diff --git a/conf/groupname.json b/conf/groupname.json new file mode 100644 index 0000000..9751310 --- /dev/null +++ b/conf/groupname.json @@ -0,0 +1,4 @@ +{ + "op": [{"username": "__ADMIN__", "password": "__PASSWORD__"}], + "presenter": [{}] +} diff --git a/conf/nginx.conf b/conf/nginx.conf index d00f7c5..a79f5aa 100755 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,14 +1,20 @@ #sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; location __PATH__/ { - + # Force usage of https if ($scheme = http) { rewrite ^ https://$server_name$request_uri? permanent; } - proxy_pass http://127.0.0.1:__PORT__; - proxy_set_header X-Forwarded-For $remote_addr; - - # Include SSOWAT user panel. - include conf.d/yunohost_panel.conf.inc; + proxy_pass https://127.0.0.1:__PORT__; + proxy_redirect off; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Host $server_name; + + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; } diff --git a/conf/passwd b/conf/passwd new file mode 100644 index 0000000..61a88b3 --- /dev/null +++ b/conf/passwd @@ -0,0 +1 @@ +__ADMIN__:__PASSWORD__ \ No newline at end of file diff --git a/conf/systemd.service b/conf/systemd.service index ba8f9af..88914a9 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -1,5 +1,5 @@ [Unit] -Description=Galène +Description=Galene After=network.target [Service] diff --git a/manifest.json b/manifest.json index e0972f8..fc7d2d1 100644 --- a/manifest.json +++ b/manifest.json @@ -1,22 +1,22 @@ { - "name": "Galène", + "name": "Galene", "id": "galene", "packaging_format": 1, "description": { - "en": "videoconferencing server that is easy to deploy", - "fr": "serveur de visioconférence facile à déployer" + "en": "Videoconferencing server that is easy to deploy", + "fr": "Serveur de visioconférence facile à déployer" }, "version": "0.1~ynh1", "url": "https://galene.org/", "license": "MIT", "maintainer": { - "name": "John doe", - "email": "john.doe@example.com" + "name": "", + "email": "" }, "requirements": { - "yunohost": ">= 3.8.1" + "yunohost": ">= 4.0.8" }, - "multi_instance": true, + "multi_instance": false, "services": [ "nginx" ], @@ -31,16 +31,6 @@ }, "example": "example.com" }, - { - "name": "path", - "type": "path", - "ask": { - "en": "Choose a path for Galène", - "fr": "Choisissez un chemin pour Galène" - }, - "example": "/galene", - "default": "/galene" - }, { "name": "admin", "type": "user", @@ -59,16 +49,6 @@ }, "default": true }, - { - "name": "language", - "type": "string", - "ask": { - "en": "Choose the application language", - "fr": "Choisissez la langue de l'application" - }, - "choices": ["fr", "en"], - "default": "fr" - }, { "name": "password", "type": "password", diff --git a/scripts/_common.sh b/scripts/_common.sh index 7e55ac0..ecd263f 100755 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -5,7 +5,7 @@ #================================================= # dependencies used by the app -pkg_dependencies="deb1 deb2 php$YNH_DEFAULT_PHP_VERSION-deb1 php$YNH_DEFAULT_PHP_VERSION-deb2" +pkg_dependencies="" #================================================= # PERSONAL HELPERS diff --git a/scripts/backup b/scripts/backup index 2d5587f..95950f9 100755 --- a/scripts/backup +++ b/scripts/backup @@ -48,20 +48,13 @@ ynh_backup --src_path="$final_path" ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" -#================================================= -# BACKUP FAIL2BAN CONFIGURATION -#================================================= - -ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf" -ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf" - #================================================= # SPECIFIC BACKUP #================================================= # BACKUP LOGROTATE #================================================= -ynh_backup --src_path="/etc/logrotate.d/$app" +#ynh_backup --src_path="/etc/logrotate.d/$app" #================================================= # BACKUP SYSTEMD diff --git a/scripts/install b/scripts/install index 81f2a69..896152e 100755 --- a/scripts/install +++ b/scripts/install @@ -25,10 +25,9 @@ ynh_abort_if_errors #================================================= domain=$YNH_APP_ARG_DOMAIN -path_url=$YNH_APP_ARG_PATH +path_url="/" admin=$YNH_APP_ARG_ADMIN is_public=$YNH_APP_ARG_IS_PUBLIC -language=$YNH_APP_ARG_LANGUAGE password=$YNH_APP_ARG_PASSWORD app=$YNH_APP_INSTANCE_NAME @@ -38,7 +37,7 @@ app=$YNH_APP_INSTANCE_NAME #================================================= ynh_script_progression --message="Validating installation parameters..." --time --weight=1 -final_path=/var/www/$app +final_path=/opt/yunohost/$app test ! -e "$final_path" || ynh_die --message="This path already contains a folder" # Register (book) web path @@ -53,7 +52,6 @@ ynh_app_setting_set --app=$app --key=domain --value=$domain ynh_app_setting_set --app=$app --key=path --value=$path_url ynh_app_setting_set --app=$app --key=admin --value=$admin ynh_app_setting_set --app=$app --key=is_public --value=$is_public -ynh_app_setting_set --app=$app --key=language --value=$language #================================================= # STANDARD MODIFICATIONS @@ -63,7 +61,7 @@ ynh_app_setting_set --app=$app --key=language --value=$language ynh_script_progression --message="Configuring firewall..." --time --weight=1 # Find an available port -port=$(ynh_find_port --port=8095) +port=$(ynh_find_port --port=8443) ynh_app_setting_set --app=$app --key=port --value=$port # Optional: Expose this port publicly @@ -76,9 +74,9 @@ ynh_app_setting_set --app=$app --key=port --value=$port #================================================= # INSTALL DEPENDENCIES #================================================= -ynh_script_progression --message="Installing dependencies..." --time --weight=1 +#ynh_script_progression --message="Installing dependencies..." --time --weight=1 -ynh_install_app_dependencies $pkg_dependencies +#ynh_install_app_dependencies $pkg_dependencies #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE @@ -87,7 +85,20 @@ ynh_script_progression --message="Setting up source files..." --time --weight=1 ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src -ynh_setup_source --dest_dir="$final_path" +#ynh_setup_source --dest_dir="$final_path" +mkdir -p $final_path +cp -R ../sources/* $final_path/ + +#================================================= +# CREATE A SERVER CERTIFICATE +#================================================= + +pushd "$final_path" + ynh_exec_warn_less openssl req -newkey rsa:2048 -nodes -keyout data/key.pem -x509 -days 365 -out data/cert.pem \ + -subj "/C=/ST=/L=/O=/OU=/CN=/emailAddress=" + #chown root:ssl-cert data/{key.pem,cert.pem} + chmod 640 data/{key.pem,cert.pem} +popd #================================================= # NGINX CONFIGURATION @@ -117,14 +128,23 @@ ynh_add_systemd_config # MODIFY A CONFIG FILE #================================================= -ynh_replace_string --match_string="match_string" --replace_string="replace_string" --target_file="$final_path/CONFIG_FILE" +cp ../conf/passwd $final_path/data/passwd + +ynh_replace_string --match_string="__ADMIN__" --replace_string="$admin" --target_file="$final_path/data/passwd" +ynh_replace_string --match_string="__PASSWORD__" --replace_string="$password" --target_file="$final_path/data/passwd" + +cp ../conf/groupname.json $final_path/groups/groupname.json + +ynh_replace_string --match_string="__ADMIN__" --replace_string="$admin" --target_file="$final_path/groups/groupname.json" +ynh_replace_string --match_string="__PASSWORD__" --replace_string="$password" --target_file="$final_path/groups/groupname.json" #================================================= # STORE THE CONFIG FILE CHECKSUM #================================================= # Calculate and store the config file checksum into the app settings -ynh_store_file_checksum --file="$final_path/CONFIG_FILE" +ynh_store_file_checksum --file="$final_path/data/passwd" +ynh_store_file_checksum --file="$final_path/groups/groupname.json" #================================================= # GENERIC FINALIZATION @@ -133,22 +153,23 @@ ynh_store_file_checksum --file="$final_path/CONFIG_FILE" #================================================= # Set permissions to app files -chown -R root: $final_path +chown -R $app: $final_path +chmod -R 755 $final_path #================================================= # SETUP LOGROTATE #================================================= -ynh_script_progression --message="Configuring log rotation..." --time --weight=1 +#ynh_script_progression --message="Configuring log rotation..." --time --weight=1 # Use logrotate to manage application logfile(s) -ynh_use_logrotate +#ynh_use_logrotate #================================================= # INTEGRATE SERVICE IN YUNOHOST #================================================= ynh_script_progression --message="Integrating service in YunoHost..." --time --weight=1 -yunohost service add $app --description="A short description of the app" --log="/var/log/$app/$app.log" +yunohost service add $app --description="Videoconferencing server" --log="/var/log/$app/$app.log" #================================================= # START SYSTEMD SERVICE @@ -166,8 +187,7 @@ ynh_script_progression --message="Configuring SSOwat..." --time --weight=1 # Make app public if necessary if [ $is_public -eq 1 ] then - # unprotected_uris allows SSO credentials to be passed anyway. - ynh_app_setting_set --app=$app --key=unprotected_uris --value="/" + ynh_permission_update --permission "main" --add "visitors" fi #================================================= diff --git a/scripts/remove b/scripts/remove index abf0dad..a37f7bd 100755 --- a/scripts/remove +++ b/scripts/remove @@ -44,10 +44,10 @@ ynh_remove_systemd_config #================================================= # REMOVE DEPENDENCIES #================================================= -ynh_script_progression --message="Removing dependencies..." --time --weight=1 +#ynh_script_progression --message="Removing dependencies..." --time --weight=1 # Remove metapackage and its dependencies -ynh_remove_app_dependencies +#ynh_remove_app_dependencies #================================================= # REMOVE APP MAIN DIR @@ -65,31 +65,23 @@ ynh_script_progression --message="Removing NGINX web server configuration..." -- # Remove the dedicated NGINX config ynh_remove_nginx_config -#================================================= -# REMOVE PHP-FPM CONFIGURATION -#================================================= -ynh_script_progression --message="Removing PHP-FPM configuration..." --time --weight=1 - -# Remove the dedicated PHP-FPM config -ynh_remove_fpm_config - #================================================= # REMOVE LOGROTATE CONFIGURATION #================================================= -ynh_script_progression --message="Removing logrotate configuration..." --time --weight=1 +#ynh_script_progression --message="Removing logrotate configuration..." --time --weight=1 # Remove the app-specific logrotate config -ynh_remove_logrotate +#ynh_remove_logrotate #================================================= # CLOSE A PORT #================================================= -if yunohost firewall list | grep -q "\- $port$" -then - ynh_script_progression --message="Closing port $port..." --time --weight=1 - ynh_exec_warn_less yunohost firewall disallow TCP $port -fi +# if yunohost firewall list | grep -q "\- $port$" +# then +# ynh_script_progression --message="Closing port $port..." --time --weight=1 +# ynh_exec_warn_less yunohost firewall disallow TCP $port +# fi #================================================= # GENERIC FINALIZATION diff --git a/scripts/restore b/scripts/restore index 6070e7f..cc9b903 100755 --- a/scripts/restore +++ b/scripts/restore @@ -72,30 +72,15 @@ ynh_system_user_create --username=$app # Restore permissions on app files chown -R root: $final_path -#================================================= -# RESTORE THE PHP-FPM CONFIGURATION -#================================================= - -ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" - -#================================================= -# RESTORE FAIL2BAN CONFIGURATION -#================================================= -ynh_script_progression --message="Restoring the Fail2Ban configuration..." --time --weight=1 - -ynh_restore_file "/etc/fail2ban/jail.d/$app.conf" -ynh_restore_file "/etc/fail2ban/filter.d/$app.conf" -ynh_systemd_action --action=restart --service_name=fail2ban - #================================================= # SPECIFIC RESTORATION #================================================= # REINSTALL DEPENDENCIES #================================================= -ynh_script_progression --message="Reinstalling dependencies..." --time --weight=1 +#ynh_script_progression --message="Reinstalling dependencies..." --time --weight=1 # Define and install dependencies -ynh_install_app_dependencies $pkg_dependencies +#ynh_install_app_dependencies $pkg_dependencies #================================================= # RESTORE SYSTEMD @@ -110,7 +95,7 @@ systemctl enable $app.service --quiet #================================================= ynh_script_progression --message="Integrating service in YunoHost..." --time --weight=1 -yunohost service add $app --description="A short description of the app" --log="/var/log/$app/$app.log" +yunohost service add $app --description="Videoconferencing server" --log="/var/log/$app/$app.log" #================================================= # START SYSTEMD SERVICE @@ -123,7 +108,7 @@ ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$ap # RESTORE THE LOGROTATE CONFIGURATION #================================================= -ynh_restore_file --origin_path="/etc/logrotate.d/$app" +#ynh_restore_file --origin_path="/etc/logrotate.d/$app" #================================================= # GENERIC FINALIZATION diff --git a/scripts/upgrade b/scripts/upgrade index e70ab1f..7d69e7f 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -21,8 +21,6 @@ path_url=$(ynh_app_setting_get --app=$app --key=path) admin=$(ynh_app_setting_get --app=$app --key=admin) is_public=$(ynh_app_setting_get --app=$app --key=is_public) final_path=$(ynh_app_setting_get --app=$app --key=final_path) -language=$(ynh_app_setting_get --app=$app --key=language) -db_name=$(ynh_app_setting_get --app=$app --key=db_name) #================================================= # CHECK VERSION @@ -85,7 +83,8 @@ then ynh_script_progression --message="Upgrading source files..." --time --weight=1 # Download, check integrity, uncompress and patch the source from app.src - ynh_setup_source --dest_dir="$final_path" + #ynh_setup_source --dest_dir="$final_path" + cp -R ../sources $final_path fi #================================================= @@ -99,9 +98,9 @@ ynh_add_nginx_config #================================================= # UPGRADE DEPENDENCIES #================================================= -ynh_script_progression --message="Upgrading dependencies..." --time --weight=1 +#ynh_script_progression --message="Upgrading dependencies..." --time --weight=1 -ynh_install_app_dependencies $pkg_dependencies +#ynh_install_app_dependencies $pkg_dependencies #================================================= # CREATE DEDICATED USER @@ -123,14 +122,14 @@ ynh_add_systemd_config # MODIFY A CONFIG FILE #================================================= -### Verify the checksum of a file, stored by `ynh_store_file_checksum` in the install script. -### And create a backup of this file if the checksum is different. So the file will be backed up if the admin had modified it. -ynh_backup_if_checksum_is_different --file="$final_path/CONFIG_FILE" +# ### Verify the checksum of a file, stored by `ynh_store_file_checksum` in the install script. +# ### And create a backup of this file if the checksum is different. So the file will be backed up if the admin had modified it. +# ynh_backup_if_checksum_is_different --file="$final_path/CONFIG_FILE" -ynh_replace_string --match_string="match_string" --replace_string="replace_string" --target_file="$final_path/CONFIG_FILE" +# ynh_replace_string --match_string="match_string" --replace_string="replace_string" --target_file="$final_path/CONFIG_FILE" -# Recalculate and store the checksum of the file for the next upgrade. -ynh_store_file_checksum --file="$final_path/CONFIG_FILE" +# # Recalculate and store the checksum of the file for the next upgrade. +# ynh_store_file_checksum --file="$final_path/CONFIG_FILE" #================================================= # GENERIC FINALIZATION @@ -144,17 +143,17 @@ chown -R root: $final_path #================================================= # SETUP LOGROTATE #================================================= -ynh_script_progression --message="Upgrading logrotate configuration..." --time --weight=1 +# ynh_script_progression --message="Upgrading logrotate configuration..." --time --weight=1 -# Use logrotate to manage app-specific logfile(s) -ynh_use_logrotate --non-append +# # Use logrotate to manage app-specific logfile(s) +# ynh_use_logrotate --non-append #================================================= # INTEGRATE SERVICE IN YUNOHOST #================================================= ynh_script_progression --message="Integrating service in YunoHost..." --time --weight=1 -yunohost service add $app --description="A short description of the app" --log="/var/log/$app/$app.log" +yunohost service add $app --description="Videoconferencing server" --log="/var/log/$app/$app.log" #================================================= # START SYSTEMD SERVICE diff --git a/sources/data/ice-servers.json b/sources/data/ice-servers.json old mode 100644 new mode 100755 diff --git a/sources/data/passwd b/sources/data/passwd deleted file mode 100644 index e1d71a5..0000000 --- a/sources/data/passwd +++ /dev/null @@ -1 +0,0 @@ -__ADMIN__:__PASSWORD__ diff --git a/sources/galene b/sources/galene index 58f8a05..747b172 100755 Binary files a/sources/galene and b/sources/galene differ diff --git a/sources/group/client.go b/sources/group/client.go old mode 100644 new mode 100755 diff --git a/sources/group/client_test.go b/sources/group/client_test.go old mode 100644 new mode 100755 diff --git a/sources/group/group.go b/sources/group/group.go old mode 100644 new mode 100755 diff --git a/sources/group/group_test.go b/sources/group/group_test.go old mode 100644 new mode 100755 diff --git a/sources/groups/groupname.json b/sources/groups/groupname.json new file mode 100644 index 0000000..9751310 --- /dev/null +++ b/sources/groups/groupname.json @@ -0,0 +1,4 @@ +{ + "op": [{"username": "__ADMIN__", "password": "__PASSWORD__"}], + "presenter": [{}] +} diff --git a/sources/static/404.css b/sources/static/404.css old mode 100644 new mode 100755 diff --git a/sources/static/404.html b/sources/static/404.html old mode 100644 new mode 100755 diff --git a/sources/static/common.css b/sources/static/common.css old mode 100644 new mode 100755 diff --git a/sources/static/css/fontawesome.min.css b/sources/static/css/fontawesome.min.css old mode 100644 new mode 100755 diff --git a/sources/static/css/regular.css b/sources/static/css/regular.css old mode 100644 new mode 100755 diff --git a/sources/static/css/solid.css b/sources/static/css/solid.css old mode 100644 new mode 100755 diff --git a/sources/static/css/toastify.min.css b/sources/static/css/toastify.min.css old mode 100644 new mode 100755 diff --git a/sources/static/galene.css b/sources/static/galene.css old mode 100644 new mode 100755 diff --git a/sources/static/galene.html b/sources/static/galene.html old mode 100644 new mode 100755 diff --git a/sources/static/galene.js b/sources/static/galene.js old mode 100644 new mode 100755 diff --git a/sources/static/index.html b/sources/static/index.html old mode 100644 new mode 100755 diff --git a/sources/static/mainpage.css b/sources/static/mainpage.css old mode 100644 new mode 100755 diff --git a/sources/static/mainpage.js b/sources/static/mainpage.js old mode 100644 new mode 100755 diff --git a/sources/static/protocol.js b/sources/static/protocol.js old mode 100644 new mode 100755 diff --git a/sources/static/scripts/toastify.js b/sources/static/scripts/toastify.js old mode 100644 new mode 100755 diff --git a/sources/static/tsconfig.json b/sources/static/tsconfig.json old mode 100644 new mode 100755 diff --git a/sources/static/webfonts/fa-regular-400.eot b/sources/static/webfonts/fa-regular-400.eot old mode 100644 new mode 100755 diff --git a/sources/static/webfonts/fa-regular-400.ttf b/sources/static/webfonts/fa-regular-400.ttf old mode 100644 new mode 100755 diff --git a/sources/static/webfonts/fa-regular-400.woff b/sources/static/webfonts/fa-regular-400.woff old mode 100644 new mode 100755 diff --git a/sources/static/webfonts/fa-regular-400.woff2 b/sources/static/webfonts/fa-regular-400.woff2 old mode 100644 new mode 100755 diff --git a/sources/static/webfonts/fa-solid-900.eot b/sources/static/webfonts/fa-solid-900.eot old mode 100644 new mode 100755 diff --git a/sources/static/webfonts/fa-solid-900.ttf b/sources/static/webfonts/fa-solid-900.ttf old mode 100644 new mode 100755 diff --git a/sources/static/webfonts/fa-solid-900.woff b/sources/static/webfonts/fa-solid-900.woff old mode 100644 new mode 100755 diff --git a/sources/static/webfonts/fa-solid-900.woff2 b/sources/static/webfonts/fa-solid-900.woff2 old mode 100644 new mode 100755