YunoHost-Apps/galene_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/galene_ynh.git synced 2024-09-03 18:36:31 +02:00
Code Issues Activity Actions

Testing (#33)

Browse source 
* remove firewall allow for 8443
This commit is contained in:
Éric Gaspar 2021-04-09 19:35:58 +02:00 committed by GitHub
parent e6e321fe1e
commit d89a3fd3d4
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
9 changed files with 22 additions and 25 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
README.md
View file

@ -69,8 +69,8 @@ To check if Galène can connect to the TURN server, connect to Galène as operat
#### Supported architectures #### Supported architectures
* x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/galene%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/galene/) * x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/galene.svg)](https://ci-apps.yunohost.org/ci/apps/galene/)
* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/galene%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/galene/) * ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/galene.svg)](https://ci-apps-arm.yunohost.org/ci/apps/galene/)
## Limitations ## Limitations

4
README_fr.md
View file

@ -69,8 +69,8 @@ Pour vérifier si Galène peut se connecter au serveur TURN, connectez-vous à G
#### Supported architectures #### Supported architectures
* x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/galene%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/galene/) * x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/galene.svg)](https://ci-apps.yunohost.org/ci/apps/galene/)
* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/galene%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/galene/) * ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/galene.svg)](https://ci-apps-arm.yunohost.org/ci/apps/galene/)
## Limitations ## Limitations

1
check_process
View file

@ -23,7 +23,6 @@
upgrade=1 from_commit=c06f6235a93587e16524fa5b124e4d9e138a8109 upgrade=1 from_commit=c06f6235a93587e16524fa5b124e4d9e138a8109
backup_restore=1 backup_restore=1
multi_instance=0 multi_instance=0
port_already_use=1
change_url=1 change_url=1
;;; Options ;;; Options
Email= Email=

2
manifest.json
View file

@ -6,7 +6,7 @@
"en": "Videoconferencing server that is easy to deploy", "en": "Videoconferencing server that is easy to deploy",
"fr": "Serveur de visioconférence facile à déployer" "fr": "Serveur de visioconférence facile à déployer"
}, },
"version": "0.3.2~ynh3", "version": "0.3.2~ynh4",
"url": "https://galene.org/", "url": "https://galene.org/",
"license": "MIT", "license": "MIT",
"maintainer": { "maintainer": {

2
scripts/change_url
View file

@ -17,7 +17,7 @@ old_domain=$YNH_APP_OLD_DOMAIN
old_path=$YNH_APP_OLD_PATH old_path=$YNH_APP_OLD_PATH
new_domain=$YNH_APP_NEW_DOMAIN new_domain=$YNH_APP_NEW_DOMAIN
new_path=$YNH_APP_NEW_PATH new_path="/"
app=$YNH_APP_INSTANCE_NAME app=$YNH_APP_INSTANCE_NAME

8
scripts/install
View file

@ -85,7 +85,6 @@ port=$(ynh_find_port --port=8443)
turnserver_port=$(ynh_find_port --port=1194) turnserver_port=$(ynh_find_port --port=1194)
# Open the ports # Open the ports
ynh_exec_warn_less yunohost firewall allow --no-upnp TCP $port
ynh_exec_warn_less yunohost firewall allow Both $turnserver_port ynh_exec_warn_less yunohost firewall allow Both $turnserver_port
# Store opened ports # Store opened ports
@ -215,13 +214,10 @@ mkdir -p "$groups"
#================================================= #=================================================
ynh_add_config --template="../conf/passwd" --destination="$final_path/data/passwd" ynh_add_config --template="../conf/passwd" --destination="$final_path/data/passwd"
ynh_store_file_checksum --file="$final_path/data/passwd"
ynh_add_config --template="../conf/groupname.json" --destination="$final_path/groups/$group_name.json" ynh_add_config --template="../conf/groupname.json" --destination="$final_path/groups/$group_name.json"
ynh_store_file_checksum --file="$final_path/groups/$group_name.json"
ynh_add_config --template="../conf/ice-servers.json" --destination="$final_path/data/ice-servers.json" ynh_add_config --template="../conf/ice-servers.json" --destination="$final_path/data/ice-servers.json"
ynh_store_file_checksum --file="$final_path/data/ice-servers.json"
#================================================= #=================================================
# ADD SCRIPT FOR COTURN CRON AND APP SERVICE # ADD SCRIPT FOR COTURN CRON AND APP SERVICE
@ -249,13 +245,15 @@ chmod -R u=rwX,g=rX,o= /etc/$app
chmod 770 $final_path/Coturn_config_rotate.sh chmod 770 $final_path/Coturn_config_rotate.sh
setfacl -R -m user:turnserver:rX /etc/$app setfacl -R -m user:turnserver:rX /etc/$app
setfacl -R -m user:turnserver:rwX /var/log/$app setfacl -R -m user:turnserver:rwX /var/log/$app
chmod 600 $final_path/data/passwd
chmod 600 $final_path/data/ice-servers.json
#================================================= #=================================================
# INTEGRATE SERVICE IN YUNOHOST # INTEGRATE SERVICE IN YUNOHOST
#================================================= #=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --weight=2 ynh_script_progression --message="Integrating service in YunoHost..." --weight=2
yunohost service add $app --description="Videoconferencing server" --log="/var/log/$app/$app.log" --needs_exposed_ports $port yunohost service add $app --description="Videoconferencing server" --log="/var/log/$app/$app.log"
yunohost service add coturn-$app --description="Coturn TURN server" --log="/var/log/$app/turnserver.log" --needs_exposed_ports $turnserver_port yunohost service add coturn-$app --description="Coturn TURN server" --log="/var/log/$app/turnserver.log" --needs_exposed_ports $turnserver_port
#================================================= #=================================================

5
scripts/remove
View file

@ -87,11 +87,6 @@ ynh_remove_logrotate
#================================================= #=================================================
ynh_script_progression --message="Closing ports..." --weight=1 ynh_script_progression --message="Closing ports..." --weight=1
if yunohost firewall list | grep -q "\- $port$"
then
ynh_exec_warn_less yunohost firewall disallow TCP $port
fi
if yunohost firewall list | grep -q "\- $turnserver_port$" if yunohost firewall list | grep -q "\- $turnserver_port$"
then then
ynh_exec_warn_less yunohost firewall disallow Both $turnserver_port ynh_exec_warn_less yunohost firewall disallow Both $turnserver_port

6
scripts/restore
View file

@ -96,7 +96,7 @@ systemctl enable coturn-$app.service --quiet
#================================================= #=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --weight=2 ynh_script_progression --message="Integrating service in YunoHost..." --weight=2
yunohost service add $app --description="Videoconferencing server" --log="/var/log/$app/$app.log" --needs_exposed_ports $port yunohost service add $app --description="Videoconferencing server" --log="/var/log/$app/$app.log"
yunohost service add coturn-$app --description="Coturn TURN server" --log="/var/log/$app/turnserver.log" --needs_exposed_ports $turnserver_port yunohost service add coturn-$app --description="Coturn TURN server" --log="/var/log/$app/turnserver.log" --needs_exposed_ports $turnserver_port
#================================================= #=================================================
@ -127,7 +127,6 @@ fi
#================================================= #=================================================
# Ouvre le port dans le firewall # Ouvre le port dans le firewall
ynh_exec_warn_less yunohost firewall allow --no-upnp TCP $port
ynh_exec_warn_less yunohost firewall allow Both $turnserver_port ynh_exec_warn_less yunohost firewall allow Both $turnserver_port
#================================================= #=================================================
@ -146,6 +145,9 @@ chmod -R u=rwX,g=rX,o= /etc/$app
chmod 770 $final_path/Coturn_config_rotate.sh chmod 770 $final_path/Coturn_config_rotate.sh
setfacl -R -m user:turnserver:rX /etc/$app setfacl -R -m user:turnserver:rX /etc/$app
setfacl -R -m user:turnserver:rwX /var/log/$app setfacl -R -m user:turnserver:rwX /var/log/$app
# Set permissions on config files
chmod 600 $final_path/data/passwd
chmod 600 $final_path/data/ice-servers.json
#================================================= #=================================================
# RESTORE THE LOGROTATE CONFIGURATION # RESTORE THE LOGROTATE CONFIGURATION

15
scripts/upgrade
View file

@ -37,6 +37,12 @@ upgrade_type=$(ynh_check_app_version_changed)
#================================================= #=================================================
ynh_script_progression --message="Ensuring downward compatibility..." --weight=1 ynh_script_progression --message="Ensuring downward compatibility..." --weight=1
# If open, close direct access to $port in firewall
if yunohost firewall list | grep -q "\- $port$"
then
ynh_exec_warn_less yunohost firewall disallow TCP $port
fi
# If final_path doesn't exist, create it # If final_path doesn't exist, create it
if [ -z "$final_path" ]; then if [ -z "$final_path" ]; then
final_path=/opt/yunohost/$app final_path=/opt/yunohost/$app
@ -110,13 +116,11 @@ then
# Remove the tmp directory securely # Remove the tmp directory securely
ynh_secure_remove --file="$tmpdir" ynh_secure_remove --file="$tmpdir"
ynh_backup_if_checksum_is_different --file="$final_path/data/passwd"
ynh_add_config --template="../conf/passwd" --destination="$final_path/data/passwd" ynh_add_config --template="../conf/passwd" --destination="$final_path/data/passwd"
ynh_store_file_checksum --file="$final_path/data/passwd" chmod 600 $final_path/data/passwd
ynh_backup_if_checksum_is_different --file="$final_path/data/ice-servers.json"
ynh_add_config --template="../conf/ice-servers.json" --destination="$final_path/data/ice-servers.json" ynh_add_config --template="../conf/ice-servers.json" --destination="$final_path/data/ice-servers.json"
ynh_store_file_checksum --file="$final_path/data/ice-servers.json" chmod 600 $final_path/data/ice-servers.json
# Recreate certificates # Recreate certificates
pushd "$final_path/data" pushd "$final_path/data"
@ -252,7 +256,6 @@ ynh_add_systemd_config
# Set permissions on app files # Set permissions on app files
chown -R $app: $final_path chown -R $app: $final_path
chmod -R 755 $final_path chmod -R 755 $final_path
chown -R $app /var/log/$app
chown -R $app:root /etc/$app chown -R $app:root /etc/$app
chown turnserver:root $coturn_config_path chown turnserver:root $coturn_config_path
chmod -R u=rwX,g=rX,o= /etc/$app chmod -R u=rwX,g=rX,o= /etc/$app
@ -273,7 +276,7 @@ ynh_use_logrotate --non-append
#================================================= #=================================================
ynh_script_progression --message="Integrating service in YunoHost..." --weight=2 ynh_script_progression --message="Integrating service in YunoHost..." --weight=2
yunohost service add $app --description="Videoconferencing server" --log="/var/log/$app/$app.log" --needs_exposed_ports $port yunohost service add $app --description="Videoconferencing server" --log="/var/log/$app/$app.log"
yunohost service add coturn-$app --description="Coturn TURN server" --log="/var/log/$app/turnserver.log" --needs_exposed_ports $turnserver_port yunohost service add coturn-$app --description="Coturn TURN server" --log="/var/log/$app/turnserver.log" --needs_exposed_ports $turnserver_port
#================================================= #=================================================