#!/bin/bash # IMPORT GENERIC HELPERS source /usr/share/yunohost/helpers source _common.sh # https://codeberg.org/ChriChri/flohmarkt_ynh/issues/9 # check if couchdb is already installed # if there's a couchdb configuration file for flohmarkt we'll assume that couchdb # had been installed by flohmarkt and we thus can savely do whatever we want to it # with the resulting damage hopefully only influencing flohmarkt instances if [[ -e /opt/couchdb ]] || pgrep epmd > /dev/null || pgrep beam.smp || dpkg-query -W couchdb > /dev/null 2>&1 \ && ! [[ -e /opt/couchdb/etc/local.d/05-flohmarkt.ini ]]; then ynh_die --message="CouchDB already installed on this host - will not proceed." exit 1 fi # INITIALIZE AND STORE SETTINGS # TODO: do we need to store the password un-encrypted somewhere on the system? # → there's no way to get the admin password later if sometimes in the future deleting # the app will delete its specific database only (instead of the whole couchdb server as # of now in the earliest versions of the integration). ynh_app_setting_set --app=$app --key=password_couchdb_admin --value="$password_couchdb_admin" # get port, admin_pw for already installed couchdb # skip the installation steps below ynh_script_progression --message="Installing CouchDB..." --weight=60 # A CouchDB node has an Erlang magic cookie value set at startup. # This value must match for all nodes in the cluster. If they do not match, # attempts to connect the node to the cluster will be rejected. couchdb_magic_cookie=$(ynh_string_random --length=23 --filter='A-Za-z0-9_') ynh_app_setting_set --app=$app --key=couchdb_magic_cookie --value="$couchdb_magic_cookie" # update couchdb dpkg flohmarkt_ynh_up_inst_couchdb # stop couchdb flohmarkt_ynh_stop_couchdb # add couchdb configuration ynh_script_progression --message="Adding a configuration file..." --weight=2 # customize couchdb config ynh_add_config --template="../conf/05-flohmarkt.ini" --destination="/opt/couchdb/etc/local.d/05-flohmarkt.ini" chown root:couchdb /opt/couchdb/etc/local.d/05-flohmarkt.ini chmod 640 /opt/couchdb/etc/local.d/05-flohmarkt.ini # restart couchdb to pick up changes ynh_script_progression --message="Starting CouchDB..." --weight=2 flohmarkt_ynh_start_couchdb # get flohmarkt # suspecting that this deletes all other sources for YNH_APP_ID ynh_script_progression --message="Downloading flohmarkt..." --weight=2 ynh_setup_source --dest_dir="$flohmarkt_app_dir" # setup python environment for flohmarkt ynh_script_progression --message="Creating python venv..." --weight=2 ynh_secure_remove "$flohmarkt_venv_dir" flohmarkt_ynh_create_venv flohmarkt_ynh_venv_requirements # JwtSecret # workaround for https://github.com/YunoHost/issues/issues/2379 jwtsecret=$(ynh_string_random -l 200 -f 'a-zA-Z0-9/+'; ynh_string_random -l 142 -f 'a-zA-Z0-9/+'; echo -n '==') ynh_app_setting_set --app=$app --key=jwtsecret --value="$jwtsecret" password_couchdb_flohmarkt=$(ynh_string_random --length=31 --filter='A-Za-z0-9_.:,') ynh_app_setting_set --app=$app --key=password_couchdb_flohmarkt --value="$password_couchdb_flohmarkt" # generate flohmarkt.conf ynh_script_progression --message="Adding flohmarkt.conf configuration..." --weight=2 ynh_add_config --template="../conf/flohmarkt.conf" --destination="$flohmarkt_app_dir/flohmarkt.conf" # setup couchdb ynh_script_progression --message="Setup couchdb database and user for flohmarkt..." --weight=2 flohmarkt_ynh_check_old_couchdb flohmarkt_ynh_initialize_couchdb # SETUP LOGROTATE ynh_script_progression --message="Configuring log rotation..." --weight=2 # Use logrotate to manage application logfile(s) ynh_use_logrotate --logfile=$flohmarkt_logfile # NGINX CONFIGURATION ynh_script_progression --message="Configuring NGINX web server..." --weight=3 # Create a dedicated NGINX config ynh_add_nginx_config # systemd.service ynh_script_progression --message="Configuring a systemd service..." --weight=1 # Create a dedicated systemd config ynh_add_systemd_config --service=$flohmarkt_filename # integrate into yunohost ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 yunohost service add $flohmarkt_filename --description="A decentral federated small advertisement platform" --log="$flohmarkt_logfile" # logfile contains possibly the secret setup URL ynh_script_progression --message="Setting permissions on logfile..." --weight=2 mkdir -m755 -p "$flohmarkt_log_dir" touch "$flohmarkt_logfile" chown root:$app "$flohmarkt_logfile" chmod 660 "$flohmarkt_logfile" # set file permissions for install dir ynh_script_progression --message="Setting permissions on install directory..." --weight=2 flohmarkt_ynh_set_permission # SETUP FAIL2BAN ynh_script_progression --message="Configuring Fail2Ban..." --weight=3 ynh_add_fail2ban_config --logpath="$flohmarkt_logfile" --failregex='INFO: +:\d+ - "POST /token HTTP/\d+\.\d+" 403 Forbidden' --max_retry=5 # symlink data_dir and install_dir to make it easier to find the # files for a certain domain/path flohmarkt_ynh_create_symlinks # start service ynh_script_progression --message="Debug before starting flohmarkt..." --weight=1 ls -l $flohmarkt_logfile /bin/bash /usr/bin/bash || true ynh_script_progression --message="Starting flohmarkt..." --weight=10 flohmarkt_ynh_start_service ynh_script_progression --message="Installation of $id completed" --last