mirror of
https://github.com/YunoHost-Apps/funkwhale_ynh.git
synced 2024-09-03 18:36:24 +02:00
commit
d04155fe4f
22 changed files with 287 additions and 689 deletions
16
README.md
16
README.md
|
@ -18,7 +18,7 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in
|
||||||
|
|
||||||
Funkwhale is a community-driven project that lets you listen and share music and audio within a decentralized, open network.
|
Funkwhale is a community-driven project that lets you listen and share music and audio within a decentralized, open network.
|
||||||
|
|
||||||
**Shipped version:** 1.2.10~ynh2
|
**Shipped version:** 1.2.10~ynh3
|
||||||
|
|
||||||
**Demo:** https://demo.funkwhale.audio
|
**Demo:** https://demo.funkwhale.audio
|
||||||
|
|
||||||
|
@ -26,20 +26,6 @@ Funkwhale is a community-driven project that lets you listen and share music and
|
||||||
|
|
||||||
![Screenshot of Funkwhale](./doc/screenshots/screenshot1.png)
|
![Screenshot of Funkwhale](./doc/screenshots/screenshot1.png)
|
||||||
|
|
||||||
## Disclaimers / important information
|
|
||||||
|
|
||||||
* Installation requires a dedicated domain or subdomain. Installing in a subpath is not supported by the upstream project due to dependency requirements.
|
|
||||||
|
|
||||||
* Admin
|
|
||||||
* The admin uses the login you provided at installation. The password is the same you use for YunoHost.
|
|
||||||
* The admin interface is accessible at the address: `your.domain.fr/api/admin`
|
|
||||||
|
|
||||||
To add a collection of music files to a library in your YunoHost installation of Funkwhale, create a symlink to your collection titled "music" in `/home/yunohost.app/funkwhale/data`
|
|
||||||
```console
|
|
||||||
foo@bar:~$sudo ln -s /your/music/collection /home/yunohost.app/funkwhale/data/music
|
|
||||||
```
|
|
||||||
The files can then be added to your library from the *uploading* tab in a music library under the heading **Import music from your server**.
|
|
||||||
|
|
||||||
## Documentation and resources
|
## Documentation and resources
|
||||||
|
|
||||||
* Official app website: <https://funkwhale.audio/>
|
* Official app website: <https://funkwhale.audio/>
|
||||||
|
|
14
README_fr.md
14
README_fr.md
|
@ -18,7 +18,7 @@ Si vous n’avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) po
|
||||||
|
|
||||||
Funkwhale est un projet communautaire qui vous permet d'écouter et de partager de la musique et de l'audio au sein d'un réseau ouvert et décentralisé.
|
Funkwhale est un projet communautaire qui vous permet d'écouter et de partager de la musique et de l'audio au sein d'un réseau ouvert et décentralisé.
|
||||||
|
|
||||||
**Version incluse :** 1.2.10~ynh2
|
**Version incluse :** 1.2.10~ynh3
|
||||||
|
|
||||||
**Démo :** https://demo.funkwhale.audio
|
**Démo :** https://demo.funkwhale.audio
|
||||||
|
|
||||||
|
@ -26,18 +26,6 @@ Funkwhale est un projet communautaire qui vous permet d'écouter et de partager
|
||||||
|
|
||||||
![Capture d’écran de Funkwhale](./doc/screenshots/screenshot1.png)
|
![Capture d’écran de Funkwhale](./doc/screenshots/screenshot1.png)
|
||||||
|
|
||||||
## Avertissements / informations importantes
|
|
||||||
|
|
||||||
* L'installation nécessite un domaine ou un sous-domaine dédié. L'installation dans un chemin du domaine n'est pas prise en charge par le projet en amont en raison des exigences de dépendance.
|
|
||||||
|
|
||||||
* Admin
|
|
||||||
* L'administrateur utilise le login que vous avez fourni lors de l'installation. Le mot de passe est le même que celui que vous utilisez pour YunoHost.
|
|
||||||
* L'interface d'administration est accessible à l'adresse : votre.domaine.fr/api/admin
|
|
||||||
|
|
||||||
Pour ajouter une collection de fichiers musicaux à une bibliothèque dans votre installation YunoHost de Funkwhale, créez un lien symbolique vers votre collection intitulée "music" dans `/home/yunohost.app/funkwhale/data/`.
|
|
||||||
`foo@bar:~$sudo ln -s /your/music/collection /home/yunohost.app/funkwhale/data/music`
|
|
||||||
Les fichiers peuvent ensuite être ajoutés à votre bibliothèque à partir de l'onglet *Envoi* dans une bibliothèque musicale sous la rubrique **Importer de la musique de votre serveur**.
|
|
||||||
|
|
||||||
## Documentations et ressources
|
## Documentations et ressources
|
||||||
|
|
||||||
* Site officiel de l’app : <https://funkwhale.audio/>
|
* Site officiel de l’app : <https://funkwhale.audio/>
|
||||||
|
|
|
@ -1,40 +0,0 @@
|
||||||
;; Test complet
|
|
||||||
; Manifest
|
|
||||||
domain="domain.tld"
|
|
||||||
is_public=1
|
|
||||||
admin="john"
|
|
||||||
; Checks
|
|
||||||
pkg_linter=1
|
|
||||||
setup_sub_dir=0
|
|
||||||
setup_root=1
|
|
||||||
setup_nourl=0
|
|
||||||
setup_private=1
|
|
||||||
setup_public=1
|
|
||||||
upgrade=1
|
|
||||||
# 1.1~ynh1
|
|
||||||
upgrade=1 from_commit=8172790fb461d16f09089593fdac380f0d499c83
|
|
||||||
# 1.1.1~ynh1
|
|
||||||
upgrade=0 from_commit=fa9587f61e4bb4f9db8667b1c6701ede37ac8e91
|
|
||||||
# 1.1.2~ynh1
|
|
||||||
upgrade=1 from_commit=74255c1c278562eb174fb13ce538d4754f01186c
|
|
||||||
# 1.1.4~ynh2
|
|
||||||
upgrade=1 from_commit=313335d5aa851a497fa92cd7ac264f989e1052d9
|
|
||||||
# 1.2.1~ynh1
|
|
||||||
upgrade=0 from_commit=9fc8b84ba24260e28f791aa9c47688c1a1f085c2
|
|
||||||
# 1.2.2~ynh2
|
|
||||||
upgrade=0 from_commit=192afe93f66bb08cc7d487db02dc4d187e5b29e2
|
|
||||||
# 1.2.3~ynh1
|
|
||||||
upgrade=0 from_commit=1c1b64b8b04ee917a63580dce21d149182ee319d
|
|
||||||
# 1.2.4~ynh1
|
|
||||||
upgrade=0 from_commit=5961e7283e52963329e30ca22df4d5505adfc256
|
|
||||||
#1.2.5~ynh1
|
|
||||||
upgrade=0 from_commit=a070baf105a94ac6fefc280f0335b044db643ec8
|
|
||||||
#1.2.7~ynh1
|
|
||||||
upgrade=0 from_commit=557386e0c1306f78c43ccf2e5ec7b3b46a07ab56
|
|
||||||
backup_restore=1
|
|
||||||
multi_instance=1
|
|
||||||
port_already_use=0
|
|
||||||
change_url=1
|
|
||||||
;;; Options
|
|
||||||
Email=cda@rootkey.co.uk
|
|
||||||
Notification=all
|
|
|
@ -1,7 +0,0 @@
|
||||||
SOURCE_URL=https://dev.funkwhale.audio/funkwhale/funkwhale/-/jobs/artifacts/1.2.10/download?job=build_api
|
|
||||||
SOURCE_SUM=fc6f54d37993f74e057d1a59438e21b68a8cff1a7f9438415459ede7cf7f09d0
|
|
||||||
SOURCE_SUM_PRG=sha256sum
|
|
||||||
SOURCE_FORMAT=zip
|
|
||||||
SOURCE_IN_SUBDIR=true
|
|
||||||
SOURCE_FILENAME=
|
|
||||||
SOURCE_EXTRACT=true
|
|
|
@ -110,12 +110,12 @@ CACHE_URL=redis://127.0.0.1:6379/__REDIS_DB__
|
||||||
# Where media files (such as album covers or audio tracks) should be stored
|
# Where media files (such as album covers or audio tracks) should be stored
|
||||||
# on your system?
|
# on your system?
|
||||||
# (Ensure this directory actually exists)
|
# (Ensure this directory actually exists)
|
||||||
MEDIA_ROOT=__DATADIR__/media
|
MEDIA_ROOT=__DATA_DIR__/data/media
|
||||||
|
|
||||||
# Where static files (such as API css or icons) should be compiled
|
# Where static files (such as API css or icons) should be compiled
|
||||||
# on your system?
|
# on your system?
|
||||||
# (Ensure this directory actually exists)
|
# (Ensure this directory actually exists)
|
||||||
STATIC_ROOT=__DATADIR__/static
|
STATIC_ROOT=__DATA_DIR__/data/static
|
||||||
|
|
||||||
# which settings module should django use?
|
# which settings module should django use?
|
||||||
# You don't have to touch this unless you really know what you're doing
|
# You don't have to touch this unless you really know what you're doing
|
||||||
|
@ -138,8 +138,8 @@ DJANGO_SECRET_KEY=__KEY__
|
||||||
# MUSIC_DIRECTORY_PATH=/srv/funkwhale/data/music
|
# MUSIC_DIRECTORY_PATH=/srv/funkwhale/data/music
|
||||||
# # MUSIC_DIRECTORY_SERVE_PATH= # stays commented, not needed
|
# # MUSIC_DIRECTORY_SERVE_PATH= # stays commented, not needed
|
||||||
|
|
||||||
MUSIC_DIRECTORY_PATH=__DATADIR__/music
|
MUSIC_DIRECTORY_PATH=__DATA_DIR__/data/music
|
||||||
#MUSIC_DIRECTORY_SERVE_PATH=__DATADIR__/import
|
#MUSIC_DIRECTORY_SERVE_PATH=__DATA_DIR__/data/import
|
||||||
|
|
||||||
# LDAP settings
|
# LDAP settings
|
||||||
# Use the following options to allow authentication on your Funkwhale instance
|
# Use the following options to allow authentication on your Funkwhale instance
|
||||||
|
@ -157,8 +157,8 @@ LDAP_START_TLS=False
|
||||||
LDAP_ROOT_DN=ou=users,dc=yunohost,dc=org
|
LDAP_ROOT_DN=ou=users,dc=yunohost,dc=org
|
||||||
LDAP_USER_ATTR_MAP=username:uid
|
LDAP_USER_ATTR_MAP=username:uid
|
||||||
|
|
||||||
FUNKWHALE_FRONTEND_PATH=__FINALPATH__/front/dist
|
FUNKWHALE_FRONTEND_PATH=__INSTALL_DIR__/front/dist
|
||||||
FUNKWHALE_SPA_HTML_ROOT=__FINALPATH__/front/dist/index.html
|
FUNKWHALE_SPA_HTML_ROOT=__INSTALL_DIR__/front/dist/index.html
|
||||||
|
|
||||||
# Nginx related configuration
|
# Nginx related configuration
|
||||||
NGINX_MAX_BODY_SIZE=100M
|
NGINX_MAX_BODY_SIZE=100M
|
||||||
|
|
|
@ -1,7 +0,0 @@
|
||||||
SOURCE_URL=https://dev.funkwhale.audio/funkwhale/funkwhale/builds/artifacts/1.2.10/download?job=build_front
|
|
||||||
SOURCE_SUM=bcf0ba380295be58dfcfe4d88605cfce357859adf623c8236fb1182095c38bfd
|
|
||||||
SOURCE_SUM_PRG=sha256sum
|
|
||||||
SOURCE_FORMAT=zip
|
|
||||||
SOURCE_IN_SUBDIR=true
|
|
||||||
SOURCE_FILENAME=
|
|
||||||
SOURCE_EXTRACT=true
|
|
|
@ -6,9 +6,43 @@ PartOf=__APP__.target
|
||||||
[Service]
|
[Service]
|
||||||
User=__APP__
|
User=__APP__
|
||||||
Group=__APP__
|
Group=__APP__
|
||||||
WorkingDirectory=__FINALPATH__/api
|
WorkingDirectory=__INSTALL_DIR__/api
|
||||||
EnvironmentFile=__FINALPATH__/config/.env
|
EnvironmentFile=__INSTALL_DIR__/config/.env
|
||||||
ExecStart=__FINALPATH__/virtualenv/bin/celery -A funkwhale_api.taskapp beat -l INFO
|
ExecStart=__INSTALL_DIR__/virtualenv/bin/celery -A funkwhale_api.taskapp beat -l INFO
|
||||||
|
|
||||||
|
# Sandboxing options to harden security
|
||||||
|
# Depending on specificities of your service/app, you may need to tweak these
|
||||||
|
# .. but this should be a good baseline
|
||||||
|
# Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html
|
||||||
|
NoNewPrivileges=yes
|
||||||
|
PrivateTmp=yes
|
||||||
|
PrivateDevices=yes
|
||||||
|
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 AF_NETLINK
|
||||||
|
RestrictNamespaces=yes
|
||||||
|
RestrictRealtime=yes
|
||||||
|
DevicePolicy=closed
|
||||||
|
ProtectClock=yes
|
||||||
|
ProtectHostname=yes
|
||||||
|
ProtectProc=invisible
|
||||||
|
ProtectSystem=full
|
||||||
|
ProtectControlGroups=yes
|
||||||
|
ProtectKernelModules=yes
|
||||||
|
ProtectKernelTunables=yes
|
||||||
|
LockPersonality=yes
|
||||||
|
SystemCallArchitectures=native
|
||||||
|
SystemCallFilter=~@clock @debug @module @mount @obsolete @reboot @setuid @swap @cpu-emulation @privileged
|
||||||
|
|
||||||
|
# Denying access to capabilities that should not be relevant for webapps
|
||||||
|
# Doc: https://man7.org/linux/man-pages/man7/capabilities.7.html
|
||||||
|
CapabilityBoundingSet=~CAP_RAWIO CAP_MKNOD
|
||||||
|
CapabilityBoundingSet=~CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE
|
||||||
|
CapabilityBoundingSet=~CAP_SYS_BOOT CAP_SYS_TIME CAP_SYS_MODULE CAP_SYS_PACCT
|
||||||
|
CapabilityBoundingSet=~CAP_LEASE CAP_LINUX_IMMUTABLE CAP_IPC_LOCK
|
||||||
|
CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_WAKE_ALARM
|
||||||
|
CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG
|
||||||
|
CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE
|
||||||
|
CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW
|
||||||
|
CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG
|
||||||
|
|
||||||
[Install]
|
[Install]
|
||||||
WantedBy=multi-user.target
|
WantedBy=multi-user.target
|
||||||
|
|
|
@ -6,9 +6,21 @@ PartOf=__APP__.target
|
||||||
[Service]
|
[Service]
|
||||||
User=__APP__
|
User=__APP__
|
||||||
Group=__APP__
|
Group=__APP__
|
||||||
WorkingDirectory=__FINALPATH__/api
|
WorkingDirectory=__INSTALL_DIR__/api
|
||||||
EnvironmentFile=__FINALPATH__/config/.env
|
EnvironmentFile=__INSTALL_DIR__/config/.env
|
||||||
ExecStart=__FINALPATH__/virtualenv/bin/gunicorn config.asgi:application -w ${FUNKWHALE_WEB_WORKERS} -k uvicorn.workers.UvicornWorker -b ${FUNKWHALE_API_IP}:${FUNKWHALE_API_PORT}
|
ExecStart=__INSTALL_DIR__/virtualenv/bin/gunicorn config.asgi:application -w ${FUNKWHALE_WEB_WORKERS} -k uvicorn.workers.UvicornWorker -b ${FUNKWHALE_API_IP}:${FUNKWHALE_API_PORT}
|
||||||
|
|
||||||
|
# Denying access to capabilities that should not be relevant for webapps
|
||||||
|
# Doc: https://man7.org/linux/man-pages/man7/capabilities.7.html
|
||||||
|
CapabilityBoundingSet=~CAP_RAWIO CAP_MKNOD
|
||||||
|
CapabilityBoundingSet=~CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE
|
||||||
|
CapabilityBoundingSet=~CAP_SYS_BOOT CAP_SYS_TIME CAP_SYS_MODULE CAP_SYS_PACCT
|
||||||
|
CapabilityBoundingSet=~CAP_LEASE CAP_LINUX_IMMUTABLE CAP_IPC_LOCK
|
||||||
|
CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_WAKE_ALARM
|
||||||
|
CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG
|
||||||
|
CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE
|
||||||
|
CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW
|
||||||
|
CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG
|
||||||
|
|
||||||
[Install]
|
[Install]
|
||||||
WantedBy=multi-user.target
|
WantedBy=multi-user.target
|
||||||
|
|
|
@ -6,9 +6,43 @@ PartOf=__APP__.target
|
||||||
[Service]
|
[Service]
|
||||||
User=__APP__
|
User=__APP__
|
||||||
Group=__APP__
|
Group=__APP__
|
||||||
WorkingDirectory=__FINALPATH__/api
|
WorkingDirectory=__INSTALL_DIR__/api
|
||||||
EnvironmentFile=__FINALPATH__/config/.env
|
EnvironmentFile=__INSTALL_DIR__/config/.env
|
||||||
ExecStart=__FINALPATH__/virtualenv/bin/celery -A funkwhale_api.taskapp worker -l INFO --concurrency=0
|
ExecStart=__INSTALL_DIR__/virtualenv/bin/celery -A funkwhale_api.taskapp worker -l INFO --concurrency=0
|
||||||
|
|
||||||
|
# Sandboxing options to harden security
|
||||||
|
# Depending on specificities of your service/app, you may need to tweak these
|
||||||
|
# .. but this should be a good baseline
|
||||||
|
# Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html
|
||||||
|
NoNewPrivileges=yes
|
||||||
|
PrivateTmp=yes
|
||||||
|
PrivateDevices=yes
|
||||||
|
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 AF_NETLINK
|
||||||
|
RestrictNamespaces=yes
|
||||||
|
RestrictRealtime=yes
|
||||||
|
DevicePolicy=closed
|
||||||
|
ProtectClock=yes
|
||||||
|
ProtectHostname=yes
|
||||||
|
ProtectProc=invisible
|
||||||
|
ProtectSystem=full
|
||||||
|
ProtectControlGroups=yes
|
||||||
|
ProtectKernelModules=yes
|
||||||
|
ProtectKernelTunables=yes
|
||||||
|
LockPersonality=yes
|
||||||
|
SystemCallArchitectures=native
|
||||||
|
SystemCallFilter=~@clock @debug @module @mount @obsolete @reboot @setuid @swap @cpu-emulation @privileged
|
||||||
|
|
||||||
|
# Denying access to capabilities that should not be relevant for webapps
|
||||||
|
# Doc: https://man7.org/linux/man-pages/man7/capabilities.7.html
|
||||||
|
CapabilityBoundingSet=~CAP_RAWIO CAP_MKNOD
|
||||||
|
CapabilityBoundingSet=~CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE
|
||||||
|
CapabilityBoundingSet=~CAP_SYS_BOOT CAP_SYS_TIME CAP_SYS_MODULE CAP_SYS_PACCT
|
||||||
|
CapabilityBoundingSet=~CAP_LEASE CAP_LINUX_IMMUTABLE CAP_IPC_LOCK
|
||||||
|
CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_WAKE_ALARM
|
||||||
|
CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG
|
||||||
|
CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE
|
||||||
|
CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW
|
||||||
|
CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG
|
||||||
|
|
||||||
[Install]
|
[Install]
|
||||||
WantedBy=multi-user.target
|
WantedBy=multi-user.target
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
root __FINALPATH__/front/dist;
|
root __INSTALL_DIR__/front/dist;
|
||||||
|
|
||||||
location / {
|
location / {
|
||||||
|
|
||||||
|
@ -26,7 +26,7 @@ location /front/ {
|
||||||
more_set_headers "Referrer-Policy: strict-origin-when-cross-origin";
|
more_set_headers "Referrer-Policy: strict-origin-when-cross-origin";
|
||||||
more_set_headers "Service-Worker-Allowed: /";
|
more_set_headers "Service-Worker-Allowed: /";
|
||||||
more_set_headers "X-Frame-Options: SAMEORIGIN";
|
more_set_headers "X-Frame-Options: SAMEORIGIN";
|
||||||
alias __FINALPATH__/front/dist/;
|
alias __INSTALL_DIR__/front/dist/;
|
||||||
expires 30d;
|
expires 30d;
|
||||||
more_set_headers "Pragma: public";
|
more_set_headers "Pragma: public";
|
||||||
more_set_headers "Cache-Control: public, must-revalidate, proxy-revalidate";
|
more_set_headers "Cache-Control: public, must-revalidate, proxy-revalidate";
|
||||||
|
@ -37,7 +37,7 @@ location /front/embed.html {
|
||||||
more_set_headers "Referrer-Policy: strict-origin-when-cross-origin";
|
more_set_headers "Referrer-Policy: strict-origin-when-cross-origin";
|
||||||
|
|
||||||
more_set_headers "X-Frame-Options: ALLOW";
|
more_set_headers "X-Frame-Options: ALLOW";
|
||||||
alias __FINALPATH__/front/dist/embed.html;
|
alias __INSTALL_DIR__/front/dist/embed.html;
|
||||||
expires 30d;
|
expires 30d;
|
||||||
more_set_headers "Pragma: public";
|
more_set_headers "Pragma: public";
|
||||||
more_set_headers "Cache-Control: public, must-revalidate, proxy-revalidate";
|
more_set_headers "Cache-Control: public, must-revalidate, proxy-revalidate";
|
||||||
|
@ -102,11 +102,11 @@ location /.well-known/ {
|
||||||
}
|
}
|
||||||
|
|
||||||
location /media/__sized__/ {
|
location /media/__sized__/ {
|
||||||
alias __DATADIR__/media/__sized__/;
|
alias __DATA_DIR__/data/media/__sized__/;
|
||||||
}
|
}
|
||||||
|
|
||||||
location /media/attachments/ {
|
location /media/attachments/ {
|
||||||
alias __DATADIR__//media/attachments/;
|
alias __DATA_DIR__/data/media/attachments/;
|
||||||
}
|
}
|
||||||
|
|
||||||
location /_protected/media/ {
|
location /_protected/media/ {
|
||||||
|
@ -114,7 +114,7 @@ location /_protected/media/ {
|
||||||
# audio files once correct permission / authentication
|
# audio files once correct permission / authentication
|
||||||
# has been checked on API side
|
# has been checked on API side
|
||||||
internal;
|
internal;
|
||||||
alias __DATADIR__/media/;
|
alias __DATA_DIR__/data/media/;
|
||||||
}
|
}
|
||||||
|
|
||||||
# Comment the previous location and uncomment this one if you're storing
|
# Comment the previous location and uncomment this one if you're storing
|
||||||
|
@ -132,10 +132,10 @@ location /_protected/music/ {
|
||||||
# has been checked on API side
|
# has been checked on API side
|
||||||
# Set this to the same value as your MUSIC_DIRECTORY_PATH setting
|
# Set this to the same value as your MUSIC_DIRECTORY_PATH setting
|
||||||
internal;
|
internal;
|
||||||
alias __DATADIR__/music/;
|
alias __DATA_DIR__/data/music/;
|
||||||
}
|
}
|
||||||
|
|
||||||
location /staticfiles/ {
|
location /staticfiles/ {
|
||||||
# django static files
|
# django static files
|
||||||
alias __DATADIR__/static/;
|
alias __DATA_DIR__/data/static/;
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,10 +2,10 @@
|
||||||
|
|
||||||
* Admin
|
* Admin
|
||||||
* The admin uses the login you provided at installation. The password is the same you use for YunoHost.
|
* The admin uses the login you provided at installation. The password is the same you use for YunoHost.
|
||||||
* The admin interface is accessible at the address: `your.domain.fr/api/admin`
|
* The admin interface is accessible at the address: `__DOMAIN__/api/admin`
|
||||||
|
|
||||||
To add a collection of music files to a library in your YunoHost installation of Funkwhale, create a symlink to your collection titled "music" in `/home/yunohost.app/funkwhale/data`
|
To add a collection of music files to a library in your YunoHost installation of Funkwhale, create a symlink to your collection titled "music" in `__DATA_DIR__/data`
|
||||||
```console
|
```console
|
||||||
foo@bar:~$sudo ln -s /your/music/collection /home/yunohost.app/funkwhale/data/music
|
foo@bar:~$sudo ln -s /your/music/collection __DATA_DIR__/data/music
|
||||||
```
|
```
|
||||||
The files can then be added to your library from the *uploading* tab in a music library under the heading **Import music from your server**.
|
The files can then be added to your library from the *uploading* tab in a music library under the heading **Import music from your server**.
|
|
@ -2,8 +2,8 @@
|
||||||
|
|
||||||
* Admin
|
* Admin
|
||||||
* L'administrateur utilise le login que vous avez fourni lors de l'installation. Le mot de passe est le même que celui que vous utilisez pour YunoHost.
|
* L'administrateur utilise le login que vous avez fourni lors de l'installation. Le mot de passe est le même que celui que vous utilisez pour YunoHost.
|
||||||
* L'interface d'administration est accessible à l'adresse : votre.domaine.fr/api/admin
|
* L'interface d'administration est accessible à l'adresse : __DOMAIN__/api/admin
|
||||||
|
|
||||||
Pour ajouter une collection de fichiers musicaux à une bibliothèque dans votre installation YunoHost de Funkwhale, créez un lien symbolique vers votre collection intitulée "music" dans `/home/yunohost.app/funkwhale/data/`.
|
Pour ajouter une collection de fichiers musicaux à une bibliothèque dans votre installation YunoHost de Funkwhale, créez un lien symbolique vers votre collection intitulée "music" dans `__DATA_DIR__/data/`.
|
||||||
`foo@bar:~$sudo ln -s /your/music/collection /home/yunohost.app/funkwhale/data/music`
|
`foo@bar:~$sudo ln -s /your/music/collection __DATA_DIR__/data/music`
|
||||||
Les fichiers peuvent ensuite être ajoutés à votre bibliothèque à partir de l'onglet *Envoi* dans une bibliothèque musicale sous la rubrique **Importer de la musique de votre serveur**.
|
Les fichiers peuvent ensuite être ajoutés à votre bibliothèque à partir de l'onglet *Envoi* dans une bibliothèque musicale sous la rubrique **Importer de la musique de votre serveur**.
|
|
@ -1,58 +0,0 @@
|
||||||
{
|
|
||||||
"name": "Funkwhale",
|
|
||||||
"id": "funkwhale",
|
|
||||||
"packaging_format": 1,
|
|
||||||
"description": {
|
|
||||||
"en": "Convivial and modern music server",
|
|
||||||
"fr": "Serveur de musique moderne et convivial"
|
|
||||||
},
|
|
||||||
"version": "1.2.10~ynh2",
|
|
||||||
"url": "https://funkwhale.audio",
|
|
||||||
"upstream": {
|
|
||||||
"license": "AGPL-3.0-or-later",
|
|
||||||
"website": "https://funkwhale.audio/",
|
|
||||||
"demo": "https://demo.funkwhale.audio",
|
|
||||||
"admindoc": "https://docs.funkwhale.audio/admin/index.html",
|
|
||||||
"userdoc": "https://docs.funkwhale.audio/users/index.html",
|
|
||||||
"code": "https://dev.funkwhale.audio/funkwhale/funkwhale"
|
|
||||||
},
|
|
||||||
"license": "AGPL-3.0-or-later",
|
|
||||||
"maintainer": {
|
|
||||||
"name": "Ciarán Ainsworth",
|
|
||||||
"email": "cda@rootkey.co.uk"
|
|
||||||
},
|
|
||||||
"previous_maintainers": [
|
|
||||||
{
|
|
||||||
"name": "Jean-Baptiste Holcroft",
|
|
||||||
"email": "jean-baptiste@holcroft.fr"
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"requirements": {
|
|
||||||
"yunohost": ">= 11.0.0"
|
|
||||||
},
|
|
||||||
"multi_instance": true,
|
|
||||||
"services": [
|
|
||||||
"nginx"
|
|
||||||
],
|
|
||||||
"arguments": {
|
|
||||||
"install": [
|
|
||||||
{
|
|
||||||
"name": "domain",
|
|
||||||
"type": "domain"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "is_public",
|
|
||||||
"type": "boolean",
|
|
||||||
"help": {
|
|
||||||
"en": "If enabled, Funkwhale will be accessible by Funkwhale for Android and by users without a YunoHost account. This can be changed later in the webadmin.",
|
|
||||||
"fr": "Si cette case est cochée, Funkwhale sera accessible par Funkwhale for Android et par les utilisateurs n’ayant pas de compte YunoHost. Vous pourrez changer cela dans la webadmin."
|
|
||||||
},
|
|
||||||
"default": true
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "admin",
|
|
||||||
"type": "user"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
}
|
|
76
manifest.toml
Normal file
76
manifest.toml
Normal file
|
@ -0,0 +1,76 @@
|
||||||
|
packaging_format = 2
|
||||||
|
|
||||||
|
id = "funkwhale"
|
||||||
|
name = "Funkwhale"
|
||||||
|
description.en = "Convivial and modern music server"
|
||||||
|
description.fr = "Serveur de musique moderne et convivial"
|
||||||
|
|
||||||
|
version = "1.2.10~ynh3"
|
||||||
|
|
||||||
|
maintainers = ["Ciarán Ainsworth"]
|
||||||
|
|
||||||
|
[upstream]
|
||||||
|
license = "AGPL-3.0-or-later"
|
||||||
|
website = "https://funkwhale.audio/"
|
||||||
|
demo = "https://demo.funkwhale.audio"
|
||||||
|
admindoc = "https://docs.funkwhale.audio/admin/index.html"
|
||||||
|
userdoc = "https://docs.funkwhale.audio/users/index.html"
|
||||||
|
code = "https://dev.funkwhale.audio/funkwhale/funkwhale"
|
||||||
|
|
||||||
|
[integration]
|
||||||
|
yunohost = ">= 11.1.15"
|
||||||
|
architectures = "all"
|
||||||
|
multi_instance = true
|
||||||
|
ldap = false
|
||||||
|
sso = false
|
||||||
|
disk = "50M"
|
||||||
|
ram.build = "50M"
|
||||||
|
ram.runtime = "50M"
|
||||||
|
|
||||||
|
[install]
|
||||||
|
[install.domain]
|
||||||
|
type = "domain"
|
||||||
|
full_domain = true
|
||||||
|
|
||||||
|
[install.init_main_permission]
|
||||||
|
help.en = "If enabled, Funkwhale will be accessible by Funkwhale for Android and by users without a YunoHost account. This can be changed later in the webadmin."
|
||||||
|
help.fr = "Si cette case est cochée, Funkwhale sera accessible par Funkwhale for Android et par les utilisateurs n’ayant pas de compte YunoHost. Vous pourrez changer cela dans la webadmin."
|
||||||
|
type = "group"
|
||||||
|
default = "visitors"
|
||||||
|
|
||||||
|
[install.admin]
|
||||||
|
type = "user"
|
||||||
|
|
||||||
|
[resources]
|
||||||
|
[resources.sources]
|
||||||
|
[resources.sources.api]
|
||||||
|
url = "https://dev.funkwhale.audio/funkwhale/funkwhale/-/jobs/artifacts/1.2.10/download?job=build_api"
|
||||||
|
sha256 = "fc6f54d37993f74e057d1a59438e21b68a8cff1a7f9438415459ede7cf7f09d0"
|
||||||
|
in_subdir = true
|
||||||
|
extract = true
|
||||||
|
format = "zip"
|
||||||
|
|
||||||
|
[resources.sources.front]
|
||||||
|
url = "https://dev.funkwhale.audio/funkwhale/funkwhale/builds/artifacts/1.2.10/download?job=build_front"
|
||||||
|
sha256 = "bcf0ba380295be58dfcfe4d88605cfce357859adf623c8236fb1182095c38bfd"
|
||||||
|
in_subdir = true
|
||||||
|
extract = true
|
||||||
|
format = "zip"
|
||||||
|
|
||||||
|
[resources.ports]
|
||||||
|
|
||||||
|
[resources.system_user]
|
||||||
|
|
||||||
|
[resources.install_dir]
|
||||||
|
|
||||||
|
[resources.data_dir]
|
||||||
|
group = "www-data:rx"
|
||||||
|
|
||||||
|
[resources.permissions]
|
||||||
|
main.url = "/"
|
||||||
|
|
||||||
|
[resources.apt]
|
||||||
|
packages = "postgresql curl python3-pip python3-venv git unzip libldap2-dev libsasl2-dev gettext-base zlib1g-dev libffi-dev libssl-dev build-essential ffmpeg libjpeg-dev libmagic-dev libpq-dev python3-dev make zlib1g-dev libffi-dev libssl-dev"
|
||||||
|
|
||||||
|
[resources.database]
|
||||||
|
type = "postgresql"
|
|
@ -4,13 +4,6 @@
|
||||||
# COMMON VARIABLES
|
# COMMON VARIABLES
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
# dependencies used by the app (must be on a single line)
|
|
||||||
pkg_dependencies="curl python3-pip python3-venv git unzip libldap2-dev libsasl2-dev gettext-base zlib1g-dev libffi-dev libssl-dev \
|
|
||||||
build-essential ffmpeg libjpeg-dev libmagic-dev libpq-dev postgresql postgresql-contrib python3-dev make \
|
|
||||||
redis-server \
|
|
||||||
`# add arm support` \
|
|
||||||
zlib1g-dev libffi-dev libssl-dev"
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# PERSONAL HELPERS
|
# PERSONAL HELPERS
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
|
@ -10,28 +10,6 @@
|
||||||
source ../settings/scripts/_common.sh
|
source ../settings/scripts/_common.sh
|
||||||
source /usr/share/yunohost/helpers
|
source /usr/share/yunohost/helpers
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# MANAGE SCRIPT FAILURE
|
|
||||||
#=================================================
|
|
||||||
|
|
||||||
ynh_clean_setup () {
|
|
||||||
true
|
|
||||||
}
|
|
||||||
# Exit if an error occurs during the execution of the script
|
|
||||||
ynh_abort_if_errors
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# LOAD SETTINGS
|
|
||||||
#=================================================
|
|
||||||
ynh_print_info --message="Loading installation settings..."
|
|
||||||
|
|
||||||
app=$YNH_APP_INSTANCE_NAME
|
|
||||||
|
|
||||||
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
|
||||||
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
|
||||||
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
|
|
||||||
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# DECLARE DATA AND CONF FILES TO BACKUP
|
# DECLARE DATA AND CONF FILES TO BACKUP
|
||||||
#=================================================
|
#=================================================
|
||||||
|
@ -41,13 +19,13 @@ ynh_print_info --message="Declaring files to be backed up..."
|
||||||
# BACKUP THE APP MAIN DIR
|
# BACKUP THE APP MAIN DIR
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
ynh_backup --src_path="$final_path"
|
ynh_backup --src_path="$install_dir"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# BACKUP THE DATA DIR
|
# BACKUP THE DATA DIR
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
ynh_backup --src_path="$datadir" --is_big
|
ynh_backup --src_path="$data_dir" --is_big
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# BACKUP THE NGINX CONFIGURATION
|
# BACKUP THE NGINX CONFIGURATION
|
||||||
|
|
|
@ -9,69 +9,6 @@
|
||||||
source _common.sh
|
source _common.sh
|
||||||
source /usr/share/yunohost/helpers
|
source /usr/share/yunohost/helpers
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# RETRIEVE ARGUMENTS
|
|
||||||
#=================================================
|
|
||||||
|
|
||||||
old_domain=$YNH_APP_OLD_DOMAIN
|
|
||||||
old_path=$YNH_APP_OLD_PATH
|
|
||||||
|
|
||||||
new_domain=$YNH_APP_NEW_DOMAIN
|
|
||||||
new_path=$YNH_APP_NEW_PATH
|
|
||||||
|
|
||||||
app=$YNH_APP_INSTANCE_NAME
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# LOAD SETTINGS
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Loading installation settings..." --weight=1
|
|
||||||
|
|
||||||
# Needed for helper "ynh_add_nginx_config"
|
|
||||||
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
|
||||||
port=$(ynh_app_setting_get --app=$app --key=port)
|
|
||||||
key=$(ynh_app_setting_get --app=$app --key=key)
|
|
||||||
redis_db=$(ynh_app_setting_get --app=$app --key=redis_db)
|
|
||||||
port=$(ynh_app_setting_get --app=$app --key=port)
|
|
||||||
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
|
|
||||||
db_user=$db_name
|
|
||||||
db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd)
|
|
||||||
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
|
|
||||||
redis_db=$(ynh_app_setting_get --app=$app --key=redis_db)
|
|
||||||
key=$(ynh_app_setting_get --app=$app --key=key)
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=1
|
|
||||||
|
|
||||||
# Backup the current version of the app
|
|
||||||
ynh_backup_before_upgrade
|
|
||||||
ynh_clean_setup () {
|
|
||||||
# Remove the new domain config file, the remove script won't do it as it doesn't know yet its location.
|
|
||||||
ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
|
|
||||||
|
|
||||||
# Restore it if the upgrade fails
|
|
||||||
ynh_restore_upgradebackup
|
|
||||||
}
|
|
||||||
# Exit if an error occurs during the execution of the script
|
|
||||||
ynh_abort_if_errors
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# CHECK WHICH PARTS SHOULD BE CHANGED
|
|
||||||
#=================================================
|
|
||||||
|
|
||||||
change_domain=0
|
|
||||||
if [ "$old_domain" != "$new_domain" ]
|
|
||||||
then
|
|
||||||
change_domain=1
|
|
||||||
fi
|
|
||||||
|
|
||||||
change_path=0
|
|
||||||
if [ "$old_path" != "$new_path" ]
|
|
||||||
then
|
|
||||||
change_path=1
|
|
||||||
fi
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# STANDARD MODIFICATIONS
|
# STANDARD MODIFICATIONS
|
||||||
#=================================================
|
#=================================================
|
||||||
|
@ -88,29 +25,7 @@ ynh_systemd_action --service_name="$app-worker" --action=stop --log_path="/var/l
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Updating NGINX web server configuration..." --weight=1
|
ynh_script_progression --message="Updating NGINX web server configuration..." --weight=1
|
||||||
|
|
||||||
nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
|
ynh_change_url_nginx_config
|
||||||
|
|
||||||
# Change the path in the NGINX config file
|
|
||||||
if [ $change_path -eq 1 ]
|
|
||||||
then
|
|
||||||
# Make a backup of the original NGINX config file if modified
|
|
||||||
ynh_backup_if_checksum_is_different --file="$nginx_conf_path"
|
|
||||||
# Set global variables for NGINX helper
|
|
||||||
domain="$old_domain"
|
|
||||||
path_url="$new_path"
|
|
||||||
# Create a dedicated NGINX config
|
|
||||||
ynh_add_nginx_config
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Change the domain for NGINX
|
|
||||||
if [ $change_domain -eq 1 ]
|
|
||||||
then
|
|
||||||
# Delete file checksum for the old conf file location
|
|
||||||
ynh_delete_file_checksum --file="$nginx_conf_path"
|
|
||||||
mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf
|
|
||||||
# Store file checksum for the new config file location
|
|
||||||
ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
|
|
||||||
fi
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# MODIFY THE CONFIG FILE
|
# MODIFY THE CONFIG FILE
|
||||||
|
@ -118,14 +33,14 @@ fi
|
||||||
ynh_script_progression --message="Modifying a config file..." --weight=1
|
ynh_script_progression --message="Modifying a config file..." --weight=1
|
||||||
|
|
||||||
domain=$new_domain
|
domain=$new_domain
|
||||||
ynh_add_config --template="../conf/env.prod" --destination="$final_path/config/.env"
|
ynh_add_config --template="../conf/env.prod" --destination="$install_dir/config/.env"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# MODIFY THE FEDERATION
|
# MODIFY THE FEDERATION
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
source $final_path/virtualenv/bin/activate
|
source $install_dir/virtualenv/bin/activate
|
||||||
ynh_exec_warn_less python3 $final_path/api/manage.py fix_federation_ids https://$old_domain https://$new_domain --no-dry-run --no-input
|
ynh_exec_warn_less python3 $install_dir/api/manage.py fix_federation_ids https://$old_domain https://$new_domain --no-dry-run --no-input
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# START SYSTEMD SERVICE
|
# START SYSTEMD SERVICE
|
||||||
|
@ -136,21 +51,6 @@ ynh_systemd_action --service_name="$app-beat" --action="start" --log_path="/var/
|
||||||
ynh_systemd_action --service_name="$app-server" --action="start" --log_path="/var/log/$app/$app.log"
|
ynh_systemd_action --service_name="$app-server" --action="start" --log_path="/var/log/$app/$app.log"
|
||||||
ynh_systemd_action --service_name="$app-worker" --action="start" --log_path="/var/log/$app/$app.log"
|
ynh_systemd_action --service_name="$app-worker" --action="start" --log_path="/var/log/$app/$app.log"
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# SETUP FAIL2BAN
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Configuring Fail2Ban..." --weight=1
|
|
||||||
|
|
||||||
# Create a dedicated Fail2Ban config
|
|
||||||
ynh_add_fail2ban_config --logpath="/var/log/nginx/$new_domain-access.log" --failregex="<HOST>.* \"POST /api/v1/token/ HTTP/1.1\" 400 68.*$" --max_retry=5
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# RELOAD NGINX
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
|
|
||||||
|
|
||||||
ynh_systemd_action --service_name=nginx --action=reload
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# END OF SCRIPT
|
# END OF SCRIPT
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
148
scripts/install
148
scripts/install
|
@ -9,104 +9,26 @@
|
||||||
source _common.sh
|
source _common.sh
|
||||||
source /usr/share/yunohost/helpers
|
source /usr/share/yunohost/helpers
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# MANAGE SCRIPT FAILURE
|
|
||||||
#=================================================
|
|
||||||
|
|
||||||
ynh_clean_setup () {
|
|
||||||
true
|
|
||||||
}
|
|
||||||
# Exit if an error occurs during the execution of the script
|
|
||||||
ynh_abort_if_errors
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# RETRIEVE ARGUMENTS FROM THE MANIFEST
|
# RETRIEVE ARGUMENTS FROM THE MANIFEST
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
domain=$YNH_APP_ARG_DOMAIN
|
|
||||||
path_url="/"
|
|
||||||
is_public=$YNH_APP_ARG_IS_PUBLIC
|
|
||||||
admin=$YNH_APP_ARG_ADMIN
|
|
||||||
|
|
||||||
app=$YNH_APP_INSTANCE_NAME
|
|
||||||
|
|
||||||
admin_mail=$(ynh_user_get_info --username="$admin" --key="mail")
|
admin_mail=$(ynh_user_get_info --username="$admin" --key="mail")
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Validating installation parameters..." --weight=1
|
|
||||||
|
|
||||||
final_path=/var/www/$app
|
|
||||||
test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
|
|
||||||
|
|
||||||
datadir=/home/yunohost.app/$app/data
|
|
||||||
|
|
||||||
# Register (book) web path
|
|
||||||
ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# STORE SETTINGS FROM MANIFEST
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Storing installation settings..." --weight=1
|
|
||||||
|
|
||||||
ynh_app_setting_set --app=$app --key=domain --value=$domain
|
|
||||||
ynh_app_setting_set --app=$app --key=path --value=$path_url
|
|
||||||
ynh_app_setting_set --app=$app --key=admin --value=$admin
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# STANDARD MODIFICATIONS
|
|
||||||
#=================================================
|
|
||||||
# FIND AND OPEN A PORT
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Finding an available port..." --weight=1
|
|
||||||
|
|
||||||
# Find an available port
|
|
||||||
port=$(ynh_find_port --port=8095)
|
|
||||||
ynh_app_setting_set --app=$app --key=port --value=$port
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# INSTALL DEPENDENCIES
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Installing dependencies..." --weight=1
|
|
||||||
|
|
||||||
ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# CREATE DEDICATED USER
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Configuring system user..." --weight=1
|
|
||||||
|
|
||||||
# Create a system user
|
|
||||||
ynh_system_user_create --username=$app --home_dir="$final_path"
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# CREATE A POSTGRESQL DATABASE
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Creating a PostgreSQL database..." --weight=1
|
|
||||||
|
|
||||||
ynh_psql_test_if_first_run
|
|
||||||
db_name=$(ynh_sanitize_dbid --db_name=$app)
|
|
||||||
db_user=$db_name
|
|
||||||
ynh_app_setting_set --app=$app --key=db_name --value=$db_name
|
|
||||||
ynh_psql_setup_db --db_user=$db_user --db_name=$db_name
|
|
||||||
db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd)
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Setting up source files..." --weight=1
|
ynh_script_progression --message="Setting up source files..." --weight=1
|
||||||
|
|
||||||
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
|
|
||||||
# Download, check integrity, uncompress and patch the source from app.src
|
# Download, check integrity, uncompress and patch the source from app.src
|
||||||
ynh_setup_source --dest_dir="$final_path/api" --source_id="api"
|
ynh_setup_source --dest_dir="$install_dir/api" --source_id="api"
|
||||||
ynh_setup_source --dest_dir="$final_path/front" --source_id="front"
|
ynh_setup_source --dest_dir="$install_dir/front" --source_id="front"
|
||||||
|
|
||||||
mkdir -p $final_path/config
|
mkdir -p $install_dir/config
|
||||||
|
|
||||||
chmod 750 "$final_path"
|
chmod 750 "$install_dir"
|
||||||
chmod -R o-rwx "$final_path"
|
chmod -R o-rwx "$install_dir"
|
||||||
chown -R $app:www-data "$final_path"
|
chown -R $app:www-data "$install_dir"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# NGINX CONFIGURATION
|
# NGINX CONFIGURATION
|
||||||
|
@ -123,14 +45,12 @@ ynh_add_nginx_config
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Creating a data directory..." --weight=1
|
ynh_script_progression --message="Creating a data directory..." --weight=1
|
||||||
|
|
||||||
ynh_app_setting_set --app=$app --key=datadir --value=$datadir
|
mkdir -p $data_dir/data
|
||||||
|
mkdir -p $data_dir/{static,media,music}
|
||||||
|
|
||||||
mkdir -p $datadir
|
chmod 750 "$data_dir"
|
||||||
mkdir -p $datadir/{static,media,music}
|
chmod -R o-rwx "$data_dir/"
|
||||||
|
chown -R $app:www-data "$data_dir/"
|
||||||
chmod 750 "$datadir"
|
|
||||||
chmod -R o-rwx "$datadir"
|
|
||||||
chown -R $app:www-data "$datadir"
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# ADD A CONFIGURATION
|
# ADD A CONFIGURATION
|
||||||
|
@ -143,10 +63,10 @@ redis_db=$(ynh_redis_get_free_db)
|
||||||
ynh_app_setting_set --app=$app --key=key --value=$key
|
ynh_app_setting_set --app=$app --key=key --value=$key
|
||||||
ynh_app_setting_set --app=$app --key=redis_db --value=$redis_db
|
ynh_app_setting_set --app=$app --key=redis_db --value=$redis_db
|
||||||
|
|
||||||
ynh_add_config --template="../conf/env.prod" --destination="$final_path/config/.env"
|
ynh_add_config --template="../conf/env.prod" --destination="$install_dir/config/.env"
|
||||||
|
|
||||||
chmod 400 "$final_path/config/.env"
|
chmod 400 "$install_dir/config/.env"
|
||||||
chown $app:$app "$final_path/config/.env"
|
chown $app:$app "$install_dir/config/.env"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# SETUP SYSTEMD
|
# SETUP SYSTEMD
|
||||||
|
@ -165,14 +85,14 @@ ynh_add_systemd_config --service="${app}-beat" --template="funkwhale-beat.serv
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Installing Python dependencies..." --weight=1
|
ynh_script_progression --message="Installing Python dependencies..." --weight=1
|
||||||
|
|
||||||
pushd $final_path
|
pushd $install_dir
|
||||||
python3 -m venv $final_path/virtualenv
|
python3 -m venv $install_dir/virtualenv
|
||||||
source $final_path/virtualenv/bin/activate
|
source $install_dir/virtualenv/bin/activate
|
||||||
pip install --upgrade pip
|
pip install --upgrade pip
|
||||||
pip install --upgrade setuptools
|
pip install --upgrade setuptools
|
||||||
ynh_exec_warn_less pip install wheel
|
ynh_exec_warn_less pip install wheel toml
|
||||||
# Workaround for error AttributeError: module 'lib' has no attribute 'X509_V_FLAG_CB_ISSUER_CHECK'
|
# Workaround for error AttributeError: module 'lib' has no attribute 'X509_V_FLAG_CB_ISSUER_CHECK'
|
||||||
ynh_replace_string --match_string="pyOpenSSL~=20.0.1" --replace_string="pyOpenSSL~=21.0.0" --target_file="$final_path/api/requirements/base.txt"
|
ynh_replace_string --match_string="pyOpenSSL~=20.0.1" --replace_string="pyOpenSSL~=21.0.0" --target_file="$install_dir/api/requirements/base.txt"
|
||||||
ynh_exec_warn_less pip install -r api/requirements.txt
|
ynh_exec_warn_less pip install -r api/requirements.txt
|
||||||
popd
|
popd
|
||||||
|
|
||||||
|
@ -181,8 +101,8 @@ popd
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Building funkwhale..." --weight=1
|
ynh_script_progression --message="Building funkwhale..." --weight=1
|
||||||
|
|
||||||
pushd $final_path
|
pushd $install_dir
|
||||||
source $final_path/virtualenv/bin/activate
|
source $install_dir/virtualenv/bin/activate
|
||||||
|
|
||||||
# needed for enabling the 'unaccent' extension
|
# needed for enabling the 'unaccent' extension
|
||||||
ynh_psql_execute_as_root --sql="ALTER USER $db_user WITH SUPERUSER;" --database="$db_name"
|
ynh_psql_execute_as_root --sql="ALTER USER $db_user WITH SUPERUSER;" --database="$db_name"
|
||||||
|
@ -192,9 +112,9 @@ pushd $final_path
|
||||||
echo "yes" | ynh_exec_warn_less python api/manage.py collectstatic
|
echo "yes" | ynh_exec_warn_less python api/manage.py collectstatic
|
||||||
popd
|
popd
|
||||||
|
|
||||||
chmod 750 "$final_path"
|
chmod 750 "$install_dir"
|
||||||
chmod -R o-rwx "$final_path"
|
chmod -R o-rwx "$install_dir"
|
||||||
chown -R $app:www-data "$final_path"
|
chown -R $app:www-data "$install_dir"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# GENERIC FINALIZATION
|
# GENERIC FINALIZATION
|
||||||
|
@ -225,26 +145,6 @@ ynh_script_progression --message="Configuring Fail2Ban..." --weight=1
|
||||||
# Create a dedicated Fail2Ban config
|
# Create a dedicated Fail2Ban config
|
||||||
ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-access.log" --failregex="<HOST>.* \"POST /api/v1/token/ HTTP/1.1\" 400 68.*$" --max_retry=5
|
ynh_add_fail2ban_config --logpath="/var/log/nginx/${domain}-access.log" --failregex="<HOST>.* \"POST /api/v1/token/ HTTP/1.1\" 400 68.*$" --max_retry=5
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# SETUP SSOWAT
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Configuring permissions..." --weight=1
|
|
||||||
|
|
||||||
# Make app public if necessary
|
|
||||||
if [ $is_public -eq 1 ]
|
|
||||||
then
|
|
||||||
# Everyone can access the app.
|
|
||||||
# The "main" permission is automatically created before the install script.
|
|
||||||
ynh_permission_update --permission="main" --add="visitors"
|
|
||||||
fi
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# RELOAD NGINX
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
|
|
||||||
|
|
||||||
ynh_systemd_action --service_name=nginx --action=reload
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# END OF SCRIPT
|
# END OF SCRIPT
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
|
@ -9,21 +9,6 @@
|
||||||
source _common.sh
|
source _common.sh
|
||||||
source /usr/share/yunohost/helpers
|
source /usr/share/yunohost/helpers
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# LOAD SETTINGS
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Loading installation settings..." --weight=1
|
|
||||||
|
|
||||||
app=$YNH_APP_INSTANCE_NAME
|
|
||||||
|
|
||||||
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
|
||||||
port=$(ynh_app_setting_get --app=$app --key=port)
|
|
||||||
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
|
|
||||||
db_user=$db_name
|
|
||||||
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
|
||||||
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
|
|
||||||
redis_db=$(ynh_app_setting_get --app=$app --key=redis_db)
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# STANDARD REMOVE
|
# STANDARD REMOVE
|
||||||
#=================================================
|
#=================================================
|
||||||
|
@ -65,33 +50,6 @@ ynh_remove_systemd_config --service="${app}-worker"
|
||||||
|
|
||||||
ynh_secure_remove --file="/etc/systemd/system/$app.target"
|
ynh_secure_remove --file="/etc/systemd/system/$app.target"
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# REMOVE THE POSTGRESQL DATABASE
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Removing the PostgreSQL database..." --weight=1
|
|
||||||
|
|
||||||
# Remove a database if it exists, along with the associated user
|
|
||||||
ynh_psql_remove_db --db_user=$db_user --db_name=$db_name
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# REMOVE APP MAIN DIR
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Removing app main directory..." --weight=1
|
|
||||||
|
|
||||||
# Remove the app directory securely
|
|
||||||
ynh_secure_remove --file="$final_path"
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# REMOVE DATA DIR
|
|
||||||
#=================================================
|
|
||||||
|
|
||||||
# Remove the data directory if --purge option is used
|
|
||||||
if [ "${YNH_APP_PURGE:-0}" -eq 1 ]
|
|
||||||
then
|
|
||||||
ynh_script_progression --message="Removing app data directory..." --weight=1
|
|
||||||
ynh_secure_remove --file="$datadir"
|
|
||||||
fi
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# REMOVE NGINX CONFIGURATION
|
# REMOVE NGINX CONFIGURATION
|
||||||
#=================================================
|
#=================================================
|
||||||
|
@ -100,14 +58,6 @@ ynh_script_progression --message="Removing NGINX web server configuration..." --
|
||||||
# Remove the dedicated NGINX config
|
# Remove the dedicated NGINX config
|
||||||
ynh_remove_nginx_config
|
ynh_remove_nginx_config
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# REMOVE DEPENDENCIES
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Removing dependencies..." --weight=1
|
|
||||||
|
|
||||||
# Remove metapackage and its dependencies
|
|
||||||
ynh_remove_app_dependencies
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# REMOVE FAIL2BAN CONFIGURATION
|
# REMOVE FAIL2BAN CONFIGURATION
|
||||||
#=================================================
|
#=================================================
|
||||||
|
@ -126,16 +76,6 @@ ynh_script_progression --message="Removing the Redis database..." --weight=1
|
||||||
# Remove a database if it exists, along with the associated user
|
# Remove a database if it exists, along with the associated user
|
||||||
ynh_redis_remove_db $redis_db
|
ynh_redis_remove_db $redis_db
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# GENERIC FINALIZATION
|
|
||||||
#=================================================
|
|
||||||
# REMOVE DEDICATED USER
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Removing the dedicated system user..." --weight=1
|
|
||||||
|
|
||||||
# Delete a system user
|
|
||||||
ynh_system_user_delete --username=$app
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# END OF SCRIPT
|
# END OF SCRIPT
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
|
@ -10,83 +10,29 @@
|
||||||
source ../settings/scripts/_common.sh
|
source ../settings/scripts/_common.sh
|
||||||
source /usr/share/yunohost/helpers
|
source /usr/share/yunohost/helpers
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# MANAGE SCRIPT FAILURE
|
|
||||||
#=================================================
|
|
||||||
|
|
||||||
ynh_clean_setup () {
|
|
||||||
true
|
|
||||||
}
|
|
||||||
# Exit if an error occurs during the execution of the script
|
|
||||||
ynh_abort_if_errors
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# LOAD SETTINGS
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Loading installation settings..." --weight=1
|
|
||||||
|
|
||||||
app=$YNH_APP_INSTANCE_NAME
|
|
||||||
|
|
||||||
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
|
||||||
path_url=$(ynh_app_setting_get --app=$app --key=path)
|
|
||||||
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
|
||||||
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
|
|
||||||
db_user=$db_name
|
|
||||||
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# CHECK IF THE APP CAN BE RESTORED
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Validating restoration parameters..." --weight=1
|
|
||||||
|
|
||||||
test ! -d $final_path \
|
|
||||||
|| ynh_die --message="There is already a directory: $final_path "
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# STANDARD RESTORATION STEPS
|
|
||||||
#=================================================
|
|
||||||
# RECREATE THE DEDICATED USER
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Recreating the dedicated system user..." --weight=1
|
|
||||||
|
|
||||||
# Create the dedicated user (if not existing)
|
|
||||||
ynh_system_user_create --username=$app --home_dir="$final_path"
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# RESTORE THE APP MAIN DIR
|
# RESTORE THE APP MAIN DIR
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Restoring the app main directory..." --weight=1
|
ynh_script_progression --message="Restoring the app main directory..." --weight=1
|
||||||
|
|
||||||
ynh_restore_file --origin_path="$final_path"
|
ynh_restore_file --origin_path="$install_dir"
|
||||||
|
|
||||||
chmod 750 "$final_path"
|
chmod -R o-rwx "$install_dir"
|
||||||
chmod -R o-rwx "$final_path"
|
chown -R $app:www-data "$install_dir"
|
||||||
chown -R $app:www-data "$final_path"
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# RESTORE THE DATA DIRECTORY
|
# RESTORE THE DATA DIRECTORY
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Restoring the data directory..." --weight=1
|
ynh_script_progression --message="Restoring the data directory..." --weight=1
|
||||||
|
|
||||||
ynh_restore_file --origin_path="$datadir" --not_mandatory
|
ynh_restore_file --origin_path="$data_dir/" --not_mandatory
|
||||||
|
|
||||||
mkdir -p $datadir
|
mkdir -p $data_dir/data
|
||||||
|
mkdir -p $data_dir/{static,media,music}
|
||||||
|
|
||||||
mkdir -p $datadir/{static,media,music}
|
chmod 750 "$data_dir/"
|
||||||
|
chmod -R o-rwx "$data_dir/"
|
||||||
chmod 750 "$datadir"
|
chown -R $app:www-data "$data_dir/"
|
||||||
chmod -R o-rwx "$datadir"
|
|
||||||
chown -R $app:www-data "$datadir"
|
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# SPECIFIC RESTORATION
|
|
||||||
#=================================================
|
|
||||||
# REINSTALL DEPENDENCIES
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Reinstalling dependencies..." --weight=1
|
|
||||||
|
|
||||||
# Define and install dependencies
|
|
||||||
ynh_install_app_dependencies $pkg_dependencies
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# RESTORE THE NGINX CONFIGURATION
|
# RESTORE THE NGINX CONFIGURATION
|
||||||
|
@ -100,9 +46,6 @@ ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Restoring the PostgreSQL database..." --weight=1
|
ynh_script_progression --message="Restoring the PostgreSQL database..." --weight=1
|
||||||
|
|
||||||
ynh_psql_test_if_first_run
|
|
||||||
db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd)
|
|
||||||
ynh_psql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd
|
|
||||||
ynh_psql_execute_file_as_root --file="./db.sql" --database=$db_name
|
ynh_psql_execute_file_as_root --file="./db.sql" --database=$db_name
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
188
scripts/upgrade
188
scripts/upgrade
|
@ -9,45 +9,12 @@
|
||||||
source _common.sh
|
source _common.sh
|
||||||
source /usr/share/yunohost/helpers
|
source /usr/share/yunohost/helpers
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# LOAD SETTINGS
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Loading installation settings..." --weight=1
|
|
||||||
|
|
||||||
app=$YNH_APP_INSTANCE_NAME
|
|
||||||
|
|
||||||
domain=$(ynh_app_setting_get --app=$app --key=domain)
|
|
||||||
path_url=$(ynh_app_setting_get --app=$app --key=path)
|
|
||||||
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
|
|
||||||
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
|
|
||||||
db_user=$db_name
|
|
||||||
db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd)
|
|
||||||
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
|
|
||||||
port=$(ynh_app_setting_get --app=$app --key=port)
|
|
||||||
redis_db=$(ynh_app_setting_get --app=$app --key=redis_db)
|
|
||||||
key=$(ynh_app_setting_get --app=$app --key=key)
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# CHECK VERSION
|
# CHECK VERSION
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Checking version..." --weight=1
|
|
||||||
|
|
||||||
upgrade_type=$(ynh_check_app_version_changed)
|
upgrade_type=$(ynh_check_app_version_changed)
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=1
|
|
||||||
|
|
||||||
# Backup the current version of the app
|
|
||||||
ynh_backup_before_upgrade
|
|
||||||
ynh_clean_setup () {
|
|
||||||
# Restore it if the upgrade fails
|
|
||||||
ynh_restore_upgradebackup
|
|
||||||
}
|
|
||||||
# Exit if an error occurs during the execution of the script
|
|
||||||
ynh_abort_if_errors
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# STANDARD UPGRADE STEPS
|
# STANDARD UPGRADE STEPS
|
||||||
#=================================================
|
#=================================================
|
||||||
|
@ -59,95 +26,62 @@ ynh_systemd_action --action="stop" --service_name="${app}-beat" --log_path="syst
|
||||||
ynh_systemd_action --action="stop" --service_name="${app}-server" --log_path="systemd" --line_match="Stopped"
|
ynh_systemd_action --action="stop" --service_name="${app}-server" --log_path="systemd" --line_match="Stopped"
|
||||||
ynh_systemd_action --action="stop" --service_name="${app}-worker" --log_path="systemd" --line_match="Stopped"
|
ynh_systemd_action --action="stop" --service_name="${app}-worker" --log_path="systemd" --line_match="Stopped"
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# ENSURE DOWNWARD COMPATIBILITY
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Ensuring downward compatibility..." --weight=1
|
|
||||||
|
|
||||||
# If redis_db doesn't exist, create it
|
|
||||||
if [ -z "$redis_db" ]; then
|
|
||||||
redis_db=$(ynh_redis_get_free_db)
|
|
||||||
ynh_app_setting_set --app=$app --key=redis_db --value=$redis_db
|
|
||||||
fi
|
|
||||||
|
|
||||||
# If db_pwd doesn't exist, create it
|
|
||||||
if [ -z "$db_pwd" ]; then
|
|
||||||
db_pwd=$(ynh_app_setting_get --app=$app --key=psqlpwd)
|
|
||||||
ynh_app_setting_set --app=$app --key=db_pwd --value=$db_pwd
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Cleaning legacy permissions
|
|
||||||
if ynh_legacy_permissions_exists; then
|
|
||||||
ynh_legacy_permissions_delete_all
|
|
||||||
|
|
||||||
ynh_app_setting_delete --app=$app --key=is_public
|
|
||||||
fi
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# MOVE DATAS
|
# MOVE DATAS
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
# If datadir doesn't exist, create it
|
# If data_dir doesn't exist, create it
|
||||||
if [ -z "$datadir" ]; then
|
if [ -z "$data_dir/" ]; then
|
||||||
# Do a full backup before moving datas
|
# Do a full backup before moving datas
|
||||||
yunohost backup create --apps $app
|
yunohost backup create --apps $app
|
||||||
|
|
||||||
datadir="/home/yunohost.app/${app}/data"
|
data_dir="/home/yunohost.app/${app}/data"
|
||||||
ynh_script_progression --message="Moving datas to $datadir..." --weight=1
|
ynh_script_progression --message="Moving datas to $data_dir..." --weight=1
|
||||||
|
|
||||||
mkdir -p $datadir
|
mkdir -p $data_dir
|
||||||
mkdir -p $datadir/{static,media,music}
|
mkdir -p $data_dir/{static,media,music}
|
||||||
|
|
||||||
chmod 750 "$datadir"
|
chmod 750 "$data_dir"
|
||||||
chmod -R o-rwx "$datadir"
|
chmod -R o-rwx "$data_dir"
|
||||||
chown -R $app:www-data "$datadir"
|
chown -R $app:www-data "$data_dir"
|
||||||
|
|
||||||
ynh_backup_if_checksum_is_different --file="$final_path/code/config/.env"
|
ynh_backup_if_checksum_is_different --file="$install_dir/code/config/.env"
|
||||||
mkdir -p $final_path/config
|
mkdir -p $install_dir/config
|
||||||
rsync -a $final_path/code/config/ $final_path/config/
|
rsync -a $install_dir/code/config/ $install_dir/config/
|
||||||
chmod 400 $final_path/config/.env
|
chmod 400 $install_dir/config/.env
|
||||||
ynh_store_file_checksum --file="$final_path/config/.env"
|
ynh_store_file_checksum --file="$install_dir/config/.env"
|
||||||
ynh_delete_file_checksum --file="$final_path/code/config/.env"
|
ynh_delete_file_checksum --file="$install_dir/code/config/.env"
|
||||||
|
|
||||||
if [ -d "$final_path/code/data/static/" ]; then
|
if [ -d "$install_dir/code/data/static/" ]; then
|
||||||
rsync -a $final_path/code/data/static/ $datadir/static/
|
rsync -a $install_dir/code/data/static/ $data_dir/static/
|
||||||
fi
|
fi
|
||||||
if [ -d "$final_path/media/" ]; then
|
if [ -d "$install_dir/media/" ]; then
|
||||||
rsync -a $final_path/media/ $datadir/media/
|
rsync -a $install_dir/media/ $data_dir/media/
|
||||||
fi
|
fi
|
||||||
if [ -d "$final_path/code/data/media/" ]; then
|
if [ -d "$install_dir/code/data/media/" ]; then
|
||||||
rsync -a $final_path/code/data/media/ $datadir/media/
|
rsync -a $install_dir/code/data/media/ $data_dir/media/
|
||||||
fi
|
fi
|
||||||
if [ -d "$final_path/import/" ]; then
|
if [ -d "$install_dir/import/" ]; then
|
||||||
rsync -a $final_path/import/ $datadir/music/
|
rsync -a $install_dir/import/ $data_dir/music/
|
||||||
fi
|
fi
|
||||||
if [ -d "$final_path/code/data/music/" ]; then
|
if [ -d "$install_dir/code/data/music/" ]; then
|
||||||
rsync -a $final_path/code/data/music/ $datadir/music/
|
rsync -a $install_dir/code/data/music/ $data_dir/music/
|
||||||
fi
|
fi
|
||||||
|
|
||||||
ynh_secure_remove --file="$final_path/code"
|
ynh_secure_remove --file="$install_dir/code"
|
||||||
ynh_secure_remove --file="$final_path/media"
|
ynh_secure_remove --file="$install_dir/media"
|
||||||
ynh_secure_remove --file="$final_path/code/data/media"
|
ynh_secure_remove --file="$install_dir/static"
|
||||||
ynh_secure_remove --file="$final_path/import"
|
ynh_secure_remove --file="$install_dir/code/data/media"
|
||||||
ynh_secure_remove --file="$final_path/code/data/music"
|
ynh_secure_remove --file="$install_dir/import"
|
||||||
|
ynh_secure_remove --file="$install_dir/code/data/music"
|
||||||
|
|
||||||
ynh_app_setting_set --app=$app --key=datadir --value=$datadir
|
chmod 750 "$data_dir/data/"
|
||||||
|
chmod -R o-rwx "$data_dir/data/"
|
||||||
chmod 750 "$datadir"
|
chown -R $app:www-data "$data_dir/data/"
|
||||||
chmod -R o-rwx "$datadir"
|
|
||||||
chown -R $app:www-data "$datadir"
|
|
||||||
|
|
||||||
upgrade_type="UPGRADE_APP"
|
upgrade_type="UPGRADE_APP"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# CREATE DEDICATED USER
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1
|
|
||||||
|
|
||||||
# Create a dedicated user (if not existing)
|
|
||||||
ynh_system_user_create --username=$app --home_dir="$final_path"
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
# DOWNLOAD, CHECK AND UNPACK SOURCE
|
||||||
#=================================================
|
#=================================================
|
||||||
|
@ -156,23 +90,14 @@ if [ "$upgrade_type" == "UPGRADE_APP" ]
|
||||||
then
|
then
|
||||||
ynh_script_progression --message="Upgrading source files..." --weight=1
|
ynh_script_progression --message="Upgrading source files..." --weight=1
|
||||||
|
|
||||||
ynh_secure_remove --file="$final_path/api"
|
|
||||||
ynh_secure_remove --file="$final_path/front"
|
|
||||||
# Download, check integrity, uncompress and patch the source from app.src
|
# Download, check integrity, uncompress and patch the source from app.src
|
||||||
ynh_setup_source --dest_dir="$final_path/api" --source_id="api"
|
ynh_setup_source --dest_dir="$install_dir/api" --source_id="api"
|
||||||
ynh_setup_source --dest_dir="$final_path/front" --source_id="front"
|
ynh_setup_source --dest_dir="$install_dir/front" --source_id="front"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
chmod 750 "$final_path"
|
chmod 750 "$install_dir"
|
||||||
chmod -R o-rwx "$final_path"
|
chmod -R o-rwx "$install_dir"
|
||||||
chown -R $app:www-data "$final_path"
|
chown -R $app:www-data "$install_dir"
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# UPGRADE DEPENDENCIES
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Upgrading dependencies..." --weight=1
|
|
||||||
|
|
||||||
ynh_install_app_dependencies $pkg_dependencies
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# NGINX CONFIGURATION
|
# NGINX CONFIGURATION
|
||||||
|
@ -189,15 +114,15 @@ ynh_add_nginx_config
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Installing Python dependencies..." --weight=1
|
ynh_script_progression --message="Installing Python dependencies..." --weight=1
|
||||||
|
|
||||||
pushd $final_path
|
pushd $install_dir
|
||||||
ynh_secure_remove --file="$final_path/virtualenv"
|
ynh_secure_remove --file="$install_dir/virtualenv"
|
||||||
python3 -m venv $final_path/virtualenv
|
python3 -m venv $install_dir/virtualenv
|
||||||
source $final_path/virtualenv/bin/activate
|
source $install_dir/virtualenv/bin/activate
|
||||||
pip install --upgrade pip
|
pip install --upgrade pip
|
||||||
pip install --upgrade setuptools
|
pip install --upgrade setuptools
|
||||||
ynh_exec_warn_less pip install wheel
|
ynh_exec_warn_less pip install wheel toml
|
||||||
# Workaround for error AttributeError: module 'lib' has no attribute 'X509_V_FLAG_CB_ISSUER_CHECK'
|
# Workaround for error AttributeError: module 'lib' has no attribute 'X509_V_FLAG_CB_ISSUER_CHECK'
|
||||||
ynh_replace_string --match_string="pyOpenSSL~=20.0.1" --replace_string="pyOpenSSL~=21.0.0" --target_file="$final_path/api/requirements/base.txt"
|
ynh_replace_string --match_string="pyOpenSSL~=20.0.1" --replace_string="pyOpenSSL~=21.0.0" --target_file="$install_dir/api/requirements/base.txt"
|
||||||
ynh_exec_warn_less pip install -r api/requirements.txt
|
ynh_exec_warn_less pip install -r api/requirements.txt
|
||||||
popd
|
popd
|
||||||
|
|
||||||
|
@ -206,18 +131,18 @@ popd
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Updating a configuration file..." --weight=1
|
ynh_script_progression --message="Updating a configuration file..." --weight=1
|
||||||
|
|
||||||
ynh_add_config --template="../conf/env.prod" --destination="$final_path/config/.env"
|
ynh_add_config --template="../conf/env.prod" --destination="$install_dir/config/.env"
|
||||||
|
|
||||||
chmod 400 "$final_path/config/.env"
|
chmod 400 "$install_dir/config/.env"
|
||||||
chown $app:$app "$final_path/config/.env"
|
chown $app:$app "$install_dir/config/.env"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# UPGRADE FUNKWHALE
|
# UPGRADE FUNKWHALE
|
||||||
#=================================================
|
#=================================================
|
||||||
ynh_script_progression --message="Upgrading Funkwhale..." --weight=1
|
ynh_script_progression --message="Upgrading Funkwhale..." --weight=1
|
||||||
|
|
||||||
pushd $final_path
|
pushd $install_dir
|
||||||
source $final_path/virtualenv/bin/activate
|
source $install_dir/virtualenv/bin/activate
|
||||||
|
|
||||||
echo "yes" | ynh_exec_warn_less python api/manage.py collectstatic --clear --noinput
|
echo "yes" | ynh_exec_warn_less python api/manage.py collectstatic --clear --noinput
|
||||||
|
|
||||||
|
@ -227,9 +152,9 @@ pushd $final_path
|
||||||
ynh_psql_execute_as_root --sql="ALTER USER $db_user WITH NOSUPERUSER;" --database="$db_name"
|
ynh_psql_execute_as_root --sql="ALTER USER $db_user WITH NOSUPERUSER;" --database="$db_name"
|
||||||
popd
|
popd
|
||||||
|
|
||||||
chmod 750 "$final_path"
|
chmod 750 "$install_dir"
|
||||||
chmod -R o-rwx "$final_path"
|
chmod -R o-rwx "$install_dir"
|
||||||
chown -R $app:www-data "$final_path"
|
chown -R $app:www-data "$install_dir"
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# SETUP SYSTEMD
|
# SETUP SYSTEMD
|
||||||
|
@ -272,13 +197,6 @@ ynh_script_progression --message="Reconfiguring Fail2Ban..." --weight=1
|
||||||
# Create a dedicated Fail2Ban config
|
# Create a dedicated Fail2Ban config
|
||||||
ynh_add_fail2ban_config --logpath="/var/log/nginx/$domain-access.log" --failregex="<HOST>.* \"POST /api/v1/token/ HTTP/1.1\" 400 68.*$" --max_retry=5
|
ynh_add_fail2ban_config --logpath="/var/log/nginx/$domain-access.log" --failregex="<HOST>.* \"POST /api/v1/token/ HTTP/1.1\" 400 68.*$" --max_retry=5
|
||||||
|
|
||||||
#=================================================
|
|
||||||
# RELOAD NGINX
|
|
||||||
#=================================================
|
|
||||||
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
|
|
||||||
|
|
||||||
ynh_systemd_action --service_name=nginx --action=reload
|
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# END OF SCRIPT
|
# END OF SCRIPT
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
8
tests.toml
Normal file
8
tests.toml
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
test_format = 1.0
|
||||||
|
|
||||||
|
[default]
|
||||||
|
|
||||||
|
exclude = ["install.nourl"]
|
||||||
|
|
||||||
|
test_upgrade_from.7a50028.name = "Upgrade from 1.2.9"
|
||||||
|
test_upgrade_from.945e3d4.name = "Upgrade from 1.2.10~ynh1"
|
Loading…
Reference in a new issue