galene_ynh/scripts/install

#!/bin/bash

source _common.sh
source /usr/share/yunohost/helpers

#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================

password=$YNH_APP_ARG_PASSWORD
ynh_app_setting_set --key=password --value="$password"

#=================================================
# FIND AND OPEN A PORT
#=================================================
ynh_script_progression "Configuring firewall..."

# Reserve UDP Port range 49152:65535
ynh_hide_warnings yunohost firewall allow UDP -4 49152:65535

#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_script_progression "Setting up source files..."

# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source --dest_dir="$install_dir/build"
ynh_setup_source --dest_dir="$install_dir/build_ldap" --source_id="ldap"

mkdir -p "$install_dir/live/data"
mkdir -p "$install_dir/live_ldap/data"

cp -r "$install_dir/build/static/" "$install_dir/live/"
ynh_replace --match="<div class=\"galene-header\">Galène</div>" --replace="<div class=\"galene-header\" onclick=\"location.href=window.location.origin\" style=\"cursor:pointer\">Galène</div>" --file="$install_dir/live/static/galene.html"

#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod -R o-rwx "$install_dir"
#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R $app:www-data "$install_dir"
#=================================================
# SPECIFIC SETUP
#=================================================
# BUILD APP
#=================================================
ynh_script_progression "Building app..."

ynh_go_install

pushd $install_dir/build/galene-password-generator/
	ynh_hide_warnings ynh_exec_as_app CGO_ENABLED=0 go build -o $install_dir/
popd

pushd $install_dir/build/
	ynh_hide_warnings ynh_exec_as_app CGO_ENABLED=0 go build -ldflags='-s -w' -o $install_dir/live/
popd

pushd $install_dir/build_ldap/
	ynh_hide_warnings ynh_exec_as_app CGO_ENABLED=0 go build -ldflags='-s -w' -o $install_dir/live_ldap/
popd

ynh_go_remove
ynh_safe_rm "$install_dir/build/"
ynh_safe_rm "$install_dir/build_ldap/"
ynh_safe_rm "$install_dir/.cache/"
ynh_safe_rm "$install_dir/go/"
ynh_safe_rm "$install_dir/.go-version"

chmod +x "$install_dir/galene-password-generator"

#=================================================
# ADD A CONFIGURATION
#=================================================
ynh_script_progression "Adding $app's configuration..."

password_hash=$(echo $($install_dir/galene-password-generator $password))
ynh_app_setting_set --key=password_hash --value="$password_hash"

# Configure Galène
ynh_config_add --template="config.json" --destination="$install_dir/live/data/config.json"
#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 400 "$install_dir/live/data/config.json"
#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown $app:$app "$install_dir/live/data/config.json"

# Configure Galène LDAP
key=$(jose jwk gen -i '{"kty":"oct","alg":"HS256"}')
ynh_app_setting_set --key=key --value="$key"
ynh_config_add --template="galene-ldap.json" --destination="$install_dir/live_ldap/data/galene-ldap.json"
chmod 400 "$install_dir/live_ldap/data/galene-ldap.json"
chown $app:$app "$install_dir/live_ldap/data/galene-ldap.json"

# Create a group name config
ynh_config_add --template="groupname.json" --destination="$data_dir/groups/$group_name.json"
#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 400 "$data_dir/groups/$group_name.json"
#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown $app:$app "$data_dir/groups/$group_name.json"

# Create a group name authenticated on LDAP
ynh_config_add --template="groupname-ldap.json" --destination="$data_dir/groups/YunoHost_Users.json"
#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 400 "$data_dir/groups/YunoHost_Users.json"
#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown $app:$app "$data_dir/groups/YunoHost_Users.json"

#=================================================
# SYSTEM CONFIGURATION
#=================================================
ynh_script_progression "Adding system configurations related to $app..."

public_ip4="$(curl -s ip.yunohost.org)" || true

# Create a dedicated NGINX config
ynh_config_add_nginx

# Create a dedicated systemd config
ynh_config_add_systemd
ynh_config_add_systemd --service=${app}_ldap --template="ldap.service"

yunohost service add $app --description="Videoconferencing server" --needs_exposed_ports="$port_turn"
yunohost service add ${app}_ldap --description="LDAP integration for the videoconferencing server"

#=================================================
# START SYSTEMD SERVICE
#=================================================
ynh_script_progression "Starting $app's systemd service..."

# Start a systemd service
ynh_systemctl --service=$app --action="start" --log_path="systemd"
ynh_systemctl --service=${app}_ldap --action="start" --log_path="systemd"

#=================================================
# END OF SCRIPT
#=================================================

ynh_script_progression "Installation of $app completed"