diff --git a/README.md b/README.md index a22ec86..a0ac869 100644 --- a/README.md +++ b/README.md @@ -1,61 +1,46 @@ + +# epicyon for YunoHost -# Epicyon app for YunoHost +[![Integration level](https://dash.yunohost.org/integration/epicyon.svg)](https://dash.yunohost.org/appci/app/epicyon) ![](https://ci-apps.yunohost.org/ci/badges/epicyon.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/epicyon.maintain.svg) +[![Install epicyon with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=epicyon) -[![Integration level](https://dash.yunohost.org/integration/epicyon.svg)](https://dash.yunohost.org/appci/app/epicyon) ![](https://ci-apps.yunohost.org/ci/badges/epicyon.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/epicyon.maintain.svg) +*[Lire ce readme en français.](./README_fr.md)* -[![Install Epicyon with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=epicyon) - -> *This package allows you to install Epicyon quickly and simply on a YunoHost server. +> *This package allows you to install epicyon quickly and simply on a YunoHost server. If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/install) to learn how to install it.* ## Overview -ActivityPub server implementing S2S and C2S protocols, suitable for single board computers. Includes features such as moderation tools, post expiry, content warnings, and image descriptions -**Shipped version:** 01.03.2021 +Federated social network server + +**Shipped version:** 1.03.2021~ynh2 + + ## Screenshots -![](https://user-content.gitlab-static.net/930ea132a7a3a86dbc20782644a54e80a646d5f3/68747470733a2f2f65706963796f6e2e6e65742f696d672f73637265656e73686f745f6c696768742e6a7067) +![](./doc/screenshots/screenshot_starlight.jpg) -![](https://user-content.gitlab-static.net/3e7464f70018b45c4664ec28a98f3b39ea2258f8/68747470733a2f2f65706963796f6e2e6e65742f696d672f73637265656e73686f745f737461726c696768742e6a7067) +## Documentation and resources -![](https://user-content.gitlab-static.net/3a2f50083b88e221883ae2d70ddf86a4d79ef466/68747470733a2f2f65706963796f6e2e6e65742f696d672f73637265656e73686f745f6c6f67696e2e6a7067) - - -## YunoHost specific features - -#### Multi-user support - -Are LDAP and HTTP auth supported? NO -Can the app be used by multiple users? Yes - -#### Supported architectures - -* x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/epicyon%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/epicyon/) -* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/epicyon%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/epicyon/) - - -**More info on the documentation page:** -https://yunohost.org/packaging_apps - -## Links - - * Report a bug: https://github.com/YunoHost-Apps/epicyon/issues - * App website: https://epicyon.net/ - * Upstream app repository: https://gitlab.com/bashrc2/epicyon/ - * YunoHost website: https://yunohost.org/ - ---- +* Official app website: https://epicyon.net +* Upstream app code repository: hhttps://gitlab.com/bashrc2/epicyon/ +* YunoHost documentation for this app: https://yunohost.org/app_epicyon +* Report a bug: https://github.com/YunoHost-Apps/epicyon_ynh/issues ## Developer info -**Only if you want to use a testing branch for coding, instead of merging directly into master.** -Please send your pull request to the [testing branch](https://github.com/YunoHost-Apps/epicyon/tree/testing). +Please send your pull request to the [testing branch](https://github.com/YunoHost-Apps/epicyon_ynh/tree/testing). To try the testing branch, please proceed like that. ``` -sudo yunohost app install https://github.com/YunoHost-Apps/epicyon/tree/testing --debug +sudo yunohost app install https://github.com/YunoHost-Apps/epicyon_ynh/tree/testing --debug or -sudo yunohost app upgrade epicyon -u https://github.com/YunoHost-Apps/epicyon/tree/testing --debug +sudo yunohost app upgrade epicyon -u https://github.com/YunoHost-Apps/epicyon_ynh/tree/testing --debug ``` + +**More info regarding app packaging:** https://yunohost.org/packaging_apps \ No newline at end of file diff --git a/README_fr.md b/README_fr.md new file mode 100644 index 0000000..4b55446 --- /dev/null +++ b/README_fr.md @@ -0,0 +1,42 @@ +# epicyon pour YunoHost + +[![Niveau d'intégration](https://dash.yunohost.org/integration/epicyon.svg)](https://dash.yunohost.org/appci/app/epicyon) ![](https://ci-apps.yunohost.org/ci/badges/epicyon.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/epicyon.maintain.svg) +[![Installer epicyon avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=epicyon) + +*[Read this readme in english.](./README.md)* +*[Lire ce readme en français.](./README_fr.md)* + +> *Ce package vous permet d'installer epicyon rapidement et simplement sur un serveur YunoHost. +Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.* + +## Vue d'ensemble + +Serveur de réseau social fédéré + +**Version incluse :** 1.03.2021~ynh2 + + + +## Captures d'écran + +![](./doc/screenshots/screenshot_starlight.jpg) + +## Documentations et ressources + +* Site officiel de l'app : https://epicyon.net +* Dépôt de code officiel de l'app : hhttps://gitlab.com/bashrc2/epicyon/ +* Documentation YunoHost pour cette app : https://yunohost.org/app_epicyon +* Signaler un bug : https://github.com/YunoHost-Apps/epicyon_ynh/issues + +## Informations pour les développeurs + +Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/epicyon_ynh/tree/testing). + +Pour essayer la branche testing, procédez comme suit. +``` +sudo yunohost app install https://github.com/YunoHost-Apps/epicyon_ynh/tree/testing --debug +ou +sudo yunohost app upgrade epicyon -u https://github.com/YunoHost-Apps/epicyon_ynh/tree/testing --debug +``` + +**Plus d'infos sur le packaging d'applications :** https://yunohost.org/packaging_apps \ No newline at end of file diff --git a/check_process b/check_process index b4b9c4d..fc9c03d 100644 --- a/check_process +++ b/check_process @@ -1,13 +1,8 @@ -# See here for more information -# https://github.com/YunoHost/package_check#syntax-check_process-file - -# Move this file from check_process.default to check_process when you have filled it. - ;; Test complet ; Manifest - domain="domain.tld" (DOMAIN) - admin="john" (USER) - password="pass" + domain="domain.tld" + admin="john" + password="password" ; Checks pkg_linter=1 setup_sub_dir=0 diff --git a/conf/nginx.conf b/conf/nginx.conf index 000a937..0d1fe19 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,51 +1,56 @@ #sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; location __PATH__/ { -# Force usage of https -if ($scheme = http) { - rewrite ^ https://$server_name$request_uri? permanent; -} -proxy_http_version 1.1; -client_max_body_size 31M; -proxy_set_header Upgrade $http_upgrade; -proxy_set_header Connection "upgrade"; -proxy_set_header Host $http_host; -proxy_set_header X-Real-IP $remote_addr; -proxy_set_header X-Forward-For $proxy_add_x_forwarded_for; -proxy_set_header X-Forward-Proto http; -proxy_set_header X-Nginx-Proxy true; -expires epoch; -proxy_no_cache 1; -proxy_temp_file_write_size 64k; -proxy_connect_timeout 10080s; -proxy_send_timeout 10080; -proxy_read_timeout 10080; -proxy_buffer_size 64k; -proxy_buffers 16 32k; -proxy_busy_buffers_size 64k; -proxy_redirect off; -proxy_request_buffering on; -proxy_buffering on; -#proxy_cache my_cache; -#proxy_cache_use_stale error timeout http_500 http_502 http_503 http_504; + # Force usage of https + if ($scheme = http) { + rewrite ^ https://$server_name$request_uri? permanent; + } + + proxy_pass http://localhost:__PORT__; + proxy_http_version 1.1; + client_max_body_size 31M; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forward-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forward-Proto http; + proxy_set_header X-Nginx-Proxy true; + expires epoch; + proxy_no_cache 1; + proxy_temp_file_write_size 64k; + proxy_connect_timeout 10080s; + proxy_send_timeout 10080; + proxy_read_timeout 10080; + proxy_buffer_size 64k; + proxy_buffers 16 32k; + proxy_busy_buffers_size 64k; + proxy_redirect off; + proxy_request_buffering on; + proxy_buffering on; + #proxy_cache my_cache; + #proxy_cache_use_stale error timeout http_500 http_502 http_503 http_504; + location ~ ^/(icons|images|media|emoji)/(.*)/(.*).(png|jpg|gif|webp|mp3|ogv|ogg|mp4) { -expires 7d; -proxy_pass http://localhost:__PORT__; -} + expires 7d; + proxy_pass http://localhost:__PORT__; + } + location ~ ^/icons/(.*)/(like|repeat|calendar)(.*).(png|jpg|gif|webp|mp3|ogv|ogg|mp4) { -expires epoch; -proxy_no_cache 1; -proxy_pass http://localhost:__PORT__; -} + expires epoch; + proxy_no_cache 1; + proxy_pass http://localhost:__PORT__; + } + location ~ ^/icons/(like|repeat|calendar)(.*).(png|jpg|gif|webp|mp3|ogv|ogg|mp4) { -expires epoch; -proxy_no_cache 1; -proxy_pass http://localhost:__PORT__; -} + expires epoch; + proxy_no_cache 1; + proxy_pass http://localhost:__PORT__; + } + location ~ ^/users/(.*)/(image|banner).(png|jpg|gif|webp|mp3|ogv|ogg|mp4) { -expires epoch; -proxy_no_cache 1; -proxy_pass http://localhost:__PORT__; -} -proxy_pass http://localhost:__PORT__; + expires epoch; + proxy_no_cache 1; + proxy_pass http://localhost:__PORT__; + } } diff --git a/conf/systemd.service b/conf/systemd.service index 64056ab..c21d97c 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -1,3 +1,7 @@ +[Unit] +Description=Epicyon: Federated social network server +After=network.target + [Service] Type=simple User=__APP__ @@ -11,4 +15,4 @@ StandardError=/var/log/__APP__/__APP__.log CPUQuota=80% [Install] -WantedBy=multi-user.target \ No newline at end of file +WantedBy=multi-user.target diff --git a/doc/DISCLAIMER.md b/doc/DISCLAIMER.md new file mode 100644 index 0000000..e69de29 diff --git a/doc/DISCLAIMER_fr.md b/doc/DISCLAIMER_fr.md new file mode 100644 index 0000000..e69de29 diff --git a/doc/screenshots/screenshot_starlight.jpg b/doc/screenshots/screenshot_starlight.jpg new file mode 100644 index 0000000..52cfd6e Binary files /dev/null and b/doc/screenshots/screenshot_starlight.jpg differ diff --git a/install b/install deleted file mode 100755 index 54d43ad..0000000 --- a/install +++ /dev/null @@ -1,341 +0,0 @@ -#!/bin/bash - -#================================================= -# GENERIC START -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - -source _common.sh -source /usr/share/yunohost/helpers - -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= - -ynh_clean_setup () { - ### Remove this function if there's nothing to clean before calling the remove script. - true -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# RETRIEVE ARGUMENTS FROM THE MANIFEST -#================================================= - -domain=$YNH_APP_ARG_DOMAIN -path_url=$YNH_APP_ARG_PATH -admin=$YNH_APP_ARG_ADMIN -is_public=$YNH_APP_ARG_IS_PUBLIC -language=$YNH_APP_ARG_LANGUAGE -password=$YNH_APP_ARG_PASSWORD - -### If it's a multi-instance app, meaning it can be installed several times independently -### The id of the app as stated in the manifest is available as $YNH_APP_ID -### The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2"...) -### The app instance name is available as $YNH_APP_INSTANCE_NAME -### - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample -### - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2 -### - ynhexample__{N} for the subsequent installations, with N=3,4... -### The app instance name is probably what interests you most, since this is -### guaranteed to be unique. This is a good unique identifier to define installation path, -### db names... -app=$YNH_APP_INSTANCE_NAME - -#================================================= -# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS -#================================================= -### About --weight and --time -### ynh_script_progression will show to your final users the progression of each scripts. -### In order to do that, --weight will represent the relative time of execution compared to the other steps in the script. -### --time is a packager option, it will show you the execution time since the previous call. -### This option should be removed before releasing your app. -### Use the execution time, given by --time, to estimate the weight of a step. -### A common way to do it is to set a weight equal to the execution time in second +1. -### The execution time is given for the duration since the previous call. So the weight should be applied to this previous call. -ynh_script_progression --message="Validating installation parameters..." --time --weight=1 - -### If the app uses NGINX as web server (written in HTML/PHP in most cases), the final path should be "/var/www/$app". -### If the app provides an internal web server (or uses another application server such as uWSGI), the final path should be "/opt/yunohost/$app" -final_path=/var/www/$app -test ! -e "$final_path" || ynh_die --message="This path already contains a folder" - -# Register (book) web path -ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url - -#================================================= -# STORE SETTINGS FROM MANIFEST -#================================================= -ynh_script_progression --message="Storing installation settings..." --weight=1 - -ynh_app_setting_set --app=$app --key=domain --value=$domain -ynh_app_setting_set --app=$app --key=path --value=$path_url -ynh_app_setting_set --app=$app --key=admin --value=$admin -ynh_app_setting_set --app=$app --key=language --value=$language - -#================================================= -# STANDARD MODIFICATIONS -#================================================= -# FIND AND OPEN A PORT -#================================================= -ynh_script_progression --message="Finding an available port..." --weight=1 - -### Use these lines if you have to open a port for the application -### `ynh_find_port` will find the first available port starting from the given port. -### If you're not using these lines: -### - Remove the section "CLOSE A PORT" in the remove script - -# Find an available port -port=$(ynh_find_port --port=7156) -ynh_app_setting_set --app=$app --key=port --value=$port - -#================================================= -# INSTALL DEPENDENCIES -#================================================= -ynh_script_progression --message="Installing dependencies..." --weight=1 - -ynh_install_app_dependencies $pkg_dependencies - -#================================================= -# DOWNLOAD, CHECK AND UNPACK SOURCE -#================================================= -ynh_script_progression --message="Setting up source files..." --time --weight=1 - -### `ynh_setup_source` is used to install an app from a zip or tar.gz file, -### downloaded from an upstream source, like a git repository. -### `ynh_setup_source` use the file conf/app.src - -ynh_app_setting_set --app=$app --key=final_path --value=$final_path -# Download, check integrity, uncompress and patch the source from app.src -ynh_setup_source --dest_dir="$final_path" - -#================================================= -# NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Configuring NGINX web server..." --time --weight=1 - -### `ynh_add_nginx_config` will use the file conf/nginx.conf - -# Create a dedicated NGINX config -ynh_add_nginx_config - -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." --time --weight=1 - -# Create a system user -ynh_system_user_create --username=$app - -#================================================= -# PHP-FPM CONFIGURATION -#================================================= -ynh_script_progression --message="Configuring PHP-FPM..." --time --weight=1 - -### `ynh_add_fpm_config` is used to set up a PHP config. -### You can remove it if your app doesn't use PHP. -### `ynh_add_fpm_config` will use the files conf/php-fpm.conf -### If you're not using these lines: -### - You can remove these files in conf/. -### - Remove the section "BACKUP THE PHP-FPM CONFIGURATION" in the backup script -### - Remove also the section "REMOVE PHP-FPM CONFIGURATION" in the remove script -### - As well as the section "RESTORE THE PHP-FPM CONFIGURATION" in the restore script -### with the reload at the end of the script. -### - And the section "PHP-FPM CONFIGURATION" in the upgrade script - -# Create a dedicated PHP-FPM config -ynh_add_fpm_config - -#================================================= -# SPECIFIC SETUP -#================================================= -# ... -#================================================= - -#================================================= -# SETUP SYSTEMD -#================================================= -ynh_script_progression --message="Configuring a systemd service..." --time --weight=1 - -### `ynh_systemd_config` is used to configure a systemd script for an app. -### It can be used for apps that use sysvinit (with adaptation) or systemd. -### Have a look at the app to be sure this app needs a systemd script. -### `ynh_systemd_config` will use the file conf/systemd.service -### If you're not using these lines: -### - You can remove those files in conf/. -### - Remove the section "BACKUP SYSTEMD" in the backup script -### - Remove also the section "STOP AND REMOVE SERVICE" in the remove script -### - As well as the section "RESTORE SYSTEMD" in the restore script -### - And the section "SETUP SYSTEMD" in the upgrade script - -# Create a dedicated systemd config -ynh_add_systemd_config - -#================================================= -# SETUP APPLICATION WITH CURL -#================================================= - -### Use these lines only if the app installation needs to be finalized through -### web forms. We generally don't want to ask the final user, -### so we're going to use curl to automatically fill the fields and submit the -### forms. - -# Set right permissions for curl install -chown -R $app: $final_path - -# Set the app as temporarily public for curl call -ynh_script_progression --message="Configuring SSOwat..." --time --weight=1 -# Making the app public for curl -ynh_permission_update --permission="main" --add="visitors" -# Reload SSOwat config -yunohost app ssowatconf - -# Reload NGINX -ynh_systemd_action --service_name=nginx --action=reload - -# Installation with curl -ynh_script_progression --message="Finalizing installation..." --time --weight=1 -ynh_local_curl "/INSTALL_PATH" "key1=value1" "key2=value2" "key3=value3" - -# Remove the public access -ynh_permission_update --permission="main" --remove="visitors" - -#================================================= -# MODIFY A CONFIG FILE -#================================================= - -### `ynh_replace_string` is used to replace a string in a file. -### (It's compatible with sed regular expressions syntax) - -ynh_replace_string --match_string="match_string" --replace_string="replace_string" --target_file="$final_path/CONFIG_FILE" - -#================================================= -# STORE THE CONFIG FILE CHECKSUM -#================================================= - -### `ynh_store_file_checksum` is used to store the checksum of a file. -### That way, during the upgrade script, by using `ynh_backup_if_checksum_is_different`, -### you can make a backup of this file before modifying it again if the admin had modified it. - -# Calculate and store the config file checksum into the app settings -ynh_store_file_checksum --file="$final_path/CONFIG_FILE" - -#================================================= -# GENERIC FINALIZATION -#================================================= -# SECURE FILES AND DIRECTORIES -#================================================= - -### For security reason, any app should set the permissions to root: before anything else. -### Then, if write authorization is needed, any access should be given only to directories -### that really need such authorization. - -# Set permissions to app files -chown -R root: $final_path - -#================================================= -# SETUP LOGROTATE -#================================================= -ynh_script_progression --message="Configuring log rotation..." --time --weight=1 - -### `ynh_use_logrotate` is used to configure a logrotate configuration for the logs of this app. -### Use this helper only if there is effectively a log file for this app. -### If you're not using this helper: -### - Remove the section "BACKUP LOGROTATE" in the backup script -### - Remove also the section "REMOVE LOGROTATE CONFIGURATION" in the remove script -### - As well as the section "RESTORE THE LOGROTATE CONFIGURATION" in the restore script -### - And the section "SETUP LOGROTATE" in the upgrade script - -# Use logrotate to manage application logfile(s) -ynh_use_logrotate - -#================================================= -# INTEGRATE SERVICE IN YUNOHOST -#================================================= -ynh_script_progression --message="Integrating service in YunoHost..." --time --weight=1 - -### `yunohost service add` integrates a service in YunoHost. It then gets -### displayed in the admin interface and through the others `yunohost service` commands. -### (N.B.: this line only makes sense if the app adds a service to the system!) -### If you're not using these lines: -### - You can remove these files in conf/. -### - Remove the section "REMOVE SERVICE INTEGRATION IN YUNOHOST" in the remove script -### - As well as the section "INTEGRATE SERVICE IN YUNOHOST" in the restore script -### - And the section "INTEGRATE SERVICE IN YUNOHOST" in the upgrade script - -yunohost service add $app --description="A short description of the app" --log="/var/log/$app/$app.log" - -### Additional options starting with 3.8: -### -### --needs_exposed_ports "$port" a list of ports that needs to be publicly exposed -### which will then be checked by YunoHost's diagnosis system -### (N.B. DO NOT USE THIS is the port is only internal!!!) -### -### --test_status "some command" a custom command to check the status of the service -### (only relevant if 'systemctl status' doesn't do a good job) -### -### --test_conf "some command" some command similar to "nginx -t" that validates the conf of the service -### -### Re-calling 'yunohost service add' during the upgrade script is the right way -### to proceed if you later realize that you need to enable some flags that -### weren't enabled on old installs (be careful it'll override the existing -### service though so you should re-provide all relevant flags when doing so) - -#================================================= -# START SYSTEMD SERVICE -#================================================= -ynh_script_progression --message="Starting a systemd service..." --time --weight=1 - -### `ynh_systemd_action` is used to start a systemd service for an app. -### Only needed if you have configure a systemd service -### If you're not using these lines: -### - Remove the section "STOP SYSTEMD SERVICE" and "START SYSTEMD SERVICE" in the backup script -### - As well as the section "START SYSTEMD SERVICE" in the restore script -### - As well as the section"STOP SYSTEMD SERVICE" and "START SYSTEMD SERVICE" in the upgrade script -### - And the section "STOP SYSTEMD SERVICE" and "START SYSTEMD SERVICE" in the change_url script - -# Start a systemd service -ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" - -#================================================= -# SETUP FAIL2BAN -#================================================= -ynh_script_progression --message="Configuring Fail2Ban..." --time --weight=1 - -# Create a dedicated Fail2Ban config -ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login" - -#================================================= -# SETUP SSOWAT -#================================================= -ynh_script_progression --message="Configuring permissions..." --time --weight=1 - -# Make app public if necessary -if [ $is_public -eq 1 ] -then - # Everyone can access the app. - # The "main" permission is automatically created before the install script. - ynh_permission_update --permission="main" --add="visitors" -fi - -# Only the admin can access the admin panel of the app (if the app has an admin panel) -ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin - -# Everyone can access to the api part -# We don't want to display the tile in the sso so we put --show_tile="false" -# And we don't want that the YunoHost Admin can remove visitors group to this permission, so we put --protected="true" -ynh_permission_create --permission="api" --url "/api" --allowed="visitors" --show_tile="false" --protected="true" - -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." --time --weight=1 - -ynh_systemd_action --service_name=nginx --action=reload - -#================================================= -# END OF SCRIPT -#================================================= - -ynh_script_progression --message="Installation of $app completed" --time --last diff --git a/manifest.json b/manifest.json index d020319..902943a 100644 --- a/manifest.json +++ b/manifest.json @@ -3,16 +3,22 @@ "id": "epicyon", "packaging_format": 1, "description": { - "en": "ActivityPub server implementing S2S and C2S protocols" + "en": "Federated social network server", + "fr": "Serveur de réseau social fédéré" }, - "version": "1.03.2021~ynh1", + "version": "1.03.2021~ynh2", "url": "https://epicyon.net/", + "upstream": { + "license": "AGPL-1.0-or-later", + "website": "https://epicyon.net", + "code": "hhttps://gitlab.com/bashrc2/epicyon/" + }, "license": "AGPL-1.0-or-later", "maintainer": { "name": "Anmol Sharma" }, "requirements": { - "yunohost": ">= 4.1.3" + "yunohost": ">= 4.2.4" }, "multi_instance": true, "services": [ @@ -23,29 +29,17 @@ { "name": "domain", "type": "domain", - "ask": { - "en": "Choose a domain name for Epicyon", - "fr": "Choisissez un nom de domaine pour Epicyon" - }, "example": "example.com" }, { "name": "admin", "type": "user", - "ask": { - "en": "Choose an admin user", - "fr": "Choisissez l'administrateur" - }, "example": "johndoe" }, { "name": "password", "type": "password", - "ask": { - "en": "Set the administrator password", - "fr": "Définissez le mot de passe administrateur" - }, - "example": "epicyonH@$Str()/\/gP@$$\/\/()rd" + "example": "Choose a password" } ] } diff --git a/scripts/backup b/scripts/backup index 76bb040..b87ffa5 100755 --- a/scripts/backup +++ b/scripts/backup @@ -50,7 +50,6 @@ ynh_backup --src_path="$public_path" ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" - #================================================= # BACKUP SYSTEMD #================================================= diff --git a/scripts/change_url b/scripts/change_url new file mode 100644 index 0000000..f6bb280 --- /dev/null +++ b/scripts/change_url @@ -0,0 +1,128 @@ +#!/bin/bash + +#================================================= +# GENERIC STARTING +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +source _common.sh +source /usr/share/yunohost/helpers + +#================================================= +# RETRIEVE ARGUMENTS +#================================================= + +old_domain=$YNH_APP_OLD_DOMAIN +old_path=$YNH_APP_OLD_PATH + +new_domain=$YNH_APP_NEW_DOMAIN +new_path=$YNH_APP_NEW_PATH + +app=$YNH_APP_INSTANCE_NAME + +#================================================= +# LOAD SETTINGS +#================================================= +ynh_script_progression --message="Loading installation settings..." --weight=1 + +# Needed for helper "ynh_add_nginx_config" +final_path=$(ynh_app_setting_get --app=$app --key=final_path) + +# Add settings here as needed by your application +#db_name=$(ynh_app_setting_get --app=$app --key=db_name) +#db_user=$db_name +#db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd) + +#================================================= +# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP +#================================================= +ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=1 + +# Backup the current version of the app +ynh_backup_before_upgrade +ynh_clean_setup () { + # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location. + ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" + + # Restore it if the upgrade fails + ynh_restore_upgradebackup +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + +#================================================= +# CHECK WHICH PARTS SHOULD BE CHANGED +#================================================= + +change_domain=0 +if [ "$old_domain" != "$new_domain" ] +then + change_domain=1 +fi + +change_path=0 +if [ "$old_path" != "$new_path" ] +then + change_path=1 +fi + +#================================================= +# STANDARD MODIFICATIONS +#================================================= +# STOP SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Stopping a systemd service..." --weight=1 + +ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log" + +#================================================= +# MODIFY URL IN NGINX CONF +#================================================= +ynh_script_progression --message="Updating NGINX web server configuration..." --weight=1 + +nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf + +# Change the path in the NGINX config file +if [ $change_path -eq 1 ] +then + # Make a backup of the original NGINX config file if modified + ynh_backup_if_checksum_is_different --file="$nginx_conf_path" + # Set global variables for NGINX helper + domain="$old_domain" + path_url="$new_path" + # Create a dedicated NGINX config + ynh_add_nginx_config +fi + +# Change the domain for NGINX +if [ $change_domain -eq 1 ] +then + # Delete file checksum for the old conf file location + ynh_delete_file_checksum --file="$nginx_conf_path" + mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf + # Store file checksum for the new config file location + ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" +fi + +#================================================= +# GENERIC FINALISATION +#================================================= +# START SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Starting a systemd service..." --weight=1 + +ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" + +#================================================= +# RELOAD NGINX +#================================================= +ynh_script_progression --message="Reloading NGINX web server..." --weight=1 + +ynh_systemd_action --service_name=nginx --action=reload + +#================================================= +# END OF SCRIPT +#================================================= + +ynh_script_progression --message="Change of URL completed for $app" --last diff --git a/scripts/install b/scripts/install index 46358fa..77c62cd 100755 --- a/scripts/install +++ b/scripts/install @@ -35,9 +35,7 @@ app=$YNH_APP_INSTANCE_NAME #================================================= # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS #================================================= - -ynh_script_progression --message="Validating installation parameters..." --weight=1 - +ynh_script_progression --message="Validating installation parameters..." --weight=1 final_path=/opt/yunohost/$app public_path=/var/www/$app @@ -50,7 +48,7 @@ ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url #================================================= # STORE SETTINGS FROM MANIFEST #================================================= -ynh_script_progression --message="Storing installation settings..." --weight=1 +ynh_script_progression --message="Storing installation settings..." --weight=1 ynh_app_setting_set --app=$app --key=domain --value=$domain ynh_app_setting_set --app=$app --key=path --value=$path_url @@ -61,7 +59,7 @@ ynh_app_setting_set --app=$app --key=admin --value=$admin #================================================= # FIND AND OPEN A PORT #================================================= -ynh_script_progression --message="Finding an available port..." --weight=1 +ynh_script_progression --message="Finding an available port..." --weight=1 # Find an available port port=$(ynh_find_port --port=7156) @@ -70,10 +68,18 @@ ynh_app_setting_set --app=$app --key=port --value=$port #================================================= # INSTALL DEPENDENCIES #================================================= -ynh_script_progression --message="Installing dependencies..." --weight=1 +ynh_script_progression --message="Installing dependencies..." --weight=1 ynh_install_app_dependencies $pkg_dependencies +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Configuring system user..." --weight=1 + +# Create a system user +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -81,12 +87,23 @@ ynh_script_progression --message="Setting up source files..." --weight=1 ynh_app_setting_set --app=$app --key=final_path --value=$final_path ynh_app_setting_set --app=$app --key=public_path --value=$public_path + # Clone repo, create public path and link accounts git clone https://gitlab.com/bashrc2/epicyon $final_path + mkdir $public_path mkdir -p $final_path/accounts/newsmirror ln -s $final_path/accounts/newsmirror $public_path/newsmirror + +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + +chmod 750 $public_path +chmod -R o-rwx $public_path +chown -R $app:www-data $public_path + #================================================= # NGINX CONFIGURATION #================================================= @@ -94,59 +111,40 @@ ynh_script_progression --message="Configuring NGINX web server..." --weight=1 ynh_add_nginx_config -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." --weight=1 - -# Create a system user -ynh_system_user_create --username=$app - #================================================= # SETUP SYSTEMD #================================================= ynh_script_progression --message="Configuring a systemd service..." --weight=1 -ynh_add_systemd_config --service="$app" --template="systemd.service" --others_var="port domain" +ynh_add_systemd_config #================================================= # INTEGRATE SERVICE IN YUNOHOST #================================================= -ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 +ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 -yunohost service add $app --description="ActivityPub compliant server " --log="/var/log/$app/$app.log" +yunohost service add $app --description="Federated social network server" --log="/var/log/$app/$app.log" #================================================= # START SYSTEMD SERVICE #================================================= -ynh_script_progression --message="Starting a systemd service..." --weight=1 +ynh_script_progression --message="Starting a systemd service..." --weight=1 # Start a systemd service ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" - #================================================= # SPECIFIC SETUP #================================================= +ynh_script_progression --message="Create admin user" --weight=1 # Create admin -ynh_script_progression --message="Create admin user" --weight=1 -python3 $final_path/epicyon.py --addaccount $admin --password $password --domain $domain - -#================================================= -# GENERIC FINALIZATION -#================================================= -# SECURE FILES AND DIRECTORIES -#================================================= - -# Set permissions to app files -chown -R $app: $final_path -chown -R $app: $public_path +python3 $final_path/epicyon.py --addaccount=$admin --password=$password --domain=$domain #================================================= # SETUP SSOWAT #================================================= -ynh_script_progression --message="Configuring permissions..." --weight=1 +ynh_script_progression --message="Configuring permissions..." --weight=1 ynh_permission_update --permission="main" --add="visitors" @@ -155,7 +153,7 @@ ynh_permission_url --permission="main" --auth_header="false" #================================================= # RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading NGINX web server..." --weight=1 +ynh_script_progression --message="Reloading NGINX web server..." --weight=1 ynh_systemd_action --service_name=nginx --action=reload diff --git a/scripts/remove b/scripts/remove index 1a7b89c..3c88041 100755 --- a/scripts/remove +++ b/scripts/remove @@ -67,21 +67,12 @@ ynh_script_progression --message="Removing NGINX web server configuration..." -- # Remove the dedicated NGINX config ynh_remove_nginx_config -#================================================= -# SPECIFIC REMOVE -#================================================= -# REMOVE VARIOUS FILES -#================================================= - -# Remove the log files -ynh_secure_remove --file="/var/log/$app/" - #================================================= # GENERIC FINALIZATION #================================================= # REMOVE DEDICATED USER #================================================= -ynh_script_progression --message="Removing the dedicated system user..." --weight=1 +ynh_script_progression --message="Removing the dedicated system user..." --weight=1 # Delete a system user ynh_system_user_delete --username=$app @@ -90,4 +81,4 @@ ynh_system_user_delete --username=$app # END OF SCRIPT #================================================= -ynh_script_progression --message="Removal of $app completed" --last +ynh_script_progression --message="Removal of $app completed" --last diff --git a/scripts/restore b/scripts/restore index 3493fec..89a5f5e 100755 --- a/scripts/restore +++ b/scripts/restore @@ -51,37 +51,39 @@ test ! -d $final_path \ ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" -#================================================= -# RESTORE THE APP MAIN DIR -#================================================= -ynh_script_progression --message="Restoring the app main directory..." --weight=1 - -ynh_restore_file --origin_path="$final_path" -ynh_restore_file --origin_path="$public_path" -ln -s $final_path/accounts/newsmirror $public_path/newsmirror - #================================================= # RECREATE THE DEDICATED USER #================================================= -ynh_script_progression --message="Recreating the dedicated system user..." --weight=1 +ynh_script_progression --message="Recreating the dedicated system user..." --weight=1 # Create the dedicated user (if not existing) -ynh_system_user_create --username=$app +ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= -# RESTORE USER RIGHTS +# RESTORE THE APP MAIN DIR #================================================= +ynh_script_progression --message="Restoring the app main directory..." --weight=1 -# Restore permissions on app files -chown -R $app: $final_path +ynh_restore_file --origin_path="$final_path" +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + +ynh_restore_file --origin_path="$public_path" + +chmod 750 $public_path +chmod -R o-rwx $public_path +chown -R $app:www-data $public_path + +ln -s $final_path/accounts/newsmirror $public_path/newsmirror #================================================= # SPECIFIC RESTORATION #================================================= # REINSTALL DEPENDENCIES #================================================= -ynh_script_progression --message="Reinstalling dependencies..." --weight=1 +ynh_script_progression --message="Reinstalling dependencies..." --weight=1 # Define and install dependencies ynh_install_app_dependencies $pkg_dependencies @@ -97,9 +99,9 @@ systemctl enable $app.service --quiet #================================================= # INTEGRATE SERVICE IN YUNOHOST #================================================= -ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 +ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 -yunohost service add $app --description="ActivityPub compliant server" --log="/var/log/$app/$app.log" +yunohost service add $app --description="Federated social network server" --log="/var/log/$app/$app.log" #================================================= # START SYSTEMD SERVICE @@ -108,14 +110,12 @@ ynh_script_progression --message="Starting a systemd service..." --weight=1 ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" - #================================================= # GENERIC FINALIZATION #================================================= -# RELOAD NGINX AND PHP-FPM +# RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading NGINX web server..." --weight=1 - +ynh_script_progression --message="Reloading NGINX web server..." --weight=1 ynh_systemd_action --service_name=nginx --action=reload @@ -123,4 +123,4 @@ ynh_systemd_action --service_name=nginx --action=reload # END OF SCRIPT #================================================= -ynh_script_progression --message="Restoration completed for $app" --last +ynh_script_progression --message="Restoration completed for $app" --last diff --git a/scripts/upgrade b/scripts/upgrade index 05e1fce..d5b7df8 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -47,10 +47,18 @@ ynh_abort_if_errors #================================================= # STOP SYSTEMD SERVICE #================================================= -ynh_script_progression --message="Stopping a systemd service..." --weight=1 +ynh_script_progression --message="Stopping a systemd service..." --weight=1 ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log" +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 + +# Create a dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -65,10 +73,15 @@ then popd fi +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" +chown -R $app: $public_path + #================================================= # NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=1 +ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=1 # Create a dedicated NGINX config ynh_add_nginx_config @@ -76,44 +89,24 @@ ynh_add_nginx_config #================================================= # UPGRADE DEPENDENCIES #================================================= -ynh_script_progression --message="Upgrading dependencies..." --weight=1 +ynh_script_progression --message="Upgrading dependencies..." --weight=1 ynh_install_app_dependencies $pkg_dependencies -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 - -# Create a dedicated user (if not existing) -ynh_system_user_create --username=$app - - #================================================= # SETUP SYSTEMD #================================================= -ynh_script_progression --message="Upgrading systemd configuration..." --weight=1 +ynh_script_progression --message="Upgrading systemd configuration..." --weight=1 # Create a dedicated systemd config -ynh_add_systemd_config --service="$app" --template="systemd.service" --others_var="port domain" - - -#================================================= -# GENERIC FINALIZATION -#================================================= -# SECURE FILES AND DIRECTORIES -#================================================= - -# Set permissions on app files -chown -R $app: $final_path -chown -R $app: $public_path +ynh_add_systemd_config #================================================= # INTEGRATE SERVICE IN YUNOHOST #================================================= -ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 +ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 -yunohost service add $app --description="A short description of the app" --log="/var/log/$app/$app.log" +yunohost service add $app --description="Federated social network server" --log="/var/log/$app/$app.log" #================================================= # START SYSTEMD SERVICE @@ -122,19 +115,10 @@ ynh_script_progression --message="Starting a systemd service..." --weight=1 ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" -#================================================= -# SETUP SSOWAT -#================================================= -ynh_script_progression --message="Configuring permissions..." --weight=1 - -ynh_permission_update --permission="main" --add="visitors" - -ynh_permission_url --permission="main" --auth_header="false" - #================================================= # RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading NGINX web server..." --weight=1 +ynh_script_progression --message="Reloading NGINX web server..." --weight=1 ynh_systemd_action --service_name=nginx --action=reload @@ -142,4 +126,4 @@ ynh_systemd_action --service_name=nginx --action=reload # END OF SCRIPT #================================================= -ynh_script_progression --message="Upgrade of $app completed" --last +ynh_script_progression --message="Upgrade of $app completed" --last