From 8521aca43371fec84dd66d7f8b50fa7150dacf98 Mon Sep 17 00:00:00 2001 From: Chris Vogel Date: Mon, 22 Apr 2024 13:13:50 +0200 Subject: [PATCH 01/16] increment ynh version to test upgrades --- manifest.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifest.toml b/manifest.toml index 77e74b2..05d52c0 100644 --- a/manifest.toml +++ b/manifest.toml @@ -6,7 +6,7 @@ id = "flohmarkt" name = "flohmarkt" description.en = "A decentral federated small ads platform" -version = "0.0~ynh1" +version = "0.0~ynh2" maintainers = ["Chris Vogel"] From 2efa2305df81fafaba66eba48b0fc56d155337b2 Mon Sep 17 00:00:00 2001 From: Chris Vogel Date: Mon, 22 Apr 2024 14:37:16 +0200 Subject: [PATCH 02/16] 1st try --- scripts/upgrade | 142 ++++++++++++++++++++++++++---------------------- 1 file changed, 78 insertions(+), 64 deletions(-) diff --git a/scripts/upgrade b/scripts/upgrade index 7c5f1a6..8704a76 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -1,90 +1,104 @@ #!/bin/bash -#================================================= -# GENERIC START -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - source _common.sh source /usr/share/yunohost/helpers +# UPGRADE_PACKAGE if only the YunoHost package has changed +# UPGRADE_APP if the upstream app version has changed +# DOWNGRADE +# UPGRADE_SAME upgrade_type=$(ynh_check_app_version_changed) -#================================================= -# NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=2 +ynh_script_progression --message="Stopping flohmarkt and CouchDB..." --weight=5 +# stop flohmarkt +ynh_systemd_action --service_name=$app --action="stop" +# stop couchdb +ynh_systemd_action --service_name=couchdb --action="stop" -# Create a dedicated NGINX config -ynh_add_nginx_config +# upgrade couchdb +ynh_script_progression --message="Upgrading CouchDB..." --weight=50 +echo "\ +couchdb couchdb/mode select standalone +couchdb couchdb/mode seen true +couchdb couchdb/bindaddress string 127.0.0.1 +couchdb couchdb/bindaddress seen true +couchdb couchdb/cookie string $password +couchdb couchdb/adminpass password $password +couchdb couchdb/adminpass seen true +couchdb couchdb/adminpass_again password $password +couchdb couchdb/adminpass_again seen true" | debconf-set-selections +DEBIAN_FRONTEND=noninteractive # apt-get install -y --force-yes couchdb +ynh_install_extra_app_dependencies \ + --repo="deb https://apache.jfrog.io/artifactory/couchdb-deb/ $(lsb_release -c -s) main" \ + --key="https://couchdb.apache.org/repo/keys.asc" \ + --package="couchdb" -#================================================= -# SPECIFIC UPGRADE -#================================================= -# UPGRADING COUCHDB -#================================================= +# upgrade couchdb config +ynh_script_progression --message="Updating couchdb configuration file..." --weight=1 +ynh_add_config --template="../conf/05-flohmarkt.ini" --destination="/opt/couchdb/etc/local.d/05-flohmarkt.ini" +chown root:couchdb /opt/couchdb/etc/local.d/05-flohmarkt.ini +chmod 640 /opt/couchdb/etc/local.d/05-flohmarkt.ini -if [ "$upgrade_type" == "UPGRADE_APP" ] -then - ynh_script_progression --message="Upgrading CouchDB..." --weight=50 +# start couchdb to pick up changes +ynh_script_progression --message="Starting couchdb..." --weight=1 +ynh_systemd_action --service_name=couchdb --action="start" +systemctl status couchdb - echo "\ - couchdb couchdb/mode select standalone - couchdb couchdb/mode seen true - couchdb couchdb/bindaddress string 127.0.0.1 - couchdb couchdb/bindaddress seen true - couchdb couchdb/cookie string $password - couchdb couchdb/adminpass password $password - couchdb couchdb/adminpass seen true - couchdb couchdb/adminpass_again password $password - couchdb couchdb/adminpass_again seen true" | debconf-set-selections - DEBIAN_FRONTEND=noninteractive # apt-get install -y --force-yes couchdb +# install upgrade for flohmarkt +ynh_script_progression --message="Upgrading flohmarkt..." --weight=4 +ynh_setup_source --dest_dir="$install_dir/$app/" - ynh_install_extra_app_dependencies \ - --repo="deb https://apache.jfrog.io/artifactory/couchdb-deb/ $(lsb_release -c -s) main" \ - --key="https://couchdb.apache.org/repo/keys.asc" \ - --package="couchdb" -fi +ynh_script_progression --message="Upgrading flohmarkt python dependencies..." --weight=5 +# upgrade python environment / install new dependencies +( + set +o nounset + source "$install_dir/venv/bin/activate" + set -o nounset + set -x + $install_dir/venv/bin/python3 -m ensurepip + $install_dir/venv/bin/pip3 install -r "$install_dir/$app/requirements.txt" +) -#================================================= -# UPDATE A CONFIG FILE -#================================================= -ynh_script_progression --message="Updating a configuration file..." --weight=1 +# upgrade flohmarkt.conf +ynh_script_progression --message="Upgrading flohmarkt configuration..." --weight=1 +ynh_add_config --template="../conf/flohmarkt.conf" --destination="$install_dir/$app/flohmarkt.conf" -ynh_add_config --template="../conf/05-flohmarkt.ini" --destination="$install_dir/etc/local.d/05-flohmarkt.ini" +ynh_script_progression --message="Upgrading flohmarkt couchdb..." --weight=10 +# run initialize_couchdb.py +( + set +o nounset + source "$install_dir/venv/bin/activate" + set -o nounset + cd "$install_dir/$app" + # initialize_couchdb seems to re-try on connect problems endlessly blocking the yunohost api + # give it 45 seconds to finish and then fail + # https://codeberg.org/ChriChri/flohmarkt_ynh/issues/13 + timeout 45 python3 initialize_couchdb.py $password_couchdb_admin $password_couchdb_flohmarkt +) -chmod 750 "$install_dir" -chmod -R o-rwx "$install_dir" -chown -R "$app:$app" "$install_dir" +# systemd service upgrade +ynh_script_progression --message="Upgrading flohmarkt systemd service..." --weight=1 +ynh_add_systemd_config +# INTEGRATE SERVICE IN YUNOHOST +ynh_script_progression --message="Integrating service in YunoHost..." --weight=2 +yunohost service add $app --description="A decentral federated small advertisement platform" --log="/var/log/$app/$app.log" -#================================================= -# GENERIC FINALIZATION -#================================================= -# SETUP LOGROTATE -#================================================= +# upgrade logrotate ynh_script_progression --message="Upgrading logrotate configuration..." --weight=1 - # Use logrotate to manage app-specific logfile(s) ynh_use_logrotate --non-append -#================================================= -# INTEGRATE SERVICE IN YUNOHOST -#================================================= -ynh_script_progression --message="Integrating service in YunoHost..." --weight=2 +# upgrade nginx configuration +ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=2 +ynh_add_nginx_config -yunohost service add $app --description="A decentral federated small advertisement platform" --log="/var/log/$app/$app.log" - -#================================================= # UPGRADE FAIL2BAN -#================================================= -ynh_script_progression --message="Reconfiguring Fail2Ban..." --weight=3 - +# ynh_script_progression --message="Reconfiguring Fail2Ban..." --weight=3 # Create a dedicated Fail2Ban config -ynh_add_fail2ban_config --logpath="/var/log/couchdb/couchdb.log" --failregex="[warning] .*couch_httpd_auth: Authentication failed for user .+ from " --max_retry=5 +# ynh_add_fail2ban_config --logpath="/var/log/couchdb/couchdb.log" --failregex="[warning] .*couch_httpd_auth: Authentication failed for user .+ from " --max_retry=5 -#================================================= -# END OF SCRIPT -#================================================= +# start flohmarkt +ynh_script_progression --message="Starting flohmarkt..." --weight=3 +ynh_systemd_action --service_name=$app --action="start" --line_match="INFO: Application startup complete." ynh_script_progression --message="Upgrade of $app completed" --last From 4f76489f8467ccf0768e6d6b62f02de3ab35a9ab Mon Sep 17 00:00:00 2001 From: Chris Vogel Date: Mon, 22 Apr 2024 14:37:31 +0200 Subject: [PATCH 03/16] removed some comments --- scripts/install | 8 -------- 1 file changed, 8 deletions(-) diff --git a/scripts/install b/scripts/install index 4c133d3..383a571 100755 --- a/scripts/install +++ b/scripts/install @@ -57,11 +57,6 @@ chmod 640 /opt/couchdb/etc/local.d/05-flohmarkt.ini systemctl restart couchdb systemctl status couchdb -# INTEGRATE SERVICE IN YUNOHOST -# would this work? couchdb brings its own systemd.service... -# ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 -# yunohost service add $app --description="war mal couchdb" --log="/var/log/$app/$app.log" - # get flohmarkt ynh_setup_source --dest_dir="$install_dir/$app/" @@ -103,7 +98,6 @@ ynh_add_config --template="../conf/flohmarkt.conf" --destination="$install_dir/$ # SETUP LOGROTATE ynh_script_progression --message="Configuring log rotation..." --weight=2 # Use logrotate to manage application logfile(s) -# @@ how does this know where the logfiles are? ynh_use_logrotate # NGINX CONFIGURATION @@ -128,6 +122,4 @@ ynh_systemd_action --service_name=$app --action="start" # # Create a dedicated Fail2Ban config # ynh_add_fail2ban_config --logpath="/var/log/couchdb/couchdb.log" --failregex="[warning] .*couch_httpd_auth: Authentication failed for user .+ from " --max_retry=5 -# @@ logrotation - ynh_script_progression --message="Installation of $app completed" --last From 3b5f1155a367518feb203de7bbfe17eb88673f52 Mon Sep 17 00:00:00 2001 From: Chris Vogel Date: Mon, 22 Apr 2024 14:41:31 +0200 Subject: [PATCH 04/16] upgrade flohmarkt code --- manifest.toml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifest.toml b/manifest.toml index 05d52c0..b3424ff 100644 --- a/manifest.toml +++ b/manifest.toml @@ -109,8 +109,8 @@ ram.runtime = "100M" # This will pre-fetch the asset which can then be deployed during the install/upgrade scripts with : # ynh_setup_source --dest_dir="$install_dir" # You can also define other assets than "main" and add --source_id="foobar" in the previous command - url = "https://codeberg.org/flohmarkt/flohmarkt/archive/490a748cc3a6698c8a6400df3fa9cfdcf4fd76da.tar.gz" - sha256 = "45d40fb96c9997502755939d0ba6bac9df39d3ca30d271be01b69202b88839fb" + url = "https://codeberg.org/flohmarkt/flohmarkt/archive/0edd928adb76d72ecad2f768f25a8cc89f0c2eb1.tar.gz" + sha256 = "68978e04077d12c54f1b574c6da11c368c9da37f453e6768520deac88ea21855" # These infos are used by https://github.com/YunoHost/apps/blob/master/tools/autoupdate_app_sources/autoupdate_app_sources.py # to auto-update the previous asset urls and sha256sum + manifest version From 8d90b0d941550186f49d61227cb418313c982387 Mon Sep 17 00:00:00 2001 From: Chris Vogel Date: Mon, 22 Apr 2024 15:02:30 +0200 Subject: [PATCH 05/16] backup everything MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit …until there'll be complains. --- scripts/backup | 13 +++++++++++-- scripts/install | 1 + scripts/upgrade | 6 +++--- 3 files changed, 15 insertions(+), 5 deletions(-) diff --git a/scripts/backup b/scripts/backup index 8435f48..4f6f509 100755 --- a/scripts/backup +++ b/scripts/backup @@ -18,8 +18,17 @@ ynh_print_info --message="Stopping flohmarkt and couchdb to backup data..." yunohost service stop flohmarkt systemctl stop couchdb -ynh_backup --src_path="$data_dir" --is_big -ynh_backup --src_path="/var/lib/couchdb" --is_big +# since this might be re-installed as a dependency during 'remove' and +# 'install' anew (like after a failed upgrade) we do not want to use +# --is_big even thought the directories might be big because: +# "don't want that your package does backup that part during ynh_backup_before_upgrade" +# https://yunohost.org/en/packaging_apps_scripts_helpers#ynh-backup +# +# if this becomes a pain we'll need to stop deleting this directories on 'remove' +# ynh_backup --src_path="$data_dir" --is_big +# ynh_backup --src_path="/var/lib/couchdb" --is_big +ynh_backup --src_path="$data_dir" +ynh_backup --src_path="/var/lib/couchdb" ynh_print_info --message="...done. Starting couchdb and flohmarkt." systemctl start couchdb diff --git a/scripts/install b/scripts/install index 383a571..74f40f2 100755 --- a/scripts/install +++ b/scripts/install @@ -76,6 +76,7 @@ python3 -m venv --without-pip "$install_dir/venv" # JwtSecret jwtsecret=$(ynh_string_random --length=344 --filter='a-zA-Z0-9/+') +ynh_app_setting_set --app=$app --key=jwtsecret --value="$jwtsecret" password_couchdb_flohmarkt=$(ynh_string_random --length=31 --filter='A-Za-z0-9_.:,') ynh_app_setting_set --app=$app --key=password_couchdb_flohmarkt --value="$password_couchdb_flohmarkt" diff --git a/scripts/upgrade b/scripts/upgrade index 8704a76..33362ef 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -22,10 +22,10 @@ couchdb couchdb/mode select standalone couchdb couchdb/mode seen true couchdb couchdb/bindaddress string 127.0.0.1 couchdb couchdb/bindaddress seen true -couchdb couchdb/cookie string $password -couchdb couchdb/adminpass password $password +couchdb couchdb/cookie string $couchdb_magic_cookie +couchdb couchdb/adminpass password $password_couchdb_admin couchdb couchdb/adminpass seen true -couchdb couchdb/adminpass_again password $password +couchdb couchdb/adminpass_again password $password_couchdb_admin couchdb couchdb/adminpass_again seen true" | debconf-set-selections DEBIAN_FRONTEND=noninteractive # apt-get install -y --force-yes couchdb ynh_install_extra_app_dependencies \ From 820e3f18603cb8a6ad5a800d2e09ac1407df510a Mon Sep 17 00:00:00 2001 From: Chris Vogel Date: Mon, 22 Apr 2024 13:13:50 +0200 Subject: [PATCH 06/16] increment ynh version to test upgrades --- manifest.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifest.toml b/manifest.toml index 77e74b2..05d52c0 100644 --- a/manifest.toml +++ b/manifest.toml @@ -6,7 +6,7 @@ id = "flohmarkt" name = "flohmarkt" description.en = "A decentral federated small ads platform" -version = "0.0~ynh1" +version = "0.0~ynh2" maintainers = ["Chris Vogel"] From b94bdd925d6281d50aa75236b2334fc3a7853b3a Mon Sep 17 00:00:00 2001 From: Chris Vogel Date: Mon, 22 Apr 2024 14:37:16 +0200 Subject: [PATCH 07/16] 1st try --- scripts/upgrade | 142 ++++++++++++++++++++++++++---------------------- 1 file changed, 78 insertions(+), 64 deletions(-) diff --git a/scripts/upgrade b/scripts/upgrade index 7c5f1a6..8704a76 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -1,90 +1,104 @@ #!/bin/bash -#================================================= -# GENERIC START -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - source _common.sh source /usr/share/yunohost/helpers +# UPGRADE_PACKAGE if only the YunoHost package has changed +# UPGRADE_APP if the upstream app version has changed +# DOWNGRADE +# UPGRADE_SAME upgrade_type=$(ynh_check_app_version_changed) -#================================================= -# NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=2 +ynh_script_progression --message="Stopping flohmarkt and CouchDB..." --weight=5 +# stop flohmarkt +ynh_systemd_action --service_name=$app --action="stop" +# stop couchdb +ynh_systemd_action --service_name=couchdb --action="stop" -# Create a dedicated NGINX config -ynh_add_nginx_config +# upgrade couchdb +ynh_script_progression --message="Upgrading CouchDB..." --weight=50 +echo "\ +couchdb couchdb/mode select standalone +couchdb couchdb/mode seen true +couchdb couchdb/bindaddress string 127.0.0.1 +couchdb couchdb/bindaddress seen true +couchdb couchdb/cookie string $password +couchdb couchdb/adminpass password $password +couchdb couchdb/adminpass seen true +couchdb couchdb/adminpass_again password $password +couchdb couchdb/adminpass_again seen true" | debconf-set-selections +DEBIAN_FRONTEND=noninteractive # apt-get install -y --force-yes couchdb +ynh_install_extra_app_dependencies \ + --repo="deb https://apache.jfrog.io/artifactory/couchdb-deb/ $(lsb_release -c -s) main" \ + --key="https://couchdb.apache.org/repo/keys.asc" \ + --package="couchdb" -#================================================= -# SPECIFIC UPGRADE -#================================================= -# UPGRADING COUCHDB -#================================================= +# upgrade couchdb config +ynh_script_progression --message="Updating couchdb configuration file..." --weight=1 +ynh_add_config --template="../conf/05-flohmarkt.ini" --destination="/opt/couchdb/etc/local.d/05-flohmarkt.ini" +chown root:couchdb /opt/couchdb/etc/local.d/05-flohmarkt.ini +chmod 640 /opt/couchdb/etc/local.d/05-flohmarkt.ini -if [ "$upgrade_type" == "UPGRADE_APP" ] -then - ynh_script_progression --message="Upgrading CouchDB..." --weight=50 +# start couchdb to pick up changes +ynh_script_progression --message="Starting couchdb..." --weight=1 +ynh_systemd_action --service_name=couchdb --action="start" +systemctl status couchdb - echo "\ - couchdb couchdb/mode select standalone - couchdb couchdb/mode seen true - couchdb couchdb/bindaddress string 127.0.0.1 - couchdb couchdb/bindaddress seen true - couchdb couchdb/cookie string $password - couchdb couchdb/adminpass password $password - couchdb couchdb/adminpass seen true - couchdb couchdb/adminpass_again password $password - couchdb couchdb/adminpass_again seen true" | debconf-set-selections - DEBIAN_FRONTEND=noninteractive # apt-get install -y --force-yes couchdb +# install upgrade for flohmarkt +ynh_script_progression --message="Upgrading flohmarkt..." --weight=4 +ynh_setup_source --dest_dir="$install_dir/$app/" - ynh_install_extra_app_dependencies \ - --repo="deb https://apache.jfrog.io/artifactory/couchdb-deb/ $(lsb_release -c -s) main" \ - --key="https://couchdb.apache.org/repo/keys.asc" \ - --package="couchdb" -fi +ynh_script_progression --message="Upgrading flohmarkt python dependencies..." --weight=5 +# upgrade python environment / install new dependencies +( + set +o nounset + source "$install_dir/venv/bin/activate" + set -o nounset + set -x + $install_dir/venv/bin/python3 -m ensurepip + $install_dir/venv/bin/pip3 install -r "$install_dir/$app/requirements.txt" +) -#================================================= -# UPDATE A CONFIG FILE -#================================================= -ynh_script_progression --message="Updating a configuration file..." --weight=1 +# upgrade flohmarkt.conf +ynh_script_progression --message="Upgrading flohmarkt configuration..." --weight=1 +ynh_add_config --template="../conf/flohmarkt.conf" --destination="$install_dir/$app/flohmarkt.conf" -ynh_add_config --template="../conf/05-flohmarkt.ini" --destination="$install_dir/etc/local.d/05-flohmarkt.ini" +ynh_script_progression --message="Upgrading flohmarkt couchdb..." --weight=10 +# run initialize_couchdb.py +( + set +o nounset + source "$install_dir/venv/bin/activate" + set -o nounset + cd "$install_dir/$app" + # initialize_couchdb seems to re-try on connect problems endlessly blocking the yunohost api + # give it 45 seconds to finish and then fail + # https://codeberg.org/ChriChri/flohmarkt_ynh/issues/13 + timeout 45 python3 initialize_couchdb.py $password_couchdb_admin $password_couchdb_flohmarkt +) -chmod 750 "$install_dir" -chmod -R o-rwx "$install_dir" -chown -R "$app:$app" "$install_dir" +# systemd service upgrade +ynh_script_progression --message="Upgrading flohmarkt systemd service..." --weight=1 +ynh_add_systemd_config +# INTEGRATE SERVICE IN YUNOHOST +ynh_script_progression --message="Integrating service in YunoHost..." --weight=2 +yunohost service add $app --description="A decentral federated small advertisement platform" --log="/var/log/$app/$app.log" -#================================================= -# GENERIC FINALIZATION -#================================================= -# SETUP LOGROTATE -#================================================= +# upgrade logrotate ynh_script_progression --message="Upgrading logrotate configuration..." --weight=1 - # Use logrotate to manage app-specific logfile(s) ynh_use_logrotate --non-append -#================================================= -# INTEGRATE SERVICE IN YUNOHOST -#================================================= -ynh_script_progression --message="Integrating service in YunoHost..." --weight=2 +# upgrade nginx configuration +ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=2 +ynh_add_nginx_config -yunohost service add $app --description="A decentral federated small advertisement platform" --log="/var/log/$app/$app.log" - -#================================================= # UPGRADE FAIL2BAN -#================================================= -ynh_script_progression --message="Reconfiguring Fail2Ban..." --weight=3 - +# ynh_script_progression --message="Reconfiguring Fail2Ban..." --weight=3 # Create a dedicated Fail2Ban config -ynh_add_fail2ban_config --logpath="/var/log/couchdb/couchdb.log" --failregex="[warning] .*couch_httpd_auth: Authentication failed for user .+ from " --max_retry=5 +# ynh_add_fail2ban_config --logpath="/var/log/couchdb/couchdb.log" --failregex="[warning] .*couch_httpd_auth: Authentication failed for user .+ from " --max_retry=5 -#================================================= -# END OF SCRIPT -#================================================= +# start flohmarkt +ynh_script_progression --message="Starting flohmarkt..." --weight=3 +ynh_systemd_action --service_name=$app --action="start" --line_match="INFO: Application startup complete." ynh_script_progression --message="Upgrade of $app completed" --last From 97f2c4301c44d8be24838fd06db07519896a6c14 Mon Sep 17 00:00:00 2001 From: Chris Vogel Date: Mon, 22 Apr 2024 14:37:31 +0200 Subject: [PATCH 08/16] removed some comments --- scripts/install | 8 -------- 1 file changed, 8 deletions(-) diff --git a/scripts/install b/scripts/install index 4c133d3..383a571 100755 --- a/scripts/install +++ b/scripts/install @@ -57,11 +57,6 @@ chmod 640 /opt/couchdb/etc/local.d/05-flohmarkt.ini systemctl restart couchdb systemctl status couchdb -# INTEGRATE SERVICE IN YUNOHOST -# would this work? couchdb brings its own systemd.service... -# ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 -# yunohost service add $app --description="war mal couchdb" --log="/var/log/$app/$app.log" - # get flohmarkt ynh_setup_source --dest_dir="$install_dir/$app/" @@ -103,7 +98,6 @@ ynh_add_config --template="../conf/flohmarkt.conf" --destination="$install_dir/$ # SETUP LOGROTATE ynh_script_progression --message="Configuring log rotation..." --weight=2 # Use logrotate to manage application logfile(s) -# @@ how does this know where the logfiles are? ynh_use_logrotate # NGINX CONFIGURATION @@ -128,6 +122,4 @@ ynh_systemd_action --service_name=$app --action="start" # # Create a dedicated Fail2Ban config # ynh_add_fail2ban_config --logpath="/var/log/couchdb/couchdb.log" --failregex="[warning] .*couch_httpd_auth: Authentication failed for user .+ from " --max_retry=5 -# @@ logrotation - ynh_script_progression --message="Installation of $app completed" --last From 61b1cf90cbb1ada9163a134d8dc2e25fb1f79261 Mon Sep 17 00:00:00 2001 From: Chris Vogel Date: Mon, 22 Apr 2024 14:41:31 +0200 Subject: [PATCH 09/16] upgrade flohmarkt code --- manifest.toml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifest.toml b/manifest.toml index 05d52c0..b3424ff 100644 --- a/manifest.toml +++ b/manifest.toml @@ -109,8 +109,8 @@ ram.runtime = "100M" # This will pre-fetch the asset which can then be deployed during the install/upgrade scripts with : # ynh_setup_source --dest_dir="$install_dir" # You can also define other assets than "main" and add --source_id="foobar" in the previous command - url = "https://codeberg.org/flohmarkt/flohmarkt/archive/490a748cc3a6698c8a6400df3fa9cfdcf4fd76da.tar.gz" - sha256 = "45d40fb96c9997502755939d0ba6bac9df39d3ca30d271be01b69202b88839fb" + url = "https://codeberg.org/flohmarkt/flohmarkt/archive/0edd928adb76d72ecad2f768f25a8cc89f0c2eb1.tar.gz" + sha256 = "68978e04077d12c54f1b574c6da11c368c9da37f453e6768520deac88ea21855" # These infos are used by https://github.com/YunoHost/apps/blob/master/tools/autoupdate_app_sources/autoupdate_app_sources.py # to auto-update the previous asset urls and sha256sum + manifest version From 6259d0b2dd687caa85cdf55e9efdd6076b02725b Mon Sep 17 00:00:00 2001 From: Chris Vogel Date: Mon, 22 Apr 2024 15:02:30 +0200 Subject: [PATCH 10/16] backup everything MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit …until there'll be complains. --- scripts/install | 1 + scripts/upgrade | 6 +++--- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/scripts/install b/scripts/install index 383a571..74f40f2 100755 --- a/scripts/install +++ b/scripts/install @@ -76,6 +76,7 @@ python3 -m venv --without-pip "$install_dir/venv" # JwtSecret jwtsecret=$(ynh_string_random --length=344 --filter='a-zA-Z0-9/+') +ynh_app_setting_set --app=$app --key=jwtsecret --value="$jwtsecret" password_couchdb_flohmarkt=$(ynh_string_random --length=31 --filter='A-Za-z0-9_.:,') ynh_app_setting_set --app=$app --key=password_couchdb_flohmarkt --value="$password_couchdb_flohmarkt" diff --git a/scripts/upgrade b/scripts/upgrade index 8704a76..33362ef 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -22,10 +22,10 @@ couchdb couchdb/mode select standalone couchdb couchdb/mode seen true couchdb couchdb/bindaddress string 127.0.0.1 couchdb couchdb/bindaddress seen true -couchdb couchdb/cookie string $password -couchdb couchdb/adminpass password $password +couchdb couchdb/cookie string $couchdb_magic_cookie +couchdb couchdb/adminpass password $password_couchdb_admin couchdb couchdb/adminpass seen true -couchdb couchdb/adminpass_again password $password +couchdb couchdb/adminpass_again password $password_couchdb_admin couchdb couchdb/adminpass_again seen true" | debconf-set-selections DEBIAN_FRONTEND=noninteractive # apt-get install -y --force-yes couchdb ynh_install_extra_app_dependencies \ From 145ed33930a3b50b46bc64bf6dc8d7147a0c2f0c Mon Sep 17 00:00:00 2001 From: Chris Vogel Date: Mon, 22 Apr 2024 13:13:50 +0200 Subject: [PATCH 11/16] increment ynh version to test upgrades --- manifest.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifest.toml b/manifest.toml index 77e74b2..05d52c0 100644 --- a/manifest.toml +++ b/manifest.toml @@ -6,7 +6,7 @@ id = "flohmarkt" name = "flohmarkt" description.en = "A decentral federated small ads platform" -version = "0.0~ynh1" +version = "0.0~ynh2" maintainers = ["Chris Vogel"] From 824ead433d7c7512b2a451cf46d27831f14739b7 Mon Sep 17 00:00:00 2001 From: Chris Vogel Date: Mon, 22 Apr 2024 14:37:16 +0200 Subject: [PATCH 12/16] 1st try --- scripts/upgrade | 142 ++++++++++++++++++++++++++---------------------- 1 file changed, 78 insertions(+), 64 deletions(-) diff --git a/scripts/upgrade b/scripts/upgrade index 7c5f1a6..8704a76 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -1,90 +1,104 @@ #!/bin/bash -#================================================= -# GENERIC START -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - source _common.sh source /usr/share/yunohost/helpers +# UPGRADE_PACKAGE if only the YunoHost package has changed +# UPGRADE_APP if the upstream app version has changed +# DOWNGRADE +# UPGRADE_SAME upgrade_type=$(ynh_check_app_version_changed) -#================================================= -# NGINX CONFIGURATION -#================================================= -ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=2 +ynh_script_progression --message="Stopping flohmarkt and CouchDB..." --weight=5 +# stop flohmarkt +ynh_systemd_action --service_name=$app --action="stop" +# stop couchdb +ynh_systemd_action --service_name=couchdb --action="stop" -# Create a dedicated NGINX config -ynh_add_nginx_config +# upgrade couchdb +ynh_script_progression --message="Upgrading CouchDB..." --weight=50 +echo "\ +couchdb couchdb/mode select standalone +couchdb couchdb/mode seen true +couchdb couchdb/bindaddress string 127.0.0.1 +couchdb couchdb/bindaddress seen true +couchdb couchdb/cookie string $password +couchdb couchdb/adminpass password $password +couchdb couchdb/adminpass seen true +couchdb couchdb/adminpass_again password $password +couchdb couchdb/adminpass_again seen true" | debconf-set-selections +DEBIAN_FRONTEND=noninteractive # apt-get install -y --force-yes couchdb +ynh_install_extra_app_dependencies \ + --repo="deb https://apache.jfrog.io/artifactory/couchdb-deb/ $(lsb_release -c -s) main" \ + --key="https://couchdb.apache.org/repo/keys.asc" \ + --package="couchdb" -#================================================= -# SPECIFIC UPGRADE -#================================================= -# UPGRADING COUCHDB -#================================================= +# upgrade couchdb config +ynh_script_progression --message="Updating couchdb configuration file..." --weight=1 +ynh_add_config --template="../conf/05-flohmarkt.ini" --destination="/opt/couchdb/etc/local.d/05-flohmarkt.ini" +chown root:couchdb /opt/couchdb/etc/local.d/05-flohmarkt.ini +chmod 640 /opt/couchdb/etc/local.d/05-flohmarkt.ini -if [ "$upgrade_type" == "UPGRADE_APP" ] -then - ynh_script_progression --message="Upgrading CouchDB..." --weight=50 +# start couchdb to pick up changes +ynh_script_progression --message="Starting couchdb..." --weight=1 +ynh_systemd_action --service_name=couchdb --action="start" +systemctl status couchdb - echo "\ - couchdb couchdb/mode select standalone - couchdb couchdb/mode seen true - couchdb couchdb/bindaddress string 127.0.0.1 - couchdb couchdb/bindaddress seen true - couchdb couchdb/cookie string $password - couchdb couchdb/adminpass password $password - couchdb couchdb/adminpass seen true - couchdb couchdb/adminpass_again password $password - couchdb couchdb/adminpass_again seen true" | debconf-set-selections - DEBIAN_FRONTEND=noninteractive # apt-get install -y --force-yes couchdb +# install upgrade for flohmarkt +ynh_script_progression --message="Upgrading flohmarkt..." --weight=4 +ynh_setup_source --dest_dir="$install_dir/$app/" - ynh_install_extra_app_dependencies \ - --repo="deb https://apache.jfrog.io/artifactory/couchdb-deb/ $(lsb_release -c -s) main" \ - --key="https://couchdb.apache.org/repo/keys.asc" \ - --package="couchdb" -fi +ynh_script_progression --message="Upgrading flohmarkt python dependencies..." --weight=5 +# upgrade python environment / install new dependencies +( + set +o nounset + source "$install_dir/venv/bin/activate" + set -o nounset + set -x + $install_dir/venv/bin/python3 -m ensurepip + $install_dir/venv/bin/pip3 install -r "$install_dir/$app/requirements.txt" +) -#================================================= -# UPDATE A CONFIG FILE -#================================================= -ynh_script_progression --message="Updating a configuration file..." --weight=1 +# upgrade flohmarkt.conf +ynh_script_progression --message="Upgrading flohmarkt configuration..." --weight=1 +ynh_add_config --template="../conf/flohmarkt.conf" --destination="$install_dir/$app/flohmarkt.conf" -ynh_add_config --template="../conf/05-flohmarkt.ini" --destination="$install_dir/etc/local.d/05-flohmarkt.ini" +ynh_script_progression --message="Upgrading flohmarkt couchdb..." --weight=10 +# run initialize_couchdb.py +( + set +o nounset + source "$install_dir/venv/bin/activate" + set -o nounset + cd "$install_dir/$app" + # initialize_couchdb seems to re-try on connect problems endlessly blocking the yunohost api + # give it 45 seconds to finish and then fail + # https://codeberg.org/ChriChri/flohmarkt_ynh/issues/13 + timeout 45 python3 initialize_couchdb.py $password_couchdb_admin $password_couchdb_flohmarkt +) -chmod 750 "$install_dir" -chmod -R o-rwx "$install_dir" -chown -R "$app:$app" "$install_dir" +# systemd service upgrade +ynh_script_progression --message="Upgrading flohmarkt systemd service..." --weight=1 +ynh_add_systemd_config +# INTEGRATE SERVICE IN YUNOHOST +ynh_script_progression --message="Integrating service in YunoHost..." --weight=2 +yunohost service add $app --description="A decentral federated small advertisement platform" --log="/var/log/$app/$app.log" -#================================================= -# GENERIC FINALIZATION -#================================================= -# SETUP LOGROTATE -#================================================= +# upgrade logrotate ynh_script_progression --message="Upgrading logrotate configuration..." --weight=1 - # Use logrotate to manage app-specific logfile(s) ynh_use_logrotate --non-append -#================================================= -# INTEGRATE SERVICE IN YUNOHOST -#================================================= -ynh_script_progression --message="Integrating service in YunoHost..." --weight=2 +# upgrade nginx configuration +ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=2 +ynh_add_nginx_config -yunohost service add $app --description="A decentral federated small advertisement platform" --log="/var/log/$app/$app.log" - -#================================================= # UPGRADE FAIL2BAN -#================================================= -ynh_script_progression --message="Reconfiguring Fail2Ban..." --weight=3 - +# ynh_script_progression --message="Reconfiguring Fail2Ban..." --weight=3 # Create a dedicated Fail2Ban config -ynh_add_fail2ban_config --logpath="/var/log/couchdb/couchdb.log" --failregex="[warning] .*couch_httpd_auth: Authentication failed for user .+ from " --max_retry=5 +# ynh_add_fail2ban_config --logpath="/var/log/couchdb/couchdb.log" --failregex="[warning] .*couch_httpd_auth: Authentication failed for user .+ from " --max_retry=5 -#================================================= -# END OF SCRIPT -#================================================= +# start flohmarkt +ynh_script_progression --message="Starting flohmarkt..." --weight=3 +ynh_systemd_action --service_name=$app --action="start" --line_match="INFO: Application startup complete." ynh_script_progression --message="Upgrade of $app completed" --last From 25ca85bb98aa67f5ca057fc0b380ef37c7e58159 Mon Sep 17 00:00:00 2001 From: Chris Vogel Date: Mon, 22 Apr 2024 14:37:31 +0200 Subject: [PATCH 13/16] removed some comments --- scripts/install | 8 -------- 1 file changed, 8 deletions(-) diff --git a/scripts/install b/scripts/install index f9197ab..74f40f2 100755 --- a/scripts/install +++ b/scripts/install @@ -57,11 +57,6 @@ chmod 640 /opt/couchdb/etc/local.d/05-flohmarkt.ini systemctl restart couchdb systemctl status couchdb -# INTEGRATE SERVICE IN YUNOHOST -# would this work? couchdb brings its own systemd.service... -# ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 -# yunohost service add $app --description="war mal couchdb" --log="/var/log/$app/$app.log" - # get flohmarkt ynh_setup_source --dest_dir="$install_dir/$app/" @@ -104,7 +99,6 @@ ynh_add_config --template="../conf/flohmarkt.conf" --destination="$install_dir/$ # SETUP LOGROTATE ynh_script_progression --message="Configuring log rotation..." --weight=2 # Use logrotate to manage application logfile(s) -# @@ how does this know where the logfiles are? ynh_use_logrotate # NGINX CONFIGURATION @@ -129,6 +123,4 @@ ynh_systemd_action --service_name=$app --action="start" # # Create a dedicated Fail2Ban config # ynh_add_fail2ban_config --logpath="/var/log/couchdb/couchdb.log" --failregex="[warning] .*couch_httpd_auth: Authentication failed for user .+ from " --max_retry=5 -# @@ logrotation - ynh_script_progression --message="Installation of $app completed" --last From 34ac85c03b124eac9f6b625fe89c03da59306ee7 Mon Sep 17 00:00:00 2001 From: Chris Vogel Date: Mon, 22 Apr 2024 14:41:31 +0200 Subject: [PATCH 14/16] upgrade flohmarkt code --- manifest.toml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifest.toml b/manifest.toml index 05d52c0..b3424ff 100644 --- a/manifest.toml +++ b/manifest.toml @@ -109,8 +109,8 @@ ram.runtime = "100M" # This will pre-fetch the asset which can then be deployed during the install/upgrade scripts with : # ynh_setup_source --dest_dir="$install_dir" # You can also define other assets than "main" and add --source_id="foobar" in the previous command - url = "https://codeberg.org/flohmarkt/flohmarkt/archive/490a748cc3a6698c8a6400df3fa9cfdcf4fd76da.tar.gz" - sha256 = "45d40fb96c9997502755939d0ba6bac9df39d3ca30d271be01b69202b88839fb" + url = "https://codeberg.org/flohmarkt/flohmarkt/archive/0edd928adb76d72ecad2f768f25a8cc89f0c2eb1.tar.gz" + sha256 = "68978e04077d12c54f1b574c6da11c368c9da37f453e6768520deac88ea21855" # These infos are used by https://github.com/YunoHost/apps/blob/master/tools/autoupdate_app_sources/autoupdate_app_sources.py # to auto-update the previous asset urls and sha256sum + manifest version From 27f90fa281ddb35b7658a0e842295b3874a13e2e Mon Sep 17 00:00:00 2001 From: Chris Vogel Date: Mon, 22 Apr 2024 15:02:30 +0200 Subject: [PATCH 15/16] backup everything MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit …until there'll be complains. --- scripts/upgrade | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/scripts/upgrade b/scripts/upgrade index 8704a76..33362ef 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -22,10 +22,10 @@ couchdb couchdb/mode select standalone couchdb couchdb/mode seen true couchdb couchdb/bindaddress string 127.0.0.1 couchdb couchdb/bindaddress seen true -couchdb couchdb/cookie string $password -couchdb couchdb/adminpass password $password +couchdb couchdb/cookie string $couchdb_magic_cookie +couchdb couchdb/adminpass password $password_couchdb_admin couchdb couchdb/adminpass seen true -couchdb couchdb/adminpass_again password $password +couchdb couchdb/adminpass_again password $password_couchdb_admin couchdb couchdb/adminpass_again seen true" | debconf-set-selections DEBIAN_FRONTEND=noninteractive # apt-get install -y --force-yes couchdb ynh_install_extra_app_dependencies \ From 19651800d92bcddf5b35400f6105b340713dbdac Mon Sep 17 00:00:00 2001 From: Chris Vogel Date: Tue, 23 Apr 2024 14:12:44 +0200 Subject: [PATCH 16/16] correct jwtsecret --- scripts/install | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/scripts/install b/scripts/install index 74f40f2..b9a971f 100755 --- a/scripts/install +++ b/scripts/install @@ -75,7 +75,8 @@ python3 -m venv --without-pip "$install_dir/venv" ) # JwtSecret -jwtsecret=$(ynh_string_random --length=344 --filter='a-zA-Z0-9/+') +# workaround for https://github.com/YunoHost/issues/issues/2379 +jwtsecret=$(ynh_string_random -l 200 -f 'a-zA-Z0-9/+'; ynh_string_random -l 142 -f 'a-zA-Z0-9/+'; echo -n '==') ynh_app_setting_set --app=$app --key=jwtsecret --value="$jwtsecret" password_couchdb_flohmarkt=$(ynh_string_random --length=31 --filter='A-Za-z0-9_.:,')