From 5a2883014fade1a306f188205ea78715043b80a8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=89ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Mon, 25 Jan 2021 18:06:42 +0100 Subject: [PATCH] Testing (#17) * Fix some issues with Coturn settings and rights --- README.md | 2 +- README_fr.md | 2 +- conf/nginx.conf | 1 + conf/systemd.service | 1 + manifest.json | 2 +- pull_request_template.md | 4 +--- scripts/install | 14 ++++++-------- scripts/remove | 23 +++++++++++------------ scripts/restore | 16 ++++++---------- scripts/upgrade | 14 ++++++-------- sources/Coturn_config_rotate.sh | 13 ++++++++----- 11 files changed, 43 insertions(+), 49 deletions(-) diff --git a/README.md b/README.md index f13c3c1..d15aed7 100644 --- a/README.md +++ b/README.md @@ -55,7 +55,7 @@ To check if Galène can connect to the TURN server, connect to Galène as operat ## Documentation * Official documentation: https://galene.org/ - * YunoHost documentation: If specific documentation is needed, feel free to contribute. + * YunoHost documentation: https://yunohost.org/#/app_galene ## YunoHost specific features diff --git a/README_fr.md b/README_fr.md index 194c926..cb74052 100644 --- a/README_fr.md +++ b/README_fr.md @@ -55,7 +55,7 @@ Pour vérifier si Galène peut se connecter au serveur TURN, connectez-vous à G ## Documentation * Documentation officielle : https://galene.org/ - * Documentation YunoHost : If specific documentation is needed, feel free to contribute. + * Documentation YunoHost : https://yunohost.org/#/app_galene_fr ## Caractéristiques spécifiques YunoHost diff --git a/conf/nginx.conf b/conf/nginx.conf index a79f5aa..af8e491 100755 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -14,6 +14,7 @@ location __PATH__/ { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Host $server_name; + # WebSocket support proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; diff --git a/conf/systemd.service b/conf/systemd.service index ddc546d..cff556e 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -1,5 +1,6 @@ [Unit] Description=Galène: videoconferencing server +Documentation=https://galene.org After=network.target [Service] diff --git a/manifest.json b/manifest.json index 274c525..9e441ca 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "Videoconferencing server that is easy to deploy", "fr": "Serveur de visioconférence facile à déployer" }, - "version": "0.2~ynh4", + "version": "0.2~ynh5", "url": "https://galene.org/", "license": "MIT", "maintainer": { diff --git a/pull_request_template.md b/pull_request_template.md index ff7ebe8..6c28fc5 100644 --- a/pull_request_template.md +++ b/pull_request_template.md @@ -13,6 +13,4 @@ ## Package_check results --- -*If you have access to [App Continuous Integration for packagers](https://yunohost.org/#/packaging_apps_ci) you can provide a link to the package_check results like below, replacing '-NUM-' in this link by the PR number and USERNAME by your username on the ci-apps-dev. Or you provide a screenshot or a pastebin of the results* - -[![Build Status](https://ci-apps-dev.yunohost.org/jenkins/job/galene_ynh%20PR-NUM-%20(USERNAME)/badge/icon)](https://ci-apps-dev.yunohost.org/jenkins/job/galene_ynh%20PR-NUM-%20(USERNAME)/) +* An automatic package_check will be launch at https://ci-apps-dev.yunohost.org/, when you add a specific comment to your Pull Request: "!testme", "!gogogadgetoci" or "By the power of systemd, I invoke The Great App CI to test this Pull Request!"* diff --git a/scripts/install b/scripts/install index 155b2c8..ca8d7b1 100755 --- a/scripts/install +++ b/scripts/install @@ -188,14 +188,9 @@ ynh_print_ON public_ip4="$(curl ip.yunohost.org)" || true public_ip6="$(curl ipv6.yunohost.org)" || true -if [ -n "$public_ip4" ] && ynh_validate_ip4 --ip_address="$public_ip4" +if ( [[ -n "$public_ip4" ]] && ynh_validate_ip4 --ip_address="$public_ip4" || [[ -n "$public_ip6" ]] && ynh_validate_ip6 --ip_address="$public_ip6" ) then - echo "external-ip=$public_ip4" >> "$coturn_config_path" -fi - -if [ -n "$public_ip6" ] && ynh_validate_ip6 --ip_address="$public_ip6" -then - echo "external-ip=$public_ip6" >> "$coturn_config_path" + echo "external-ip=${public_ip4}/${public_ip6}" >> "$coturn_config_path" fi ynh_store_file_checksum --file="$coturn_config_path" @@ -245,6 +240,8 @@ ynh_use_logrotate --logfile "/var/log/$app" # For any update do it in all files cp ../sources/Coturn_config_rotate.sh $final_path/Coturn_config_rotate.sh +ynh_replace_string --match_string=__APP__ --replace_string=$app --target_file="$final_path/Coturn_config_rotate.sh" +chmod +x $final_path/Coturn_config_rotate.sh #================================================= # GENERIC FINALIZATION @@ -257,6 +254,7 @@ chown -R $app:root $final_path chmod -R 755 $final_path chown -R $app:root /var/log/$app chown -R $app:root /etc/$app +chown turnserver:root $coturn_config_path chmod -R u=rwX,g=rX,o= /etc/$app chmod 770 $final_path/Coturn_config_rotate.sh setfacl -R -m user:turnserver:rX /etc/$app @@ -287,7 +285,7 @@ ynh_script_progression --message="Configuring permissions..." --weight=2 # Make app public if necessary if [ $is_public -eq 1 ] then - ynh_permission_update --permission "main" --add "visitors" + ynh_permission_update --permission="main" --add="visitors" fi #================================================= diff --git a/scripts/remove b/scripts/remove index e297f87..220f571 100755 --- a/scripts/remove +++ b/scripts/remove @@ -87,18 +87,17 @@ ynh_remove_logrotate # CLOSE A PORT #================================================= -closeport() { - local port=$1 - if yunohost firewall list | grep -q "\- $turnserver_tls_port$" - then - ynh_script_progression --message="Closing port $turnserver_tls_port port" - ynh_exec_warn_less yunohost firewall disallow Both $turnserver_tls_port - elif yunohost firewall list | grep -q "\- $turnserver_alt_tls_port$" - then - ynh_script_progression --message="Closing port $turnserver_alt_tls_port port" - ynh_exec_warn_less yunohost firewall disallow Both $turnserver_alt_tls_port - fi -} +if yunohost firewall list | grep -q "\- $turnserver_tls_port$" +then + ynh_script_progression --message="Closing port $turnserver_tls_port..." --weight=1 + ynh_exec_warn_less yunohost firewall disallow Both $turnserver_tls_port +fi + +if yunohost firewall list | grep -q "\- $turnserver_alt_tls_port$" +then + ynh_script_progression --message="Closing port $turnserver_alt_tls_port..." --weight=1 + ynh_exec_warn_less yunohost firewall disallow Both $turnserver_alt_tls_port +fi #================================================= # GENERIC FINALIZATION diff --git a/scripts/restore b/scripts/restore index f67b3ab..07af19d 100755 --- a/scripts/restore +++ b/scripts/restore @@ -76,8 +76,8 @@ ynh_script_progression --message="Recreating the dedicated system user..." --wei # Create the dedicated user (if not existing) ynh_system_user_create --username=$app -ynh_system_user_create --username=turnserver ssl-cert -#adduser turnserver ssl-cert +ynh_system_user_create --username=turnserver +adduser turnserver ssl-cert #================================================= # RESTORE SYSTEMD @@ -103,7 +103,7 @@ yunohost service add coturn-$app --needs_exposed_ports $turnserver_tls_port #================================================= ynh_script_progression --message="Starting a systemd service..." --weight=3 -ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" +ynh_systemd_action --service_name=$app --action=start --log_path="/var/log/$app/$app.log" yunohost service add coturn-$app --needs_exposed_ports $turnserver_tls_port #================================================= @@ -158,14 +158,9 @@ ynh_print_ON public_ip4="$(curl ip.yunohost.org)" || true public_ip6="$(curl ipv6.yunohost.org)" || true -if [ -n "$public_ip4" ] && ynh_validate_ip4 --ip_address="$public_ip4" +if ( [[ -n "$public_ip4" ]] && ynh_validate_ip4 --ip_address="$public_ip4" || [[ -n "$public_ip6" ]] && ynh_validate_ip6 --ip_address="$public_ip6" ) then - echo "external-ip=$public_ip4" >> "$coturn_config_path" -fi - -if [ -n "$public_ip6" ] && ynh_validate_ip6 --ip_address="$public_ip6" -then - echo "external-ip=$public_ip6" >> "$coturn_config_path" + echo "external-ip=${public_ip4}/${public_ip6}" >> "$coturn_config_path" fi ynh_store_file_checksum --file="$coturn_config_path" @@ -189,6 +184,7 @@ chown -R $app:root $final_path chmod -R 755 $final_path chown -R $app:root /var/log/$app chown -R $app:root /etc/$app +chown turnserver:root $coturn_config_path chmod -R u=rwX,g=rX,o= /etc/$app chmod 770 $final_path/Coturn_config_rotate.sh setfacl -R -m user:turnserver:rX /etc/$app diff --git a/scripts/upgrade b/scripts/upgrade index ab21e12..a872b6e 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -68,7 +68,7 @@ ynh_abort_if_errors #================================================= ynh_script_progression --message="Stopping a systemd service..." --weight=3 -ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log" +ynh_systemd_action --service_name=$app --action=stop --log_path="/var/log/$app/$app.log" #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE @@ -181,14 +181,9 @@ ynh_print_ON public_ip4="$(curl ip.yunohost.org)" || true public_ip6="$(curl ipv6.yunohost.org)" || true -if [ -n "$public_ip4" ] && ynh_validate_ip4 --ip_address="$public_ip4" +if ( [[ -n "$public_ip4" ]] && ynh_validate_ip4 --ip_address="$public_ip4" || [[ -n "$public_ip6" ]] && ynh_validate_ip6 --ip_address="$public_ip6" ) then - echo "external-ip=$public_ip4" >> "$coturn_config_path" -fi - -if [ -n "$public_ip6" ] && ynh_validate_ip6 --ip_address="$public_ip6" -then - echo "external-ip=$public_ip6" >> "$coturn_config_path" + echo "external-ip=${public_ip4}/${public_ip6}" >> "$coturn_config_path" fi ynh_store_file_checksum --file="$coturn_config_path" @@ -201,6 +196,8 @@ ynh_store_file_checksum --file="$coturn_config_path" # For any update do it in all files cp ../sources/Coturn_config_rotate.sh $final_path/Coturn_config_rotate.sh +ynh_replace_string --match_string=__APP__ --replace_string=$app --target_file="$final_path/Coturn_config_rotate.sh" +chmod +x $final_path/Coturn_config_rotate.sh #================================================= # MODIFY A CONFIG FILE @@ -262,6 +259,7 @@ chown -R $app:root $final_path chmod -R 755 $final_path chown -R $app:root /var/log/$app chown -R $app:root /etc/$app +chown turnserver:root $coturn_config_path chmod -R u=rwX,g=rX,o= /etc/$app chmod 770 $final_path/Coturn_config_rotate.sh setfacl -R -m user:turnserver:rX /etc/$app diff --git a/sources/Coturn_config_rotate.sh b/sources/Coturn_config_rotate.sh index 1982f3c..b0c554a 100644 --- a/sources/Coturn_config_rotate.sh +++ b/sources/Coturn_config_rotate.sh @@ -1,21 +1,24 @@ #!/bin/bash - source /usr/share/yunohost/helpers -external_IP_line="external-ip=__IPV4__,__IPV6__" +external_IP_line="external-ip=__IPV4__/__IPV6__" public_ip4="$(curl ip.yunohost.org)" || true public_ip6="$(curl ipv6.yunohost.org)" || true if [ -n "$public_ip4" ] && ynh_validate_ip4 --ip_address="$public_ip4" then - echo "external-ip=$public_ip4" >> "$coturn_config_path" + external_IP_line="${external_IP_line/'__IPV4__'/$public_ip4}" +else + external_IP_line="${external_IP_line/'__IPV4__/'/}" fi if [ -n "$public_ip6" ] && ynh_validate_ip6 --ip_address="$public_ip6" then - echo "external-ip=$public_ip6" >> "$coturn_config_path" + external_IP_line="${external_IP_line/'__IPV6__'/$public_ip6}" +else + external_IP_line="${external_IP_line/'/__IPV6__'/}" fi old_config_line=$(egrep "^external-ip=.*\$" "/etc/$app/coturn.conf") @@ -26,7 +29,7 @@ setfacl -R -m user:turnserver:rX /etc/$app if [ "$old_config_line" != "$new_config_line" ] then - systemctl restart coturn-$app.service + systemctl restart coturn-__APP__.service fi exit 0