1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/flohmarkt_ynh.git synced 2024-09-03 18:36:30 +02:00
flohmarkt_ynh/scripts/install
Chris Vogel 59d2579bdf changed order of source …
yunohost helpers get included first so that I can overwrite them
from _common.sh
2024-05-26 19:47:35 +02:00

133 lines
5.6 KiB
Bash
Executable file

#!/bin/bash
# IMPORT GENERIC HELPERS
source /usr/share/yunohost/helpers
source _common.sh
# https://codeberg.org/ChriChri/flohmarkt_ynh/issues/9
# check if couchdb is already installed
# if there's a couchdb configuration file for flohmarkt we'll assume that couchdb
# had been installed by flohmarkt and we thus can savely do whatever we want to it
# with the resulting damage hopefully only influencing flohmarkt instances
if [[ -e /opt/couchdb ]] || pgrep epmd > /dev/null || pgrep beam.smp || dpkg-query -W couchdb > /dev/null 2>&1 \
&& ! [[ -e /opt/couchdb/etc/local.d/05-flohmarkt.ini ]];
then
ynh_die --message="CouchDB already installed on this host - will not proceed."
exit 1
fi
# INITIALIZE AND STORE SETTINGS
# todo: do we need to store the password un-encrypted somewhere on the system?
# → there's no way to get the admin password later if sometimes in the future deleting
# the app will delete its specific database only (instead of the whole couchdb server as
# of now in the earliest versions of the integration).
ynh_app_setting_set --app=$app --key=password_couchdb_admin --value="$password_couchdb_admin"
# get port, admin_pw for already installed couchdb
# skip the installation steps below
ynh_script_progression --message="Installing CouchDB..." --weight=60
# A CouchDB node has an Erlang magic cookie value set at startup.
# This value must match for all nodes in the cluster. If they do not match,
# attempts to connect the node to the cluster will be rejected.
couchdb_magic_cookie=$(ynh_string_random --length=23 --filter='A-Za-z0-9_')
ynh_app_setting_set --app=$app --key=couchdb_magic_cookie --value="$couchdb_magic_cookie"
# update couchdb dpkg
flohmarkt_ynh_up_inst_couchdb
# stop couchdb
flohmarkt_ynh_stop_couchdb
# add couchdb configuration
ynh_script_progression --message="Adding a configuration file..." --weight=2
# customize couchdb config
ynh_add_config --template="../conf/05-flohmarkt.ini" --destination="/opt/couchdb/etc/local.d/05-flohmarkt.ini"
chown root:couchdb /opt/couchdb/etc/local.d/05-flohmarkt.ini
chmod 640 /opt/couchdb/etc/local.d/05-flohmarkt.ini
# restart couchdb to pick up changes
ynh_script_progression --message="Starting CouchDB..." --weight=2
flohmarkt_ynh_start_couchdb
# get flohmarkt
# suspecting that this deletes all other sources for YNH_APP_ID
ynh_script_progression --message="Downloading flohmarkt..." --weight=2
ynh_setup_source --dest_dir="$flohmarkt_app_dir"
# setup python environment for flohmarkt
ynh_script_progression --message="Creating python venv..." --weight=2
ynh_secure_remove "$flohmarkt_venv_dir"
flohmarkt_ynh_create_venv
flohmarkt_ynh_venv_requirements
# JwtSecret
# workaround for https://github.com/YunoHost/issues/issues/2379
jwtsecret=$(ynh_string_random -l 200 -f 'a-zA-Z0-9/+'; ynh_string_random -l 142 -f 'a-zA-Z0-9/+'; echo -n '==')
ynh_app_setting_set --app=$app --key=jwtsecret --value="$jwtsecret"
password_couchdb_flohmarkt=$(ynh_string_random --length=31 --filter='A-Za-z0-9_.:,')
ynh_app_setting_set --app=$app --key=password_couchdb_flohmarkt --value="$password_couchdb_flohmarkt"
# generate flohmarkt.conf
ynh_script_progression --message="Adding flohmarkt.conf configuration..." --weight=2
ynh_add_config --template="../conf/flohmarkt.conf" --destination="$flohmarkt_app_dir/flohmarkt.conf"
# setup couchdb
ynh_script_progression --message="Setup couchdb database and user for flohmarkt..." --weight=2
flohmarkt_ynh_check_old_couchdb
(
set +o nounset
source "$flohmarkt_venv_dir/bin/activate"
set -o nounset
cd "$flohmarkt_app_dir"
# initialize_couchdb seems to re-try on connect problems endlessly blocking the yunohost api
# give it 45 seconds to finish and then fail
# https://codeberg.org/ChriChri/flohmarkt_ynh/issues/13
timeout 45 python3 initialize_couchdb.py $password_couchdb_admin
)
# SETUP LOGROTATE
ynh_script_progression --message="Configuring log rotation..." --weight=2
# Use logrotate to manage application logfile(s)
ynh_use_logrotate --logfile=$flohmarkt_logfile
# NGINX CONFIGURATION
ynh_script_progression --message="Configuring NGINX web server..." --weight=3
# Create a dedicated NGINX config
ynh_add_nginx_config
# systemd.service
ynh_script_progression --message="Configuring a systemd service..." --weight=1
# Create a dedicated systemd config
ynh_add_systemd_config --service=$flohmarkt_filename
# integrate into yunohost
ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
yunohost service add $flohmarkt_filename --description="A decentral federated small advertisement platform" --log="$flohmarkt_logfile"
# logfile contains possibly the secret setup URL
ynh_script_progression --message="Setting permissions on logfile..." --weight=2
mkdir -m755 -p "$flohmarkt_log_dir"
touch "$flohmarkt_logfile"
chown root:$app "$flohmarkt_logfile"
chmod 660 "$flohmarkt_logfile"
# set file permissions for install dir
ynh_script_progression --message="Setting permissions on install directory..." --weight=2
flohmarkt_ynh_set_permission
# SETUP FAIL2BAN
ynh_script_progression --message="Configuring Fail2Ban..." --weight=3
ynh_add_fail2ban_config --logpath="$flohmarkt_logfile" --failregex='INFO: +<HOST>:\d+ - "POST /token HTTP/\d+\.\d+" 403 Forbidden' --max_retry=5
# symlink data_dir and install_dir to make it easier to find the
# files for a certain domain/path
flohmarkt_ynh_create_symlinks
# start service
ynh_script_progression --message="Debug before starting flohmarkt..." --weight=1
ls -l $flohmarkt_logfile /bin/bash /usr/bin/bash || true
ynh_script_progression --message="Starting flohmarkt..." --weight=10
flohmarkt_ynh_start_service
ynh_script_progression --message="Installation of $id completed" --last