1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/funkwhale_ynh.git synced 2024-09-03 18:36:24 +02:00

Merge pull request #42 Upgrade to 0.17

Upgrade to 0.17
This commit is contained in:
Jean-Baptiste 2018-10-24 23:30:54 +02:00 committed by GitHub
commit 530c550ce6
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
15 changed files with 199 additions and 89 deletions

View file

@ -5,11 +5,11 @@ A modern, convivial and free music server on YunoHost
Installation requires a dedicated domain for now. I hope subpath installation will be possible in the future.
**Shipped version:** 0.16.3 (this is an Alpha version!)
**Shipped version:** 0.17.0 (this is an Alpha version!)
## Admin
Admin password is **funkwhale**, login is the user you provided at installation.
The admin uses the login you provided at installation. The password is the same you use for YunoHost.
The admin interface is accessible with the address: your.domain.fr/api/admin
@ -24,6 +24,9 @@ The admin interface is accessible with the address: your.domain.fr/api/admin
* [x] [CLI Import](https://docs.funkwhale.audio/importing-music.html#from-music-directory-on-the-server) Remember to `source $final_path/venv/bin/activate`, then `source $final_path/load_env` before typinh using manage.py.
* [x] ARM support
* end-user configuration required:
* [x] LDAP integration
* to be added:
* [ ] Store files in HOME, see https://github.com/YunoHost-Apps/funkwhale_ynh/issues/15

View file

@ -17,6 +17,7 @@
setup_public=1
upgrade=1
upgrade=1 from_commit=11c81c1f503691272df5002dad8278bd82f34535
upgrade=1 from_commit=80a5044d13a6782063fee2d7fb7a01832a6aa767
backup_restore=1
multi_instance=1
incorrect_path=0
@ -41,4 +42,7 @@ Notification=all
;;; Upgrade options
; commit=11c81c1f503691272df5002dad8278bd82f34535
name=Upgrade from 0.15~ynh2
manifest_arg=domain=DOMAIN&path=/&admin=USER&is_public=1
; commit=80a5044d13a6782063fee2d7fb7a01832a6aa767
name=Upgrade from 0.16.3
manifest_arg=domain=DOMAIN&path=/&admin=USER&is_public=1

View file

@ -1,5 +1,5 @@
SOURCE_URL=https://code.eliotberriot.com/funkwhale/funkwhale/-/jobs/artifacts/0.16.3/download?job=build_front
SOURCE_SUM=a75161e6cbf8e87ee534947f20c12e84f9ed121f10c9d9e63989703c002195a1
SOURCE_URL=https://code.eliotberriot.com/funkwhale/funkwhale/-/jobs/artifacts/0.17/download?job=build_front
SOURCE_SUM=3578e1c60da578681c4e60a94dde1e18511f2455814c980b24748c87ffb8b4a2
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=zip
SOURCE_IN_SUBDIR=false

View file

@ -1,5 +1,5 @@
SOURCE_URL=https://code.eliotberriot.com/funkwhale/funkwhale/-/archive/0.16.3/funkwhale-0.16.3.tar.bz2
SOURCE_SUM=6484c357fccc107a6950e4be80a9e349ec4ea962ac4df47d54c73c184786557a
SOURCE_URL=https://code.eliotberriot.com/funkwhale/funkwhale/-/archive/0.17/funkwhale-0.17.tar.bz2
SOURCE_SUM=100eb3dfa5285eb9886d05dd575251e24cf43525596083b3793e8f80e369db1b
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.bz2
SOURCE_IN_SUBDIR=true

View file

@ -5,16 +5,19 @@
# following variables:
# - DJANGO_SECRET_KEY
# - DJANGO_ALLOWED_HOSTS
# - FUNKWHALE_URL
# - FUNKWHALE_HOSTNAME
# - EMAIL_CONFIG and DEFAULT_FROM_EMAIL if you plan to send emails)
# On non-docker setup **only**, you'll also have to tweak/uncomment those variables:
# - DATABASE_URL
# - CACHE_URL
# - STATIC_ROOT
# - MEDIA_ROOT
#
# You **don't** need to update those variables on pure docker setups.
#
# Additional options you may want to check:
# - MUSIC_DIRECTORY_PATH and MUSIC_DIRECTORY_SERVE_PATH if you plan to use
# in-place import
#
# Docker only
# -----------
@ -24,9 +27,7 @@
# You can comment or ignore this if you're not using docker
# FUNKWHALE_VERSION=latest
# In-place import, see https://code.eliotberriot.com/funkwhale/funkwhale/tags/0.10
MUSIC_DIRECTORY_SERVE_PATH=__FINALPATH__/data/music
MUSIC_DIRECTORY_PATH=/music
# End of Docker-only configuration
# General configuration
# ---------------------
@ -78,12 +79,12 @@ CACHE_URL=redis://127.0.0.1:6379/__REDIS_DB__
# Where media files (such as album covers or audio tracks) should be stored
# on your system?
# (Ensure this directory actually exists)
MEDIA_ROOT=__FINALPATH__/data/media
MEDIA_ROOT=__FINALPATH__/media
# Where static files (such as API css or icons) should be compiled
# on your system?
# (Ensure this directory actually exists)
STATIC_ROOT=__FINALPATH__/data/static
STATIC_ROOT=__FINALPATH__/code/data/static
# Update it to match the domain that will be used to reach your funkwhale
# instance
@ -107,3 +108,37 @@ DJANGO_SECRET_KEY=__KEY__
# This will help us detect and correct bugs
RAVEN_ENABLED=false
RAVEN_DSN=https://44332e9fdd3d42879c7d35bf8562c6a4:0062dc16a22b41679cd5765e5342f716@sentry.eliotberriot.com/5
# In-place import settings
# You can safely leave those settings uncommented if you don't plan to use
# in place imports.
# Typical docker setup:
# MUSIC_DIRECTORY_PATH=/srv/funkwhale/data/music
# MUSIC_DIRECTORY_SERVE_PATH=/music # docker-only
# Typical non-docker setup:
# MUSIC_DIRECTORY_PATH=/srv/funkwhale/data/music
# # MUSIC_DIRECTORY_SERVE_PATH= # stays commented, not needed
MUSIC_DIRECTORY_SERVE_PATH=__FINALPATH__/import
MUSIC_DIRECTORY_PATH=__FINALPATH__/import
# LDAP settings
# Use the following options to allow authentication on your Funkwhale instance
# using a LDAP directory.
# Have a look at https://docs.funkwhale.audio/installation/ldap.html for
# detailed instructions.
LDAP_ENABLED=True
LDAP_SERVER_URI=ldap://localhost:389
# enable anonymous searches https://django-auth-ldap.readthedocs.io/en/latest/authentication.html?highlight=anonymous#search-bind
LDAP_BIND_DN=''
LDAP_BIND_PASSWORD=''
LDAP_SEARCH_FILTER=(|(uid={0}))
LDAP_START_TLS=False
LDAP_ROOT_DN=ou=users,dc=yunohost,dc=org
LDAP_USER_ATTR_MAP={"username":"uid"}
FUNKWHALE_FRONTEND_PATH=/srv/funkwhale/front/dist
# Nginx related configuration
NGINX_MAX_BODY_SIZE=30M

View file

@ -5,10 +5,24 @@ PartOf=__APP__.target
[Service]
User=__APP__
# adapt this depending on the path of your funkwhale installation
WorkingDirectory=__FINALPATH__/api
EnvironmentFile=__FINALPATH__/config/.env
ExecStart=__FINALPATH__/virtualenv/bin/celery -A funkwhale_api.taskapp beat -l INFO
Group=__APP__
WorkingDirectory=__FINALPATH__/code/api
EnvironmentFile=__FINALPATH__/code/config/.env
ExecStart=__FINALPATH__/code/virtualenv/bin/celery -A funkwhale_api.taskapp beat -l INFO
NoNewPrivileges=true
PrivateDevices=true
PrivateTmp=true
ProtectHome=true
ProtectSystem=strict
ProtectControlGroups=yes
ProtectKernelModules=yes
ReadOnlyPaths=__FINALPATH__/code/config/.env __FINALPATH__/code/
ReadWritePaths=__FINALPATH__/media __FINALPATH__/import __FINALPATH__/code/api
StandardOutput=syslog
StandardError=syslog
SyslogIdentifier=__APP__-beat
[Install]
WantedBy=multi-user.target

View file

@ -5,10 +5,24 @@ PartOf=__APP__.target
[Service]
User=__APP__
# adapt this depending on the path of your funkwhale installation
WorkingDirectory=__FINALPATH__/api
EnvironmentFile=__FINALPATH__/config/.env
ExecStart=__FINALPATH__/virtualenv/bin/daphne -b ${FUNKWHALE_API_IP} -p ${FUNKWHALE_API_PORT} config.asgi:application --proxy-headers
Group=__APP__
WorkingDirectory=__FINALPATH__/code/api
EnvironmentFile=__FINALPATH__/code/config/.env
ExecStart=__FINALPATH__/code/virtualenv/bin/daphne -b ${FUNKWHALE_API_IP} -p ${FUNKWHALE_API_PORT} config.asgi:application --proxy-headers
NoNewPrivileges=true
PrivateDevices=true
PrivateTmp=true
ProtectHome=true
ProtectSystem=strict
ProtectControlGroups=yes
ProtectKernelModules=yes
ReadOnlyPaths=__FINALPATH__/code/config/.env __FINALPATH__/code/
ReadWritePaths=__FINALPATH__/media __FINALPATH__/import
StandardOutput=syslog
StandardError=syslog
SyslogIdentifier=__APP__-server
[Install]
WantedBy=multi-user.target

View file

@ -5,10 +5,24 @@ PartOf=__APP__.target
[Service]
User=__APP__
# adapt this depending on the path of your funkwhale installation
WorkingDirectory=__FINALPATH__/api
EnvironmentFile=__FINALPATH__/config/.env
ExecStart=__FINALPATH__/virtualenv/bin/celery -A funkwhale_api.taskapp worker -l INFO
Group=__APP__
WorkingDirectory=__FINALPATH__/code/api
EnvironmentFile=__FINALPATH__/code/config/.env
ExecStart=__FINALPATH__/code/virtualenv/bin/celery -A funkwhale_api.taskapp worker -l INFO
NoNewPrivileges=true
PrivateDevices=true
PrivateTmp=true
ProtectHome=true
ProtectSystem=strict
ProtectControlGroups=yes
ProtectKernelModules=yes
ReadOnlyPaths=__FINALPATH__/code/config/.env __FINALPATH__/code/
ReadWritePaths=__FINALPATH__/media __FINALPATH__/import
StandardOutput=syslog
StandardError=syslog
SyslogIdentifier=__APP__-worker
[Install]
WantedBy=multi-user.target

View file

@ -1,5 +1,5 @@
location / {
alias __FINALPATH__/front/dist/;
alias __FINALPATH__/code/front/dist/;
if ($scheme = http) {
rewrite ^ https://$server_name$request_uri? permanent;
@ -13,24 +13,24 @@ location @rewrites {
}
location /api/ {
include __FINALPATH__/deploy/funkwhale_proxy.conf;
include __FINALPATH__/code/deploy/funkwhale_proxy.conf;
# this is needed if you have file import via upload enabled
client_max_body_size 30M;
proxy_pass http://127.0.0.1:__PORT__/api/;
}
location /federation/ {
include __FINALPATH__/deploy/funkwhale_proxy.conf;
include __FINALPATH__/code/deploy/funkwhale_proxy.conf;
proxy_pass http://127.0.0.1:__PORT__/federation/;
}
location /.well-known/ {
include __FINALPATH__/deploy/funkwhale_proxy.conf;
include __FINALPATH__/code/deploy/funkwhale_proxy.conf;
proxy_pass http://127.0.0.1:__PORT__/.well-known/;
}
location /media/ {
alias __FINALPATH__/data/media/;
alias __FINALPATH__/media/;
}
location __PATH__/_protected/media/ {
@ -38,7 +38,7 @@ location __PATH__/_protected/media/ {
# audio files once correct permission / authentication
# has been checked on API side
internal;
alias __FINALPATH__/data/media/;
alias __FINALPATH__/media/;
}
# Transcoding logic and caching
@ -47,7 +47,7 @@ location __PATH__/_protected/media/ {
# https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_cache
location = /transcode-auth {
include __FINALPATH__/deploy/funkwhale_proxy.conf;
include __FINALPATH__/code/deploy/funkwhale_proxy.conf;
# needed so we can authenticate transcode requests, but still
# cache the result
internal;
@ -62,7 +62,7 @@ location = /transcode-auth {
}
location /api/v1/trackfiles/transcode/ {
include __FINALPATH__/deploy/funkwhale_proxy.conf;
include __FINALPATH__/code/deploy/funkwhale_proxy.conf;
# this block deals with authenticating and caching transcoding
# requests. Caching is heavily recommended as transcoding
# is a CPU intensive process.
@ -82,15 +82,15 @@ location /api/v1/trackfiles/transcode/ {
location /staticfiles/ {
# django static files
alias __FINALPATH__/data/static/;
alias __FINALPATH__/code/data/static/;
}
location /rest/ {
include __FINALPATH__/deploy/funkwhale_proxy.conf;
proxy_pass http://127.0.0.1:__PORT__/api/subsonic/rest/;
include __FINALPATH__/code/deploy/funkwhale_proxy.conf;
proxy_pass http://127.0.0.1:__PORT__/code/api/subsonic/rest/;
}
location /_protected/music {
internal;
alias __FINALPATH__/data/music;
alias __FINALPATH__/import;
}

View file

@ -3,12 +3,12 @@
"id": "funkwhale",
"packaging_format": 1,
"requirements": {
"yunohost": ">= 3.0.0"
"yunohost": ">= 3.2.0"
},
"description": {
"en": "A modern, convivial and free music server"
},
"version": "0.16.3~ynh1",
"version": "0.17.0~ynh2",
"url": "https://funkwhale.audio",
"license": "BSD-3-Clause",
"maintainer": {

View file

@ -38,7 +38,15 @@ db_name=$(ynh_app_setting_get "$app" db_name)
# BACKUP THE APP MAIN DIR
#=================================================
ynh_backup "$final_path"
backup_core_only=$(ynh_app_setting_get "$app" backup_core_only)
# If backup_core_only have any value in the settings.yml file, do not backup the data directory
if [ -z "$backup_core_only" ]
then
ynh_backup "$final_path"
else
echo "Data dir will not be saved, because backup_core_only is set." >&2
ynh_backup "$final_path/code"
fi
#=================================================
# BACKUP THE NGINX CONFIGURATION

View file

@ -72,7 +72,7 @@ ynh_app_setting_set "$app" port "$port"
ynh_install_app_dependencies build-essential curl ffmpeg \
libjpeg-dev libmagic-dev libpq-dev postgresql python3-dev python3-venv \
redis-server \
redis-server libldap2-dev libsasl2-dev \
`# add arm support` \
zlib1g-dev libffi-dev libssl-dev
@ -85,11 +85,12 @@ ynh_psql_test_if_first_run
db_name=$(ynh_sanitize_dbid "$app")
db_user=$db_name
db_pwd=$(ynh_string_random)
# Initialize database and store postgres password for upgrade
ynh_psql_create_db "$db_name" "$db_user" "$db_pwd"
ynh_app_setting_set "$app" db_name "$db_name"
ynh_app_setting_set "$app" psqlpwd "$db_pwd"
# Initialize database and store postgres password for upgrade
ynh_psql_create_db "$db_name" "$db_user" "$db_pwd"
systemctl reload postgresql
#=================================================
@ -98,12 +99,12 @@ systemctl reload postgresql
ynh_app_setting_set "$app" final_path "$final_path"
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source "$final_path"
ynh_setup_source "$final_path" "app-frontend"
ynh_setup_source "$final_path/code"
ynh_setup_source "$final_path/code" "app-frontend"
(
cd "$final_path"
mkdir -p config api data/static data/media data/music front
mkdir -p code/config code/api code/data/static media import code/front
)
#=================================================
@ -138,22 +139,22 @@ ynh_system_user_create "$app" "$final_path"
# PYTHON DEPENDENCIES
#=================================================
python3 -m venv "$final_path/virtualenv"
python3 -m venv "$final_path/code/virtualenv"
(
set +o nounset
source "${final_path}/virtualenv/bin/activate"
source "${final_path}/code/virtualenv/bin/activate"
set -o nounset
pip install --upgrade pip
pip install --upgrade setuptools
pip install wheel
pip install -r "${final_path}/api/requirements.txt"
pip install -r "${final_path}/code/api/requirements.txt"
)
#=================================================
# MODIFY THE CONFIG FILE
#=================================================
configfile="$final_path/config/.env"
configfile="$final_path/code/config/.env"
cp ../conf/env.prod "$configfile"
@ -172,12 +173,12 @@ ynh_replace_string "__DBNAME__" "$app" "$configfile"
ynh_replace_string "__FINALPATH__" "$final_path" "$configfile"
ynh_replace_string "__KEY__" "$key" "$configfile"
cat > "$final_path/load_env" <<'EOL'
cat > "$final_path/code/load_env" <<'EOL'
#!/bin/bash
export $(cat "$final_path/config/.env" | grep -v ^# | xargs)
export $(cat "$final_path/code/config/.env" | grep -v ^# | xargs)
EOL
chmod +x "$final_path/load_env"
chmod +x "$final_path/code/load_env"
#=================================================
# MODIFY THE CONFIG FILE
@ -186,10 +187,10 @@ chmod +x "$final_path/load_env"
admin_mail=$(ynh_user_get_info "$admin" "mail")
(
set +o nounset
source "${final_path}/virtualenv/bin/activate"
source "${final_path}/load_env"
source "${final_path}/code/virtualenv/bin/activate"
source "${final_path}/code/load_env"
set -o nounset
cd "$final_path"
cd "$final_path/code/"
# needed for enabling the 'unaccent' extension
ynh_psql_execute_as_root "ALTER USER $db_user WITH SUPERUSER;"
@ -220,21 +221,17 @@ systemctl restart "$app".target
#=================================================
chown -R "$app": "$final_path"
chmod -R 755 "$final_path/front/dist/"
chmod -R 755 "$final_path/code/front/dist/"
#=================================================
# SETUP SSOWAT
#=================================================
if [ "$is_public" -eq 0 ]
then # Remove the public access
ynh_app_setting_delete "$app" skipped_uris
fi
# Make app public if necessary
if [ "$is_public" -eq 1 ]
then
# unprotected_uris allows SSO credentials to be passed anyway.
ynh_app_setting_set "$app" unprotected_uris "/"
# makes sure no SSO credentials to be passed
ynh_app_setting_set "$app" skipped_uris "/"
fi
#=================================================

View file

@ -28,12 +28,13 @@ redis_db=$(ynh_app_setting_get $app redis_db)
# STOP AND REMOVE SERVICE
#=================================================
systemctl stop "$app".target
# Remove the dedicated systemd config
ynh_remove_systemd_config "$app-server"
ynh_remove_systemd_config "$app-worker"
ynh_remove_systemd_config "$app-beat"
systemctl stop "$app".target
ynh_secure_remove "/etc/systemd/system/$app.target"
#=================================================

View file

@ -57,7 +57,18 @@ ynh_restore_file "/etc/nginx/conf.d/$domain.conf"
# RESTORE THE APP MAIN DIR
#=================================================
ynh_restore_file "$final_path"
backup_core_only=$(ynh_app_setting_get "$app" backup_core_only)
# If backup_core_only have any value, then restore only code
if [ -z "$backup_core_only" ]
then
ynh_restore_file "$final_path/code"
else
ynh_restore_file "$final_path"
fi
# Remove the option backup_core_only if it's in the settings.yml file
ynh_app_setting_delete "$app" backup_core_only
#=================================================
# RECREATE THE DEDICATED USER

View file

@ -35,10 +35,21 @@ if [ -z "$redis_db" ]; then
ynh_app_setting_set "$app" redis_db "$redis_db"
fi
# make sure we have the last code organization
if [ ! -d "$final_path/code/" ]; then
mkdir "$final_path/code"
mv "$final_path/!(code)" "$final_path/code/"
mv "$final_path/code/data/media" "$final_path/media"
mv "$final_path/code/data/music" "$final_path/import"
fi
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
# Inform the backup/restore process that it should not save the data directory
ynh_app_setting_set "$app" backup_core_only 1
# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
@ -63,12 +74,12 @@ path_url=$(ynh_normalize_url_path "$path_url")
ynh_app_setting_set "$app" final_path "$final_path"
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source "$final_path"
ynh_setup_source "$final_path" "app-frontend"
ynh_setup_source "$final_path/code"
ynh_setup_source "$final_path/code" "app-frontend"
(
cd "$final_path"
mkdir -p config api data/static data/media data/music front
mkdir -p code/config code/api code/data/static media import code/front
)
#=================================================
@ -118,15 +129,15 @@ ynh_install_app_dependencies build-essential curl ffmpeg \
# PYTHON DEPENDENCIES
#=================================================
python3 -m venv "$final_path/virtualenv"
python3 -m venv "$final_path/code/virtualenv"
(
set +o nounset
source "${final_path}/virtualenv/bin/activate"
source "${final_path}/code/virtualenv/bin/activate"
set -o nounset
pip install --upgrade pip
pip install --upgrade setuptools
pip install wheel
pip install -r "${final_path}/api/requirements.txt"
pip install -r "${final_path}/code/api/requirements.txt"
# https://code.eliotberriot.com/funkwhale/funkwhale/tags/0.16
pip uninstall django-cacheops --yes
@ -136,7 +147,7 @@ python3 -m venv "$final_path/virtualenv"
# MODIFY THE CONFIG FILE
#=================================================
configfile="$final_path/config/.env"
configfile="$final_path/code/config/.env"
cp ../conf/env.prod "$configfile"
@ -153,12 +164,12 @@ ynh_replace_string "__DBNAME__" "$app" "$configfile"
ynh_replace_string "__FINALPATH__" "$final_path" "$configfile"
ynh_replace_string "__KEY__" "$key" "$configfile"
cat > "$final_path/load_env" <<'EOL'
cat > "$final_path/code/load_env" <<'EOL'
#!/bin/bash
export $(cat "$final_path/config/.env" | grep -v ^# | xargs)
export $(cat "$final_path/code/config/.env" | grep -v ^# | xargs)
EOL
chmod +x "$final_path/load_env"
chmod +x "$final_path/code/load_env"
#=================================================
# MIGRATE
@ -166,10 +177,10 @@ chmod +x "$final_path/load_env"
(
set +o nounset
source "${final_path}/virtualenv/bin/activate"
source "${final_path}/load_env"
source "${final_path}/code/virtualenv/bin/activate"
source "${final_path}/code/load_env"
set -o nounset
cd "$final_path"
cd "$final_path/code"
# needed for enabling the 'unaccent' extension
ynh_psql_execute_as_root "ALTER USER $db_user WITH SUPERUSER;"
@ -182,6 +193,9 @@ chmod +x "$final_path/load_env"
python api/manage.py script create_actors --no-input
# https://code.eliotberriot.com/funkwhale/funkwhale/tags/0.16 #image-thumbnails-manual-action-required
python api/manage.py script create_image_variations --no-input
# https://docs.funkwhale.audio/upgrading/0.17.html#upgrade-instructions
python api/manage.py script migrate_to_user_libraries --no-input
)
#=================================================
@ -205,23 +219,18 @@ systemctl restart "$app".target
#=================================================
chown -R "$app": "$final_path"
chmod -R 755 "$final_path/front/dist/"
chmod -R 755 "$final_path/code/front/dist/"
#=================================================
# SETUP SSOWAT
#=================================================
if [ "$is_public" -eq 0 ]
then # Remove the public access
ynh_app_setting_delete "$app" skipped_uris
fi
# Make app public if necessary
if [ "$is_public" -eq 1 ]
then
# unprotected_uris allows SSO credentials to be passed anyway
ynh_app_setting_set "$app" unprotected_uris "/"
# makes sure no SSO credentials to be passed
ynh_app_setting_set "$app" skipped_uris "/"
fi
#=================================================
# RELOAD NGINX
#=================================================