From c135608074c7767b4058b8ffbf486b4b6f128fbc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C3=89ric=20Gaspar?=
 <46165813+ericgaspar@users.noreply.github.com>
Date: Sun, 19 Mar 2023 22:27:19 +0100
Subject: [PATCH] Testing (#110)

* Stop auto updating for now

* Update manifest.json

* Update ynh_install_go

* Update ynh_install_go

* Update ldap.src

* Add feature to readme

* Auto-update README

* 0.6.2

* Auto-update README

* cleaning

* Auto-update README

* Auto-update README

* Update systemd.service

* Upgrade auto-updater (#106)

* [autopatch] Upgrade auto-updater

* Auto-update README

---------

Co-authored-by: tituspijean <titus@pijean.ovh>

* Galene v2 (#104)

* v2

* Fix

* Auto-update README

* Fix

* fix

* Fix

* Fix

* Auto-update README

* Fix

* Auto-update README

* Fix

* Auto-update README

* Update tests.toml

* Fix

* Update manifest.toml

* Update manifest.toml

* Update tests.toml

* Update tests.toml

* Update tests.toml

* Update tests.toml

* Update tests.toml

* Update restore

* Update install

* Update upgrade

* Update manifest.toml

* Update ynh_install_go

* Update change_url

* Auto-update README

* Update change_url

* fix

* Update change_url

* Update change_url

* Update manifest.toml

* fix

* Update systemd.service

* Update systemd.service

* Update systemd.service

* Update systemd.service

* Update systemd.service

* Update upgrade

* Update upgrade

* Update install

* Update upgrade

* Update manifest.toml

---------

Co-authored-by: yunohost-bot <yunohost@yunohost.org>

* Update manifest.toml

* Auto-update README

* Update manifest.toml

* Fix

* Update DESCRIPTION.md

* Auto-update README

* Create POST_INSTALL.md

* Auto-update README

* fix

* Auto-update README

* Create POST_INSTALL_fr.md

* Fix

* Fix

* Update change_url

* Update manifest.toml

* Delete app.src

* fix

* Update manifest.toml

* cleaning

* Update manifest.toml

* Update manifest.toml

* Update manifest.toml

* Update manifest.toml

* Update manifest.toml

* Update install

* Password generator (#109)

* fix

* Update install

* Update install

* Update install

* Update install

* Update manifest.toml

* Update install

* Update manifest.toml

* fix

* Update install

* fix

* fix

* Update config.json

* fix

* Update manifest.toml

* Auto-update README

* Update upgrade

* Update upgrade

* fix

* Update restore

* Update _common.sh

---------

Co-authored-by: yunohost-bot <yunohost@yunohost.org>
Co-authored-by: YunoHost Bot <yunohost-bot@users.noreply.github.com>
Co-authored-by: tituspijean <titus@pijean.ovh>
---
 README.md            |  2 +-
 README_fr.md         |  2 +-
 conf/config.json     |  2 +-
 conf/groupname.json  |  2 +-
 conf/systemd.service |  2 +-
 manifest.toml        | 25 +++++++++++++------------
 scripts/_common.sh   |  2 +-
 scripts/change_url   | 16 +++++++---------
 scripts/install      | 23 +++++++++++++----------
 scripts/restore      | 30 ++++++++----------------------
 scripts/upgrade      | 25 ++++++++++++++-----------
 11 files changed, 61 insertions(+), 70 deletions(-)

diff --git a/README.md b/README.md
index 5d2fdc7..337e6f7 100644
--- a/README.md
+++ b/README.md
@@ -29,7 +29,7 @@ Galène is a videoconference server (an “SFU”) that is easy to deploy and th
 - LDAP support
 
 
-**Shipped version:** 0.6.2~ynh2
+**Shipped version:** 0.6.2~ynh3
 
 **Demo:** https://galene.org:8443/
 
diff --git a/README_fr.md b/README_fr.md
index 045dbce..205a331 100644
--- a/README_fr.md
+++ b/README_fr.md
@@ -29,7 +29,7 @@ Galène est un serveur de visioconférence (un « SFU ») facile à déployer et
 - prise en charge LDAP
 
 
-**Version incluse :** 0.6.2~ynh2
+**Version incluse :** 0.6.2~ynh3
 
 **Démo :** https://galene.org:8443/
 
diff --git a/conf/config.json b/conf/config.json
index 1a49c26..81042d0 100644
--- a/conf/config.json
+++ b/conf/config.json
@@ -1,4 +1,4 @@
 {
 	"canonicalHost": "__DOMAIN__",
-	"admin":[{"username":"__ADMIN__","password":"__PASSWORD__"}]
+	"admin":[{"username":"__ADMIN__", "password": __PASSWORD_HASH__}]
 }
diff --git a/conf/groupname.json b/conf/groupname.json
index eff91e8..cef3c09 100644
--- a/conf/groupname.json
+++ b/conf/groupname.json
@@ -1,5 +1,5 @@
 {
-	"op": [{"username": "__ADMIN__", "password": "__PASSWORD__"}],
+	"op": [{"username": "__ADMIN__", "password": __PASSWORD_HASH__}],
 	"presenter": [{}],
  	"description": "__GROUP_DESCRIPTION__",
 	"public": true,
diff --git a/conf/systemd.service b/conf/systemd.service
index aa4af39..8207fb1 100644
--- a/conf/systemd.service
+++ b/conf/systemd.service
@@ -1,5 +1,5 @@
 [Unit]
-Description=Galène: Videoconferencing server
+Description=Galène: videoconferencing server
 Documentation=https://galene.org
 After=network.target
 
diff --git a/manifest.toml b/manifest.toml
index 741f4b1..cbd68a5 100644
--- a/manifest.toml
+++ b/manifest.toml
@@ -5,7 +5,7 @@ name = "Galène"
 description.en = "Videoconferencing server that is easy to deploy"
 description.fr = "Serveur de visioconférence facile à déployer"
 
-version = "0.6.2~ynh2"
+version = "0.6.2~ynh3"
 
 maintainers = ["eric_G"]
 
@@ -18,11 +18,11 @@ userdoc = "https://galene.org/faq.html"
 code = "https://github.com/jech/galene"
 
 [integration]
-yunohost = ">= 11.1.14"
+yunohost = ">= 11.1.15"
 architectures = "all"
 multi_instance = false
 ldap = true
-sso = "not_relevant"
+sso = false
 disk = "50M"
 ram.build = "400M"
 ram.runtime = "50M"
@@ -62,6 +62,16 @@ ram.runtime = "50M"
     optional = true
 
 [resources]
+
+[resources.sources]
+    [resources.sources.main]
+    url = "https://github.com/jech/galene/archive/refs/tags/galene-0.6.2.tar.gz"
+    sha256 = "7caedc1b2cb8cfeee0136e02c006d13d7b2b3cb9908685654c8cec020265428d"
+ 
+    [resources.sources.ldap]
+    url = "https://github.com/jech/galene-ldap/archive/33b8a930372388b2b8b506d2564516fb3eaf895a.tar.gz"
+    sha256 = "00247712e4e7944fed42026f056f48eb59a95cf476c3ff1cb6e24c54469ce070"
+
     [resources.system_user]
 
     [resources.install_dir]
@@ -79,12 +89,3 @@ ram.runtime = "50M"
 
     [resources.apt]
     packages = "jose"
-
-[resources.sources]
-    [resources.sources.main]
-    url = "https://github.com/jech/galene/archive/refs/tags/galene-0.6.2.tar.gz"
-    sha256 = "7caedc1b2cb8cfeee0136e02c006d13d7b2b3cb9908685654c8cec020265428d"
- 
-    [resources.sources.ldap]
-    url = "https://github.com/jech/galene-ldap/archive/33b8a930372388b2b8b506d2564516fb3eaf895a.tar.gz"
-    sha256 = "00247712e4e7944fed42026f056f48eb59a95cf476c3ff1cb6e24c54469ce070"
diff --git a/scripts/_common.sh b/scripts/_common.sh
index 1f273f5..f122fe2 100755
--- a/scripts/_common.sh
+++ b/scripts/_common.sh
@@ -4,7 +4,7 @@
 # COMMON VARIABLES
 #=================================================
 
-go_version=1.19
+go_version=1.20
 
 #=================================================
 # PERSONAL HELPERS
diff --git a/scripts/change_url b/scripts/change_url
index fe3970e..3fefb36 100755
--- a/scripts/change_url
+++ b/scripts/change_url
@@ -15,10 +15,8 @@ source /usr/share/yunohost/helpers
 ynh_script_progression --message="Loading installation settings..." --weight=1
 
 # Add settings here as needed by your application
-password=$(ynh_app_setting_get --app=$app --key=password)
-group_name=$(ynh_app_setting_get --app=$app --key=group_name)
-port_ldap=$(ynh_app_setting_get --app=$app --key=ldap_port)
 key=$(ynh_app_setting_get --app=$app --key=key)
+password_hash=$(ynh_app_setting_get --app=$app --key=password_hash)
 
 #=================================================
 # STANDARD MODIFICATIONS
@@ -51,14 +49,14 @@ chmod 400 "$install_dir/live/data/config.json"
 chown $app:$app "$install_dir/live/data/config.json"
 
 # Configure Galene LDAP
-ynh_add_config --template="../conf/galene-ldap.json" --destination="$install_dir/live_ldap/data/galene-ldap.json"
-chmod 400 "$install_dir/live_ldap/data/galene-ldap.json"
-chown $app:$app "$install_dir/live_ldap/data/galene-ldap.json"
+#ynh_add_config --template="../conf/galene-ldap.json" --destination="$install_dir/live_ldap/data/galene-ldap.json"
+#chmod 400 "$install_dir/live_ldap/data/galene-ldap.json"
+#chown $app:$app "$install_dir/live_ldap/data/galene-ldap.json"
 
 # Create a group name config
-ynh_add_config --template="../conf/groupname.json" --destination="$data_dir/groups/$group_name.json"
-chmod 400 "$data_dir/groups/$group_name.json"
-chown $app:$app "$data_dir/groups/$group_name.json"
+#ynh_add_config --template="../conf/groupname.json" --destination="$data_dir/groups/$group_name.json"
+#chmod 400 "$data_dir/groups/$group_name.json"
+#chown $app:$app "$data_dir/groups/$group_name.json"
 
 # Create a group name authenticated on LDAP
 ynh_add_config --template="../conf/groupname-ldap.json" --destination="$data_dir/groups/YunoHost_Users.json"
diff --git a/scripts/install b/scripts/install
index b178862..893283f 100755
--- a/scripts/install
+++ b/scripts/install
@@ -14,17 +14,7 @@ source /usr/share/yunohost/helpers
 # RETRIEVE ARGUMENTS FROM THE MANIFEST
 #=================================================
 
-group_name=$YNH_APP_ARG_GROUP_NAME
-group_description=$YNH_APP_ARG_GROUP_DESCRIPTION
 password=$YNH_APP_ARG_PASSWORD
-
-#=================================================
-# STORE SETTINGS FROM MANIFEST
-#=================================================
-ynh_script_progression --message="Storing installation settings..." --weight=4
-
-ynh_app_setting_set --app=$app --key=group_name --value="$group_name"
-ynh_app_setting_set --app=$app --key=group_description --value="$group_description"
 ynh_app_setting_set --app=$app --key=password --value="$password"
 
 #=================================================
@@ -48,6 +38,7 @@ ynh_setup_source --dest_dir="$install_dir/build_ldap" --source_id="ldap"
 
 mkdir -p "$install_dir/live/data"
 mkdir -p "$install_dir/live_ldap/data"
+
 cp -r "$install_dir/build/static/" "$install_dir/live/"
 ynh_replace_string --match_string="<div class=\"galene-header\">Galène</div>" --replace_string="<div class=\"galene-header\" onclick=\"location.href=window.location.origin\" style=\"cursor:pointer\">Galène</div>" --target_file="$install_dir/live/static/galene.html"
 
@@ -71,12 +62,19 @@ ynh_script_progression --message="Building app..." --weight=1
 
 ynh_exec_warn_less ynh_install_go --go_version=$go_version
 ynh_use_go
+
+pushd $install_dir/build/galene-password-generator/
+	ynh_exec_warn_less ynh_exec_as $app CGO_ENABLED=0 $ynh_go build -o $install_dir/
+popd
+
 pushd $install_dir/build/
 	ynh_exec_warn_less ynh_exec_as $app CGO_ENABLED=0 $ynh_go build -ldflags='-s -w' -o $install_dir/live/
 popd
+
 pushd $install_dir/build_ldap/
 	ynh_exec_warn_less ynh_exec_as $app CGO_ENABLED=0 $ynh_go build -ldflags='-s -w' -o $install_dir/live_ldap/
 popd
+
 ynh_remove_go
 ynh_secure_remove --file="$install_dir/build/"
 ynh_secure_remove --file="$install_dir/build_ldap/"
@@ -84,6 +82,8 @@ ynh_secure_remove --file="$install_dir/.cache/"
 ynh_secure_remove --file="$install_dir/go/"
 ynh_secure_remove --file="$install_dir/.go-version"
 
+chmod +x "$install_dir/galene-password-generator"
+
 #=================================================
 # CREATE DATA DIRECTORY
 #=================================================
@@ -100,6 +100,9 @@ chown -R $app:www-data "$data_dir"
 #=================================================
 ynh_script_progression --message="Adding a configuration file..." --weight=1
 
+password_hash=$(echo $($install_dir/galene-password-generator $password))
+ynh_app_setting_set --app=$app --key=password_hash --value="$password_hash"
+
 # Configure Galène
 ynh_add_config --template="../conf/config.json" --destination="$install_dir/live/data/config.json"
 chmod 400 "$install_dir/live/data/config.json"
diff --git a/scripts/restore b/scripts/restore
index 21e6513..7296baa 100755
--- a/scripts/restore
+++ b/scripts/restore
@@ -17,7 +17,6 @@ ynh_script_progression --message="Restoring the app main directory..." --weight=
 
 ynh_restore_file --origin_path="$install_dir"
 
-chmod 750 "$install_dir"
 chmod -R o-rwx "$install_dir"
 chown -R $app:www-data "$install_dir"
 
@@ -35,44 +34,31 @@ chmod -R o-rwx "$data_dir"
 chown -R $app:www-data "$data_dir"
 
 #=================================================
-# RESTORE THE NGINX CONFIGURATION
+# RESTORE SYSTEM CONFIGURATIONS
 #=================================================
-ynh_script_progression --message="Restoring the NGINX web server configuration..." --weight=1
+# RESTORE THE PHP-FPM CONFIGURATION
+#=================================================
+ynh_script_progression --message="Restoring system configurations related to $app..." --weight=1
 
 ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
 
-#=================================================
-# RESTORE SYSTEMD
-#=================================================
-ynh_script_progression --message="Restoring the systemd configuration..." --weight=1
-
 ynh_restore_file --origin_path="/etc/systemd/system/$app.service"
 ynh_restore_file --origin_path="/etc/systemd/system/${app}_ldap.service"
 systemctl enable $app.service --quiet
 
-#=================================================
-# INTEGRATE SERVICE IN YUNOHOST
-#=================================================
-ynh_script_progression --message="Integrating service in YunoHost..." --weight=2
-
 yunohost service add $app --description="Videoconferencing server" --needs_exposed_ports="$port_turn"
 yunohost service add ${app}_ldap --description="LDAP integration for the videoconferencing server"
 
 #=================================================
-# START SYSTEMD SERVICE
+# GENERIC FINALIZATION
 #=================================================
-ynh_script_progression --message="Starting a systemd service..." --weight=3
+# RELOAD NGINX AND PHP-FPM OR THE APP SERVICE
+#=================================================
+ynh_script_progression --message="Reloading NGINX web server and $app's service..." --weight=1
 
 ynh_systemd_action --service_name=$app --action="start" --log_path="systemd"
 ynh_systemd_action --service_name=${app}_ldap --action="start" --log_path="systemd"
 
-#=================================================
-# GENERIC FINALIZATION
-#=================================================
-# RELOAD NGINX AND PHP-FPM
-#=================================================
-ynh_script_progression --message="Reloading NGINX web server..." --weight=1
-
 ynh_systemd_action --service_name=nginx --action=reload
 
 #=================================================
diff --git a/scripts/upgrade b/scripts/upgrade
index dee0530..0e05f93 100644
--- a/scripts/upgrade
+++ b/scripts/upgrade
@@ -13,10 +13,7 @@ source /usr/share/yunohost/helpers
 #=================================================
 # LOAD SETTINGS
 #=================================================
-ynh_script_progression --message="Loading installation settings..." --weight=1
 
-group_name=$(ynh_app_setting_get --app=$app --key=group_name)
-group_description=$(ynh_app_setting_get --app=$app --key=group_description)
 password=$(ynh_app_setting_get --app=$app --key=password)
 
 #=================================================
@@ -40,12 +37,6 @@ ynh_systemd_action --service_name=${app}_ldap --action="stop" --log_path="system
 #=================================================
 ynh_script_progression --message="Ensuring downward compatibility..." --weight=1
 
-# If open, close direct access to $port in firewall
-if yunohost firewall list | grep -q "\- $port$"
-then
-    ynh_exec_warn_less yunohost firewall disallow TCP $port
-fi
-
 # For version 0.6~ynh1 and before
 if [[ ! -d "$install_dir/live" ]]
 then
@@ -65,9 +56,11 @@ ynh_script_progression --message="Upgrading source files..." --weight=2
 
 ynh_setup_source --dest_dir="$install_dir/build"
 ynh_setup_source --dest_dir="$install_dir/build_ldap" --source_id="ldap"
+
 mkdir -p "$install_dir/live/data"
 mkdir -p "$install_dir/live_ldap/data"
-#REMOVEME? ynh_secure_remove --file="$install_dir/live/static/"
+
+ynh_secure_remove --file="$install_dir/live/static/"
 cp -r "$install_dir/build/static/" "$install_dir/live/"
 ynh_replace_string --match_string="<div class=\"galene-header\">Galène</div>" --replace_string="<div class=\"galene-header\" onclick=\"location.href=window.location.origin\" style=\"cursor:pointer\">Galène</div>" --target_file="$install_dir/live/static/galene.html"
 
@@ -93,6 +86,9 @@ if [ "$upgrade_type" == "UPGRADE_APP" ]
 then
 	ynh_exec_warn_less ynh_install_go --go_version=$go_version
 	ynh_use_go
+	pushd $install_dir/build/galene-password-generator/
+		ynh_exec_warn_less ynh_exec_as $app CGO_ENABLED=0 $ynh_go build -o $install_dir/
+	popd
 	pushd $install_dir/build/
 		ynh_exec_warn_less ynh_exec_as $app CGO_ENABLED=0 $ynh_go build -ldflags='-s -w' -o $install_dir/live/
 	popd
@@ -105,6 +101,8 @@ then
 	ynh_secure_remove --file="$install_dir/.cache/"
 	ynh_secure_remove --file="$install_dir/go/"
 	ynh_secure_remove --file="$install_dir/.go-version"
+
+	chmod +x "$install_dir/galene-password-generator"
 fi
 
 #=================================================
@@ -112,6 +110,11 @@ fi
 #=================================================
 ynh_script_progression --message="Updating a configuration file..." --weight=2
 
+# If password_hash doesn't exist, create it
+if [ -z "${password_hash:-}" ]; then
+	password_hash=$(echo $($install_dir/galene-password-generator $password))
+	ynh_app_setting_set --app=$app --key=password_hash --value="$password_hash"
+fi
 # Configure Galène
 ynh_add_config --template="../conf/config.json" --destination="$install_dir/live/data/config.json"
 chmod 400 "$install_dir/live/data/config.json"
@@ -119,7 +122,7 @@ chown $app:$app "$install_dir/live/data/config.json"
 
 # Configure Galène LDAP
 # If key doesn't exist, create it
-if [ -z "$key" ]; then
+if [ -z "${key:-}" ]; then
 	key=$(jose jwk gen -i '{"kty":"oct","alg":"HS256"}')
 	ynh_app_setting_set --app=$app --key=key --value=$key
 fi