YunoHost-Apps/fider_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/fider_ynh.git synced 2024-09-03 18:36:11 +02:00
Code Issues Activity Actions

Fider is working

Browse source
This commit is contained in:
Félix Piédallu 2022-10-06 14:42:19 +02:00
parent 83c0a58a49
commit aa8cceddda
11 changed files with 152 additions and 450 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
README.md
View file

@ -5,7 +5,7 @@ It shall NOT be edited by hand.
# Fider for YunoHost
[![Integration level](https://dash.yunohost.org/integration/fider.svg)](https://dash.yunohost.org/appci/app/fider) ![Working status](https://ci-apps.yunohost.org/ci/badges/fider.status.svg) ![Maintenance status](https://ci-apps.yunohost.org/ci/badges/fider.maintain.svg)
[![Integration level](https://dash.yunohost.org/integration/fider.svg)](https://dash.yunohost.org/appci/app/fider) ![Working status](https://ci-apps.yunohost.org/ci/badges/fider.status.svg) ![Maintenance status](https://ci-apps.yunohost.org/ci/badges/fider.maintain.svg)
[![Install Fider with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=fider)
*[Lire ce readme en français.](./README_fr.md)*
@ -26,7 +26,7 @@ Fider is a feedback portal that helps teams collect and prioritize customer feed
- Markdown support
**Shipped version:** 0.21.1~ynh1 *(:warning: This is the `initial` branch. The [`master` branch](https://github.com/YunoHost-Apps/fider_ynh/tree/master) used in the catalog is currently on version 1.0\~ynh1.)*
**Shipped version:** 0.21.1~ynh1 *(:warning: This is the `testing` branch. The [`master` branch](https://github.com/YunoHost-Apps/fider_ynh/tree/master) used in the catalog is currently on version 1.0\~ynh1.)*
**Demo:** https://feedback.fider.io
@ -37,15 +37,12 @@ Fider is a feedback portal that helps teams collect and prioritize customer feed
## Disclaimers / important information
* Any known limitations, constrains or stuff not working, such as (but not limited to):
* No Yunohost LDAP connection (yet)
* Email required for administation (uses "magic links" instead of admin passwords)
* Only installable on a domain root (or a subdomain root)!
* No Yunohost LDAP connection (yet)
* Email required for administation (uses "magic links" instead of admin passwords)
* Other infos that people should be aware of, such as:
* any specific step to perform after installing (such as manually finishing the install, specific admin credentials, ...)
* how to configure / administrate the application if it ain't obvious
* upgrade process / specificities / things to be aware of ?
* security considerations ?
* You should manually configure the app after installation.
* You should edit /opt/yunohost/fider/run_fider to add environment variables, e.g for Github integration
## Documentation and resources

17
README_fr.md
View file

@ -5,7 +5,7 @@ It shall NOT be edited by hand.
# Fider pour YunoHost
[![Niveau d'intégration](https://dash.yunohost.org/integration/fider.svg)](https://dash.yunohost.org/appci/app/fider) ![Statut du fonctionnement](https://ci-apps.yunohost.org/ci/badges/fider.status.svg) ![Statut de maintenance](https://ci-apps.yunohost.org/ci/badges/fider.maintain.svg)
[![Niveau d'intégration](https://dash.yunohost.org/integration/fider.svg)](https://dash.yunohost.org/appci/app/fider) ![Statut du fonctionnement](https://ci-apps.yunohost.org/ci/badges/fider.status.svg) ![Statut de maintenance](https://ci-apps.yunohost.org/ci/badges/fider.maintain.svg)
[![Installer Fider avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=fider)
*[Read this readme in english.](./README.md)*
@ -26,7 +26,7 @@ Fider is a feedback portal that helps teams collect and prioritize customer feed
- Markdown support
**Version incluse :** 0.21.1~ynh1 *(:warning: Il s'agit de la branche `initial`. La [branche `master`](https://github.com/YunoHost-Apps/fider_ynh/tree/master) utilisée dans le catalogue est actuellement en 1.0\~ynh1.)*
**Version incluse :** 0.21.1~ynh1 *(:warning: Il s'agit de la branche `testing`. La [branche `master`](https://github.com/YunoHost-Apps/fider_ynh/tree/master) utilisée dans le catalogue est actuellement en 1.0\~ynh1.)*
**Démo :** https://feedback.fider.io
@ -37,15 +37,12 @@ Fider is a feedback portal that helps teams collect and prioritize customer feed
## Avertissements / informations importantes
* Any known limitations, constrains or stuff not working, such as (but not limited to):
* No Yunohost LDAP connection (yet)
* Email required for administation (uses "magic links" instead of admin passwords)
* Only installable on a domain root (or a subdomain root)!
* No Yunohost LDAP connection (yet)
* Email required for administation (uses "magic links" instead of admin passwords)
* Other infos that people should be aware of, such as:
* any specific step to perform after installing (such as manually finishing the install, specific admin credentials, ...)
* how to configure / administrate the application if it ain't obvious
* upgrade process / specificities / things to be aware of ?
* security considerations ?
* You should manually configure the app after installation.
* You should edit /opt/yunohost/fider/run_fider to add environment variables, e.g for Github integration
## Documentations et ressources

32
conf/run_fider Normal file
View file

@ -0,0 +1,32 @@
#!/usr/bin/env bash
cd "__FINAL_PATH__/app"
# Public Host Name
export BASE_URL=https://__DOMAIN____PATH__
export PORT=__PORT__
# Connection string to the PostgreSQL database
export DATABASE_URL="postgres://__DB_USER__:__DB_PWD__@localhost:5432/__DB_NAME__?sslmode=disable"
# Generate a 512-bit secret
export JWT_SECRET=__SECRET__
# From which account e-mails will be sent
export EMAIL_NOREPLY=__APP__@__DOMAIN__
###
# EMAIL
###
export EMAIL_SMTP_HOST=127.0.0.1
export EMAIL_SMTP_PORT=25
export EMAIL_SMTP_ENABLE_STARTTLS='false'
# This file is provided to the administrator to customize OAuth etc.
if [[ -f "custom_fider_env" ]]; then
source custom_fider_env
fi
./fider migrate
./fider "$@"

2
conf/systemd.service
View file

@ -7,7 +7,7 @@ Type=simple
User=__APP__
Group=__APP__
WorkingDirectory=__FINALPATH__/
ExecStart=__FINALPATH__/fider
ExecStart=__FINALPATH__/run_fider
StandardOutput=append:/var/log/__APP__/__APP__.log
StandardError=inherit

58
scripts/_common.sh
View file

@ -3,34 +3,58 @@
#=================================================
# COMMON VARIABLES
#=================================================
# PHP APP SPECIFIC
#=================================================
# Depending on its version, YunoHost uses different default PHP version:
## YunoHost version "11.X" => PHP 7.4
## YunoHost version "4.X" => PHP 7.3
#
# This behaviour can be overridden by setting the YNH_PHP_VERSION variable
#YNH_PHP_VERSION=7.3
#YNH_PHP_VERSION=7.4
#YNH_PHP_VERSION=8.0
# For more information, see the PHP application helper: https://github.com/YunoHost/yunohost/blob/dev/helpers/php#L3-L6
# Or this app package depending on PHP: https://github.com/YunoHost-Apps/grav_ynh/blob/master/scripts/_common.sh
# PHP dependencies used by the app (must be on a single line)
#php_dependencies="php$YNH_PHP_VERSION-deb1 php$YNH_PHP_VERSION-deb2"
# or, if you do not need a custom YNH_PHP_VERSION:
php_dependencies="php$YNH_DEFAULT_PHP_VERSION-deb1 php$YNH_DEFAULT_PHP_VERSION-deb2"
nodejs_version=16
# dependencies used by the app (must be on a single line)
pkg_dependencies="deb1 deb2 $php_dependencies"
pkg_dependencies="golang-1.18-go postgresql"
#=================================================
# PERSONAL HELPERS
#=================================================
build_fider() {
ynh_exec_as "$app" mkdir -p "$final_path/go_build"
ynh_secure_remove -f "$final_path/app"
mkdir -p "$final_path/app"
pushd "$final_path/sources"
# Build server
ynh_exec_as "$app" \
GOPATH="$final_path/go_build/go" \
GOCACHE="$final_path/go_build/.cache" \
GOOS=linux GOARCH="$(dpkg --print-architecture)" \
PATH=/usr/lib/go-1.18/bin:$PATH \
make build-server
cp -R migrations views locale LICENSE fider "$final_path/app"
# Build UI
ynh_use_nodejs
ynh_exec_as "$app" $ynh_node_load_PATH $ynh_npm ci
ynh_exec_as "$app" $ynh_node_load_PATH make build-ssr
ynh_exec_as "$app" $ynh_node_load_PATH make build-ui
cp -R favicon.png dist robots.txt ssr.js "$final_path/app"
popd
chown $app:www-data -R "$final_path/app"
}
#=================================================
# EXPERIMENTAL HELPERS
#=================================================
_ynh_enable_backports() {
version=$(ynh_get_debian_release)
backports_file="/etc/apt/sources.list.d/backports_$version.list"
if [[ -f "$backports_file" ]]; then
return 0
fi
{
echo "deb http://deb.debian.org/debian $version-backports main contrib non-free"
echo "deb-src http://deb.debian.org/debian $version-backports main contrib non-free"
} > "$backports_file"
apt update
}
#=================================================
# FUTURE OFFICIAL HELPERS
#=================================================

37
scripts/backup
View file

@ -15,7 +15,6 @@ source /usr/share/yunohost/helpers
#=================================================
ynh_clean_setup () {
### Remove this function if there's nothing to clean before calling the remove script.
true
}
# Exit if an error occurs during the execution of the script
@ -31,7 +30,6 @@ app=$YNH_APP_INSTANCE_NAME
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
domain=$(ynh_app_setting_get --app=$app --key=domain)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
#=================================================
@ -39,41 +37,24 @@ datadir=$(ynh_app_setting_get --app=$app --key=datadir)
#=================================================
ynh_print_info --message="Declaring files to be backed up..."
### N.B. : the following 'ynh_backup' calls are only a *declaration* of what needs
### to be backuped and not an actual copy of any file. The actual backup that
### creates and fill the archive with the files happens in the core after this
### script is called. Hence ynh_backups calls takes basically 0 seconds to run.
#=================================================
# BACKUP THE APP MAIN DIR
#=================================================
ynh_backup --src_path="$final_path"
#=================================================
# BACKUP THE DATA DIR
#=================================================
ynh_backup --src_path="$datadir" --is_big
#=================================================
# BACKUP THE NGINX CONFIGURATION
#=================================================
ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# BACKUP THE PHP-FPM CONFIGURATION
#=================================================
ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
#=================================================
# BACKUP FAIL2BAN CONFIGURATION
#=================================================
ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf"
ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf"
# ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf"
# ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf"
#=================================================
# SPECIFIC BACKUP
@ -90,22 +71,14 @@ ynh_backup --src_path="/etc/logrotate.d/$app"
ynh_backup --src_path="/etc/systemd/system/$app.service"
#=================================================
# BACKUP VARIOUS FILES
# BACKUP THE POSTGRESQL DATABASE
#=================================================
ynh_backup --src_path="/etc/cron.d/$app"
ynh_backup --src_path="/etc/$app/"
#=================================================
# BACKUP THE MYSQL DATABASE
#=================================================
ynh_print_info --message="Backing up the MySQL database..."
ynh_print_info --message="Backing up the PostgreSQL database..."
### (However, things like MySQL dumps *do* take some time to run, though the
### copy of the generated dump to the archive still happens later)
ynh_mysql_dump_db --database="$db_name" > db.sql
ynh_psql_dump_db --database="$db_name" > db.sql
#=================================================
# END OF SCRIPT

7
scripts/change_url
View file

@ -30,9 +30,10 @@ ynh_script_progression --message="Loading installation settings..." --weight=1
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
# Add settings here as needed by your application
#db_name=$(ynh_app_setting_get --app=$app --key=db_name)
#db_user=$db_name
#db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd)
secret=$(ynh_app_setting_get --app=$app --key=secret)
port=$(ynh_app_setting_get --app=$app --key=port)
db_user=$(ynh_app_setting_get --app=$app --key=db_user)
db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd)
#=================================================
# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP

231
scripts/install
View file

@ -25,40 +25,19 @@ ynh_abort_if_errors
#=================================================
domain=$YNH_APP_ARG_DOMAIN
path_url=$YNH_APP_ARG_PATH
# path_url=$YNH_APP_ARG_PATH
path_url=/
is_public=$YNH_APP_ARG_IS_PUBLIC
language=$YNH_APP_ARG_LANGUAGE
admin=$YNH_APP_ARG_ADMIN
password=$YNH_APP_ARG_PASSWORD
### If it's a multi-instance app, meaning it can be installed several times independently
### The id of the app as stated in the manifest is available as $YNH_APP_ID
### The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2"...)
### The app instance name is available as $YNH_APP_INSTANCE_NAME
### - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample
### - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2
### - ynhexample__{N} for the subsequent installations, with N=3,4...
### The app instance name is probably what interests you most, since this is
### guaranteed to be unique. This is a good unique identifier to define installation path,
### db names...
app=$YNH_APP_INSTANCE_NAME
#=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#=================================================
### About --weight and --time
### ynh_script_progression will show to your final users the progression of each scripts.
### In order to do that, --weight will represent the relative time of execution compared to the other steps in the script.
### --time is a packager option, it will show you the execution time since the previous call.
### This option is implied when running in CI_package_check, you can manually add it if you are manually testing the app.
### Use the execution time displayed in the CI report or by adding --time to the command, to estimate the weight of a step.
### A common way to do it is to set a weight equal to the execution time in second +1.
### The execution time is given for the duration since the previous call. So the weight should be applied to this previous call.
ynh_script_progression --message="Validating installation parameters..." --weight=1
### If the app uses NGINX as web server (written in HTML/PHP in most cases), the final path should be "/var/www/$app".
### If the app provides an internal web server (or uses another application server such as uWSGI), the final path should be "/opt/yunohost/$app"
final_path=/var/www/$app
final_path=/opt/yunohost/$app
test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
# Register (book) web path
@ -81,37 +60,18 @@ ynh_app_setting_set --app=$app --key=admin --value=$admin
#=================================================
ynh_script_progression --message="Finding an available port..." --weight=1
### Use these lines if you have to open a port for the application
### `ynh_find_port` will find the first available port starting from the given port.
### If you're not using these lines:
### - Remove the section "CLOSE A PORT" in the remove script
# Find an available port
port=$(ynh_find_port --port=8095)
port=$(ynh_find_port --port=3000)
ynh_app_setting_set --app=$app --key=port --value=$port
# Optional: Expose this port publicly
# (N.B.: you only need to do this if the app actually needs to expose the port publicly.
# If you do this and the app doesn't actually need you are CREATING SECURITY HOLES IN THE SERVER !)
# Open the port
# ynh_script_progression --message="Configuring firewall..." --weight=1
# ynh_exec_warn_less yunohost firewall allow --no-upnp TCP $port
#=================================================
# INSTALL DEPENDENCIES
#=================================================
ynh_script_progression --message="Installing dependencies..." --weight=1
### `ynh_install_app_dependencies` allows you to add any "apt" dependencies to the package.
### Those deb packages will be installed as dependencies of this package.
### If you're not using this helper:
### - Remove the section "REMOVE DEPENDENCIES" in the remove script
### - Remove the variable "pkg_dependencies" in _common.sh
### - As well as the section "REINSTALL DEPENDENCIES" in the restore script
### - And the section "UPGRADE DEPENDENCIES" in the upgrade script
_ynh_enable_backports
ynh_install_app_dependencies $pkg_dependencies
ynh_install_nodejs --nodejs_version=$nodejs_version
#=================================================
# CREATE DEDICATED USER
@ -122,36 +82,23 @@ ynh_script_progression --message="Configuring system user..." --weight=1
ynh_system_user_create --username=$app --home_dir="$final_path"
#=================================================
# CREATE A MYSQL DATABASE
# CREATE A POSTGRESQL DATABASE
#=================================================
ynh_script_progression --message="Creating a MySQL database..." --weight=1
### Use these lines if you need a database for the application.
### `ynh_mysql_setup_db` will create a database, an associated user and a ramdom password.
### The password will be stored as 'mysqlpwd' into the app settings,
### and will be available as $db_pwd
### If you're not using these lines:
### - Remove the section "BACKUP THE MYSQL DATABASE" in the backup script
### - Remove also the section "REMOVE THE MYSQL DATABASE" in the remove script
### - As well as the section "RESTORE THE MYSQL DATABASE" in the restore script
ynh_script_progression --message="Creating a PostgreSQL database..." --weight=1
db_name=$(ynh_sanitize_dbid --db_name=$app)
db_user=$db_name
ynh_app_setting_set --app=$app --key=db_name --value=$db_name
ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name
ynh_psql_setup_db --db_user=$db_user --db_name=$db_name
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression --message="Setting up source files..." --weight=1
### `ynh_setup_source` is used to install an app from a zip or tar.gz file,
### downloaded from an upstream source, like a git repository.
### `ynh_setup_source` use the file conf/app.src
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$final_path"
ynh_setup_source --dest_dir="$final_path/sources"
# FIXME: this should be managed by the core in the future
# Here, as a packager, you may have to tweak the ownerhsip/permissions
@ -164,116 +111,38 @@ chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path"
#=================================================
# PHP-FPM CONFIGURATION
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression --message="Configuring PHP-FPM..." --weight=1
ynh_script_progression --message="Compiling Fider application..." --weight=1
### `ynh_add_fpm_config` is used to set up a PHP config.
### You can remove it if your app doesn't use PHP.
### `ynh_add_fpm_config` will use the files conf/php-fpm.conf
### If you're not using these lines:
### - You can remove these files in conf/.
### - Remove the section "BACKUP THE PHP-FPM CONFIGURATION" in the backup script
### - Remove also the section "REMOVE PHP-FPM CONFIGURATION" in the remove script
### - As well as the section "RESTORE THE PHP-FPM CONFIGURATION" in the restore script
### with the reload at the end of the script.
### - And the section "PHP-FPM CONFIGURATION" in the upgrade script
# Create a dedicated PHP-FPM config
ynh_add_fpm_config
build_fider
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Configuring NGINX web server..." --weight=1
### `ynh_add_nginx_config` will use the file conf/nginx.conf
# Create a dedicated NGINX config
ynh_add_nginx_config
#=================================================
# SPECIFIC SETUP
#=================================================
# ...
#=================================================
#=================================================
# CREATE DATA DIRECTORY
#=================================================
ynh_script_progression --message="Creating a data directory..." --weight=1
### Use these lines if you need to create a directory to store "persistent files" for the application.
### Usually this directory is used to store uploaded files or any file that won't be updated during
### an upgrade and that won't be deleted during app removal unless "--purge" option is used.
### If you're not using these lines:
### - Remove the section "BACKUP THE DATA DIR" in the backup script
### - Remove the section "RESTORE THE DATA DIRECTORY" in the restore script
### - As well as the section "REMOVE DATA DIR" in the remove script
datadir=/home/yunohost.app/$app
ynh_app_setting_set --app=$app --key=datadir --value=$datadir
mkdir -p $datadir
# FIXME: this should be managed by the core in the future
# Here, as a packager, you may have to tweak the ownerhsip/permissions
# such that the appropriate users (e.g. maybe www-data) can access
# files in some cases.
# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder -
# this will be treated as a security issue.
chmod 750 "$datadir"
chmod -R o-rwx "$datadir"
chown -R $app:www-data "$datadir"
#=================================================
# ADD A CONFIGURATION
#=================================================
ynh_script_progression --message="Adding a configuration file..." --weight=1
ynh_script_progression --message="Adding the configuration file..." --weight=1
secret=$(ynh_string_random --length 64)
ynh_app_setting_set --app=$app --key=secret --value=$secret
### You can add specific configuration files.
###
### Typically, put your template conf file in ../conf/your_config_file
### The template may contain strings such as __FOO__ or __FOO_BAR__,
### which will automatically be replaced by the values of $foo and $foo_bar
###
### ynh_add_config will also keep track of the config file's checksum,
### which later during upgrade may allow to automatically backup the config file
### if it's found that the file was manually modified
###
### Check the documentation of `ynh_add_config` for more info.
ynh_add_config --template="some_config_file" --destination="$final_path/some_config_file"
# FIXME: this should be handled by the core in the future
# You may need to use chmod 600 instead of 400,
# for example if the app is expected to be able to modify its own config
chmod 400 "$final_path/some_config_file"
chown $app:$app "$final_path/some_config_file"
### For more complex cases where you want to replace stuff using regexes,
### you shoud rely on ynh_replace_string (which is basically a wrapper for sed)
### When doing so, you also need to manually call ynh_store_file_checksum
###
### ynh_replace_string --match_string="match_string" --replace_string="replace_string" --target_file="$final_path/some_config_file"
### ynh_store_file_checksum --file="$final_path/some_config_file"
ynh_add_config --template="run_fider" --destination="$final_path/run_fider"
chown $app:www-data "$final_path/run_fider"
chmod 744 "$final_path/run_fider"
#=================================================
# SETUP SYSTEMD
#=================================================
ynh_script_progression --message="Configuring a systemd service..." --weight=1
### `ynh_systemd_config` is used to configure a systemd script for an app.
### It can be used for apps that use sysvinit (with adaptation) or systemd.
### Have a look at the app to be sure this app needs a systemd script.
### `ynh_systemd_config` will use the file conf/systemd.service
### If you're not using these lines:
### - You can remove those files in conf/.
### - Remove the section "BACKUP SYSTEMD" in the backup script
### - Remove also the section "STOP AND REMOVE SERVICE" in the remove script
### - As well as the section "RESTORE SYSTEMD" in the restore script
### - And the section "SETUP SYSTEMD" in the upgrade script
# Create a dedicated systemd config
ynh_add_systemd_config
@ -287,16 +156,16 @@ ynh_add_systemd_config
### forms.
# Set the app as temporarily public for curl call
ynh_script_progression --message="Configuring SSOwat..." --weight=1
# ynh_script_progression --message="Configuring SSOwat..." --weight=1
# Making the app public for curl
ynh_permission_update --permission="main" --add="visitors"
# ynh_permission_update --permission="main" --add="visitors"
# Installation with curl
ynh_script_progression --message="Finalizing installation..." --weight=1
ynh_local_curl "/INSTALL_PATH" "key1=value1" "key2=value2" "key3=value3"
# ynh_script_progression --message="Finalizing installation..." --weight=1
# ynh_local_curl "/INSTALL_PATH" "key1=value1" "key2=value2" "key3=value3"
# Remove the public access
ynh_permission_update --permission="main" --remove="visitors"
# ynh_permission_update --permission="main" --remove="visitors"
#=================================================
# GENERIC FINALIZATION
@ -314,63 +183,30 @@ ynh_script_progression --message="Configuring log rotation..." --weight=1
### - And the section "SETUP LOGROTATE" in the upgrade script
# Use logrotate to manage application logfile(s)
ynh_use_logrotate
ynh_use_logrotate --nonappend
#=================================================
# INTEGRATE SERVICE IN YUNOHOST
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
### `yunohost service add` integrates a service in YunoHost. It then gets
### displayed in the admin interface and through the others `yunohost service` commands.
### (N.B.: this line only makes sense if the app adds a service to the system!)
### If you're not using these lines:
### - You can remove these files in conf/.
### - Remove the section "REMOVE SERVICE INTEGRATION IN YUNOHOST" in the remove script
### - As well as the section "INTEGRATE SERVICE IN YUNOHOST" in the restore script
### - And the section "INTEGRATE SERVICE IN YUNOHOST" in the upgrade script
yunohost service add $app --description="A short description of the app" --log="/var/log/$app/$app.log"
### Additional options starting with 3.8:
###
### --needs_exposed_ports "$port" a list of ports that needs to be publicly exposed
### which will then be checked by YunoHost's diagnosis system
### (N.B. DO NOT USE THIS is the port is only internal!!!)
###
### --test_status "some command" a custom command to check the status of the service
### (only relevant if 'systemctl status' doesn't do a good job)
###
### --test_conf "some command" some command similar to "nginx -t" that validates the conf of the service
###
### Re-calling 'yunohost service add' during the upgrade script is the right way
### to proceed if you later realize that you need to enable some flags that
### weren't enabled on old installs (be careful it'll override the existing
### service though so you should re-provide all relevant flags when doing so)
yunohost service add $app --description="Fider Feedback platform" --log="/var/log/$app/$app.log"
#=================================================
# START SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Starting a systemd service..." --weight=1
### `ynh_systemd_action` is used to start a systemd service for an app.
### Only needed if you have configure a systemd service
### If you're not using these lines:
### - Remove the section "STOP SYSTEMD SERVICE" and "START SYSTEMD SERVICE" in the backup script
### - As well as the section "START SYSTEMD SERVICE" in the restore script
### - As well as the section"STOP SYSTEMD SERVICE" and "START SYSTEMD SERVICE" in the upgrade script
### - And the section "STOP SYSTEMD SERVICE" and "START SYSTEMD SERVICE" in the change_url script
# Start a systemd service
ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log"
#=================================================
# SETUP FAIL2BAN
#=================================================
ynh_script_progression --message="Configuring Fail2Ban..." --weight=1
# ynh_script_progression --message="Configuring Fail2Ban..." --weight=1
# Create a dedicated Fail2Ban config
ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login"
# ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login"
#=================================================
# SETUP SSOWAT
@ -385,17 +221,6 @@ then
ynh_permission_update --permission="main" --add="visitors"
fi
### N.B. : the following extra permissions only make sense if your app
### does have for example an admin interface or an API.
# Only the admin can access the admin panel of the app (if the app has an admin panel)
ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin
# Everyone can access the API part
# We don't want to display the tile in the SSO so we put --show_tile="false"
# And we don't want the YunoHost admin to be able to remove visitors group to this permission, so we put --protected="true"
ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --show_tile="false" --protected="true"
#=================================================
# RELOAD NGINX
#=================================================

47
scripts/remove
View file

@ -21,7 +21,6 @@ port=$(ynh_app_setting_get --app=$app --key=port)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user=$db_name
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
#=================================================
# STANDARD REMOVE
@ -53,12 +52,12 @@ ynh_script_progression --message="Removing logrotate configuration..." --weight=
ynh_remove_logrotate
#=================================================
# REMOVE THE MYSQL DATABASE
# REMOVE THE POSTGRESQL DATABASE
#=================================================
ynh_script_progression --message="Removing the MySQL database..." --weight=1
ynh_script_progression --message="Removing the PostgreSQL database..." --weight=1
# Remove a database if it exists, along with the associated user
ynh_mysql_remove_db --db_user=$db_user --db_name=$db_name
ynh_psql_remove_db --db_user=$db_user --db_name=$db_name
#=================================================
# REMOVE APP MAIN DIR
@ -68,17 +67,6 @@ ynh_script_progression --message="Removing app main directory..." --weight=1
# Remove the app directory securely
ynh_secure_remove --file="$final_path"
#=================================================
# REMOVE DATA DIR
#=================================================
# Remove the data directory if --purge option is used
if [ "${YNH_APP_PURGE:-0}" -eq 1 ]
then
ynh_script_progression --message="Removing app data directory..." --weight=1
ynh_secure_remove --file="$datadir"
fi
#=================================================
# REMOVE NGINX CONFIGURATION
#=================================================
@ -87,14 +75,6 @@ ynh_script_progression --message="Removing NGINX web server configuration..." --
# Remove the dedicated NGINX config
ynh_remove_nginx_config
#=================================================
# REMOVE PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Removing PHP-FPM configuration..." --weight=1
# Remove the dedicated PHP-FPM config
ynh_remove_fpm_config
#=================================================
# REMOVE DEPENDENCIES
#=================================================
@ -102,24 +82,15 @@ ynh_script_progression --message="Removing dependencies..." --weight=1
# Remove metapackage and its dependencies
ynh_remove_app_dependencies
#=================================================
# CLOSE A PORT
#=================================================
if yunohost firewall list | grep -q "\- $port$"
then
ynh_script_progression --message="Closing port $port..." --weight=1
ynh_exec_warn_less yunohost firewall disallow TCP $port
fi
ynh_remove_nodejs
#=================================================
# REMOVE FAIL2BAN CONFIGURATION
#=================================================
ynh_script_progression --message="Removing Fail2Ban configuration..." --weight=1
# ynh_script_progression --message="Removing Fail2Ban configuration..." --weight=1
# Remove the dedicated Fail2Ban config
ynh_remove_fail2ban_config
# ynh_remove_fail2ban_config
#=================================================
# SPECIFIC REMOVE
@ -128,12 +99,6 @@ ynh_remove_fail2ban_config
#=================================================
ynh_script_progression --message="Removing various files..." --weight=1
# Remove a cron file
ynh_secure_remove --file="/etc/cron.d/$app"
# Remove a directory securely
ynh_secure_remove --file="/etc/$app"
# Remove the log files
ynh_secure_remove --file="/var/log/$app"

65
scripts/restore
View file

@ -15,7 +15,6 @@ source /usr/share/yunohost/helpers
#=================================================
ynh_clean_setup () {
#### Remove this function if there's nothing to clean before calling the remove script.
true
}
# Exit if an error occurs during the execution of the script
@ -33,7 +32,6 @@ path_url=$(ynh_app_setting_get --app=$app --key=path)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user=$db_name
phpversion=$(ynh_app_setting_get --app=$app --key=phpversion)
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
#=================================================
@ -61,43 +59,20 @@ ynh_script_progression --message="Restoring the app main directory..." --weight=
ynh_restore_file --origin_path="$final_path"
# FIXME: this should be managed by the core in the future
# Here, as a packager, you may have to tweak the ownerhsip/permissions
# such that the appropriate users (e.g. maybe www-data) can access
# files in some cases.
# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder -
# this will be treated as a security issue.
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path"
#=================================================
# RESTORE THE DATA DIRECTORY
#=================================================
ynh_script_progression --message="Restoring the data directory..." --weight=1
ynh_restore_file --origin_path="$datadir" --not_mandatory
mkdir -p $datadir
# FIXME: this should be managed by the core in the future
# Here, as a packager, you may have to tweak the ownerhsip/permissions
# such that the appropriate users (e.g. maybe www-data) can access
# files in some cases.
# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder -
# this will be treated as a security issue.
chmod 750 "$datadir"
chmod -R o-rwx "$datadir"
chown -R $app:www-data "$datadir"
chmod +x "$final_path/run_fider"
#=================================================
# RESTORE FAIL2BAN CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the Fail2Ban configuration..." --weight=1
# ynh_script_progression --message="Restoring the Fail2Ban configuration..." --weight=1
ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf"
ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf"
ynh_systemd_action --action=restart --service_name=fail2ban
# ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf"
# ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf"
# ynh_systemd_action --action=restart --service_name=fail2ban
#=================================================
# SPECIFIC RESTORATION
@ -107,15 +82,9 @@ ynh_systemd_action --action=restart --service_name=fail2ban
ynh_script_progression --message="Reinstalling dependencies..." --weight=1
# Define and install dependencies
_ynh_enable_backports
ynh_install_app_dependencies $pkg_dependencies
#=================================================
# RESTORE THE PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the PHP-FPM configuration..." --time --weight=1
ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
#=================================================
# RESTORE THE NGINX CONFIGURATION
#=================================================
@ -124,22 +93,13 @@ ynh_script_progression --message="Restoring the NGINX web server configuration..
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# RESTORE THE MYSQL DATABASE
# RESTORE THE POSTGRESQL DATABASE
#=================================================
ynh_script_progression --message="Restoring the MySQL database..." --weight=1
ynh_script_progression --message="Restoring the PostgreSQL database..." --weight=1
db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd)
ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd
ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql
#=================================================
# RESTORE VARIOUS FILES
#=================================================
ynh_script_progression --message="Restoring various files..." --weight=1
ynh_restore_file --origin_path="/etc/cron.d/$app"
ynh_restore_file --origin_path="/etc/$app/"
db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd)
ynh_psql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd
ynh_psql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql
#=================================================
# RESTORE SYSTEMD
@ -161,7 +121,7 @@ ynh_restore_file --origin_path="/etc/logrotate.d/$app"
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
yunohost service add $app --description="A short description of the app" --log="/var/log/$app/$app.log"
yunohost service add $app --description="Fider Feedback platform" --log="/var/log/$app/$app.log"
#=================================================
# START SYSTEMD SERVICE
@ -177,7 +137,6 @@ ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$ap
#=================================================
ynh_script_progression --message="Reloading NGINX web server and PHP-FPM..." --weight=1
ynh_systemd_action --service_name=php$phpversion-fpm --action=reload
ynh_systemd_action --service_name=nginx --action=reload
#=================================================

89
scripts/upgrade
View file

@ -18,21 +18,16 @@ app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app=$app --key=path)
language=$(ynh_app_setting_get --app=$app --key=language)
admin=$(ynh_app_setting_get --app=$app --key=admin)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
secret=$(ynh_app_setting_get --app=$app --key=secret)
port=$(ynh_app_setting_get --app=$app --key=port)
#=================================================
# CHECK VERSION
#=================================================
### This helper will compare the version of the currently installed app and the version of the upstream package.
### $upgrade_type can have 2 different values
### - UPGRADE_APP if the upstream app version has changed
### - UPGRADE_PACKAGE if only the YunoHost package has changed
### ynh_check_app_version_changed will stop the upgrade if the app is up to date.
### UPGRADE_APP should be used to upgrade the core app only if there's an upgrade to do.
upgrade_type=$(ynh_check_app_version_changed)
#=================================================
@ -63,44 +58,6 @@ ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app
#=================================================
ynh_script_progression --message="Ensuring downward compatibility..." --weight=1
#
# N.B. : the followings setting migrations snippets are provided as *EXAMPLES*
# of what you may want to do in some cases (e.g. a setting was not defined on
# some legacy installs and you therefore want to initiaze stuff during upgrade)
#
# If db_name doesn't exist, create it
#if [ -z "$db_name" ]; then
# db_name=$(ynh_sanitize_dbid --db_name=$app)
# ynh_app_setting_set --app=$app --key=db_name --value=$db_name
#fi
# If final_path doesn't exist, create it
#if [ -z "$final_path" ]; then
# final_path=/var/www/$app
# ynh_app_setting_set --app=$app --key=final_path --value=$final_path
#fi
### If nobody installed your app before 4.1,
### then you may safely remove these lines
# Cleaning legacy permissions
if ynh_legacy_permissions_exists; then
ynh_legacy_permissions_delete_all
ynh_app_setting_delete --app=$app --key=is_public
fi
if ! ynh_permission_exists --permission="admin"; then
# Create the required permissions
ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin
fi
# Create a permission if needed
if ! ynh_permission_exists --permission="api"; then
ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --show_tile="false" --protected="true"
fi
#=================================================
# CREATE DEDICATED USER
#=================================================
@ -138,14 +95,6 @@ ynh_script_progression --message="Upgrading dependencies..." --weight=1
ynh_install_app_dependencies $pkg_dependencies
#=================================================
# PHP-FPM CONFIGURATION
#=================================================
ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=1
# Create a dedicated PHP-FPM config
ynh_add_fpm_config
#=================================================
# NGINX CONFIGURATION
#=================================================
@ -156,34 +105,14 @@ ynh_add_nginx_config
#=================================================
# SPECIFIC UPGRADE
#=================================================
# ...
#=================================================
#=================================================
# UPDATE A CONFIG FILE
#=================================================
ynh_script_progression --message="Updating a configuration file..." --weight=1
ynh_script_progression --message="Updating the configuration file..." --weight=1
### Same as during install
###
### The file will automatically be backed-up if it's found to be manually modified (because
### ynh_add_config keeps track of the file's checksum)
ynh_add_config --template="some_config_file" --destination="$final_path/some_config_file"
# FIXME: this should be handled by the core in the future
# You may need to use chmod 600 instead of 400,
# for example if the app is expected to be able to modify its own config
chmod 400 "$final_path/some_config_file"
chown $app:$app "$final_path/some_config_file"
### For more complex cases where you want to replace stuff using regexes,
### you shoud rely on ynh_replace_string (which is basically a wrapper for sed)
### When doing so, you also need to manually call ynh_store_file_checksum
###
### ynh_replace_string --match_string="match_string" --replace_string="replace_string" --target_file="$final_path/some_config_file"
### ynh_store_file_checksum --file="$final_path/some_config_file"
ynh_add_config --template="run_fider" --destination="$final_path/run_fider"
chown $app:www-data "$final_path/run_fider"
chmod 744 "$final_path/run_fider"
#=================================================
# SETUP SYSTEMD
@ -208,7 +137,7 @@ ynh_use_logrotate --non-append
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
yunohost service add $app --description="A short description of the app" --log="/var/log/$app/$app.log"
yunohost service add $app --description="Fider Feedback platform" --log="/var/log/$app/$app.log"
#=================================================
# START SYSTEMD SERVICE
@ -220,10 +149,10 @@ ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$ap
#=================================================
# UPGRADE FAIL2BAN
#=================================================
ynh_script_progression --message="Reconfiguring Fail2Ban..." --weight=1
# ynh_script_progression --message="Reconfiguring Fail2Ban..." --weight=1
# Create a dedicated Fail2Ban config
ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login"
# ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-error.log" --failregex="Regex to match into the log for a failed login"
#=================================================
# RELOAD NGINX