1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/funkwhale_ynh.git synced 2024-09-03 18:36:24 +02:00

Apply Example_ynh (#131)

* Testing (#130)

* Uprade to 1.1 and fixes Twisted by retrograding it (#129)

* Apply example_ynh

Fix #15

* Fix services

* Fix several merging

* Stick to official install process

* fix path_transversal

* Using option '--log_type systemd' with 'yunohost service add' is not relevant anymore

* Try to fix package_check

* Fix package_check test

* Update check_process

* Trying to fix package_check

* Update env.prod

* remove sleep

* Better service name

* missing datadir

* line 111: upgrade_type: unbound variable

* Implement --is_big

* Fix stopping service from previous version

* Fix upgrade

* Fix upgrade

* Apply example_ynh

* Apply example_ynh

* Fix rights

* Update api.src

* Update env.prod

* Update front.src

* Update manifest.json

* Update README.md

* Update README_fr.md

* Fix chmod

* Fix rights

Co-authored-by: Thomas <51749973+Thovi98@users.noreply.github.com>
Co-authored-by: Éric Gaspar <46165813+ericgaspar@users.noreply.github.com>
This commit is contained in:
yalh76 2021-04-16 14:14:27 +02:00 committed by GitHub
parent 9bfa53df3d
commit 33392f79e9
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
22 changed files with 656 additions and 644 deletions

View file

@ -6,18 +6,18 @@
*[Lire ce readme en français.](./README_fr.md)* *[Lire ce readme en français.](./README_fr.md)*
> *This package allows you to install Funkwhale quickly and simply on a YunoHost server. > *This package allows you to install Funkwhale quickly and simply on a YunoHost server.
If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to know how to install and enjoy it.* If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/install) to learn how to install it.*
## Overview ## Overview
A modern, convivial and free music server on YunoHost A modern, convivial and free music server on YunoHost
Installation requires a dedicated domain or subdomain. Installing in a subpath is not supported by the upstream project due to dependency requirements. Installation requires a dedicated domain or subdomain. Installing in a subpath is not supported by the upstream project due to dependency requirements.
**Shipped version:** 1.1 **Shipped version:** 1.1.1
## Screenshots ## Screenshots
![](https://funkwhale.audio/img/desktop.5e79eb16.jpg) ![](https://upload.wikimedia.org/wikipedia/commons/d/d8/Capture_d%27%C3%A9cran_de_la_page_d%27accueil_de_Funkwhale.png)
## Demo ## Demo
@ -36,20 +36,6 @@ foo@bar:~$sudo ln -s /your/music/collection /var/www/funkwhale/import
``` ```
The files can then be added to your library from the *uploading* tab in a music library under the heading **Import music from your server**. The files can then be added to your library from the *uploading* tab in a music library under the heading **Import music from your server**.
# State of this package
* The following have been tested with this package and work fine:
* [x] install/remove/backup/remove/upgrade with x86_64 and ARM
* [x] import file with web interface, imports from YouTube, interraction with MusicBrainz
* [x] [Subsonic API](https://docs.funkwhale.audio/users/apps.html)
* [x] [Federation](https://docs.funkwhale.audio/federation.html) tests
* [x] [CLI Import](https://docs.funkwhale.audio/importing-music.html#from-music-directory-on-the-server) Remember to `source $final_path/venv/bin/activate`, then `source $final_path/load_env` before typinh using manage.py.
* to be added:
* [ ] Store files in HOME, see https://github.com/YunoHost-Apps/funkwhale_ynh/issues/15
## Documentation ## Documentation
* Official documentation: https://docs.funkwhale.audio * Official documentation: https://docs.funkwhale.audio
@ -61,21 +47,21 @@ The files can then be added to your library from the *uploading* tab in a music
#### Supported architectures #### Supported architectures
* x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/funkwhale%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/funkwhale/) * x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/funkwhale.svg)](https://ci-apps.yunohost.org/ci/apps/funkwhale/)
* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/funkwhale%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/funkwhale/) * ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/funkwhale.svg)](https://ci-apps-arm.yunohost.org/ci/apps/funkwhale/)
## Links ## Links
* Report a bug about this package: https://github.com/YunoHost-Apps/funkwhale_ynh * Report a bug: https://github.com/YunoHost-Apps/funkwhale_ynh/issues
* App website: https://docs.funkwhale.audio * App website: https://docs.funkwhale.audio
* Upstream app repository: https://dev.funkwhale.audio/funkwhale/funkwhale * Upstream app repository: https://dev.funkwhale.audio/funkwhale/funkwhale
* YunoHost website: https://yunohost.org/ * YunoHost website: https://yunohost.org/
--- ---
## Developers info ## Developer info
Please do your pull request to the [testing branch](https://github.com/YunoHost-Apps/funkwhale_ynh/tree/testing). Please send your pull request to the [testing branch](https://github.com/YunoHost-Apps/funkwhale_ynh/tree/testing).
To try the testing branch, please proceed like that. To try the testing branch, please proceed like that.
``` ```

View file

@ -1,7 +1,7 @@
# Funkwhale pour YunoHost # Funkwhale pour YunoHost
[![Integration level](https://dash.yunohost.org/integration/funkwhale.svg)](https://dash.yunohost.org/appci/app/funkwhale) ![](https://ci-apps.yunohost.org/ci/badges/funkwhale.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/funkwhale.maintain.svg) [![Niveau d'intégration](https://dash.yunohost.org/integration/funkwhale.svg)](https://dash.yunohost.org/appci/app/funkwhale) ![](https://ci-apps.yunohost.org/ci/badges/funkwhale.status.svg) ![](https://ci-apps.yunohost.org/ci/badges/funkwhale.maintain.svg)
[![Install Funkwhale with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=funkwhale) [![Installer Funkwhale avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=funkwhale)
*[Read this readme in english.](./README.md)* *[Read this readme in english.](./README.md)*
@ -13,17 +13,17 @@ Un serveur de musique moderne, convivial et gratuit sur YunoHost
L'installation nécessite un domaine ou un sous-domaine dédié. L'installation dans un chemin du domaine n'est pas prise en charge par le projet en amont en raison des exigences de dépendance. L'installation nécessite un domaine ou un sous-domaine dédié. L'installation dans un chemin du domaine n'est pas prise en charge par le projet en amont en raison des exigences de dépendance.
**Version incluse :** 1.1 **Version incluse :** 1.1.1
## Captures d'écran ## Captures d'écran
![](https://funkwhale.audio/img/desktop.5e79eb16.jpg) ![](https://upload.wikimedia.org/wikipedia/commons/d/d8/Capture_d%27%C3%A9cran_de_la_page_d%27accueil_de_Funkwhale.png)
## Démo ## Démo
* [Démo officielle](https://demo.funkwhale.audio) * [Démo officielle](https://demo.funkwhale.audio)
**Nom dutilisateur:** demo **Mot de passe :** demo **Nom dutilisateur :** demo **Mot de passe :** demo
## Admin ## Admin
@ -31,19 +31,6 @@ L'administrateur utilise le login que vous avez fourni lors de l'installation. L
L'interface d'administration est accessible à l'adresse : votre.domaine.fr/api/admin L'interface d'administration est accessible à l'adresse : votre.domaine.fr/api/admin
# État de ce paquet
* Les éléments suivants ont été testés avec ce paquet et fonctionnent :
* [x] installer/supprimer/sauvegarder/supprimer/mettre à jour avec x86_64
* [x] importation des fichiers avec linterface web, importations depuis youtube, interraction avec MusicBrainz
* [x] [API Subsonic](https://docs.funkwhale.audio/users/apps.html)
* [x] Tests de [Fédération](https://docs.funkwhale.audio/federation.html)
* [x] [Import CLI](https://docs.funkwhale.audio/importing-music.html#from-music-directory-on-the-server) N'oubliez pas de `source $final_path/venv/bin/activate`, puis `source $final_path/load_env` avant de taper en utilisant manage.py.
* à ajouter :
* [ ] Stocker les fichiers dans HOME, voir https://github.com/YunoHost-Apps/funkwhale_ynh/issues/15
## Documentation ## Documentation
* Documentation officielle : https://docs.funkwhale.audio * Documentation officielle : https://docs.funkwhale.audio
@ -57,13 +44,13 @@ L'interface d'administration est accessible à l'adresse : votre.domaine.fr/api/
#### Architectures supportées #### Architectures supportées
* x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/funkwhale%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/funkwhale/) * x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/funkwhale.svg)](https://ci-apps.yunohost.org/ci/apps/funkwhale/)
* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/funkwhale%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/funkwhale/) * ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/funkwhale.svg)](https://ci-apps-arm.yunohost.org/ci/apps/funkwhale/)
## Liens ## Liens
* Signaler un bug : https://github.com/YunoHost-Apps/funkwhale_ynh * Signaler un bug : https://github.com/YunoHost-Apps/funkwhale_ynh/issues
* Site de lapplication : https://docs.funkwhale.audio * Site de l'application : https://docs.funkwhale.audio
* Dépôt de l'application principale : https://dev.funkwhale.audio/funkwhale/funkwhale * Dépôt de l'application principale : https://dev.funkwhale.audio/funkwhale/funkwhale
* Site web YunoHost : https://yunohost.org/ * Site web YunoHost : https://yunohost.org/
@ -76,6 +63,6 @@ Merci de faire vos pull request sur la [branche testing](https://github.com/Yuno
Pour essayer la branche testing, procédez comme suit. Pour essayer la branche testing, procédez comme suit.
``` ```
sudo yunohost app install https://github.com/YunoHost-Apps/funkwhale_ynh/tree/testing --debug sudo yunohost app install https://github.com/YunoHost-Apps/funkwhale_ynh/tree/testing --debug
or ou
sudo yunohost app upgrade funkwhale -u https://github.com/YunoHost-Apps/funkwhale_ynh/tree/testing --debug sudo yunohost app upgrade funkwhale -u https://github.com/YunoHost-Apps/funkwhale_ynh/tree/testing --debug
``` ```

View file

@ -1,4 +1,4 @@
# See here for more informations # See here for more information
# https://github.com/YunoHost/package_check#syntax-check_process-file # https://github.com/YunoHost/package_check#syntax-check_process-file
# Move this file from check_process.default to check_process when you have filled it. # Move this file from check_process.default to check_process when you have filled it.
@ -16,7 +16,10 @@
setup_private=1 setup_private=1
setup_public=1 setup_public=1
upgrade=1 upgrade=1
# 0.19.1
upgrade=1 from_commit=4d4bf0981e2d3a00eaae6b19bd54344fe55d6530 upgrade=1 from_commit=4d4bf0981e2d3a00eaae6b19bd54344fe55d6530
# 1.1~ynh1
upgrade=1 from_commit=8172790fb461d16f09089593fdac380f0d499c83
backup_restore=1 backup_restore=1
multi_instance=1 multi_instance=1
incorrect_path=0 incorrect_path=0
@ -29,3 +32,5 @@ Notification=all
; commit=4d4bf0981e2d3a00eaae6b19bd54344fe55d6530 ; commit=4d4bf0981e2d3a00eaae6b19bd54344fe55d6530
name=Upgrade to 0.19.1 and fix channels-redis bug name=Upgrade to 0.19.1 and fix channels-redis bug
manifest_arg=domain=DOMAIN&path=/&admin=USER&is_public=1 manifest_arg=domain=DOMAIN&path=/&admin=USER&is_public=1
; commit=8172790fb461d16f09089593fdac380f0d499c83
name=1.1~ynh1

7
conf/api.src Normal file
View file

@ -0,0 +1,7 @@
SOURCE_URL=https://dev.funkwhale.audio/funkwhale/funkwhale/-/jobs/artifacts/1.1.1/download?job=build_api
SOURCE_SUM=c77ebc37378df26a621f5f702fad3f94b56207bbfd69001bda4b45bcda515332
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=zip
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=api_1.1.1.zip
SOURCE_EXTRACT=true

View file

@ -1,6 +0,0 @@
SOURCE_URL=https://dev.funkwhale.audio/funkwhale/funkwhale/builds/artifacts/1.1/download?job=build_front
SOURCE_SUM=cf985340ba0fe477fa5f9b8940102e016c0c75a9941dd8acabb8dc5f77cda000
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=zip
SOURCE_IN_SUBDIR=false
SOURCE_FILENAME=

View file

@ -1,6 +0,0 @@
SOURCE_URL=https://dev.funkwhale.audio/funkwhale/funkwhale/-/archive/1.1/funkwhale-1.1.tar.gz
SOURCE_SUM=924a31ba385c9c52204d78aa89a00b5f53240bf91a13b2c08945fde8f770d345
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.bz2
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=

View file

@ -36,9 +36,10 @@ FUNKWHALE_API_IP=127.0.0.1
FUNKWHALE_API_PORT=__PORT__ FUNKWHALE_API_PORT=__PORT__
# The number of web workers to start in parallel. Higher means you can handle # The number of web workers to start in parallel. Higher means you can handle
# more concurrent requests, but also leads to higher CPU/Memory usage # more concurrent requests, but also leads to higher CPU/Memory usage
FUNKWHALE_WEB_WORKERS=1 FUNKWHALE_WEB_WORKERS=6
# Replace this by the definitive, public domain you will use for # Replace this by the definitive, public domain you will use for
# your instance # your instance. It cannot be changed after initial deployment
# without breaking your instance.
FUNKWHALE_HOSTNAME=__DOMAIN__ FUNKWHALE_HOSTNAME=__DOMAIN__
FUNKWHALE_PROTOCOL=https FUNKWHALE_PROTOCOL=https
@ -52,6 +53,10 @@ FUNKWHALE_PROTOCOL=https
# EMAIL_CONFIG=smtp+ssl://user@:password@youremail.host:465 # EMAIL_CONFIG=smtp+ssl://user@:password@youremail.host:465
# EMAIL_CONFIG=smtp+tls://user@:password@youremail.host:587 # EMAIL_CONFIG=smtp+tls://user@:password@youremail.host:587
# Make email verification mandatory before using the service
# Doesn't apply to admins.
# ACCOUNT_EMAIL_VERIFICATION_ENFORCE=false
# The email address to use to send system emails. # The email address to use to send system emails.
# DEFAULT_FROM_EMAIL=noreply@yourdomain # DEFAULT_FROM_EMAIL=noreply@yourdomain
@ -67,7 +72,7 @@ REVERSE_PROXY_TYPE=nginx
# DATABASE_URL=postgresql://<user>:<password>@<host>:<port>/<database> # DATABASE_URL=postgresql://<user>:<password>@<host>:<port>/<database>
# DATABASE_URL=postgresql://funkwhale:passw0rd@localhost:5432/funkwhale_database # DATABASE_URL=postgresql://funkwhale:passw0rd@localhost:5432/funkwhale_database
# Use the next one if you followed Debian installation guide # Use the next one if you followed Debian installation guide
DATABASE_URL=postgresql://__DBUSER__:__DBPWD__@:5432/__DBNAME__ DATABASE_URL=postgresql://__DB_USER__:__DB_PWD__@:5432/__DB_NAME__
# Cache configuration # Cache configuration
# Examples: # Examples:
@ -86,16 +91,22 @@ CACHE_URL=redis://127.0.0.1:6379/__REDIS_DB__
# For the Celery/asynchronous tasks part: # For the Celery/asynchronous tasks part:
# CELERY_BROKER_URL=redis+socket:///run/redis/redis.sock?virtual_host=0 # CELERY_BROKER_URL=redis+socket:///run/redis/redis.sock?virtual_host=0
# Number of worker processes to execute. Defaults to 0, in which case it uses your number of CPUs
# Celery workers handle background tasks (such file imports or federation
# messaging). The more processes a worker gets, the more tasks
# can be processed in parallel. However, more processes also means
# a bigger memory footprint.
# CELERYD_CONCURRENCY=0
# Where media files (such as album covers or audio tracks) should be stored # Where media files (such as album covers or audio tracks) should be stored
# on your system? # on your system?
# (Ensure this directory actually exists) # (Ensure this directory actually exists)
MEDIA_ROOT=__FINALPATH__/media MEDIA_ROOT=__DATADIR__/media
# Where static files (such as API css or icons) should be compiled # Where static files (such as API css or icons) should be compiled
# on your system? # on your system?
# (Ensure this directory actually exists) # (Ensure this directory actually exists)
STATIC_ROOT=__FINALPATH__/code/data/static STATIC_ROOT=__DATADIR__/static
# which settings module should django use? # which settings module should django use?
# You don't have to touch this unless you really know what you're doing # You don't have to touch this unless you really know what you're doing
@ -125,8 +136,8 @@ RAVEN_DSN=https://44332e9fdd3d42879c7d35bf8562c6a4:0062dc16a22b41679cd5765e5342f
# MUSIC_DIRECTORY_PATH=/srv/funkwhale/data/music # MUSIC_DIRECTORY_PATH=/srv/funkwhale/data/music
# # MUSIC_DIRECTORY_SERVE_PATH= # stays commented, not needed # # MUSIC_DIRECTORY_SERVE_PATH= # stays commented, not needed
MUSIC_DIRECTORY_PATH=__FINALPATH__/import MUSIC_DIRECTORY_PATH=__DATADIR__/music
MUSIC_DIRECTORY_SERVE_PATH=__FINALPATH__/import MUSIC_DIRECTORY_SERVE_PATH=__DATADIR__/music
# LDAP settings # LDAP settings
# Use the following options to allow authentication on your Funkwhale instance # Use the following options to allow authentication on your Funkwhale instance
@ -144,8 +155,38 @@ LDAP_START_TLS=False
LDAP_ROOT_DN=ou=users,dc=yunohost,dc=org LDAP_ROOT_DN=ou=users,dc=yunohost,dc=org
LDAP_USER_ATTR_MAP={"username": "uid"} LDAP_USER_ATTR_MAP={"username": "uid"}
FUNKWHALE_FRONTEND_PATH=__FINALPATH__/code/front/dist FUNKWHALE_FRONTEND_PATH=__FINALPATH__/front/dist
FUNKWHALE_SPA_HTML_ROOT=__FINALPATH__/code/front/dist/index.html FUNKWHALE_SPA_HTML_ROOT=__FINALPATH__/front/dist/index.html
# Nginx related configuration # Nginx related configuration
NGINX_MAX_BODY_SIZE=100M NGINX_MAX_BODY_SIZE=100M
## External storages configuration
# Funkwhale can store uploaded files on Amazon S3 and S3-compatible storages (such as Minio)
# Uncomment and fill the variables below
# AWS_ACCESS_KEY_ID=
# AWS_SECRET_ACCESS_KEY=
# AWS_STORAGE_BUCKET_NAME=
# An optional bucket subdirectory were you want to store the files. This is especially useful
# if you plan to use share the bucket with other services
# AWS_LOCATION=
# If you use a S3-compatible storage such as minio, set the following variable
# the full URL to the storage server. Example:
# AWS_S3_ENDPOINT_URL=https://minio.mydomain.com
# AWS_S3_ENDPOINT_URL=
# If you want to serve media directly from your S3 bucket rather than through a proxy,
# set this to true
# PROXY_MEDIA=false
# If you are using Amazon S3 to serve media directly, you will need to specify your region
# name in order to access files. Example:
# AWS_S3_REGION_NAME=eu-west-2
# AWS_S3_REGION_NAME=
# If you are using Amazon S3, use this setting to configure how long generated URLs should stay
# valid. The default value is 3600 (60 minutes). The maximum accepted value is 604800 (7 days)
# AWS_QUERYSTRING_EXPIRE=

7
conf/front.src Normal file
View file

@ -0,0 +1,7 @@
SOURCE_URL=https://dev.funkwhale.audio/funkwhale/funkwhale/builds/artifacts/1.1.1/download?job=build_front
SOURCE_SUM=d94f0deaa88b8d90dd10b363cf817a80f9d2822419e8bbc7282bacd27351127b
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=zip
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=front_1.1.1.zip
SOURCE_EXTRACT=true

View file

@ -1,30 +1,14 @@
[Unit] [Unit]
Description=Funkwhale (__APP__) celery beat process Description=__APP__ celery beat process
After=redis.service postgresql.service After=redis.service postgresql.service
PartOf=__APP__.target PartOf=__APP__.target
[Service] [Service]
User=__APP__ User=__APP__
Group=__APP__ Group=__APP__
WorkingDirectory=__FINALPATH__/code/api WorkingDirectory=__FINALPATH__/api
EnvironmentFile=__FINALPATH__/code/config/.env EnvironmentFile=__FINALPATH__/config/.env
ExecStart=__FINALPATH__/virtualenv/bin/celery -A funkwhale_api.taskapp beat -l INFO
ExecStart=__FINALPATH__/code/virtualenv/bin/celery -A funkwhale_api.taskapp beat \
--loglevel INFO --logfile=/var/log/__APP__/beat.log
#NoNewPrivileges=true
#PrivateDevices=true
#PrivateTmp=true
#ProtectHome=true
#ProtectSystem=strict
#ProtectControlGroups=yes
#ProtectKernelModules=yes
#ReadOnlyPaths=__FINALPATH__/code/config/.env __FINALPATH__/code/
#ReadWritePaths=__FINALPATH__/media __FINALPATH__/import __FINALPATH__/code/api /var/log/__APP__
StandardOutput=syslog
StandardError=syslog
SyslogIdentifier=__APP__-beat
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target

View file

@ -1,32 +1,14 @@
[Unit] [Unit]
Description=Funkwhale (__APP__) application server Description=__APP__ application server
After=redis.service postgresql.service After=redis.service postgresql.service
PartOf=__APP__.target PartOf=__APP__.target
[Service] [Service]
User=__APP__ User=__APP__
Group=__APP__ Group=__APP__
WorkingDirectory=__FINALPATH__/code/api WorkingDirectory=__FINALPATH__/api
EnvironmentFile=__FINALPATH__/code/config/.env EnvironmentFile=__FINALPATH__/config/.env
ExecStart=__FINALPATH__/virtualenv/bin/gunicorn config.asgi:application -w ${FUNKWHALE_WEB_WORKERS} -k uvicorn.workers.UvicornWorker -b ${FUNKWHALE_API_IP}:${FUNKWHALE_API_PORT}
ExecStart=__FINALPATH__/code/virtualenv/bin/gunicorn config.asgi:application \
-w ${FUNKWHALE_WEB_WORKERS} \
-k uvicorn.workers.UvicornWorker \
-b ${FUNKWHALE_API_IP}:${FUNKWHALE_API_PORT}
#NoNewPrivileges=true
#PrivateDevices=true
#PrivateTmp=true
#ProtectHome=true
#ProtectSystem=strict
#ProtectControlGroups=yes
#ProtectKernelModules=yes
#ReadOnlyPaths=__FINALPATH__/code/config/.env __FINALPATH__/code/
#ReadWritePaths=__FINALPATH__/media __FINALPATH__/import /var/log/__APP__
StandardOutput=syslog
StandardError=syslog
SyslogIdentifier=__APP__-server
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target

View file

@ -1,30 +1,14 @@
[Unit] [Unit]
Description=Funkwhale (__APP__) celery worker Description=__APP__ celery worker
After=redis.service postgresql.service After=redis.service postgresql.service
PartOf=__APP__.target PartOf=__APP__.target
[Service] [Service]
User=__APP__ User=__APP__
Group=__APP__ Group=__APP__
WorkingDirectory=__FINALPATH__/code/api WorkingDirectory=__FINALPATH__/api
EnvironmentFile=__FINALPATH__/code/config/.env EnvironmentFile=__FINALPATH__/config/.env
ExecStart=__FINALPATH__/virtualenv/bin/celery -A funkwhale_api.taskapp worker -l INFO --concurrency=0
ExecStart=__FINALPATH__/code/virtualenv/bin/celery -A funkwhale_api.taskapp worker -l INFO \
--loglevel INFO --logfile=/var/log/__APP__/worker.log
#NoNewPrivileges=true
#PrivateDevices=true
#PrivateTmp=true
#ProtectHome=true
#ProtectSystem=strict
#ProtectControlGroups=yes
#ProtectKernelModules=yes
#ReadOnlyPaths=__FINALPATH__/code/config/.env __FINALPATH__/code/
#ReadWritePaths=__FINALPATH__/media __FINALPATH__/import /var/log/__APP__
StandardOutput=syslog
StandardError=syslog
SyslogIdentifier=__APP__-worker
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target

View file

@ -1,67 +1,145 @@
root __FINALPATH__/front/dist;
location / { location / {
include __FINALPATH__/code/deploy/funkwhale_proxy.conf;
# Force usage of https
if ($scheme = http) {
rewrite ^ https://$server_name$request_uri? permanent;
}
# global proxy conf
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host:$server_port;
proxy_set_header X-Forwarded-Port $server_port;
proxy_redirect off;
# websocket support
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
# this is needed if you have file import via upload enabled # this is needed if you have file import via upload enabled
client_max_body_size 100M; client_max_body_size 100M;
proxy_pass http://127.0.0.1:__PORT__/; proxy_pass http://127.0.0.1:__PORT__/;
# Include SSOWAT user panel.
include conf.d/yunohost_panel.conf.inc;
} }
location /front/ { location /front/ {
alias __FINALPATH__/code/front/dist/; more_set_headers "Content-Security-Policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; object-src 'none'; media-src 'self' data:";
more_set_headers "Referrer-Policy: strict-origin-when-cross-origin";
more_set_headers "Service-Worker-Allowed: /";
more_set_headers "X-Frame-Options: SAMEORIGIN";
alias __FINALPATH__/front/dist/;
expires 30d; expires 30d;
more_set_headers "Pragma: public"; more_set_headers "Pragma: public";
more_set_headers "Cache-Control: public, must-revalidate, proxy-revalidate"; more_set_headers "Cache-Control: public, must-revalidate, proxy-revalidate";
more_set_headers "Content-Security-Policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; object-src 'none'; media-src 'self' data:";
more_set_headers "Referrer-Policy: strict-origin-when-cross-origin";
more_set_headers "X-Frame-Options: SAMEORIGIN";
more_set_headers "Service-Worker-Allowed: /";
} }
location /front/embed.html { location /front/embed.html {
more_set_headers "Content-Security-Policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; object-src 'none'; media-src 'self' data:"; more_set_headers "Content-Security-Policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; object-src 'none'; media-src 'self' data:";
more_set_headers "Referrer-Policy: strict-origin-when-cross-origin"; more_set_headers "Referrer-Policy: strict-origin-when-cross-origin";
more_set_headers "X-Frame-Options: ALLOW"; more_set_headers "X-Frame-Options: ALLOW";
alias __FINALPATH__/front/dist/embed.html;
expires 30d;
more_set_headers "Pragma: public"; more_set_headers "Pragma: public";
more_set_headers "Cache-Control: public, must-revalidate, proxy-revalidate"; more_set_headers "Cache-Control: public, must-revalidate, proxy-revalidate";
alias __FINALPATH__/code/front/dist/embed.html;
expires 30d;
} }
location /federation/ { location /federation/ {
include __FINALPATH__/code/deploy/funkwhale_proxy.conf;
# global proxy conf
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host:$server_port;
proxy_set_header X-Forwarded-Port $server_port;
proxy_redirect off;
# websocket support
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_pass http://127.0.0.1:__PORT__/federation/; proxy_pass http://127.0.0.1:__PORT__/federation/;
} }
# You can comment this if you do not plan to use the Subsonic API
location /rest/ { location /rest/ {
include __FINALPATH__/code/deploy/funkwhale_proxy.conf;
# global proxy conf
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host:$server_port;
proxy_set_header X-Forwarded-Port $server_port;
proxy_redirect off;
# websocket support
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_pass http://127.0.0.1:__PORT__/api/subsonic/rest/; proxy_pass http://127.0.0.1:__PORT__/api/subsonic/rest/;
} }
location /.well-known/ { location /.well-known/ {
include __FINALPATH__/code/deploy/funkwhale_proxy.conf;
# global proxy conf
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host:$server_port;
proxy_set_header X-Forwarded-Port $server_port;
proxy_redirect off;
# websocket support
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_pass http://127.0.0.1:__PORT__/.well-known/; proxy_pass http://127.0.0.1:__PORT__/.well-known/;
} }
location /media/ { location /media/ {
alias __FINALPATH__/media/; alias __DATADIR__/media/;
} }
location /_protected/media/ { location /_protected/media {
# this is an internal location that is used to serve # this is an internal location that is used to serve
# audio files once correct permission / authentication # audio files once correct permission / authentication
# has been checked on API side # has been checked on API side
internal; internal;
alias __FINALPATH__/media/; alias __DATADIR__/media;
} }
location /_protected/music/ { # Comment the previous location and uncomment this one if you're storing
# media files in a S3 bucket
# location ~ /_protected/media/(.+) {
# internal;
# # Needed to ensure DSub auth isn't forwarded to S3/Minio, see #932
# proxy_set_header Authorization "";
# proxy_pass $1;
# }
location /_protected/music {
# this is an internal location that is used to serve
# audio files once correct permission / authentication
# has been checked on API side
# Set this to the same value as your MUSIC_DIRECTORY_PATH setting
internal; internal;
alias __FINALPATH__/import/; alias __DATADIR__/music;
} }
location /staticfiles/ { location /staticfiles/ {
# django static files # django static files
alias __FINALPATH__/code/data/static/; alias __DATADIR__/static/;
} }

55
issue_template.md Normal file
View file

@ -0,0 +1,55 @@
---
name: Bug report
about: When creating a bug report, please use the following template to provide all the relevant information and help debugging efficiently.
---
**How to post a meaningful bug report**
1. *Read this whole template first.*
2. *Determine if you are on the right place:*
- *If you were performing an action on the app from the webadmin or the CLI (install, update, backup, restore, change_url...), you are on the right place!*
- *Otherwise, the issue may be due to Funkwhale itself. Refer to its documentation or repository for help.*
- *When in doubt, post here and we will figure it out together.*
3. *Delete the italic comments as you write over them below, and remove this guide.*
---
### Describe the bug
*A clear and concise description of what the bug is.*
### Context
- Hardware: *VPS bought online / Old laptop or computer / Raspberry Pi at home / Internet Cube with VPN / Other ARM board / ...*
- YunoHost version: x.x.x
- I have access to my server: *Through SSH | through the webadmin | direct access via keyboard / screen | ...*
- Are you in a special context or did you perform some particular tweaking on your YunoHost instance?: *no / yes*
- If yes, please explain:
- Using, or trying to install package version/branch:
- If upgrading, current package version: *can be found in the admin, or with `yunohost app info $app_id`*
### Steps to reproduce
- *If you performed a command from the CLI, the command itself is enough. For example:*
```sh
sudo yunohost app install funkwhale
```
- *If you used the webadmin, please perform the equivalent command from the CLI first.*
- *If the error occurs in your browser, explain what you did:*
1. *Go to '...'*
2. *Click on '...'*
3. *Scroll down to '...'*
4. *See error*
### Expected behavior
*A clear and concise description of what you expected to happen. You can remove this section if the command above is enough to understand your intent.*
### Logs
*When an operation fails, YunoHost provides a simple way to share the logs.*
- *In the webadmin, the error message contains a link to the relevant log page. On that page, you will be able to 'Share with Yunopaste'. If you missed it, the logs of previous operations are also available under Tools > Logs.*
- *In command line, the command to share the logs is displayed at the end of the operation and looks like `yunohost log display [log name] --share`. If you missed it, you can find the log ID of a previous operation using `yunohost log list`.*
*After sharing the log, please copypaste directly the link provided by YunoHost (to help readability, no need to copypaste the entire content of the log here, just the link is enough...)*
*If applicable and useful, add screenshots to help explain your problem.*

View file

@ -6,7 +6,7 @@
"en": "Modern, convivial and free music server", "en": "Modern, convivial and free music server",
"fr": "Serveur de musique moderne, convivial et gratuit" "fr": "Serveur de musique moderne, convivial et gratuit"
}, },
"version": "1.1~ynh1", "version": "1.1.1~ynh1",
"url": "https://funkwhale.audio", "url": "https://funkwhale.audio",
"license": "AGPL-3.0-or-later", "license": "AGPL-3.0-or-later",
"maintainer": { "maintainer": {
@ -18,42 +18,27 @@
"email": "jean-baptiste@holcroft.fr" "email": "jean-baptiste@holcroft.fr"
}], }],
"requirements": { "requirements": {
"yunohost": ">= 4.0.0" "yunohost": ">= 4.1.3"
}, },
"multi_instance": true, "multi_instance": true,
"services": [ "services": [
"nginx" "nginx"
], ],
"arguments": { "arguments": {
"install": [{ "install" : [
{
"name": "domain", "name": "domain",
"type": "domain", "type": "domain",
"ask": {
"en": "Choose a domain for Funkwhale",
"fr": "Choisissez un nom de domaine pour Funkwhale"
},
"example": "example.com" "example": "example.com"
}, },
{ {
"name": "admin", "name": "admin",
"type": "user", "type": "user",
"ask": { "example": "johndoe"
"en": "Choose an admin user",
"fr": "Choisissez l'administrateur"
},
"example": "sporiff"
}, },
{ {
"name": "is_public", "name": "is_public",
"type": "boolean", "type": "boolean",
"ask": {
"en": "Is it a public application?",
"fr": "Est-ce une application publique ?"
},
"help": {
"en": "Allows unauthenticated users to access the user interface (mandatory for federation).",
"fr": "Permet aux utilisateurs non authentifiés d'accéder à l'interface utilisateur (obligatoire pour la fédération)."
},
"default": true "default": true
} }
] ]

16
pull_request_template.md Normal file
View file

@ -0,0 +1,16 @@
## Problem
- *Description of why you made this PR*
## Solution
- *And how do you fix that problem*
## PR Status
- [ ] Code finished.
- [ ] Tested with Package_check.
- [ ] Fix or enhancement tested.
- [ ] Upgrade from last version tested.
- [ ] Can be reviewed and tested.
## Package_check results
---
* An automatic package_check will be launch at https://ci-apps-dev.yunohost.org/, when you add a specific comment to your Pull Request: "!testme", "!gogogadgetoci" or "By the power of systemd, I invoke The Great App CI to test this Pull Request!"*

View file

@ -5,9 +5,9 @@
#================================================= #=================================================
# dependencies used by the app # dependencies used by the app
pkg_dependencies="build-essential curl ffmpeg \ pkg_dependencies="curl python3-pip python3-venv git unzip libldap2-dev libsasl2-dev gettext-base zlib1g-dev libffi-dev libssl-dev \
libjpeg-dev libmagic-dev libpq-dev postgresql postgresql-contrib python3-dev virtualenv \ build-essential ffmpeg libjpeg-dev libmagic-dev libpq-dev postgresql postgresql-contrib python3-dev make \
redis-server libldap2-dev libsasl2-dev \ redis-server \
`# add arm support` \ `# add arm support` \
zlib1g-dev libffi-dev libssl-dev" zlib1g-dev libffi-dev libssl-dev"
@ -15,7 +15,6 @@ pkg_dependencies="build-essential curl ffmpeg \
# PERSONAL HELPERS # PERSONAL HELPERS
#================================================= #=================================================
#================================================= #=================================================
# EXPERIMENTAL HELPERS # EXPERIMENTAL HELPERS
#================================================= #=================================================

View file

@ -27,9 +27,10 @@ ynh_print_info --message="Loading installation settings..."
app=$YNH_APP_INSTANCE_NAME app=$YNH_APP_INSTANCE_NAME
final_path=$(ynh_app_setting_get --app="$app" --key=final_path) final_path=$(ynh_app_setting_get --app=$app --key=final_path)
domain=$(ynh_app_setting_get --app="$app" --key=domain) domain=$(ynh_app_setting_get --app=$app --key=domain)
db_name=$(ynh_app_setting_get --app="$app" --key=db_name) db_name=$(ynh_app_setting_get --app=$app --key=db_name)
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
#================================================= #=================================================
# DECLARE DATA AND CONF FILES TO BACKUP # DECLARE DATA AND CONF FILES TO BACKUP
@ -40,22 +41,37 @@ ynh_print_info --message="Declaring files to be backed up..."
# BACKUP THE APP MAIN DIR # BACKUP THE APP MAIN DIR
#================================================= #=================================================
backup_core_only=$(ynh_app_setting_get --app="$app" --key=backup_core_only)
# If backup_core_only have any value in the settings.yml file, do not backup the data directory
if [ -z "$backup_core_only" ]
then
ynh_backup --src_path="$final_path" ynh_backup --src_path="$final_path"
else
echo "Data dir will not be saved, because backup_core_only is set." >&2
ynh_backup --src_path="$final_path/code"
fi
#================================================= #=================================================
# BACKUP THE NGINX CONFIGURATION # BACKUP THE NGINX CONFIGURATION
#================================================= #=================================================
ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_backup --src_path="/etc/nginx/conf.d/$domain.conf"
#=================================================
# BACKUP FAIL2BAN CONFIGURATION
#=================================================
ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf"
ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf"
#=================================================
# SPECIFIC BACKUP
#=================================================
# BACKUP SYSTEMD
#=================================================
ynh_backup --src_path="/etc/systemd/system/${app}-beat.service"
ynh_backup --src_path="/etc/systemd/system/${app}-server.service"
ynh_backup --src_path="/etc/systemd/system/${app}-worker.service"
ynh_backup --src_path="/etc/systemd/system/$app.target"
#=================================================
# BACKUP VARIOUS FILES
#=================================================
ynh_backup --src_path="$datadir" --is_big
#================================================= #=================================================
# BACKUP THE POSTGRESQL DATABASE # BACKUP THE POSTGRESQL DATABASE
@ -64,17 +80,6 @@ ynh_print_info --message="Backing up the PostgreSQL database..."
ynh_psql_dump_db --database="$db_name" > db.sql ynh_psql_dump_db --database="$db_name" > db.sql
#=================================================
# SPECIFIC BACKUP
#=================================================
# BACKUP SYSTEMD
#=================================================
ynh_backup --src_path="/etc/systemd/system/$app-beat.service"
ynh_backup --src_path="/etc/systemd/system/$app-server.service"
ynh_backup --src_path="/etc/systemd/system/$app-worker.service"
ynh_backup --src_path="/etc/systemd/system/$app.target"
#================================================= #=================================================
# END OF SCRIPT # END OF SCRIPT
#================================================= #=================================================

View file

@ -25,8 +25,10 @@ ynh_abort_if_errors
domain=$YNH_APP_ARG_DOMAIN domain=$YNH_APP_ARG_DOMAIN
path_url="/" path_url="/"
is_public=$YNH_APP_ARG_IS_PUBLIC
admin=$YNH_APP_ARG_ADMIN admin=$YNH_APP_ARG_ADMIN
is_public=$YNH_APP_ARG_IS_PUBLIC
admin_mail=$(ynh_user_get_info --username="$admin" --key="mail")
app=$YNH_APP_INSTANCE_NAME app=$YNH_APP_INSTANCE_NAME
@ -35,20 +37,22 @@ app=$YNH_APP_INSTANCE_NAME
#================================================= #=================================================
ynh_script_progression --message="Validating installation parameters..." ynh_script_progression --message="Validating installation parameters..."
final_path="/var/www/$app" final_path=/var/www/$app
test ! -e "$final_path" || ynh_die --message="This path already contains a folder" test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
datadir="/home/yunohost.app/${app}/data"
# Register (book) web path # Register (book) web path
ynh_webpath_register --app="$app" --domain="$domain" --path_url="$path_url" ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
#================================================= #=================================================
# STORE SETTINGS FROM MANIFEST # STORE SETTINGS FROM MANIFEST
#================================================= #=================================================
ynh_script_progression --message="Storing installation settings..." ynh_script_progression --message="Storing installation settings..."
ynh_app_setting_set --app="$app" --key=domain --value="$domain" ynh_app_setting_set --app=$app --key=domain --value=$domain
ynh_app_setting_set --app="$app" --key=path --value="$path_url" ynh_app_setting_set --app=$app --key=path --value=$path_url
ynh_app_setting_set --app="$app" --key=admin --value="$admin" ynh_app_setting_set --app=$app --key=admin --value=$admin
#================================================= #=================================================
# STANDARD MODIFICATIONS # STANDARD MODIFICATIONS
@ -57,10 +61,9 @@ ynh_app_setting_set --app="$app" --key=admin --value="$admin"
#================================================= #=================================================
ynh_script_progression --message="Finding an available port..." ynh_script_progression --message="Finding an available port..."
# Find a free port # Find an available port
port=$(ynh_find_port --port=5000) port=$(ynh_find_port --port=5000)
# Open this port ynh_app_setting_set --app=$app --key=port --value=$port
ynh_app_setting_set --app="$app" --key=port --value="$port"
#================================================= #=================================================
# INSTALL DEPENDENCIES # INSTALL DEPENDENCIES
@ -69,6 +72,14 @@ ynh_script_progression --message="Installing dependencies..."
ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Configuring system user..."
# Create a system user
ynh_system_user_create --username=$app --home_dir="$final_path"
#================================================= #=================================================
# CREATE A POSTGRESQL DATABASE # CREATE A POSTGRESQL DATABASE
#================================================= #=================================================
@ -76,168 +87,150 @@ ynh_script_progression --message="Creating a PostgreSQL database..."
ynh_psql_test_if_first_run ynh_psql_test_if_first_run
db_name=$(ynh_sanitize_dbid "$app") db_name=$(ynh_sanitize_dbid --db_name=$app)
db_user="$db_name" db_user=$db_name
db_pwd=$(ynh_string_random) db_pwd=$(ynh_string_random)
ynh_app_setting_set --app="$app" --key=db_name --value="$db_name" ynh_app_setting_set --app=$app --key=db_name --value=$db_name
ynh_app_setting_set --app="$app" --key=psqlpwd --value="$db_pwd" ynh_app_setting_set --app=$app --key=db_pwd --value=$db_pwd
# Initialize database and store postgres password for upgrade # Initialize database and store postgres password for upgrade
ynh_psql_setup_db --db_name="$db_name" --db_user="$db_user" --db_pwd="$db_pwd" ynh_psql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd
#================================================= #=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE # DOWNLOAD, CHECK AND UNPACK SOURCE
#================================================= #=================================================
ynh_script_progression --message="Setting up source files..." ynh_script_progression --message="Setting up source files..."
ynh_app_setting_set --app="$app" --key=final_path --value="$final_path" ynh_app_setting_set --app=$app --key=final_path --value=$final_path
ynh_app_setting_set --app=$app --key=datadir --value=$datadir
# Download, check integrity, uncompress and patch the source from app.src # Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$final_path/code" ynh_setup_source --dest_dir="$final_path/api" --source_id="api"
ynh_setup_source --dest_dir="$final_path/code" --source_id="app-frontend" ynh_setup_source --dest_dir="$final_path/front" --source_id="front"
( pushd $final_path
cd "$final_path" mkdir -p config
mkdir -p code/config code/api code/data/static media import code/front popd
)
chmod -R 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path"
mkdir -p $datadir
pushd $datadir
mkdir -p static media music
popd
chmod -R 750 "$datadir"
chmod -R o-rwx "$datadir"
chown -R $app:www-data "$datadir"
#================================================= #=================================================
# NGINX CONFIGURATION # NGINX CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Configuring nginx web server..." ynh_script_progression --message="Configuring NGINX web server..."
# Create a dedicated nginx config # Create a dedicated NGINX config
ynh_add_nginx_config ynh_add_nginx_config "datadir"
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Configuring system user..."
# Create a system user
ynh_system_user_create --username="$app" --home_dir="$final_path"
#================================================= #=================================================
# SPECIFIC SETUP # SPECIFIC SETUP
#================================================= #=================================================
# PYTHON DEPENDENCIES # ADD A CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Adding a config file..."
virtualenv -p python3 "$final_path/code/virtualenv" key=$(ynh_string_random --length=45 | base64)
(
set +o nounset
source "${final_path}/code/virtualenv/bin/activate"
set -o nounset
pip install --upgrade pip
pip install --upgrade setuptools
pip install wheel
pip install -r "${final_path}/code/api/requirements.txt"
)
#=================================================
# MODIFY THE CONFIG FILE
#=================================================
configfile="$final_path/code/config/.env"
cp ../conf/env.prod "$configfile"
key=$(ynh_string_random)
redis_db=$(ynh_redis_get_free_db) redis_db=$(ynh_redis_get_free_db)
ynh_app_setting_set --app="$app" --key=key --value="$key" ynh_app_setting_set --app=$app --key=key --value=$key
ynh_app_setting_set --app="$app" --key=redis_db --value="$redis_db" ynh_app_setting_set --app=$app --key=redis_db --value=$redis_db
ynh_replace_string --match_string="__REDIS_DB__" --replace_string="$redis_db" --target_file="$configfile" ynh_add_config --template="../conf/env.prod" --destination="$final_path/config/.env"
ynh_replace_string --match_string="__PORT__" --replace_string="$port" --target_file="$configfile"
ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$configfile"
ynh_replace_string --match_string="__DBUSER__" --replace_string="$db_name" --target_file="$configfile"
ynh_replace_string --match_string="__DBPWD__" --replace_string="$db_pwd" --target_file="$configfile"
ynh_replace_string --match_string="__DBNAME__" --replace_string="$app" --target_file="$configfile"
ynh_replace_string --match_string="__FINALPATH__" --replace_string="$final_path" --target_file="$configfile"
ynh_replace_string --match_string="__KEY__" --replace_string="$key" --target_file="$configfile"
#================================================= chmod 400 "$final_path/config/.env"
# CONFIGURE ADMIN USER chown $app:$app "$final_path/config/.env"
#=================================================
admin_mail=$(ynh_user_get_info --username="$admin" --key="mail")
(
set +o nounset
source "${final_path}/code/virtualenv/bin/activate"
set -o nounset
cd "$final_path/code/"
# needed for enabling the 'unaccent' extension
ynh_psql_execute_as_root --sql="ALTER USER $db_user WITH SUPERUSER;" --database="$db_name"
python api/manage.py migrate
ynh_psql_execute_as_root --sql="ALTER USER $db_user WITH NOSUPERUSER;" --database="$db_name"
echo "from django.contrib.auth import get_user_model; User = get_user_model(); User.objects.create_superuser('$admin', '$admin_mail', 'funkwhale') " | python api/manage.py shell
python api/manage.py collectstatic
)
#================================================= #=================================================
# SETUP SYSTEMD # SETUP SYSTEMD
#================================================= #=================================================
ynh_script_progression --message="Configuring a systemd service..." ynh_script_progression --message="Configuring a systemd service..."
cp ../conf/funkwhale.target "/etc/systemd/system/$app.target" ynh_add_config --template="../conf/funkwhale.target" --destination="/etc/systemd/system/$app.target"
ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="/etc/systemd/system/$app.target"
# Create a dedicated systemd config # Create a dedicated systemd config
ynh_add_systemd_config --service="$app-server" --template="funkwhale-server.service" ynh_add_systemd_config --service="${app}-server" --template="funkwhale-server.service" --others_var="datadir"
ynh_add_systemd_config --service="$app-worker" --template="funkwhale-worker.service" ynh_add_systemd_config --service="${app}-worker" --template="funkwhale-worker.service" --others_var="datadir"
ynh_add_systemd_config --service="$app-beat" --template="funkwhale-beat.service" ynh_add_systemd_config --service="${app}-beat" --template="funkwhale-beat.service" --others_var="datadir"
#================================================= #=================================================
# STORE THE CONFIG FILE CHECKSUM # INSTALL PYTHON DEPENDENCIES
#================================================= #=================================================
ynh_script_progression --message="Installing Python dependencies..."
# Calculate and store the config file checksum into the app settings pushd $final_path
ynh_store_file_checksum --file="$configfile" python3 -m venv $final_path/virtualenv
source $final_path/virtualenv/bin/activate
pip install --upgrade pip
pip install --upgrade setuptools
pip install wheel
pip install -r api/requirements.txt
popd
#=================================================
# BUILDING FUNKWHALE
#=================================================
ynh_script_progression --message="Building funkwhale..."
pushd $final_path
source $final_path/virtualenv/bin/activate
# needed for enabling the 'unaccent' extension
ynh_psql_execute_as_root --sql="ALTER USER $db_user WITH SUPERUSER;" --database="$db_name"
python api/manage.py migrate
ynh_psql_execute_as_root --sql="ALTER USER $db_user WITH NOSUPERUSER;" --database="$db_name"
echo "from django.contrib.auth import get_user_model; User = get_user_model(); User.objects.create_superuser('$admin', '$admin_mail', 'funkwhale') " | python api/manage.py shell
echo "yes" | python api/manage.py collectstatic
popd
chmod -R 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path"
#================================================= #=================================================
# GENERIC FINALIZATION # GENERIC FINALIZATION
#================================================= #=================================================
# SECURE FILES AND DIRECTORIES # INTEGRATE SERVICE IN YUNOHOST
#================================================= #=================================================
ynh_script_progression --message="Integrating service in YunoHost..."
chown -R "$app": "$final_path" yunohost service add "${app}-beat"
chmod -R 755 "$final_path/code/front/dist/" yunohost service add "${app}-server"
yunohost service add "${app}-worker"
mkdir -p "/var/log/$app"
chown -R "$app": "/var/log/$app"
#=================================================
# ADVERTISE SERVICE IN ADMIN PANEL
#=================================================
yunohost service add "$app-server" --log="/var/log/$app/server.log"
yunohost service add "$app-worker" --log="/var/log/$app/worker.log"
yunohost service add "$app-beat" --log="/var/log/$app/beat.log"
#================================================= #=================================================
# START SYSTEMD SERVICE # START SYSTEMD SERVICE
#================================================= #=================================================
ynh_script_progression --message="Starting a systemd service..." ynh_script_progression --message="Starting a systemd service..."
ynh_systemd_action --action="start" --service_name="${app}-beat" # Start a systemd service
ynh_systemd_action --action="start" --service_name="${app}-server" ynh_systemd_action --service_name="${app}-beat" --action="start" --log_path="systemd" --line_match="Running with the following plugins enabled"
ynh_systemd_action --action="start" --service_name="${app}-worker" ynh_systemd_action --service_name="${app}-server" --action="start" --log_path="systemd" --line_match="Application startup complete"
ynh_systemd_action --service_name="${app}-worker" --action="start" --log_path="systemd" --line_match="Running with the following plugins enabled"
#================================================= #=================================================
# SETUP FAIL2BAN # SETUP FAIL2BAN
#================================================= #=================================================
ynh_script_progression --message="Configuring Fail2Ban..." ynh_script_progression --message="Configuring Fail2Ban..."
# Create a dedicated fail2ban config # Create a dedicated Fail2Ban config
ynh_add_fail2ban_config --logpath="/var/log/nginx/$domain-access.log" --failregex="<HOST>.* \"POST /api/v1/token/ HTTP/1.1\" 400 68.*$" --max_retry=5 ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-access.log" --failregex="<HOST>.* \"POST /api/v1/token/ HTTP/1.1\" 400 68.*$" --max_retry=5
#================================================= #=================================================
# SETUP SSOWAT # SETUP SSOWAT
#================================================= #=================================================
ynh_script_progression --message="Configuring permissions..." ynh_script_progression --message="Configuring permissions..."
# Make app public if necessary or protect it # Make app public if necessary
if [ $is_public -eq 1 ] if [ $is_public -eq 1 ]
then then
# Everyone can access the app. # Everyone can access the app.

View file

@ -16,74 +16,74 @@ ynh_script_progression --message="Loading installation settings..."
app=$YNH_APP_INSTANCE_NAME app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app="$app" --key=domain) domain=$(ynh_app_setting_get --app=$app --key=domain)
port=$(ynh_app_setting_get --app="$app" --key=port) port=$(ynh_app_setting_get --app=$app --key=port)
db_name=$(ynh_app_setting_get --app="$app" --key=db_name) db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user="$db_name" db_user=$db_name
final_path=$(ynh_app_setting_get --app="$app" --key=final_path) final_path=$(ynh_app_setting_get --app=$app --key=final_path)
redis_db=$(ynh_app_setting_get --app="$app" --key=redis_db) redis_db=$(ynh_app_setting_get --app=$app --key=redis_db)
#================================================= #=================================================
# STANDARD REMOVE # STANDARD REMOVE
#================================================= #=================================================
# REMOVE SERVICE FROM ADMIN PANEL # REMOVE SERVICE INTEGRATION IN YUNOHOST
#================================================= #=================================================
# Remove a service from the admin panel, added by `yunohost service add` # Remove the service from the list of services known by YunoHost (added from `yunohost service add`)
if yunohost service status "$app-server" >/dev/null 2>&1 if ynh_exec_warn_less yunohost service status "${app}-server" >/dev/null
then then
ynh_script_progression --message="Remove $app-server service" ynh_script_progression --message="Removing ${app}-server service integration..."
yunohost service remove "$app-server" yunohost service remove "${app}-server"
fi fi
if yunohost service status "$app-worker" >/dev/null 2>&1 if ynh_exec_warn_less yunohost service status "${app}-worker" >/dev/null
then then
ynh_script_progression --message="Remove $app-worker service" ynh_script_progression --message="Removing ${app}-worker service integration..."
yunohost service remove "$app-worker" yunohost service remove "${app}-worker"
fi fi
if yunohost service status "$app-beat" >/dev/null 2>&1 if ynh_exec_warn_less yunohost service status "${app}-beat" >/dev/null
then then
ynh_script_progression --message="Remove $app-beat service" ynh_script_progression --message="Removing ${app}-beat service integration..."
yunohost service remove "$app-beat" yunohost service remove "${app}-beat"
fi fi
#================================================= #=================================================
# STOP AND REMOVE SERVICE # STOP AND REMOVE SERVICE
#================================================= #=================================================
ynh_script_progression --message="Stopping and removing the systemd service" ynh_script_progression --message="Stopping and removing the systemd service..."
ynh_systemd_action --action="stop" --service_name="${app}-beat" ynh_systemd_action --service_name="${app}-beat" --action="stop" --log_path="systemd" --line_match="Stopped $app"
ynh_systemd_action --action="stop" --service_name="${app}-server" ynh_systemd_action --service_name="${app}-server" --action="stop" --log_path="systemd" --line_match="Stopped $app"
ynh_systemd_action --action="stop" --service_name="${app}-worker" ynh_systemd_action --service_name="${app}-worker" --action="stop" --log_path="systemd" --line_match="Stopped $app"
# Remove the dedicated systemd config # Remove the dedicated systemd config
ynh_remove_systemd_config --service="$app-server" ynh_remove_systemd_config --service="${app}-beat"
ynh_remove_systemd_config --service="$app-worker" ynh_remove_systemd_config --service="${app}-server"
ynh_remove_systemd_config --service="$app-beat" ynh_remove_systemd_config --service="${app}-worker"
ynh_secure_remove --file="/etc/systemd/system/$app.target" ynh_secure_remove --file="/etc/systemd/system/$app.target"
#================================================= #=================================================
# REMOVE THE POSTGRESQL DATABASE # REMOVE THE POSTGRESQL DATABASE
#================================================= #=================================================
ynh_script_progression --message="Removing the PostgreSQL database" ynh_script_progression --message="Removing the PostgreSQL database..."
# Remove a database if it exists, along with the associated user # Remove a database if it exists, along with the associated user
ynh_psql_remove_db --db_name="$db_name" --db_user="$db_user" ynh_psql_remove_db --db_user=$db_user --db_name=$db_name
#================================================= #=================================================
# REMOVE THE REDIS DATABASE # REMOVE THE REDIS DATABASE
#================================================= #=================================================
ynh_script_progression --message="Removing the Redis database" ynh_script_progression --message="Removing the Redis database..."
# Remove a database if it exists, along with the associated user # Remove a database if it exists, along with the associated user
ynh_redis_remove_db "$redis_db" ynh_redis_remove_db $redis_db
#================================================= #=================================================
# REMOVE DEPENDENCIES # REMOVE DEPENDENCIES
#================================================= #=================================================
ynh_script_progression --message="Removing dependencies" ynh_script_progression --message="Removing dependencies..."
# Remove metapackage and its dependencies # Remove metapackage and its dependencies
ynh_remove_app_dependencies ynh_remove_app_dependencies
@ -91,26 +91,25 @@ ynh_remove_app_dependencies
#================================================= #=================================================
# REMOVE APP MAIN DIR # REMOVE APP MAIN DIR
#================================================= #=================================================
ynh_script_progression --message="Removing app main directory" ynh_script_progression --message="Removing app main directory..."
# Remove the app directory securely # Remove the app directory securely
ynh_secure_remove --file="$final_path" ynh_secure_remove --file="$final_path"
ynh_secure_remove --file="/var/log/$app"
#================================================= #=================================================
# REMOVE NGINX CONFIGURATION # REMOVE NGINX CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Removing NGINX web server configuration" ynh_script_progression --message="Removing NGINX web server configuration..."
# Remove the dedicated nginx config # Remove the dedicated NGINX config
ynh_remove_nginx_config ynh_remove_nginx_config
#================================================= #=================================================
# REMOVE FAIL2BAN CONFIGURATION # REMOVE FAIL2BAN CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Removing Fail2Ban configuration..." ynh_script_progression --message="Removing Fail2ban configuration..."
# Remove the dedicated Fail2Ban config
ynh_remove_fail2ban_config ynh_remove_fail2ban_config
#================================================= #=================================================
@ -118,10 +117,10 @@ ynh_remove_fail2ban_config
#================================================= #=================================================
# REMOVE DEDICATED USER # REMOVE DEDICATED USER
#================================================= #=================================================
ynh_script_progression --message="Removing the dedicated system user" ynh_script_progression --message="Removing the dedicated system user..."
# Delete a system user # Delete a system user
ynh_system_user_delete --username="$app" ynh_system_user_delete --username=$app
#================================================= #=================================================
# END OF SCRIPT # END OF SCRIPT

View file

@ -23,25 +23,26 @@ ynh_abort_if_errors
#================================================= #=================================================
# LOAD SETTINGS # LOAD SETTINGS
#================================================= #=================================================
ynh_script_progression --message="Loading settings..." ynh_script_progression --message="Loading installation settings..."
app=$YNH_APP_INSTANCE_NAME app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app="$app" --key=domain) domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app="$app" --key=path) path_url=$(ynh_app_setting_get --app=$app --key=path)
final_path=$(ynh_app_setting_get --app="$app" --key=final_path) final_path=$(ynh_app_setting_get --app=$app --key=final_path)
db_name=$(ynh_app_setting_get --app="$app" --key=db_name) db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user="$db_name" db_user=$db_name
db_pwd=$(ynh_app_setting_get --app="$app" --key=psqlpwd) db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd)
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
#================================================= #=================================================
# CHECK IF THE APP CAN BE RESTORED # CHECK IF THE APP CAN BE RESTORED
#================================================= #=================================================
ynh_script_progression --message="Validating restoration parameters..." ynh_script_progression --message="Validating restoration parameters..."
ynh_webpath_available --domain="$domain" --path_url="$path_url" \ ynh_webpath_available --domain=$domain --path_url=$path_url \
|| ynh_die --message="Path not available: ${domain}${path_url}" || ynh_die --message="Path not available: ${domain}${path_url}"
test ! -d "$final_path" \ test ! -d $final_path \
|| ynh_die --message="There is already a directory: $final_path " || ynh_die --message="There is already a directory: $final_path "
#================================================= #=================================================
@ -49,39 +50,9 @@ test ! -d "$final_path" \
#================================================= #=================================================
# RESTORE THE NGINX CONFIGURATION # RESTORE THE NGINX CONFIGURATION
#================================================= #=================================================
ynh_script_progression --message="Restoring the NGINX web server configuration..."
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.conf"
#=================================================
# RESTORE THE APP MAIN DIR
#=================================================
ynh_script_progression --message="Restoring the app main directory..."
backup_core_only=$(ynh_app_setting_get --app="$app" --key=backup_core_only)
# If backup_core_only have any value, then restore only code
if [ -z "$backup_core_only" ]
then
ynh_restore_file --origin_path="$final_path/code"
else
ynh_restore_file --origin_path="$final_path"
fi
# Remove the option backup_core_only if it's in the settings.yml file
ynh_app_setting_delete --app="$app" --key=backup_core_only
code_migration=$(ynh_app_setting_get --app="$app" --key=code_migration)
# make sure we revert the last code organization
if [ "$code_migration" -eq 1 ]
then
mv "$final_path/code/"* "$final_path"
mv "$final_path/media" "$final_path/code/data/media"
mv "$final_path/import" "$final_path/code/data/music"
ynh_secure_remove --file="$final_path/code"
ynh_app_setting_delete --app="$app" --key=code_migration
fi
#================================================= #=================================================
# RECREATE THE DEDICATED USER # RECREATE THE DEDICATED USER
@ -89,21 +60,37 @@ fi
ynh_script_progression --message="Recreating the dedicated system user..." ynh_script_progression --message="Recreating the dedicated system user..."
# Create the dedicated user (if not existing) # Create the dedicated user (if not existing)
ynh_system_user_create --username="$app" --home_dir="$final_path" ynh_system_user_create --username=$app --home_dir="$final_path"
#================================================= #=================================================
# RESTORE USER RIGHTS # RESTORE THE APP MAIN DIR
#================================================= #=================================================
ynh_script_progression --message="Restoring the app main directory..."
# Restore permissions on app files ynh_restore_file --origin_path="$final_path"
chown -R "$app": "$final_path"
chmod -R 755 "$final_path/code/front/dist/"
mkdir -p "/var/log/$app" chmod -R 750 "$final_path"
chown -R "$app": "/var/log/$app" chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path"
#================================================= #=================================================
# SPECIFIC RESTORATION # SPECIFIC RESTORATION
#=================================================
# RESTORE VARIOUS FILES
#=================================================
ynh_script_progression --message="Restoring various files..."
ynh_restore_file --origin_path="$datadir" --not_mandatory
mkdir -p $datadir
pushd $datadir
mkdir -p static media music
popd
chmod -R 750 "$datadir"
chmod -R o-rwx "$datadir"
chown -R $app:www-data "$datadir"
#================================================= #=================================================
# REINSTALL DEPENDENCIES # REINSTALL DEPENDENCIES
#================================================= #=================================================
@ -118,39 +105,40 @@ ynh_install_app_dependencies $pkg_dependencies
ynh_script_progression --message="Restoring the PostgreSQL database..." ynh_script_progression --message="Restoring the PostgreSQL database..."
ynh_psql_test_if_first_run ynh_psql_test_if_first_run
ynh_psql_setup_db --db_user="$db_user" --db_name="$db_name" --db_pwd="$db_pwd" ynh_psql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd
ynh_psql_execute_file_as_root --file="./db.sql" --database="$db_name" ynh_psql_execute_file_as_root --file="./db.sql" --database=$db_name
#================================================= #=================================================
# RESTORE SYSTEMD # RESTORE SYSTEMD
#================================================= #=================================================
ynh_script_progression --message="Restoring the systemd configuration..." ynh_script_progression --message="Restoring the systemd configuration..."
ynh_restore_file --origin_path="/etc/systemd/system/$app-beat.service" ynh_restore_file --origin_path="/etc/systemd/system/${app}-beat.service"
ynh_restore_file --origin_path="/etc/systemd/system/$app-server.service" ynh_restore_file --origin_path="/etc/systemd/system/${app}-server.service"
ynh_restore_file --origin_path="/etc/systemd/system/$app-worker.service" ynh_restore_file --origin_path="/etc/systemd/system/${app}-worker.service"
ynh_restore_file --origin_path="/etc/systemd/system/$app.target" ynh_restore_file --origin_path="/etc/systemd/system/$app.target"
systemctl enable "$app-beat.service" --quiet systemctl enable "${app}-beat.service" --quiet
systemctl enable "$app-server.service" --quiet systemctl enable "${app}-server.service" --quiet
systemctl enable "$app-worker.service" --quiet systemctl enable "${app}-worker.service" --quiet
#================================================= #=================================================
# ADVERTISE SERVICE IN ADMIN PANEL # INTEGRATE SERVICE IN YUNOHOST
#================================================= #=================================================
ynh_script_progression --message="Integrating service in YunoHost..."
yunohost service add "$app-server" --log="/var/log/$app/server.log" yunohost service add "${app}-beat"
yunohost service add "$app-worker" --log="/var/log/$app/worker.log" yunohost service add "${app}-server"
yunohost service add "$app-beat" --log="/var/log/$app/beat.log" yunohost service add "${app}-worker"
#================================================= #=================================================
# START SYSTEMD SERVICE # START SYSTEMD SERVICE
#================================================= #=================================================
ynh_script_progression --message="Starting a systemd service..." ynh_script_progression --message="Starting a systemd service..."
ynh_systemd_action --action="start" --service_name="${app}-beat" ynh_systemd_action --service_name="${app}-beat" --action="start" --log_path="systemd" --line_match="Running with the following plugins enabled"
ynh_systemd_action --action="start" --service_name="${app}-server" ynh_systemd_action --service_name="${app}-server" --action="start" --log_path="systemd" --line_match="Application startup complete"
ynh_systemd_action --action="start" --service_name="${app}-worker" ynh_systemd_action --service_name="${app}-worker" --action="start" --log_path="systemd" --line_match="Running with the following plugins enabled"
#================================================= #=================================================
# GENERIC FINALIZATION # GENERIC FINALIZATION

View file

@ -16,15 +16,23 @@ ynh_script_progression --message="Loading installation settings..."
app=$YNH_APP_INSTANCE_NAME app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app="$app" --key=domain) domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app="$app" --key=path) path_url=$(ynh_app_setting_get --app=$app --key=path)
final_path=$(ynh_app_setting_get --app="$app" --key=final_path) final_path=$(ynh_app_setting_get --app=$app --key=final_path)
db_name=$(ynh_app_setting_get --app="$app" --key=db_name) db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user="$db_name" db_user=$db_name
port=$(ynh_app_setting_get --app="$app" --key=port) db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd)
db_pwd=$(ynh_app_setting_get --app="$app" --key=psqlpwd) datadir=$(ynh_app_setting_get --app=$app --key=datadir)
redis_db=$(ynh_app_setting_get --app="$app" --key=redis_db) port=$(ynh_app_setting_get --app=$app --key=port)
code_migration=$(ynh_app_setting_get --app="$app" --key=code_migration) redis_db=$(ynh_app_setting_get --app=$app --key=redis_db)
key=$(ynh_app_setting_get --app=$app --key=key)
#=================================================
# CHECK VERSION
#=================================================
ynh_script_progression --message="Checking version..."
upgrade_type=$(ynh_check_app_version_changed)
#================================================= #=================================================
# ENSURE DOWNWARD COMPATIBILITY # ENSURE DOWNWARD COMPATIBILITY
@ -33,22 +41,14 @@ ynh_script_progression --message="Ensuring downward compatibility..."
# If redis_db doesn't exist, create it # If redis_db doesn't exist, create it
if [ -z "$redis_db" ]; then if [ -z "$redis_db" ]; then
redis_db=0 redis_db=$(ynh_redis_get_free_db)
ynh_app_setting_set --app="$app" --key=redis_db --value="$redis_db" ynh_app_setting_set --app=$app --key=redis_db --value=$redis_db
fi fi
# make sure we have the last code organization # If db_pwd doesn't exist, create it
if [ ! -d "$final_path/code/" ]; then if [ -z "$db_pwd" ]; then
mkdir "$final_path-tmp" db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd)
mv "$final_path"/* "$final_path-tmp/" ynh_app_setting_set --app=$app --key=db_pwd --value=$db_pwd
mkdir "$final_path/code"
mv "$final_path-tmp/data/media" "$final_path/media"
mv "$final_path-tmp/data/music" "$final_path/import"
mv "$final_path-tmp"/* "$final_path/code"
ynh_secure_remove --file="$final_path-tmp/"
ynh_app_setting_set --app="$app" --key=code_migration --value=1
fi fi
# Cleaning legacy permissions # Cleaning legacy permissions
@ -63,29 +63,16 @@ fi
#================================================= #=================================================
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." ynh_script_progression --message="Backing up the app before upgrading (may take a while)..."
# Inform the backup/restore process that it should not save the data directory
ynh_app_setting_set --app="$app" --key=backup_core_only --value=1
# Backup the current version of the app # Backup the current version of the app
ynh_backup_before_upgrade ynh_backup_before_upgrade
ynh_clean_setup () { ynh_clean_setup () {
# restore it if the upgrade fails # Restore it if the upgrade fails
ynh_clean_check_starting ynh_clean_check_starting
ynh_restore_upgradebackup ynh_restore_upgradebackup
} }
# Exit if an error occurs during the execution of the script # Exit if an error occurs during the execution of the script
ynh_abort_if_errors ynh_abort_if_errors
#=================================================
# CHECK THE PATH
#=================================================
# see 0.20.0: https://docs.funkwhale.audio/changelog.html#automatically-load-env-file
loadfile="$final_path/code/load_env"
if [ -e "$loadfile" ] ; then
ynh_secure_remove --file="$loadfile"
fi
#================================================= #=================================================
# STANDARD UPGRADE STEPS # STANDARD UPGRADE STEPS
#================================================= #=================================================
@ -93,24 +80,79 @@ fi
#================================================= #=================================================
ynh_script_progression --message="Stopping a systemd service..." ynh_script_progression --message="Stopping a systemd service..."
ynh_systemd_action --action="stop" --service_name="${app}-beat" ynh_systemd_action --action="stop" --service_name="${app}-beat" --log_path="systemd" --line_match="Stopped"
ynh_systemd_action --action="stop" --service_name="${app}-server" ynh_systemd_action --action="stop" --service_name="${app}-server" --log_path="systemd" --line_match="Stopped"
ynh_systemd_action --action="stop" --service_name="${app}-worker" ynh_systemd_action --action="stop" --service_name="${app}-worker" --log_path="systemd" --line_match="Stopped"
#=================================================
# MOVE DATAS
#=================================================
# If datadir doesn't exist, create it
if [ -z "$datadir" ]; then
# Do a full backup before moving datas
yunohost backup create --apps $app
datadir="/home/yunohost.app/${app}/data"
ynh_script_progression --message="Moving datas to $datadir..."
mkdir -p $datadir
pushd $datadir
mkdir -p static media music
popd
ynh_backup_if_checksum_is_different --file="$final_path/code/config/.env"
mkdir -p $final_path/config
rsync -a $final_path/code/config/ $final_path/config/
chmod 600 $final_path/config/.env
ynh_store_file_checksum --file="$final_path/config/.env"
ynh_delete_file_checksum --file="$final_path/code/config/.env"
if [ -d "$final_path/code/data/static/" ]; then
rsync -a $final_path/code/data/static/ $datadir/static/
fi
if [ -d "$final_path/media/" ]; then
rsync -a $final_path/media/ $datadir/media/
fi
if [ -d "$final_path/import/" ]; then
rsync -a $final_path/import/ $datadir/music/
fi
ynh_secure_remove --file="$final_path/code"
ynh_secure_remove --file="$final_path/media"
ynh_secure_remove --file="$final_path/import"
ynh_app_setting_set --app=$app --key=datadir --value=$datadir
upgrade_type="UPGRADE_APP"
fi
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Making sure dedicated system user exists..."
# Create a dedicated user (if not existing)
ynh_system_user_create --username=$app --home_dir="$final_path"
#================================================= #=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE # DOWNLOAD, CHECK AND UNPACK SOURCE
#================================================= #=================================================
if [ "$upgrade_type" == "UPGRADE_APP" ]
then
ynh_script_progression --message="Upgrading source files..." ynh_script_progression --message="Upgrading source files..."
ynh_app_setting_set --app="$app" --key=final_path --value="$final_path" ynh_secure_remove --file="$final_path/api"
ynh_secure_remove --file="$final_path/front"
# Download, check integrity, uncompress and patch the source from app.src # Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$final_path/code" ynh_setup_source --dest_dir="$final_path/api" --source_id="api"
ynh_setup_source --dest_dir="$final_path/code" --source_id="app-frontend" ynh_setup_source --dest_dir="$final_path/front" --source_id="front"
fi
( chmod -R 750 "$final_path"
cd "$final_path" chmod -R o-rwx "$final_path"
mkdir -p code/config code/api code/data/static media import code/front chown -R $app:www-data "$final_path"
)
#================================================= #=================================================
# NGINX CONFIGURATION # NGINX CONFIGURATION
@ -118,7 +160,7 @@ ynh_setup_source --dest_dir="$final_path/code" --source_id="app-frontend"
ynh_script_progression --message="Upgrading NGINX web server configuration..." ynh_script_progression --message="Upgrading NGINX web server configuration..."
# Create a dedicated NGINX config # Create a dedicated NGINX config
ynh_add_nginx_config ynh_add_nginx_config "datadir"
#================================================= #=================================================
# UPGRADE DEPENDENCIES # UPGRADE DEPENDENCIES
@ -127,72 +169,47 @@ ynh_script_progression --message="Upgrading dependencies..."
ynh_install_app_dependencies $pkg_dependencies ynh_install_app_dependencies $pkg_dependencies
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Making sure dedicated system user exists..."
# Create a dedicated user (if not existing)
ynh_system_user_create --username="$app" --home_dir="$final_path"
#================================================= #=================================================
# SPECIFIC UPGRADE # SPECIFIC UPGRADE
#================================================= #=================================================
# PYTHON DEPENDENCIES # INSTALL PYTHON DEPENDENCIES
#================================================= #=================================================
ynh_script_progression --message="Installing Python dependencies..."
ynh_secure_remove --file="$final_path/code/virtualenv" pushd $final_path
virtualenv -p python3 "$final_path/code/virtualenv" ynh_secure_remove --file="$final_path/virtualenv"
( python3 -m venv $final_path/virtualenv
set +o nounset source $final_path/virtualenv/bin/activate
source "${final_path}/code/virtualenv/bin/activate"
set -o nounset
pip install --upgrade pip pip install --upgrade pip
pip install --upgrade setuptools pip install --upgrade setuptools
pip install wheel pip install wheel
pip install -r "${final_path}/code/api/requirements.txt" pip install -r api/requirements.txt
popd
# https://code.eliotberriot.com/funkwhale/funkwhale/tags/0.16
pip uninstall django-cacheops --yes
)
#================================================= #=================================================
# MODIFY THE CONFIG FILE # UPDATE A CONFIG FILE
#================================================= #=================================================
ynh_script_progression --message="Updating a config file..."
configfile="$final_path/code/config/.env" ynh_add_config --template="../conf/env.prod" --destination="$final_path/config/.env"
ynh_backup_if_checksum_is_different --file="$configfile"
cp ../conf/env.prod "$configfile"
key=$(ynh_string_random) chmod 400 "$final_path/config/.env"
chown $app:$app "$final_path/config/.env"
ynh_app_setting_set --app="$app" --key=key --value="$key"
ynh_replace_string --match_string="__REDIS_DB__" --replace_string="$redis_db" --target_file="$configfile"
ynh_replace_string --match_string="__PORT__" --replace_string="$port" --target_file="$configfile"
ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$configfile"
ynh_replace_string --match_string="__DBUSER__" --replace_string="$db_name" --target_file="$configfile"
ynh_replace_string --match_string="__DBPWD__" --replace_string="$db_pwd" --target_file="$configfile"
ynh_replace_string --match_string="__DBNAME__" --replace_string="$app" --target_file="$configfile"
ynh_replace_string --match_string="__FINALPATH__" --replace_string="$final_path" --target_file="$configfile"
ynh_replace_string --match_string="__KEY__" --replace_string="$key" --target_file="$configfile"
#================================================= #=================================================
# MIGRATE # UPGRADE FUNKWHALE
#================================================= #=================================================
ynh_script_progression --message="Upgrading Funkwhale..."
( pushd $final_path
set +o nounset source $final_path/virtualenv/bin/activate
source "${final_path}/code/virtualenv/bin/activate"
set -o nounset
cd "$final_path/code"
# needed for enabling the 'unaccent' extension # needed for enabling the 'unaccent' extension
ynh_psql_execute_as_root --sql="ALTER USER $db_user WITH SUPERUSER;" --database="$db_name" ynh_psql_execute_as_root --sql="ALTER USER $db_user WITH SUPERUSER;" --database="$db_name"
python api/manage.py migrate python api/manage.py migrate
ynh_psql_execute_as_root --sql="ALTER USER $db_user WITH NOSUPERUSER;" --database="$db_name" ynh_psql_execute_as_root --sql="ALTER USER $db_user WITH NOSUPERUSER;" --database="$db_name"
python api/manage.py collectstatic --clear --noinput echo "yes" | python api/manage.py collectstatic --clear --noinput
# https://code.eliotberriot.com/funkwhale/funkwhale/tags/0.16 # users-now-have-an-activitypub-actor-manual-action-required # https://code.eliotberriot.com/funkwhale/funkwhale/tags/0.16 # users-now-have-an-activitypub-actor-manual-action-required
# python api/manage.py script create_actors --no-input # python api/manage.py script create_actors --no-input
@ -209,65 +226,54 @@ ynh_replace_string --match_string="__KEY__" --replace_string="$key"
# Delete the original thumbnails and generate new ones for # Delete the original thumbnails and generate new ones for
# higher quality images # higher quality images
# https://docs.funkwhale.audio/changelog.html#increased-quality-of-jpeg-thumbnails-manual-action-required # https://docs.funkwhale.audio/changelog.html#increased-quality-of-jpeg-thumbnails-manual-action-required
ynh_secure_remove "$final_path/media/__sized__" ynh_secure_remove --file="$final_path/media/__sized__"
python api/manage.py fw media generate-thumbnails python api/manage.py fw media generate-thumbnails
) popd
#================================================= chmod -R 750 "$final_path"
# STORE THE CONFIG FILE CHECKSUM chmod -R o-rwx "$final_path"
#================================================= chown -R $app:www-data "$final_path"
# Recalculate and store the checksum of the file for the next upgrade.
ynh_store_file_checksum --file="$configfile"
#================================================= #=================================================
# SETUP SYSTEMD # SETUP SYSTEMD
#================================================= #=================================================
ynh_script_progression --message="Upgrading systemd configuration..." ynh_script_progression --message="Upgrading systemd configuration..."
cp ../conf/funkwhale.target "/etc/systemd/system/$app.target" ynh_add_config --template="../conf/funkwhale.target" --destination="/etc/systemd/system/$app.target"
ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="/etc/systemd/system/$app.target"
# Create a dedicated systemd config # Create a dedicated systemd config
ynh_add_systemd_config --service="$app-server" --template="funkwhale-server.service" ynh_add_systemd_config --service="${app}-server" --template="funkwhale-server.service" --others_var="datadir"
ynh_add_systemd_config --service="$app-worker" --template="funkwhale-worker.service" ynh_add_systemd_config --service="${app}-worker" --template="funkwhale-worker.service" --others_var="datadir"
ynh_add_systemd_config --service="$app-beat" --template="funkwhale-beat.service" ynh_add_systemd_config --service="${app}-beat" --template="funkwhale-beat.service" --others_var="datadir"
#================================================= #=================================================
# GENERIC FINALIZATION # GENERIC FINALIZATION
#================================================= #=================================================
# UPGRADE FAIL2BAN # INTEGRATE SERVICE IN YUNOHOST
#================================================= #=================================================
ynh_script_progression --message="Reconfiguring Fail2Ban..." ynh_script_progression --message="Integrating service in YunoHost..."
ynh_add_fail2ban_config --logpath="/var/log/nginx/$domain-access.log" --failregex="<HOST>.* \"POST /api/v1/token/ HTTP/1.1\" 400 68.*$" --max_retry=5 yunohost service add "${app}-beat"
yunohost service add "${app}-server"
#================================================= yunohost service add "${app}-worker"
# SECURE FILES AND DIRECTORIES
#=================================================
chown -R "$app": "$final_path"
chmod -R 755 "$final_path/code/front/dist/"
mkdir -p "/var/log/$app"
chown -R "$app": "/var/log/$app"
#=================================================
# ADVERTISE SERVICE IN ADMIN PANEL
#=================================================
yunohost service add "$app-server" --log="/var/log/$app/server.log"
yunohost service add "$app-worker" --log="/var/log/$app/worker.log"
yunohost service add "$app-beat" --log="/var/log/$app/beat.log"
#================================================= #=================================================
# START SYSTEMD SERVICE # START SYSTEMD SERVICE
#================================================= #=================================================
ynh_script_progression --message="Starting a systemd service..." ynh_script_progression --message="Starting a systemd service..."
ynh_systemd_action --action="start" --service_name="${app}-beat" # Start a systemd service
ynh_systemd_action --action="start" --service_name="${app}-server" ynh_systemd_action --service_name="${app}-beat" --action="start" --log_path="systemd" --line_match="Running with the following plugins enabled"
ynh_systemd_action --action="start" --service_name="${app}-worker" ynh_systemd_action --service_name="${app}-server" --action="start" --log_path="systemd" --line_match="Application startup complete"
ynh_systemd_action --service_name="${app}-worker" --action="start" --log_path="systemd" --line_match="Running with the following plugins enabled"
#=================================================
# UPGRADE FAIL2BAN
#=================================================
ynh_script_progression --message="Reconfiguring Fail2Ban..."
# Create a dedicated Fail2Ban config
ynh_add_fail2ban_config --logpath="/var/log/nginx/$domain-access.log" --failregex="<HOST>.* \"POST /api/v1/token/ HTTP/1.1\" 400 68.*$" --max_retry=5
#================================================= #=================================================
# RELOAD NGINX # RELOAD NGINX
@ -276,12 +282,6 @@ ynh_script_progression --message="Reloading NGINX web server..."
ynh_systemd_action --service_name=nginx --action=reload ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# REMOVE CODE MIGRATION FLAG
#=================================================
ynh_app_setting_set --app="$app" --key=code_migration --value=2
#================================================= #=================================================
# END OF SCRIPT # END OF SCRIPT
#================================================= #=================================================

View file

@ -1,77 +0,0 @@
django~=3.0.8
setuptools>=49
# Configuration
django-environ~=0.4.0
# Images
Pillow~=7.0.0
django-allauth~=0.42.0
psycopg2-binary~=2.8.0
# Time zones support
pytz==2020.1
# Redis support
django-redis~=4.12.0
redis~=3.5.0
kombu~=4.6.0
celery~=4.4.0
# Your custom requirements go here
django-cors-headers~=3.4.0
musicbrainzngs~=0.7.1
djangorestframework~=3.11.0
djangorestframework-jwt~=1.11.0
arrow~=0.15.5
persisting-theory~=0.2.0
django-versatileimagefield~=2.0.0
django-filter~=2.3.0
django-rest-auth~=0.9.0
ipython~=7.10.0
mutagen~=1.45.0
pymemoize~=1.0.0
django-dynamic-preferences~=1.10
raven~=6.10.0
python-magic~=0.4.0
channels~=2.4.0
channels_redis~=3.0.0
uvicorn[standard]~=0.12.0
gunicorn~=20.0.0
cryptography~=2.9.0
# requests-http-signature==0.0.3
# clone until the branch is merged and released upstream
git+https://github.com/agateblue/requests-http-signature.git@signature-header-support
django-cleanup~=5.0.0
requests~=2.24.0
pyOpenSSL~=19.1.0
# for LDAP authentication
python-ldap~=3.3.0
django-auth-ldap~=2.2.0
pydub~=0.24.0
pyld~=1.0.0
aiohttp~=3.6.0
django-oauth-toolkit~=1.3.0
django-storages~=1.9.0
boto3~=1.14.0
unicode-slugify~=0.1.0
django-cacheops~=5.0.0
click~=7.1.0
service_identity~=18.1.0
markdown~=3.2.0
bleach~=3.1.0
feedparser~=6.0.0
watchdog~=1.0.2
## Pin third party dependency to avoid issue with latest version
twisted==20.3.0