Testing (#112)

* Stop auto updating for now * Update manifest.json * Update ynh_install_go * Update ynh_install_go * Update ldap.src * Add feature to readme * Auto-update README * 0.6.2 * Auto-update README * cleaning * Auto-update README * Auto-update README * Update systemd.service * Upgrade auto-updater (#106) * [autopatch] Upgrade auto-updater * Auto-update README --------- Co-authored-by: tituspijean <titus@pijean.ovh> * Galene v2 (#104) * v2 * Fix * Auto-update README * Fix * fix * Fix * Fix * Auto-update README * Fix * Auto-update README * Fix * Auto-update README * Update tests.toml * Fix * Update manifest.toml * Update manifest.toml * Update tests.toml * Update tests.toml * Update tests.toml * Update tests.toml * Update tests.toml * Update restore * Update install * Update upgrade * Update manifest.toml * Update ynh_install_go * Update change_url * Auto-update README * Update change_url * fix * Update change_url * Update change_url * Update manifest.toml * fix * Update systemd.service * Update systemd.service * Update systemd.service * Update systemd.service * Update systemd.service * Update upgrade * Update upgrade * Update install * Update upgrade * Update manifest.toml --------- Co-authored-by: yunohost-bot <yunohost@yunohost.org> * Update manifest.toml * Auto-update README * Update manifest.toml * Fix * Update DESCRIPTION.md * Auto-update README * Create POST_INSTALL.md * Auto-update README * fix * Auto-update README * Create POST_INSTALL_fr.md * Fix * Fix * Update change_url * Update manifest.toml * Delete app.src * fix * Update manifest.toml * cleaning * Update manifest.toml * Update manifest.toml * Update manifest.toml * Update manifest.toml * Update manifest.toml * Update install * Password generator (#109) * fix * Update install * Update install * Update install * Update install * Update manifest.toml * Update install * Update manifest.toml * fix * Update install * fix * fix * Update config.json * fix * Update manifest.toml * Auto-update README * Update upgrade * Update upgrade * fix * Update restore * Update _common.sh * hash password * autoupdate * Update manifest.toml * Update manifest.toml * Auto-update README --------- Co-authored-by: yunohost-bot <yunohost@yunohost.org> Co-authored-by: YunoHost Bot <yunohost-bot@users.noreply.github.com> Co-authored-by: tituspijean <titus@pijean.ovh>
2024-09-03 18:36:31 +02:00 · 2023-03-29 18:24:50 +02:00 · 2023-03-29 18:24:50 +02:00 · b8d9147241
commit b8d9147241
parent c135608074
7 changed files with 48 additions and 189 deletions
--- a/.github/workflows/updater.sh
+++ b/.github/workflows/updater.sh
@ -1,137 +0,0 @@
-#!/bin/bash
-
-#=================================================
-# PACKAGE UPDATING HELPER
-#=================================================
-
-# This script is meant to be run by GitHub Actions
-# The YunoHost-Apps organisation offers a template Action to run this script periodically
-# Since each app is different, maintainers can adapt its contents so as to perform
-# automatic actions when a new upstream release is detected.
-
-exit 1
-
-#=================================================
-# FETCHING LATEST RELEASE AND ITS ASSETS
-#=================================================
-
-# Fetching information
-current_version=$(cat manifest.json | jq -j '.version|split("~")[0]')
-repo=$(cat manifest.json | jq -j '.upstream.code|split("https://github.com/")[1]')
-# Some jq magic is needed, because the latest upstream release is not always the latest version (e.g. security patches for older versions)
-version=$(curl --silent "https://api.github.com/repos/$repo/tags" | jq -r '.[] | .name' | sort -V | tail -1)
-assets=($(curl --silent "https://api.github.com/repos/$repo/releases" | jq -r '[ .[] | select(.tag_name=="'$version'").assets[].browser_download_url ] | join(" ") | @sh' | tr -d "'"))
-
-# Later down the script, we assume the version has only digits and dots
-# Sometimes the release name starts with a "v", so let's filter it out.
-# You may need more tweaks here if the upstream repository has different naming conventions.
-if [[ ${version:0:1} == "v" || ${version:0:1} == "V" ]]; then
-	version=${version:1}
-fi
-
-# Setting up the environment variables
-echo "Current version: $current_version"
-echo "Latest release from upstream: $version"
-echo "VERSION=$version" >> $GITHUB_ENV
-echo "REPO=$repo" >> $GITHUB_ENV
-# For the time being, let's assume the script will fail
-echo "PROCEED=false" >> $GITHUB_ENV
-
-# Proceed only if the retrieved version is greater than the current one
-if ! dpkg --compare-versions "$current_version" "lt" "$version" ; then
-	echo "::warning ::No new version available"
-	exit 0
-# Proceed only if a PR for this new version does not already exist
-elif git ls-remote -q --exit-code --heads https://github.com/$GITHUB_REPOSITORY.git ci-auto-update-v$version ; then
-	echo "::warning ::A branch already exists for this update"
-	exit 0
-fi
-
-# Each release can hold multiple assets (e.g. binaries for different architectures, source code, etc.)
-echo "${#assets[@]} available asset(s)"
-
-#=================================================
-# UPDATE SOURCE FILES
-#=================================================
-
-# Here we use the $assets variable to get the resources published in the upstream release.
-# Here is an example for Grav, it has to be adapted in accordance with how the upstream releases look like.
-
-# Let's loop over the array of assets URLs
-for asset_url in ${assets[@]}; do
-
-	echo "Handling asset at $asset_url"
-
-	# Assign the asset to a source file in conf/ directory
-	# Here we base the source file name upon a unique keyword in the assets url (admin vs. update)
-	# Leave $src empty to ignore the asset
-	case $asset_url in
-		*"admin"*)
-			src="app"
-			;;
-		*"update"*)
-			src="app-upgrade"
-			;;
-		*)
-			src=""
-		;;
-	esac
-
-	# If $src is not empty, let's process the asset
-	if [ ! -z "$src" ]; then
-
-		# Create the temporary directory
-		tempdir="$(mktemp -d)"
-
-		# Download sources and calculate checksum
-		filename=${asset_url##*/}
-		curl --silent -4 -L $asset_url -o "$tempdir/$filename"
-		checksum=$(sha256sum "$tempdir/$filename" | head -c 64)
-
-		# Delete temporary directory
-		rm -rf $tempdir
-
-		# Get extension
-		if [[ $filename == *.tar.gz ]]; then
-			extension=tar.gz
-		else
-			extension=${filename##*.}
-		fi
-
-		# Rewrite source file
-		cat <<EOT > conf/$src.src
-SOURCE_URL=$asset_url
-SOURCE_SUM=$checksum
-SOURCE_SUM_PRG=sha256sum
-SOURCE_FORMAT=$extension
-SOURCE_IN_SUBDIR=true
-SOURCE_FILENAME=
-SOURCE_EXTRACT=true
-EOT
-		echo "... conf/$src.src updated"
-
-	else
-		echo "... asset ignored"
-	fi
-
-done
-
-#=================================================
-# SPECIFIC UPDATE STEPS
-#=================================================
-
-# Any action on the app's source code can be done.
-# The GitHub Action workflow takes care of committing all changes after this script ends.
-
-#=================================================
-# GENERIC FINALIZATION
-#=================================================
-
-# Replace new version in manifest
-echo "$(jq -s --indent 4 ".[] | .version = \"$version~ynh1\"" manifest.json)" > manifest.json
-
-# No need to update the README, yunohost-bot takes care of it
-
-# The Action will proceed only if the PROCEED environment variable is set to true
-echo "PROCEED=true" >> $GITHUB_ENV
-exit 0
--- a/.github/workflows/updater.yml
+++ b/.github/workflows/updater.yml
@ -1,49 +0,0 @@
-# This workflow allows GitHub Actions to automagically update your app whenever a new upstream release is detected.
-# You need to enable Actions in your repository settings, and fetch this Action from the YunoHost-Apps organization.
-# This file should be enough by itself, but feel free to tune it to your needs.
-# It calls updater.sh, which is where you should put the app-specific update steps.
-name: Check for new upstream releases
-on:
-  # Allow to manually trigger the workflow
-  workflow_dispatch:
-  # Run it every day at 6:00 UTC
-  schedule:
-    - cron:  '0 6 * * *'
-jobs:
-  updater:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Fetch the source code
-        uses: actions/checkout@v3
-        with:
-          token: ${{ secrets.GITHUB_TOKEN }}
-      - name: Run the updater script
-        id: run_updater
-        run: |
-          # Setting up Git user
-          git config --global user.name 'yunohost-bot'
-          git config --global user.email 'yunohost-bot@users.noreply.github.com'
-          # Run the updater script
-          /bin/bash .github/workflows/updater.sh
-      - name: Commit changes
-        id: commit
-        if: ${{ env.PROCEED == 'true' }}
-        run: |
-          git commit -am "Upgrade to v$VERSION"
-      - name: Create Pull Request
-        id: cpr
-        if: ${{ env.PROCEED == 'true' }}
-        uses: peter-evans/create-pull-request@v4
-        with:
-          token: ${{ secrets.GITHUB_TOKEN }}
-          commit-message: Update to version ${{ env.VERSION }}
-          committer: 'yunohost-bot <yunohost-bot@users.noreply.github.com>'
-          author: 'yunohost-bot <yunohost-bot@users.noreply.github.com>'
-          signoff: false
-          base: testing
-          branch: ci-auto-update-v${{ env.VERSION }}
-          delete-branch: true
-          title: 'Upgrade to version ${{ env.VERSION }}'
-          body: |
-            Upgrade to v${{ env.VERSION }}
-          draft: false
--- a/README.md
+++ b/README.md
@ -29,7 +29,7 @@ Galène is a videoconference server (an “SFU”) that is easy to deploy and th
 - LDAP support


-**Shipped version:** 0.6.2~ynh3
+**Shipped version:** 0.6.2~ynh4

 **Demo:** https://galene.org:8443/

--- a/README_fr.md
+++ b/README_fr.md
@ -29,7 +29,7 @@ Galène est un serveur de visioconférence (un « SFU ») facile à déployer et
 - prise en charge LDAP


-**Version incluse :** 0.6.2~ynh3
+**Version incluse :** 0.6.2~ynh4

 **Démo :** https://galene.org:8443/

--- a/doc/ADMIN.md
+++ b/doc/ADMIN.md
@ -12,6 +12,27 @@ To create a new group, you need to create a `GroupNameExample.json` file and res

 When Galène is removed, the data directory (`__DATA_DIR__`) is preserved. If you want to remove it along with Galène app, use the `--purge` option: `sudo yunohost app remove galene --purge`.

+#### Hashed passwords
+
+If you don’t wish to store cleartext passwords on the server, you may generate hashed passwords with the galene-password-generator utility:
+
+`./__INSTALL_DIR__/galene-password-generator your_password`
+
+
+A user entry with a hashed password looks like this:
+``` 
+{
+    "username": "jch",
+    "password": {
+        "type": "pbkdf2",
+        "hash": "sha-256",
+        "key": "f591c35604e6aef572851d9c3543c812566b032b6dc083c81edd15cc24449913",
+        "salt": "92bff2ace56fe38f",
+        "iterations": 4096
+    }
+}
+```
+
 ### Configuring your TURN server

 #### Using *Galène*'s internal TURN server
--- a/doc/ADMIN_fr.md
+++ b/doc/ADMIN_fr.md
@ -12,6 +12,27 @@ Pour créer un nouveau groupe, vous devez créer un fichier `GroupNameExample.js

 Lorsque Galène est supprimé, le répertoire de données (`__DATA_DIR__`) est conservé. Si vous souhaitez le supprimer avec l'application Galène, utilisez l'option `--purge` : `sudo yunohost app remove galene --purge`. 

+#### Mots de passe hachés
+
+Si vous ne souhaitez pas stocker les mots de passe en clair sur le serveur, vous pouvez générer des mots de passe hachés avec l'utilitaire galene-password-generator :
+
+`./__INSTALL_DIR__/galene-password-generator votre_mot_de_passe`
+
+Une entrée utilisateur avec un mot de passe haché ressemble à ceci :
+
+``` 
+{
+    "username": "jch",
+    "password": {
+        "type": "pbkdf2",
+        "hash": "sha-256",
+        "key": "f591c35604e6aef572851d9c3543c812566b032b6dc083c81edd15cc24449913",
+        "salt": "92bff2ace56fe38f",
+        "iterations": 4096
+    }
+}
+```
+
 ### Configurer votre serveur TURN

 #### Utilisation du serveur TURN de *Galène*
--- a/manifest.toml
+++ b/manifest.toml
@ -5,7 +5,7 @@ name = "Galène"
 description.en = "Videoconferencing server that is easy to deploy"
 description.fr = "Serveur de visioconférence facile à déployer"

-version = "0.6.2~ynh3"
+version = "0.6.2~ynh4"

 maintainers = ["eric_G"]

@ -67,10 +67,13 @@ ram.runtime = "50M"
    [resources.sources.main]
    url = "https://github.com/jech/galene/archive/refs/tags/galene-0.6.2.tar.gz"
    sha256 = "7caedc1b2cb8cfeee0136e02c006d13d7b2b3cb9908685654c8cec020265428d"
+    autoupdate.strategy = "latest_github_tag"
 
    [resources.sources.ldap]
    url = "https://github.com/jech/galene-ldap/archive/33b8a930372388b2b8b506d2564516fb3eaf895a.tar.gz"
    sha256 = "00247712e4e7944fed42026f056f48eb59a95cf476c3ff1cb6e24c54469ce070"
+    autoupdate.upstream = "https://github.com/jech/galene-ldap"
+    autoupdate.strategy = "latest_github_commit"

    [resources.system_user]