From 7203ca09e2c5fb02fcaa7bee06b3a2ae6ea7c5a9 Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Fri, 30 Aug 2024 13:56:06 +0200 Subject: [PATCH 1/5] Upgrade sources - `main` v8.0.2: https://codeberg.org/forgejo/forgejo/releases/tag/v8.0.2 --- manifest.toml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/manifest.toml b/manifest.toml index e774c92..101ad5e 100644 --- a/manifest.toml +++ b/manifest.toml @@ -5,7 +5,7 @@ name = "Forgejo" description.en = "Lightweight software forge" description.fr = "Forge logiciel légère" -version = "8.0.1~ynh1" +version = "8.0.2~ynh1" maintainers = [ "Emmanuel Averty" ] @@ -48,12 +48,12 @@ ram.runtime = "2G" [resources] [resources.sources.main] - amd64.url = "https://codeberg.org/forgejo/forgejo/releases/download/v8.0.1/forgejo-8.0.1-linux-amd64.xz" - amd64.sha256 = "51f999d26d5ba7e8e5a86bc83b96278a78184e4c26a97c82f72d3dc4fd01be5e" - arm64.url = "https://codeberg.org/forgejo/forgejo/releases/download/v8.0.1/forgejo-8.0.1-linux-arm64.xz" - arm64.sha256 = "4750daca428308ab6bb01af0995c889a6bbf04784a9873ee663edbc0309ed312" - armhf.url = "https://codeberg.org/forgejo/forgejo/releases/download/v8.0.1/forgejo-8.0.1-linux-arm-6.xz" - armhf.sha256 = "b35d03da684cfa84a560d96d5bbfb229e8ae75e13fcff4ae79d4fcbc04934847" + amd64.url = "https://codeberg.org/forgejo/forgejo/releases/download/v8.0.2/forgejo-8.0.2-linux-amd64.xz" + amd64.sha256 = "1c5dacbbea0509b677df8ec92fd91858df5552eb3240aa475add8e414b60f8f2" + arm64.url = "https://codeberg.org/forgejo/forgejo/releases/download/v8.0.2/forgejo-8.0.2-linux-arm64.xz" + arm64.sha256 = "f9bb23a8e99ee58dbee5a92690e838d0de7416e8289f85d3fef3eeca4fc33292" + armhf.url = "https://codeberg.org/forgejo/forgejo/releases/download/v8.0.2/forgejo-8.0.2-linux-arm-6.xz" + armhf.sha256 = "bdb639ac9f3d1438e40a74797e1ac66c52849f2acfb5715d7e6bd82f650fa9f3" format = "whatever" extract = false rename = "forgejo.xz" From b838525328e57eff5ff23eb7f110b44957975985 Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Fri, 30 Aug 2024 11:56:08 +0000 Subject: [PATCH 2/5] Auto-update READMEs --- ALL_README.md | 1 + README.md | 2 +- README_es.md | 2 +- README_eu.md | 2 +- README_fr.md | 2 +- README_gl.md | 2 +- README_id.md | 2 +- README_ru.md | 64 +++++++++++++++++++++++++++++++++++++++++++++++ README_zh_Hans.md | 2 +- 9 files changed, 72 insertions(+), 7 deletions(-) create mode 100644 README_ru.md diff --git a/ALL_README.md b/ALL_README.md index 4ed64dd..e3c80d2 100644 --- a/ALL_README.md +++ b/ALL_README.md @@ -6,4 +6,5 @@ - [Lire le README en français](README_fr.md) - [Le o README en galego](README_gl.md) - [Baca README dalam bahasa bahasa Indonesia](README_id.md) +- [Прочитать README на русский](README_ru.md) - [阅读中文(简体)的 README](README_zh_Hans.md) diff --git a/README.md b/README.md index 10413aa..f0a7fa7 100644 --- a/README.md +++ b/README.md @@ -34,7 +34,7 @@ Brought to you by an inclusive community under the umbrella of Codeberg e.V., a - Customize HTML templates, static files and many others. -**Shipped version:** 8.0.1~ynh1 +**Shipped version:** 8.0.2~ynh1 ## Screenshots diff --git a/README_es.md b/README_es.md index e3129e1..c496de9 100644 --- a/README_es.md +++ b/README_es.md @@ -34,7 +34,7 @@ Brought to you by an inclusive community under the umbrella of Codeberg e.V., a - Customize HTML templates, static files and many others. -**Versión actual:** 8.0.1~ynh1 +**Versión actual:** 8.0.2~ynh1 ## Capturas diff --git a/README_eu.md b/README_eu.md index 0ce43ce..9e52af3 100644 --- a/README_eu.md +++ b/README_eu.md @@ -34,7 +34,7 @@ Brought to you by an inclusive community under the umbrella of Codeberg e.V., a - Customize HTML templates, static files and many others. -**Paketatutako bertsioa:** 8.0.1~ynh1 +**Paketatutako bertsioa:** 8.0.2~ynh1 ## Pantaila-argazkiak diff --git a/README_fr.md b/README_fr.md index 35ee0f0..8c336ec 100644 --- a/README_fr.md +++ b/README_fr.md @@ -34,7 +34,7 @@ Présenté par une communauté inclusive sous l'égide de Codeberg e.V., une org - Modèle personnalisé HTML, de fichiers statiques et de nombreux autres. -**Version incluse :** 8.0.1~ynh1 +**Version incluse :** 8.0.2~ynh1 ## Captures d’écran diff --git a/README_gl.md b/README_gl.md index 71dcd89..14027c3 100644 --- a/README_gl.md +++ b/README_gl.md @@ -34,7 +34,7 @@ Brought to you by an inclusive community under the umbrella of Codeberg e.V., a - Customize HTML templates, static files and many others. -**Versión proporcionada:** 8.0.1~ynh1 +**Versión proporcionada:** 8.0.2~ynh1 ## Capturas de pantalla diff --git a/README_id.md b/README_id.md index 27d58c5..2de743d 100644 --- a/README_id.md +++ b/README_id.md @@ -34,7 +34,7 @@ Brought to you by an inclusive community under the umbrella of Codeberg e.V., a - Customize HTML templates, static files and many others. -**Versi terkirim:** 8.0.1~ynh1 +**Versi terkirim:** 8.0.2~ynh1 ## Tangkapan Layar diff --git a/README_ru.md b/README_ru.md new file mode 100644 index 0000000..ebfefd3 --- /dev/null +++ b/README_ru.md @@ -0,0 +1,64 @@ + + +# Forgejo для YunoHost + +[![Уровень интеграции](https://dash.yunohost.org/integration/forgejo.svg)](https://ci-apps.yunohost.org/ci/apps/forgejo/) ![Состояние работы](https://ci-apps.yunohost.org/ci/badges/forgejo.status.svg) ![Состояние сопровождения](https://ci-apps.yunohost.org/ci/badges/forgejo.maintain.svg) + +[![Установите Forgejo с YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=forgejo) + +*[Прочтите этот README на других языках.](./ALL_README.md)* + +> *Этот пакет позволяет Вам установить Forgejo быстро и просто на YunoHost-сервер.* +> *Если у Вас нет YunoHost, пожалуйста, посмотрите [инструкцию](https://yunohost.org/install), чтобы узнать, как установить его.* + +## Обзор + +Forgejo is a self-hosted lightweight software forge. Easy to install and low maintenance, it just does the job. + +Brought to you by an inclusive community under the umbrella of Codeberg e.V., a democratic non-profit organization, Forgejo can be trusted to be exclusively Free Software. It focuses on security, scaling, federation and privacy. + +### Features + +- User dashboard, user profile and activity timeline. +- User, organization and repository management. +- Repository and organization webhooks, including Slack, Discord and Dingtalk. +- Repository Git hooks, deploy keys and Git LFS. +- Repository issues, pull requests, wiki, protected branches and collaboration. +- Migrate and mirror repositories with wiki from other code hosts. +- Web editor for quick editing repository files and wiki. +- Jupyter Notebook and PDF rendering. +- Authentication via SMTP, LDAP. +- Customize HTML templates, static files and many others. + + +**Поставляемая версия:** 8.0.2~ynh1 + +## Снимки экрана + +![Снимок экрана Forgejo](./doc/screenshots/screenshot.png) + +## Документация и ресурсы + +- Официальный веб-сайт приложения: +- Официальная документация пользователя: +- Официальная документация администратора: +- Репозиторий кода главной ветки приложения: +- Магазин YunoHost: +- Сообщите об ошибке: + +## Информация для разработчиков + +Пришлите Ваш запрос на слияние в [ветку `testing`](https://github.com/YunoHost-Apps/forgejo_ynh/tree/testing). + +Чтобы попробовать ветку `testing`, пожалуйста, сделайте что-то вроде этого: + +```bash +sudo yunohost app install https://github.com/YunoHost-Apps/forgejo_ynh/tree/testing --debug +или +sudo yunohost app upgrade forgejo -u https://github.com/YunoHost-Apps/forgejo_ynh/tree/testing --debug +``` + +**Больше информации о пакетировании приложений:** diff --git a/README_zh_Hans.md b/README_zh_Hans.md index 6976e16..a0839c7 100644 --- a/README_zh_Hans.md +++ b/README_zh_Hans.md @@ -34,7 +34,7 @@ Brought to you by an inclusive community under the umbrella of Codeberg e.V., a - Customize HTML templates, static files and many others. -**分发版本:** 8.0.1~ynh1 +**分发版本:** 8.0.2~ynh1 ## 截图 From 5103261a790ec1f7b9102a4518e3358279a6a433 Mon Sep 17 00:00:00 2001 From: Yunohost-Bot <> Date: Fri, 30 Aug 2024 22:55:34 +0200 Subject: [PATCH 3/5] [autopatch] Automatic patch attempt for helpers 2.1 --- manifest.toml | 3 +- scripts/_common.sh | 28 +++++++-------- scripts/backup | 33 +++++++----------- scripts/change_url | 28 +++++---------- scripts/install | 44 ++++++++++++------------ scripts/remove | 28 ++++++--------- scripts/restore | 63 +++++++++++++++------------------- scripts/upgrade | 85 ++++++++++++++++++++-------------------------- 8 files changed, 132 insertions(+), 180 deletions(-) diff --git a/manifest.toml b/manifest.toml index e774c92..1155618 100644 --- a/manifest.toml +++ b/manifest.toml @@ -17,7 +17,8 @@ userdoc = "https://forgejo.org/docs/latest/user/" code = "https://codeberg.org/forgejo/forgejo" [integration] -yunohost = ">= 11.2" +yunohost = ">= 11.2.18" +helpers_version = "2.1" architectures = [ "amd64", "arm64", "armhf" ] multi_instance = true ldap = true diff --git a/scripts/_common.sh b/scripts/_common.sh index dad63d9..e2bffb5 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -5,44 +5,44 @@ #================================================= function set_forgejo_login_source() { - ynh_print_info --message="Creating forgejo login source" + ynh_print_info "Creating forgejo login source" pushd "$install_dir" - ynh_exec_as "$app" ./forgejo admin auth add-ldap-simple --security-protocol "Unencrypted" --name "YunoHost LDAP" --host "localhost" --port "389" --skip-tls-verify --user-search-base "ou=users,dc=yunohost,dc=org" --user-dn "uid=%s,ou=Users,dc=yunohost,dc=org" --user-filter "(&(objectclass=posixAccount)(uid=%s)(permission=cn=$app.main,ou=permission,dc=yunohost,dc=org))" --admin-filter "(permission=cn=forgejo.admin,ou=permission,dc=yunohost,dc=org)" --username-attribute "uid" --firstname-attribute "givenName" --surname-attribute "sn" --email-attribute "mail" + ynh_exec_as_app ./forgejo admin auth add-ldap-simple --security-protocol "Unencrypted" --name "YunoHost LDAP" --host "localhost" --port "389" --skip-tls-verify --user-search-base "ou=users,dc=yunohost,dc=org" --user-dn "uid=%s,ou=Users,dc=yunohost,dc=org" --user-filter "(&(objectclass=posixAccount)(uid=%s)(permission=cn=$app.main,ou=permission,dc=yunohost,dc=org))" --admin-filter "(permission=cn=forgejo.admin,ou=permission,dc=yunohost,dc=org)" --username-attribute "uid" --firstname-attribute "givenName" --surname-attribute "sn" --email-attribute "mail" popd } function enable_login_source_sync() { - ynh_print_info --message="Set forgejo login source as synchronizable" + ynh_print_info "Set forgejo login source as synchronizable" # Enable login source synchronisation manualy because forgejo command does not allow it (https://codeberg.org/forgejo/forgejo/issues/952) - ynh_psql_execute_as_root --database "$db_name" --sql "update login_source set is_sync_enabled = true where type = 5 and name = 'YunoHost LDAP'" + ynh_psql_db_shell "$db_name" --sql "update login_source set is_sync_enabled = true where type = 5 and name = 'YunoHost LDAP'" } function create_forgejo_api_user() { - ynh_print_info --message="Creating forgejo api user" + ynh_print_info "Creating forgejo api user" forgejo_api_user=yunohost_api forgejo_api_pwd=$(ynh_string_random --length=24) - ynh_app_setting_set --app="$app" --key=forgejo_api_user --value="$forgejo_api_user" - ynh_app_setting_set --app="$app" --key=forgejo_api_pwd --value="$forgejo_api_pwd" + ynh_app_setting_set --key=forgejo_api_user --value="$forgejo_api_user" + ynh_app_setting_set --key=forgejo_api_pwd --value="$forgejo_api_pwd" pushd "$install_dir" - ynh_exec_as "$app" ./forgejo admin user create --username "$forgejo_api_user" --password "$forgejo_api_pwd" --email "admin@${domain}" --admin --must-change-password=false - forgejo_api_token=$(ynh_exec_as "$app" ./forgejo admin user generate-access-token --username "$forgejo_api_user" --token-name "admin" --scopes "write:admin" --raw | tail -1) - ynh_app_setting_set --app="$app" --key=forgejo_api_token --value="$forgejo_api_token" + ynh_exec_as_app ./forgejo admin user create --username "$forgejo_api_user" --password "$forgejo_api_pwd" --email "admin@${domain}" --admin --must-change-password=false + forgejo_api_token=$(ynh_exec_as_app ./forgejo admin user generate-access-token --username "$forgejo_api_user" --token-name "admin" --scopes "write:admin" --raw | tail -1) + ynh_app_setting_set --key=forgejo_api_token --value="$forgejo_api_token" popd } function set_users_login_source() { # Previously created users have «Local» login source. It should be «YunoHost LDAP» for username in $(ynh_user_list); do - ynh_print_info --message="Updating forgejo user login type for ${username}" + ynh_print_info "Updating forgejo user login type for ${username}" - ynh_psql_execute_as_root --database "$db_name" --sql "update public.user set login_source = (select id from login_source where name = 'YunoHost LDAP' and type = 5), login_name = name, login_type = 5 where name = '${username}'" + ynh_psql_db_shell "$db_name" --sql "update public.user set login_source = (select id from login_source where name = 'YunoHost LDAP' and type = 5), login_name = name, login_type = 5 where name = '${username}'" done } function synchronize_users() { - ynh_print_info --message="Synchronizing forgejo users" + ynh_print_info "Synchronizing forgejo users" # Fetch the token independently such that it's redacted by Yunohost logging mechanism - forgejo_api_token=$(ynh_app_setting_get --app="$app" --key=forgejo_api_token) + forgejo_api_token=$(ynh_app_setting_get --key=forgejo_api_token) # Remove trailing slash from path local no_trailing_slash_path=${path%/} diff --git a/scripts/backup b/scripts/backup index ada8d65..5c2b869 100644 --- a/scripts/backup +++ b/scripts/backup @@ -1,43 +1,34 @@ #!/bin/bash -#================================================= -# GENERIC START -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers -#================================================= -# DECLARE DATA AND CONF FILES TO BACKUP -#================================================= -ynh_print_info --message="Declaring files to be backed up..." +ynh_print_info "Declaring files to be backed up..." #================================================= # BACKUP THE APP MAIN DIR #================================================= -ynh_backup --src_path="$install_dir" +ynh_backup "$install_dir" #================================================= # BACKUP THE DATA DIR #================================================= -ynh_backup --src_path="$data_dir" --is_big +ynh_backup "$data_dir" #================================================= # BACKUP THE NGINX CONFIGURATION #================================================= -ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" +ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= # BACKUP FAIL2BAN CONFIGURATION #================================================= -ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf" -ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf" +ynh_backup "/etc/fail2ban/jail.d/$app.conf" +ynh_backup "/etc/fail2ban/filter.d/$app.conf" #================================================= # SPECIFIC BACKUP @@ -45,29 +36,29 @@ ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf" # BACKUP LOGROTATE #================================================= -ynh_backup --src_path="/etc/logrotate.d/$app" +ynh_backup "/etc/logrotate.d/$app" #================================================= # BACKUP SYSTEMD #================================================= -ynh_backup --src_path="/etc/systemd/system/$app.service" +ynh_backup "/etc/systemd/system/$app.service" #================================================= # BACKUP VARIOUS FILES #================================================= -ynh_backup --src_path="/var/log/$app" +ynh_backup "/var/log/$app" #================================================= # BACKUP THE DATABASE #================================================= -ynh_print_info --message="Backing up the database..." +ynh_print_info "Backing up the database..." -ynh_psql_dump_db --database="$db_name" > db.sql +ynh_psql_dump_db > db.sql #================================================= # END OF SCRIPT #================================================= -ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." +ynh_print_info "Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." diff --git a/scripts/change_url b/scripts/change_url index 7f6e399..5bf1d24 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -1,52 +1,42 @@ #!/bin/bash -#================================================= -# GENERIC STARTING -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - source _common.sh source /usr/share/yunohost/helpers -#================================================= -# STANDARD MODIFICATIONS #================================================= # STOP SYSTEMD SERVICE #================================================= -ynh_script_progression --message="Stopping a systemd service..." --weight=2 +ynh_script_progression "Stopping $app's systemd service..." -ynh_systemd_action --service_name="$app" --action="stop" --log_path="/var/log/$app/forgejo.log" +ynh_systemctl --service="$app" --action="stop" --log_path="/var/log/$app/forgejo.log" #================================================= # MODIFY URL IN NGINX CONF #================================================= -ynh_script_progression --message="Updating NGINX web server configuration..." --weight=3 +ynh_script_progression "Updating NGINX web server configuration..." -ynh_change_url_nginx_config +ynh_config_change_url_nginx #================================================= # SPECIFIC MODIFICATIONS #================================================= -ynh_script_progression --message="Adding a configuration file..." --weight=1 +ynh_script_progression "Adding $app's configuration..." ssh_port=$(grep -P "Port\s+\d+" /etc/ssh/sshd_config | grep -P -o "\d+") -ynh_exec_warn_less ynh_add_config --template="../conf/app.ini" --destination="$install_dir/custom/conf/app.ini" +ynh_hide_warnings ynh_config_add --template="app.ini" --destination="$install_dir/custom/conf/app.ini" chmod 640 "$install_dir/custom/conf/app.ini" chown "$app:$app" "$install_dir/custom/conf/app.ini" -#================================================= -# GENERIC FINALISATION #================================================= # START SYSTEMD SERVICE #================================================= -ynh_script_progression --message="Starting a systemd service..." --weight=2 +ynh_script_progression "Starting $app's systemd service..." -ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/forgejo.log" --line_match="Starting new Web server: tcp:127.0.0.1:" +ynh_systemctl --service="$app" --action="start" --log_path="/var/log/$app/forgejo.log" --wait_until="Starting new Web server: tcp:127.0.0.1:" #================================================= # END OF SCRIPT #================================================= -ynh_script_progression --message="Change of URL completed for $app" --last +ynh_script_progression "Change of URL completed for $app" diff --git a/scripts/install b/scripts/install index 871236e..6d76b21 100644 --- a/scripts/install +++ b/scripts/install @@ -30,18 +30,18 @@ secret_key=$("$install_dir/forgejo" generate secret SECRET_KEY) lfs_jwt_secret=$("$install_dir/forgejo" generate secret JWT_SECRET) internal_token=$("$install_dir/forgejo" generate secret INTERNAL_TOKEN) oauth2_jwt_secret=$("$install_dir/forgejo" generate secret JWT_SECRET) -ynh_app_setting_set --app="$app" --key=secret_key --value="$secret_key" -ynh_app_setting_set --app="$app" --key=lfs_jwt_secret --value="$lfs_jwt_secret" -ynh_app_setting_set --app="$app" --key=internal_token --value="$internal_token" -ynh_app_setting_set --app="$app" --key=oauth2_jwt_secret --value="$oauth2_jwt_secret" +ynh_app_setting_set --key=secret_key --value="$secret_key" +ynh_app_setting_set --key=lfs_jwt_secret --value="$lfs_jwt_secret" +ynh_app_setting_set --key=internal_token --value="$internal_token" +ynh_app_setting_set --key=oauth2_jwt_secret --value="$oauth2_jwt_secret" #================================================= # ADD A CONFIGURATION #================================================= -ynh_script_progression --message="Adding a configuration file..." --weight=1 +ynh_script_progression "Adding $app's configuration..." ssh_port=$(grep -P "Port\s+\d+" /etc/ssh/sshd_config | grep -P -o "\d+") -ynh_add_config --template="app.ini" --destination="$install_dir/custom/conf/app.ini" +ynh_config_add --template="app.ini" --destination="$install_dir/custom/conf/app.ini" chmod 640 "$install_dir/custom/conf/app.ini" chown "$app:$app" "$install_dir/custom/conf/app.ini" @@ -49,56 +49,54 @@ chown "$app:$app" "$install_dir/custom/conf/app.ini" #================================================= # SETUP SYSTEMD #================================================= -ynh_script_progression --message="Upgrading systemd configuration..." --weight=1 +ynh_script_progression "Upgrading systemd configuration..." -ynh_add_systemd_config +ynh_config_add_systemd #================================================= # NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=2 +ynh_script_progression "Upgrading NGINX web server configuration..." -ynh_add_nginx_config +ynh_config_add_nginx -#================================================= -# GENERIC FINALIZATION #================================================= # SETUP LOGROTATE #================================================= -ynh_script_progression --message="Configuring log rotation..." --weight=1 +ynh_script_progression "Configuring log rotation..." # Use logrotate to manage application logfile(s) -ynh_use_logrotate --logfile "/var/log/$app" --nonappend +ynh_config_add_logrotate "/var/log/$app" -chown -R "$app:$app" "/var/log/$app" -chmod u=rwX,g=rX,o= "/var/log/$app" +#REMOVEME? Assuming ynh_config_add_logrotate is called, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R "$app:$app" "/var/log/$app" +#REMOVEME? Assuming ynh_config_add_logrotate is called, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod u=rwX,g=rX,o= "/var/log/$app" #================================================= # INTEGRATE SERVICE IN YUNOHOST #================================================= -ynh_script_progression --message="Integrating service in YunoHost..." --weight=2 +ynh_script_progression "Integrating service in YunoHost..." yunohost service add "$app" --description="Forgejo" --log="/var/log/$app/forgejo.log" #================================================= # START SYSTEMD SERVICE #================================================= -ynh_script_progression --message="Starting a systemd service..." --weight=3 +ynh_script_progression "Starting $app's systemd service..." # Start a systemd service -ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/forgejo.log" --line_match="Starting new Web server: tcp:127.0.0.1:" +ynh_systemctl --service="$app" --action="start" --log_path="/var/log/$app/forgejo.log" --wait_until="Starting new Web server: tcp:127.0.0.1:" #================================================= # SETUP FAIL2BAN #================================================= -ynh_script_progression --message="Configuring Fail2Ban..." --weight=1 +ynh_script_progression "Configuring Fail2Ban..." -ynh_add_fail2ban_config --logpath "/var/log/$app/forgejo.log" --failregex ".*Failed authentication attempt for .* from " --max_retry 5 +ynh_config_add_fail2ban --logpath "/var/log/$app/forgejo.log" --failregex ".*Failed authentication attempt for .* from " --max_retry 5 #================================================= # LDAP CONFIGURATION #================================================= -ynh_script_progression --message="Adding LDAP configuration..." --weight=1 +ynh_script_progression "Adding LDAP configuration..." set_forgejo_login_source enable_login_source_sync @@ -112,4 +110,4 @@ synchronize_users # END OF SCRIPT #================================================= -ynh_script_progression --message="Installation of $app completed" --last +ynh_script_progression "Installation of $app completed" diff --git a/scripts/remove b/scripts/remove index ed4ac1b..b446f0b 100644 --- a/scripts/remove +++ b/scripts/remove @@ -1,11 +1,5 @@ #!/bin/bash -#================================================= -# GENERIC START -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - source _common.sh source /usr/share/yunohost/helpers @@ -16,30 +10,30 @@ source /usr/share/yunohost/helpers #================================================= # Remove the service from the list of services known by YunoHost (added from `yunohost service add`) -if ynh_exec_warn_less yunohost service status "$app" >/dev/null +if ynh_hide_warnings yunohost service status "$app" >/dev/null then - ynh_script_progression --message="Removing $app service integration..." --weight=1 + ynh_script_progression "Removing $app service integration..." yunohost service remove "$app" fi # Remove the dedicated systemd config -ynh_script_progression --message="Removing systemd configuration..." --weight=1 -ynh_remove_systemd_config +ynh_script_progression "Removing systemd configuration..." +ynh_config_remove_systemd # Remove the app-specific logrotate config -ynh_script_progression --message="Removing logrotate configuration..." --weight=1 -ynh_remove_logrotate +ynh_script_progression "Removing logrotate configuration..." +ynh_config_remove_logrotate # Remove the dedicated NGINX config -ynh_script_progression --message="Removing NGINX web server configuration..." --weight=1 -ynh_remove_nginx_config +ynh_script_progression "Removing NGINX web server configuration..." +ynh_config_remove_nginx # Remove the dedicated Fail2Ban config -ynh_script_progression --message="Removing Fail2Ban configuration..." --weight=1 -ynh_remove_fail2ban_config +ynh_script_progression "Removing Fail2Ban configuration..." +ynh_config_remove_fail2ban #================================================= # END OF SCRIPT #================================================= -ynh_script_progression --message="Removal of $app completed" --last +ynh_script_progression "Removal of $app completed" diff --git a/scripts/restore b/scripts/restore index f2ee8f0..acdd9ab 100644 --- a/scripts/restore +++ b/scripts/restore @@ -1,11 +1,5 @@ #!/bin/bash -#================================================= -# GENERIC START -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers @@ -14,90 +8,87 @@ source /usr/share/yunohost/helpers #================================================= # RESTORE THE NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Restoring the NGINX configuration..." --weight=1 +ynh_script_progression "Restoring the NGINX configuration..." -ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" +ynh_restore "/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= # RESTORE THE APP MAIN DIR #================================================= -ynh_script_progression --message="Restoring $app main directory..." --weight=10 +ynh_script_progression "Restoring $app main directory..." -ynh_restore_file --origin_path="$install_dir" - -chmod -R o-rwx "$install_dir" -chown -R "$app:$app" "$install_dir" +ynh_restore "$install_dir" +#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod -R o-rwx "$install_dir" +#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R "$app:$app" "$install_dir" #================================================= # RESTORE THE DATA DIRECTORY #================================================= -ynh_script_progression --message="Restoring the data directory..." --weight=1 -ynh_restore_file --origin_path="$data_dir" --not_mandatory +ynh_script_progression "Restoring the data directory..." +ynh_restore "$data_dir" chown -R "$app:$app" "$data_dir" #================================================= # RESTORE THE LOG DIRECTORY #================================================= -ynh_restore_file --origin_path="/var/log/$app" -chown -R "$app:$app" "/var/log/$app" -chmod u=rwX,g=rX,o= "/var/log/$app" +ynh_restore "/var/log/$app" +#REMOVEME? Assuming ynh_config_add_logrotate is called, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R "$app:$app" "/var/log/$app" +#REMOVEME? Assuming ynh_config_add_logrotate is called, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod u=rwX,g=rX,o= "/var/log/$app" #================================================= # RESTORE FAIL2BAN CONFIGURATION #================================================= -ynh_script_progression --message="Restoring the Fail2Ban configuration..." --weight=1 +ynh_script_progression "Restoring the Fail2Ban configuration..." -ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf" -ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf" -ynh_systemd_action --action=restart --service_name=fail2ban +ynh_restore "/etc/fail2ban/jail.d/$app.conf" +ynh_restore "/etc/fail2ban/filter.d/$app.conf" +ynh_systemctl --action=restart --service=fail2ban #================================================= # RESTORE THE DATABASE #================================================= -ynh_script_progression --message="Restoring the database..." --weight=6 +ynh_script_progression "Restoring the database..." -ynh_psql_execute_file_as_root --file="./db.sql" --database="$db_name" +ynh_psql_db_shell " < "./db.sql"" #================================================= # RESTORE SYSTEMD #================================================= -ynh_script_progression --message="Restoring the systemd configuration..." --weight=5 +ynh_script_progression "Restoring $app's systemd service..." -ynh_restore_file --origin_path="/etc/systemd/system/$app.service" +ynh_restore "/etc/systemd/system/$app.service" systemctl enable "$app.service" --quiet #================================================= # RESTORE THE LOGROTATE CONFIGURATION #================================================= -ynh_script_progression --message="Restoring the logrotate configuration..." --weight=1 +ynh_script_progression "Restoring the logrotate configuration..." -ynh_restore_file --origin_path="/etc/logrotate.d/$app" +ynh_restore "/etc/logrotate.d/$app" #================================================= # INTEGRATE SERVICE IN YUNOHOST #================================================= -ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 +ynh_script_progression "Integrating service in YunoHost..." yunohost service add "$app" --description="Forgejo" --log="/var/log/$app/forgejo.log" #================================================= # START SYSTEMD SERVICE #================================================= -ynh_script_progression --message="Starting a systemd service..." --weight=3 +ynh_script_progression "Starting $app's systemd service..." -ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/forgejo.log" --line_match="Starting new Web server: tcp:127.0.0.1:" +ynh_systemctl --service="$app" --action="start" --log_path="/var/log/$app/forgejo.log" --wait_until="Starting new Web server: tcp:127.0.0.1:" -#================================================= -# GENERIC FINALIZATION #================================================= # RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading NGINX web server..." --weight=1 +ynh_script_progression "Reloading NGINX web server..." -ynh_systemd_action --service_name=nginx --action=reload +ynh_systemctl --service=nginx --action=reload #================================================= # END OF SCRIPT #================================================= -ynh_script_progression --message="Restoration completed for $app" --last +ynh_script_progression "Restoration completed for $app" diff --git a/scripts/upgrade b/scripts/upgrade index f75b289..7e00991 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -1,47 +1,33 @@ #!/bin/bash -#================================================= -# GENERIC START -#================================================= -# IMPORT GENERIC HELPERS -#================================================= - source _common.sh source /usr/share/yunohost/helpers -#================================================= -# CHECK VERSION -#================================================= - -upgrade_type=$(ynh_check_app_version_changed) - -#================================================= -# STANDARD UPGRADE STEPS #================================================= # STOP SYSTEMD SERVICE #================================================= -ynh_script_progression --message="Stopping a systemd service..." --weight=2 -ynh_systemd_action --service_name="$app" --action="stop" --log_path="systemd" +ynh_script_progression "Stopping $app's systemd service..." +ynh_systemctl --service="$app" --action="stop" --log_path="systemd" #================================================= # ENSURE DOWNWARD COMPATIBILITY #================================================= -ynh_script_progression --message="Ensuring downward compatibility..." --weight=1 +ynh_script_progression "Ensuring downward compatibility..." # Update forgejo login source (1.19.3-0~ynh2) pushd "$install_dir" - old_login_source_id=$(ynh_exec_as "$app" ./forgejo admin auth list | grep "YunoHost LDAP" | grep "via BindDN" | cut -f 1) + old_login_source_id=$(ynh_exec_as_app ./forgejo admin auth list | grep "YunoHost LDAP" | grep "via BindDN" | cut -f 1) if [ -n "$old_login_source_id" ]; then - ynh_print_info --message="Delete obsolete forgejo login source (LDAP via BindDN)" + ynh_print_info "Delete obsolete forgejo login source (LDAP via BindDN)" # Ensure no user have this obsolete login source - ynh_psql_execute_as_root --database "$db_name" --sql "update public.user set login_source = 0, login_type = 0 where login_source = ${old_login_source_id}" + ynh_psql_db_shell "$db_name" --sql "update public.user set login_source = 0, login_type = 0 where login_source = ${old_login_source_id}" # Delete old login source - ynh_exec_as "$app" ./forgejo admin auth delete --id "$old_login_source_id" + ynh_exec_as_app ./forgejo admin auth delete --id "$old_login_source_id" fi - ynh_exec_as "$app" ./forgejo admin auth list | grep "YunoHost LDAP" | grep -q "LDAP (simple auth)" || + ynh_exec_as_app ./forgejo admin auth list | grep "YunoHost LDAP" | grep -q "LDAP (simple auth)" || # create new login source if not existing set_forgejo_login_source popd @@ -57,48 +43,52 @@ if [ -d "$data_dir/.ssh" ]; then fi # If secret_key doesn't exist, create it +# FIXMEhelpers2.1: maybe replace with: ynh_app_setting_set_default --key=secret_key --value=$("$install_dir/forgejo" generate secret SECRET_KEY) if [ -z "${secret_key:-}" ]; then secret_key=$("$install_dir/forgejo" generate secret SECRET_KEY) - ynh_app_setting_set --app="$app" --key=secret_key --value="$secret_key" + ynh_app_setting_set --key=secret_key --value="$secret_key" fi # If lfs_jwt_secret doesn't exist, create it +# FIXMEhelpers2.1: maybe replace with: ynh_app_setting_set_default --key=lfs_jwt_secret --value=$("$install_dir/forgejo" generate secret JWT_SECRET) if [ -z "${lfs_jwt_secret:-}" ]; then lfs_jwt_secret=$("$install_dir/forgejo" generate secret JWT_SECRET) - ynh_app_setting_set --app="$app" --key=lfs_jwt_secret --value="$lfs_jwt_secret" + ynh_app_setting_set --key=lfs_jwt_secret --value="$lfs_jwt_secret" fi # If internal_token doesn't exist, create it +# FIXMEhelpers2.1: maybe replace with: ynh_app_setting_set_default --key=internal_token --value=$("$install_dir/forgejo" generate secret INTERNAL_TOKEN) if [ -z "${internal_token:-}" ]; then internal_token=$("$install_dir/forgejo" generate secret INTERNAL_TOKEN) - ynh_app_setting_set --app="$app" --key=internal_token --value="$internal_token" + ynh_app_setting_set --key=internal_token --value="$internal_token" fi # If oauth2_jwt_secret doesn't exist, create it +# FIXMEhelpers2.1: maybe replace with: ynh_app_setting_set_default --key=oauth2_jwt_secret --value=$("$install_dir/forgejo" generate secret JWT_SECRET) if [ -z "${oauth2_jwt_secret:-}" ]; then oauth2_jwt_secret=$("$install_dir/forgejo" generate secret JWT_SECRET) - ynh_app_setting_set --app="$app" --key=oauth2_jwt_secret --value="$oauth2_jwt_secret" + ynh_app_setting_set --key=oauth2_jwt_secret --value="$oauth2_jwt_secret" fi #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= -ynh_script_progression --message="Setting up source files..." --weight=3 +ynh_script_progression "Setting up source files..." -ynh_setup_source --dest_dir="$install_dir" --full_replace=1 --keep="custom .ssh" +ynh_setup_source --dest_dir="$install_dir" --full_replace --keep="custom .ssh" xz -f -d "$install_dir/forgejo.xz" -chmod -R o-rwx "$install_dir" -chown -R "$app:$app" "$install_dir" +#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod -R o-rwx "$install_dir" +#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R "$app:$app" "$install_dir" chmod +x "$install_dir/forgejo" #================================================= # ADD A CONFIGURATION #================================================= -ynh_script_progression --message="Adding a configuration file..." --weight=1 +ynh_script_progression "Adding $app's configuration..." ssh_port=$(grep -P "Port\s+\d+" /etc/ssh/sshd_config | grep -P -o "\d+") -ynh_add_config --template="app.ini" --destination="$install_dir/custom/conf/app.ini" +ynh_config_add --template="app.ini" --destination="$install_dir/custom/conf/app.ini" chmod 640 "$install_dir/custom/conf/app.ini" chown "$app:$app" "$install_dir/custom/conf/app.ini" @@ -106,45 +96,42 @@ chown "$app:$app" "$install_dir/custom/conf/app.ini" #================================================= # SETUP SYSTEMD #================================================= -ynh_script_progression --message="Upgrading systemd configuration..." --weight=1 +ynh_script_progression "Upgrading systemd configuration..." -ynh_add_systemd_config +ynh_config_add_systemd #================================================= # NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=2 +ynh_script_progression "Upgrading NGINX web server configuration..." -ynh_add_nginx_config +ynh_config_add_nginx -#================================================= -# GENERIC FINALIZATION #================================================= # SETUP LOGROTATE #================================================= -ynh_script_progression --message="Configuring log rotation..." --weight=1 +ynh_script_progression "Configuring log rotation..." # Use logrotate to manage application logfile(s) -ynh_use_logrotate --logfile "/var/log/$app" --nonappend +ynh_config_add_logrotate "/var/log/$app" -chown -R "$app:$app" "/var/log/$app" -chmod u=rwX,g=rX,o= "/var/log/$app" +#REMOVEME? Assuming ynh_config_add_logrotate is called, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R "$app:$app" "/var/log/$app" +#REMOVEME? Assuming ynh_config_add_logrotate is called, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod u=rwX,g=rX,o= "/var/log/$app" #================================================= # INTEGRATE SERVICE IN YUNOHOST #================================================= -ynh_script_progression --message="Integrating service in YunoHost..." --weight=2 +ynh_script_progression "Integrating service in YunoHost..." yunohost service add "$app" --description="Forgejo" --log="/var/log/$app/forgejo.log" #================================================= # START SYSTEMD SERVICE #================================================= -ynh_script_progression --message="Starting a systemd service..." --weight=3 +ynh_script_progression "Starting $app's systemd service..." # Start a systemd service -ynh_systemd_action --service_name="$app" --action="start" --log_path="/var/log/$app/forgejo.log" --line_match="Starting new Web server: tcp:127.0.0.1:" - +ynh_systemctl --service="$app" --action="start" --log_path="/var/log/$app/forgejo.log" --wait_until="Starting new Web server: tcp:127.0.0.1:" #================================================= # Synchronize users (backward compatibility 1.19.3-0~ynh3) @@ -160,12 +147,12 @@ synchronize_users #================================================= # SETUP FAIL2BAN #================================================= -ynh_script_progression --message="Configuring Fail2Ban..." --weight=1 +ynh_script_progression "Configuring Fail2Ban..." -ynh_add_fail2ban_config --logpath "/var/log/$app/forgejo.log" --failregex ".*Failed authentication attempt for .* from " --max_retry 5 +ynh_config_add_fail2ban --logpath "/var/log/$app/forgejo.log" --failregex ".*Failed authentication attempt for .* from " --max_retry 5 #================================================= # END OF SCRIPT #================================================= -ynh_script_progression --message="Upgrade of $app completed" --last +ynh_script_progression "Upgrade of $app completed" From 8573359c3984f86cb9b87db484cbf7ab274b0fa0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Sun, 1 Sep 2024 18:33:25 +0200 Subject: [PATCH 4/5] cleaning --- scripts/backup | 20 +------------------- scripts/install | 5 ++--- scripts/restore | 11 +---------- scripts/upgrade | 30 +++++------------------------- 4 files changed, 9 insertions(+), 57 deletions(-) diff --git a/scripts/backup b/scripts/backup index 5c2b869..3738252 100644 --- a/scripts/backup +++ b/scripts/backup @@ -18,36 +18,18 @@ ynh_backup "$install_dir" ynh_backup "$data_dir" #================================================= -# BACKUP THE NGINX CONFIGURATION +# SYSTEM CONFIGURATION #================================================= ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf" -#================================================= -# BACKUP FAIL2BAN CONFIGURATION -#================================================= - ynh_backup "/etc/fail2ban/jail.d/$app.conf" ynh_backup "/etc/fail2ban/filter.d/$app.conf" -#================================================= -# SPECIFIC BACKUP -#================================================= -# BACKUP LOGROTATE -#================================================= - ynh_backup "/etc/logrotate.d/$app" -#================================================= -# BACKUP SYSTEMD -#================================================= - ynh_backup "/etc/systemd/system/$app.service" -#================================================= -# BACKUP VARIOUS FILES -#================================================= - ynh_backup "/var/log/$app" #================================================= diff --git a/scripts/install b/scripts/install index 6d76b21..721e1ec 100644 --- a/scripts/install +++ b/scripts/install @@ -13,7 +13,9 @@ source /usr/share/yunohost/helpers #================================================= # Create install and data subdirs #================================================= + ynh_setup_source --dest_dir="$install_dir" + xz -d "$install_dir/forgejo.xz" chmod +x "$install_dir/forgejo" @@ -68,9 +70,6 @@ ynh_script_progression "Configuring log rotation..." # Use logrotate to manage application logfile(s) ynh_config_add_logrotate "/var/log/$app" -#REMOVEME? Assuming ynh_config_add_logrotate is called, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R "$app:$app" "/var/log/$app" -#REMOVEME? Assuming ynh_config_add_logrotate is called, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod u=rwX,g=rX,o= "/var/log/$app" - #================================================= # INTEGRATE SERVICE IN YUNOHOST #================================================= diff --git a/scripts/restore b/scripts/restore index acdd9ab..c67ac58 100644 --- a/scripts/restore +++ b/scripts/restore @@ -19,8 +19,6 @@ ynh_script_progression "Restoring $app main directory..." ynh_restore "$install_dir" -#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod -R o-rwx "$install_dir" -#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R "$app:$app" "$install_dir" #================================================= # RESTORE THE DATA DIRECTORY #================================================= @@ -28,13 +26,6 @@ ynh_script_progression "Restoring the data directory..." ynh_restore "$data_dir" chown -R "$app:$app" "$data_dir" -#================================================= -# RESTORE THE LOG DIRECTORY -#================================================= -ynh_restore "/var/log/$app" -#REMOVEME? Assuming ynh_config_add_logrotate is called, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R "$app:$app" "/var/log/$app" -#REMOVEME? Assuming ynh_config_add_logrotate is called, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod u=rwX,g=rX,o= "/var/log/$app" - #================================================= # RESTORE FAIL2BAN CONFIGURATION #================================================= @@ -49,7 +40,7 @@ ynh_systemctl --action=restart --service=fail2ban #================================================= ynh_script_progression "Restoring the database..." -ynh_psql_db_shell " < "./db.sql"" +ynh_psql_db_shell < "./db.sql" #================================================= # RESTORE SYSTEMD diff --git a/scripts/upgrade b/scripts/upgrade index 7e00991..e1a04d1 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -7,6 +7,7 @@ source /usr/share/yunohost/helpers # STOP SYSTEMD SERVICE #================================================= ynh_script_progression "Stopping $app's systemd service..." + ynh_systemctl --service="$app" --action="stop" --log_path="systemd" #================================================= @@ -43,32 +44,16 @@ if [ -d "$data_dir/.ssh" ]; then fi # If secret_key doesn't exist, create it -# FIXMEhelpers2.1: maybe replace with: ynh_app_setting_set_default --key=secret_key --value=$("$install_dir/forgejo" generate secret SECRET_KEY) -if [ -z "${secret_key:-}" ]; then - secret_key=$("$install_dir/forgejo" generate secret SECRET_KEY) - ynh_app_setting_set --key=secret_key --value="$secret_key" -fi +ynh_app_setting_set_default --key=secret_key --value=$("$install_dir/forgejo" generate secret SECRET_KEY) # If lfs_jwt_secret doesn't exist, create it -# FIXMEhelpers2.1: maybe replace with: ynh_app_setting_set_default --key=lfs_jwt_secret --value=$("$install_dir/forgejo" generate secret JWT_SECRET) -if [ -z "${lfs_jwt_secret:-}" ]; then - lfs_jwt_secret=$("$install_dir/forgejo" generate secret JWT_SECRET) - ynh_app_setting_set --key=lfs_jwt_secret --value="$lfs_jwt_secret" -fi +ynh_app_setting_set_default --key=lfs_jwt_secret --value=$("$install_dir/forgejo" generate secret JWT_SECRET) # If internal_token doesn't exist, create it -# FIXMEhelpers2.1: maybe replace with: ynh_app_setting_set_default --key=internal_token --value=$("$install_dir/forgejo" generate secret INTERNAL_TOKEN) -if [ -z "${internal_token:-}" ]; then - internal_token=$("$install_dir/forgejo" generate secret INTERNAL_TOKEN) - ynh_app_setting_set --key=internal_token --value="$internal_token" -fi +ynh_app_setting_set_default --key=internal_token --value=$("$install_dir/forgejo" generate secret INTERNAL_TOKEN) # If oauth2_jwt_secret doesn't exist, create it -# FIXMEhelpers2.1: maybe replace with: ynh_app_setting_set_default --key=oauth2_jwt_secret --value=$("$install_dir/forgejo" generate secret JWT_SECRET) -if [ -z "${oauth2_jwt_secret:-}" ]; then - oauth2_jwt_secret=$("$install_dir/forgejo" generate secret JWT_SECRET) - ynh_app_setting_set --key=oauth2_jwt_secret --value="$oauth2_jwt_secret" -fi +ynh_app_setting_set_default --key=oauth2_jwt_secret --value=$("$install_dir/forgejo" generate secret JWT_SECRET) #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE @@ -78,8 +63,6 @@ ynh_script_progression "Setting up source files..." ynh_setup_source --dest_dir="$install_dir" --full_replace --keep="custom .ssh" xz -f -d "$install_dir/forgejo.xz" -#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod -R o-rwx "$install_dir" -#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R "$app:$app" "$install_dir" chmod +x "$install_dir/forgejo" #================================================= @@ -115,9 +98,6 @@ ynh_script_progression "Configuring log rotation..." # Use logrotate to manage application logfile(s) ynh_config_add_logrotate "/var/log/$app" -#REMOVEME? Assuming ynh_config_add_logrotate is called, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R "$app:$app" "/var/log/$app" -#REMOVEME? Assuming ynh_config_add_logrotate is called, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod u=rwX,g=rX,o= "/var/log/$app" - #================================================= # INTEGRATE SERVICE IN YUNOHOST #================================================= From ef480e3c1365fdd5abd4da110a60661cc332a193 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?E=CC=81ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Sun, 1 Sep 2024 21:40:08 +0200 Subject: [PATCH 5/5] cleaning --- scripts/install | 43 ++++++++++--------------------------------- scripts/remove | 14 ++------------ scripts/restore | 49 ++++++++++++------------------------------------- scripts/upgrade | 26 ++------------------------ 4 files changed, 26 insertions(+), 106 deletions(-) diff --git a/scripts/install b/scripts/install index 721e1ec..8ee2665 100644 --- a/scripts/install +++ b/scripts/install @@ -1,18 +1,16 @@ #!/bin/bash #================================================= -# GENERIC START +# IMPORT GENERIC HELPERS #================================================= -# Load common variables and helpers -source ./_common.sh - -# IMPORT GENERIC HELPERS +source _common.sh source /usr/share/yunohost/helpers #================================================= -# Create install and data subdirs +# DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= +ynh_script_progression "Setting up source files..." ynh_setup_source --dest_dir="$install_dir" @@ -38,9 +36,9 @@ ynh_app_setting_set --key=internal_token --value="$internal_token" ynh_app_setting_set --key=oauth2_jwt_secret --value="$oauth2_jwt_secret" #================================================= -# ADD A CONFIGURATION +# APP INITIAL CONFIGURATION #================================================= -ynh_script_progression "Adding $app's configuration..." +ynh_script_progression "Adding $app's configuration files..." ssh_port=$(grep -P "Port\s+\d+" /etc/ssh/sshd_config | grep -P -o "\d+") ynh_config_add --template="app.ini" --destination="$install_dir/custom/conf/app.ini" @@ -49,34 +47,20 @@ chmod 640 "$install_dir/custom/conf/app.ini" chown "$app:$app" "$install_dir/custom/conf/app.ini" #================================================= -# SETUP SYSTEMD +# SYSTEM CONFIGURATION #================================================= -ynh_script_progression "Upgrading systemd configuration..." +ynh_script_progression "Adding system configurations related to $app..." ynh_config_add_systemd -#================================================= -# NGINX CONFIGURATION -#================================================= -ynh_script_progression "Upgrading NGINX web server configuration..." - ynh_config_add_nginx -#================================================= -# SETUP LOGROTATE -#================================================= -ynh_script_progression "Configuring log rotation..." - -# Use logrotate to manage application logfile(s) ynh_config_add_logrotate "/var/log/$app" -#================================================= -# INTEGRATE SERVICE IN YUNOHOST -#================================================= -ynh_script_progression "Integrating service in YunoHost..." - yunohost service add "$app" --description="Forgejo" --log="/var/log/$app/forgejo.log" +ynh_config_add_fail2ban --logpath "/var/log/$app/forgejo.log" --failregex ".*Failed authentication attempt for .* from " + #================================================= # START SYSTEMD SERVICE #================================================= @@ -85,13 +69,6 @@ ynh_script_progression "Starting $app's systemd service..." # Start a systemd service ynh_systemctl --service="$app" --action="start" --log_path="/var/log/$app/forgejo.log" --wait_until="Starting new Web server: tcp:127.0.0.1:" -#================================================= -# SETUP FAIL2BAN -#================================================= -ynh_script_progression "Configuring Fail2Ban..." - -ynh_config_add_fail2ban --logpath "/var/log/$app/forgejo.log" --failregex ".*Failed authentication attempt for .* from " --max_retry 5 - #================================================= # LDAP CONFIGURATION #================================================= diff --git a/scripts/remove b/scripts/remove index b446f0b..d6e975d 100644 --- a/scripts/remove +++ b/scripts/remove @@ -4,32 +4,22 @@ source _common.sh source /usr/share/yunohost/helpers #================================================= -# STANDARD REMOVE -#================================================= -# REMOVE SERVICE INTEGRATION IN YUNOHOST +# REMOVE SYSTEM CONFIGURATIONS #================================================= +ynh_script_progression "Removing system configurations related to $app..." -# Remove the service from the list of services known by YunoHost (added from `yunohost service add`) if ynh_hide_warnings yunohost service status "$app" >/dev/null then ynh_script_progression "Removing $app service integration..." yunohost service remove "$app" fi -# Remove the dedicated systemd config -ynh_script_progression "Removing systemd configuration..." ynh_config_remove_systemd -# Remove the app-specific logrotate config -ynh_script_progression "Removing logrotate configuration..." ynh_config_remove_logrotate -# Remove the dedicated NGINX config -ynh_script_progression "Removing NGINX web server configuration..." ynh_config_remove_nginx -# Remove the dedicated Fail2Ban config -ynh_script_progression "Removing Fail2Ban configuration..." ynh_config_remove_fail2ban #================================================= diff --git a/scripts/restore b/scripts/restore index c67ac58..fcf3c29 100644 --- a/scripts/restore +++ b/scripts/restore @@ -3,15 +3,6 @@ source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers -#================================================= -# STANDARD RESTORATION STEPS -#================================================= -# RESTORE THE NGINX CONFIGURATION -#================================================= -ynh_script_progression "Restoring the NGINX configuration..." - -ynh_restore "/etc/nginx/conf.d/$domain.d/$app.conf" - #================================================= # RESTORE THE APP MAIN DIR #================================================= @@ -23,18 +14,11 @@ ynh_restore "$install_dir" # RESTORE THE DATA DIRECTORY #================================================= ynh_script_progression "Restoring the data directory..." + ynh_restore "$data_dir" + chown -R "$app:$app" "$data_dir" -#================================================= -# RESTORE FAIL2BAN CONFIGURATION -#================================================= -ynh_script_progression "Restoring the Fail2Ban configuration..." - -ynh_restore "/etc/fail2ban/jail.d/$app.conf" -ynh_restore "/etc/fail2ban/filter.d/$app.conf" -ynh_systemctl --action=restart --service=fail2ban - #================================================= # RESTORE THE DATABASE #================================================= @@ -43,39 +27,30 @@ ynh_script_progression "Restoring the database..." ynh_psql_db_shell < "./db.sql" #================================================= -# RESTORE SYSTEMD +# RESTORE SYSTEM CONFIGURATIONS #================================================= -ynh_script_progression "Restoring $app's systemd service..." +ynh_script_progression --message="Restoring system configurations related to $app..." --weight=1 + +ynh_restore "/etc/nginx/conf.d/$domain.d/$app.conf" ynh_restore "/etc/systemd/system/$app.service" systemctl enable "$app.service" --quiet -#================================================= -# RESTORE THE LOGROTATE CONFIGURATION -#================================================= -ynh_script_progression "Restoring the logrotate configuration..." - ynh_restore "/etc/logrotate.d/$app" -#================================================= -# INTEGRATE SERVICE IN YUNOHOST -#================================================= -ynh_script_progression "Integrating service in YunoHost..." - yunohost service add "$app" --description="Forgejo" --log="/var/log/$app/forgejo.log" +ynh_restore "/etc/fail2ban/jail.d/$app.conf" +ynh_restore "/etc/fail2ban/filter.d/$app.conf" +ynh_systemctl --action=restart --service=fail2ban + #================================================= -# START SYSTEMD SERVICE +# RELOAD NGINX AND PHP-FPM OR THE APP SERVICE #================================================= -ynh_script_progression "Starting $app's systemd service..." +ynh_script_progression "Reloading NGINX web server and $app's service..." ynh_systemctl --service="$app" --action="start" --log_path="/var/log/$app/forgejo.log" --wait_until="Starting new Web server: tcp:127.0.0.1:" -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression "Reloading NGINX web server..." - ynh_systemctl --service=nginx --action=reload #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index e1a04d1..48c9b8e 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -83,34 +83,19 @@ ynh_script_progression "Upgrading systemd configuration..." ynh_config_add_systemd -#================================================= -# NGINX CONFIGURATION -#================================================= -ynh_script_progression "Upgrading NGINX web server configuration..." - ynh_config_add_nginx -#================================================= -# SETUP LOGROTATE -#================================================= -ynh_script_progression "Configuring log rotation..." - -# Use logrotate to manage application logfile(s) ynh_config_add_logrotate "/var/log/$app" -#================================================= -# INTEGRATE SERVICE IN YUNOHOST -#================================================= -ynh_script_progression "Integrating service in YunoHost..." - yunohost service add "$app" --description="Forgejo" --log="/var/log/$app/forgejo.log" +ynh_config_add_fail2ban --logpath "/var/log/$app/forgejo.log" --failregex ".*Failed authentication attempt for .* from " + #================================================= # START SYSTEMD SERVICE #================================================= ynh_script_progression "Starting $app's systemd service..." -# Start a systemd service ynh_systemctl --service="$app" --action="start" --log_path="/var/log/$app/forgejo.log" --wait_until="Starting new Web server: tcp:127.0.0.1:" #================================================= @@ -124,13 +109,6 @@ set_users_login_source synchronize_users -#================================================= -# SETUP FAIL2BAN -#================================================= -ynh_script_progression "Configuring Fail2Ban..." - -ynh_config_add_fail2ban --logpath "/var/log/$app/forgejo.log" --failregex ".*Failed authentication attempt for .* from " --max_retry 5 - #================================================= # END OF SCRIPT #=================================================