 - change_url=1 -;;; Upgrade options - ; commit=Sep 13, 2021 - name=34d457d13e526997fddb8348650674a7db2247be - manifest_arg=domain=DOMAIN&path=PATH&admin=USER&language=fr&is_public=1&password=pass&port=666& - - \ No newline at end of file diff --git a/conf/app.src b/conf/app.src deleted file mode 100644 index 0631668..0000000 --- a/conf/app.src +++ /dev/null @@ -1,5 +0,0 @@ -SOURCE_URL=https://github.com/vector-im/element-web/releases/download/v1.11.20/element-v1.11.20.tar.gz -SOURCE_SUM=a856e854d404f5bfd69cf344b5ea7c77a93ac7d37554af2c00f6cb383abac77f -SOURCE_SUM_PRG=sha256sum -SOURCE_FORMAT=tar.gz -SOURCE_IN_SUBDIR=true diff --git a/conf/config.json b/conf/config.json index f76fdf8..d61641b 100644 --- a/conf/config.json +++ b/conf/config.json @@ -1,16 +1,18 @@ { "default_server_config": { - "m.homeserver": { "base_url": "https://__DEFAULT_HOME_SERVER__" }, - "m.identity_server": {"base_url": "https://vector.im"} + "m.homeserver": { + "base_url": "https://__DEFAULT_HOME_SERVER__" + }, + "m.identity_server": { + "base_url": "https://vector.im" + } }, "brand": "Element", "integrations_ui_url": "https://scalar.vector.im/", "integrations_rest_url": "https://scalar.vector.im/api", "showLabsSettings": false, "roomDirectory": { - "servers": [ - "matrix.org" - ] + "servers": ["matrix.org"] }, "enable_presence_by_hs_url": { "https://matrix.org": false, diff --git a/conf/nginx.conf b/conf/nginx.conf index b5f38e3..858d281 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,10 +1,15 @@ #sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; location __PATH__/ { - alias __FINALPATH__/; + alias __INSTALL_DIR__/; index index.html; - + + more_set_headers "X-Frame-Options: SAMEORIGIN"; + more_set_headers "X-Content-Type-Options: nosniff"; + more_set_headers "X-XSS-Protection: '1; mode=block'"; + more_set_headers "Content-Security-Policy: frame-ancestors 'self'"; + # Include SSOWAT user panel. include conf.d/yunohost_panel.conf.inc; } diff --git a/config_panel.toml b/config_panel.toml index 74e4af7..75bb0ec 100644 --- a/config_panel.toml +++ b/config_panel.toml @@ -2,9 +2,11 @@ version = "1.0" [main] name = "Element configuration" +#name.fr = "Configuration d'Element" [main.config] name = "Configuration Options" + #name.fr = "Options de configuration" [main.config.default_home_server] ask = "Default Home Server" @@ -16,8 +18,10 @@ name = "Element configuration" [main.config.login_for_welcome] ask = "Display login as welcome page" + #ask.fr = "Afficher la connexion comme page d'accueil" type = "boolean" yes = true no = false help = "When true, the app will use the login form as a welcome page instead of the welcome page itself. This disables use of welcome_url and all welcome page functionality." - bind = "login_for_welcome:/var/www/__APP__/config.json" + #help.fr = "Quand l'option est sélectionnée, l'application utilisera le formulaire de connexion comme page d'accueil au lieu de la page d'accueil elle-même. Cela désactive l'utilisation de welcome_url et de toutes les fonctionnalités de la page d'accueil." + bind = "login_for_welcome:__INSTALL_DIR__/config.json" diff --git a/doc/DISCLAIMER.md b/doc/DISCLAIMER.md deleted file mode 100644 index fde090f..0000000 --- a/doc/DISCLAIMER.md +++ /dev/null @@ -1,19 +0,0 @@ -## YunoHost specific features - -### Multi-users support - -This application support the SSO. If you want to use the SSO, you need to define the path to the default homeserver as your homeserver witch is installed on your YunoHost instance. - -## Additional informations - -### Important Security Note - -We do not recommend running Element from the same domain name as your Matrix -homeserver (Synapse). The reason is the risk of XSS (cross-site-scripting) -vulnerabilities that could occur if someone caused Element to load and render -malicious user generated content from a Matrix API which then had trusted -access to Element (or other apps) due to sharing the same domain. - -We have put some coarse mitigations into place to try to protect against this -situation, but it's still not good practice to do it in the first place. See -https://github.com/vector-im/riot-web/issues/1977 for more details. diff --git a/doc/DISCLAIMER_fr.md b/doc/DISCLAIMER_fr.md deleted file mode 100644 index 0ac8dd8..0000000 --- a/doc/DISCLAIMER_fr.md +++ /dev/null @@ -1,19 +0,0 @@ -## Fonctionnalités spécifiques à YunoHost - -### Prise en charge multi-utilisateurs - -Cette application prend en charge le SSO. Si vous souhaitez utiliser le SSO, vous devez définir le chemin d'accès au serveur domestique par défaut car votre serveur domestique est installé sur votre instance YunoHost. - -## Informations supplémentaires - -### Note de sécurité importante - -Nous vous déconseillons d'exécuter Element à partir du même nom de domaine que votre Matrix -serveur domestique (Synapse). La raison en est le risque de XSS (cross-site-scripting) -vulnérabilités qui pourraient survenir si quelqu'un provoquait le chargement et le rendu d'Element -un utilisateur malveillant a généré du contenu à partir d'une API Matrix qui avait alors fait confiance -accès à Element (ou à d'autres applications) en raison du partage du même domaine. - -Nous avons mis en place des mesures d'atténuation grossières pour essayer de nous protéger contre ce -situation, mais ce n'est toujours pas une bonne pratique de le faire en premier lieu. Voir -https://github.com/vector-im/riot-web/issues/1977 pour plus de détails. diff --git a/doc/PRE_INSTALL.md b/doc/PRE_INSTALL.md new file mode 100644 index 0000000..43567df --- /dev/null +++ b/doc/PRE_INSTALL.md @@ -0,0 +1,5 @@ +### Important Security Note + +We do not recommend running Element from the same domain name as your Matrix homeserver (Synapse). The reason is the risk of XSS (cross-site-scripting) vulnerabilities that could occur if someone caused Element to load and render malicious user generated content from a Matrix API which then had trusted access to Element (or other apps) due to sharing the same domain. + +We have put some coarse mitigations into place to try to protect against this situation, but it's still not good practice to do it in the first place. See https://github.com/vector-im/riot-web/issues/1977 for more details. \ No newline at end of file diff --git a/doc/PRE_INSTALL_fr.md b/doc/PRE_INSTALL_fr.md new file mode 100644 index 0000000..c5516e9 --- /dev/null +++ b/doc/PRE_INSTALL_fr.md @@ -0,0 +1,5 @@ +### Note de sécurité importante + +Il n'est pas recommandé d'exécuter Element à partir du même nom de domaine que votre serveur domestique Matrix (Synapse). La raison en est le risque de vulnérabilités XSS (cross-site-scripting) qui pourraient survenir si quelqu'un amenait Element à charger et à afficher un contenu généré par un utilisateur malveillant à partir d'une API Matrix qui a ensuite rendu l'accès de confiance à Element (ou à d'autres applications) dû partager le même domaine. + +Nous avons mis en place des mesures d'atténuation grossières pour essayer de nous protéger contre ce situation, mais ce n'est toujours pas une bonne pratique de le faire en premier lieu. Voir https://github.com/vector-im/riot-web/issues/1977 pour plus de détails. diff --git a/manifest.json b/manifest.json deleted file mode 100644 index 0f2baf3..0000000 --- a/manifest.json +++ /dev/null @@ -1,63 +0,0 @@ -{ - "name": "Element", - "id": "element", - "packaging_format": 1, - "description": { - "en": "Web client for Matrix", - "fr": "Client web pour Matrix" - }, - "version": "1.11.20~ynh1", - "url": "https://element.io", - "upstream": { - "license": "Apache-2.0", - "website": "https://element.io", - "demo": "https://app.element.io/", - "admindoc": "https://element.io/help", - "code": "https://github.com/vector-im/element-web/" - }, - "license": "Apache-2.0", - "maintainer": { - "name": "Josué Tille", - "email": "josue@tille.ch" - }, - "requirements": { - "yunohost": ">= 11.0.9" - }, - "multi_instance": true, - "services": [ - "nginx" - ], - "arguments": { - "install" : [ - { - "name": "domain", - "type": "domain" - }, - { - "name": "path", - "type": "path", - "example": "/element", - "default": "/element" - }, - { - "name": "default_home_server", - "type": "string", - "ask": { - "en": "Choose a default home server", - "fr": "Choisissez un serveur par défault" - }, - "example": "my-own-homeserver.tld", - "default": "matrix.org" - }, - { - "name": "is_public", - "type": "boolean", - "help": { - "en": "A public application means that anyone can access it. Note that this application provides just files (html, javascript, images, etc.)", - "fr": "Une application publique signifie que n'importe qui peut y accéder. Notez que cette application ne fournit que des fichiers (html, javascript, images, etc.)" - }, - "default": false - } - ] - } -} diff --git a/manifest.toml b/manifest.toml new file mode 100644 index 0000000..bd6c198 --- /dev/null +++ b/manifest.toml @@ -0,0 +1,65 @@ +packaging_format = 2 + +id = "element" +name = "Element" +description.en = "Web client for Matrix" +description.fr = "Client web pour Matrix" + +version = "1.11.25~ynh1" + +maintainers = ["Josué Tille"] + +[upstream] +license = "Apache-2.0" +website = "https://element.io" +demo = "https://app.element.io/" +admindoc = "https://element.io/help" +code = "https://github.com/vector-im/element-web/" +cpe = "cpe:2.3:a:matrix:element" + +[integration] +yunohost = ">= 11.1.15" +architectures = "all" +multi_instance = true +ldap = false +sso = false +disk = "50M" +ram.build = "50M" +ram.runtime = "50M" + +[install] + [install.domain] + type = "domain" + + [install.path] + type = "path" + default = "/element" + + [install.default_home_server] + ask.en = "Choose a default Matrix server" + ask.fr = "Choisissez un serveur Matrix par défault" + type = "string" + example = "my-own-homeserver.tld" + default = "matrix.org" + + [install.init_main_permission] + help.en = "'visitors' permission means that anyone can access the Matrix server." + help.fr = "Autoriser les 'Visiteurs' signifie que n'importe qui peut accéder au server Matrix." + type = "group" + default = "visitors" + +[resources] + + + [resources.sources] + + [resources.sources.main] + url = "https://github.com/vector-im/element-web/releases/download/v1.11.25/element-v1.11.25.tar.gz" + sha256 = "974877e5d8dc3f8919cd5101fc6f36fcd2145628bb917b48a6863213cee30ba6" + + [resources.system_user] + + [resources.install_dir] + + [resources.permissions] + main.url = "/" diff --git a/scripts/backup b/scripts/backup index 6201eec..52eea5b 100644 --- a/scripts/backup +++ b/scripts/backup @@ -10,23 +10,6 @@ source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= - -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# LOAD SETTINGS -#================================================= -ynh_print_info --message="Loading installation settings..." - -app=$YNH_APP_INSTANCE_NAME - -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -domain=$(ynh_app_setting_get --app=$app --key=domain) - #================================================= # DECLARE DATA AND CONF FILES TO BACKUP #================================================= @@ -36,7 +19,7 @@ ynh_print_info --message="Declaring files to be backed up..." # BACKUP THE APP MAIN DIR #================================================= -ynh_backup --src_path="$final_path" +ynh_backup --src_path="$install_dir" #================================================= # BACKUP THE NGINX CONFIGURATION diff --git a/scripts/change_url b/scripts/change_url index 4d5a344..ab2d658 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -6,96 +6,14 @@ # IMPORT GENERIC HELPERS #================================================= -source _common.sh source /usr/share/yunohost/helpers -#================================================= -# RETRIEVE ARGUMENTS -#================================================= - -old_domain=$YNH_APP_OLD_DOMAIN -old_path=$YNH_APP_OLD_PATH - -new_domain=$YNH_APP_NEW_DOMAIN -new_path=$YNH_APP_NEW_PATH - -app=$YNH_APP_INSTANCE_NAME - -#================================================= -# LOAD SETTINGS -#================================================= -ynh_script_progression --message="Loading installation settings..." --weight=1 - -# Needed for helper "ynh_add_nginx_config" -final_path=$(ynh_app_setting_get --app=$app --key=final_path) - -#================================================= -# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP -#================================================= -ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=1 - -# Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { - # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location. - ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" - - # Restore it if the upgrade fails - ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# CHECK WHICH PARTS SHOULD BE CHANGED -#================================================= - -change_domain=0 -if [ "$old_domain" != "$new_domain" ] -then - change_domain=1 -fi - -change_path=0 -if [ "$old_path" != "$new_path" ] -then - change_path=1 -fi - #================================================= # MODIFY URL IN NGINX CONF #================================================= ynh_script_progression --message="Updating NGINX web server configuration..." --weight=1 -nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf - -# Change the path in the NGINX config file -if [ $change_path -eq 1 ] -then - # Make a backup of the original NGINX config file if modified - ynh_backup_if_checksum_is_different --file="$nginx_conf_path" - # Set global variables for NGINX helper - domain="$old_domain" - path_url="$new_path" - # Create a dedicated NGINX config - ynh_add_nginx_config -fi - -# Change the domain for NGINX -if [ $change_domain -eq 1 ] -then - # Delete file checksum for the old conf file location - ynh_delete_file_checksum --file="$nginx_conf_path" - mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf - # Store file checksum for the new config file location - ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" -fi -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." --weight=1 - -ynh_systemd_action --service_name=nginx --action=reload +ynh_change_url_nginx_config #================================================= # END OF SCRIPT diff --git a/scripts/install b/scripts/install index f0f8dc9..9edc574 100644 --- a/scripts/install +++ b/scripts/install @@ -9,69 +9,25 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= - -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - #================================================= # RETRIEVE ARGUMENTS FROM THE MANIFEST #================================================= -# Retrieve arguments -domain=$YNH_APP_ARG_DOMAIN -path_url=$YNH_APP_ARG_PATH -is_public=$YNH_APP_ARG_IS_PUBLIC -default_home_server=$YNH_APP_ARG_DEFAULT_HOME_SERVER - -app=$YNH_APP_INSTANCE_NAME - login_for_welcome=true - -#================================================= -# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS -#================================================= -ynh_script_progression --message="Validating installation parameters..." --weight=1 - -final_path=/var/www/$app -test ! -e "$final_path" || ynh_die --message="This path already contains a folder" - -# Register (book) web path -ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url - -#================================================= -# STORE SETTINGS FROM MANIFEST -#================================================= -ynh_script_progression --message="Storing installation settings..." --weight=1 - -ynh_app_setting_set --app=$app --key=domain --value=$domain -ynh_app_setting_set --app=$app --key=path --value=$path_url -ynh_app_setting_set --app=$app --key=default_home_server --value=$default_home_server ynh_app_setting_set --app=$app --key=login_for_welcome --value=$login_for_welcome -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." --weight=1 - -# Create a system user -ynh_system_user_create --username=$app --home_dir="$final_path" - #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= ynh_script_progression --message="Setting up source files..." --weight=4 -ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src -ynh_setup_source --dest_dir="$final_path" +ynh_setup_source --dest_dir="$install_dir" #================================================= -# NGINX CONFIGURATION +# SYSTEM CONFIGURATION #================================================= -ynh_script_progression --message="Configuring NGINX web server..." --weight=1 +ynh_script_progression --message="Adding system configurations related to $app..." --weight=1 # Create a dedicated NGINX config ynh_add_nginx_config @@ -81,28 +37,10 @@ ynh_add_nginx_config #================================================= ynh_script_progression --message="Adding a configuration file..." --weight=1 -ynh_add_config --template="../conf/config.json" --destination="$final_path/config.json" +ynh_add_config --template="../conf/config.json" --destination="$install_dir/config.json" -chmod -R o-rwx "$final_path" -chown -R $app:www-data "$final_path" - -#================================================= -# SETUP SSOWAT -#================================================= -ynh_script_progression --message="Configuring permissions..." --weight=1 - -# Make app public if necessary -if [ $is_public -eq 1 ] -then - ynh_permission_update --permission="main" --add="visitors" -fi - -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." --weight=1 - -ynh_systemd_action --service_name=nginx --action=reload +chmod -R o-rwx "$install_dir" +chown -R $app:www-data "$install_dir" #================================================= # END OF SCRIPT diff --git a/scripts/remove b/scripts/remove index e2bc3c1..b41853e 100755 --- a/scripts/remove +++ b/scripts/remove @@ -10,41 +10,13 @@ source _common.sh source /usr/share/yunohost/helpers #================================================= -# LOAD SETTINGS +# REMOVE SYSTEM CONFIGURATIONS #================================================= -ynh_script_progression --message="Loading installation settings..." --weight=1 - -app=$YNH_APP_INSTANCE_NAME - -domain=$(ynh_app_setting_get --app=$app --key=domain) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) - -#================================================= -# REMOVE APP MAIN DIR -#================================================= -ynh_script_progression --message="Removing app main directory..." --weight=1 - -# Remove the app directory securely -ynh_secure_remove --file="$final_path" - -#================================================= -# REMOVE NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Removing NGINX web server configuration..." --weight=1 +ynh_script_progression --message="Removing system configurations related to $app..." --weight=1 # Remove the dedicated NGINX config ynh_remove_nginx_config -#================================================= -# GENERIC FINALIZATION -#================================================= -# REMOVE DEDICATED USER -#================================================= -ynh_script_progression --message="Removing the dedicated system user..." --weight=1 - -# Delete a system user -ynh_system_user_delete --username=$app - #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/restore b/scripts/restore index 0958a88..299eaca 100644 --- a/scripts/restore +++ b/scripts/restore @@ -10,64 +10,28 @@ source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= - -# Stop script if errors -ynh_abort_if_errors - -#================================================= -# LOAD SETTINGS -#================================================= -ynh_script_progression --message="Loading installation settings..." --weight=1 - -app=$YNH_APP_INSTANCE_NAME - -domain=$(ynh_app_setting_get --app=$app --key=domain) -path_url=$(ynh_app_setting_get --app=$app --key=path) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) - -#================================================= -# CHECK IF THE APP CAN BE RESTORED -#================================================= -ynh_script_progression --message="Validating restoration parameters..." --weight=1 - -test ! -d $final_path || ynh_die --message="There is already a directory: $final_path " - -#================================================= -# STANDARD RESTORATION STEPS -#================================================= -# RESTORE THE NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Restoring the NGINX configuration..." --weight=1 - -ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" - -#================================================= -# RECREATE THE DEDICATED USER -#================================================= -ynh_script_progression --message="Recreating the dedicated system user..." --weight=1 - -# Create the dedicated user (if not existing) -ynh_system_user_create --username=$app --home_dir="$final_path" - #================================================= # RESTORE THE APP MAIN DIR #================================================= ynh_script_progression --message="Restoring the app main directory..." --weight=1 -ynh_restore_file --origin_path="$final_path" +ynh_restore_file --origin_path="$install_dir" -chmod -R o-rwx "$final_path" -chown -R $app:www-data "$final_path" +chown -R $app:www-data "$install_dir" + +#================================================= +# RESTORE SYSTEM CONFIGURATIONS +#================================================= +ynh_script_progression --message="Restoring system configurations related to $app..." --weight=1 + +ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= # GENERIC FINALIZATION #================================================= -# RELOAD NGINX AND PHP-FPM +# RELOAD NGINX AND PHP-FPM OR THE APP SERVICE #================================================= -ynh_script_progression --message="Reloading NGINX web server..." --weight=1 +ynh_script_progression --message="Reloading NGINX web server and $app's service..." --weight=1 ynh_systemd_action --service_name=nginx --action=reload diff --git a/scripts/upgrade b/scripts/upgrade index c259066..3583ab8 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -9,71 +9,28 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# LOAD SETTINGS -#================================================= -ynh_script_progression --message="Loading installation settings..." --weight=1 - -app=$YNH_APP_INSTANCE_NAME - -domain=$(ynh_app_setting_get --app=$app --key=domain) -path_url=$(ynh_app_setting_get --app=$app --key=path) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -default_home_server=$(ynh_app_setting_get --app=$app --key=default_home_server) - -login_for_welcome=$(ynh_app_setting_get --app=$app --key=login_for_welcome) - #================================================= # CHECK VERSION #================================================= upgrade_type=$(ynh_check_app_version_changed) -#================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP -#================================================= -ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=1 - -# Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { - # Restore it if the upgrade fails - ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= ynh_script_progression --message="Ensuring downward compatibility..." --weight=1 # If default_home_server doesn't exist, create it -if [ -z "$default_home_server" ]; then +if [ -z "${default_home_server:-}" ]; then default_home_server="matrix.org" ynh_app_setting_set --app=$app --key=default_home_server --value=$default_home_server fi -if [ -z "$login_for_welcome" ]; then +if [ -z "${login_for_welcome:-}" ]; then login_for_welcome=true ynh_app_setting_set --app=$app --key=login_for_welcome --value=$login_for_welcome fi -# Cleaning legacy permissions -if ynh_legacy_permissions_exists; then - ynh_legacy_permissions_delete_all - - ynh_app_setting_delete --app=$app --key=is_public -fi - -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 - -# Create a dedicated user (if not existing) -ynh_system_user_create --username=$app --home_dir="$final_path" - #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -83,34 +40,30 @@ then ynh_script_progression --message="Upgrading source files..." --weight=1 # Download, check integrity, uncompress and patch the source from app.src - ynh_setup_source --dest_dir="$final_path" + ynh_setup_source --dest_dir="$install_dir" --keep="config.json" fi +chmod -R o-rwx "$install_dir" +chown -R $app:www-data "$install_dir" + #================================================= # ADD A CONFIGURATION #================================================= -ynh_script_progression --message="Adding a configuration file..." --weight=1 +#ynh_script_progression --message="Adding a configuration file..." --weight=1 -ynh_add_config --template="../conf/config.json" --destination="$final_path/config.json" +#ynh_add_config --template="../conf/config.json" --destination="$install_dir/config.json" -chmod -R o-rwx "$final_path" -chown -R $app:www-data "$final_path" +#chmod -R o-rwx "$install_dir" +#chown -R $app:www-data "$install_dir" #================================================= -# NGINX CONFIGURATION +# REAPPLY SYSTEM CONFIGURATIONS #================================================= -ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=1 +ynh_script_progression --message="Upgrading system configurations related to $app..." --weight=1 # Create a dedicated NGINX config ynh_add_nginx_config -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." --weight=1 - -ynh_systemd_action --service_name=nginx --action=reload - #================================================= # END OF SCRIPT #================================================= diff --git a/tests.toml b/tests.toml new file mode 100644 index 0000000..1d33b64 --- /dev/null +++ b/tests.toml @@ -0,0 +1,16 @@ +test_format = 1.0 + +[default] + + # ------------------------------- + # Default args to use for install + # ------------------------------- + + args.default_home_server = "matrix.org" + + # ------------------------------- + # Commits to test upgrade from + # ------------------------------- + + test_upgrade_from.4e764b96.name = "Upgrade from 1.11.22" + test_upgrade_from.4e764b96.args.is_public = true