From 2984bf5fcbf9fea0794d019e619d1da2089e676d Mon Sep 17 00:00:00 2001 From: yalh76 Date: Fri, 3 Jun 2022 02:40:00 +0200 Subject: [PATCH] Apply last example_ynh --- .github/workflows/updater.sh | 3 +- check_process | 7 +- conf/app.src | 2 + conf/systemd.service | 2 +- manifest.json | 26 ++-- scripts/backup | 12 +- scripts/change_url | 27 ++-- scripts/install | 117 ++++++++--------- scripts/remove | 50 ++++---- scripts/restore | 102 +++++++-------- scripts/upgrade | 239 +++++++++++++++-------------------- 11 files changed, 276 insertions(+), 311 deletions(-) diff --git a/.github/workflows/updater.sh b/.github/workflows/updater.sh index 3811163..baafd8f 100644 --- a/.github/workflows/updater.sh +++ b/.github/workflows/updater.sh @@ -96,6 +96,7 @@ SOURCE_SUM=$checksum SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=$extension SOURCE_IN_SUBDIR=true +SOURCE_FILENAME= EOT echo "... conf/$src.src updated" @@ -116,7 +117,7 @@ done # GENERIC FINALIZATION #================================================= -# Install moreutils, needed for sponge +# Replace new version in manifest echo "$(jq -s --indent 4 ".[] | .version = \"$version~ynh1\"" manifest.json)" > manifest.json # No need to update the README, yunohost-bot takes care of it diff --git a/check_process b/check_process index 3b4de7c..63559a2 100644 --- a/check_process +++ b/check_process @@ -2,10 +2,10 @@ ; Manifest domain="domain.tld" path="/path" + is_public=1 + language="en" admin="john" password="password" - language="en" - is_public=1 export="libreoffice" mypads=1 useldap=1 @@ -32,8 +32,11 @@ setup_private=1 setup_public=1 upgrade=1 + # 1.8.17~ynh1 + upgrade=1 from_commit=44f73d6d49c4ece92648f0374cf02ec4e9e3fb5f backup_restore=1 multi_instance=1 + port_already_use=0 change_url=1 actions=0 config_panel=0 diff --git a/conf/app.src b/conf/app.src index e224fe6..6f42fe9 100644 --- a/conf/app.src +++ b/conf/app.src @@ -3,3 +3,5 @@ SOURCE_SUM=3b51eb0259764669dedfb4d13cdbe8d4a2dea37735fe32941aac39b5def9f99b SOURCE_SUM_PRG=sha256sum ARCH_FORMAT=tar.gz SOURCE_IN_SUBDIR=true +SOURCE_FILENAME= +SOURCE_EXTRACT=true diff --git a/conf/systemd.service b/conf/systemd.service index 2e6be3b..3c75ee1 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -6,7 +6,7 @@ After=syslog.target network.target Type=simple User=__APP__ Group=__APP__ -WorkingDirectory=__FINALPATH__ +WorkingDirectory=__FINALPATH__/ Environment=NODE_ENV=production Environment="__YNH_NODE_LOAD_PATH__" ExecStart=__FINALPATH__/src/bin/run.sh diff --git a/manifest.json b/manifest.json index 6617cf9..367cec3 100644 --- a/manifest.json +++ b/manifest.json @@ -47,12 +47,13 @@ "default": "/pad" }, { - "name": "admin", - "type": "user" - }, - { - "name": "password", - "type": "password" + "name": "is_public", + "type": "boolean", + "help": { + "en": "If your Etherpad instance is public, everyone will be able to create a pad or see an existing one.", + "fr": "Si votre instance Etherpad est publique, tout le monde pourra créer un pad ou voir un pad existant." + }, + "default": true }, { "name": "language", @@ -76,13 +77,12 @@ "default": "en" }, { - "name": "is_public", - "type": "boolean", - "help": { - "en": "If your Etherpad instance is public, everyone will be able to create a pad or see an existing one.", - "fr": "Si votre instance Etherpad est publique, tout le monde pourra créer un pad ou voir un pad existant." - }, - "default": true + "name": "admin", + "type": "user" + }, + { + "name": "password", + "type": "password" }, { "name": "export", diff --git a/scripts/backup b/scripts/backup index 3166fda..42d7600 100644 --- a/scripts/backup +++ b/scripts/backup @@ -46,11 +46,11 @@ ynh_backup --src_path="$final_path" ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= -# BACKUP THE MYSQL DATABASE +# BACKUP FAIL2BAN CONFIGURATION #================================================= -ynh_print_info --message="Backing up the MySQL database..." -ynh_mysql_dump_db --database="$db_name" > db.sql +ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf" +ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf" #================================================= # SPECIFIC BACKUP @@ -67,11 +67,11 @@ ynh_backup --src_path="/etc/logrotate.d/$app" ynh_backup --src_path="/etc/systemd/system/$app.service" #================================================= -# BACKUP FAIL2BAN CONFIGURATION +# BACKUP THE MYSQL DATABASE #================================================= +ynh_print_info --message="Backing up the MySQL database..." -ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf" -ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf" +ynh_mysql_dump_db --database="$db_name" > db.sql #================================================= # END OF SCRIPT diff --git a/scripts/change_url b/scripts/change_url index 7d26331..07725a9 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -30,7 +30,10 @@ app=$YNH_APP_INSTANCE_NAME #================================================= ynh_script_progression --message="Loading installation settings..." --weight=5 +# Needed for helper "ynh_add_nginx_config" final_path=$(ynh_app_setting_get --app=$app --key=final_path) + +# Add settings here as needed by your application mypads=$(ynh_app_setting_get --app=$app --key=mypads) port=$(ynh_app_setting_get --app=$app --key=port) @@ -42,7 +45,6 @@ ynh_script_progression --message="Backing up the app before changing its URL (ma # Backup the current version of the app ynh_backup_before_upgrade ynh_clean_setup () { - # Clean installation remainings that are not handled by the remove script. ynh_clean_check_starting # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location. ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" @@ -92,11 +94,9 @@ if [ $change_path -eq 1 ] then # Make a backup of the original NGINX config file if modified ynh_backup_if_checksum_is_different --file="$nginx_conf_path" - # Set global variables for NGINX helper domain="$old_domain" path_url="$new_path" - # Create a dedicated NGINX config ynh_add_nginx_config fi @@ -107,25 +107,26 @@ then # Delete file checksum for the old conf file location ynh_delete_file_checksum --file="$nginx_conf_path" mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf - # Store file checksum for the new config file location ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" fi +#================================================= +# GENERIC FINALISATION +#================================================= +# START SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Starting a systemd service..." --weight=10 + +# Start a systemd service +ynh_systemd_action --service_name=$app --action=restart --line_match="You can access your Etherpad instance at" --log_path="/var/log/$app/etherpad.log" --timeout="120" + #================================================= # RELOAD NGINX #================================================= ynh_script_progression --message="Reloading NGINX web server..." -ynh_systemd_action --action=reload --service_name=nginx - -#================================================= -# CHECK ETHERPAD STARTING -#================================================= -ynh_script_progression --message="Restarting Etherpad..." --weight=10 - -# Wait for etherpad to be fully started -ynh_systemd_action --action=restart --line_match="You can access your Etherpad instance at" --log_path="/var/log/$app/etherpad.log" --timeout="120" +ynh_systemd_action --service_name=nginx --action=reload #================================================= # DEACTIVE MAINTENANCE MODE diff --git a/scripts/install b/scripts/install index 04529d0..bb318f0 100644 --- a/scripts/install +++ b/scripts/install @@ -1,7 +1,7 @@ #!/bin/bash #================================================= -# GENERIC STARTING +# GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= @@ -10,16 +10,14 @@ if [ ${PACKAGE_CHECK_EXEC:-0} -eq 1 ]; then sleep 60 fi -# Load common variables for all scripts. source _common.sh source /usr/share/yunohost/helpers #================================================= -# MANAGE FAILURE OF THE SCRIPT +# MANAGE SCRIPT FAILURE #================================================= ynh_clean_setup () { -# Clean installation remainings that are not handled by the remove script. ynh_clean_check_starting } # Exit if an error occurs during the execution of the script @@ -31,10 +29,10 @@ ynh_abort_if_errors domain=$YNH_APP_ARG_DOMAIN path_url=$YNH_APP_ARG_PATH +is_public=$YNH_APP_ARG_IS_PUBLIC +language=$YNH_APP_ARG_LANGUAGE admin=$YNH_APP_ARG_ADMIN password="$YNH_APP_ARG_PASSWORD" -language=$YNH_APP_ARG_LANGUAGE -is_public=$YNH_APP_ARG_IS_PUBLIC export=$YNH_APP_ARG_EXPORT mypads=$YNH_APP_ARG_MYPADS useldap=$YNH_APP_ARG_USELDAP @@ -64,9 +62,9 @@ ynh_script_progression --message="Storing installation settings..." --weight=3 ynh_app_setting_set --app=$app --key=domain --value=$domain ynh_app_setting_set --app=$app --key=path --value=$path_url +ynh_app_setting_set --app=$app --key=language --value=$language ynh_app_setting_set --app=$app --key=admin --value=$admin ynh_app_setting_set --app=$app --key=password --value="$password" -ynh_app_setting_set --app=$app --key=language --value=$language ynh_app_setting_set --app=$app --key=export --value=$export ynh_app_setting_set --app=$app --key=mypads --value=$mypads ynh_app_setting_set --app=$app --key=useldap --value=$useldap @@ -97,13 +95,16 @@ elif [ "$export" = "libreoffice" ]; then ynh_exec_warn_less ynh_install_app_dependencies $libreoffice_app_dependencies fi -#================================================= -# INSTALL NODEJS -#================================================= -ynh_script_progression --message="Installing NodeJS..." --weight=12 - ynh_install_nodejs --nodejs_version=$nodejs_version +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Configuring system user..." --weight=3 + +# Create a system user +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # CREATE A MYSQL DATABASE #================================================= @@ -112,15 +113,7 @@ ynh_script_progression --message="Creating a MySQL database..." db_name=$(ynh_sanitize_dbid --db_name=$app) db_user=$db_name ynh_app_setting_set --app=$app --key=db_name --value=$db_name -ynh_mysql_setup_db --db_user=$db_name --db_name=$db_name - -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." --weight=3 - -# Create a dedicated system user -ynh_system_user_create --username=$app --home_dir=$final_path +ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE @@ -131,6 +124,10 @@ ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:$app "$final_path" + #================================================= # NGINX CONFIGURATION #================================================= @@ -153,24 +150,20 @@ install_log=/var/log/$app/installation.log touch $install_log chown $app -R /var/log/$app -# Setup logrotate -ynh_use_logrotate --specific_user=$app/$app - #================================================= # INSTALL ETHERPAD #================================================= ynh_script_progression --message="Installing Etherpad..." --weight=90 -chown -R $app: $final_path pushd $final_path ynh_use_nodejs ynh_exec_as $app env "$ynh_node_load_PATH" bin/installDeps.sh popd #================================================= -# CONFIGURE ETHERPAD +# ADD A CONFIGURATION #================================================= -ynh_script_progression --message="Configuring Etherpad..." --weight=6 +ynh_script_progression --message="Adding a configuration file..." --weight=6 cp ../conf/settings.json "$final_path/settings.json" @@ -203,11 +196,6 @@ ynh_add_config --template="../conf/credentials.json" --destination="$final_path/ # Restrict access to credentials.json chmod 600 $final_path/credentials.json -#================================================= -# SECURING FILES AND DIRECTORIES -#================================================= - -# Set files ownership to etherpad chmod 750 "$final_path" chmod o-rwx "$final_path" chown -R $app: "$final_path" @@ -220,12 +208,6 @@ ynh_script_progression --message="Configuring a systemd service..." --weight=4 # Create a dedicated systemd config ynh_add_systemd_config -#================================================= -# ADVERTISE SERVICE IN ADMIN PANEL -#================================================= - -yunohost service add $app --description="Collaborative editor" --log="/var/log/$app/etherpad.log" - #================================================= # INSTALL FRAMAPAD'S PLUGINS #================================================= @@ -284,6 +266,40 @@ then sed -i '157i

MyPads
' $final_path/src/templates/index.html fi +#================================================= +# GENERIC FINALIZATION +#================================================= +# SETUP LOGROTATE +#================================================= +ynh_script_progression --message="Configuring log rotation..." + +# Use logrotate to manage application logfile(s) +ynh_use_logrotate + +#================================================= +# INTEGRATE SERVICE IN YUNOHOST +#================================================= +ynh_script_progression --message="Integrating service in YunoHost..." + +yunohost service add $app --description="Collaborative editor" --log="/var/log/$app/etherpad.log" + +#================================================= +# START SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Starting a systemd service..." --weight=20 + +# Start a systemd service +ynh_systemd_action --service_name=$app --action=restart --line_match="You can access your Etherpad instance at" --log_path="/var/log/$app/etherpad.log" --timeout="120" + +if [ $mypads -eq 1 ] +then + ynh_replace_string --match_string="__LANGUAGE__" --replace_string="$language" --target_file="../conf/lang_mypads.sql" + mysql -u $db_name -p $db_pwd $db_name < "../conf/lang_mypads.sql" + + # Wait for etherpad to be fully started + ynh_systemd_action --action=restart --line_match="You can access your Etherpad instance at" --log_path="/var/log/$app/etherpad.log" --timeout="120" +fi + #================================================= # SETUP FAIL2BAN #================================================= @@ -297,7 +313,11 @@ ynh_add_fail2ban_config --logpath="/var/log/nginx/$domain-access.log" --failrege #================================================= ynh_script_progression --message="Configuring permissions..." --weight=2 -if [ $is_public -eq 1 ]; then +# Make app public if necessary +if [ $is_public -eq 1 ] +then + # Everyone can access the app. + # The "main" permission is automatically created before the install script. ynh_permission_update --permission="main" --add="visitors" fi @@ -309,24 +329,7 @@ ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin --aut #================================================= ynh_script_progression --message="Reloading NGINX web server..." -ynh_systemd_action --action=reload --service_name=nginx - -#================================================= -# CHECK ETHERPAD STARTING -#================================================= -ynh_script_progression --message="Restarting Etherpad..." --weight=20 - -# Wait for etherpad to be fully started -ynh_systemd_action --action=restart --line_match="You can access your Etherpad instance at" --log_path="/var/log/$app/etherpad.log" --timeout="120" - -if [ $mypads -eq 1 ] -then - ynh_replace_string --match_string="__LANGUAGE__" --replace_string="$language" --target_file="../conf/lang_mypads.sql" - mysql -u $db_name -p$db_pwd $db_name < "../conf/lang_mypads.sql" - - # Wait for etherpad to be fully started - ynh_systemd_action --action=restart --line_match="You can access your Etherpad instance at" --log_path="/var/log/$app/etherpad.log" --timeout="120" -fi +ynh_systemd_action --service_name=nginx --action=reload #================================================= # SEND A README FOR THE ADMIN diff --git a/scripts/remove b/scripts/remove index f61b51c..a95f897 100755 --- a/scripts/remove +++ b/scripts/remove @@ -17,9 +17,10 @@ ynh_script_progression --message="Loading installation settings..." --weight=3 app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app=$app --key=domain) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) port=$(ynh_app_setting_get --app=$app --key=port) db_name=$(ynh_app_setting_get --app=$app --key=db_name) +db_user=$db_name +final_path=$(ynh_app_setting_get --app=$app --key=final_path) export=$(ynh_app_setting_get --app=$app --key=export) #================================================= @@ -28,7 +29,7 @@ export=$(ynh_app_setting_get --app=$app --key=export) # REMOVE SERVICE INTEGRATION IN YUNOHOST #================================================= -# Remove the service from the list of services known, YunoHost (added from `yunohost service add`) +# Remove the service from the list of services known by YunoHost (added from `yunohost service add`) if ynh_exec_warn_less yunohost service status $app >/dev/null then ynh_script_progression --message="Removing $app service integration..." --weight=2 @@ -44,22 +45,12 @@ ynh_script_progression --message="Stopping and removing the systemd service..." ynh_remove_systemd_config #================================================= -# REMOVE DEPENDENCIES +# REMOVE LOGROTATE CONFIGURATION #================================================= +ynh_script_progression --message="Removing logrotate configuration..." -if [ "$export" != "none" ] -then - ynh_script_progression --message="Removing dependencies..." --weight=60 - # Remove metapackage and its dependencies - ynh_exec_warn_less ynh_remove_app_dependencies -fi - -#================================================= -# REMOVE NODEJS -#================================================= -ynh_script_progression --message="Removing NodeJS version for Etherpad..." --weight=3 - -ynh_remove_nodejs +# Remove the app-specific logrotate config +ynh_remove_logrotate #================================================= # REMOVE THE MYSQL DATABASE @@ -67,12 +58,12 @@ ynh_remove_nodejs ynh_script_progression --message="Removing the MySQL database..." --weight=2 # Remove a database if it exists, along with the associated user -ynh_mysql_remove_db --db_user=$db_name --db_name=$db_name +ynh_mysql_remove_db --db_user=$db_user --db_name=$db_name #================================================= # REMOVE APP MAIN DIR #================================================= -ynh_script_progression --message="Removing the app main directory..." +ynh_script_progression --message="Removing app main directory..." # Remove the app directory securely ynh_secure_remove --file="$final_path" @@ -86,14 +77,17 @@ ynh_script_progression --message="Removing NGINX web server configuration..." -- ynh_remove_nginx_config #================================================= -# REMOVE LOGROTATE CONFIGURATION +# REMOVE DEPENDENCIES #================================================= -ynh_script_progression --message="Removing logrotate configuration..." +ynh_script_progression --message="Removing dependencies..." -ynh_secure_remove --file="/var/log/$app" +if [ "$export" != "none" ] +then + # Remove metapackage and its dependencies + ynh_exec_warn_less ynh_remove_app_dependencies +fi -# Remove the app-specific logrotate config -ynh_remove_logrotate +ynh_remove_nodejs #================================================= # REMOVE FAIL2BAN CONFIGURATION @@ -103,6 +97,16 @@ ynh_script_progression --message="Removing Fail2Ban configuration..." --weight=7 # Remove the dedicated Fail2Ban config ynh_remove_fail2ban_config +#================================================= +# SPECIFIC REMOVE +#================================================= +# REMOVE VARIOUS FILES +#================================================= +ynh_script_progression --message="Removing various files..." + +# Remove the log files +ynh_secure_remove --file="/var/log/$app" + #================================================= # GENERIC FINALIZATION #================================================= diff --git a/scripts/restore b/scripts/restore index b7d4752..1166a23 100644 --- a/scripts/restore +++ b/scripts/restore @@ -15,7 +15,6 @@ source /usr/share/yunohost/helpers #================================================= ynh_clean_setup () { - # Clean installation remainings that are not handled by the remove script. ynh_clean_check_starting } # Exit if an error occurs during the execution of the script @@ -24,7 +23,7 @@ ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading settings.." --weight=3 +ynh_script_progression --message="Loading installation settings..." --weight=3 app=$YNH_APP_INSTANCE_NAME @@ -32,6 +31,7 @@ domain=$(ynh_app_setting_get --app=$app --key=domain) path_url=$(ynh_app_setting_get --app=$app --key=path) final_path=$(ynh_app_setting_get --app=$app --key=final_path) db_name=$(ynh_app_setting_get --app=$app --key=db_name) +db_user=$db_name export=$(ynh_app_setting_get --app=$app --key=export) mypads=$(ynh_app_setting_get --app=$app --key=mypads) admin=$(ynh_app_setting_get --app=$app --key=admin) @@ -57,9 +57,18 @@ ynh_maintenance_mode_ON #================================================= # RESTORE THE NGINX CONFIGURATION #================================================= +ynh_script_progression --message="Restoring the NGINX web server configuration..." ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" +#================================================= +# RECREATE THE DEDICATED USER +#================================================= +ynh_script_progression --message="Recreating the dedicated system user..." --weight=2 + +# Create the dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # RESTORE THE APP MAIN DIR #================================================= @@ -67,22 +76,18 @@ ynh_script_progression --message="Restoring the app main directory..." --weight= ynh_restore_file --origin_path="$final_path" -#================================================= -# RESTORE THE MYSQL DATABASE -#================================================= -ynh_script_progression --message="Restoring the MySQL database..." --weight=2 - -db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) -ynh_mysql_setup_db --db_user=$db_name --db_name=$db_name --db_pwd=$db_pwd -ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name < ./db.sql +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:$app "$final_path" #================================================= -# RECREATE THE DEDICATED USER +# RESTORE FAIL2BAN CONFIGURATION #================================================= -ynh_script_progression --message="Recreating the dedicated system user..." --weight=2 +ynh_script_progression --message="Restoring the Fail2Ban configuration..." --weight=6 -# Create the dedicated user (if not existing) -ynh_system_user_create --username=$app --home_dir=$final_path +ynh_restore_file "/etc/fail2ban/jail.d/$app.conf" +ynh_restore_file "/etc/fail2ban/filter.d/$app.conf" +ynh_systemd_action --action=restart --service_name=fail2ban #================================================= # SPECIFIC RESTORE @@ -97,11 +102,10 @@ touch $install_log chown $app -R /var/log/$app chown admin -R $install_log -# Restore logrotate configuration -ynh_restore_file --origin_path="/etc/logrotate.d/$app" - #================================================= -# INSTALL DEPENDENCIES +# SPECIFIC RESTORATION +#================================================= +# REINSTALL DEPENDENCIES #================================================= ynh_script_progression --message="Reinstalling dependencies..." --weight=60 @@ -110,36 +114,16 @@ if [ "$export" = "abiword" ]; then elif [ "$export" = "libreoffice" ]; then ynh_exec_warn_less ynh_install_app_dependencies $libreoffice_app_dependencies fi - -#================================================= -# INSTALL NODEJS -#================================================= -ynh_script_progression --message="Reinstalling NodeJS..." --weight=7 - ynh_install_nodejs --nodejs_version=$nodejs_version #================================================= -# INSTALL ETHERPAD DEPENDENCIES +# RESTORE THE MYSQL DATABASE #================================================= -ynh_script_progression --message="Reinstalling Etherpad node dependencies..." --weight=17 +ynh_script_progression --message="Restoring the MySQL database..." --weight=2 -ynh_use_nodejs -ynh_exec_warn_less npm cache clean --force - -#================================================= -# RESTORE USER RIGHTS -#================================================= - -# Restore permissions on app files -chmod 750 "$final_path" -chmod o-rwx "$final_path" -chown -R $app: "$final_path" - -#================================================= -# ADVERTISE SERVICE IN ADMIN PANEL -#================================================= - -yunohost service add $app --description="Collaborative editor" --log="/var/log/$app/etherpad.log" +db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd) +ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd +ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql #================================================= # RESTORE SYSTEMD @@ -150,14 +134,28 @@ ynh_restore_file --origin_path="/etc/systemd/system/$app.service" systemctl enable $app.service --quiet #================================================= -# RESTORE FAIL2BAN CONFIGURATION +# RESTORE THE LOGROTATE CONFIGURATION #================================================= -ynh_script_progression --message="Restoring the Fail2Ban configuration..." --weight=6 +ynh_script_progression --message="Restoring the logrotate configuration..." -ynh_restore_file "/etc/fail2ban/jail.d/$app.conf" -ynh_restore_file "/etc/fail2ban/filter.d/$app.conf" -ynh_systemd_action --action=restart --service_name=fail2ban +ynh_restore_file --origin_path="/etc/logrotate.d/$app" +#================================================= +# INTEGRATE SERVICE IN YUNOHOST +#================================================= +ynh_script_progression --message="Integrating service in YunoHost..." + +yunohost service add $app --description="Collaborative editor" --log="/var/log/$app/etherpad.log" + +#================================================= +# START SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Starting a systemd service..." --weight=8 + +ynh_systemd_action --service_name=$app --action=restart --line_match="You can access your Etherpad instance at" --log_path="/var/log/$app/etherpad.log" --timeout="120" + +#================================================= +# GENERIC FINALIZATION #================================================= # RELOAD NGINX #================================================= @@ -165,14 +163,6 @@ ynh_script_progression --message="Reloading NGINX web server..." ynh_systemd_action --action=reload --service_name=nginx -#================================================= -# CHECK ETHERPAD STARTING -#================================================= -ynh_script_progression --message="Restarting Etherpad..." --weight=8 - -# Wait for etherpad to be fully started -ynh_systemd_action --action=restart --line_match="You can access your Etherpad instance at" --log_path="/var/log/$app/etherpad.log" --timeout="120" - #================================================= # DEACTIVE MAINTENANCE MODE #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 8abbd9a..932013b 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -1,12 +1,11 @@ #!/bin/bash #================================================= -# GENERIC STARTING +# GENERIC START #================================================= # IMPORT GENERIC HELPERS #================================================= -# Load common variables for all scripts. source _common.sh source /usr/share/yunohost/helpers @@ -19,8 +18,8 @@ app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app=$app --key=domain) path_url=$(ynh_app_setting_get --app=$app --key=path) -admin=$(ynh_app_setting_get --app=$app --key=admin) language=$(ynh_app_setting_get --app=$app --key=language) +admin=$(ynh_app_setting_get --app=$app --key=admin) final_path=$(ynh_app_setting_get --app=$app --key=final_path) port=$(ynh_app_setting_get --app=$app --key=port) export=$(ynh_app_setting_get --app=$app --key=export) @@ -45,12 +44,44 @@ pad_config_show_markdown=$(ynh_app_setting_get --app=$app --key=pad_config_show_ #================================================= # CHECK VERSION #================================================= +nh_script_progression --message="Checking version..." # Wait for etherpad to be fully started ynh_systemd_action --action=restart --line_match="You can access your Etherpad instance at" --log_path="/var/log/$app/etherpad.log" --timeout="120" upgrade_type=$(ynh_check_app_version_changed) +#================================================= +# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP +#================================================= +ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=35 + +# Backup the current version of the app +ynh_backup_before_upgrade +ynh_clean_setup () { + ynh_clean_check_starting + # Restore it if the upgrade fails + ynh_restore_upgradebackup +} +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + +#================================================= +# ACTIVATE MAINTENANCE MODE +#================================================= +ynh_script_progression --message="Activating maintenance mode..." --weight=2 + +ynh_maintenance_mode_ON + +#================================================= +# STANDARD UPGRADE STEPS +#================================================= +# STOP SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Stopping a systemd service..." --weight=3 + +ynh_systemd_action --service_name=$app --action="stop" + #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= @@ -127,61 +158,28 @@ fi # Cleaning legacy permissions if ynh_legacy_permissions_exists; then - ynh_legacy_permissions_delete_all + ynh_legacy_permissions_delete_all - ynh_app_setting_delete --app=$app --key=is_public + ynh_app_setting_delete --app=$app --key=is_public fi if ! ynh_permission_exists --permission="admin"; then - # Create the required permissions - ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin + # Create the required permissions + ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin else - # Make sure the admin panel is not exposed to the SSO's authentication headers - # AFAIK there is no helper to check if that flag is up or not, so let's force it. - ynh_permission_url --permission="admin" --auth_header=false + # Make sure the admin panel is not exposed to the SSO's authentication headers + # AFAIK there is no helper to check if that flag is up or not, so let's force it. + ynh_permission_url --permission="admin" --auth_header=false fi -#================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP -#================================================= -ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=35 - -# Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { -# Clean installation remainings that are not handled by the remove script. - ynh_clean_check_starting - - # Restore it if the upgrade fails - ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# ACTIVATE MAINTENANCE MODE -#================================================= -ynh_script_progression --message="Activating maintenance mode..." --weight=2 - -ynh_maintenance_mode_ON - -#================================================= -# STOP ETHERPAD -#================================================= -ynh_script_progression --message="Stopping Etherpad service..." --weight=3 - -ynh_systemd_action --action=stop - #================================================= # CREATE DEDICATED USER #================================================= ynh_script_progression --message="Making sure dedicated system user exists..." # Create a dedicated user (if not existing) -ynh_system_user_create --username=$app --home_dir=$final_path +ynh_system_user_create --username=$app --home_dir="$final_path" -#================================================= -# STANDARD UPGRADE STEPS #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -190,34 +188,13 @@ if [ "$upgrade_type" == "UPGRADE_APP" ] then ynh_script_progression --message="Upgrading source files..." --weight=4 - # # Create a temporary directory - # tmpdir="$(mktemp -d)" - # # Backup the config file in the temp dir - # cp -a "$final_path/settings.json" "$tmpdir/settings.json" - - ynh_secure_remove --file="$final_path" - # Download, check integrity, uncompress and patch the source from app.src - ynh_setup_source --dest_dir="$final_path" - - # # Copy the admin saved settings from tmp directory to final config path - # cp -a "$tmpdir/settings.json" "$final_path/settings.json" - - # # Remove the tmp directory securely - # ynh_secure_remove --file="$tmpdir" - + ynh_setup_source --dest_dir="$final_path" --keep="settings.json credentials.json" fi -#================================================= -# UPGRADE DEPENDENCIES -#================================================= -ynh_script_progression --message="Upgrading dependencies..." --weight=5 - -if [ "$export" = "abiword" ]; then - ynh_exec_warn_less ynh_install_app_dependencies $abiword_app_depencencies -elif [ "$export" = "libreoffice" ]; then - ynh_exec_warn_less ynh_install_app_dependencies $libreoffice_app_dependencies -fi +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:$app "$final_path" #================================================= # NGINX CONFIGURATION @@ -231,12 +208,20 @@ then fi #================================================= -# UPGRADE NODEJS +# UPGRADE DEPENDENCIES #================================================= -ynh_script_progression --message="Upgrading NodeJS..." --weight=4 +ynh_script_progression --message="Upgrading dependencies..." --weight=5 + +if [ "$export" = "abiword" ]; then + ynh_exec_warn_less ynh_install_app_dependencies $abiword_app_depencencies +elif [ "$export" = "libreoffice" ]; then + ynh_exec_warn_less ynh_install_app_dependencies $libreoffice_app_dependencies +fi ynh_install_nodejs --nodejs_version=$nodejs_version +#================================================= +# SPECIFIC UPGRADE #================================================= # HANDLE LOG FILES AND LOGROTATE #================================================= @@ -252,33 +237,9 @@ chown $app -R /var/log/$app #================================================= ynh_script_progression --message="Upgrading Etherpad..." --weight=60 -# Then update the additionnal modules -chown -R $app: $final_path - pushd $final_path ynh_use_nodejs ynh_exec_as $app env "$ynh_node_load_PATH" src/bin/installDeps.sh -# ynh_exec_warn_less npm cache clean --force -# ynh_exec_warn_less ynh_exec_as $app env "$ynh_node_load_PATH" npm cache clean --force -# while read node_module -# do -# # Ignore ep_etherpad-lite, this part is updated before in this script. -# if [ "$node_module" = "ep_etherpad-lite" ]; then -# continue -# fi -# echo "Update $node_module" -# # Build the name of the variable with the version. -# module_version=${node_module}_version -# # Get the content of the variable (from the file _variables) -# module_version=${!module_version:-} -# # If the module has no version stored in a variable into the file, keep it empty. -# # That way, the upgrade will not be specific to a version. -# ## Otherwise, add @ before the version number to force the upgrade to this version. -# if [ -n "${module_version}" ]; then -# module_version=@${module_version} -# fi -# ynh_exec_warn_less ynh_exec_as $app env "$ynh_node_load_PATH" npm install --upgrade ${node_module}${module_version} || true -# done <<< "$(ls -1 "$final_path/node_modules" | grep "^ep_")" popd #================================================= @@ -322,8 +283,6 @@ chown -R $app: $final_path/node_modules # Remove package-lock.json otherwise plugins installation and upgrade fails miserablywith 502 error ynh_secure_remove --file="$final_path/package-lock.json" -#================================================= -# SPECIFIC UPGRADE #================================================= # CONFIGURE ETHERPAD #================================================= @@ -407,39 +366,6 @@ chown -R $app: "$final_path" chmod 600 "$final_path/credentials.json" chown $app -R /var/log/$app/etherpad.log -#================================================= -# ADVERTISE SERVICE IN ADMIN PANEL -#================================================= - -yunohost service add $app --description="Collaborative editor" --log="/var/log/$app/etherpad.log" - -#================================================= -# UPGRADE FAIL2BAN -#================================================= -ynh_script_progression --message="Reconfiguring Fail2Ban..." --weight=8 - -# Create a dedicated Fail2Ban config -ynh_add_fail2ban_config --logpath="/var/log/nginx/$domain-access.log" --failregex=" .* .POST /mypads/api/auth/login HTTP/1.1. 400" --max_retry=5 - -#================================================= -# SETUP LOGROTATE -#================================================= -ynh_script_progression --message="Upgrading logrotate configuration..." --weight=2 - -# Use logrotate to manage app-specific logfile(s) -ynh_use_logrotate --non-append --specific_user=$app/$app - -#================================================= -# SETUP SYSTEMD -#================================================= -ynh_script_progression --message="Upgrading systemd configuration..." --weight=2 - -# Overwrite the systemd configuration only if it's allowed -if [ $overwrite_systemd -eq 1 ] -then - ynh_add_systemd_config -fi - #================================================= # SOME HACKS #================================================= @@ -450,20 +376,55 @@ then sed -i '157i

MyPads
' $final_path/src/templates/index.html fi +#================================================= +# SETUP SYSTEMD +#================================================= +ynh_script_progression --message="Upgrading systemd configuration..." --weight=2 + +# Create a dedicated systemd config +if [ $overwrite_systemd -eq 1 ] +then + ynh_add_systemd_config +fi + +#================================================= +# GENERIC FINALIZATION +#================================================= +# SETUP LOGROTATE +#================================================= +ynh_script_progression --message="Upgrading logrotate configuration..." --weight=2 + +# Use logrotate to manage app-specific logfile(s) +ynh_use_logrotate --non-append --specific_user=$app/$app + +#================================================= +# INTEGRATE SERVICE IN YUNOHOST +#================================================= +ynh_script_progression --message="Integrating service in YunoHost..." + +yunohost service add $app --description="Collaborative editor" --log="/var/log/$app/etherpad.log" + +#================================================= +# START SYSTEMD SERVICE +#================================================= +ynh_script_progression --message="Starting a systemd service..." --weight=9 + +ynh_systemd_action --service_name=$app --action=restart --line_match="You can access your Etherpad instance at" --log_path="/var/log/$app/etherpad.log" --timeout="120" + +#================================================= +# UPGRADE FAIL2BAN +#================================================= +ynh_script_progression --message="Reconfiguring Fail2Ban..." --weight=8 + +# Create a dedicated Fail2Ban config +ynh_add_fail2ban_config --logpath="/var/log/nginx/$domain-access.log" --failregex=" .* .POST /mypads/api/auth/login HTTP/1.1. 400" --max_retry=5 + #================================================= # RELOAD NGINX #================================================= ynh_script_progression --message="Reloading NGINX web server..." -ynh_systemd_action --action=reload --service_name=nginx - -#================================================= -# CHECK ETHERPAD STARTING -#================================================= -ynh_script_progression --message="Restarting Etherpad..." --weight=9 - -# Wait for etherpad to be fully started -ynh_systemd_action --action=restart --line_match="You can access your Etherpad instance at" --log_path="/var/log/$app/etherpad.log" --timeout="120" +ynh_systemd_action --service_name=nginx --action=reload #================================================= # DEACTIVE MAINTENANCE MODE