From b943dfa6f178081a161c1f207251cfcd2d9b699f Mon Sep 17 00:00:00 2001 From: Chris Vogel Date: Tue, 7 May 2024 12:18:36 +0200 Subject: [PATCH] paths and filenames - part II adjusted paths after trying, thinking and talking to people in the matrix room again. --- conf/05-flohmarkt.ini | 2 +- conf/flohmarkt.conf | 3 ++- manifest.toml | 18 +++++++++--------- scripts/_common.sh | 25 ++++++++----------------- scripts/install | 18 +++++++++++------- scripts/remove | 26 ++++++++++---------------- 6 files changed, 41 insertions(+), 51 deletions(-) diff --git a/conf/05-flohmarkt.ini b/conf/05-flohmarkt.ini index b6d6553..c85771c 100644 --- a/conf/05-flohmarkt.ini +++ b/conf/05-flohmarkt.ini @@ -2,4 +2,4 @@ ; prevent non admin users to be able to access the list of all databases admin_only_all_dbs = true -port = __PORT_COUCHDB__ +; port = __##PORT_COUCHDB__ diff --git a/conf/flohmarkt.conf b/conf/flohmarkt.conf index f42af97..a32025b 100644 --- a/conf/flohmarkt.conf +++ b/conf/flohmarkt.conf @@ -10,7 +10,8 @@ UseHttps = 0 Host = 127.0.0.1 User = __APP__ Password = __PASSWORD_COUCHDB_FLOHMARKT__ -Port = __PORT_COUCHDB__ +# Port = __##PORT_COUCHDB__ +Port = 5984 Database = __APP__ [SMTP] diff --git a/manifest.toml b/manifest.toml index a8a7072..aa5b064 100644 --- a/manifest.toml +++ b/manifest.toml @@ -28,8 +28,7 @@ code = "https://codeberg.org/flohmarkt/flohmarkt" yunohost = ">= 11.2.11" architectures = "all" # https://codeberg.org/ChriChri/flohmarkt_ynh/issues/11 -# multi_instance = true -multi_instance = false +multi_instance = true # the "ldap" key corresponds to wether or not a user *can* login on the app using # its YunoHost credentials. @@ -108,8 +107,8 @@ ram.runtime = "100M" # This will pre-fetch the asset which can then be deployed during the install/upgrade scripts with : # ynh_setup_source --dest_dir="$install_dir" # You can also define other assets than "main" and add --source_id="foobar" in the previous command - url = "https://codeberg.org/flohmarkt/flohmarkt/archive/2c5ea313d9b04dad25649335f415af5ca484f262.tar.gz" - sha256 = "ce08228e2e9e650925c53094bf9c02bac8cdcb03a931f262034802ce6541e1f7" + url = "https://codeberg.org/flohmarkt/flohmarkt/archive/78b2cc137d7c88d961e12dcb5017b17257bc4a71.tar.gz" + sha256 = "4acbfe20372583fdf75f4eea7b9c29d9ae20d04283559578f5e33f8347570c33" # These infos are used by https://github.com/YunoHost/apps/blob/master/tools/autoupdate_app_sources/autoupdate_app_sources.py # to auto-update the previous asset urls and sha256sum + manifest version @@ -132,10 +131,8 @@ ram.runtime = "100M" # @@ how to create a couchdb user if needed? in install-script manually? [resources.install_dir] - dir = "/opt/flohmarkt" - # [resources.data_dir] - # we'll take care of this inside the install script and save it to the settings + [resources.data_dir] [resources.permissions] # This will configure SSOwat permission for $domain/$path/ @@ -149,13 +146,16 @@ ram.runtime = "100M" # uvicorn running the flohmarkt app will be started listening to this port # if 'main.default' is already in use another random port will be used main.default = 8000 - couchdb.default = 5984 + # we'll rely on couchdb choosing the default port to listen to + # otherwise I'll set a new port for each flohmarkt that will be installed until the + # installation of couchdb is reworked by making it possible to do as a pure dependency + # couchdb.default = 5984 [resources.apt] # python dependencies shall be installed in a venv using pip. # moreutils is needed for `ts` used in systemd.service - packages = "python3-pip python3-full curl apt-transport-https gnupg moreutils" + packages = "python3-pip python3-full curl apt-transport-https gnupg moreutils curl" # repo for couchdb - doesn't work, yet # extras.couchdb.repo = "deb https://apache.jfrog.io/artifactory/couchdb-deb/ __YNH_DEBIAN_VERSION__ main" # extras.couchdb.key = "https://couchdb.apache.org/repo/keys.asc" diff --git a/scripts/_common.sh b/scripts/_common.sh index 3459cd3..1bd4059 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -14,24 +14,24 @@ if [[ "__${url_path}__" == '____' ]]; then else flohmarkt_filename="$domain-${url_path}" fi -# just in case we append $app to make it really unique # this filename is used for logfile name and systemd.service name -flohmarkt_filename="${flohmarkt_filename//[^A-Za-z0-9._-]/_}_${app}" -# +# and for symlinking install_dir and data_dir +flohmarkt_filename="${YNH_APP_ID}_${flohmarkt_filename//[^A-Za-z0-9._-]/_}" # directory flohmarkts software is installed to # contains ./venv and ./src as sub-directories -flohmarkt_install="/opt/${id}/${domain}/${url_path}" +flohmarkt_install="$install_dir" +flohmarkt_sym_install="$( dirname $flohmarkt_install )/$flohmarkt_filename" flohmarkt_venv_dir="${flohmarkt_install}/venv" flohmarkt_app_dir="${flohmarkt_install}/app" # directory containing logfiles -flohmarkt_log_dir="/var/log/${id}/${flohmarkt_filename}" +flohmarkt_log_dir="/var/log/${YNH_APP_ID}/${flohmarkt_filename}" # filename for logfiles - ¡ojo! if not ends with .log will be interpreted # as a directory by ynh_use_logrotate # https://github.com/YunoHost/issues/issues/2383 flohmarkt_logfile="${flohmarkt_log_dir}/${app}.log" -# flohmarkt data_dir follows the naming convention above -# its saved to settings during install -flohmarkt_data_dir="/home/yunohost.app/${flohmarkt_filename}" +# flohmarkt data_dir +flohmarkt_data_dir="$data_dir" +flohmarkt_sym_data_dir="$( dirname $flohmarkt_data_dir )/$flohmarkt_filename" ## old filenames before 0.00~ynh5 - for reference and needed to # migrate (see below) @@ -59,15 +59,6 @@ flohmarkt_ynh_upgrade_path_ynh5() { # there's still some work open - see above } -# to follow the naming convention including information about domain -# and path we do create the data_dir here and save it during install -# to the settings of this flohmarkt instance -flohmarkt_ynh_create_data_dir() { - mkdir -p $data_dir - chown $app: $data_dir - chmod 750 $data_dir -} - #================================================= # EXPERIMENTAL HELPERS #================================================= diff --git a/scripts/install b/scripts/install index f7da705..4e5f9e9 100755 --- a/scripts/install +++ b/scripts/install @@ -16,12 +16,6 @@ then exit 1 fi -# create and setup $data_dir -data_dir="${flohmarkt_data_dir}" -ynh_script_progression --message="Creating data_dir '$data_dir'..." --weight=2 -ynh_app_setting_set --app=$app --key=data_dir --value="$data_dir" -flohmarkt_ynh_create_data_dir - # INITIALIZE AND STORE SETTINGS # todo: do we need to store the password un-encrypted somewhere on the system? # → there's no way to get the admin password later if sometimes in the future deleting @@ -68,10 +62,12 @@ systemctl restart couchdb systemctl status couchdb # get flohmarkt +# suspecting that this deletes all other sources for YNH_APP_ID ynh_setup_source --dest_dir="$flohmarkt_app_dir" # setup python environment for flohmarkt ynh_secure_remove "$flohmarkt_venv_dir" + python3 -m venv --without-pip "$flohmarkt_venv_dir" # install python dependencies @@ -129,7 +125,7 @@ mkdir -m755 -p "$flohmarkt_log_dir" touch "$flohmarkt_logfile" chmod 640 "$flohmarkt_logfile" # start service -ynh_systemd_action --service_name=$flohmarkt_filename --action="start" +ynh_systemd_action --service_name=$flohmarkt_filename --action="start" --line_match='INFO: *Application startup complete.' --log_path="$flohmarkt_logfile" --timeout=30 # https://codeberg.org/flohmarkt/flohmarkt_ynh/issues/44 # --line_match="INFO: Application startup complete." @@ -137,4 +133,12 @@ ynh_systemd_action --service_name=$flohmarkt_filename --action="start" ynh_script_progression --message="Configuring Fail2Ban..." --weight=3 ynh_add_fail2ban_config --logpath="$flohmarkt_logfile" --failregex='INFO: +:\d+ - "POST /token HTTP/\d+\.\d+" 403 Forbidden' --max_retry=5 +# symlink data_dir and install_dir to make it easier to find the +# files for a certain domain/path +ln -s "$flohmarkt_install" "$flohmarkt_sym_install" +ln -s "$flohmarkt_data_dir" "$flohmarkt_sym_data_dir" + +# debug +env + ynh_script_progression --message="Installation of $id completed" --last diff --git a/scripts/remove b/scripts/remove index 3b54eb9..e36a509 100755 --- a/scripts/remove +++ b/scripts/remove @@ -27,23 +27,13 @@ then yunohost service remove $flohmarkt_filename fi -## This needs to be rewritten: Only delete the database of the instance being removed # https://codeberg.org/flohmarkt/flohmarkt_ynh/issues/12 -# ynh_script_progression --message="Stopping couchdb..." --weight=2 -# systemctl stop couchdb -# -# ynh_script_progression --message="Removing databases..." --weight=2 -# # remove flohmarkt database and database user -# # ynh_script_progression --message="removing flohmarkt couchdb user and database" --weight=2 -# # @@ wie komme ich hier an das admin-password, falls ich es brauche? -# # * brauche ich es? → ja -# # db: -# # curl -X DELETE 'http://127.0.0.1:5984/flohmarkt' --user ':' -# # user: -# # curl -X DELETE "http://127.0.0.1:5984/_users/org.couchdb.user%3Aflohmarkt?rev=`curl -sX GET 'http://127.0.0.1:5984/_users/org.couchdb.user%3Aflohmarkt' --user 'admin:bla42fasel' | jq -r ._rev`" --user ':' -# # @@ todo improve this like above -# # https://codeberg.org/ChriChri/flohmarkt_ynh/issues/12 -# ynh_secure_remove --file=/var/lib/couchdb +ynh_script_progression --message="Removing database and database user..." --weight=2 +# remove DB +curl -s -X DELETE 'http://127.0.0.1:5984/flohmarkt' --user "admin:${password_couchdb_admin}" +# remove DB user for this instance: +# get rev for the user and then delete user/rev +curl -s -X DELETE "http://127.0.0.1:5984/_users/org.couchdb.user%3A${app}?rev=$( curl -sX GET "http://127.0.0.1:5984/_users/org.couchdb.user%3A${app}" --user "admin:${password_couchdb_admin}" | jq -r ._rev)" --user "admin:${password_couchdb_admin}" # Remove the app-specific logrotate config ynh_remove_logrotate @@ -68,6 +58,10 @@ ynh_secure_remove --file=$data_dir ynh_script_progression --message="Removing data directory..." --weight=2 ynh_remove_systemd_config +# remove symlinks +ynh_secure_remove "$flohmarkt_sym_install" +ynh_secure_remove "$flohmarkt_sym_data_dir" + #================================================= # END OF SCRIPT #=================================================