diff --git a/README.md b/README.md
index 5d2fdc7..337e6f7 100644
--- a/README.md
+++ b/README.md
@@ -29,7 +29,7 @@ Galène is a videoconference server (an “SFU”) that is easy to deploy and th
- LDAP support
-**Shipped version:** 0.6.2~ynh2
+**Shipped version:** 0.6.2~ynh3
**Demo:** https://galene.org:8443/
diff --git a/README_fr.md b/README_fr.md
index 045dbce..205a331 100644
--- a/README_fr.md
+++ b/README_fr.md
@@ -29,7 +29,7 @@ Galène est un serveur de visioconférence (un « SFU ») facile à déployer et
- prise en charge LDAP
-**Version incluse :** 0.6.2~ynh2
+**Version incluse :** 0.6.2~ynh3
**Démo :** https://galene.org:8443/
diff --git a/conf/config.json b/conf/config.json
index 1a49c26..81042d0 100644
--- a/conf/config.json
+++ b/conf/config.json
@@ -1,4 +1,4 @@
{
"canonicalHost": "__DOMAIN__",
- "admin":[{"username":"__ADMIN__","password":"__PASSWORD__"}]
+ "admin":[{"username":"__ADMIN__", "password": __PASSWORD_HASH__}]
}
diff --git a/conf/groupname.json b/conf/groupname.json
index eff91e8..cef3c09 100644
--- a/conf/groupname.json
+++ b/conf/groupname.json
@@ -1,5 +1,5 @@
{
- "op": [{"username": "__ADMIN__", "password": "__PASSWORD__"}],
+ "op": [{"username": "__ADMIN__", "password": __PASSWORD_HASH__}],
"presenter": [{}],
"description": "__GROUP_DESCRIPTION__",
"public": true,
diff --git a/conf/systemd.service b/conf/systemd.service
index aa4af39..8207fb1 100644
--- a/conf/systemd.service
+++ b/conf/systemd.service
@@ -1,5 +1,5 @@
[Unit]
-Description=Galène: Videoconferencing server
+Description=Galène: videoconferencing server
Documentation=https://galene.org
After=network.target
diff --git a/manifest.toml b/manifest.toml
index 741f4b1..cbd68a5 100644
--- a/manifest.toml
+++ b/manifest.toml
@@ -5,7 +5,7 @@ name = "Galène"
description.en = "Videoconferencing server that is easy to deploy"
description.fr = "Serveur de visioconférence facile à déployer"
-version = "0.6.2~ynh2"
+version = "0.6.2~ynh3"
maintainers = ["eric_G"]
@@ -18,11 +18,11 @@ userdoc = "https://galene.org/faq.html"
code = "https://github.com/jech/galene"
[integration]
-yunohost = ">= 11.1.14"
+yunohost = ">= 11.1.15"
architectures = "all"
multi_instance = false
ldap = true
-sso = "not_relevant"
+sso = false
disk = "50M"
ram.build = "400M"
ram.runtime = "50M"
@@ -62,6 +62,16 @@ ram.runtime = "50M"
optional = true
[resources]
+
+[resources.sources]
+ [resources.sources.main]
+ url = "https://github.com/jech/galene/archive/refs/tags/galene-0.6.2.tar.gz"
+ sha256 = "7caedc1b2cb8cfeee0136e02c006d13d7b2b3cb9908685654c8cec020265428d"
+
+ [resources.sources.ldap]
+ url = "https://github.com/jech/galene-ldap/archive/33b8a930372388b2b8b506d2564516fb3eaf895a.tar.gz"
+ sha256 = "00247712e4e7944fed42026f056f48eb59a95cf476c3ff1cb6e24c54469ce070"
+
[resources.system_user]
[resources.install_dir]
@@ -79,12 +89,3 @@ ram.runtime = "50M"
[resources.apt]
packages = "jose"
-
-[resources.sources]
- [resources.sources.main]
- url = "https://github.com/jech/galene/archive/refs/tags/galene-0.6.2.tar.gz"
- sha256 = "7caedc1b2cb8cfeee0136e02c006d13d7b2b3cb9908685654c8cec020265428d"
-
- [resources.sources.ldap]
- url = "https://github.com/jech/galene-ldap/archive/33b8a930372388b2b8b506d2564516fb3eaf895a.tar.gz"
- sha256 = "00247712e4e7944fed42026f056f48eb59a95cf476c3ff1cb6e24c54469ce070"
diff --git a/scripts/_common.sh b/scripts/_common.sh
index 1f273f5..f122fe2 100755
--- a/scripts/_common.sh
+++ b/scripts/_common.sh
@@ -4,7 +4,7 @@
# COMMON VARIABLES
#=================================================
-go_version=1.19
+go_version=1.20
#=================================================
# PERSONAL HELPERS
diff --git a/scripts/change_url b/scripts/change_url
index fe3970e..3fefb36 100755
--- a/scripts/change_url
+++ b/scripts/change_url
@@ -15,10 +15,8 @@ source /usr/share/yunohost/helpers
ynh_script_progression --message="Loading installation settings..." --weight=1
# Add settings here as needed by your application
-password=$(ynh_app_setting_get --app=$app --key=password)
-group_name=$(ynh_app_setting_get --app=$app --key=group_name)
-port_ldap=$(ynh_app_setting_get --app=$app --key=ldap_port)
key=$(ynh_app_setting_get --app=$app --key=key)
+password_hash=$(ynh_app_setting_get --app=$app --key=password_hash)
#=================================================
# STANDARD MODIFICATIONS
@@ -51,14 +49,14 @@ chmod 400 "$install_dir/live/data/config.json"
chown $app:$app "$install_dir/live/data/config.json"
# Configure Galene LDAP
-ynh_add_config --template="../conf/galene-ldap.json" --destination="$install_dir/live_ldap/data/galene-ldap.json"
-chmod 400 "$install_dir/live_ldap/data/galene-ldap.json"
-chown $app:$app "$install_dir/live_ldap/data/galene-ldap.json"
+#ynh_add_config --template="../conf/galene-ldap.json" --destination="$install_dir/live_ldap/data/galene-ldap.json"
+#chmod 400 "$install_dir/live_ldap/data/galene-ldap.json"
+#chown $app:$app "$install_dir/live_ldap/data/galene-ldap.json"
# Create a group name config
-ynh_add_config --template="../conf/groupname.json" --destination="$data_dir/groups/$group_name.json"
-chmod 400 "$data_dir/groups/$group_name.json"
-chown $app:$app "$data_dir/groups/$group_name.json"
+#ynh_add_config --template="../conf/groupname.json" --destination="$data_dir/groups/$group_name.json"
+#chmod 400 "$data_dir/groups/$group_name.json"
+#chown $app:$app "$data_dir/groups/$group_name.json"
# Create a group name authenticated on LDAP
ynh_add_config --template="../conf/groupname-ldap.json" --destination="$data_dir/groups/YunoHost_Users.json"
diff --git a/scripts/install b/scripts/install
index b178862..893283f 100755
--- a/scripts/install
+++ b/scripts/install
@@ -14,17 +14,7 @@ source /usr/share/yunohost/helpers
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================
-group_name=$YNH_APP_ARG_GROUP_NAME
-group_description=$YNH_APP_ARG_GROUP_DESCRIPTION
password=$YNH_APP_ARG_PASSWORD
-
-#=================================================
-# STORE SETTINGS FROM MANIFEST
-#=================================================
-ynh_script_progression --message="Storing installation settings..." --weight=4
-
-ynh_app_setting_set --app=$app --key=group_name --value="$group_name"
-ynh_app_setting_set --app=$app --key=group_description --value="$group_description"
ynh_app_setting_set --app=$app --key=password --value="$password"
#=================================================
@@ -48,6 +38,7 @@ ynh_setup_source --dest_dir="$install_dir/build_ldap" --source_id="ldap"
mkdir -p "$install_dir/live/data"
mkdir -p "$install_dir/live_ldap/data"
+
cp -r "$install_dir/build/static/" "$install_dir/live/"
ynh_replace_string --match_string="" --replace_string="" --target_file="$install_dir/live/static/galene.html"
@@ -71,12 +62,19 @@ ynh_script_progression --message="Building app..." --weight=1
ynh_exec_warn_less ynh_install_go --go_version=$go_version
ynh_use_go
+
+pushd $install_dir/build/galene-password-generator/
+ ynh_exec_warn_less ynh_exec_as $app CGO_ENABLED=0 $ynh_go build -o $install_dir/
+popd
+
pushd $install_dir/build/
ynh_exec_warn_less ynh_exec_as $app CGO_ENABLED=0 $ynh_go build -ldflags='-s -w' -o $install_dir/live/
popd
+
pushd $install_dir/build_ldap/
ynh_exec_warn_less ynh_exec_as $app CGO_ENABLED=0 $ynh_go build -ldflags='-s -w' -o $install_dir/live_ldap/
popd
+
ynh_remove_go
ynh_secure_remove --file="$install_dir/build/"
ynh_secure_remove --file="$install_dir/build_ldap/"
@@ -84,6 +82,8 @@ ynh_secure_remove --file="$install_dir/.cache/"
ynh_secure_remove --file="$install_dir/go/"
ynh_secure_remove --file="$install_dir/.go-version"
+chmod +x "$install_dir/galene-password-generator"
+
#=================================================
# CREATE DATA DIRECTORY
#=================================================
@@ -100,6 +100,9 @@ chown -R $app:www-data "$data_dir"
#=================================================
ynh_script_progression --message="Adding a configuration file..." --weight=1
+password_hash=$(echo $($install_dir/galene-password-generator $password))
+ynh_app_setting_set --app=$app --key=password_hash --value="$password_hash"
+
# Configure Galène
ynh_add_config --template="../conf/config.json" --destination="$install_dir/live/data/config.json"
chmod 400 "$install_dir/live/data/config.json"
diff --git a/scripts/restore b/scripts/restore
index 21e6513..7296baa 100755
--- a/scripts/restore
+++ b/scripts/restore
@@ -17,7 +17,6 @@ ynh_script_progression --message="Restoring the app main directory..." --weight=
ynh_restore_file --origin_path="$install_dir"
-chmod 750 "$install_dir"
chmod -R o-rwx "$install_dir"
chown -R $app:www-data "$install_dir"
@@ -35,44 +34,31 @@ chmod -R o-rwx "$data_dir"
chown -R $app:www-data "$data_dir"
#=================================================
-# RESTORE THE NGINX CONFIGURATION
+# RESTORE SYSTEM CONFIGURATIONS
#=================================================
-ynh_script_progression --message="Restoring the NGINX web server configuration..." --weight=1
+# RESTORE THE PHP-FPM CONFIGURATION
+#=================================================
+ynh_script_progression --message="Restoring system configurations related to $app..." --weight=1
ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
-#=================================================
-# RESTORE SYSTEMD
-#=================================================
-ynh_script_progression --message="Restoring the systemd configuration..." --weight=1
-
ynh_restore_file --origin_path="/etc/systemd/system/$app.service"
ynh_restore_file --origin_path="/etc/systemd/system/${app}_ldap.service"
systemctl enable $app.service --quiet
-#=================================================
-# INTEGRATE SERVICE IN YUNOHOST
-#=================================================
-ynh_script_progression --message="Integrating service in YunoHost..." --weight=2
-
yunohost service add $app --description="Videoconferencing server" --needs_exposed_ports="$port_turn"
yunohost service add ${app}_ldap --description="LDAP integration for the videoconferencing server"
#=================================================
-# START SYSTEMD SERVICE
+# GENERIC FINALIZATION
#=================================================
-ynh_script_progression --message="Starting a systemd service..." --weight=3
+# RELOAD NGINX AND PHP-FPM OR THE APP SERVICE
+#=================================================
+ynh_script_progression --message="Reloading NGINX web server and $app's service..." --weight=1
ynh_systemd_action --service_name=$app --action="start" --log_path="systemd"
ynh_systemd_action --service_name=${app}_ldap --action="start" --log_path="systemd"
-#=================================================
-# GENERIC FINALIZATION
-#=================================================
-# RELOAD NGINX AND PHP-FPM
-#=================================================
-ynh_script_progression --message="Reloading NGINX web server..." --weight=1
-
ynh_systemd_action --service_name=nginx --action=reload
#=================================================
diff --git a/scripts/upgrade b/scripts/upgrade
index dee0530..0e05f93 100644
--- a/scripts/upgrade
+++ b/scripts/upgrade
@@ -13,10 +13,7 @@ source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
#=================================================
-ynh_script_progression --message="Loading installation settings..." --weight=1
-group_name=$(ynh_app_setting_get --app=$app --key=group_name)
-group_description=$(ynh_app_setting_get --app=$app --key=group_description)
password=$(ynh_app_setting_get --app=$app --key=password)
#=================================================
@@ -40,12 +37,6 @@ ynh_systemd_action --service_name=${app}_ldap --action="stop" --log_path="system
#=================================================
ynh_script_progression --message="Ensuring downward compatibility..." --weight=1
-# If open, close direct access to $port in firewall
-if yunohost firewall list | grep -q "\- $port$"
-then
- ynh_exec_warn_less yunohost firewall disallow TCP $port
-fi
-
# For version 0.6~ynh1 and before
if [[ ! -d "$install_dir/live" ]]
then
@@ -65,9 +56,11 @@ ynh_script_progression --message="Upgrading source files..." --weight=2
ynh_setup_source --dest_dir="$install_dir/build"
ynh_setup_source --dest_dir="$install_dir/build_ldap" --source_id="ldap"
+
mkdir -p "$install_dir/live/data"
mkdir -p "$install_dir/live_ldap/data"
-#REMOVEME? ynh_secure_remove --file="$install_dir/live/static/"
+
+ynh_secure_remove --file="$install_dir/live/static/"
cp -r "$install_dir/build/static/" "$install_dir/live/"
ynh_replace_string --match_string="" --replace_string="" --target_file="$install_dir/live/static/galene.html"
@@ -93,6 +86,9 @@ if [ "$upgrade_type" == "UPGRADE_APP" ]
then
ynh_exec_warn_less ynh_install_go --go_version=$go_version
ynh_use_go
+ pushd $install_dir/build/galene-password-generator/
+ ynh_exec_warn_less ynh_exec_as $app CGO_ENABLED=0 $ynh_go build -o $install_dir/
+ popd
pushd $install_dir/build/
ynh_exec_warn_less ynh_exec_as $app CGO_ENABLED=0 $ynh_go build -ldflags='-s -w' -o $install_dir/live/
popd
@@ -105,6 +101,8 @@ then
ynh_secure_remove --file="$install_dir/.cache/"
ynh_secure_remove --file="$install_dir/go/"
ynh_secure_remove --file="$install_dir/.go-version"
+
+ chmod +x "$install_dir/galene-password-generator"
fi
#=================================================
@@ -112,6 +110,11 @@ fi
#=================================================
ynh_script_progression --message="Updating a configuration file..." --weight=2
+# If password_hash doesn't exist, create it
+if [ -z "${password_hash:-}" ]; then
+ password_hash=$(echo $($install_dir/galene-password-generator $password))
+ ynh_app_setting_set --app=$app --key=password_hash --value="$password_hash"
+fi
# Configure Galène
ynh_add_config --template="../conf/config.json" --destination="$install_dir/live/data/config.json"
chmod 400 "$install_dir/live/data/config.json"
@@ -119,7 +122,7 @@ chown $app:$app "$install_dir/live/data/config.json"
# Configure Galène LDAP
# If key doesn't exist, create it
-if [ -z "$key" ]; then
+if [ -z "${key:-}" ]; then
key=$(jose jwk gen -i '{"kty":"oct","alg":"HS256"}')
ynh_app_setting_set --app=$app --key=key --value=$key
fi