Merge pull request #169 from YunoHost-Apps/testing

Testing

README.md

@@ -19,7 +19,7 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in
 An efficient but powerful RSS aggregator with a nice and mobile-friendly design, as well as extension and themes support.
 
 
-**Shipped version:** 1.21.0~ynh2
+**Shipped version:** 1.22.1~ynh1
 
 **Demo:** https://demo.freshrss.org
 

README_fr.md

@@ -19,7 +19,7 @@ Si vous n’avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) po
 Agrégateur de flux RSS avec une interface adaptée au mobile.
 
 
-**Version incluse :** 1.21.0~ynh2
+**Version incluse :** 1.22.1~ynh1
 
 **Démo :** https://demo.freshrss.org
 

manifest.toml

@@ -5,7 +5,7 @@ name = "FreshRSS"
 description.en = "RSS aggregator with a nice and mobile-friendly design"
 description.fr = "Agrégateur de flux RSS avec une interface adaptée au mobile"
 
-version = "1.21.0~ynh2"
+version = "1.22.1~ynh1"
 
 maintainers = ["plopoyop"]
 
@@ -17,7 +17,7 @@ admindoc = "https://freshrss.github.io/FreshRSS/"
 code = "https://github.com/FreshRSS/FreshRSS"
 
 [integration]
-yunohost = ">= 11.1.21"
+yunohost = ">= 11.2"
 architectures = "all"
 multi_instance = true
 ldap = false
@@ -41,7 +41,7 @@ ram.runtime = "50M"
     [install.language]
     ask.en = "Choose the application language"
     ask.fr = "Choisissez la langue de l'application"
-    type = "string"
+    type = "select"
     choices = ["cz", "de", "en", "es", "fr", "he", "it", "kr", "nl", "oc", "pt", "ru", "tr", "zh-cn"]
     default = "fr"
 
@@ -53,8 +53,8 @@ ram.runtime = "50M"
     [resources.sources]
 
         [resources.sources.main]
-        url = "https://github.com/FreshRSS/FreshRSS/archive/1.21.0.tar.gz"
-        sha256 = "86d9f5953fbe5bd04aee105d7c92272055e6816ba893b9a153a575e7535c7d78"
+        url = "https://github.com/FreshRSS/FreshRSS/archive/refs/tags/1.22.1.tar.gz"
+        sha256 = "98cd7dfc06f30d397b1ace4f8c4f9a3a6240ff1ccdeca6487a21cbfe07e025c3"
         autoupdate.strategy = "latest_github_tag"
 
     [resources.system_user]
@@ -71,7 +71,7 @@ ram.runtime = "50M"
     api.protected = true
 
     [resources.apt]
-    packages = "mariadb-server acl php8.2-gd php8.2-zip php8.2-dom php8.2-mbstring php8.2-gmp php8.2-mysql php8.2-sqlite3 php8.2-curl php8.2-intl php8.2-xml"
+    packages = "mariadb-server, acl, php8.2-gd, php8.2-zip, php8.2-dom, php8.2-mbstring, php8.2-gmp, php8.2-mysql, php8.2-sqlite3, php8.2-curl, php8.2-intl, php8.2-xml"
 
     [resources.database]
     type = "mysql"

scripts/backup

@@ -41,6 +41,13 @@ ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
 
 ynh_backup --src_path="/etc/logrotate.d/$app"
 
+#=================================================
+# BACKUP FAIL2BAN CONFIGURATION
+#=================================================
+
+ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf"
+ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf"
+
 #=================================================
 # BACKUP VARIOUS FILES
 #=================================================

scripts/change_url

@@ -25,7 +25,7 @@ ynh_change_url_nginx_config
 #=================================================
 ynh_script_progression --message="Upgrading FreshRSS..." --weight=1
 
-ynh_exec_as $app $install_dir/cli/reconfigure.php --auth_type http_auth --environment production --base_url https://$new_domain$new_path --title FreshRSS --api_enabled --db-type mysql --db-host localhost --db-user $db_name --db-password $db_pwd --db-base $db_name
+ynh_exec_warn_less ynh_exec_as "$app" "$install_dir/cli/reconfigure.php" --auth_type http_auth --environment production --base_url "https://$new_domain$new_path" --title FreshRSS --api_enabled --db-type mysql --db-host localhost --db-user "$db_name" --db-password "$db_pwd" --db-base "$db_name"
 
 #=================================================
 # END OF SCRIPT

scripts/install

@@ -18,7 +18,7 @@ ynh_script_progression --message="Setting up source files..." --weight=1
 ynh_setup_source --dest_dir="$install_dir"
 
 chmod -R o-rwx "$install_dir"
-chown -R $app:www-data "$install_dir"
+chown -R "$app":www-data "$install_dir"
 
 #=================================================
 # SYSTEM CONFIGURATION
@@ -26,7 +26,7 @@ chown -R $app:www-data "$install_dir"
 ynh_script_progression --message="Adding system configurations related to $app..." --weight=1
 
 # Create a dedicated PHP-FPM config
-ynh_add_fpm_config --usage=low --footprint=low
+ynh_add_fpm_config
 
 # Create a dedicated NGINX config
 ynh_add_nginx_config
@@ -36,11 +36,30 @@ chown root: "/etc/cron.d/$app"
 chmod 644 "/etc/cron.d/$app"
 
 log_path="/var/log/$app"
-mkdir -p $log_path
-chown $app:www-data $log_path
+mkdir -p "$log_path"
+chown "$app":www-data "$log_path"
+
+#=================================================
+# GENERIC FINALIZATION
+#=================================================
+# SETUP LOGROTATE
+#=================================================
+ynh_script_progression --message="Configuring log rotation..." --weight=1
+
 # Use logrotate to manage application logfile(s)
 ynh_use_logrotate
 
+#=================================================
+# SETUP FAIL2BAN
+#=================================================
+ynh_script_progression --message="Upgrading fail2ban configuration..."
+
+# Create the logfile, required before configuring fail2ban
+touch "/var/log/${domain}-access.log"
+
+# Create a dedicated Fail2Ban config
+ynh_add_fail2ban_config --logpath="/var/log/${domain}-access.log" --failregex="<HOST> .* \"GET /api/.*\" 401" --max_retry=5
+
 #=================================================
 # SPECIFIC SETUP
 #=================================================
@@ -48,12 +67,12 @@ ynh_use_logrotate
 #=================================================
 ynh_script_progression --message="FreshRSS setup..." --weight=1
 
-ynh_exec_as $app $install_dir/cli/do-install.php --default_user $admin --auth_type http_auth --environment production --base_url https://$domain$path --title FreshRSS --api_enabled --db-type mysql --db-host localhost --db-user $db_name --db-password $db_pwd --db-base $db_name
+ynh_exec_warn_less ynh_exec_as "$app" "$install_dir/cli/do-install.php" --default_user "$admin" --auth_type http_auth --environment production --base_url "https://$domain$path" --title FreshRSS --api_enabled --db-type mysql --db-host localhost --db-user "$db_name" --db-password "$db_pwd" --db-base "$db_name"
 
 for myuser in $(ynh_user_list)
 do
     user_token=$(ynh_string_random)
-    ynh_exec_as $app $install_dir/cli/create-user.php --user $myuser --language $language --token $user_token
+    ynh_exec_as "$app" "$install_dir/cli/create-user.php" --user "$myuser" --language "$language" --token "$user_token"
 done
 
 #=================================================

scripts/remove

@@ -16,18 +16,54 @@ source /usr/share/yunohost/helpers
 #=================================================
 ynh_script_progression --message="Removing system configurations related to $app..." --weight=1
 
+#=================================================
+# REMOVE NGINX CONFIGURATION
+#=================================================
+ynh_script_progression --message="Removing NGINX web server configuration..." --weight=1
+
 # Remove the dedicated NGINX config
 ynh_remove_nginx_config
 
+#=================================================
+# REMOVE PHP CONFIGURATION
+#=================================================
+ynh_script_progression --message="Removing PHP configuration..." --weight=1
+
 # Remove the dedicated PHP-FPM config
 ynh_remove_fpm_config
 
+#=================================================
+# REMOVE CRON CONFIGURATION
+#=================================================
+ynh_script_progression --message="Removing Cron configuration..." --weight=1
+
 # Remove a cron file
 ynh_secure_remove --file="/etc/cron.d/$app"
 
+#=================================================
+# REMOVE LOG FILES
+#=================================================
+ynh_script_progression --message="Removing log files..." --weight=1
+
 # Remove the log files
 ynh_secure_remove --file="/var/log/$app"
 
+#=================================================
+# REMOVE LOGROTATE CONFIGURATION
+#=================================================
+ynh_script_progression --message="Removing logrotate configuration..." --weight=1
+
+# Remove the app-specific logrotate config
+ynh_remove_logrotate
+
+#=================================================
+# REMOVE FAIL2BAN CONFIGURATION
+#=================================================
+
+ynh_script_progression --message="Removing fail2ban configuration..." --weight=1
+
+ynh_remove_fail2ban_config
+
 #=================================================
 # END OF SCRIPT
 #=================================================

scripts/restore

@@ -18,14 +18,14 @@ ynh_script_progression --message="Restoring the app main directory..." --weight=
 ynh_restore_file --origin_path="$install_dir"
 
 chmod -R o-rwx "$install_dir"
-chown -R $app:www-data "$install_dir"
+chown -R "$app":www-data "$install_dir"
 
 #=================================================
 # RESTORE THE MYSQL DATABASE
 #=================================================
 ynh_script_progression --message="Restoring the MySQL database..." --weight=1
 
-ynh_mysql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql
+ynh_mysql_connect_as --user="$db_user" --password="$db_pwd" --database="$db_name" < ./db.sql
 
 #=================================================
 # RESTORE SYSTEM CONFIGURATIONS
@@ -36,15 +36,44 @@ ynh_script_progression --message="Restoring system configurations related to $ap
 
 ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
 
+#=================================================
+# RESTORE THE NGINX CONFIGURATION
+#=================================================
+ynh_script_progression --message="Restoring the NGINX configuration..." --weight=1
+
 ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
 
+#=================================================
+# RESTORE THE CRON CONFIGURATION
+#=================================================
+ynh_script_progression --message="Restoring the Cron configuration..." --weight=1
+
 ynh_restore_file --origin_path="/etc/cron.d/$app"
 
+#=================================================
+# RESTORE THE LOG FILES
+#=================================================
+ynh_script_progression --message="Restoring the log files..." --weight=1
+
 log_path="/var/log/$app"
-mkdir -p $log_path
-chown $app:www-data $log_path
+mkdir -p "$log_path"
+chown "$app":www-data "$log_path"
+
+#=================================================
+# RESTORE THE LOGROTATE CONFIGURATION
+#=================================================
+ynh_script_progression --message="Restoring the logrotate configuration..." --weight=1
+
 ynh_restore_file --origin_path="/etc/logrotate.d/$app"
 
+#=================================================
+# RESTORE THE FAIL2BAN CONFIGURATION
+#=================================================
+
+ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf"
+ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf"
+ynh_systemd_action --action=restart --service_name=fail2ban
+
 #=================================================
 # GENERIC FINALIZATION
 #=================================================
@@ -52,7 +81,7 @@ ynh_restore_file --origin_path="/etc/logrotate.d/$app"
 #=================================================
 ynh_script_progression --message="Reloading NGINX web server and $app's service..." --weight=1
 
-ynh_systemd_action --service_name=php$phpversion-fpm --action=reload
+ynh_systemd_action --service_name="php$phpversion-fpm" --action=reload
 ynh_systemd_action --service_name=nginx --action=reload
 
 #=================================================

scripts/upgrade

@@ -23,12 +23,12 @@ upgrade_type=$(ynh_check_app_version_changed)
 ynh_script_progression --message="Ensuring downward compatibility..." --weight=1
 
 if [ -z "$admin" ]; then
-	admin=$(ynh_app_setting_get --app=$app --key=admin_user)
-	if [ -z $admin ]; then
+	admin=$(ynh_app_setting_get --app="$app" --key=admin_user)
+	if [ -z "$admin" ]; then
 		ynh_die --message="no admin user found"
 	fi;
-	ynh_app_setting_delete --app=$app --key=admin_user
-	ynh_app_setting_set --app=$app --key=admin --value=$admin
+	ynh_app_setting_delete --app="$app" --key=admin_user
+	ynh_app_setting_set --app="$app" --key=admin --value="$admin"
 fi
 
 #=================================================
@@ -44,37 +44,75 @@ then
 fi
 
 chmod -R o-rwx "$install_dir"
-chown -R $app:www-data "$install_dir"
+chown -R "$app":www-data "$install_dir"
 
 #=================================================
 # REAPPLY SYSTEM CONFIGURATIONS
 #=================================================
 ynh_script_progression --message="Upgrading system configurations related to $app..." --weight=1
 
+#=================================================
+# PHP CONFIGURATION
+#=================================================
+ynh_script_progression --message="Upgrading PHP configuration..."
+
 # Create a dedicated PHP-FPM config
-ynh_add_fpm_config --usage=low --footprint=low
+ynh_add_fpm_config
+
+#=================================================
+# NGINX CONFIGURATION
+#=================================================
+ynh_script_progression --message="Upgrading NGINX web server configuration..."
 
 # Create a dedicated NGINX config
 ynh_add_nginx_config
 
+#=================================================
+# CRON CONFIGURATION
+#=================================================
+ynh_script_progression --message="Upgrading Cron configuration..."
+
 ynh_add_config --template="../conf/freshrss.cron" --destination="/etc/cron.d/$app"
 chown root: "/etc/cron.d/$app"
 chmod 644 "/etc/cron.d/$app"
 
+#=================================================
+# LOG FILES
+#=================================================
+
 if [ -f /tmp/FreshRSS.log ]; then
 	ynh_secure_remove --file="/tmp/FreshRSS.log"
 fi
 
-if [ -f $install_dir/$app.log ]; then
+if [ -f "$install_dir/$app.log" ]; then
 	ynh_secure_remove --file="/var/www/$app/$app.log"
 fi
 
 log_path="/var/log/$app"
-mkdir -p $log_path
-chown $app:www-data "$log_path"
+mkdir -p "$log_path"
+chown "$app":www-data "$log_path"
+
+#=================================================
+# SETUP LOGROTATE
+#=================================================
+ynh_script_progression --message="Upgrading logrotate configuration..."
+
 # Use logrotate to manage app-specific logfile(s)
 ynh_use_logrotate --non-append
 
+#=================================================
+# SETUP FAIL2BAN
+#=================================================
+ynh_script_progression --message="Upgrading fail2ban configuration..."
+
+# If it doesn't exist, create the logfile, required before configuring fail2ban
+if [ ! -f "/var/log/${domain}-access.log" ]; then
+	touch "/var/log/${domain}-access.log"
+fi
+
+# Create a dedicated Fail2Ban config
+ynh_add_fail2ban_config --logpath="/var/log/${domain}-access.log" --failregex="<HOST> .* \"GET /api/.*\" 401" --max_retry=5
+
 #=================================================
 # SPECIFIC UPGRADE
 #=================================================
@@ -83,7 +121,7 @@ ynh_use_logrotate --non-append
 ynh_script_progression --message="Upgrading FreshRSS..." --weight=1
 
 # reconfigure application with latest parameters
-ynh_exec_as $app $install_dir/cli/reconfigure.php --default_user $admin --auth_type http_auth --environment production --base_url https://$domain$path --title FreshRSS --api_enabled --db-type mysql --db-host localhost --db-user $db_name --db-password $db_pwd --db-base $db_name
+ynh_exec_warn_less ynh_exec_as "$app" "$install_dir/cli/reconfigure.php" --default_user "$admin" --auth_type http_auth --environment production --base_url "https://$domain$path" --title FreshRSS --api_enabled --db-type mysql --db-host localhost --db-user "$db_name" --db-password "$db_pwd" --db-base "$db_name"
 
 #=================================================
 # END OF SCRIPT