diff --git a/.github/workflows/updater.yml b/.github/workflows/updater.yml
index fb72ba0..a56d7cb 100644
--- a/.github/workflows/updater.yml
+++ b/.github/workflows/updater.yml
@@ -14,7 +14,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Fetch the source code
- uses: actions/checkout@v2
+ uses: actions/checkout@v3
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Run the updater script
@@ -33,7 +33,7 @@ jobs:
- name: Create Pull Request
id: cpr
if: ${{ env.PROCEED == 'true' }}
- uses: peter-evans/create-pull-request@v3
+ uses: peter-evans/create-pull-request@v4
with:
token: ${{ secrets.GITHUB_TOKEN }}
commit-message: Update to version ${{ env.VERSION }}
diff --git a/README.md b/README.md
index f290836..5d2fdc7 100644
--- a/README.md
+++ b/README.md
@@ -5,7 +5,8 @@ It shall NOT be edited by hand.
# Galène for YunoHost
-[](https://dash.yunohost.org/appci/app/galene)  
+[](https://dash.yunohost.org/appci/app/galene)  
+
[](https://install-app.yunohost.org/?app=galene)
*[Lire ce readme en français.](./README_fr.md)*
@@ -17,8 +18,6 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in
Galène is a videoconference server (an “SFU”) that is easy to deploy and that requires moderate server resources. It was originally designed for lectures and conferences (where a single speaker streams audio and video to hundreds or thousands of users), but later evolved to be useful for student practicals (where users are divided into many small groups), and meetings (where a dozen users interact with each other).
-## Features
-
### Client features:
- multiparty audio and video
@@ -30,7 +29,7 @@ Galène is a videoconference server (an “SFU”) that is easy to deploy and th
- LDAP support
-**Shipped version:** 0.6.2~ynh1
+**Shipped version:** 0.6.2~ynh2
**Demo:** https://galene.org:8443/
@@ -38,59 +37,6 @@ Galène is a videoconference server (an “SFU”) that is easy to deploy and th
-## Disclaimers / important information
-
-### Accessing groups
-
-*Galène* meeting rooms are called "groups". Any group is accessible at `https://domain.tld/group/GroupName`, by typing its name in the home page search field, or by selecting it in the public list (if the group is configured as publicly visible, see below).
-During install a group is created with YunoHost LDAP authentication, accessible at `https://domain.tld/group/YunoHost_Users`.
-
-#### Creating and configuring groups
-
-Groups are defined by JSON files located in the folder `/home/yunohost.app/galene/groups`. Each group is represented by a `GroupName.json` file.
-To create a new group, you need to create a `GroupNameExample.json` file and restart Galène service (you can also make subfolder groups, and the groups will be accessible with `https://domain.tld/group/subfolder/GroupName/`). Various configuration options are available (see https://github.com/YunoHost-Apps/galene_ynh/wiki/Configuration-file).
-
-*NB: Spaces are supported in group file names.*
-
-When Galène is removed, the data directory (`/home/yunohost.app/galene/`) is preserved. If you want to remove it along with Galène, use the `--purge` option: `sudo yunohost app remove galene --purge`.
-
-### Configuring your TURN server
-
-#### Using *Galène*'s internal TURN server
-Galène comes with a built-in TURN server that should work out-of-the-box.
-- If your server is behind NAT, allow incoming traffic to TCP/UDP port `1194` (or whatever is configured with the `-turn` option in `/etc/systemd/system/galene.service`)
-
-#### Using your own TURN server
-- Install [coturn_ynh](https://github.com/YunoHost-Apps/coturn_ynh).
-- Add `/opt/yunohost/galene/data/ice-servers.json` with these lines and change `turn.example.org` and `secret`
-
-```
- [
- {
- "urls": [
- "turn:turn.example.org:5349",
- "turn:turn.example.org:5349?transport=tcp"
- ],
- "username": "galene",
- "credential": "secret"
- }
- ]
-```
-- set `/etc/systemd/system/galene.service` `-turn` option to `-turn auto` (or `-turn ""` to disable the built-in TURN server).
-
-To check if the TURN server is up and running, type `/relay-test` in the chat box. If the TURN server is properly configured, you should see a message saying that the relay test has been successful.
-
-You can also install Galène with an external TURN server with this branch: https://github.com/YunoHost-Apps/galene_ynh/tree/galene+turn
-
-### Server Statistics page
-
-Statistics are available under `/opt/yunohost/galene/stats.json`, with a human-readable version at `domain.ltd/stats.html`. This is only available to the server administrator (the admin/password is set in the `config.json` file: `/opt/yunohost/galene/data/config.json`).
-
-### How do I record my lecture?
-
-Make sure allow-recording is set in your group configuration. Log-in as an operator, then say `/record` before you start your lecture. Don't forget to say `/unrecord` at the end. You will find your recordings under `https://server.example.com/recordings/groupname/`. The video recordings are stored in `/home/yunohost.app/galene/recordings` folder.
-
-
## Documentation and resources
* Official app website:
diff --git a/README_fr.md b/README_fr.md
index 4f48abe..045dbce 100644
--- a/README_fr.md
+++ b/README_fr.md
@@ -5,15 +5,16 @@ It shall NOT be edited by hand.
# Galène pour YunoHost
-[](https://dash.yunohost.org/appci/app/galene)  
+[](https://dash.yunohost.org/appci/app/galene)  
+
[](https://install-app.yunohost.org/?app=galene)
*[Read this readme in english.](./README.md)*
-> *Ce package vous permet d'installer Galène rapidement et simplement sur un serveur YunoHost.
-Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.*
+> *Ce package vous permet d’installer Galène rapidement et simplement sur un serveur YunoHost.
+Si vous n’avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l’installer et en profiter.*
-## Vue d'ensemble
+## Vue d’ensemble
Galène est un serveur de visioconférence (un « SFU ») facile à déployer et qui nécessite des ressources serveur modérées. Il a été conçu à l'origine pour les cours et les conférences (où un seul orateur diffuse de l'audio et de la vidéo à des centaines ou des milliers d'utilisateurs), mais a évolué par la suite pour être utile pour les travaux pratiques des étudiants (où les utilisateurs sont divisés en plusieurs petits groupes) et les réunions (où un douzaine d'utilisateurs interagissent entre eux).
@@ -28,72 +29,20 @@ Galène est un serveur de visioconférence (un « SFU ») facile à déployer et
- prise en charge LDAP
-**Version incluse :** 0.6.2~ynh1
+**Version incluse :** 0.6.2~ynh2
**Démo :** https://galene.org:8443/
-## Captures d'écran
+## Captures d’écran
-
-
-## Avertissements / informations importantes
-
-### Accéder à des groupes
-
-Les salles de réunion *Galène* sont appelées « groupes ». Tout groupe est accessible sur `https://domain.tld/group/GroupName`, en tapant son nom dans le champ de recherche de la page d'accueil, ou en le sélectionnant dans la liste publique (si le groupe est configuré comme visible publiquement, voir ci-dessous).
-Pendant l'installation, un groupe est créé avec l'authentification LDAP de YunoHost, accessible à `https://domain.tld/group/YunoHost_Users`.
-
-#### Ajouter et configurer des groupes
-
-Les groupes sont définis par des fichiers JSON situés dans le dossier `/home/yunohost.app/galene/groups`. Chaque groupe est représenté par un fichier `GroupName.json`.
-Pour créer un nouveau groupe, vous devez créer un fichier `GroupNameExample.json` et redémarrer le service Galène (vous pouvez également créer un sous-dossier, et les groupes seront accessibles avec` https://domain.tld/group/subfolder/GroupName/`). Différentes options de configurations sont disponibles (voir https://github.com/YunoHost-Apps/galene_ynh/wiki/Configuration-file).
-
-*NB : Les espaces sont pris en charge dans les noms de fichiers de groupe.*
-
-Lorsque Galène est supprimé, le répertoire de données (`/home/yunohost.app/galene/`) est conservé. Si vous souhaitez le supprimer avec Galène, utilisez l'option `--purge` : `sudo yunohost app remove galene --purge`.
-
-### Configurer votre serveur TURN
-
-#### Utilisation du serveur TURN de *Galène*
-Galène est livré avec un serveur TURN intégré qui devrait fonctionner immédiatement.
-- Si votre serveur est derrière NAT, autorisez le trafic entrant vers le port TCP/UDP `1194` (ou tout ce qui est configuré avec l'option `-turn` dans `/etc/systemd/system/galene.service`)
-
-#### Utilisation de votre propre serveur TURN
-- Installez [coturn_ynh](https://github.com/YunoHost-Apps/coturn_ynh).
-- Ajoutez `/var/www/galene/data/ice-servers.json` avec ces lignes et changez `turn.example.org` et `secret`
-
-```
- [
- {
- "urls": [
- "turn:turn.example.org:5349",
- "turn:turn.example.org:5349?transport=tcp"
- ],
- "username": "galene",
- "credential": "secret"
- }
- ]
-```
-- Dans `/etc/systemd/system/galene.service` changer l'option `-turn auto` (ou `-turn ""` pour désactiver le serveur TURN intégré).
-
-Pour vérifier si le serveur TURN est opérationnel, tapez `/relay-test` dans la boîte de dialogue du chat de *Galène* ; si le serveur TURN est correctement configuré, vous devriez voir un message indiquant que le test du relai a réussi.
-
-Vous pouvez également installer *Galène* avec un serveur TURN externe avec cette branch : https://github.com/YunoHost-Apps/galene_ynh/tree/galene+turn
-
-### Statistiques du serveur
-
-Les statistiques sont disponibles sous `/opt/yunohost/galene/stats.json`, avec une version lisible sur `domain.ltd/stats.html`. Cette page n'est disponible que pour l'administrateur du serveur (le mot de passe et l'administrateur sont définis dans le fichier `config.json` : `/opt/yunohost/galene/data/config.json`).
-
-### Comment enregistrer ma conférence ?
-
-Assurez-vous que l'autorisation d'enregistrement est définie dans la configuration de votre groupe. Connectez-vous en tant qu'opérateur, puis dites `/record` dans la fenêtre de chat avant de commencer la visio. N'oubliez pas de dire `/unrecord` à la fin. Vous trouverez vos enregistrements sous `https://server.example.com/recordings/groupname/`. Les enregistrements vidéo sont stockés dans le dossier `/home/yunohost.app/galene/recordings`.
+
## Documentations et ressources
-* Site officiel de l'app :
+* Site officiel de l’app :
* Documentation officielle utilisateur :
-* Documentation officielle de l'admin :
-* Dépôt de code officiel de l'app :
+* Documentation officielle de l’admin :
+* Dépôt de code officiel de l’app :
* Documentation YunoHost pour cette app :
* Signaler un bug :
@@ -109,4 +58,4 @@ ou
sudo yunohost app upgrade galene -u https://github.com/YunoHost-Apps/galene_ynh/tree/testing --debug
```
-**Plus d'infos sur le packaging d'applications :**
+**Plus d’infos sur le packaging d’applications :**
\ No newline at end of file
diff --git a/check_process b/check_process
deleted file mode 100644
index a7e831f..0000000
--- a/check_process
+++ /dev/null
@@ -1,30 +0,0 @@
-;; Test complet
- ; Manifest
- domain="domain.tld"
- path="/path"
- is_public=1
- admin="john"
- password="password"
- group_name="public with space"
- group_description="My public space"
- ; Checks
- pkg_linter=1
- setup_sub_dir=0
- setup_root=1
- setup_nourl=0
- setup_private=1
- setup_public=1
- upgrade=1
- # 0.6.1~ynh2
- upgrade=1 from_commit=ed1506fa3eb56358fecb06d832c9684acbf682d9
- backup_restore=1
- multi_instance=0
- port_already_use=0
- change_url=1
-;;; Options
-Email=
-Notification=none
-;;; Upgrade options
- ; commit=ed1506fa3eb56358fecb06d832c9684acbf682d9
- name=0.6.1~ynh2
- manifest_arg=domain=DOMAIN&path=PATH&admin=USER&language=fr&is_public=1&password=pass&port=666&
diff --git a/conf/app.src b/conf/app.src
deleted file mode 100644
index de0a54e..0000000
--- a/conf/app.src
+++ /dev/null
@@ -1,7 +0,0 @@
-SOURCE_URL=https://github.com/jech/galene/archive/refs/tags/galene-0.6.2.tar.gz
-SOURCE_SUM=7caedc1b2cb8cfeee0136e02c006d13d7b2b3cb9908685654c8cec020265428d
-SOURCE_SUM_PRG=sha256sum
-SOURCE_FORMAT=tar.gz
-SOURCE_IN_SUBDIR=true
-SOURCE_FILENAME=
-SOURCE_EXTRACT=true
diff --git a/conf/galene-ldap.json b/conf/galene-ldap.json
index 1480001..c271256 100644
--- a/conf/galene-ldap.json
+++ b/conf/galene-ldap.json
@@ -1,5 +1,5 @@
{
- "httpAddress": "127.0.0.1:__LDAP_PORT__",
+ "httpAddress": "127.0.0.1:__PORT_LDAP__",
"ldapServer": "ldap://localhost:389",
"ldapBase": "ou=users,dc=yunohost,dc=org",
"key": __KEY__,
diff --git a/conf/ldap.service b/conf/ldap.service
index 6efb10d..29ca25f 100644
--- a/conf/ldap.service
+++ b/conf/ldap.service
@@ -7,8 +7,8 @@ After=network.target
Type=simple
User=__APP__
Group=__APP__
-WorkingDirectory=__FINALPATH__/live_ldap/
-ExecStart=__FINALPATH__/live_ldap/galene-ldap -data __FINALPATH__/live_ldap/data/
+WorkingDirectory=__INSTALL_DIR__/live_ldap/
+ExecStart=__INSTALL_DIR__/live_ldap/galene-ldap -data __INSTALL_DIR__/live_ldap/data/
LimitNOFILE=65536
[Install]
diff --git a/conf/ldap.src b/conf/ldap.src
deleted file mode 100644
index 56042fd..0000000
--- a/conf/ldap.src
+++ /dev/null
@@ -1,7 +0,0 @@
-SOURCE_URL=https://github.com/jech/galene-ldap/archive/33b8a930372388b2b8b506d2564516fb3eaf895a.tar.gz
-SOURCE_SUM=00247712e4e7944fed42026f056f48eb59a95cf476c3ff1cb6e24c54469ce070
-SOURCE_SUM_PRG=sha256sum
-SOURCE_FORMAT=tar.gz
-SOURCE_IN_SUBDIR=true
-SOURCE_FILENAME=
-SOURCE_EXTRACT=true
diff --git a/conf/nginx.conf b/conf/nginx.conf
index a37e798..087602d 100755
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@@ -1,6 +1,6 @@
location /auth/ {
- proxy_pass http://127.0.0.1:__LDAP_PORT__/;
+ proxy_pass http://127.0.0.1:__PORT_LDAP__/;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
diff --git a/conf/systemd.service b/conf/systemd.service
index 1417126..aa4af39 100644
--- a/conf/systemd.service
+++ b/conf/systemd.service
@@ -7,9 +7,43 @@ After=network.target
Type=simple
User=__APP__
Group=__APP__
-WorkingDirectory=__FINALPATH__/live/
-ExecStart=__FINALPATH__/live/galene -http "127.0.0.1:__PORT__" -insecure -turn __PUBLIC_IP4__:__TURN_PORT__ -udp-range 49152-65535 -groups __DATADIR__/groups -recordings __DATADIR__/recordings -data __FINALPATH__/live/data/
+WorkingDirectory=__INSTALL_DIR__/live/
+ExecStart=__INSTALL_DIR__/live/galene -http "127.0.0.1:__PORT__" -insecure -turn __PUBLIC_IP4__:__PORT_TURN__ -udp-range 49152-65535 -groups __DATA_DIR__/groups -recordings __DATA_DIR__/recordings -data __INSTALL_DIR__/live/data/
LimitNOFILE=65536
+# Sandboxing options to harden security
+# Depending on specificities of your service/app, you may need to tweak these
+# .. but this should be a good baseline
+# Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html
+NoNewPrivileges=yes
+PrivateTmp=yes
+PrivateDevices=yes
+RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 AF_NETLINK
+RestrictNamespaces=yes
+RestrictRealtime=yes
+DevicePolicy=closed
+ProtectClock=yes
+ProtectHostname=yes
+ProtectProc=invisible
+ProtectSystem=full
+ProtectControlGroups=yes
+ProtectKernelModules=yes
+ProtectKernelTunables=yes
+LockPersonality=yes
+SystemCallArchitectures=native
+SystemCallFilter=~@clock @debug @module @mount @obsolete @reboot @setuid @swap @cpu-emulation @privileged
+
+# Denying access to capabilities that should not be relevant for webapps
+# Doc: https://man7.org/linux/man-pages/man7/capabilities.7.html
+CapabilityBoundingSet=~CAP_RAWIO CAP_MKNOD
+CapabilityBoundingSet=~CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE
+CapabilityBoundingSet=~CAP_SYS_BOOT CAP_SYS_TIME CAP_SYS_MODULE CAP_SYS_PACCT
+CapabilityBoundingSet=~CAP_LEASE CAP_LINUX_IMMUTABLE CAP_IPC_LOCK
+CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_WAKE_ALARM
+CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG
+CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE
+CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW
+CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG
+
[Install]
WantedBy=multi-user.target
diff --git a/doc/DISCLAIMER.md b/doc/ADMIN.md
similarity index 71%
rename from doc/DISCLAIMER.md
rename to doc/ADMIN.md
index 35f908f..923ce96 100644
--- a/doc/DISCLAIMER.md
+++ b/doc/ADMIN.md
@@ -1,16 +1,16 @@
### Accessing groups
-*Galène* meeting rooms are called "groups". Any group is accessible at `https://domain.tld/group/GroupName`, by typing its name in the home page search field, or by selecting it in the public list (if the group is configured as publicly visible, see below).
-During install a group is created with YunoHost LDAP authentication, accessible at `https://domain.tld/group/YunoHost_Users`.
+*Galène* meeting rooms are called "groups". Any group is accessible at `https://__DOMAIN__/group/GroupName`, by typing its name in the home page search field, or by selecting it in the public list (if the group is configured as publicly visible, see below).
+During install a group is created with YunoHost LDAP authentication, accessible at `https://__DOMAIN__/group/YunoHost_Users`.
#### Creating and configuring groups
-Groups are defined by JSON files located in the folder `/home/yunohost.app/galene/groups`. Each group is represented by a `GroupName.json` file.
-To create a new group, you need to create a `GroupNameExample.json` file and restart Galène service (you can also make subfolder groups, and the groups will be accessible with `https://domain.tld/group/subfolder/GroupName/`). Various configuration options are available (see https://github.com/YunoHost-Apps/galene_ynh/wiki/Configuration-file).
+Groups are defined by JSON files located in the folder `__DATA_DIR__/groups`. Each group is represented by a `GroupName.json` file.
+To create a new group, you need to create a `GroupNameExample.json` file and restart Galène service (you can also make subfolder groups, and the groups will be accessible with `https://__DOMAIN__/group/subfolder/GroupName/`). Various configuration options are available (see https://github.com/YunoHost-Apps/galene_ynh/wiki/Configuration-file).
*NB: Spaces are supported in group file names.*
-When Galène is removed, the data directory (`/home/yunohost.app/galene/`) is preserved. If you want to remove it along with Galène, use the `--purge` option: `sudo yunohost app remove galene --purge`.
+When Galène is removed, the data directory (`__DATA_DIR__`) is preserved. If you want to remove it along with Galène app, use the `--purge` option: `sudo yunohost app remove galene --purge`.
### Configuring your TURN server
@@ -38,13 +38,10 @@ Galène comes with a built-in TURN server that should work out-of-the-box.
To check if the TURN server is up and running, type `/relay-test` in the chat box. If the TURN server is properly configured, you should see a message saying that the relay test has been successful.
-You can also install Galène with an external TURN server with this branch: https://github.com/YunoHost-Apps/galene_ynh/tree/galene+turn
-
### Server Statistics page
Statistics are available under `/opt/yunohost/galene/stats.json`, with a human-readable version at `domain.ltd/stats.html`. This is only available to the server administrator (the admin/password is set in the `config.json` file: `/opt/yunohost/galene/data/config.json`).
### How do I record my lecture?
-Make sure allow-recording is set in your group configuration. Log-in as an operator, then say `/record` before you start your lecture. Don't forget to say `/unrecord` at the end. You will find your recordings under `https://server.example.com/recordings/groupname/`. The video recordings are stored in `/home/yunohost.app/galene/recordings` folder.
-
+Make sure allow-recording is set in your group configuration. Log-in as an operator, then say `/record` before you start your lecture. Don't forget to say `/unrecord` at the end. You will find your recordings under `https://__DOMAIN__/recordings/groupname/`. The video recordings are stored in `__DATA_DIR__/recordings` folder.
diff --git a/doc/DISCLAIMER_fr.md b/doc/ADMIN_fr.md
similarity index 76%
rename from doc/DISCLAIMER_fr.md
rename to doc/ADMIN_fr.md
index 5db048d..ec87b26 100644
--- a/doc/DISCLAIMER_fr.md
+++ b/doc/ADMIN_fr.md
@@ -1,16 +1,16 @@
### Accéder à des groupes
-Les salles de réunion *Galène* sont appelées « groupes ». Tout groupe est accessible sur `https://domain.tld/group/GroupName`, en tapant son nom dans le champ de recherche de la page d'accueil, ou en le sélectionnant dans la liste publique (si le groupe est configuré comme visible publiquement, voir ci-dessous).
-Pendant l'installation, un groupe est créé avec l'authentification LDAP de YunoHost, accessible à `https://domain.tld/group/YunoHost_Users`.
+Les salles de réunion *Galène* sont appelées « groupes ». Tout groupe est accessible sur `https://__DOMAIN__/group/GroupName`, en tapant son nom dans le champ de recherche de la page d'accueil, ou en le sélectionnant dans la liste publique (si le groupe est configuré comme visible publiquement, voir ci-dessous).
+Pendant l'installation, un groupe est créé avec l'authentification LDAP de YunoHost, accessible à `https://__DOMAIN__/group/YunoHost_Users`.
#### Ajouter et configurer des groupes
-Les groupes sont définis par des fichiers JSON situés dans le dossier `/home/yunohost.app/galene/groups`. Chaque groupe est représenté par un fichier `GroupName.json`.
-Pour créer un nouveau groupe, vous devez créer un fichier `GroupNameExample.json` et redémarrer le service Galène (vous pouvez également créer un sous-dossier, et les groupes seront accessibles avec` https://domain.tld/group/subfolder/GroupName/`). Différentes options de configurations sont disponibles (voir https://github.com/YunoHost-Apps/galene_ynh/wiki/Configuration-file).
+Les groupes sont définis par des fichiers JSON situés dans le dossier `__DATA_DIR__/groups`. Chaque groupe est représenté par un fichier `GroupName.json`.
+Pour créer un nouveau groupe, vous devez créer un fichier `GroupNameExample.json` et redémarrer le service Galène (vous pouvez également créer un sous-dossier, et les groupes seront accessibles avec` https://__DOMAIN__/group/subfolder/GroupName/`). Différentes options de configurations sont disponibles (voir https://github.com/YunoHost-Apps/galene_ynh/wiki/Configuration-file).
*NB : Les espaces sont pris en charge dans les noms de fichiers de groupe.*
-Lorsque Galène est supprimé, le répertoire de données (`/home/yunohost.app/galene/`) est conservé. Si vous souhaitez le supprimer avec Galène, utilisez l'option `--purge` : `sudo yunohost app remove galene --purge`.
+Lorsque Galène est supprimé, le répertoire de données (`__DATA_DIR__`) est conservé. Si vous souhaitez le supprimer avec l'application Galène, utilisez l'option `--purge` : `sudo yunohost app remove galene --purge`.
### Configurer votre serveur TURN
@@ -38,12 +38,10 @@ Galène est livré avec un serveur TURN intégré qui devrait fonctionner imméd
Pour vérifier si le serveur TURN est opérationnel, tapez `/relay-test` dans la boîte de dialogue du chat de *Galène* ; si le serveur TURN est correctement configuré, vous devriez voir un message indiquant que le test du relai a réussi.
-Vous pouvez également installer *Galène* avec un serveur TURN externe avec cette branch : https://github.com/YunoHost-Apps/galene_ynh/tree/galene+turn
-
### Statistiques du serveur
Les statistiques sont disponibles sous `/opt/yunohost/galene/stats.json`, avec une version lisible sur `domain.ltd/stats.html`. Cette page n'est disponible que pour l'administrateur du serveur (le mot de passe et l'administrateur sont définis dans le fichier `config.json` : `/opt/yunohost/galene/data/config.json`).
### Comment enregistrer ma conférence ?
-Assurez-vous que l'autorisation d'enregistrement est définie dans la configuration de votre groupe. Connectez-vous en tant qu'opérateur, puis dites `/record` dans la fenêtre de chat avant de commencer la visio. N'oubliez pas de dire `/unrecord` à la fin. Vous trouverez vos enregistrements sous `https://server.example.com/recordings/groupname/`. Les enregistrements vidéo sont stockés dans le dossier `/home/yunohost.app/galene/recordings`.
+Assurez-vous que l'autorisation d'enregistrement est définie dans la configuration de votre groupe. Connectez-vous en tant qu'opérateur, puis dites `/record` dans la fenêtre de chat avant de commencer la visio. N'oubliez pas de dire `/unrecord` à la fin. Vous trouverez vos enregistrements sous `https://__DOMAIN__/recordings/groupname/`. Les enregistrements vidéo sont stockés dans le dossier `__DATA_DIR__/recordings`.
diff --git a/doc/DESCRIPTION.md b/doc/DESCRIPTION.md
index a527d48..54e9644 100644
--- a/doc/DESCRIPTION.md
+++ b/doc/DESCRIPTION.md
@@ -1,7 +1,5 @@
Galène is a videoconference server (an “SFU”) that is easy to deploy and that requires moderate server resources. It was originally designed for lectures and conferences (where a single speaker streams audio and video to hundreds or thousands of users), but later evolved to be useful for student practicals (where users are divided into many small groups), and meetings (where a dozen users interact with each other).
-## Features
-
### Client features:
- multiparty audio and video
diff --git a/doc/POST_INSTALL.md b/doc/POST_INSTALL.md
new file mode 100644
index 0000000..e05a08d
--- /dev/null
+++ b/doc/POST_INSTALL.md
@@ -0,0 +1,2 @@
+Galène comes with a built-in TURN server that should work out-of-the-box.
+- If your server is behind NAT, allow incoming traffic to TCP/UDP port `1194` (or whatever is configured with the `-turn` option in `/etc/systemd/system/galene.service`)
\ No newline at end of file
diff --git a/doc/POST_INSTALL_fr.md b/doc/POST_INSTALL_fr.md
new file mode 100644
index 0000000..b554d13
--- /dev/null
+++ b/doc/POST_INSTALL_fr.md
@@ -0,0 +1,2 @@
+Galène est livré avec un serveur TURN intégré qui devrait fonctionner immédiatement.
+- Si votre serveur est derrière NAT, autorisez le trafic entrant vers le port TCP/UDP `1194` (ou tout ce qui est configuré avec l'option `-turn` dans `/etc/systemd/system/galene.service`)
\ No newline at end of file
diff --git a/manifest.json b/manifest.json
deleted file mode 100644
index e22e81e..0000000
--- a/manifest.json
+++ /dev/null
@@ -1,83 +0,0 @@
-{
- "name": "Galène",
- "id": "galene",
- "packaging_format": 1,
- "description": {
- "en": "Videoconferencing server that is easy to deploy",
- "fr": "Serveur de visioconférence facile à déployer"
- },
- "version": "0.6.2~ynh1",
- "url": "https://galene.org/",
- "upstream": {
- "license": "MIT",
- "website": "https://galene.org/",
- "demo": "https://galene.org:8443/",
- "admindoc": "https://galene.org/",
- "userdoc": "https://galene.org/faq.html",
- "code": "https://github.com/jech/galene"
- },
- "license": "MIT",
- "maintainer": {
- "name": "eric_G",
- "email": ""
- },
- "requirements": {
- "yunohost": ">= 11.0.9"
- },
- "multi_instance": false,
- "services": [
- "nginx"
- ],
- "arguments": {
- "install": [
- {
- "name": "domain",
- "type": "domain"
- },
- {
- "name": "is_public",
- "type": "boolean",
- "help": {
- "en": "If enabled, Galène will be accessible by people who do not have an account. This can be changed later via the webadmin.",
- "fr": "Si cette case est cochée, Galène sera accessible aux personnes n’ayant pas de compte. Vous pourrez changer ceci plus tard via la webadmin."
- },
- "default": true
- },
- {
- "name": "admin",
- "type": "user"
- },
- {
- "name": "password",
- "type": "password",
- "help": {
- "en": "Set the administrator password (between 8 and 30 characters)",
- "fr": "Définissez le mot de passe administrateur (entre 8 et 30 caractères)"
- }
- },
- {
- "name": "group_name",
- "type": "string",
- "ask": {
- "en": "Choose a name for the group you want to create",
- "fr": "Choisissez un nom pour le groupe que vous voulez créer"
- },
- "default": "public",
- "example": "public"
- },
- {
- "name": "group_description",
- "type": "string",
- "optional": true,
- "ask": {
- "en": "Choose a description for the group you want to create",
- "fr": "Décrivez le groupe que vous souhaitez créer"
- },
- "help": {
- "en": "Add a human-readable description of the group; this is displayed on the landing page for public groups.",
- "fr": "Ajoutez une description du groupe; ceci est affiché sur la page de destination des groupes publics."
- }
- }
- ]
- }
-}
diff --git a/manifest.toml b/manifest.toml
new file mode 100644
index 0000000..741f4b1
--- /dev/null
+++ b/manifest.toml
@@ -0,0 +1,90 @@
+packaging_format = 2
+
+id = "galene"
+name = "Galène"
+description.en = "Videoconferencing server that is easy to deploy"
+description.fr = "Serveur de visioconférence facile à déployer"
+
+version = "0.6.2~ynh2"
+
+maintainers = ["eric_G"]
+
+[upstream]
+license = "MIT"
+website = "https://galene.org/"
+demo = "https://galene.org:8443/"
+admindoc = "https://galene.org/"
+userdoc = "https://galene.org/faq.html"
+code = "https://github.com/jech/galene"
+
+[integration]
+yunohost = ">= 11.1.14"
+architectures = "all"
+multi_instance = false
+ldap = true
+sso = "not_relevant"
+disk = "50M"
+ram.build = "400M"
+ram.runtime = "50M"
+
+[install]
+ [install.domain]
+ type = "domain"
+ full_domain = true
+
+ [install.init_main_permission]
+ help.en = "If Visitors enabled, Galène will be accessible by people who do not have an account. This can be changed later via the webadmin."
+ help.fr = "Si la permission Visiteurs est cochée, Galène sera accessible aux personnes n’ayant pas de compte. Vous pourrez changer ceci plus tard via la webadmin."
+ type = "group"
+ default = "visitors"
+
+ [install.admin]
+ type = "user"
+
+ [install.password]
+ help.en = "Set the administrator password (between 8 and 30 characters)"
+ help.fr = "Définissez le mot de passe administrateur (entre 8 et 30 caractères)"
+ type = "password"
+
+ [install.group_name]
+ ask.en = "Choose a name for the group you want to create"
+ ask.fr = "Choisissez un nom pour le groupe que vous voulez créer"
+ type = "string"
+ default = "public"
+ example = "public"
+
+ [install.group_description]
+ ask.en = "Choose a description for the group you want to create"
+ ask.fr = "Décrivez le groupe que vous souhaitez créer"
+ help.en = "Add a human-readable description of the group; this is displayed on the landing page for public groups."
+ help.fr = "Ajoutez une description du groupe; ceci est affiché sur la page de destination des groupes publics."
+ type = "string"
+ optional = true
+
+[resources]
+ [resources.system_user]
+
+ [resources.install_dir]
+
+ [resources.data_dir]
+
+ [resources.permissions]
+ main.url = "/"
+
+ [resources.ports]
+ main.default = 8095
+ ldap.default = 8096
+ turn.default = 1194
+ turn.exposed = "Both"
+
+ [resources.apt]
+ packages = "jose"
+
+[resources.sources]
+ [resources.sources.main]
+ url = "https://github.com/jech/galene/archive/refs/tags/galene-0.6.2.tar.gz"
+ sha256 = "7caedc1b2cb8cfeee0136e02c006d13d7b2b3cb9908685654c8cec020265428d"
+
+ [resources.sources.ldap]
+ url = "https://github.com/jech/galene-ldap/archive/33b8a930372388b2b8b506d2564516fb3eaf895a.tar.gz"
+ sha256 = "00247712e4e7944fed42026f056f48eb59a95cf476c3ff1cb6e24c54469ce070"
diff --git a/scripts/_common.sh b/scripts/_common.sh
index 87199a3..1f273f5 100755
--- a/scripts/_common.sh
+++ b/scripts/_common.sh
@@ -6,9 +6,6 @@
go_version=1.19
-# dependencies used by the app (must be on a single line)
-pkg_dependencies="jose"
-
#=================================================
# PERSONAL HELPERS
#=================================================
diff --git a/scripts/backup b/scripts/backup
index cf11da9..2696784 100755
--- a/scripts/backup
+++ b/scripts/backup
@@ -10,27 +10,6 @@
source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
-#=================================================
-# MANAGE SCRIPT FAILURE
-#=================================================
-
-ynh_clean_setup () {
- true
-}
-# Exit if an error occurs during the execution of the script
-ynh_abort_if_errors
-
-#=================================================
-# LOAD SETTINGS
-#=================================================
-ynh_print_info --message="Loading installation settings..."
-
-app=$YNH_APP_INSTANCE_NAME
-
-final_path=$(ynh_app_setting_get --app=$app --key=final_path)
-domain=$(ynh_app_setting_get --app=$app --key=domain)
-datadir=$(ynh_app_setting_get --app=$app --key=datadir)
-
#=================================================
# DECLARE DATA AND CONF FILES TO BACKUP
#=================================================
@@ -40,13 +19,13 @@ ynh_print_info --message="Declaring files to be backed up..."
# BACKUP THE APP MAIN DIR
#=================================================
-ynh_backup --src_path="$final_path"
+ynh_backup --src_path="$install_dir"
#=================================================
# BACKUP THE DATA DIR
#=================================================
-ynh_backup --src_path="$datadir" --is_big
+ynh_backup --src_path="$data_dir" --is_big
#=================================================
# BACKUP THE NGINX CONFIGURATION
diff --git a/scripts/change_url b/scripts/change_url
index cb35cc4..fe3970e 100755
--- a/scripts/change_url
+++ b/scripts/change_url
@@ -9,67 +9,16 @@
source _common.sh
source /usr/share/yunohost/helpers
-#=================================================
-# RETRIEVE ARGUMENTS
-#=================================================
-
-old_domain=$YNH_APP_OLD_DOMAIN
-old_path=$YNH_APP_OLD_PATH
-
-new_domain=$YNH_APP_NEW_DOMAIN
-new_path="/"
-
-app=$YNH_APP_INSTANCE_NAME
-
#=================================================
# LOAD SETTINGS
#=================================================
ynh_script_progression --message="Loading installation settings..." --weight=1
-# Needed for helper "ynh_add_nginx_config"
-final_path=$(ynh_app_setting_get --app=$app --key=final_path)
-
# Add settings here as needed by your application
-admin=$(ynh_app_setting_get --app=$app --key=admin)
password=$(ynh_app_setting_get --app=$app --key=password)
group_name=$(ynh_app_setting_get --app=$app --key=group_name)
-port=$(ynh_app_setting_get --app=$app --key=port)
-ldap_port=$(ynh_app_setting_get --app=$app --key=ldap_port)
+port_ldap=$(ynh_app_setting_get --app=$app --key=ldap_port)
key=$(ynh_app_setting_get --app=$app --key=key)
-datadir=$(ynh_app_setting_get --app=$app --key=datadir)
-
-#=================================================
-# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP
-#=================================================
-ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=1
-
-# Backup the current version of the app
-ynh_backup_before_upgrade
-ynh_clean_setup () {
- # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location.
- ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
-
- # Restore it if the upgrade fails
- ynh_restore_upgradebackup
-}
-# Exit if an error occurs during the execution of the script
-ynh_abort_if_errors
-
-#=================================================
-# CHECK WHICH PARTS SHOULD BE CHANGED
-#=================================================
-
-change_domain=0
-if [ "$old_domain" != "$new_domain" ]
-then
- change_domain=1
-fi
-
-change_path=0
-if [ "$old_path" != "$new_path" ]
-then
- change_path=1
-fi
#=================================================
# STANDARD MODIFICATIONS
@@ -86,29 +35,7 @@ ynh_systemd_action --service_name=${app}_ldap --action="stop" --log_path="system
#=================================================
ynh_script_progression --message="Updating NGINX web server configuration..." --weight=2
-nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
-
-# Change the path in the NGINX config file
-if [ $change_path -eq 1 ]
-then
- # Make a backup of the original NGINX config file if modified
- ynh_backup_if_checksum_is_different --file="$nginx_conf_path"
- # Set global variables for NGINX helper
- domain="$old_domain"
- path_url="$new_path"
- # Create a dedicated NGINX config
- ynh_add_nginx_config
-fi
-
-# Change the domain for NGINX
-if [ $change_domain -eq 1 ]
-then
- # Delete file checksum for the old conf file location
- ynh_delete_file_checksum --file="$nginx_conf_path"
- mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf
- # Store file checksum for the new config file location
- ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf"
-fi
+ynh_change_url_nginx_config
#=================================================
# SPECIFIC MODIFICATIONS
@@ -119,24 +46,24 @@ ynh_script_progression --message="Updating a configuration file..." --weight=2
domain="$new_domain"
# Configure Galene
-ynh_add_config --template="../conf/config.json" --destination="$final_path/live/data/config.json"
-chmod 400 "$final_path/live/data/config.json"
-chown $app:$app "$final_path/live/data/config.json"
+ynh_add_config --template="../conf/config.json" --destination="$install_dir/live/data/config.json"
+chmod 400 "$install_dir/live/data/config.json"
+chown $app:$app "$install_dir/live/data/config.json"
# Configure Galene LDAP
-ynh_add_config --template="../conf/galene-ldap.json" --destination="$final_path/live_ldap/data/galene-ldap.json"
-chmod 400 "$final_path/live_ldap/data/galene-ldap.json"
-chown $app:$app "$final_path/live_ldap/data/galene-ldap.json"
+ynh_add_config --template="../conf/galene-ldap.json" --destination="$install_dir/live_ldap/data/galene-ldap.json"
+chmod 400 "$install_dir/live_ldap/data/galene-ldap.json"
+chown $app:$app "$install_dir/live_ldap/data/galene-ldap.json"
# Create a group name config
-ynh_add_config --template="../conf/groupname.json" --destination="$datadir/groups/$group_name.json"
-chmod 400 "$datadir/groups/$group_name.json"
-chown $app:$app "$datadir/groups/$group_name.json"
+ynh_add_config --template="../conf/groupname.json" --destination="$data_dir/groups/$group_name.json"
+chmod 400 "$data_dir/groups/$group_name.json"
+chown $app:$app "$data_dir/groups/$group_name.json"
# Create a group name authenticated on LDAP
-ynh_add_config --template="../conf/groupname-ldap.json" --destination="$datadir/groups/YunoHost_Users.json"
-chmod 400 "$datadir/groups/YunoHost_Users.json"
-chown $app:$app "$datadir/groups/YunoHost_Users.json"
+ynh_add_config --template="../conf/groupname-ldap.json" --destination="$data_dir/groups/YunoHost_Users.json"
+chmod 400 "$data_dir/groups/YunoHost_Users.json"
+chown $app:$app "$data_dir/groups/YunoHost_Users.json"
#=================================================
# GENERIC FINALISATION
@@ -149,13 +76,6 @@ ynh_script_progression --message="Starting a systemd service..." --weight=3
ynh_systemd_action --service_name=$app --action="start" --log_path="systemd"
ynh_systemd_action --service_name=${app}_ldap --action="start" --log_path="systemd"
-#=================================================
-# RELOAD NGINX
-#=================================================
-ynh_script_progression --message="Reloading NGINX web server..." --weight=1
-
-ynh_systemd_action --service_name=nginx --action=reload
-
#=================================================
# END OF SCRIPT
#=================================================
diff --git a/scripts/install b/scripts/install
index 591fc3f..b178862 100755
--- a/scripts/install
+++ b/scripts/install
@@ -10,111 +10,49 @@ source _common.sh
source ynh_install_go
source /usr/share/yunohost/helpers
-#=================================================
-# MANAGE SCRIPT FAILURE
-#=================================================
-
-ynh_clean_setup () {
- true
-}
-# Exit if an error occurs during the execution of the script
-ynh_abort_if_errors
-
#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================
-domain=$YNH_APP_ARG_DOMAIN
-path_url="/"
-is_public=$YNH_APP_ARG_IS_PUBLIC
-admin=$YNH_APP_ARG_ADMIN
-password=$YNH_APP_ARG_PASSWORD
group_name=$YNH_APP_ARG_GROUP_NAME
group_description=$YNH_APP_ARG_GROUP_DESCRIPTION
-
-app=$YNH_APP_INSTANCE_NAME
-
-#=================================================
-# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
-#=================================================
-ynh_script_progression --message="Validating installation parameters..." --weight=1
-
-final_path=/var/www/$app
-test ! -e "$final_path" || ynh_die --message="This path already contains a folder"
-
-# Register (book) web path
-ynh_webpath_register --app=$app --domain=$domain --path_url=$path_url
+password=$YNH_APP_ARG_PASSWORD
#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
ynh_script_progression --message="Storing installation settings..." --weight=4
-ynh_app_setting_set --app=$app --key=domain --value=$domain
-ynh_app_setting_set --app=$app --key=path --value=$path_url
-ynh_app_setting_set --app=$app --key=admin --value=$admin
-ynh_app_setting_set --app=$app --key=password --value="$password"
ynh_app_setting_set --app=$app --key=group_name --value="$group_name"
ynh_app_setting_set --app=$app --key=group_description --value="$group_description"
+ynh_app_setting_set --app=$app --key=password --value="$password"
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# FIND AND OPEN A PORT
#=================================================
-ynh_script_progression --message="Finding an available port..." --weight=3
-
-# Find an available port
-port=$(ynh_find_port --port=8095)
-ynh_app_setting_set --app=$app --key=port --value=$port
-
-ldap_port=$(ynh_find_port --port=$(($port + 1)))
-ynh_app_setting_set --app=$app --key=port --value=$ldap_port
-
-# Find an available port for TURN
-turn_port=$(ynh_find_port --port=1194)
-ynh_app_setting_set --app=$app --key=turn_port --value=$turn_port
-
-# Open TURN port
ynh_script_progression --message="Configuring firewall..." --weight=1
-ynh_exec_warn_less yunohost firewall allow Both $turn_port
-
# Reserve UDP Port range 49152:65535
ynh_exec_warn_less yunohost firewall allow UDP -4 49152:65535
-#=================================================
-# INSTALL DEPENDENCIES
-#=================================================
-ynh_script_progression --message="Installing dependencies..." --weight=1
-
-ynh_install_app_dependencies $pkg_dependencies
-
-#=================================================
-# CREATE DEDICATED USER
-#=================================================
-ynh_script_progression --message="Configuring system user..." --weight=3
-
-# Create a system user
-ynh_system_user_create --username=$app --home_dir="$final_path"
-
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression --message="Setting up source files..." --weight=1
-ynh_app_setting_set --app=$app --key=final_path --value=$final_path
# Download, check integrity, uncompress and patch the source from app.src
-ynh_setup_source --dest_dir="$final_path/build"
-ynh_setup_source --dest_dir="$final_path/build_ldap" --source_id="ldap"
+ynh_setup_source --dest_dir="$install_dir/build"
+ynh_setup_source --dest_dir="$install_dir/build_ldap" --source_id="ldap"
-mkdir -p "$final_path/live/data"
-mkdir -p "$final_path/live_ldap/data"
-cp -r "$final_path/build/static/" "$final_path/live/"
-ynh_replace_string --match_string="" --replace_string="" --target_file="$final_path/live/static/galene.html"
-chmod 750 "$final_path"
-chmod -R o-rwx "$final_path"
-chown -R $app:www-data "$final_path"
+mkdir -p "$install_dir/live/data"
+mkdir -p "$install_dir/live_ldap/data"
+cp -r "$install_dir/build/static/" "$install_dir/live/"
+ynh_replace_string --match_string="" --replace_string="" --target_file="$install_dir/live/static/galene.html"
+
+chmod -R o-rwx "$install_dir"
+chown -R $app:www-data "$install_dir"
#=================================================
# NGINX CONFIGURATION
@@ -133,32 +71,29 @@ ynh_script_progression --message="Building app..." --weight=1
ynh_exec_warn_less ynh_install_go --go_version=$go_version
ynh_use_go
-pushd $final_path/build/
- ynh_exec_warn_less ynh_exec_as $app CGO_ENABLED=0 $ynh_go build -ldflags='-s -w' -o $final_path/live/
+pushd $install_dir/build/
+ ynh_exec_warn_less ynh_exec_as $app CGO_ENABLED=0 $ynh_go build -ldflags='-s -w' -o $install_dir/live/
popd
-pushd $final_path/build_ldap/
- ynh_exec_warn_less ynh_exec_as $app CGO_ENABLED=0 $ynh_go build -ldflags='-s -w' -o $final_path/live_ldap/
+pushd $install_dir/build_ldap/
+ ynh_exec_warn_less ynh_exec_as $app CGO_ENABLED=0 $ynh_go build -ldflags='-s -w' -o $install_dir/live_ldap/
popd
ynh_remove_go
-ynh_secure_remove --file="$final_path/build/"
-ynh_secure_remove --file="$final_path/build_ldap/"
-ynh_secure_remove --file="$final_path/.cache/"
-ynh_secure_remove --file="$final_path/go/"
-ynh_secure_remove --file="$final_path/.go-version"
+ynh_secure_remove --file="$install_dir/build/"
+ynh_secure_remove --file="$install_dir/build_ldap/"
+ynh_secure_remove --file="$install_dir/.cache/"
+ynh_secure_remove --file="$install_dir/go/"
+ynh_secure_remove --file="$install_dir/.go-version"
#=================================================
# CREATE DATA DIRECTORY
#=================================================
ynh_script_progression --message="Creating a data directory..." --weight=1
-datadir=/home/yunohost.app/$app
-ynh_app_setting_set --app=$app --key=datadir --value=$datadir
+mkdir -p $data_dir/{groups,recordings}
-mkdir -p $datadir/{groups,recordings}
-
-chmod 750 "$datadir"
-chmod -R o-rwx "$datadir"
-chown -R $app:www-data "$datadir"
+chmod 750 "$data_dir"
+chmod -R o-rwx "$data_dir"
+chown -R $app:www-data "$data_dir"
#=================================================
# ADD A CONFIGURATION
@@ -166,26 +101,26 @@ chown -R $app:www-data "$datadir"
ynh_script_progression --message="Adding a configuration file..." --weight=1
# Configure Galène
-ynh_add_config --template="../conf/config.json" --destination="$final_path/live/data/config.json"
-chmod 400 "$final_path/live/data/config.json"
-chown $app:$app "$final_path/live/data/config.json"
+ynh_add_config --template="../conf/config.json" --destination="$install_dir/live/data/config.json"
+chmod 400 "$install_dir/live/data/config.json"
+chown $app:$app "$install_dir/live/data/config.json"
# Configure Galène LDAP
key=$(jose jwk gen -i '{"kty":"oct","alg":"HS256"}')
ynh_app_setting_set --app=$app --key=key --value="$key"
-ynh_add_config --template="../conf/galene-ldap.json" --destination="$final_path/live_ldap/data/galene-ldap.json"
-chmod 400 "$final_path/live_ldap/data/galene-ldap.json"
-chown $app:$app "$final_path/live_ldap/data/galene-ldap.json"
+ynh_add_config --template="../conf/galene-ldap.json" --destination="$install_dir/live_ldap/data/galene-ldap.json"
+chmod 400 "$install_dir/live_ldap/data/galene-ldap.json"
+chown $app:$app "$install_dir/live_ldap/data/galene-ldap.json"
# Create a group name config
-ynh_add_config --template="../conf/groupname.json" --destination="$datadir/groups/$group_name.json"
-chmod 400 "$datadir/groups/$group_name.json"
-chown $app:$app "$datadir/groups/$group_name.json"
+ynh_add_config --template="../conf/groupname.json" --destination="$data_dir/groups/$group_name.json"
+chmod 400 "$data_dir/groups/$group_name.json"
+chown $app:$app "$data_dir/groups/$group_name.json"
# Create a group name authenticated on LDAP
-ynh_add_config --template="../conf/groupname-ldap.json" --destination="$datadir/groups/YunoHost_Users.json"
-chmod 400 "$datadir/groups/YunoHost_Users.json"
-chown $app:$app "$datadir/groups/YunoHost_Users.json"
+ynh_add_config --template="../conf/groupname-ldap.json" --destination="$data_dir/groups/YunoHost_Users.json"
+chmod 400 "$data_dir/groups/YunoHost_Users.json"
+chown $app:$app "$data_dir/groups/YunoHost_Users.json"
#=================================================
# SETUP SYSTEMD
@@ -205,7 +140,7 @@ ynh_add_systemd_config --service=${app}_ldap --template="ldap.service"
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --weight=2
-yunohost service add $app --description="Videoconferencing server" --needs_exposed_ports="$turn_port"
+yunohost service add $app --description="Videoconferencing server" --needs_exposed_ports="$port_turn"
yunohost service add ${app}_ldap --description="LDAP integration for the videoconferencing server"
#=================================================
@@ -217,26 +152,6 @@ ynh_script_progression --message="Starting a systemd service..." --weight=1
ynh_systemd_action --service_name=$app --action="start" --log_path="systemd"
ynh_systemd_action --service_name=${app}_ldap --action="start" --log_path="systemd"
-#=================================================
-# SETUP SSOWAT
-#=================================================
-ynh_script_progression --message="Configuring permissions..." --weight=2
-
-# Make app public if necessary
-if [ $is_public -eq 1 ]
-then
- # Everyone can access the app.
- # The "main" permission is automatically created before the install script.
- ynh_permission_update --permission="main" --add="visitors"
-fi
-
-#=================================================
-# RELOAD NGINX
-#=================================================
-ynh_script_progression --message="Reloading NGINX web server..." --weight=2
-
-ynh_systemd_action --service_name=nginx --action=reload
-
#=================================================
# END OF SCRIPT
#=================================================
diff --git a/scripts/remove b/scripts/remove
index dc1df05..23d30bd 100755
--- a/scripts/remove
+++ b/scripts/remove
@@ -9,18 +9,6 @@
source _common.sh
source /usr/share/yunohost/helpers
-#=================================================
-# LOAD SETTINGS
-#=================================================
-ynh_script_progression --message="Loading installation settings..." --weight=1
-
-app=$YNH_APP_INSTANCE_NAME
-
-domain=$(ynh_app_setting_get --app=$app --key=domain)
-turn_port=$(ynh_app_setting_get --app=$app --key=turn_port)
-final_path=$(ynh_app_setting_get --app=$app --key=final_path)
-datadir=$(ynh_app_setting_get --app=$app --key=datadir)
-
#=================================================
# STANDARD REMOVE
#=================================================
@@ -49,25 +37,6 @@ ynh_script_progression --message="Stopping and removing the systemd service..."
ynh_remove_systemd_config
ynh_remove_systemd_config --service=${app}_ldap
-#=================================================
-# REMOVE APP MAIN DIR
-#=================================================
-ynh_script_progression --message="Removing app main directory..." --weight=2
-
-# Remove the app directory securely
-ynh_secure_remove --file="$final_path"
-
-#=================================================
-# REMOVE DATA DIR
-#=================================================
-
-# Remove the data directory if --purge option is used
-if [ "${YNH_APP_PURGE:-0}" -eq 1 ]
-then
- ynh_script_progression --message="Removing app data directory..." --weight=1
- ynh_secure_remove --file="$datadir"
-fi
-
#=================================================
# REMOVE NGINX CONFIGURATION
#=================================================
@@ -76,22 +45,14 @@ ynh_script_progression --message="Removing NGINX web server configuration..." --
# Remove the dedicated NGINX config
ynh_remove_nginx_config
-#=================================================
-# REMOVE DEPENDENCIES
-#=================================================
-ynh_script_progression --message="Removing dependencies..." --weight=1
-
-# Remove metapackage and its dependencies
-ynh_remove_app_dependencies
-
#=================================================
# CLOSE A PORT
#=================================================
-if yunohost firewall list | grep -q "\- $turn_port$"
+if yunohost firewall list | grep -q "\- $port_turn$"
then
- ynh_script_progression --message="Closing port $turn_port..." --weight=1
- ynh_exec_warn_less yunohost firewall disallow both $turn_port
+ ynh_script_progression --message="Closing port $port_turn..." --weight=1
+ ynh_exec_warn_less yunohost firewall disallow both $port_turn
fi
if yunohost firewall list | grep -q "\- 49152:65535"
@@ -100,18 +61,6 @@ then
ynh_exec_warn_less yunohost firewall disallow UDP 49152:65535
fi
-#=================================================
-# SPECIFIC REMOVE
-#=================================================
-# GENERIC FINALIZATION
-#=================================================
-# REMOVE DEDICATED USER
-#=================================================
-ynh_script_progression --message="Removing the dedicated system user..." --weight=1
-
-# Delete a system user
-ynh_system_user_delete --username=$app
-
#=================================================
# END OF SCRIPT
#=================================================
diff --git a/scripts/restore b/scripts/restore
index 3ab3d80..21e6513 100755
--- a/scripts/restore
+++ b/scripts/restore
@@ -10,81 +10,29 @@
source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers
-#=================================================
-# MANAGE SCRIPT FAILURE
-#=================================================
-
-ynh_clean_setup () {
- true
-}
-# Exit if an error occurs during the execution of the script
-ynh_abort_if_errors
-
-#=================================================
-# LOAD SETTINGS
-#=================================================
-ynh_script_progression --message="Loading installation settings..." --weight=1
-
-app=$YNH_APP_INSTANCE_NAME
-
-domain=$(ynh_app_setting_get --app=$app --key=domain)
-path_url=$(ynh_app_setting_get --app=$app --key=path)
-final_path=$(ynh_app_setting_get --app=$app --key=final_path)
-group_name=$(ynh_app_setting_get --app=$app --key=group_name)
-turn_port=$(ynh_app_setting_get --app=$app --key=turn_port)
-datadir=$(ynh_app_setting_get --app=$app --key=datadir)
-
-#=================================================
-# CHECK IF THE APP CAN BE RESTORED
-#=================================================
-ynh_script_progression --message="Validating restoration parameters..." --weight=1
-
-test ! -d $final_path \
- || ynh_die --message="There is already a directory: $final_path "
-
-#=================================================
-# STANDARD RESTORATION STEPS
-#=================================================
-# RECREATE THE DEDICATED USER
-#=================================================
-ynh_script_progression --message="Recreating the dedicated system user..." --weight=2
-
-# Create the dedicated user (if not existing)
-ynh_system_user_create --username=$app --home_dir="$final_path"
-
#=================================================
# RESTORE THE APP MAIN DIR
#=================================================
ynh_script_progression --message="Restoring the app main directory..." --weight=1
-ynh_restore_file --origin_path="$final_path"
+ynh_restore_file --origin_path="$install_dir"
-chmod 750 "$final_path"
-chmod -R o-rwx "$final_path"
-chown -R $app:www-data "$final_path"
+chmod 750 "$install_dir"
+chmod -R o-rwx "$install_dir"
+chown -R $app:www-data "$install_dir"
#=================================================
# RESTORE THE DATA DIRECTORY
#=================================================
ynh_script_progression --message="Restoring the data directory..." --weight=1
-ynh_restore_file --origin_path="$datadir" --not_mandatory
+ynh_restore_file --origin_path="$data_dir" --not_mandatory
-mkdir -p $datadir/{groups,recordings}
+mkdir -p $data_dir/{groups,recordings}
-chmod 750 "$datadir"
-chmod -R o-rwx "$datadir"
-chown -R $app:www-data "$datadir"
-
-#=================================================
-# SPECIFIC RESTORATION
-#=================================================
-# REINSTALL DEPENDENCIES
-#=================================================
-ynh_script_progression --message="Reinstalling dependencies..." --weight=1
-
-# Define and install dependencies
-ynh_install_app_dependencies $pkg_dependencies
+chmod 750 "$data_dir"
+chmod -R o-rwx "$data_dir"
+chown -R $app:www-data "$data_dir"
#=================================================
# RESTORE THE NGINX CONFIGURATION
@@ -107,7 +55,7 @@ systemctl enable $app.service --quiet
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --weight=2
-yunohost service add $app --description="Videoconferencing server" --needs_exposed_ports="$turn_port"
+yunohost service add $app --description="Videoconferencing server" --needs_exposed_ports="$port_turn"
yunohost service add ${app}_ldap --description="LDAP integration for the videoconferencing server"
#=================================================
diff --git a/scripts/upgrade b/scripts/upgrade
index bcc8364..dee0530 100644
--- a/scripts/upgrade
+++ b/scripts/upgrade
@@ -15,47 +15,16 @@ source /usr/share/yunohost/helpers
#=================================================
ynh_script_progression --message="Loading installation settings..." --weight=1
-app=$YNH_APP_INSTANCE_NAME
-
-domain=$(ynh_app_setting_get --app=$app --key=domain)
-path_url=$(ynh_app_setting_get --app=$app --key=path)
-admin=$(ynh_app_setting_get --app=$app --key=admin)
-password=$(ynh_app_setting_get --app=$app --key=password)
-final_path=$(ynh_app_setting_get --app=$app --key=final_path)
group_name=$(ynh_app_setting_get --app=$app --key=group_name)
group_description=$(ynh_app_setting_get --app=$app --key=group_description)
-port=$(ynh_app_setting_get --app=$app --key=port)
-ldap_port=$(ynh_app_setting_get --app=$app --key=ldap_port)
-key=$(ynh_app_setting_get --app=$app --key=key)
-turn_port=$(ynh_app_setting_get --app=$app --key=turn_port)
-datadir=$(ynh_app_setting_get --app=$app --key=datadir)
-
-if ynh_compare_current_package_version --comparison le --version 0.3.5~ynh3
-then
- ynh_die --message="Please, you need to remove the app and reinstall it"
-fi
+password=$(ynh_app_setting_get --app=$app --key=password)
#=================================================
# CHECK VERSION
#=================================================
-ynh_script_progression --message="Checking version..." --weight=1
upgrade_type=$(ynh_check_app_version_changed)
-#=================================================
-# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
-#=================================================
-ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=1
-
-# Backup the current version of the app
-ynh_backup_before_upgrade
-ynh_clean_setup () {
- # Restore it if the upgrade fails
- ynh_restore_upgradebackup
-}
-# Exit if an error occurs during the execution of the script
-ynh_abort_if_errors
-
#=================================================
# STANDARD UPGRADE STEPS
#=================================================
@@ -77,75 +46,33 @@ then
ynh_exec_warn_less yunohost firewall disallow TCP $port
fi
-# If final_path doesn't exist, create it
-if [ -z "$final_path" ]; then
- final_path=/var/www/$app
- mkdir -p $final_path
- ynh_app_setting_set --app=$app --key=final_path --value=$final_path
-fi
-
-# If ldap_port doesn't exist, create it
-if [ -z "$ldap_port" ]; then
- ldap_port=$(ynh_find_port --port=$(($port + 1)))
- ynh_app_setting_set --app=$app --key=port --value=$ldap_port
-fi
-
-# Cleaning legacy permissions
-if ynh_legacy_permissions_exists; then
- ynh_legacy_permissions_delete_all
-
- ynh_app_setting_delete --app=$app --key=is_public
-fi
-
-# We remove the old admin/password file if present
-if [ -f "$final_path/data/passwd" ] ; then
- ynh_secure_remove --file="$final_path/data/passwd"
-fi
-
# For version 0.6~ynh1 and before
-if [[ ! -d "$final_path/live" ]]
+if [[ ! -d "$install_dir/live" ]]
then
tempdir="$(mktemp -d)"
- mv $final_path $tempdir
- mkdir -p "$final_path/live"
- mv $tempdir/$app/galene "$final_path/live/"
- mv $tempdir/$app/data/ "$final_path/live/"
- mv $tempdir/$app/static/ "$final_path/live/"
+ mv $install_dir $tempdir
+ mkdir -p "$install_dir/live"
+ mv $tempdir/$app/galene "$install_dir/live/"
+ mv $tempdir/$app/data/ "$install_dir/live/"
+ mv $tempdir/$app/static/ "$install_dir/live/"
ynh_secure_remove --file="$tempdir"
fi
-#=================================================
-# CREATE DEDICATED USER
-#=================================================
-ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1
-
-# Create a dedicated user (if not existing)
-ynh_system_user_create --username=$app --home_dir="$final_path"
-
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
-
ynh_script_progression --message="Upgrading source files..." --weight=2
-ynh_setup_source --dest_dir="$final_path/build"
-ynh_setup_source --dest_dir="$final_path/build_ldap" --source_id="ldap"
-mkdir -p "$final_path/live/data"
-mkdir -p "$final_path/live_ldap/data"
-ynh_secure_remove --file="$final_path/live/static/"
-cp -r "$final_path/build/static/" "$final_path/live/"
-ynh_replace_string --match_string="" --replace_string="" --target_file="$final_path/live/static/galene.html"
+ynh_setup_source --dest_dir="$install_dir/build"
+ynh_setup_source --dest_dir="$install_dir/build_ldap" --source_id="ldap"
+mkdir -p "$install_dir/live/data"
+mkdir -p "$install_dir/live_ldap/data"
+#REMOVEME? ynh_secure_remove --file="$install_dir/live/static/"
+cp -r "$install_dir/build/static/" "$install_dir/live/"
+ynh_replace_string --match_string="" --replace_string="" --target_file="$install_dir/live/static/galene.html"
-chmod 750 "$final_path"
-chmod -R o-rwx "$final_path"
-chown -R $app:www-data "$final_path"
-
-#=================================================
-# UPGRADE DEPENDENCIES
-#=================================================
-ynh_script_progression --message="Upgrading dependencies..." --weight=1
-
-ynh_install_app_dependencies $pkg_dependencies
+chmod -R o-rwx "$install_dir"
+chown -R $app:www-data "$install_dir"
#=================================================
# NGINX CONFIGURATION
@@ -166,18 +93,18 @@ if [ "$upgrade_type" == "UPGRADE_APP" ]
then
ynh_exec_warn_less ynh_install_go --go_version=$go_version
ynh_use_go
- pushd $final_path/build/
- ynh_exec_as $app CGO_ENABLED=0 $ynh_go build -ldflags='-s -w' -o $final_path/live/
+ pushd $install_dir/build/
+ ynh_exec_warn_less ynh_exec_as $app CGO_ENABLED=0 $ynh_go build -ldflags='-s -w' -o $install_dir/live/
popd
- pushd $final_path/build_ldap/
- ynh_exec_as $app CGO_ENABLED=0 $ynh_go build -ldflags='-s -w' -o $final_path/live_ldap/
+ pushd $install_dir/build_ldap/
+ ynh_exec_warn_less ynh_exec_as $app CGO_ENABLED=0 $ynh_go build -ldflags='-s -w' -o $install_dir/live_ldap/
popd
ynh_remove_go
- ynh_secure_remove --file="$final_path/build/"
- ynh_secure_remove --file="$final_path/build_ldap/"
- ynh_secure_remove --file="$final_path/.cache/"
- ynh_secure_remove --file="$final_path/go/"
- ynh_secure_remove --file="$final_path/.go-version"
+ ynh_secure_remove --file="$install_dir/build/"
+ ynh_secure_remove --file="$install_dir/build_ldap/"
+ ynh_secure_remove --file="$install_dir/.cache/"
+ ynh_secure_remove --file="$install_dir/go/"
+ ynh_secure_remove --file="$install_dir/.go-version"
fi
#=================================================
@@ -186,9 +113,9 @@ fi
ynh_script_progression --message="Updating a configuration file..." --weight=2
# Configure Galène
-ynh_add_config --template="../conf/config.json" --destination="$final_path/live/data/config.json"
-chmod 400 "$final_path/live/data/config.json"
-chown $app:$app "$final_path/live/data/config.json"
+ynh_add_config --template="../conf/config.json" --destination="$install_dir/live/data/config.json"
+chmod 400 "$install_dir/live/data/config.json"
+chown $app:$app "$install_dir/live/data/config.json"
# Configure Galène LDAP
# If key doesn't exist, create it
@@ -196,19 +123,19 @@ if [ -z "$key" ]; then
key=$(jose jwk gen -i '{"kty":"oct","alg":"HS256"}')
ynh_app_setting_set --app=$app --key=key --value=$key
fi
-ynh_add_config --template="../conf/galene-ldap.json" --destination="$final_path/live_ldap/data/galene-ldap.json"
-chmod 400 "$final_path/live_ldap/data/galene-ldap.json"
-chown $app:$app "$final_path/live_ldap/data/galene-ldap.json"
+ynh_add_config --template="../conf/galene-ldap.json" --destination="$install_dir/live_ldap/data/galene-ldap.json"
+chmod 400 "$install_dir/live_ldap/data/galene-ldap.json"
+chown $app:$app "$install_dir/live_ldap/data/galene-ldap.json"
# Create a group name config
-ynh_add_config --template="../conf/groupname.json" --destination="$datadir/groups/$group_name.json"
-chmod 400 "$datadir/groups/$group_name.json"
-chown $app:$app "$datadir/groups/$group_name.json"
+ynh_add_config --template="../conf/groupname.json" --destination="$data_dir/groups/$group_name.json"
+chmod 400 "$data_dir/groups/$group_name.json"
+chown $app:$app "$data_dir/groups/$group_name.json"
# Create a group name authenticated on LDAP
-ynh_add_config --template="../conf/groupname-ldap.json" --destination="$datadir/groups/YunoHost_Users.json"
-chmod 400 "$datadir/groups/YunoHost_Users.json"
-chown $app:$app "$datadir/groups/YunoHost_Users.json"
+ynh_add_config --template="../conf/groupname-ldap.json" --destination="$data_dir/groups/YunoHost_Users.json"
+chmod 400 "$data_dir/groups/YunoHost_Users.json"
+chown $app:$app "$data_dir/groups/YunoHost_Users.json"
#=================================================
# SETUP SYSTEMD
@@ -228,7 +155,7 @@ ynh_add_systemd_config --service=${app}_ldap --template="ldap.service"
#=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
-yunohost service add $app --description="Videoconferencing server" --needs_exposed_ports="$turn_port"
+yunohost service add $app --description="Videoconferencing server" --needs_exposed_ports="$port_turn"
yunohost service add ${app}_ldap --description="LDAP integration for the videoconferencing server"
#=================================================
@@ -239,13 +166,6 @@ ynh_script_progression --message="Starting a systemd service..." --weight=1
ynh_systemd_action --service_name=$app --action="start" --log_path="systemd"
ynh_systemd_action --service_name=${app}_ldap --action="start" --log_path="systemd"
-#=================================================
-# RELOAD NGINX
-#=================================================
-ynh_script_progression --message="Reloading NGINX web server..." --weight=2
-
-ynh_systemd_action --service_name=nginx --action=reload
-
#=================================================
# END OF SCRIPT
#=================================================
diff --git a/scripts/ynh_install_go b/scripts/ynh_install_go
index 4e0b499..c0dfe12 100644
--- a/scripts/ynh_install_go
+++ b/scripts/ynh_install_go
@@ -30,14 +30,14 @@ export GOENV_ROOT="$goenv_install_dir"
# However, $PATH is duplicated into $go_path to outlast any manipulation of $PATH
# You can use the variable `$ynh_go_load_path` to quickly load your Go version
# in $PATH for an usage into a separate script.
-# Exemple: $ynh_go_load_path $final_path/script_that_use_gem.sh`
+# Exemple: $ynh_go_load_path $install_dir/script_that_use_gem.sh`
#
#
# Finally, to start a Go service with the correct version, 2 solutions
# Either the app is dependent of Go or gem, but does not called it directly.
# In such situation, you need to load PATH
# `Environment="__YNH_GO_LOAD_PATH__"`
-# `ExecStart=__FINALPATH__/my_app`
+# `ExecStart=__INSTALL_DIR__/my_app`
# You will replace __YNH_GO_LOAD_PATH__ with $ynh_go_load_path
#
# Or Go start the app directly, then you don't need to load the PATH variable
@@ -72,7 +72,7 @@ ynh_use_go () {
ynh_go_load_path="PATH=$PATH"
# Sets the local application-specific Go version
- pushd $final_path
+ pushd $install_dir
$goenv_install_dir/bin/goenv local $go_version
popd
}
diff --git a/tests.toml b/tests.toml
new file mode 100644
index 0000000..8626895
--- /dev/null
+++ b/tests.toml
@@ -0,0 +1,23 @@
+test_format = 1.0
+
+[default]
+
+ # ------------
+ # Tests to run
+ # ------------
+
+ exclude = ["install.subdir"]
+
+ # -------------------------------
+ # Default args to use for install
+ # -------------------------------
+
+ args.group_name = "public with space"
+ args.group_description = "My public space"
+
+ # -------------------------------
+ # Commits to test upgrade from
+ # -------------------------------
+
+ test_upgrade_from.212f4439.name = "Upgrade from 0.6.1~ynh2"
+
\ No newline at end of file