1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/galene_ynh.git synced 2024-09-03 18:36:31 +02:00

Implement LDAP authentication

This commit is contained in:
yalh76 2022-10-05 00:36:46 +02:00
parent c5cc50f1b1
commit 289e896fa9
28 changed files with 791 additions and 164 deletions

135
.github/workflows/updater.sh vendored Normal file
View file

@ -0,0 +1,135 @@
#!/bin/bash
#=================================================
# PACKAGE UPDATING HELPER
#=================================================
# This script is meant to be run by GitHub Actions
# The YunoHost-Apps organisation offers a template Action to run this script periodically
# Since each app is different, maintainers can adapt its contents so as to perform
# automatic actions when a new upstream release is detected.
#=================================================
# FETCHING LATEST RELEASE AND ITS ASSETS
#=================================================
# Fetching information
current_version=$(cat manifest.json | jq -j '.version|split("~")[0]')
repo=$(cat manifest.json | jq -j '.upstream.code|split("https://github.com/")[1]')
# Some jq magic is needed, because the latest upstream release is not always the latest version (e.g. security patches for older versions)
version=$(curl --silent "https://api.github.com/repos/$repo/tags" | jq -r '.[] | .name' | sort -V | tail -1)
assets=($(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '[ .[] | select(.tag_name=="'$version'").assets[].browser_download_url ] | join(" ") | @sh' | tr -d "'"))
# Later down the script, we assume the version has only digits and dots
# Sometimes the release name starts with a "v", so let's filter it out.
# You may need more tweaks here if the upstream repository has different naming conventions.
if [[ ${version:0:1} == "v" || ${version:0:1} == "V" ]]; then
version=${version:1}
fi
# Setting up the environment variables
echo "Current version: $current_version"
echo "Latest release from upstream: $version"
echo "VERSION=$version" >> $GITHUB_ENV
echo "REPO=$repo" >> $GITHUB_ENV
# For the time being, let's assume the script will fail
echo "PROCEED=false" >> $GITHUB_ENV
# Proceed only if the retrieved version is greater than the current one
if ! dpkg --compare-versions "$current_version" "lt" "$version" ; then
echo "::warning ::No new version available"
exit 0
# Proceed only if a PR for this new version does not already exist
elif git ls-remote -q --exit-code --heads https://github.com/$GITHUB_REPOSITORY.git ci-auto-update-v$version ; then
echo "::warning ::A branch already exists for this update"
exit 0
fi
# Each release can hold multiple assets (e.g. binaries for different architectures, source code, etc.)
echo "${#assets[@]} available asset(s)"
#=================================================
# UPDATE SOURCE FILES
#=================================================
# Here we use the $assets variable to get the resources published in the upstream release.
# Here is an example for Grav, it has to be adapted in accordance with how the upstream releases look like.
# Let's loop over the array of assets URLs
for asset_url in ${assets[@]}; do
echo "Handling asset at $asset_url"
# Assign the asset to a source file in conf/ directory
# Here we base the source file name upon a unique keyword in the assets url (admin vs. update)
# Leave $src empty to ignore the asset
case $asset_url in
*"admin"*)
src="app"
;;
*"update"*)
src="app-upgrade"
;;
*)
src=""
;;
esac
# If $src is not empty, let's process the asset
if [ ! -z "$src" ]; then
# Create the temporary directory
tempdir="$(mktemp -d)"
# Download sources and calculate checksum
filename=${asset_url##*/}
curl --silent -4 -L $asset_url -o "$tempdir/$filename"
checksum=$(sha256sum "$tempdir/$filename" | head -c 64)
# Delete temporary directory
rm -rf $tempdir
# Get extension
if [[ $filename == *.tar.gz ]]; then
extension=tar.gz
else
extension=${filename##*.}
fi
# Rewrite source file
cat <<EOT > conf/$src.src
SOURCE_URL=$asset_url
SOURCE_SUM=$checksum
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=$extension
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=
SOURCE_EXTRACT=true
EOT
echo "... conf/$src.src updated"
else
echo "... asset ignored"
fi
done
#=================================================
# SPECIFIC UPDATE STEPS
#=================================================
# Any action on the app's source code can be done.
# The GitHub Action workflow takes care of committing all changes after this script ends.
#=================================================
# GENERIC FINALIZATION
#=================================================
# Replace new version in manifest
echo "$(jq -s --indent 4 ".[] | .version = \"$version~ynh1\"" manifest.json)" > manifest.json
# No need to update the README, yunohost-bot takes care of it
# The Action will proceed only if the PROCEED environment variable is set to true
echo "PROCEED=true" >> $GITHUB_ENV
exit 0

49
.github/workflows/updater.yml vendored Normal file
View file

@ -0,0 +1,49 @@
# This workflow allows GitHub Actions to automagically update your app whenever a new upstream release is detected.
# You need to enable Actions in your repository settings, and fetch this Action from the YunoHost-Apps organization.
# This file should be enough by itself, but feel free to tune it to your needs.
# It calls updater.sh, which is where you should put the app-specific update steps.
name: Check for new upstream releases
on:
# Allow to manually trigger the workflow
workflow_dispatch:
# Run it every day at 6:00 UTC
schedule:
- cron: '0 6 * * *'
jobs:
updater:
runs-on: ubuntu-latest
steps:
- name: Fetch the source code
uses: actions/checkout@v2
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Run the updater script
id: run_updater
run: |
# Setting up Git user
git config --global user.name 'yunohost-bot'
git config --global user.email 'yunohost-bot@users.noreply.github.com'
# Run the updater script
/bin/bash .github/workflows/updater.sh
- name: Commit changes
id: commit
if: ${{ env.PROCEED == 'true' }}
run: |
git commit -am "Upgrade to v$VERSION"
- name: Create Pull Request
id: cpr
if: ${{ env.PROCEED == 'true' }}
uses: peter-evans/create-pull-request@v3
with:
token: ${{ secrets.GITHUB_TOKEN }}
commit-message: Update to version ${{ env.VERSION }}
committer: 'yunohost-bot <yunohost-bot@users.noreply.github.com>'
author: 'yunohost-bot <yunohost-bot@users.noreply.github.com>'
signoff: false
base: testing
branch: ci-auto-update-v${{ env.VERSION }}
delete-branch: true
title: 'Upgrade to version ${{ env.VERSION }}'
body: |
Upgrade to v${{ env.VERSION }}
draft: false

View file

@ -2,8 +2,8 @@
; Manifest ; Manifest
domain="domain.tld" domain="domain.tld"
path="/path" path="/path"
admin="john"
is_public=1 is_public=1
admin="john"
password="password" password="password"
group_name="public with space" group_name="public with space"
group_description="My public space" group_description="My public space"
@ -18,6 +18,7 @@
upgrade=1 from_commit=aaae7fbe83ce001fabd40509882e765a5d8da2c1 upgrade=1 from_commit=aaae7fbe83ce001fabd40509882e765a5d8da2c1
backup_restore=1 backup_restore=1
multi_instance=0 multi_instance=0
port_already_use=0
change_url=1 change_url=1
;;; Options ;;; Options
Email= Email=

View file

@ -1,6 +0,0 @@
SOURCE_URL=https://github.com/YunoHost-Apps/galene_ynh/releases/download/v0.6/galene_0.6_Linux_amd64.tar.gz
SOURCE_SUM=57264497dfb882d5843d0351e2f11e2e78a36f78e0622d32237896ff7c654326
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true
SOURCE_EXTRACT=true

7
conf/app.src Normal file
View file

@ -0,0 +1,7 @@
SOURCE_URL=https://github.com/jech/galene/archive/refs/tags/galene-0.6.tar.gz
SOURCE_SUM=672645e6d888e5a0c3b843355c85801e21bfea6f054fd6bafda5a0e9aebc589e
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=
SOURCE_EXTRACT=true

View file

@ -1,6 +0,0 @@
SOURCE_URL=https://github.com/YunoHost-Apps/galene_ynh/releases/download/v0.6/galene_0.6_Linux_arm64.tar.gz
SOURCE_SUM=8116b3b36fb70075ad94dd3a9b23b61ba0a1640b405ea1dda2baecc2b725070a
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true
SOURCE_EXTRACT=true

View file

@ -1,6 +0,0 @@
SOURCE_URL=https://github.com/YunoHost-Apps/galene_ynh/releases/download/v0.6/galene_0.6_Linux_arm7.tar.gz
SOURCE_SUM=723d154471267af5d64a98bb9b901e867a034a34e45f054401299fb59e09518f
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true
SOURCE_EXTRACT=true

View file

@ -1,4 +1,4 @@
{ {
"canonicalHost": "__DOMAIN__", "canonicalHost": "__DOMAIN__",
"admin":[{"username":"__ADMIN__","password":"__PASSWORD__"}] "admin":[{"username":"__ADMIN__","password":"__PASSWORD__"}]
} }

8
conf/galene-ldap.json Normal file
View file

@ -0,0 +1,8 @@
{
"httpAddress": "127.0.0.1:__LDAP_PORT__",
"ldapServer": "ldap://localhost:389",
"ldapBase": "ou=users,dc=yunohost,dc=org",
"key": __KEY__,
"groups": ["YunoHost_Users"],
"insecure": true
}

8
conf/groupname-ldap.json Normal file
View file

@ -0,0 +1,8 @@
{
"description": "Group of YunoHost users",
"public": true,
"authServer": "https://__DOMAIN__/auth/",
"authKeys": [
__KEY__
]
}

View file

@ -3,7 +3,7 @@
"presenter": [{}], "presenter": [{}],
"description": "__GROUP_DESCRIPTION__", "description": "__GROUP_DESCRIPTION__",
"public": true, "public": true,
"allow-anonymous": true, "allow-anonymous": true,
"allow-recording": true, "allow-recording": true,
"allow-subgroups": true "allow-subgroups": true
} }

View file

@ -1,6 +0,0 @@
SOURCE_URL=https://github.com/YunoHost-Apps/galene_ynh/releases/download/v0.6/galene_0.6_Linux_i386.tar.gz
SOURCE_SUM=898c8a01c17aa012457d39b6e918fb70dc5263df7a893b814241f8b9c236177f
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true
SOURCE_EXTRACT=true

View file

@ -1,11 +1,11 @@
[ [
{ {
"urls": [ "urls": [
"turn:turn.example.org:5349", "turn:turn.example.org:5349",
"turn:turn.example.org:5349?transport=tcp" "turn:turn.example.org:5349?transport=tcp"
], ],
"username": "galene", "username": "galene",
"credential": "secret", "credential": "secret",
"credentialType": "hmac-sha1" "credentialType": "hmac-sha1"
} }
] ]

15
conf/ldap.service Normal file
View file

@ -0,0 +1,15 @@
[Unit]
Description=Galène: LDAP integration for the videoconferencing server
Documentation=https://galene.org
After=network.target
[Service]
Type=simple
User=__APP__
Group=__APP__
WorkingDirectory=__FINALPATH__/live_ldap/
ExecStart=__FINALPATH__/live_ldap/galene-ldap -data __FINALPATH__/live_ldap/data/
LimitNOFILE=65536
[Install]
WantedBy=multi-user.target

7
conf/ldap.src Normal file
View file

@ -0,0 +1,7 @@
SOURCE_URL=https://github.com/jech/galene-ldap/archive/d0ffa0eadcf17150450d0222c07a2f8cf4e28d7e.tar.gz
SOURCE_SUM=e779ee173770799e3e0f398461a24f24576d87b1c8918712a8ee70702b74d4c9
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=
SOURCE_EXTRACT=true

View file

@ -1,6 +1,21 @@
location / { location /auth/ {
proxy_pass https://127.0.0.1:__PORT__; proxy_pass http://127.0.0.1:__LDAP_PORT__/;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
location / {
proxy_pass http://127.0.0.1:__PORT__/;
proxy_redirect off; proxy_redirect off;
proxy_set_header Host $host; proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;

View file

@ -1,14 +1,14 @@
[Unit] [Unit]
Description=Galène: videoconferencing server Description=Galène: Videoconferencing server
Documentation=https://galene.org Documentation=https://galene.org
After=network.target After=network.target
[Service] [Service]
Type=simple Type=simple
WorkingDirectory=__FINALPATH__/
User=__APP__ User=__APP__
Group=__APP__ Group=__APP__
ExecStart=__FINALPATH__/galene -turn __PUBLIC_IP4__:__TURN_PORT__ -udp-range 49152-65535 -groups /home/yunohost.app/__APP__/groups -recordings /home/yunohost.app/__APP__/recordings WorkingDirectory=__FINALPATH__/live/
ExecStart=__FINALPATH__/live/galene -http "127.0.0.1:__PORT__" -insecure -turn __PUBLIC_IP4__:__TURN_PORT__ -udp-range 49152-65535 -groups __DATADIR__/groups -recordings __DATADIR__/recordings -data __FINALPATH__/live/data/
LimitNOFILE=65536 LimitNOFILE=65536
[Install] [Install]

View file

@ -1,6 +1,7 @@
### Accessing groups ### Accessing groups
*Galène* meeting rooms are called "groups". Any group is accessible at `https://domain.tld/group/GroupName`, by typing its name in the home page search field, or by selecting it in the public list (if the group is configured as publicly visible, see below). *Galène* meeting rooms are called "groups". Any group is accessible at `https://domain.tld/group/GroupName`, by typing its name in the home page search field, or by selecting it in the public list (if the group is configured as publicly visible, see below).
During install a group is created with YunoHost LDAP authentication, accessible at `https://domain.tld/group/YunoHost_Users`.
#### Creating and configuring groups #### Creating and configuring groups

View file

@ -1,6 +1,7 @@
### Accéder à des groupes ### Accéder à des groupes
Les salles de réunion *Galène* sont appelées « groupes ». Tout groupe est accessible sur `https://domain.tld/group/GroupName`, en tapant son nom dans le champ de recherche de la page d'accueil, ou en le sélectionnant dans la liste publique (si le groupe est configuré comme visible publiquement, voir ci-dessous). Les salles de réunion *Galène* sont appelées « groupes ». Tout groupe est accessible sur `https://domain.tld/group/GroupName`, en tapant son nom dans le champ de recherche de la page d'accueil, ou en le sélectionnant dans la liste publique (si le groupe est configuré comme visible publiquement, voir ci-dessous).
Pendant l'installation, un groupe est créé avec l'authentification LDAP de YunoHost, accessible à `https://domain.tld/group/YunoHost_Users`.
#### Ajouter et configurer des groupes #### Ajouter et configurer des groupes

View file

@ -29,11 +29,20 @@
"nginx" "nginx"
], ],
"arguments": { "arguments": {
"install" : [ "install": [
{ {
"name": "domain", "name": "domain",
"type": "domain" "type": "domain"
}, },
{
"name": "is_public",
"type": "boolean",
"help": {
"en": "If enabled, Galène will be accessible by people who do not have an account. This can be changed later via the webadmin.",
"fr": "Si cette case est cochée, Galène sera accessible aux personnes nayant pas de compte. Vous pourrez changer ceci plus tard via la webadmin."
},
"default": true
},
{ {
"name": "admin", "name": "admin",
"type": "user" "type": "user"
@ -46,15 +55,6 @@
"fr": "Définissez le mot de passe administrateur (entre 8 et 30 caractères)" "fr": "Définissez le mot de passe administrateur (entre 8 et 30 caractères)"
} }
}, },
{
"name": "is_public",
"type": "boolean",
"help": {
"en": "If enabled, Galène will be accessible by people who do not have an account. This can be changed later via the webadmin.",
"fr": "Si cette case est cochée, Galène sera accessible aux personnes nayant pas de compte. Vous pourrez changer ceci plus tard via la webadmin."
},
"default": true
},
{ {
"name": "group_name", "name": "group_name",
"type": "string", "type": "string",

View file

@ -4,6 +4,11 @@
# COMMON VARIABLES # COMMON VARIABLES
#================================================= #=================================================
go_version=1.19
# dependencies used by the app (must be on a single line)
pkg_dependencies="jose"
#================================================= #=================================================
# PERSONAL HELPERS # PERSONAL HELPERS
#================================================= #=================================================

View file

@ -6,6 +6,7 @@
# IMPORT GENERIC HELPERS # IMPORT GENERIC HELPERS
#================================================= #=================================================
# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts
source ../settings/scripts/_common.sh source ../settings/scripts/_common.sh
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
@ -13,6 +14,9 @@ source /usr/share/yunohost/helpers
# MANAGE SCRIPT FAILURE # MANAGE SCRIPT FAILURE
#================================================= #=================================================
ynh_clean_setup () {
true
}
# Exit if an error occurs during the execution of the script # Exit if an error occurs during the execution of the script
ynh_abort_if_errors ynh_abort_if_errors
@ -50,17 +54,12 @@ ynh_backup --src_path="$datadir" --is_big
ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# BACKUP LOGROTATE
#=================================================
ynh_backup --src_path="/etc/logrotate.d/$app"
#================================================= #=================================================
# BACKUP SYSTEMD # BACKUP SYSTEMD
#================================================= #=================================================
ynh_backup --src_path="/etc/systemd/system/$app.service" ynh_backup --src_path="/etc/systemd/system/$app.service"
ynh_backup --src_path="/etc/systemd/system/${app}_ldap.service"
#================================================= #=================================================
# END OF SCRIPT # END OF SCRIPT

View file

@ -28,12 +28,17 @@ ynh_script_progression --message="Loading installation settings..." --weight=1
# Needed for helper "ynh_add_nginx_config" # Needed for helper "ynh_add_nginx_config"
final_path=$(ynh_app_setting_get --app=$app --key=final_path) final_path=$(ynh_app_setting_get --app=$app --key=final_path)
port=$(ynh_app_setting_get --app=$app --key=port)
# Add settings here as needed by your application
admin=$(ynh_app_setting_get --app=$app --key=admin) admin=$(ynh_app_setting_get --app=$app --key=admin)
password=$(ynh_app_setting_get --app=$app --key=password) password=$(ynh_app_setting_get --app=$app --key=password)
group_name=$(ynh_app_setting_get --app=$app --key=group_name)
port=$(ynh_app_setting_get --app=$app --key=port)
ldap_port=$(ynh_app_setting_get --app=$app --key=ldap_port)
key=$(ynh_app_setting_get --app=$app --key=key)
#================================================= #=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP # BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP
#================================================= #=================================================
ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=1 ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --weight=1
@ -72,7 +77,8 @@ fi
#================================================= #=================================================
ynh_script_progression --message="Stopping a systemd service..." --weight=1 ynh_script_progression --message="Stopping a systemd service..." --weight=1
ynh_systemd_action --service_name=$app --action=stop --log_path="/var/log/$app/$app.log" ynh_systemd_action --service_name=$app --action="stop" --log_path="systemd"
ynh_systemd_action --service_name=${app}_ldap --action="stop" --log_path="systemd"
#================================================= #=================================================
# MODIFY URL IN NGINX CONF # MODIFY URL IN NGINX CONF
@ -104,15 +110,32 @@ then
fi fi
#================================================= #=================================================
# CREATE DATA AND GROUPS FOLDER # SPECIFIC MODIFICATIONS
#================================================= #=================================================
ynh_script_progression --message="Updating configuration file..." --weight=2 # UPDATE A CONFIG FILE
#=================================================
ynh_script_progression --message="Updating a configuration file..." --weight=2
domain="$new_domain" domain="$new_domain"
ynh_add_config --template="../conf/config.json" --destination="$final_path/data/config.json" # Configure Galene
ynh_add_config --template="../conf/config.json" --destination="$final_path/live/data/config.json"
chmod 400 "$final_path/live/data/config.json"
chown $app:$app "$final_path/live/data/config.json"
chmod 400 "$final_path/data/config.json" # Configure Galene LDAP
chown $app:$app "$final_path/data/config.json" ynh_add_config --template="../conf/galene-ldap.json" --destination="$final_path/live_ldap/data/galene-ldap.json"
chmod 400 "$final_path/live_ldap/data/galene-ldap.json"
chown $app:$app "$final_path/live_ldap/data/galene-ldap.json"
# Create a group name config
ynh_add_config --template="../conf/groupname.json" --destination="$datadir/groups/$group_name.json"
chmod 400 "$datadir/groups/$group_name.json"
chown $app:$app "$datadir/groups/$group_name.json"
# Create a group name authenticated on LDAP
ynh_add_config --template="../conf/groupname-ldap.json" --destination="$datadir/groups/YunoHost_Users.json"
chmod 400 "$datadir/groups/YunoHost_Users.json"
chown $app:$app "$datadir/groups/YunoHost_Users.json"
#================================================= #=================================================
# GENERIC FINALISATION # GENERIC FINALISATION
@ -121,7 +144,9 @@ chown $app:$app "$final_path/data/config.json"
#================================================= #=================================================
ynh_script_progression --message="Starting a systemd service..." --weight=3 ynh_script_progression --message="Starting a systemd service..." --weight=3
ynh_systemd_action --service_name=$app --action=start --log_path="systemd" # Start a systemd service
ynh_systemd_action --service_name=$app --action="start" --log_path="systemd"
ynh_systemd_action --service_name=${app}_ldap --action="start" --log_path="systemd"
#================================================= #=================================================
# RELOAD NGINX # RELOAD NGINX

View file

@ -7,12 +7,16 @@
#================================================= #=================================================
source _common.sh source _common.sh
source ynh_install_go
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
#================================================= #=================================================
# MANAGE SCRIPT FAILURE # MANAGE SCRIPT FAILURE
#================================================= #=================================================
ynh_clean_setup () {
true
}
# Exit if an error occurs during the execution of the script # Exit if an error occurs during the execution of the script
ynh_abort_if_errors ynh_abort_if_errors
@ -22,8 +26,8 @@ ynh_abort_if_errors
domain=$YNH_APP_ARG_DOMAIN domain=$YNH_APP_ARG_DOMAIN
path_url="/" path_url="/"
admin=$YNH_APP_ARG_ADMIN
is_public=$YNH_APP_ARG_IS_PUBLIC is_public=$YNH_APP_ARG_IS_PUBLIC
admin=$YNH_APP_ARG_ADMIN
password=$YNH_APP_ARG_PASSWORD password=$YNH_APP_ARG_PASSWORD
group_name=$YNH_APP_ARG_GROUP_NAME group_name=$YNH_APP_ARG_GROUP_NAME
group_description=$YNH_APP_ARG_GROUP_DESCRIPTION group_description=$YNH_APP_ARG_GROUP_DESCRIPTION
@ -61,9 +65,12 @@ ynh_app_setting_set --app=$app --key=group_description --value="$group_descripti
ynh_script_progression --message="Finding an available port..." --weight=3 ynh_script_progression --message="Finding an available port..." --weight=3
# Find an available port # Find an available port
port=$(ynh_find_port --port=8443) port=$(ynh_find_port --port=8095)
ynh_app_setting_set --app=$app --key=port --value=$port ynh_app_setting_set --app=$app --key=port --value=$port
ldap_port=$(ynh_find_port --port=$(($port + 1)))
ynh_app_setting_set --app=$app --key=port --value=$ldap_port
# Find an available port for TURN # Find an available port for TURN
turn_port=$(ynh_find_port --port=1194) turn_port=$(ynh_find_port --port=1194)
ynh_app_setting_set --app=$app --key=turn_port --value=$turn_port ynh_app_setting_set --app=$app --key=turn_port --value=$turn_port
@ -76,6 +83,13 @@ ynh_exec_warn_less yunohost firewall allow Both $turn_port
# Reserve UDP Port range 49152:65535 # Reserve UDP Port range 49152:65535
ynh_exec_warn_less yunohost firewall allow UDP -4 49152:65535 ynh_exec_warn_less yunohost firewall allow UDP -4 49152:65535
#=================================================
# INSTALL DEPENDENCIES
#=================================================
ynh_script_progression --message="Installing dependencies..." --weight=1
ynh_install_app_dependencies $pkg_dependencies
#================================================= #=================================================
# CREATE DEDICATED USER # CREATE DEDICATED USER
#================================================= #=================================================
@ -91,24 +105,17 @@ ynh_script_progression --message="Setting up source files..." --weight=1
ynh_app_setting_set --app=$app --key=final_path --value=$final_path ynh_app_setting_set --app=$app --key=final_path --value=$final_path
# Download, check integrity, uncompress and patch the source from app.src # Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$final_path" --source_id=$YNH_ARCH ynh_setup_source --dest_dir="$final_path/build"
ynh_setup_source --dest_dir="$final_path/build_ldap" --source_id="ldap"
mkdir -p "$final_path/live/data"
mkdir -p "$final_path/live_ldap/data"
cp -r "$final_path/build/static/" "$final_path/live/"
ynh_replace_string --match_string="<div class=\"galene-header\">Galène</div>" --replace_string="<div class=\"galene-header\" onclick=\"location.href=window.location.origin\" style=\"cursor:pointer\">Galène</div>" --target_file="$final_path/live/static/galene.html"
chmod 750 "$final_path" chmod 750 "$final_path"
chmod -R o-rwx "$final_path" chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path" chown -R $app:www-data "$final_path"
#=================================================
# CREATE DATA AND GROUPS FOLDER
#=================================================
# Create data folder
mkdir -p "$final_path/data"
ynh_add_config --template="../conf/config.json" --destination="$final_path/data/config.json"
chmod 400 "$final_path/data/config.json"
chown $app:$app "$final_path/data/config.json"
#================================================= #=================================================
# NGINX CONFIGURATION # NGINX CONFIGURATION
#================================================= #=================================================
@ -117,6 +124,28 @@ ynh_script_progression --message="Configuring NGINX web server..." --weight=2
# Create a dedicated NGINX config # Create a dedicated NGINX config
ynh_add_nginx_config ynh_add_nginx_config
#=================================================
# SPECIFIC SETUP
#=================================================
# BUILD APP
#=================================================
ynh_script_progression --message="Building app..." --weight=1
ynh_install_go --go_version=$go_version
ynh_use_go
pushd $final_path/build/
ynh_exec_as $app CGO_ENABLED=0 $ynh_go build -ldflags='-s -w' -o $final_path/live/
popd
pushd $final_path/build_ldap/
ynh_exec_as $app CGO_ENABLED=0 $ynh_go build -ldflags='-s -w' -o $final_path/live_ldap/
popd
ynh_remove_go
ynh_secure_remove --file="$final_path/build/"
ynh_secure_remove --file="$final_path/build_ldap/"
ynh_secure_remove --file="$final_path/.cache/"
ynh_secure_remove --file="$final_path/go/"
ynh_secure_remove --file="$final_path/.go-version"
#================================================= #=================================================
# CREATE DATA DIRECTORY # CREATE DATA DIRECTORY
#================================================= #=================================================
@ -131,6 +160,33 @@ chmod 750 "$datadir"
chmod -R o-rwx "$datadir" chmod -R o-rwx "$datadir"
chown -R $app:www-data "$datadir" chown -R $app:www-data "$datadir"
#=================================================
# ADD A CONFIGURATION
#=================================================
ynh_script_progression --message="Adding a configuration file..." --weight=1
# Configure Galene
ynh_add_config --template="../conf/config.json" --destination="$final_path/live/data/config.json"
chmod 400 "$final_path/live/data/config.json"
chown $app:$app "$final_path/live/data/config.json"
# Configure Galene LDAP
key=$(jose jwk gen -i '{"kty":"oct","alg":"HS256"}')
ynh_app_setting_set --app=$app --key=key --value="$key"
ynh_add_config --template="../conf/galene-ldap.json" --destination="$final_path/live_ldap/data/galene-ldap.json"
chmod 400 "$final_path/live_ldap/data/galene-ldap.json"
chown $app:$app "$final_path/live_ldap/data/galene-ldap.json"
# Create a group name config
ynh_add_config --template="../conf/groupname.json" --destination="$datadir/groups/$group_name.json"
chmod 400 "$datadir/groups/$group_name.json"
chown $app:$app "$datadir/groups/$group_name.json"
# Create a group name authenticated on LDAP
ynh_add_config --template="../conf/groupname-ldap.json" --destination="$datadir/groups/YunoHost_Users.json"
chmod 400 "$datadir/groups/YunoHost_Users.json"
chown $app:$app "$datadir/groups/YunoHost_Users.json"
#================================================= #=================================================
# SETUP SYSTEMD # SETUP SYSTEMD
#================================================= #=================================================
@ -140,28 +196,17 @@ public_ip4="$(curl -s ip.yunohost.org)" || true
# Create a dedicated systemd config # Create a dedicated systemd config
ynh_add_systemd_config ynh_add_systemd_config
ynh_add_systemd_config --service=${app}_ldap --template="ldap.service"
#================================================= #=================================================
# MODIFY A CONFIG FILES # GENERIC FINALIZATION
#=================================================
# Create a group name config
ynh_add_config --template="../conf/groupname.json" --destination="$datadir/groups/$group_name.json"
#=================================================
# SETUP LOGROTATE
#=================================================
ynh_script_progression --message="Configuring log rotation..." --weight=1
# Use logrotate to manage application logfile(s)
ynh_use_logrotate
#================================================= #=================================================
# INTEGRATE SERVICE IN YUNOHOST # INTEGRATE SERVICE IN YUNOHOST
#================================================= #=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --weight=2 ynh_script_progression --message="Integrating service in YunoHost..." --weight=2
yunohost service add $app --description="Videoconferencing server" --log="/var/log/$app/$app.log" --needs_exposed_ports="$turn_port" yunohost service add $app --description="Videoconferencing server" --needs_exposed_ports="$turn_port"
yunohost service add ${app}_ldap --description="LDAP integration for the videoconferencing server"
#================================================= #=================================================
# START SYSTEMD SERVICE # START SYSTEMD SERVICE
@ -169,7 +214,8 @@ yunohost service add $app --description="Videoconferencing server" --log="/var/l
ynh_script_progression --message="Starting a systemd service..." --weight=1 ynh_script_progression --message="Starting a systemd service..." --weight=1
# Start a systemd service # Start a systemd service
ynh_systemd_action --service_name=$app --action=start --log_path="systemd" ynh_systemd_action --service_name=$app --action="start" --log_path="systemd"
ynh_systemd_action --service_name=${app}_ldap --action="start" --log_path="systemd"
#================================================= #=================================================
# SETUP SSOWAT # SETUP SSOWAT
@ -179,6 +225,8 @@ ynh_script_progression --message="Configuring permissions..." --weight=2
# Make app public if necessary # Make app public if necessary
if [ $is_public -eq 1 ] if [ $is_public -eq 1 ]
then then
# Everyone can access the app.
# The "main" permission is automatically created before the install script.
ynh_permission_update --permission="main" --add="visitors" ynh_permission_update --permission="main" --add="visitors"
fi fi

View file

@ -17,7 +17,6 @@ ynh_script_progression --message="Loading installation settings..." --weight=1
app=$YNH_APP_INSTANCE_NAME app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain) domain=$(ynh_app_setting_get --app=$app --key=domain)
port=$(ynh_app_setting_get --app=$app --key=port)
turn_port=$(ynh_app_setting_get --app=$app --key=turn_port) turn_port=$(ynh_app_setting_get --app=$app --key=turn_port)
final_path=$(ynh_app_setting_get --app=$app --key=final_path) final_path=$(ynh_app_setting_get --app=$app --key=final_path)
datadir=$(ynh_app_setting_get --app=$app --key=datadir) datadir=$(ynh_app_setting_get --app=$app --key=datadir)
@ -34,6 +33,12 @@ then
ynh_script_progression --message="Removing $app service integration..." --weight=1 ynh_script_progression --message="Removing $app service integration..." --weight=1
yunohost service remove $app yunohost service remove $app
fi fi
# Remove the service from the list of services known by YunoHost (added from `yunohost service add`)
if ynh_exec_warn_less yunohost service status ${app}_ldap >/dev/null
then
ynh_script_progression --message="Removing ${app}_ldap service integration..." --weight=1
yunohost service remove ${app}_ldap
fi
#================================================= #=================================================
# STOP AND REMOVE SERVICE # STOP AND REMOVE SERVICE
@ -42,14 +47,7 @@ ynh_script_progression --message="Stopping and removing the systemd service..."
# Remove the dedicated systemd config # Remove the dedicated systemd config
ynh_remove_systemd_config ynh_remove_systemd_config
ynh_remove_systemd_config --service=${app}_ldap
#=================================================
# REMOVE LOGROTATE CONFIGURATION
#=================================================
ynh_script_progression --message="Removing logrotate configuration..." --weight=1
# Remove the app-specific logrotate config
ynh_remove_logrotate
#================================================= #=================================================
# REMOVE APP MAIN DIR # REMOVE APP MAIN DIR
@ -63,11 +61,11 @@ ynh_secure_remove --file="$final_path"
# REMOVE DATA DIR # REMOVE DATA DIR
#================================================= #=================================================
# Remove the app data directory with the command `yunohost app remove galene --purge` # Remove the data directory if --purge option is used
if [ "${YNH_APP_PURGE:-0}" -eq 1 ] if [ "${YNH_APP_PURGE:-0}" -eq 1 ]
then then
ynh_script_progression --message="Removing $app data directory..." --weight=2 ynh_script_progression --message="Removing app data directory..." --weight=1
ynh_secure_remove --file="$datadir" ynh_secure_remove --file="$datadir"
fi fi
#================================================= #=================================================
@ -78,21 +76,32 @@ ynh_script_progression --message="Removing NGINX web server configuration..." --
# Remove the dedicated NGINX config # Remove the dedicated NGINX config
ynh_remove_nginx_config ynh_remove_nginx_config
#=================================================
# REMOVE DEPENDENCIES
#=================================================
ynh_script_progression --message="Removing dependencies..." --weight=1
# Remove metapackage and its dependencies
ynh_remove_app_dependencies
#================================================= #=================================================
# CLOSE A PORT # CLOSE A PORT
#================================================= #=================================================
ynh_script_progression --message="Closing ports..." --weight=1
if yunohost firewall list | grep -q "\- $turn_port$" if yunohost firewall list | grep -q "\- $turn_port$"
then then
ynh_script_progression --message="Closing port $turn_port..." --weight=1
ynh_exec_warn_less yunohost firewall disallow both $turn_port ynh_exec_warn_less yunohost firewall disallow both $turn_port
fi fi
if yunohost firewall list | grep -q "\- 49152:65535" if yunohost firewall list | grep -q "\- 49152:65535"
then then
ynh_script_progression --message="Closing UDP ports..." --weight=1
ynh_exec_warn_less yunohost firewall disallow UDP 49152:65535 ynh_exec_warn_less yunohost firewall disallow UDP 49152:65535
fi fi
#=================================================
# SPECIFIC REMOVE
#================================================= #=================================================
# GENERIC FINALIZATION # GENERIC FINALIZATION
#================================================= #=================================================

View file

@ -14,6 +14,9 @@ source /usr/share/yunohost/helpers
# MANAGE SCRIPT FAILURE # MANAGE SCRIPT FAILURE
#================================================= #=================================================
ynh_clean_setup () {
true
}
# Exit if an error occurs during the execution of the script # Exit if an error occurs during the execution of the script
ynh_abort_if_errors ynh_abort_if_errors
@ -36,16 +39,11 @@ datadir=$(ynh_app_setting_get --app=$app --key=datadir)
#================================================= #=================================================
ynh_script_progression --message="Validating restoration parameters..." --weight=1 ynh_script_progression --message="Validating restoration parameters..." --weight=1
test ! -d $final_path || ynh_die --message="There is already a directory: $final_path " test ! -d $final_path \
|| ynh_die --message="There is already a directory: $final_path "
#================================================= #=================================================
# STANDARD RESTORATION STEPS # STANDARD RESTORATION STEPS
#=================================================
# RESTORE THE NGINX CONFIGURATION
#=================================================
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#================================================= #=================================================
# RECREATE THE DEDICATED USER # RECREATE THE DEDICATED USER
#================================================= #=================================================
@ -78,34 +76,47 @@ chmod 750 "$datadir"
chmod -R o-rwx "$datadir" chmod -R o-rwx "$datadir"
chown -R $app:www-data "$datadir" chown -R $app:www-data "$datadir"
#=================================================
# SPECIFIC RESTORATION
#=================================================
# REINSTALL DEPENDENCIES
#=================================================
ynh_script_progression --message="Reinstalling dependencies..." --weight=1
# Define and install dependencies
ynh_install_app_dependencies $pkg_dependencies
#=================================================
# RESTORE THE NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the NGINX web server configuration..." --weight=1
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
#================================================= #=================================================
# RESTORE SYSTEMD # RESTORE SYSTEMD
#================================================= #=================================================
ynh_script_progression --message="Restoring the systemd configuration..." --weight=1 ynh_script_progression --message="Restoring the systemd configuration..." --weight=1
ynh_restore_file --origin_path="/etc/systemd/system/$app.service" ynh_restore_file --origin_path="/etc/systemd/system/$app.service"
ynh_restore_file --origin_path="/etc/systemd/system/${app}_ldap.service"
systemctl enable $app.service --quiet systemctl enable $app.service --quiet
#=================================================
# RESTORE THE LOGROTATE CONFIGURATION
#=================================================
ynh_script_progression --message="Restoring the logrotate configuration..." --weight=1
ynh_restore_file --origin_path="/etc/logrotate.d/$app"
#================================================= #=================================================
# INTEGRATE SERVICE IN YUNOHOST # INTEGRATE SERVICE IN YUNOHOST
#================================================= #=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --weight=2 ynh_script_progression --message="Integrating service in YunoHost..." --weight=2
yunohost service add $app --description="Videoconferencing server" --log="/var/log/$app/$app.log" --needs_exposed_ports="$turn_port" yunohost service add $app --description="Videoconferencing server" --needs_exposed_ports="$turn_port"
yunohost service add ${app}_ldap --description="LDAP integration for the videoconferencing server"
#================================================= #=================================================
# START SYSTEMD SERVICE # START SYSTEMD SERVICE
#================================================= #=================================================
ynh_script_progression --message="Starting a systemd service..." --weight=3 ynh_script_progression --message="Starting a systemd service..." --weight=3
ynh_systemd_action --service_name=$app --action=start --log_path="systemd" ynh_systemd_action --service_name=$app --action="start" --log_path="systemd"
ynh_systemd_action --service_name=${app}_ldap --action="start" --log_path="systemd"
#================================================= #=================================================
# GENERIC FINALIZATION # GENERIC FINALIZATION

View file

@ -7,6 +7,7 @@
#================================================= #=================================================
source _common.sh source _common.sh
source ynh_install_go
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
#================================================= #=================================================
@ -23,6 +24,8 @@ password=$(ynh_app_setting_get --app=$app --key=password)
final_path=$(ynh_app_setting_get --app=$app --key=final_path) final_path=$(ynh_app_setting_get --app=$app --key=final_path)
group_name=$(ynh_app_setting_get --app=$app --key=group_name) group_name=$(ynh_app_setting_get --app=$app --key=group_name)
port=$(ynh_app_setting_get --app=$app --key=port) port=$(ynh_app_setting_get --app=$app --key=port)
ldap_port=$(ynh_app_setting_get --app=$app --key=ldap_port)
key=$(ynh_app_setting_get --app=$app --key=key)
turn_port=$(ynh_app_setting_get --app=$app --key=turn_port) turn_port=$(ynh_app_setting_get --app=$app --key=turn_port)
if ynh_compare_current_package_version --comparison le --version 0.3.5~ynh3 if ynh_compare_current_package_version --comparison le --version 0.3.5~ynh3
@ -33,6 +36,7 @@ fi
#================================================= #=================================================
# CHECK VERSION # CHECK VERSION
#================================================= #=================================================
ynh_script_progression --message="Checking version..." --weight=1
upgrade_type=$(ynh_check_app_version_changed) upgrade_type=$(ynh_check_app_version_changed)
@ -50,6 +54,16 @@ ynh_clean_setup () {
# Exit if an error occurs during the execution of the script # Exit if an error occurs during the execution of the script
ynh_abort_if_errors ynh_abort_if_errors
#=================================================
# STANDARD UPGRADE STEPS
#=================================================
# STOP SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Stopping a systemd service..." --weight=3
ynh_systemd_action --service_name=$app --action="stop" --log_path="systemd"
ynh_systemd_action --service_name=${app}_ldap --action="stop" --log_path="systemd"
#================================================= #=================================================
# ENSURE DOWNWARD COMPATIBILITY # ENSURE DOWNWARD COMPATIBILITY
#================================================= #=================================================
@ -68,6 +82,12 @@ if [ -z "$final_path" ]; then
ynh_app_setting_set --app=$app --key=final_path --value=$final_path ynh_app_setting_set --app=$app --key=final_path --value=$final_path
fi fi
# If ldap_port doesn't exist, create it
if [ -z "$ldap_port" ]; then
ldap_port=$(ynh_find_port --port=$(($port + 1)))
ynh_app_setting_set --app=$app --key=port --value=$ldap_port
fi
# Cleaning legacy permissions # Cleaning legacy permissions
if ynh_legacy_permissions_exists; then if ynh_legacy_permissions_exists; then
ynh_legacy_permissions_delete_all ynh_legacy_permissions_delete_all
@ -75,6 +95,11 @@ if ynh_legacy_permissions_exists; then
ynh_app_setting_delete --app=$app --key=is_public ynh_app_setting_delete --app=$app --key=is_public
fi fi
# We remove the old admin/password file if present
if [ -f "$final_path/data/passwd" ] ; then
ynh_secure_remove --file="$final_path/data/passwd"
fi
#================================================= #=================================================
# CREATE DEDICATED USER # CREATE DEDICATED USER
#================================================= #=================================================
@ -83,15 +108,6 @@ ynh_script_progression --message="Making sure dedicated system user exists..." -
# Create a dedicated user (if not existing) # Create a dedicated user (if not existing)
ynh_system_user_create --username=$app --home_dir="$final_path" ynh_system_user_create --username=$app --home_dir="$final_path"
#=================================================
# STANDARD UPGRADE STEPS
#=================================================
# STOP SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Stopping a systemd service..." --weight=3
ynh_systemd_action --service_name=$app --action=stop --log_path="/var/log/$app/$app.log"
#================================================= #=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE # DOWNLOAD, CHECK AND UNPACK SOURCE
#================================================= #=================================================
@ -100,33 +116,25 @@ if [ "$upgrade_type" == "UPGRADE_APP" ]
then then
ynh_script_progression --message="Upgrading source files..." --weight=2 ynh_script_progression --message="Upgrading source files..." --weight=2
# Remove the app directory securely ynh_setup_source --dest_dir="$final_path/build"
ynh_secure_remove --file=$final_path ynh_setup_source --dest_dir="$final_path/build_ldap" --source_id="ldap"
ynh_setup_source --dest_dir="$final_path" --source_id=$YNH_ARCH #--keep="data/config.json"
fi fi
mkdir -p "$final_path/live/data"
mkdir -p "$final_path/live_ldap/data"
ynh_secure_remove --file="$final_path/live/static/"
cp -r "$final_path/build/static/" "$final_path/live/"
ynh_replace_string --match_string="<div class=\"galene-header\">Galène</div>" --replace_string="<div class=\"galene-header\" onclick=\"location.href=window.location.origin\" style=\"cursor:pointer\">Galène</div>" --target_file="$final_path/live/static/galene.html"
chmod 750 "$final_path" chmod 750 "$final_path"
chmod -R o-rwx "$final_path" chmod -R o-rwx "$final_path"
chown -R $app:www-data "$final_path" chown -R $app:www-data "$final_path"
#================================================= #=================================================
# UPGRADING CONFIGURATION FILE # UPGRADE DEPENDENCIES
#================================================= #=================================================
ynh_script_progression --message="Upgrading configuration file..." --weight=2 ynh_script_progression --message="Upgrading dependencies..." --weight=1
# Create data folder ynh_install_app_dependencies $pkg_dependencies
mkdir -p "$final_path/data"
# We remove the old admin/password file if present
if [ -f "$final_path/data/passwd" ] ; then
ynh_secure_remove --file="$final_path/data/passwd"
fi
ynh_add_config --template="../conf/config.json" --destination="$final_path/data/config.json"
chmod 400 "$final_path/data/config.json"
chown $app:$app "$final_path/data/config.json"
#================================================= #=================================================
# NGINX CONFIGURATION # NGINX CONFIGURATION
@ -136,6 +144,61 @@ ynh_script_progression --message="Upgrading NGINX web server configuration..." -
# Create a dedicated NGINX config # Create a dedicated NGINX config
ynh_add_nginx_config ynh_add_nginx_config
#=================================================
# SPECIFIC UPGRADE
#=================================================
# BUILD APP
#=================================================
ynh_script_progression --message="Building app..." --weight=1
if [ "$upgrade_type" == "UPGRADE_APP" ]
then
ynh_install_go --go_version=$go_version
ynh_use_go
pushd $final_path/build/
ynh_exec_as $app CGO_ENABLED=0 $ynh_go build -ldflags='-s -w' -o $final_path/live/
popd
pushd $final_path/build_ldap/
ynh_exec_as $app CGO_ENABLED=0 $ynh_go build -ldflags='-s -w' -o $final_path/live_ldap/
popd
ynh_remove_go
ynh_secure_remove --file="$final_path/build/"
ynh_secure_remove --file="$final_path/build_ldap/"
ynh_secure_remove --file="$final_path/.cache/"
ynh_secure_remove --file="$final_path/go/"
ynh_secure_remove --file="$final_path/.go-version"
fi
#=================================================
# UPDATE A CONFIG FILE
#=================================================
ynh_script_progression --message="Updating a configuration file..." --weight=2
# Configure Galene
ynh_add_config --template="../conf/config.json" --destination="$final_path/live/data/config.json"
chmod 400 "$final_path/live/data/config.json"
chown $app:$app "$final_path/live/data/config.json"
# Configure Galene LDAP
# If key doesn't exist, create it
if [ -z "$key" ]; then
key=$(jose jwk gen -i '{"kty":"oct","alg":"HS256"}')
ynh_app_setting_set --app=$app --key=key --value=$key
fi
ynh_add_config --template="../conf/galene-ldap.json" --destination="$final_path/live_ldap/data/galene-ldap.json"
chmod 400 "$final_path/live_ldap/data/galene-ldap.json"
chown $app:$app "$final_path/live_ldap/data/galene-ldap.json"
# Create a group name config
ynh_add_config --template="../conf/groupname.json" --destination="$datadir/groups/$group_name.json"
chmod 400 "$datadir/groups/$group_name.json"
chown $app:$app "$datadir/groups/$group_name.json"
# Create a group name authenticated on LDAP
ynh_add_config --template="../conf/groupname-ldap.json" --destination="$datadir/groups/YunoHost_Users.json"
chmod 400 "$datadir/groups/YunoHost_Users.json"
chown $app:$app "$datadir/groups/YunoHost_Users.json"
#================================================= #=================================================
# SETUP SYSTEMD # SETUP SYSTEMD
#================================================= #=================================================
@ -145,28 +208,25 @@ public_ip4="$(curl -s ip.yunohost.org)" || true
# Create a dedicated systemd config # Create a dedicated systemd config
ynh_add_systemd_config ynh_add_systemd_config
ynh_add_systemd_config --service=${app}_ldap --template="ldap.service"
#================================================= #=================================================
# SETUP LOGROTATE # GENERIC FINALIZATION
#=================================================
ynh_script_progression --message="Upgrading logrotate configuration..." --weight=1
# Use logrotate to manage app-specific logfile(s)
ynh_use_logrotate --non-append
#================================================= #=================================================
# INTEGRATE SERVICE IN YUNOHOST # INTEGRATE SERVICE IN YUNOHOST
#================================================= #=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 ynh_script_progression --message="Integrating service in YunoHost..." --weight=1
yunohost service add $app --description="Videoconferencing server" --log="/var/log/$app/$app.log" --needs_exposed_ports="$turn_port" yunohost service add $app --description="Videoconferencing server" --needs_exposed_ports="$turn_port"
yunohost service add ${app}_ldap --description="LDAP integration for the videoconferencing server"
#================================================= #=================================================
# START SYSTEMD SERVICE # START SYSTEMD SERVICE
#================================================= #=================================================
ynh_script_progression --message="Starting a systemd service..." --weight=1 ynh_script_progression --message="Starting a systemd service..." --weight=1
ynh_systemd_action --service_name=$app --action=start --log_path="systemd" ynh_systemd_action --service_name=$app --action="start" --log_path="systemd"
ynh_systemd_action --service_name=${app}_ldap --action="start" --log_path="systemd"
#================================================= #=================================================
# RELOAD NGINX # RELOAD NGINX

247
scripts/ynh_install_go Normal file
View file

@ -0,0 +1,247 @@
#!/bin/bash
ynh_go_try_bash_extension() {
if [ -x src/configure ]; then
src/configure && make -C src || {
ynh_print_info --message="Optional bash extension failed to build, but things will still work normally."
}
fi
}
goenv_install_dir="/opt/goenv"
go_version_path="$goenv_install_dir/versions"
# goenv_ROOT is the directory of goenv, it needs to be loaded as a environment variable.
export GOENV_ROOT="$goenv_install_dir"
# Load the version of Go for an app, and set variables.
#
# ynh_use_go has to be used in any app scripts before using Go for the first time.
# This helper will provide alias and variables to use in your scripts.
#
# To use gem or Go, use the alias `ynh_gem` and `ynh_go`
# Those alias will use the correct version installed for the app
# For example: use `ynh_gem install` instead of `gem install`
#
# With `sudo` or `ynh_exec_as`, use instead the fallback variables `$ynh_gem` and `$ynh_go`
# And propagate $PATH to sudo with $ynh_go_load_path
# Exemple: `ynh_exec_as $app $ynh_go_load_path $ynh_gem install`
#
# $PATH contains the path of the requested version of Go.
# However, $PATH is duplicated into $go_path to outlast any manipulation of $PATH
# You can use the variable `$ynh_go_load_path` to quickly load your Go version
# in $PATH for an usage into a separate script.
# Exemple: $ynh_go_load_path $final_path/script_that_use_gem.sh`
#
#
# Finally, to start a Go service with the correct version, 2 solutions
# Either the app is dependent of Go or gem, but does not called it directly.
# In such situation, you need to load PATH
# `Environment="__YNH_GO_LOAD_PATH__"`
# `ExecStart=__FINALPATH__/my_app`
# You will replace __YNH_GO_LOAD_PATH__ with $ynh_go_load_path
#
# Or Go start the app directly, then you don't need to load the PATH variable
# `ExecStart=__YNH_GO__ my_app run`
# You will replace __YNH_GO__ with $ynh_go
#
#
# one other variable is also available
# - $go_path: The absolute path to Go binaries for the chosen version.
#
# usage: ynh_use_go
#
# Requires YunoHost version 3.2.2 or higher.
ynh_use_go () {
go_version=$(ynh_app_setting_get --app=$app --key=go_version)
# Get the absolute path of this version of Go
go_path="$go_version_path/$go_version/bin"
# Allow alias to be used into bash script
shopt -s expand_aliases
# Create an alias for the specific version of Go and a variable as fallback
ynh_go="$go_path/go"
alias ynh_go="$ynh_go"
# Load the path of this version of Go in $PATH
if [[ :$PATH: != *":$go_path"* ]]; then
PATH="$go_path:$PATH"
fi
# Create an alias to easily load the PATH
ynh_go_load_path="PATH=$PATH"
# Sets the local application-specific Go version
pushd $final_path
$goenv_install_dir/bin/goenv local $go_version
popd
}
# Install a specific version of Go
#
# ynh_install_go will install the version of Go provided as argument by using goenv.
#
# This helper creates a /etc/profile.d/goenv.sh that configures PATH environment for goenv
# for every LOGIN user, hence your user must have a defined shell (as opposed to /usr/sbin/nologin)
#
# Don't forget to execute go-dependent command in a login environment
# (e.g. sudo --login option)
# When not possible (e.g. in systemd service definition), please use direct path
# to goenv shims (e.g. $goenv_ROOT/shims/bundle)
#
# usage: ynh_install_go --go_version=go_version
# | arg: -v, --go_version= - Version of go to install.
#
# Requires YunoHost version 3.2.2 or higher.
ynh_install_go () {
# Declare an array to define the options of this helper.
local legacy_args=v
local -A args_array=( [v]=go_version= )
local go_version
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
# Load goenv path in PATH
local CLEAR_PATH="$goenv_install_dir/bin:$PATH"
# Remove /usr/local/bin in PATH in case of Go prior installation
PATH=$(echo $CLEAR_PATH | sed 's@/usr/local/bin:@@')
# Move an existing Go binary, to avoid to block goenv
test -x /usr/bin/go && mv /usr/bin/go /usr/bin/go_goenv
# Install or update goenv
goenv="$(command -v goenv $goenv_install_dir/bin/goenv | head -1)"
if [ -n "$goenv" ]; then
ynh_print_info --message="goenv already seems installed in \`$goenv'."
pushd "${goenv%/*/*}"
if git remote -v 2>/dev/null | grep "https://github.com/syndbg/goenv.git"; then
echo "Trying to update with git..."
git pull -q --tags origin master
cd ..
ynh_go_try_bash_extension
fi
popd
else
ynh_print_info --message="Installing goenv with git..."
mkdir -p $goenv_install_dir
pushd $goenv_install_dir
git init -q
git remote add -f -t master origin https://github.com/syndbg/goenv.git > /dev/null 2>&1
git checkout -q -b master origin/master
ynh_go_try_bash_extension
goenv=$goenv_install_dir/bin/goenv
popd
fi
goenv_latest="$(command -v "$goenv_install_dir"/plugins/*/bin/goenv-latest goenv-latest | head -1)"
if [ -n "$goenv_latest" ]; then
ynh_print_info --message="\`goenv latest' command already available in \`$goenv_latest'."
pushd "${goenv_latest%/*/*}"
if git remote -v 2>/dev/null | grep "https://github.com/momo-lab/xxenv-latest.git"; then
ynh_print_info --message="Trying to update xxenv-latest with git..."
git pull -q origin master
fi
popd
else
ynh_print_info --message="Installing xxenv-latest with git..."
mkdir -p "${goenv_install_dir}/plugins"
git clone -q https://github.com/momo-lab/xxenv-latest.git "${goenv_install_dir}/plugins/xxenv-latest"
fi
# Enable caching
mkdir -p "${goenv_install_dir}/cache"
# Create shims directory if needed
mkdir -p "${goenv_install_dir}/shims"
# Restore /usr/local/bin in PATH
PATH=$CLEAR_PATH
# And replace the old Go binary
test -x /usr/bin/go_goenv && mv /usr/bin/go_goenv /usr/bin/go
# Install the requested version of Go
local final_go_version=$(goenv latest --print $go_version)
ynh_print_info --message="Installation of Go-$final_go_version"
goenv install --skip-existing $final_go_version
# Store go_version into the config of this app
ynh_app_setting_set --app=$YNH_APP_INSTANCE_NAME --key=go_version --value=$final_go_version
# Cleanup Go versions
ynh_cleanup_go
# Set environment for Go users
echo "#goenv
export GOENV_ROOT=$goenv_install_dir
export PATH=\"$goenv_install_dir/bin:$PATH\"
eval \"\$(goenv init -)\"
#goenv" > /etc/profile.d/goenv.sh
# Load the environment
eval "$(goenv init -)"
}
# Remove the version of Go used by the app.
#
# This helper will also cleanup Go versions
#
# usage: ynh_remove_go
ynh_remove_go () {
local go_version=$(ynh_app_setting_get --app=$YNH_APP_INSTANCE_NAME --key=go_version)
# Load goenv path in PATH
local CLEAR_PATH="$goenv_install_dir/bin:$PATH"
# Remove /usr/local/bin in PATH in case of Go prior installation
PATH=$(echo $CLEAR_PATH | sed 's@/usr/local/bin:@@')
# Remove the line for this app
ynh_app_setting_delete --app=$YNH_APP_INSTANCE_NAME --key=go_version
# Cleanup Go versions
ynh_cleanup_go
}
# Remove no more needed versions of Go used by the app.
#
# This helper will check what Go version are no more required,
# and uninstall them
# If no app uses Go, goenv will be also removed.
#
# usage: ynh_cleanup_go
ynh_cleanup_go () {
# List required Go versions
local installed_apps=$(yunohost app list --output-as json --quiet | jq -r .apps[].id)
local required_go_versions=""
for installed_app in $installed_apps
do
local installed_app_go_version=$(ynh_app_setting_get --app=$installed_app --key="go_version")
if [[ $installed_app_go_version ]]
then
required_go_versions="${installed_app_go_version}\n${required_go_versions}"
fi
done
# Remove no more needed Go versions
local installed_go_versions=$(goenv versions --bare --skip-aliases | grep -Ev '/')
for installed_go_version in $installed_go_versions
do
if ! `echo ${required_go_versions} | grep "${installed_go_version}" 1>/dev/null 2>&1`
then
ynh_print_info --message="Removing of Go-$installed_go_version"
$goenv_install_dir/bin/goenv uninstall --force $installed_go_version
fi
done
# If none Go version is required
if [[ ! $required_go_versions ]]
then
# Remove goenv environment configuration
ynh_print_info --message="Removing of goenv"
ynh_secure_remove --file="$goenv_install_dir"
ynh_secure_remove --file="/etc/profile.d/goenv.sh"
fi
}