YunoHost-Apps/galene_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/galene_ynh.git synced 2024-09-03 18:36:31 +02:00
Code Issues Activity Actions

Testing (#107)

Browse source 
* Stop auto updating for now

* Update manifest.json

* Update ynh_install_go

* Update ynh_install_go

* Update ldap.src

* Add feature to readme

* Auto-update README

* 0.6.2

* Auto-update README

* cleaning

* Auto-update README

* Auto-update README

* Update systemd.service

* Upgrade auto-updater (#106)

* [autopatch] Upgrade auto-updater

* Auto-update README

---------

Co-authored-by: tituspijean <titus@pijean.ovh>

* Galene v2 (#104)

* v2

* Fix

* Auto-update README

* Fix

* fix

* Fix

* Fix

* Auto-update README

* Fix

* Auto-update README

* Fix

* Auto-update README

* Update tests.toml

* Fix

* Update manifest.toml

* Update manifest.toml

* Update tests.toml

* Update tests.toml

* Update tests.toml

* Update tests.toml

* Update tests.toml

* Update restore

* Update install

* Update upgrade

* Update manifest.toml

* Update ynh_install_go

* Update change_url

* Auto-update README

* Update change_url

* fix

* Update change_url

* Update change_url

* Update manifest.toml

* fix

* Update systemd.service

* Update systemd.service

* Update systemd.service

* Update systemd.service

* Update systemd.service

* Update upgrade

* Update upgrade

* Update install

* Update upgrade

* Update manifest.toml

---------

Co-authored-by: yunohost-bot <yunohost@yunohost.org>

* Update manifest.toml

* Auto-update README

* Update manifest.toml

* Fix

* Update DESCRIPTION.md

* Auto-update README

* Create POST_INSTALL.md

* Auto-update README

* fix

* Auto-update README

* Create POST_INSTALL_fr.md

* Fix

* Fix

* Update change_url

* Update manifest.toml

* Delete app.src

* fix

* Update manifest.toml

* cleaning

* Update manifest.toml

* Update manifest.toml

* Update manifest.toml

---------

Co-authored-by: yunohost-bot <yunohost@yunohost.org>
Co-authored-by: YunoHost Bot <yunohost-bot@users.noreply.github.com>
Co-authored-by: tituspijean <titus@pijean.ovh>
This commit is contained in:
Éric Gaspar 2023-03-10 07:59:41 +01:00 committed by GitHub
parent 38c77efd1e
commit 208b5947ce
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
26 changed files with 293 additions and 753 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
.github/workflows/updater.yml vendored
View file

@ -14,7 +14,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Fetch the source code
uses: actions/checkout@v2
uses: actions/checkout@v3
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Run the updater script
@ -33,7 +33,7 @@ jobs:
- name: Create Pull Request
id: cpr
if: ${{ env.PROCEED == 'true' }}
uses: peter-evans/create-pull-request@v3
uses: peter-evans/create-pull-request@v4
with:
token: ${{ secrets.GITHUB_TOKEN }}
commit-message: Update to version ${{ env.VERSION }}

60
README.md
View file

@ -5,7 +5,8 @@ It shall NOT be edited by hand.
# Galène for YunoHost
[![Integration level](https://dash.yunohost.org/integration/galene.svg)](https://dash.yunohost.org/appci/app/galene) ![Working status](https://ci-apps.yunohost.org/ci/badges/galene.status.svg) ![Maintenance status](https://ci-apps.yunohost.org/ci/badges/galene.maintain.svg)
[![Integration level](https://dash.yunohost.org/integration/galene.svg)](https://dash.yunohost.org/appci/app/galene) ![Working status](https://ci-apps.yunohost.org/ci/badges/galene.status.svg) ![Maintenance status](https://ci-apps.yunohost.org/ci/badges/galene.maintain.svg)
[![Install Galène with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=galene)
*[Lire ce readme en français.](./README_fr.md)*
@ -17,8 +18,6 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in
Galène is a videoconference server (an “SFU”) that is easy to deploy and that requires moderate server resources. It was originally designed for lectures and conferences (where a single speaker streams audio and video to hundreds or thousands of users), but later evolved to be useful for student practicals (where users are divided into many small groups), and meetings (where a dozen users interact with each other).
## Features
### Client features:
- multiparty audio and video
@ -30,7 +29,7 @@ Galène is a videoconference server (an “SFU”) that is easy to deploy and th
- LDAP support
**Shipped version:** 0.6.2~ynh1
**Shipped version:** 0.6.2~ynh2
**Demo:** https://galene.org:8443/
@ -38,59 +37,6 @@ Galène is a videoconference server (an “SFU”) that is easy to deploy and th
![Screenshot of Galène](./doc/screenshots/screenshot.png)
## Disclaimers / important information
### Accessing groups
*Galène* meeting rooms are called "groups". Any group is accessible at `https://domain.tld/group/GroupName`, by typing its name in the home page search field, or by selecting it in the public list (if the group is configured as publicly visible, see below).
During install a group is created with YunoHost LDAP authentication, accessible at `https://domain.tld/group/YunoHost_Users`.
#### Creating and configuring groups
Groups are defined by JSON files located in the folder `/home/yunohost.app/galene/groups`. Each group is represented by a `GroupName.json` file.
To create a new group, you need to create a `GroupNameExample.json` file and restart Galène service (you can also make subfolder groups, and the groups will be accessible with `https://domain.tld/group/subfolder/GroupName/`). Various configuration options are available (see https://github.com/YunoHost-Apps/galene_ynh/wiki/Configuration-file).
*NB: Spaces are supported in group file names.*
When Galène is removed, the data directory (`/home/yunohost.app/galene/`) is preserved. If you want to remove it along with Galène, use the `--purge` option: `sudo yunohost app remove galene --purge`.
### Configuring your TURN server
#### Using *Galène*'s internal TURN server
Galène comes with a built-in TURN server that should work out-of-the-box.
- If your server is behind NAT, allow incoming traffic to TCP/UDP port `1194` (or whatever is configured with the `-turn` option in `/etc/systemd/system/galene.service`)
#### Using your own TURN server
- Install [coturn_ynh](https://github.com/YunoHost-Apps/coturn_ynh).
- Add `/opt/yunohost/galene/data/ice-servers.json` with these lines and change `turn.example.org` and `secret`
```
[
{
"urls": [
"turn:turn.example.org:5349",
"turn:turn.example.org:5349?transport=tcp"
],
"username": "galene",
"credential": "secret"
}
]
```
- set `/etc/systemd/system/galene.service` `-turn` option to `-turn auto` (or `-turn ""` to disable the built-in TURN server).
To check if the TURN server is up and running, type `/relay-test` in the chat box. If the TURN server is properly configured, you should see a message saying that the relay test has been successful.
You can also install Galène with an external TURN server with this branch: https://github.com/YunoHost-Apps/galene_ynh/tree/galene+turn
### Server Statistics page
Statistics are available under `/opt/yunohost/galene/stats.json`, with a human-readable version at `domain.ltd/stats.html`. This is only available to the server administrator (the admin/password is set in the `config.json` file: `/opt/yunohost/galene/data/config.json`).
### How do I record my lecture?
Make sure allow-recording is set in your group configuration. Log-in as an operator, then say `/record` before you start your lecture. Don't forget to say `/unrecord` at the end. You will find your recordings under `https://server.example.com/recordings/groupname/`. The video recordings are stored in `/home/yunohost.app/galene/recordings` folder.
## Documentation and resources
* Official app website: <https://galene.org/>

75
README_fr.md
View file

@ -5,15 +5,16 @@ It shall NOT be edited by hand.
# Galène pour YunoHost
[![Niveau d'intégration](https://dash.yunohost.org/integration/galene.svg)](https://dash.yunohost.org/appci/app/galene) ![Statut du fonctionnement](https://ci-apps.yunohost.org/ci/badges/galene.status.svg) ![Statut de maintenance](https://ci-apps.yunohost.org/ci/badges/galene.maintain.svg)
[![Niveau dintégration](https://dash.yunohost.org/integration/galene.svg)](https://dash.yunohost.org/appci/app/galene) ![Statut du fonctionnement](https://ci-apps.yunohost.org/ci/badges/galene.status.svg) ![Statut de maintenance](https://ci-apps.yunohost.org/ci/badges/galene.maintain.svg)
[![Installer Galène avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=galene)
*[Read this readme in english.](./README.md)*
> *Ce package vous permet d'installer Galène rapidement et simplement sur un serveur YunoHost.
Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.*
> *Ce package vous permet dinstaller Galène rapidement et simplement sur un serveur YunoHost.
Si vous navez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment linstaller et en profiter.*
## Vue d'ensemble
## Vue densemble
Galène est un serveur de visioconférence (un « SFU ») facile à déployer et qui nécessite des ressources serveur modérées. Il a été conçu à l'origine pour les cours et les conférences (où un seul orateur diffuse de l'audio et de la vidéo à des centaines ou des milliers d'utilisateurs), mais a évolué par la suite pour être utile pour les travaux pratiques des étudiants (où les utilisateurs sont divisés en plusieurs petits groupes) et les réunions (où un douzaine d'utilisateurs interagissent entre eux).
@ -28,72 +29,20 @@ Galène est un serveur de visioconférence (un « SFU ») facile à déployer et
- prise en charge LDAP
**Version incluse :** 0.6.2~ynh1
**Version incluse :** 0.6.2~ynh2
**Démo :** https://galene.org:8443/
## Captures d'écran
## Captures décran
![Capture d'écran de Galène](./doc/screenshots/screenshot.png)
## Avertissements / informations importantes
### Accéder à des groupes
Les salles de réunion *Galène* sont appelées « groupes ». Tout groupe est accessible sur `https://domain.tld/group/GroupName`, en tapant son nom dans le champ de recherche de la page d'accueil, ou en le sélectionnant dans la liste publique (si le groupe est configuré comme visible publiquement, voir ci-dessous).
Pendant l'installation, un groupe est créé avec l'authentification LDAP de YunoHost, accessible à `https://domain.tld/group/YunoHost_Users`.
#### Ajouter et configurer des groupes
Les groupes sont définis par des fichiers JSON situés dans le dossier `/home/yunohost.app/galene/groups`. Chaque groupe est représenté par un fichier `GroupName.json`.
Pour créer un nouveau groupe, vous devez créer un fichier `GroupNameExample.json` et redémarrer le service Galène (vous pouvez également créer un sous-dossier, et les groupes seront accessibles avec` https://domain.tld/group/subfolder/GroupName/`). Différentes options de configurations sont disponibles (voir https://github.com/YunoHost-Apps/galene_ynh/wiki/Configuration-file).
*NB : Les espaces sont pris en charge dans les noms de fichiers de groupe.*
Lorsque Galène est supprimé, le répertoire de données (`/home/yunohost.app/galene/`) est conservé. Si vous souhaitez le supprimer avec Galène, utilisez l'option `--purge` : `sudo yunohost app remove galene --purge`.
### Configurer votre serveur TURN
#### Utilisation du serveur TURN de *Galène*
Galène est livré avec un serveur TURN intégré qui devrait fonctionner immédiatement.
- Si votre serveur est derrière NAT, autorisez le trafic entrant vers le port TCP/UDP `1194` (ou tout ce qui est configuré avec l'option `-turn` dans `/etc/systemd/system/galene.service`)
#### Utilisation de votre propre serveur TURN
- Installez [coturn_ynh](https://github.com/YunoHost-Apps/coturn_ynh).
- Ajoutez `/var/www/galene/data/ice-servers.json` avec ces lignes et changez `turn.example.org` et `secret`
```
[
{
"urls": [
"turn:turn.example.org:5349",
"turn:turn.example.org:5349?transport=tcp"
],
"username": "galene",
"credential": "secret"
}
]
```
- Dans `/etc/systemd/system/galene.service` changer l'option `-turn auto` (ou `-turn ""` pour désactiver le serveur TURN intégré).
Pour vérifier si le serveur TURN est opérationnel, tapez `/relay-test` dans la boîte de dialogue du chat de *Galène* ; si le serveur TURN est correctement configuré, vous devriez voir un message indiquant que le test du relai a réussi.
Vous pouvez également installer *Galène* avec un serveur TURN externe avec cette branch : https://github.com/YunoHost-Apps/galene_ynh/tree/galene+turn
### Statistiques du serveur
Les statistiques sont disponibles sous `/opt/yunohost/galene/stats.json`, avec une version lisible sur `domain.ltd/stats.html`. Cette page n'est disponible que pour l'administrateur du serveur (le mot de passe et l'administrateur sont définis dans le fichier `config.json` : `/opt/yunohost/galene/data/config.json`).
### Comment enregistrer ma conférence ?
Assurez-vous que l'autorisation d'enregistrement est définie dans la configuration de votre groupe. Connectez-vous en tant qu'opérateur, puis dites `/record` dans la fenêtre de chat avant de commencer la visio. N'oubliez pas de dire `/unrecord` à la fin. Vous trouverez vos enregistrements sous `https://server.example.com/recordings/groupname/`. Les enregistrements vidéo sont stockés dans le dossier `/home/yunohost.app/galene/recordings`.
![Capture décran de Galène](./doc/screenshots/screenshot.png)
## Documentations et ressources
* Site officiel de l'app : <https://galene.org/>
* Site officiel de lapp : <https://galene.org/>
* Documentation officielle utilisateur : <https://galene.org/faq.html>
* Documentation officielle de l'admin : <https://galene.org/>
* Dépôt de code officiel de l'app : <https://github.com/jech/galene>
* Documentation officielle de ladmin : <https://galene.org/>
* Dépôt de code officiel de lapp : <https://github.com/jech/galene>
* Documentation YunoHost pour cette app : <https://yunohost.org/app_galene>
* Signaler un bug : <https://github.com/YunoHost-Apps/galene_ynh/issues>
@ -109,4 +58,4 @@ ou
sudo yunohost app upgrade galene -u https://github.com/YunoHost-Apps/galene_ynh/tree/testing --debug
```
**Plus d'infos sur le packaging d'applications :** <https://yunohost.org/packaging_apps>
**Plus dinfos sur le packaging dapplications :** <https://yunohost.org/packaging_apps>

30
check_process
View file

@ -1,30 +0,0 @@
;; Test complet
; Manifest
domain="domain.tld"
path="/path"
is_public=1
admin="john"
password="password"
group_name="public with space"
group_description="My public space"
; Checks
pkg_linter=1
setup_sub_dir=0
setup_root=1
setup_nourl=0
setup_private=1
setup_public=1
upgrade=1
# 0.6.1~ynh2
upgrade=1 from_commit=ed1506fa3eb56358fecb06d832c9684acbf682d9
backup_restore=1
multi_instance=0
port_already_use=0
change_url=1
;;; Options
Email=
Notification=none
;;; Upgrade options
; commit=ed1506fa3eb56358fecb06d832c9684acbf682d9
name=0.6.1~ynh2
manifest_arg=domain=DOMAIN&path=PATH&admin=USER&language=fr&is_public=1&password=pass&port=666&

7
conf/app.src
View file

@ -1,7 +0,0 @@
SOURCE_URL=https://github.com/jech/galene/archive/refs/tags/galene-0.6.2.tar.gz
SOURCE_SUM=7caedc1b2cb8cfeee0136e02c006d13d7b2b3cb9908685654c8cec020265428d
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=
SOURCE_EXTRACT=true

2
conf/galene-ldap.json
View file

@ -1,5 +1,5 @@
{
"httpAddress": "127.0.0.1:__LDAP_PORT__",
"httpAddress": "127.0.0.1:__PORT_LDAP__",
"ldapServer": "ldap://localhost:389",
"ldapBase": "ou=users,dc=yunohost,dc=org",
"key": __KEY__,

4
conf/ldap.service
View file

@ -7,8 +7,8 @@ After=network.target
Type=simple
User=__APP__
Group=__APP__
WorkingDirectory=__FINALPATH__/live_ldap/
ExecStart=__FINALPATH__/live_ldap/galene-ldap -data __FINALPATH__/live_ldap/data/
WorkingDirectory=__INSTALL_DIR__/live_ldap/
ExecStart=__INSTALL_DIR__/live_ldap/galene-ldap -data __INSTALL_DIR__/live_ldap/data/
LimitNOFILE=65536
[Install]

7
conf/ldap.src
View file

@ -1,7 +0,0 @@
SOURCE_URL=https://github.com/jech/galene-ldap/archive/33b8a930372388b2b8b506d2564516fb3eaf895a.tar.gz
SOURCE_SUM=00247712e4e7944fed42026f056f48eb59a95cf476c3ff1cb6e24c54469ce070
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=
SOURCE_EXTRACT=true

2
conf/nginx.conf
View file

@ -1,6 +1,6 @@
location /auth/ {
proxy_pass http://127.0.0.1:__LDAP_PORT__/;
proxy_pass http://127.0.0.1:__PORT_LDAP__/;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;

38
conf/systemd.service
View file

@ -7,9 +7,43 @@ After=network.target
Type=simple
User=__APP__
Group=__APP__
WorkingDirectory=__FINALPATH__/live/
ExecStart=__FINALPATH__/live/galene -http "127.0.0.1:__PORT__" -insecure -turn __PUBLIC_IP4__:__TURN_PORT__ -udp-range 49152-65535 -groups __DATADIR__/groups -recordings __DATADIR__/recordings -data __FINALPATH__/live/data/
WorkingDirectory=__INSTALL_DIR__/live/
ExecStart=__INSTALL_DIR__/live/galene -http "127.0.0.1:__PORT__" -insecure -turn __PUBLIC_IP4__:__PORT_TURN__ -udp-range 49152-65535 -groups __DATA_DIR__/groups -recordings __DATA_DIR__/recordings -data __INSTALL_DIR__/live/data/
LimitNOFILE=65536
# Sandboxing options to harden security
# Depending on specificities of your service/app, you may need to tweak these
# .. but this should be a good baseline
# Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html
NoNewPrivileges=yes
PrivateTmp=yes
PrivateDevices=yes
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 AF_NETLINK
RestrictNamespaces=yes
RestrictRealtime=yes
DevicePolicy=closed
ProtectClock=yes
ProtectHostname=yes
ProtectProc=invisible
ProtectSystem=full
ProtectControlGroups=yes
ProtectKernelModules=yes
ProtectKernelTunables=yes
LockPersonality=yes
SystemCallArchitectures=native
SystemCallFilter=~@clock @debug @module @mount @obsolete @reboot @setuid @swap @cpu-emulation @privileged
# Denying access to capabilities that should not be relevant for webapps
# Doc: https://man7.org/linux/man-pages/man7/capabilities.7.html
CapabilityBoundingSet=~CAP_RAWIO CAP_MKNOD
CapabilityBoundingSet=~CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE
CapabilityBoundingSet=~CAP_SYS_BOOT CAP_SYS_TIME CAP_SYS_MODULE CAP_SYS_PACCT
CapabilityBoundingSet=~CAP_LEASE CAP_LINUX_IMMUTABLE CAP_IPC_LOCK
CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_WAKE_ALARM
CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG
CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE
CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW
CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG
[Install]
WantedBy=multi-user.target

15
doc/DISCLAIMER.md → doc/ADMIN.md
View file

@ -1,16 +1,16 @@
### Accessing groups
*Galène* meeting rooms are called "groups". Any group is accessible at `https://domain.tld/group/GroupName`, by typing its name in the home page search field, or by selecting it in the public list (if the group is configured as publicly visible, see below).
During install a group is created with YunoHost LDAP authentication, accessible at `https://domain.tld/group/YunoHost_Users`.
*Galène* meeting rooms are called "groups". Any group is accessible at `https://__DOMAIN__/group/GroupName`, by typing its name in the home page search field, or by selecting it in the public list (if the group is configured as publicly visible, see below).
During install a group is created with YunoHost LDAP authentication, accessible at `https://__DOMAIN__/group/YunoHost_Users`.
#### Creating and configuring groups
Groups are defined by JSON files located in the folder `/home/yunohost.app/galene/groups`. Each group is represented by a `GroupName.json` file.
To create a new group, you need to create a `GroupNameExample.json` file and restart Galène service (you can also make subfolder groups, and the groups will be accessible with `https://domain.tld/group/subfolder/GroupName/`). Various configuration options are available (see https://github.com/YunoHost-Apps/galene_ynh/wiki/Configuration-file).
Groups are defined by JSON files located in the folder `__DATA_DIR__/groups`. Each group is represented by a `GroupName.json` file.
To create a new group, you need to create a `GroupNameExample.json` file and restart Galène service (you can also make subfolder groups, and the groups will be accessible with `https://__DOMAIN__/group/subfolder/GroupName/`). Various configuration options are available (see https://github.com/YunoHost-Apps/galene_ynh/wiki/Configuration-file).
*NB: Spaces are supported in group file names.*
When Galène is removed, the data directory (`/home/yunohost.app/galene/`) is preserved. If you want to remove it along with Galène, use the `--purge` option: `sudo yunohost app remove galene --purge`.
When Galène is removed, the data directory (`__DATA_DIR__`) is preserved. If you want to remove it along with Galène app, use the `--purge` option: `sudo yunohost app remove galene --purge`.
### Configuring your TURN server
@ -38,13 +38,10 @@ Galène comes with a built-in TURN server that should work out-of-the-box.
To check if the TURN server is up and running, type `/relay-test` in the chat box. If the TURN server is properly configured, you should see a message saying that the relay test has been successful.
You can also install Galène with an external TURN server with this branch: https://github.com/YunoHost-Apps/galene_ynh/tree/galene+turn
### Server Statistics page
Statistics are available under `/opt/yunohost/galene/stats.json`, with a human-readable version at `domain.ltd/stats.html`. This is only available to the server administrator (the admin/password is set in the `config.json` file: `/opt/yunohost/galene/data/config.json`).
### How do I record my lecture?
Make sure allow-recording is set in your group configuration. Log-in as an operator, then say `/record` before you start your lecture. Don't forget to say `/unrecord` at the end. You will find your recordings under `https://server.example.com/recordings/groupname/`. The video recordings are stored in `/home/yunohost.app/galene/recordings` folder.
Make sure allow-recording is set in your group configuration. Log-in as an operator, then say `/record` before you start your lecture. Don't forget to say `/unrecord` at the end. You will find your recordings under `https://__DOMAIN__/recordings/groupname/`. The video recordings are stored in `__DATA_DIR__/recordings` folder.

14
doc/DISCLAIMER_fr.md → doc/ADMIN_fr.md
View file

@ -1,16 +1,16 @@
### Accéder à des groupes
Les salles de réunion *Galène* sont appelées « groupes ». Tout groupe est accessible sur `https://domain.tld/group/GroupName`, en tapant son nom dans le champ de recherche de la page d'accueil, ou en le sélectionnant dans la liste publique (si le groupe est configuré comme visible publiquement, voir ci-dessous).
Pendant l'installation, un groupe est créé avec l'authentification LDAP de YunoHost, accessible à `https://domain.tld/group/YunoHost_Users`.
Les salles de réunion *Galène* sont appelées « groupes ». Tout groupe est accessible sur `https://__DOMAIN__/group/GroupName`, en tapant son nom dans le champ de recherche de la page d'accueil, ou en le sélectionnant dans la liste publique (si le groupe est configuré comme visible publiquement, voir ci-dessous).
Pendant l'installation, un groupe est créé avec l'authentification LDAP de YunoHost, accessible à `https://__DOMAIN__/group/YunoHost_Users`.
#### Ajouter et configurer des groupes
Les groupes sont définis par des fichiers JSON situés dans le dossier `/home/yunohost.app/galene/groups`. Chaque groupe est représenté par un fichier `GroupName.json`.
Pour créer un nouveau groupe, vous devez créer un fichier `GroupNameExample.json` et redémarrer le service Galène (vous pouvez également créer un sous-dossier, et les groupes seront accessibles avec` https://domain.tld/group/subfolder/GroupName/`). Différentes options de configurations sont disponibles (voir https://github.com/YunoHost-Apps/galene_ynh/wiki/Configuration-file).
Les groupes sont définis par des fichiers JSON situés dans le dossier `__DATA_DIR__/groups`. Chaque groupe est représenté par un fichier `GroupName.json`.
Pour créer un nouveau groupe, vous devez créer un fichier `GroupNameExample.json` et redémarrer le service Galène (vous pouvez également créer un sous-dossier, et les groupes seront accessibles avec` https://__DOMAIN__/group/subfolder/GroupName/`). Différentes options de configurations sont disponibles (voir https://github.com/YunoHost-Apps/galene_ynh/wiki/Configuration-file).
*NB : Les espaces sont pris en charge dans les noms de fichiers de groupe.*
Lorsque Galène est supprimé, le répertoire de données (`/home/yunohost.app/galene/`) est conservé. Si vous souhaitez le supprimer avec Galène, utilisez l'option `--purge` : `sudo yunohost app remove galene --purge`.
Lorsque Galène est supprimé, le répertoire de données (`__DATA_DIR__`) est conservé. Si vous souhaitez le supprimer avec l'application Galène, utilisez l'option `--purge` : `sudo yunohost app remove galene --purge`.
### Configurer votre serveur TURN
@ -38,12 +38,10 @@ Galène est livré avec un serveur TURN intégré qui devrait fonctionner imméd
Pour vérifier si le serveur TURN est opérationnel, tapez `/relay-test` dans la boîte de dialogue du chat de *Galène* ; si le serveur TURN est correctement configuré, vous devriez voir un message indiquant que le test du relai a réussi.
Vous pouvez également installer *Galène* avec un serveur TURN externe avec cette branch : https://github.com/YunoHost-Apps/galene_ynh/tree/galene+turn
### Statistiques du serveur
Les statistiques sont disponibles sous `/opt/yunohost/galene/stats.json`, avec une version lisible sur `domain.ltd/stats.html`. Cette page n'est disponible que pour l'administrateur du serveur (le mot de passe et l'administrateur sont définis dans le fichier `config.json` : `/opt/yunohost/galene/data/config.json`).
### Comment enregistrer ma conférence ?
Assurez-vous que l'autorisation d'enregistrement est définie dans la configuration de votre groupe. Connectez-vous en tant qu'opérateur, puis dites `/record` dans la fenêtre de chat avant de commencer la visio. N'oubliez pas de dire `/unrecord` à la fin. Vous trouverez vos enregistrements sous `https://server.example.com/recordings/groupname/`. Les enregistrements vidéo sont stockés dans le dossier `/home/yunohost.app/galene/recordings`.
Assurez-vous que l'autorisation d'enregistrement est définie dans la configuration de votre groupe. Connectez-vous en tant qu'opérateur, puis dites `/record` dans la fenêtre de chat avant de commencer la visio. N'oubliez pas de dire `/unrecord` à la fin. Vous trouverez vos enregistrements sous `https://__DOMAIN__/recordings/groupname/`. Les enregistrements vidéo sont stockés dans le dossier `__DATA_DIR__/recordings`.

2
doc/DESCRIPTION.md
View file

@ -1,7 +1,5 @@
Galène is a videoconference server (an “SFU”) that is easy to deploy and that requires moderate server resources. It was originally designed for lectures and conferences (where a single speaker streams audio and video to hundreds or thousands of users), but later evolved to be useful for student practicals (where users are divided into many small groups), and meetings (where a dozen users interact with each other).
## Features
### Client features:
- multiparty audio and video

2
doc/POST_INSTALL.md Normal file
View file

@ -0,0 +1,2 @@
Galène comes with a built-in TURN server that should work out-of-the-box.
- If your server is behind NAT, allow incoming traffic to TCP/UDP port `1194` (or whatever is configured with the `-turn` option in `/etc/systemd/system/galene.service`)

2
doc/POST_INSTALL_fr.md Normal file
View file

@ -0,0 +1,2 @@
Galène est livré avec un serveur TURN intégré qui devrait fonctionner immédiatement.
- Si votre serveur est derrière NAT, autorisez le trafic entrant vers le port TCP/UDP `1194` (ou tout ce qui est configuré avec l'option `-turn` dans `/etc/systemd/system/galene.service`)

83
manifest.json
View file

@ -1,83 +0,0 @@
{
"name": "Galène",
"id": "galene",
"packaging_format": 1,
"description": {
"en": "Videoconferencing server that is easy to deploy",
"fr": "Serveur de visioconférence facile à déployer"
},
"version": "0.6.2~ynh1",
"url": "https://galene.org/",
"upstream": {
"license": "MIT",
"website": "https://galene.org/",
"demo": "https://galene.org:8443/",
"admindoc": "https://galene.org/",
"userdoc": "https://galene.org/faq.html",
"code": "https://github.com/jech/galene"
},
"license": "MIT",
"maintainer": {
"name": "eric_G",
"email": ""
},
"requirements": {
"yunohost": ">= 11.0.9"
},
"multi_instance": false,
"services": [
"nginx"
],
"arguments": {
"install": [
{
"name": "domain",
"type": "domain"
},
{
"name": "is_public",
"type": "boolean",
"help": {
"en": "If enabled, Galène will be accessible by people who do not have an account. This can be changed later via the webadmin.",
"fr": "Si cette case est cochée, Galène sera accessible aux personnes nayant pas de compte. Vous pourrez changer ceci plus tard via la webadmin."
},
"default": true
},
{
"name": "admin",
"type": "user"
},
{
"name": "password",
"type": "password",
"help": {
"en": "Set the administrator password (between 8 and 30 characters)",
"fr": "Définissez le mot de passe administrateur (entre 8 et 30 caractères)"
}
},
{
"name": "group_name",
"type": "string",
"ask": {
"en": "Choose a name for the group you want to create",
"fr": "Choisissez un nom pour le groupe que vous voulez créer"
},
"default": "public",
"example": "public"
},
{
"name": "group_description",
"type": "string",
"optional": true,
"ask": {
"en": "Choose a description for the group you want to create",
"fr": "Décrivez le groupe que vous souhaitez créer"
},
"help": {
"en": "Add a human-readable description of the group; this is displayed on the landing page for public groups.",
"fr": "Ajoutez une description du groupe; ceci est affiché sur la page de destination des groupes publics."
}
}
]
}
}

90
manifest.toml Normal file
View file

@ -0,0 +1,90 @@
packaging_format = 2
id = "galene"
name = "Galène"
description.en = "Videoconferencing server that is easy to deploy"
description.fr = "Serveur de visioconférence facile à déployer"
version = "0.6.2~ynh2"
maintainers = ["eric_G"]
[upstream]
license = "MIT"
website = "https://galene.org/"
demo = "https://galene.org:8443/"
admindoc = "https://galene.org/"
userdoc = "https://galene.org/faq.html"
code = "https://github.com/jech/galene"
[integration]
yunohost = ">= 11.1.14"
architectures = "all"
multi_instance = false
ldap = true
sso = "not_relevant"
disk = "50M"
ram.build = "400M"
ram.runtime = "50M"
[install]
[install.domain]
type = "domain"
full_domain = true
[install.init_main_permission]
help.en = "If Visitors enabled, Galène will be accessible by people who do not have an account. This can be changed later via the webadmin."
help.fr = "Si la permission Visiteurs est cochée, Galène sera accessible aux personnes nayant pas de compte. Vous pourrez changer ceci plus tard via la webadmin."
type = "group"
default = "visitors"
[install.admin]
type = "user"
[install.password]
help.en = "Set the administrator password (between 8 and 30 characters)"
help.fr = "Définissez le mot de passe administrateur (entre 8 et 30 caractères)"
type = "password"
[install.group_name]
ask.en = "Choose a name for the group you want to create"
ask.fr = "Choisissez un nom pour le groupe que vous voulez créer"
type = "string"
default = "public"
example = "public"
[install.group_description]
ask.en = "Choose a description for the group you want to create"
ask.fr = "Décrivez le groupe que vous souhaitez créer"
help.en = "Add a human-readable description of the group; this is displayed on the landing page for public groups."
help.fr = "Ajoutez une description du groupe; ceci est affiché sur la page de destination des groupes publics."
type = "string"
optional = true
[resources]
[resources.system_user]
[resources.install_dir]
[resources.data_dir]
[resources.permissions]
main.url = "/"
[resources.ports]
main.default = 8095
ldap.default = 8096
turn.default = 1194
turn.exposed = "Both"
[resources.apt]
packages = "jose"
[resources.sources]
[resources.sources.main]
url = "https://github.com/jech/galene/archive/refs/tags/galene-0.6.2.tar.gz"
sha256 = "7caedc1b2cb8cfeee0136e02c006d13d7b2b3cb9908685654c8cec020265428d"
[resources.sources.ldap]
url = "https://github.com/jech/galene-ldap/archive/33b8a930372388b2b8b506d2564516fb3eaf895a.tar.gz"
sha256 = "00247712e4e7944fed42026f056f48eb59a95cf476c3ff1cb6e24c54469ce070"

3
scripts/_common.sh
View file

@ -6,9 +6,6 @@
go_version=1.19
# dependencies used by the app (must be on a single line)
pkg_dependencies="jose"
#=================================================
# PERSONAL HELPERS
#=================================================

25
scripts/backup
View file

@ -10,27 +10,6 @@
source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
ynh_clean_setup () {
true
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
ynh_print_info --message="Loading installation settings..."
app=$YNH_APP_INSTANCE_NAME
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
domain=$(ynh_app_setting_get --app=$app --key=domain)
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
#=================================================
# DECLARE DATA AND CONF FILES TO BACKUP
#=================================================
@ -40,13 +19,13 @@ ynh_print_info --message="Declaring files to be backed up..."
# BACKUP THE APP MAIN DIR
#=================================================
ynh_backup --src_path="$final_path"
ynh_backup --src_path="$install_dir"
#=================================================
# BACKUP THE DATA DIR
#=================================================
ynh_backup --src_path="$datadir" --is_big
ynh_backup --src_path="$data_dir" --is_big
#=================================================
# BACKUP THE NGINX CONFIGURATION

108
scripts/change_url
View file

@ -9,67 +9,16 @@
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# RETRIEVE ARGUMENTS
#=================================================
old_domain=$YNH_APP_OLD_DOMAIN
old_path=$YNH_APP_OLD_PATH
new_domain=$YNH_APP_NEW_DOMAIN
new_path="/"
app=$YNH_APP_INSTANCE_NAME
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..." --weight=1
# Needed for helper "ynh_add_nginx_config"
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
# Add settings here as needed by your application
admin=$(ynh_app_setting_get --app=$app --key=admin)
password=$(ynh_app_setting_get --app=$app --key=password)
group_name=$(ynh_app_setting_get --app=$app --key=group_name)
port=$(ynh_app_setting_get --app=$app --key=port)
ldap_port=$(ynh_app_setting_get --app=$app --key=ldap_port)
port_ldap=$(ynh_app_setting_get --app=$app --key=ldap_port)
key=$(ynh_app_setting_get --app=$app --key=key)
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
#=================================================
# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP
#=================================================
ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=1
# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
# Remove the new domain config file, the remove script won't do it as it doesn't know yet its location.
ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
# Restore it if the upgrade fails
ynh_restore_upgradebackup
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# CHECK WHICH PARTS SHOULD BE CHANGED
#=================================================
change_domain=0
if [ "$old_domain" != "$new_domain" ]
then
change_domain=1
fi
change_path=0
if [ "$old_path" != "$new_path" ]
then
change_path=1
fi
#=================================================
# STANDARD MODIFICATIONS
@ -86,29 +35,7 @@ ynh_systemd_action --service_name=${app}_ldap --action="stop" --log_path="system
#=================================================
ynh_script_progression --message="Updating NGINX web server configuration..." --weight=2
nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
# Change the path in the NGINX config file
if [ $change_path -eq 1 ]
then
# Make a backup of the original NGINX config file if modified
ynh_backup_if_checksum_is_different --file="$nginx_conf_path"
# Set global variables for NGINX helper
domain="$old_domain"
path_url="$new_path"
# Create a dedicated NGINX config
ynh_add_nginx_config
fi
# Change the domain for NGINX
if [ $change_domain -eq 1 ]
then
# Delete file checksum for the old conf file location
ynh_delete_file_checksum --file="$nginx_conf_path"
mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf
# Store file checksum for the new config file location
ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
fi
ynh_change_url_nginx_config
#=================================================
# SPECIFIC MODIFICATIONS
@ -119,24 +46,24 @@ ynh_script_progression --message="Updating a configuration file..." --weight=2
domain="$new_domain"
# Configure Galene
ynh_add_config --template="../conf/config.json" --destination="$final_path/live/data/config.json"
chmod 400 "$final_path/live/data/config.json"
chown $app:$app "$final_path/live/data/config.json"
ynh_add_config --template="../conf/config.json" --destination="$install_dir/live/data/config.json"
chmod 400 "$install_dir/live/data/config.json"
chown $app:$app "$install_dir/live/data/config.json"
# Configure Galene LDAP
ynh_add_config --template="../conf/galene-ldap.json" --destination="$final_path/live_ldap/data/galene-ldap.json"
chmod 400 "$final_path/live_ldap/data/galene-ldap.json"
chown $app:$app "$final_path/live_ldap/data/galene-ldap.json"
ynh_add_config --template="../conf/galene-ldap.json" --destination="$install_dir/live_ldap/data/galene-ldap.json"
chmod 400 "$install_dir/live_ldap/data/galene-ldap.json"
chown $app:$app "$install_dir/live_ldap/data/galene-ldap.json"
# Create a group name config
ynh_add_config --template="../conf/groupname.json" --destination="$datadir/groups/$group_name.json"
chmod 400 "$datadir/groups/$group_name.json"
chown $app:$app "$datadir/groups/$group_name.json"
ynh_add_config --template="../conf/groupname.json" --destination="$data_dir/groups/$group_name.json"
chmod 400 "$data_dir/groups/$group_name.json"
chown $app:$app "$data_dir/groups/$group_name.json"
# Create a group name authenticated on LDAP
ynh_add_config --template="../conf/groupname-ldap.json" --destination="$datadir/groups/YunoHost_Users.json"
chmod 400 "$datadir/groups/YunoHost_Users.json"
chown $app:$app "$datadir/groups/YunoHost_Users.json"
ynh_add_config --template="../conf/groupname-ldap.json" --destination="$data_dir/groups/YunoHost_Users.json"
chmod 400 "$data_dir/groups/YunoHost_Users.json"
chown $app:$app "$data_dir/groups/YunoHost_Users.json"
#=================================================
# GENERIC FINALISATION
@ -149,13 +76,6 @@ ynh_script_progression --message="Starting a systemd service..." --weight=3
ynh_systemd_action --service_name=$app --action="start" --log_path="systemd"
ynh_systemd_action --service_name=${app}_ldap --action="start" --log_path="systemd"
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=1
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================

159
scripts/install
View file

@ -10,111 +10,49 @@ source _common.sh
source ynh_install_go
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
ynh_clean_setup () {
true
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================
domain=$YNH_APP_ARG_DOMAIN
path_url="/"
is_public=$YNH_APP_ARG_IS_PUBLIC
admin=$YNH_APP_ARG_ADMIN
password=$YNH_APP_ARG_PASSWORD
group_name=$YNH_APP_ARG_GROUP_NAME
group_description=$YNH_APP_ARG_GROUP_DESCRIPTION
app=$YNH_APP_INSTANCE_NAME
#=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#=================================================
ynh_script_progression --message="Validating installation parameters..." --weight=1
final_path=/var/www/$app
test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
# Register (book) web path
ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
password=$YNH_APP_ARG_PASSWORD
#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
ynh_script_progression --message="Storing installation settings..." --weight=4
ynh_app_setting_set --app=$app --key=domain --value=$domain
ynh_app_setting_set --app=$app --key=path --value=$path_url
ynh_app_setting_set --app=$app --key=admin --value=$admin
ynh_app_setting_set --app=$app --key=password --value="$password"
ynh_app_setting_set --app=$app --key=group_name --value="$group_name"
ynh_app_setting_set --app=$app --key=group_description --value="$group_description"
ynh_app_setting_set --app=$app --key=password --value="$password"
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# FIND AND OPEN A PORT
#=================================================
ynh_script_progression --message="Finding an available port..." --weight=3
# Find an available port
port=$(ynh_find_port --port=8095)
ynh_app_setting_set --app=$app --key=port --value=$port
ldap_port=$(ynh_find_port --port=$(($port + 1)))
ynh_app_setting_set --app=$app --key=port --value=$ldap_port
# Find an available port for TURN
turn_port=$(ynh_find_port --port=1194)
ynh_app_setting_set --app=$app --key=turn_port --value=$turn_port
# Open TURN port
ynh_script_progression --message="Configuring firewall..." --weight=1
ynh_exec_warn_less yunohost firewall allow Both $turn_port
# Reserve UDP Port range 49152:65535
ynh_exec_warn_less yunohost firewall allow UDP -4 49152:65535
#=================================================
# INSTALL DEPENDENCIES
#=================================================
ynh_script_progression --message="Installing dependencies..." --weight=1
ynh_install_app_dependencies $pkg_dependencies
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Configuring system user..." --weight=3
# Create a system user
ynh_system_user_create --username=$app --home_dir="$final_path"
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression --message="Setting up source files..." --weight=1
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$final_path/build"
ynh_setup_source --dest_dir="$final_path/build_ldap" --source_id="ldap"
ynh_setup_source --dest_dir="$install_dir/build"
ynh_setup_source --dest_dir="$install_dir/build_ldap" --source_id="ldap"
mkdir -p "$final_path/live/data"
mkdir -p "$final_path/live_ldap/data"
cp -r "$final_path/build/static/" "$final_path/live/"
ynh_replace_string --match_string="<div class=\"galene-header\">Galène</div>" --replace_string="<div class=\"galene-header\" onclick=\"location.href=window.location.origin\" style=\"cursor:pointer\">Galène</div>" --target_file="$final_path/live/static/galene.html"
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path"
mkdir -p "$install_dir/live/data"
mkdir -p "$install_dir/live_ldap/data"
cp -r "$install_dir/build/static/" "$install_dir/live/"
ynh_replace_string --match_string="<div class=\"galene-header\">Galène</div>" --replace_string="<div class=\"galene-header\" onclick=\"location.href=window.location.origin\" style=\"cursor:pointer\">Galène</div>" --target_file="$install_dir/live/static/galene.html"
chmod -R o-rwx "$install_dir"
chown -R $app:www-data "$install_dir"
#=================================================
# NGINX CONFIGURATION
@ -133,32 +71,29 @@ ynh_script_progression --message="Building app..." --weight=1
ynh_exec_warn_less ynh_install_go --go_version=$go_version
ynh_use_go
pushd $final_path/build/
ynh_exec_warn_less ynh_exec_as $app CGO_ENABLED=0 $ynh_go build -ldflags='-s -w' -o $final_path/live/
pushd $install_dir/build/
ynh_exec_warn_less ynh_exec_as $app CGO_ENABLED=0 $ynh_go build -ldflags='-s -w' -o $install_dir/live/
popd
pushd $final_path/build_ldap/
ynh_exec_warn_less ynh_exec_as $app CGO_ENABLED=0 $ynh_go build -ldflags='-s -w' -o $final_path/live_ldap/
pushd $install_dir/build_ldap/
ynh_exec_warn_less ynh_exec_as $app CGO_ENABLED=0 $ynh_go build -ldflags='-s -w' -o $install_dir/live_ldap/
popd
ynh_remove_go
ynh_secure_remove --file="$final_path/build/"
ynh_secure_remove --file="$final_path/build_ldap/"
ynh_secure_remove --file="$final_path/.cache/"
ynh_secure_remove --file="$final_path/go/"
ynh_secure_remove --file="$final_path/.go-version"
ynh_secure_remove --file="$install_dir/build/"
ynh_secure_remove --file="$install_dir/build_ldap/"
ynh_secure_remove --file="$install_dir/.cache/"
ynh_secure_remove --file="$install_dir/go/"
ynh_secure_remove --file="$install_dir/.go-version"
#=================================================
# CREATE DATA DIRECTORY
#=================================================
ynh_script_progression --message="Creating a data directory..." --weight=1
datadir=/home/yunohost.app/$app
ynh_app_setting_set --app=$app --key=datadir --value=$datadir
mkdir -p $data_dir/{groups,recordings}
mkdir -p $datadir/{groups,recordings}
chmod 750 "$datadir"
chmod -R o-rwx "$datadir"
chown -R $app:www-data "$datadir"
chmod 750 "$data_dir"
chmod -R o-rwx "$data_dir"
chown -R $app:www-data "$data_dir"
#=================================================
# ADD A CONFIGURATION
@ -166,26 +101,26 @@ chown -R $app:www-data "$datadir"
ynh_script_progression --message="Adding a configuration file..." --weight=1
# Configure Galène
ynh_add_config --template="../conf/config.json" --destination="$final_path/live/data/config.json"
chmod 400 "$final_path/live/data/config.json"
chown $app:$app "$final_path/live/data/config.json"
ynh_add_config --template="../conf/config.json" --destination="$install_dir/live/data/config.json"
chmod 400 "$install_dir/live/data/config.json"
chown $app:$app "$install_dir/live/data/config.json"
# Configure Galène LDAP
key=$(jose jwk gen -i '{"kty":"oct","alg":"HS256"}')
ynh_app_setting_set --app=$app --key=key --value="$key"
ynh_add_config --template="../conf/galene-ldap.json" --destination="$final_path/live_ldap/data/galene-ldap.json"
chmod 400 "$final_path/live_ldap/data/galene-ldap.json"
chown $app:$app "$final_path/live_ldap/data/galene-ldap.json"
ynh_add_config --template="../conf/galene-ldap.json" --destination="$install_dir/live_ldap/data/galene-ldap.json"
chmod 400 "$install_dir/live_ldap/data/galene-ldap.json"
chown $app:$app "$install_dir/live_ldap/data/galene-ldap.json"
# Create a group name config
ynh_add_config --template="../conf/groupname.json" --destination="$datadir/groups/$group_name.json"
chmod 400 "$datadir/groups/$group_name.json"
chown $app:$app "$datadir/groups/$group_name.json"
ynh_add_config --template="../conf/groupname.json" --destination="$data_dir/groups/$group_name.json"
chmod 400 "$data_dir/groups/$group_name.json"
chown $app:$app "$data_dir/groups/$group_name.json"
# Create a group name authenticated on LDAP
ynh_add_config --template="../conf/groupname-ldap.json" --destination="$datadir/groups/YunoHost_Users.json"
chmod 400 "$datadir/groups/YunoHost_Users.json"
chown $app:$app "$datadir/groups/YunoHost_Users.json"
ynh_add_config --template="../conf/groupname-ldap.json" --destination="$data_dir/groups/YunoHost_Users.json"
chmod 400 "$data_dir/groups/YunoHost_Users.json"
chown $app:$app "$data_dir/groups/YunoHost_Users.json"
#=================================================
# SETUP SYSTEMD
@ -205,7 +140,7 @@ ynh_add_systemd_config --service=${app}_ldap --template="ldap.service"
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --weight=2
yunohost service add $app --description="Videoconferencing server" --needs_exposed_ports="$turn_port"
yunohost service add $app --description="Videoconferencing server" --needs_exposed_ports="$port_turn"
yunohost service add ${app}_ldap --description="LDAP integration for the videoconferencing server"
#=================================================
@ -217,26 +152,6 @@ ynh_script_progression --message="Starting a systemd service..." --weight=1
ynh_systemd_action --service_name=$app --action="start" --log_path="systemd"
ynh_systemd_action --service_name=${app}_ldap --action="start" --log_path="systemd"
#=================================================
# SETUP SSOWAT
#=================================================
ynh_script_progression --message="Configuring permissions..." --weight=2
# Make app public if necessary
if [ $is_public -eq 1 ]
then
# Everyone can access the app.
# The "main" permission is automatically created before the install script.
ynh_permission_update --permission="main" --add="visitors"
fi
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=2
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================

57
scripts/remove
View file

@ -9,18 +9,6 @@
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..." --weight=1
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
turn_port=$(ynh_app_setting_get --app=$app --key=turn_port)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
#=================================================
# STANDARD REMOVE
#=================================================
@ -49,25 +37,6 @@ ynh_script_progression --message="Stopping and removing the systemd service..."
ynh_remove_systemd_config
ynh_remove_systemd_config --service=${app}_ldap
#=================================================
# REMOVE APP MAIN DIR
#=================================================
ynh_script_progression --message="Removing app main directory..." --weight=2
# Remove the app directory securely
ynh_secure_remove --file="$final_path"
#=================================================
# REMOVE DATA DIR
#=================================================
# Remove the data directory if --purge option is used
if [ "${YNH_APP_PURGE:-0}" -eq 1 ]
then
ynh_script_progression --message="Removing app data directory..." --weight=1
ynh_secure_remove --file="$datadir"
fi
#=================================================
# REMOVE NGINX CONFIGURATION
#=================================================
@ -76,22 +45,14 @@ ynh_script_progression --message="Removing NGINX web server configuration..." --
# Remove the dedicated NGINX config
ynh_remove_nginx_config
#=================================================
# REMOVE DEPENDENCIES
#=================================================
ynh_script_progression --message="Removing dependencies..." --weight=1
# Remove metapackage and its dependencies
ynh_remove_app_dependencies
#=================================================
# CLOSE A PORT
#=================================================
if yunohost firewall list | grep -q "\- $turn_port$"
if yunohost firewall list | grep -q "\- $port_turn$"
then
ynh_script_progression --message="Closing port $turn_port..." --weight=1
ynh_exec_warn_less yunohost firewall disallow both $turn_port
ynh_script_progression --message="Closing port $port_turn..." --weight=1
ynh_exec_warn_less yunohost firewall disallow both $port_turn
fi
if yunohost firewall list | grep -q "\- 49152:65535"
@ -100,18 +61,6 @@ then
ynh_exec_warn_less yunohost firewall disallow UDP 49152:65535
fi
#=================================================
# SPECIFIC REMOVE
#=================================================
# GENERIC FINALIZATION
#=================================================
# REMOVE DEDICATED USER
#=================================================
ynh_script_progression --message="Removing the dedicated system user..." --weight=1
# Delete a system user
ynh_system_user_delete --username=$app
#=================================================
# END OF SCRIPT
#=================================================

72
scripts/restore
View file

@ -10,81 +10,29 @@
source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
ynh_clean_setup () {
true
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..." --weight=1
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app=$app --key=path)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
group_name=$(ynh_app_setting_get --app=$app --key=group_name)
turn_port=$(ynh_app_setting_get --app=$app --key=turn_port)
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
#=================================================
# CHECK IF THE APP CAN BE RESTORED
#=================================================
ynh_script_progression --message="Validating restoration parameters..." --weight=1
test ! -d $final_path \
|| ynh_die --message="There is already a directory: $final_path "
#=================================================
# STANDARD RESTORATION STEPS
#=================================================
# RECREATE THE DEDICATED USER
#=================================================
ynh_script_progression --message="Recreating the dedicated system user..." --weight=2
# Create the dedicated user (if not existing)
ynh_system_user_create --username=$app --home_dir="$final_path"
#=================================================
# RESTORE THE APP MAIN DIR
#=================================================
ynh_script_progression --message="Restoring the app main directory..." --weight=1
ynh_restore_file --origin_path="$final_path"
ynh_restore_file --origin_path="$install_dir"
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path"
chmod 750 "$install_dir"
chmod -R o-rwx "$install_dir"
chown -R $app:www-data "$install_dir"
#=================================================
# RESTORE THE DATA DIRECTORY
#=================================================
ynh_script_progression --message="Restoring the data directory..." --weight=1
ynh_restore_file --origin_path="$datadir" --not_mandatory
ynh_restore_file --origin_path="$data_dir" --not_mandatory
mkdir -p $datadir/{groups,recordings}
mkdir -p $data_dir/{groups,recordings}
chmod 750 "$datadir"
chmod -R o-rwx "$datadir"
chown -R $app:www-data "$datadir"
#=================================================
# SPECIFIC RESTORATION
#=================================================
# REINSTALL DEPENDENCIES
#=================================================
ynh_script_progression --message="Reinstalling dependencies..." --weight=1
# Define and install dependencies
ynh_install_app_dependencies $pkg_dependencies
chmod 750 "$data_dir"
chmod -R o-rwx "$data_dir"
chown -R $app:www-data "$data_dir"
#=================================================
# RESTORE THE NGINX CONFIGURATION
@ -107,7 +55,7 @@ systemctl enable $app.service --quiet
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --weight=2
yunohost service add $app --description="Videoconferencing server" --needs_exposed_ports="$turn_port"
yunohost service add $app --description="Videoconferencing server" --needs_exposed_ports="$port_turn"
yunohost service add ${app}_ldap --description="LDAP integration for the videoconferencing server"
#=================================================

156
scripts/upgrade
View file

@ -15,47 +15,16 @@ source /usr/share/yunohost/helpers
#=================================================
ynh_script_progression --message="Loading installation settings..." --weight=1
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app=$app --key=path)
admin=$(ynh_app_setting_get --app=$app --key=admin)
password=$(ynh_app_setting_get --app=$app --key=password)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
group_name=$(ynh_app_setting_get --app=$app --key=group_name)
group_description=$(ynh_app_setting_get --app=$app --key=group_description)
port=$(ynh_app_setting_get --app=$app --key=port)
ldap_port=$(ynh_app_setting_get --app=$app --key=ldap_port)
key=$(ynh_app_setting_get --app=$app --key=key)
turn_port=$(ynh_app_setting_get --app=$app --key=turn_port)
datadir=$(ynh_app_setting_get --app=$app --key=datadir)
if ynh_compare_current_package_version --comparison le --version 0.3.5~ynh3
then
ynh_die --message="Please, you need to remove the app and reinstall it"
fi
password=$(ynh_app_setting_get --app=$app --key=password)
#=================================================
# CHECK VERSION
#=================================================
ynh_script_progression --message="Checking version..." --weight=1
upgrade_type=$(ynh_check_app_version_changed)
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=1
# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
# Restore it if the upgrade fails
ynh_restore_upgradebackup
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# STANDARD UPGRADE STEPS
#=================================================
@ -77,75 +46,33 @@ then
ynh_exec_warn_less yunohost firewall disallow TCP $port
fi
# If final_path doesn't exist, create it
if [ -z "$final_path" ]; then
final_path=/var/www/$app
mkdir -p $final_path
ynh_app_setting_set --app=$app --key=final_path --value=$final_path
fi
# If ldap_port doesn't exist, create it
if [ -z "$ldap_port" ]; then
ldap_port=$(ynh_find_port --port=$(($port + 1)))
ynh_app_setting_set --app=$app --key=port --value=$ldap_port
fi
# Cleaning legacy permissions
if ynh_legacy_permissions_exists; then
ynh_legacy_permissions_delete_all
ynh_app_setting_delete --app=$app --key=is_public
fi
# We remove the old admin/password file if present
if [ -f "$final_path/data/passwd" ] ; then
ynh_secure_remove --file="$final_path/data/passwd"
fi
# For version 0.6~ynh1 and before
if [[ ! -d "$final_path/live" ]]
if [[ ! -d "$install_dir/live" ]]
then
tempdir="$(mktemp -d)"
mv $final_path $tempdir
mkdir -p "$final_path/live"
mv $tempdir/$app/galene "$final_path/live/"
mv $tempdir/$app/data/ "$final_path/live/"
mv $tempdir/$app/static/ "$final_path/live/"
mv $install_dir $tempdir
mkdir -p "$install_dir/live"
mv $tempdir/$app/galene "$install_dir/live/"
mv $tempdir/$app/data/ "$install_dir/live/"
mv $tempdir/$app/static/ "$install_dir/live/"
ynh_secure_remove --file="$tempdir"
fi
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1
# Create a dedicated user (if not existing)
ynh_system_user_create --username=$app --home_dir="$final_path"
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression --message="Upgrading source files..." --weight=2
ynh_setup_source --dest_dir="$final_path/build"
ynh_setup_source --dest_dir="$final_path/build_ldap" --source_id="ldap"
mkdir -p "$final_path/live/data"
mkdir -p "$final_path/live_ldap/data"
ynh_secure_remove --file="$final_path/live/static/"
cp -r "$final_path/build/static/" "$final_path/live/"
ynh_replace_string --match_string="<div class=\"galene-header\">Galène</div>" --replace_string="<div class=\"galene-header\" onclick=\"location.href=window.location.origin\" style=\"cursor:pointer\">Galène</div>" --target_file="$final_path/live/static/galene.html"
ynh_setup_source --dest_dir="$install_dir/build"
ynh_setup_source --dest_dir="$install_dir/build_ldap" --source_id="ldap"
mkdir -p "$install_dir/live/data"
mkdir -p "$install_dir/live_ldap/data"
#REMOVEME? ynh_secure_remove --file="$install_dir/live/static/"
cp -r "$install_dir/build/static/" "$install_dir/live/"
ynh_replace_string --match_string="<div class=\"galene-header\">Galène</div>" --replace_string="<div class=\"galene-header\" onclick=\"location.href=window.location.origin\" style=\"cursor:pointer\">Galène</div>" --target_file="$install_dir/live/static/galene.html"
chmod 750 "$final_path"
chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path"
#=================================================
# UPGRADE DEPENDENCIES
#=================================================
ynh_script_progression --message="Upgrading dependencies..." --weight=1
ynh_install_app_dependencies $pkg_dependencies
chmod -R o-rwx "$install_dir"
chown -R $app:www-data "$install_dir"
#=================================================
# NGINX CONFIGURATION
@ -166,18 +93,18 @@ if [ "$upgrade_type" == "UPGRADE_APP" ]
then
ynh_exec_warn_less ynh_install_go --go_version=$go_version
ynh_use_go
pushd $final_path/build/
ynh_exec_as $app CGO_ENABLED=0 $ynh_go build -ldflags='-s -w' -o $final_path/live/
pushd $install_dir/build/
ynh_exec_warn_less ynh_exec_as $app CGO_ENABLED=0 $ynh_go build -ldflags='-s -w' -o $install_dir/live/
popd
pushd $final_path/build_ldap/
ynh_exec_as $app CGO_ENABLED=0 $ynh_go build -ldflags='-s -w' -o $final_path/live_ldap/
pushd $install_dir/build_ldap/
ynh_exec_warn_less ynh_exec_as $app CGO_ENABLED=0 $ynh_go build -ldflags='-s -w' -o $install_dir/live_ldap/
popd
ynh_remove_go
ynh_secure_remove --file="$final_path/build/"
ynh_secure_remove --file="$final_path/build_ldap/"
ynh_secure_remove --file="$final_path/.cache/"
ynh_secure_remove --file="$final_path/go/"
ynh_secure_remove --file="$final_path/.go-version"
ynh_secure_remove --file="$install_dir/build/"
ynh_secure_remove --file="$install_dir/build_ldap/"
ynh_secure_remove --file="$install_dir/.cache/"
ynh_secure_remove --file="$install_dir/go/"
ynh_secure_remove --file="$install_dir/.go-version"
fi
#=================================================
@ -186,9 +113,9 @@ fi
ynh_script_progression --message="Updating a configuration file..." --weight=2
# Configure Galène
ynh_add_config --template="../conf/config.json" --destination="$final_path/live/data/config.json"
chmod 400 "$final_path/live/data/config.json"
chown $app:$app "$final_path/live/data/config.json"
ynh_add_config --template="../conf/config.json" --destination="$install_dir/live/data/config.json"
chmod 400 "$install_dir/live/data/config.json"
chown $app:$app "$install_dir/live/data/config.json"
# Configure Galène LDAP
# If key doesn't exist, create it
@ -196,19 +123,19 @@ if [ -z "$key" ]; then
key=$(jose jwk gen -i '{"kty":"oct","alg":"HS256"}')
ynh_app_setting_set --app=$app --key=key --value=$key
fi
ynh_add_config --template="../conf/galene-ldap.json" --destination="$final_path/live_ldap/data/galene-ldap.json"
chmod 400 "$final_path/live_ldap/data/galene-ldap.json"
chown $app:$app "$final_path/live_ldap/data/galene-ldap.json"
ynh_add_config --template="../conf/galene-ldap.json" --destination="$install_dir/live_ldap/data/galene-ldap.json"
chmod 400 "$install_dir/live_ldap/data/galene-ldap.json"
chown $app:$app "$install_dir/live_ldap/data/galene-ldap.json"
# Create a group name config
ynh_add_config --template="../conf/groupname.json" --destination="$datadir/groups/$group_name.json"
chmod 400 "$datadir/groups/$group_name.json"
chown $app:$app "$datadir/groups/$group_name.json"
ynh_add_config --template="../conf/groupname.json" --destination="$data_dir/groups/$group_name.json"
chmod 400 "$data_dir/groups/$group_name.json"
chown $app:$app "$data_dir/groups/$group_name.json"
# Create a group name authenticated on LDAP
ynh_add_config --template="../conf/groupname-ldap.json" --destination="$datadir/groups/YunoHost_Users.json"
chmod 400 "$datadir/groups/YunoHost_Users.json"
chown $app:$app "$datadir/groups/YunoHost_Users.json"
ynh_add_config --template="../conf/groupname-ldap.json" --destination="$data_dir/groups/YunoHost_Users.json"
chmod 400 "$data_dir/groups/YunoHost_Users.json"
chown $app:$app "$data_dir/groups/YunoHost_Users.json"
#=================================================
# SETUP SYSTEMD
@ -228,7 +155,7 @@ ynh_add_systemd_config --service=${app}_ldap --template="ldap.service"
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
yunohost service add $app --description="Videoconferencing server" --needs_exposed_ports="$turn_port"
yunohost service add $app --description="Videoconferencing server" --needs_exposed_ports="$port_turn"
yunohost service add ${app}_ldap --description="LDAP integration for the videoconferencing server"
#=================================================
@ -239,13 +166,6 @@ ynh_script_progression --message="Starting a systemd service..." --weight=1
ynh_systemd_action --service_name=$app --action="start" --log_path="systemd"
ynh_systemd_action --service_name=${app}_ldap --action="start" --log_path="systemd"
#=================================================
# RELOAD NGINX
#=================================================
ynh_script_progression --message="Reloading NGINX web server..." --weight=2
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
# END OF SCRIPT
#=================================================

6
scripts/ynh_install_go
View file

@ -30,14 +30,14 @@ export GOENV_ROOT="$goenv_install_dir"
# However, $PATH is duplicated into $go_path to outlast any manipulation of $PATH
# You can use the variable `$ynh_go_load_path` to quickly load your Go version
# in $PATH for an usage into a separate script.
# Exemple: $ynh_go_load_path $final_path/script_that_use_gem.sh`
# Exemple: $ynh_go_load_path $install_dir/script_that_use_gem.sh`
#
#
# Finally, to start a Go service with the correct version, 2 solutions
# Either the app is dependent of Go or gem, but does not called it directly.
# In such situation, you need to load PATH
# `Environment="__YNH_GO_LOAD_PATH__"`
# `ExecStart=__FINALPATH__/my_app`
# `ExecStart=__INSTALL_DIR__/my_app`
# You will replace __YNH_GO_LOAD_PATH__ with $ynh_go_load_path
#
# Or Go start the app directly, then you don't need to load the PATH variable
@ -72,7 +72,7 @@ ynh_use_go () {
ynh_go_load_path="PATH=$PATH"
# Sets the local application-specific Go version
pushd $final_path
pushd $install_dir
$goenv_install_dir/bin/goenv local $go_version
popd
}

23
tests.toml Normal file
View file

@ -0,0 +1,23 @@
test_format = 1.0
[default]
# ------------
# Tests to run
# ------------
exclude = ["install.subdir"]
# -------------------------------
# Default args to use for install
# -------------------------------
args.group_name = "public with space"
args.group_description = "My public space"
# -------------------------------
# Commits to test upgrade from
# -------------------------------
test_upgrade_from.212f4439.name = "Upgrade from 0.6.1~ynh2"