Merge 5f1a6191e6 into 1c73326ed9

2024-09-03 18:36:33 +02:00 · 2024-08-31 13:18:13 +02:00 · 2024-08-31 13:18:13 +02:00 · f8c72766e6
commit f8c72766e6
parent 1c73326ed9 5f1a6191e6
11 changed files with 89 additions and 155 deletions
--- a/conf/extra_php-fpm.conf
+++ b/conf/extra_php-fpm.conf
@ -1,4 +0,0 @@
-; Additional php.ini defines, specific to this pool of workers.
-
-php_admin_value[upload_max_filesize] = 50M
-php_admin_value[post_max_size] = 50M
--- a/conf/freshrss.cron
+++ b/conf/freshrss.cron
@ -1,2 +1,2 @@
 MAILTO="root"
-*/10 * * * * __APP__ /usr/bin/php__PHPVERSION__ __INSTALL_DIR__/app/actualize_script.php >/var/log/__APP__/__APP__.log 2>&1
+*/10 * * * * __APP__ /usr/bin/php__PHP_VERSION__ __INSTALL_DIR__/app/actualize_script.php >/var/log/__APP__/__APP__.log 2>&1
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@ -12,7 +12,7 @@ location __PATH__/ {
  try_files $uri $uri/ /index.php?$args;
  location ~ [^/]\.php(/|$) {
    fastcgi_split_path_info ^(.+?\.php)(/.*)$;
-    fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock;
+    fastcgi_pass unix:/var/run/php/php__PHP_VERSION__-fpm-__APP__.sock;

    fastcgi_index index.php;
    include fastcgi_params;
--- a/manifest.toml
+++ b/manifest.toml
@ -17,7 +17,8 @@ admindoc = "https://freshrss.github.io/FreshRSS/"
 code = "https://github.com/FreshRSS/FreshRSS"

 [integration]
-yunohost = ">= 11.2.8"
+yunohost = ">= 11.2.18"
+helpers_version = "2.1"
 architectures = "all"
 multi_instance = true

@ -63,6 +64,7 @@ ram.runtime = "50M"
    [resources.system_user]

    [resources.install_dir]
+    group = "www-data:r-x"

    [resources.permissions]
    main.url = "/"
--- a/scripts/_common.sh
+++ b/scripts/_common.sh
@ -1,17 +1,5 @@
 #!/bin/bash

 #=================================================
-# COMMON VARIABLES
-#=================================================
-
-#=================================================
-# PERSONAL HELPERS
-#=================================================
-
-#=================================================
-# EXPERIMENTAL HELPERS
-#=================================================
-
-#=================================================
-# FUTURE OFFICIAL HELPERS
+# COMMON VARIABLES AND CUSTOM HELPERS
 #=================================================
--- a/scripts/backup
+++ b/scripts/backup
@ -1,50 +1,41 @@
 #!/bin/bash

-#=================================================
-# GENERIC START
-#=================================================
-# IMPORT GENERIC HELPERS
-#=================================================
-
 # Keep this path for calling _common.sh inside the execution's context of backup and restore scripts
 source ../settings/scripts/_common.sh
 source /usr/share/yunohost/helpers

-#=================================================
-# DECLARE DATA AND CONF FILES TO BACKUP
-#=================================================
-ynh_print_info --message="Declaring files to be backed up..."
+ynh_print_info "Declaring files to be backed up..."

 #=================================================
 # BACKUP THE APP MAIN DIR
 #=================================================

-ynh_backup --src_path="$install_dir"
+ynh_backup "$install_dir"

 #=================================================
 # SYSTEM CONFIGURATION
 #=================================================

-ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
+ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf"

-ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
+ynh_backup "/etc/php/$php_version/fpm/pool.d/$app.conf"

-ynh_backup --src_path="/etc/logrotate.d/$app"
+ynh_backup "/etc/logrotate.d/$app"

-ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf"
-ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf"
+ynh_backup "/etc/fail2ban/jail.d/$app.conf"
+ynh_backup "/etc/fail2ban/filter.d/$app.conf"

-ynh_backup --src_path="/etc/cron.d/$app"
+ynh_backup "/etc/cron.d/$app"

 #=================================================
 # BACKUP THE MYSQL DATABASE
 #=================================================
-ynh_print_info --message="Backing up the MySQL database..."
+ynh_print_info "Backing up the MySQL database..."

-ynh_mysql_dump_db --database="$db_name" > db.sql
+ynh_mysql_dump_db > db.sql

 #=================================================
 # END OF SCRIPT
 #=================================================

-ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)."
+ynh_print_info "Backup script completed for $app. (YunoHost will then actually copy those files to the archive)."
--- a/scripts/change_url
+++ b/scripts/change_url
@ -1,34 +1,26 @@
 #!/bin/bash

-#=================================================
-# GENERIC STARTING
-#=================================================
-# IMPORT GENERIC HELPERS
-#=================================================
-
 source _common.sh
 source /usr/share/yunohost/helpers

-#=================================================
-# STANDARD MODIFICATIONS
 #=================================================
 # MODIFY URL IN NGINX CONF
 #=================================================
-ynh_script_progression --message="Updating NGINX web server configuration..." --weight=1
+ynh_script_progression "Updating NGINX web server configuration..."

-ynh_change_url_nginx_config
+ynh_config_change_url_nginx

 #=================================================
 # SPECIFIC MODIFICATIONS
 #=================================================
 # UPGRADING FRESHRSS
 #=================================================
-ynh_script_progression --message="Upgrading $app..." --weight=1
+ynh_script_progression "Upgrading $app..."

-ynh_exec_warn_less ynh_exec_as "$app" "$install_dir/cli/reconfigure.php" --auth_type http_auth --environment production --base_url "https://$new_domain$new_path" --title FreshRSS --api_enabled --db-type mysql --db-host localhost --db-user "$db_name" --db-password "$db_pwd" --db-base "$db_name"
+ynh_hide_warnings ynh_exec_as_app "$install_dir/cli/reconfigure.php" --auth_type http_auth --environment production --base_url "https://$new_domain$new_path" --title FreshRSS --api_enabled --db-type mysql --db-host localhost --db-user "$db_name" --db-password "$db_pwd" --db-base "$db_name"

 #=================================================
 # END OF SCRIPT
 #=================================================

-ynh_script_progression --message="Change of URL completed for $app" --last
+ynh_script_progression "Change of URL completed for $app"
--- a/scripts/install
+++ b/scripts/install
@ -1,82 +1,73 @@
 #!/bin/bash

-#=================================================
-# GENERIC START
-#=================================================
-# IMPORT GENERIC HELPERS
-#=================================================
-
 source _common.sh
 source /usr/share/yunohost/helpers

 #=================================================
 # DOWNLOAD, CHECK AND UNPACK SOURCE
 #=================================================
-ynh_script_progression --message="Setting up source files..." --weight=1
+ynh_script_progression "Setting up source files..."

 # Download, check integrity, uncompress and patch the source from app.src
 ynh_setup_source --dest_dir="$install_dir"

-chmod -R o-rwx "$install_dir"
-chown -R "$app":www-data "$install_dir"
-
+#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod -R o-rwx "$install_dir"
+#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R "$app":www-data "$install_dir"
 #=================================================
 # SYSTEM CONFIGURATION
 #=================================================
-ynh_script_progression --message="Adding system configurations related to $app..." --weight=1
+ynh_script_progression "Adding system configurations related to $app..."

 # Create a dedicated PHP-FPM config
-ynh_add_fpm_config
+ynh_config_add_phpfpm

 # Create a dedicated NGINX config
-ynh_add_nginx_config
+ynh_config_add_nginx

-ynh_add_config --template="freshrss.cron" --destination="/etc/cron.d/$app"
-chown root: "/etc/cron.d/$app"
-chmod 644 "/etc/cron.d/$app"
+ynh_config_add --template="freshrss.cron" --destination="/etc/cron.d/$app"
+#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown root: "/etc/cron.d/$app"
+#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 644 "/etc/cron.d/$app"

 log_path="/var/log/$app"
 mkdir -p "$log_path"
 chown "$app":www-data "$log_path"

-#=================================================
-# GENERIC FINALIZATION
 #=================================================
 # SETUP LOGROTATE
 #=================================================
-ynh_script_progression --message="Configuring log rotation..." --weight=1
+ynh_script_progression "Configuring log rotation..."

 # Use logrotate to manage application logfile(s)
-ynh_use_logrotate
+ynh_config_add_logrotate

 #=================================================
 # SETUP FAIL2BAN
 #=================================================
-ynh_script_progression --message="Upgrading fail2ban configuration..."
+ynh_script_progression "Upgrading fail2ban configuration..."

 # Create the logfile, required before configuring fail2ban
 touch "/var/log/${domain}-access.log"

 # Create a dedicated Fail2Ban config
-ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-access.log" --failregex="<HOST> .* \"GET /api/.*\" 401" --max_retry=5
+ynh_config_add_fail2ban --logpath="/var/log/nginx/${domain}-access.log" --failregex="<HOST> .* \"GET /api/.*\" 401"

 #=================================================
 # SPECIFIC SETUP
 #=================================================
 # SETUPING FRESHRSS
 #=================================================
-ynh_script_progression --message="$app setup..." --weight=1
+ynh_script_progression "$app setup..."

-ynh_exec_warn_less ynh_exec_as "$app" "$install_dir/cli/do-install.php" --default_user "$admin" --auth_type http_auth --environment production --base_url "https://$domain$path" --title FreshRSS --api_enabled --db-type mysql --db-host localhost --db-user "$db_name" --db-password "$db_pwd" --db-base "$db_name"
+ynh_hide_warnings ynh_exec_as_app "$install_dir/cli/do-install.php" --default_user "$admin" --auth_type http_auth --environment production --base_url "https://$domain$path" --title FreshRSS --api_enabled --db-type mysql --db-host localhost --db-user "$db_name" --db-password "$db_pwd" --db-base "$db_name"

 for myuser in $(ynh_user_list)
 do
    user_token=$(ynh_string_random)
-    ynh_exec_as "$app" "$install_dir/cli/create-user.php" --user "$myuser" --language "$language" --token "$user_token"
+    ynh_exec_as_app "$install_dir/cli/create-user.php" --user "$myuser" --language "$language" --token "$user_token"
 done

 #=================================================
 # END OF SCRIPT
 #=================================================

-ynh_script_progression --message="Installation of $app completed" --last
+ynh_script_progression "Installation of $app completed"
--- a/scripts/remove
+++ b/scripts/remove
@ -1,35 +1,29 @@
 #!/bin/bash

-#=================================================
-# GENERIC START
-#=================================================
-# IMPORT GENERIC HELPERS
-#=================================================
-
 source _common.sh
 source /usr/share/yunohost/helpers

 #=================================================
 # REMOVE SYSTEM CONFIGURATIONS
 #=================================================
-ynh_script_progression --message="Removing system configurations related to $app..." --weight=1
+ynh_script_progression "Removing system configurations related to $app..."

 # Remove the dedicated NGINX config
-ynh_remove_nginx_config
+ynh_config_remove_nginx

 # Remove the dedicated PHP-FPM config
-ynh_remove_fpm_config
+ynh_config_remove_phpfpm

 # Remove a cron file
-ynh_secure_remove --file="/etc/cron.d/$app"
+ynh_safe_rm "/etc/cron.d/$app"

 # Remove the app-specific logrotate config
-ynh_remove_logrotate
+ynh_config_remove_logrotate

-ynh_remove_fail2ban_config
+ynh_config_remove_fail2ban

 #=================================================
 # END OF SCRIPT
 #=================================================

-ynh_script_progression --message="Removal of $app completed" --last
+ynh_script_progression "Removal of $app completed"
--- a/scripts/restore
+++ b/scripts/restore
@ -1,11 +1,5 @@
 #!/bin/bash

-#=================================================
-# GENERIC START
-#=================================================
-# IMPORT GENERIC HELPERS
-#=================================================
-
 # Keep this path for calling _common.sh inside the execution's context of backup and restore scripts
 source ../settings/scripts/_common.sh
 source /usr/share/yunohost/helpers
@ -13,49 +7,46 @@ source /usr/share/yunohost/helpers
 #=================================================
 # RESTORE THE APP MAIN DIR
 #=================================================
-ynh_script_progression --message="Restoring the app main directory..." --weight=1
+ynh_script_progression "Restoring the app main directory..."

-ynh_restore_file --origin_path="$install_dir"
-
-chmod -R o-rwx "$install_dir"
-chown -R "$app":www-data "$install_dir"
+ynh_restore "$install_dir"

+#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod -R o-rwx "$install_dir"
+#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R "$app":www-data "$install_dir"
 #=================================================
 # RESTORE THE MYSQL DATABASE
 #=================================================
-ynh_script_progression --message="Restoring the MySQL database..." --weight=1
+ynh_script_progression "Restoring the MySQL database..."

-ynh_mysql_connect_as --user="$db_user" --password="$db_pwd" --database="$db_name" < ./db.sql
+ynh_mysql_db_shell < ./db.sql

 #=================================================
 # RESTORE SYSTEM CONFIGURATIONS
 #=================================================
-ynh_script_progression --message="Restoring system configurations related to $app..." --weight=1
+ynh_script_progression "Restoring system configurations related to $app..."

-ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
+ynh_restore "/etc/php/$php_version/fpm/pool.d/$app.conf"

-ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
+ynh_restore "/etc/nginx/conf.d/$domain.d/$app.conf"

-ynh_restore_file --origin_path="/etc/cron.d/$app"
+ynh_restore "/etc/cron.d/$app"

-ynh_restore_file --origin_path="/etc/logrotate.d/$app"
+ynh_restore "/etc/logrotate.d/$app"

-ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf"
-ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf"
-ynh_systemd_action --action=restart --service_name=fail2ban
+ynh_restore "/etc/fail2ban/jail.d/$app.conf"
+ynh_restore "/etc/fail2ban/filter.d/$app.conf"
+ynh_systemctl --action=restart --service=fail2ban

-#=================================================
-# GENERIC FINALIZATION
 #=================================================
 # RELOAD NGINX AND PHP-FPM OR THE APP SERVICE
 #=================================================
-ynh_script_progression --message="Reloading NGINX web server and $app's service..." --weight=1
+ynh_script_progression "Reloading NGINX web server and $app's service..."

-ynh_systemd_action --service_name="php$phpversion-fpm" --action=reload
-ynh_systemd_action --service_name=nginx --action=reload
+ynh_systemctl --service="php$php_version-fpm" --action=reload
+ynh_systemctl --service=nginx --action=reload

 #=================================================
 # END OF SCRIPT
 #=================================================

-ynh_script_progression --message="Restoration completed for $app" --last
+ynh_script_progression "Restoration completed for $app"
--- a/scripts/upgrade
+++ b/scripts/upgrade
@ -1,71 +1,62 @@
 #!/bin/bash

-#=================================================
-# GENERIC START
-#=================================================
-# IMPORT GENERIC HELPERS
-#=================================================
-
 source _common.sh
 source /usr/share/yunohost/helpers

-#=================================================
-# STANDARD UPGRADE STEPS
 #=================================================
 # ENSURE DOWNWARD COMPATIBILITY
 #=================================================
-ynh_script_progression --message="Ensuring downward compatibility..." --weight=1
+ynh_script_progression "Ensuring downward compatibility..."

 if [ -z "$admin" ]; then
-	admin=$(ynh_app_setting_get --app="$app" --key=admin_user)
+	admin=$(ynh_app_setting_get --key=admin_user)
 	if [ -z "$admin" ]; then
-		ynh_die --message="no admin user found"
+		ynh_die "no admin user found"
 	fi;
-	ynh_app_setting_delete --app="$app" --key=admin_user
-	ynh_app_setting_set --app="$app" --key=admin --value="$admin"
+	ynh_app_setting_delete --key=admin_user
+	ynh_app_setting_set --key=admin --value="$admin"
 fi

 #=================================================
 # DOWNLOAD, CHECK AND UNPACK SOURCE
 #=================================================
-ynh_script_progression --message="Upgrading source files..." --weight=1
+ynh_script_progression "Upgrading source files..."

 # Download, check integrity, uncompress and patch the source from app.src
-ynh_setup_source --dest_dir="$install_dir" --keep="data/config.php data/users/ extensions/" #--full_replace=1 
-
-chmod -R o-rwx "$install_dir"
-chown -R "$app":www-data "$install_dir"
+ynh_setup_source --dest_dir="$install_dir" --keep="data/config.php data/users/ extensions/" #--full_replace

+#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod -R o-rwx "$install_dir"
+#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R "$app":www-data "$install_dir"
 #=================================================
 # UPDATE A CONFIG FILE
 #=================================================
-ynh_script_progression --message="Updating $app's configuration files..." --weight=1
+ynh_script_progression "Updating $app's configuration files..."

 # Create a dedicated PHP-FPM config
-ynh_add_fpm_config
+ynh_config_add_phpfpm

 # Create a dedicated NGINX config
-ynh_add_nginx_config
+ynh_config_add_nginx

 #=================================================
 # CRON CONFIGURATION
 #=================================================
-ynh_script_progression --message="Upgrading Cron configuration..."
+ynh_script_progression "Upgrading Cron configuration..."

-ynh_add_config --template="freshrss.cron" --destination="/etc/cron.d/$app"
-chown root: "/etc/cron.d/$app"
-chmod 644 "/etc/cron.d/$app"
+ynh_config_add --template="freshrss.cron" --destination="/etc/cron.d/$app"
+#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown root: "/etc/cron.d/$app"
+#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 644 "/etc/cron.d/$app"

 #=================================================
 # LOG FILES
 #=================================================

 if [ -f /tmp/FreshRSS.log ]; then
-	ynh_secure_remove --file="/tmp/FreshRSS.log"
+	ynh_safe_rm "/tmp/FreshRSS.log"
 fi

 if [ -f "$install_dir/$app.log" ]; then
-	ynh_secure_remove --file="/var/www/$app/$app.log"
+	ynh_safe_rm "/var/www/$app/$app.log"
 fi

 log_path="/var/log/$app"
@ -75,15 +66,15 @@ chown "$app":www-data "$log_path"
 #=================================================
 # SETUP LOGROTATE
 #=================================================
-ynh_script_progression --message="Upgrading logrotate configuration..."
+ynh_script_progression "Upgrading logrotate configuration..."

 # Use logrotate to manage app-specific logfile(s)
-ynh_use_logrotate --non-append
+ynh_config_add_logrotate

 #=================================================
 # SETUP FAIL2BAN
 #=================================================
-ynh_script_progression --message="Upgrading Fail2Ban configuration..."
+ynh_script_progression "Upgrading Fail2Ban configuration..."

 # If it doesn't exist, create the logfile, required before configuring fail2ban
 if [ ! -f "/var/log/${domain}-access.log" ]; then
@ -91,20 +82,18 @@ if [ ! -f "/var/log/${domain}-access.log" ]; then
 fi

 # Create a dedicated Fail2Ban config
-ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-access.log" --failregex="<HOST> .* \"GET /api/.*\" 401" --max_retry=5
+ynh_config_add_fail2ban --logpath="/var/log/nginx/${domain}-access.log" --failregex="<HOST> .* \"GET /api/.*\" 401"

-#=================================================
-# SPECIFIC UPGRADE
 #=================================================
 # UPGRADING FRESHRSS
 #=================================================
-ynh_script_progression --message="Upgrading $app..." --weight=1
+ynh_script_progression "Upgrading $app..."

 # reconfigure application with latest parameters
-ynh_exec_warn_less ynh_exec_as "$app" "$install_dir/cli/reconfigure.php" --default_user "$admin" --auth_type http_auth --environment production --base_url "https://$domain$path" --title FreshRSS --api_enabled --db-type mysql --db-host localhost --db-user "$db_name" --db-password "$db_pwd" --db-base "$db_name"
+ynh_hide_warnings ynh_exec_as_app "$install_dir/cli/reconfigure.php" --default_user "$admin" --auth_type http_auth --environment production --base_url "https://$domain$path" --title FreshRSS --api_enabled --db-type mysql --db-host localhost --db-user "$db_name" --db-password "$db_pwd" --db-base "$db_name"

 #=================================================
 # END OF SCRIPT
 #=================================================

-ynh_script_progression --message="Upgrade of $app completed" --last
+ynh_script_progression "Upgrade of $app completed"