diff --git a/conf/garage.toml b/conf/garage.toml index 4c6798d..9d84248 100644 --- a/conf/garage.toml +++ b/conf/garage.toml @@ -1,5 +1,5 @@ -metadata_dir = "/opt/yunohost/__APP__/metadata" -data_dir = "__DATADIR__/data" +metadata_dir = "__DATA_DIR__/metadata" +data_dir = "__DATA_DIR__/data" block_size = 1048576 block_manager_background_tranquility = 2 diff --git a/conf/mount_disk.sh b/conf/mount_disk.sh index a97bdd4..c42ae46 100755 --- a/conf/mount_disk.sh +++ b/conf/mount_disk.sh @@ -1,24 +1,24 @@ #!/bin/bash if [ "$VIRTUALISATION" = "true" ] then - datadir=__DATADIR__ + data_dir=__DATA_DIR__ format=$1 i=0 while fdisk -l /dev/nbd$i 1> /dev/null 2> /dev/null do i=$(( i + 1 )) done - echo $i > $datadir/nbd_index + echo $i > $data_dir/nbd_index modprobe nbd max_part=$(( i + 1 )) - qemu-nbd --connect /dev/nbd$i $datadir/garage_data.qcow2 + qemu-nbd --connect /dev/nbd$i $data_dir/garage_data.qcow2 if [[ "$format" = "true" ]] then echo "formatting /dev/nbd$i" mkfs.ext4 /dev/nbd$i fi - mkdir -p $datadir/data - chown __APP__:__APP__ $datadir/data - mount /dev/nbd$i $datadir/data/ + mkdir -p $data_dir/data + chown __APP__:__APP__ $data_dir/data + mount /dev/nbd$i $data_dir/data/ fi diff --git a/conf/nginx.conf b/conf/nginx.conf index c69565e..270f18a 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,5 +1,7 @@ -location / { - proxy_pass http://localhost:__PORT_API__; +#sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; +location __PATH__/ { + + proxy_pass http://127.0.0.1:__PORT_API__; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host; } diff --git a/conf/systemd.service b/conf/systemd.service index e170983..0e2106c 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -1,15 +1,15 @@ [Unit] -Description=Garage Data Store +Description=Garage: Data Store After=network-online.target Wants=network-online.target [Service] User=__APP__ Environment='RUST_LOG=garage=info' 'VIRTUALISATION=__VIRTUALISATION__' 'RUST_BACKTRACE=1' -ExecStartPre=+__FINALPATH__/mount_disk.sh -ExecStart=__FINALPATH__/garage -c __FINALPATH__/garage.toml server -ExecStopPost=+__FINALPATH__/umount_disk.sh -WorkingDirectory=__FINALPATH__/ +ExecStartPre=+__INSTALL_DIR__/mount_disk.sh +ExecStart=__INSTALL_DIR__/garage -c __INSTALL_DIR__/garage.toml server +ExecStopPost=+__INSTALL_DIR__/umount_disk.sh +WorkingDirectory=__INSTALL_DIR__/ StandardOutput=append:/var/log/__APP__/__APP__.log StandardError=inherit diff --git a/conf/umount_disk.sh b/conf/umount_disk.sh index c5a69ce..7222ef0 100755 --- a/conf/umount_disk.sh +++ b/conf/umount_disk.sh @@ -1,8 +1,8 @@ #!/bin/bash if [ "$VIRTUALISATION" = "true" ] then - datadir=__DATADIR__ - nbd=$(cat $datadir/nbd_index) + data_dir=__DATA_DIR__ + nbd=$(cat $data_dir/nbd_index) umount /dev/nbd$nbd qemu-nbd --disconnect /dev/nbd$nbd fi diff --git a/config_panel.toml b/config_panel.toml index 882eb1d..9375c6b 100644 --- a/config_panel.toml +++ b/config_panel.toml @@ -12,11 +12,9 @@ version = "1.0" [main.infos.status] type = "alert" - [main.garage_conf] name = "Garage configuration" - [main.garage_conf.weight] ask = "allocated space (Gio)" help = "This value is doubled used by yunohost. It set the weight of the garage node and if virtualisation is enabled, it create a virtual disk with the same size" diff --git a/doc/DISCLAIMER.md b/doc/DISCLAIMER.md index b495b5b..152ab53 100644 --- a/doc/DISCLAIMER.md +++ b/doc/DISCLAIMER.md @@ -6,3 +6,7 @@ * This application provide a node that you can connect to a garage cluster. Few option are manageable by the config panel for the current node but IT DOESN'T offer simpler way to manage bucket and keys. You have to do it by command line or let an other node managing it. * This application consider that the weight of the node is the size reserved to garage in G * This application will try to create a virtual disk to ensure garage doesn't use more than allowed. If virtualisation is not available your responsible to check space used by garage. + +# How to run commands for Garage +1. Use `yunohost app shell garage` to use the command line in Garage own environnement (don't forget to `exit` at the end). You will be located in `/opt/yunohost/garage/` own directory. +2. Then for each use of the `garage` command, you need to specify the config file as a parameter `garage -c garage.toml [the actions you wish to run]`. diff --git a/manifest.toml b/manifest.toml new file mode 100644 index 0000000..8607767 --- /dev/null +++ b/manifest.toml @@ -0,0 +1,83 @@ +packaging_format = 2 + +id = "garage" +name = "Garage" +description.en = "S3 storage" +description.fr = "stockage S3" + +version = "0.8.2~ynh1" + +maintainers = ["oiseauroch"] + +[upstream] +license = "AGPL-3.0-only" +website = "https://garagehq.deuxfleurs.fr/" +admindoc = "https://garagehq.deuxfleurs.fr/documentation/quick-start/" +userdoc = "https://garagehq.deuxfleurs.fr/documentation/quick-start/" +code = "https://git.deuxfleurs.fr/Deuxfleurs/garage" + +[integration] +yunohost = ">= 1.1.18" +architectures = "all" +multi_instance = true +ldap = false +sso = false +disk = "50M" +ram.build = "50M" +ram.runtime = "50M" + +[install] + [install.domain] + type = "domain" + full_domain = true + + [install.rpc_secret] + ask.en = "UUID of the network (rpc-secret) " + ask.fr = "UUID de l'ilot (rpc-secret)" + type = "string" + optional = true + example = "1799bccfd7411eddcf9ebd316bc1f5287ad12a68094e1c6ac6abde7e6feae1ec" + + [install.bootstrap_peers] + ask.en = "friend server id" + ask.fr = "serveur ami" + type = "string" + example = "1799bccfd7411eddcf9ebd316bc1f5287ad12a68094e1c6ac6abde7e6feae1ec@127.0.0.1:3901" + optional = true + + [install.weight] + ask.en = "number of G to allow" + ask.fr = "nombre de G à allouer" + type = "string" + +[resources] + + [resources.sources] + + [resources.sources.main] + in_subdir = false + amd64.url = "https://garagehq.deuxfleurs.fr/_releases/v0.8.2/x86_64-unknown-linux-musl/garage" + amd64.sha256 = "c15aa223b0fffb856c6e16276d1e77b0e94eb783a26eaeb7de80324f7c8b23c5" + arm64.url = "https://garagehq.deuxfleurs.fr/_releases/v0.8.2/aarch64-unknown-linux-musl/garage" + amd64.sha256 = "9c419d47e87ac254a96cda6476e3c5c9102a9a2ea1ec1dc65d338bb46e415d78" + i386.url = "https://garagehq.deuxfleurs.fr/_releases/v0.8.2/i686-unknown-linux-musl/garage" + i386.sha256 = "a733fcd9b0a0f6271960f0d65978b8a8474317fa41325595aa4825764b71f089" + armhf.url = "https://garagehq.deuxfleurs.fr/_releases/v0.8.2/armv6l-unknown-linux-musleabihf/garage" + armhf.sha256 = "1eb79aa8fff6c00bd1dd5da53dedd04685fe28b3402476a3b10b1b66aa10f80a" + + [resources.ports] + main.default = 4000 + main.exposed = "TCP" + api.default = 5000 + + [resources.system_user] + + [resources.install_dir] + + [resources.data_dir] + + [resources.permissions] + main.url = "/" + + [resources.apt] + packages = "qemu-utils e2fsprogs" diff --git a/scripts/backup b/scripts/backup index 049b7d3..3f1e253 100755 --- a/scripts/backup +++ b/scripts/backup @@ -10,33 +10,6 @@ source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= - -ynh_clean_setup () { - ### Remove this function if there's nothing to clean before calling the remove script. - true -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# LOAD SETTINGS -#================================================= -ynh_print_info --message="Loading installation settings..." - -app=$YNH_APP_INSTANCE_NAME - -domain=$(ynh_app_setting_get --app=$app --key=domain) -port=$(ynh_app_setting_get --app=$app --key=port) -rpc_secret=$(ynh_app_setting_get --app=$app --key=rpc_secret) -port_api=$(ynh_app_setting_get --app=$app --key=port_api) -port_web=$(ynh_app_setting_get --app=$app --key=port_web) -datadir=$(ynh_app_setting_get --app=$app --key=datadir) -bootstrap_peers=$(ynh_app_setting_get --app=$app --key=bootstrap_peers) - -final_path=/opt/yunohost/$app #================================================= # DECLARE DATA AND CONF FILES TO BACKUP #================================================= @@ -51,13 +24,7 @@ ynh_print_info --message="Declaring files to be backed up..." # BACKUP THE APP MAIN DIR #================================================= -ynh_backup --src_path="$final_path" - -#================================================= -# BACKUP THE DATA DIR -#================================================= - -#ynh_backup --src_path="$datadir/data" --is_big +ynh_backup --src_path="$install_dir" #================================================= # BACKUP THE NGINX CONFIGURATION diff --git a/scripts/change_url b/scripts/change_url index 495b7eb..f5ff536 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -9,64 +9,6 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# RETRIEVE ARGUMENTS -#================================================= - -old_domain=$YNH_APP_OLD_DOMAIN -old_path=$YNH_APP_OLD_PATH - -new_domain=$YNH_APP_NEW_DOMAIN -new_path=$YNH_APP_NEW_PATH - -app=$YNH_APP_INSTANCE_NAME - -#================================================= -# LOAD SETTINGS -#================================================= -ynh_script_progression --message="Loading installation settings..." --time --weight=1 - -# Needed for helper "ynh_add_nginx_config" -final_path=$(ynh_app_setting_get --app=$app --key=final_path) - -# Add settings here as needed by your application -#db_name=$(ynh_app_setting_get --app=$app --key=db_name) -#db_user=$db_name -#db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd) - -#================================================= -# BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP -#================================================= -ynh_script_progression --message="Backing up the app before changing its URL (may take a while)..." --time --weight=1 - -# Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { - # Remove the new domain config file, the remove script won't do it as it doesn't know yet its location. - ynh_secure_remove --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" - - # Restore it if the upgrade fails - ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# CHECK WHICH PARTS SHOULD BE CHANGED -#================================================= - -change_domain=0 -if [ "$old_domain" != "$new_domain" ] -then - change_domain=1 -fi - -change_path=0 -if [ "$old_path" != "$new_path" ] -then - change_path=1 -fi - #================================================= # STANDARD MODIFICATIONS #================================================= @@ -81,35 +23,7 @@ ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app #================================================= ynh_script_progression --message="Updating NGINX web server configuration..." --time --weight=1 -nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf - -# Change the path in the NGINX config file -if [ $change_path -eq 1 ] -then - # Make a backup of the original NGINX config file if modified - ynh_backup_if_checksum_is_different --file="$nginx_conf_path" - # Set global variables for NGINX helper - domain="$old_domain" - path_url="$new_path" - # Create a dedicated NGINX config - ynh_add_nginx_config -fi - -# Change the domain for NGINX -if [ $change_domain -eq 1 ] -then - # Delete file checksum for the old conf file location - ynh_delete_file_checksum --file="$nginx_conf_path" - mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf - # Store file checksum for the new config file location - ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" -fi - -#================================================= -# SPECIFIC MODIFICATIONS -#================================================= -# ... -#================================================= +ynh_change_url_nginx_config #================================================= # GENERIC FINALISATION @@ -120,13 +34,6 @@ ynh_script_progression --message="Starting a systemd service..." --time --weight ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." --time --weight=1 - -ynh_systemd_action --service_name=nginx --action=reload - #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/install b/scripts/install index 491d206..2151322 100755 --- a/scripts/install +++ b/scripts/install @@ -9,57 +9,9 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= - -ynh_clean_setup () { - ### Remove this function if there's nothing to clean before calling the remove script. - true -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# RETRIEVE ARGUMENTS FROM THE MANIFEST -#================================================= - -domain=$YNH_APP_ARG_DOMAIN -rpc_secret=$YNH_APP_ARG_RPC_SECRET -bootstrap_peers=$YNH_APP_ARG_BOOTSTRAP_PEERS -datadir=$YNH_APP_ARG_DATADIR -weight=$YNH_APP_ARG_WEIGHT - - -### If it's a multi-instance app, meaning it can be installed several times independently -### The id of the app as stated in the manifest is available as $YNH_APP_ID -### The instance number is available as $YNH_APP_INSTANCE_NUMBER (equals "1", "2"...) -### The app instance name is available as $YNH_APP_INSTANCE_NAME -### - the first time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample -### - the second time the app is installed, YNH_APP_INSTANCE_NAME = ynhexample__2 -### - ynhexample__{N} for the subsequent installations, with N=3,4... -### The app instance name is probably what interests you most, since this is -### guaranteed to be unique. This is a good unique identifier to define installation path, -### db names... -app=$YNH_APP_INSTANCE_NAME - #================================================= # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS #================================================= -### About --weight and -### ynh_script_progression will show to your final users the progression of each scripts. -### In order to do that, --weight will represent the relative time of execution compared to the other steps in the script. -### is a packager option, it will show you the execution time since the previous call. -### This option should be removed before releasing your app. -### Use the execution time, given by , to estimate the weight of a step. -### A common way to do it is to set a weight equal to the execution time in second +1. -### The execution time is given for the duration since the previous call. So the weight should be applied to this previous call. -ynh_script_progression --message="Validating installation parameters..." --weight=1 - -### If the app uses NGINX as web server (written in HTML/PHP in most cases), the final path should be "/var/www/$app". -### If the app provides an internal web server (or uses another application server such as uWSGI), the final path should be "/opt/yunohost/$app" -final_path=/opt/yunohost/$app -test ! -e "$final_path" || ynh_die --message="This path already contains a folder" if [[ -n "$rpc_secret" ]] then @@ -72,14 +24,6 @@ then echo "$bootstrap_peers" | grep -E '[0-9a-f]{64}@((\b25[0-5]|\b2[0-4][0-9]|\b[01]?[0-9][0-9]?)(\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){3}|([a-zA-Z0-9][a-zA-Z0-9-]{0,61}[a-zA-Z0-9]\.)+[a-zA-Z]{2,}):[0-9]{1,4}' || ynh_die --message="friend server id must have id with the following form : 1799bccfd7411eddcf9ebd316bc1f5287ad12a68094e1c6ac6abde7e6feae1ec@192.168.1.1:1234 or 1799bccfd7411eddcf9ebd316bc1f5287ad12a68094e1c6ac6abde7e6feae1ec@example.tld:1234" fi -if [ "$datadir" = "/home/yunohost.app/__APP_NAME__/data" ] -then - datadir="/home/yunohost.app/$app/data" -fi - -# Register (book) web path -ynh_webpath_register --app=$app --domain=$domain --path_url="/" - #================================================= # LOOKING FOR VIRTUALISATION #================================================= @@ -104,159 +48,61 @@ ynh_app_setting_set --app=$app --key=virtualisation --value=$virtualisation #================================================= ynh_script_progression --message="Storing installation settings..." --weight=1 -ynh_app_setting_set --app=$app --key=domain --value=$domain ynh_app_setting_set --app=$app --key=rpc_secret --value=$rpc_secret -ynh_app_setting_set --app=$app --key=datadir --value=$datadir ynh_app_setting_set --app=$app --key=bootstrap_peers --value=$bootstrap_peers ynh_app_setting_set --app=$app --key=weight --value=$weight - -#================================================= -# STANDARD MODIFICATIONS -#================================================= -# FIND AND OPEN A PORT -#================================================= -ynh_script_progression --message="Finding available ports..." --weight=1 - -### Use these lines if you have to open a port for the application -### `ynh_find_port` will find the first available port starting from the given port. -### If you're not using these lines: -### - Remove the section "CLOSE A PORT" in the remove script - -# Find an available port - -port=$(ynh_find_port --port=4000) -ynh_app_setting_set --app=$app --key=port --value=$port -port_api=$(ynh_find_port --port=5000) -ynh_app_setting_set --app=$app --key=port_api --value=$port_api - - -# Optional: Expose this port publicly -# (N.B.: you only need to do this if the app actually needs to expose the port publicly. -# If you do this and the app doesn't actually need you are CREATING SECURITY HOLES IN THE SERVER !) - -# Open the port - ynh_script_progression --message="Configuring firewall..." --weight=1 - ynh_exec_warn_less yunohost firewall allow TCP $port - #================================================= # INSTALL DEPENDENCIES #================================================= ynh_script_progression --message="Installing dependencies..." --weight=1 -### `ynh_install_app_dependencies` allows you to add any "apt" dependencies to the package. -### Those deb packages will be installed as dependencies of this package. -### If you're not using this helper: -### - Remove the section "REMOVE DEPENDENCIES" in the remove script -### - Remove the variable "pkg_dependencies" in _common.sh -### - As well as the section "REINSTALL DEPENDENCIES" in the restore script -### - And the section "UPGRADE DEPENDENCIES" in the upgrade script if [ "$virtualisation" = "true" ] then ynh_install_app_dependencies $pkg_dependencies_virtualisation fi -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." --weight=1 - -# Create a system user -ynh_system_user_create --username=$app --home_dir="$final_path" #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= ynh_script_progression --message="Setting up source files..." --weight=1 -### `ynh_setup_source` is used to install an app from a zip or tar.gz file, -### downloaded from an upstream source, like a git repository. -### `ynh_setup_source` use the file conf/app.src - -mkdir -p $final_path -ynh_app_setting_set --app=$app --key=final_path --value=$final_path - -# Download, check integrity, uncompress and patch the source from app.src -pushd $final_path - install_garage -popd - -# FIXME: this should be managed by the core in the future -# Here, as a packager, you may have to tweak the ownerhsip/permissions -# such that the appropriate users (e.g. maybe www-data) can access -# files in some cases. -# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder - -# this will be treated as a security issue. -chmod 750 "$final_path" -chmod -R o-rwx "$final_path" -chown -R $app:$app "$final_path" +ynh_setup_source --dest_dir="$install_dir" +chmod -R o-rwx "$install_dir" +chown -R $app:$app "$install_dir" +chmod +x $install_dir/garage #================================================= # NGINX CONFIGURATION #================================================= ynh_script_progression --message="Configuring NGINX web server..." --weight=1 -### `ynh_add_nginx_config` will use the file conf/nginx.conf - # Create a dedicated NGINX config ynh_add_nginx_config - #================================================= # ADD A CONFIGURATION #================================================= ynh_script_progression --message="Adding a configuration file..." --weight=1 -### You can add specific configuration files. -### -### Typically, put your template conf file in ../conf/your_config_file -### The template may contain strings such as __FOO__ or __FOO_BAR__, -### which will automatically be replaced by the values of $foo and $foo_bar -### -### ynh_add_config will also keep track of the config file's checksum, -### which later during upgrade may allow to automatically backup the config file -### if it's found that the file was manually modified -### -### Check the documentation of `ynh_add_config` for more info. - - ynh_add_config --template="mount_disk.sh" --destination="$final_path/mount_disk.sh" - ynh_add_config --template="umount_disk.sh" --destination="$final_path/umount_disk.sh" - ynh_add_config --template="garage.toml" --destination="$final_path/garage.toml" - chmod +x "$final_path/mount_disk.sh" "$final_path/umount_disk.sh" - -# FIXME: this should be handled by the core in the future -# You may need to use chmod 600 instead of 400, -# for example if the app is expected to be able to modify its own config -chmod 600 "$final_path/garage.toml" -chown $app:$app "$final_path/garage.toml" - -### For more complex cases where you want to replace stuff using regexes, -### you shoud rely on ynh_replace_string (which is basically a wrapper for sed) -### When doing so, you also need to manually call ynh_store_file_checksum -### -### ynh_replace_string --match_string="match_string" --replace_string="replace_string" --target_file="$final_path/some_config_file" -### ynh_store_file_checksum --file="$final_path/some_config_file" +ynh_add_config --template="mount_disk.sh" --destination="$install_dir/mount_disk.sh" +ynh_add_config --template="umount_disk.sh" --destination="$install_dir/umount_disk.sh" +ynh_add_config --template="garage.toml" --destination="$install_dir/garage.toml" +chmod +x "$install_dir/mount_disk.sh" "$install_dir/umount_disk.sh" +chmod 600 "$install_dir/garage.toml" +chown $app:$app "$install_dir/garage.toml" #================================================= # CREATE DATA DIRECTORY #================================================= ynh_script_progression --message="Creating a data directory..." --weight=5 + if [ "$virtualisation" = "true" ] then ynh_print_warn --message="This may take time regarding disk size…" fi -### Use these lines if you need to create a directory to store "persistent files" for the application. -### Usually this directory is used to store uploaded files or any file that won't be updated during -### an upgrade and that won't be deleted during app removal unless "--purge" option is used. -### If you're not using these lines: -### - Remove the section "BACKUP THE DATA DIR" in the backup script -### - Remove the section "RESTORE THE DATA DIRECTORY" in the restore script -### - As well as the section "REMOVE DATA DIR" in the remove script - -ynh_app_setting_set --app=$app --key=datadir --value=$datadir - -mkdir -p $datadir/data #================================================= # create data partition @@ -265,23 +111,14 @@ mkdir -p $datadir/data if [ "$virtualisation" = "true" ] then # to be sure to not exceed size limit, i use a virtual disk with a fix size to have a max limit size. - qemu-img create -f qcow2 $datadir/garage_data.qcow2 "$weight"G - VIRTUALISATION=true $final_path/mount_disk.sh true + qemu-img create -f qcow2 $data_dir/garage_data.qcow2 "$weight"G + VIRTUALISATION=true $install_dir/mount_disk.sh true fi -# FIXME: this should be managed by the core in the future -# Here, as a packager, you may have to tweak the ownerhsip/permissions -# such that the appropriate users (e.g. maybe www-data) can access -# files in some cases. -# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder - -# this will be treated as a security issue. -chmod 750 "$datadir" -chmod -R o-rwx "$datadir" -chown -R $app:$app "$datadir" if [ "$virtualisation" = "true" ] then - VIRTUALISATION=true $final_path/umount_disk.sh + VIRTUALISATION=true $install_dir/umount_disk.sh fi #================================================= @@ -292,28 +129,15 @@ ynh_script_progression --message="adding regen-conf hook..." --weight=1 ynh_add_config --template="../sources/hooks/conf_regen/98-nginx_garage" --destination="/usr/share/yunohost/hooks/conf_regen/98-nginx_$app" #cp -R ../sources/hooks/conf_regen/98-nginx_garage /usr/share/yunohost/hooks/conf_regen/95-nginx_$app - ynh_systemd_action --service_name=nginx --action="reload" yunohost tools regen-conf nginx - #================================================= # SETUP SYSTEMD #================================================= ynh_script_progression --message="Configuring a systemd service..." --weight=1 -### `ynh_systemd_config` is used to configure a systemd script for an app. -### It can be used for apps that use sysvinit (with adaptation) or systemd. -### Have a look at the app to be sure this app needs a systemd script. -### `ynh_systemd_config` will use the file conf/systemd.service -### If you're not using these lines: -### - You can remove those files in conf/. -### - Remove the section "BACKUP SYSTEMD" in the backup script -### - Remove also the section "STOP AND REMOVE SERVICE" in the remove script -### - As well as the section "RESTORE SYSTEMD" in the restore script -### - And the section "SETUP SYSTEMD" in the upgrade script - # Create a dedicated systemd config ynh_add_systemd_config @@ -324,14 +148,6 @@ ynh_add_systemd_config #================================================= ynh_script_progression --message="Configuring log rotation..." --weight=1 -### `ynh_use_logrotate` is used to configure a logrotate configuration for the logs of this app. -### Use this helper only if there is effectively a log file for this app. -### If you're not using this helper: -### - Remove the section "BACKUP LOGROTATE" in the backup script -### - Remove also the section "REMOVE LOGROTATE CONFIGURATION" in the remove script -### - As well as the section "RESTORE THE LOGROTATE CONFIGURATION" in the restore script -### - And the section "SETUP LOGROTATE" in the upgrade script - # Use logrotate to manage application logfile(s) ynh_use_logrotate @@ -340,73 +156,22 @@ ynh_use_logrotate #================================================= ynh_script_progression --message="Integrating service in YunoHost..." --weight=1 -### `yunohost service add` integrates a service in YunoHost. It then gets -### displayed in the admin interface and through the others `yunohost service` commands. -### (N.B.: this line only makes sense if the app adds a service to the system!) -### If you're not using these lines: -### - You can remove these files in conf/. -### - Remove the section "REMOVE SERVICE INTEGRATION IN YUNOHOST" in the remove script -### - As well as the section "INTEGRATE SERVICE IN YUNOHOST" in the restore script -### - And the section "INTEGRATE SERVICE IN YUNOHOST" in the upgrade script - yunohost service add --needs_exposed_ports $port --description="s3 storage" --log="/var/log/$app/$app.log" $app -### Additional options starting with 3.8: -### -### --needs_exposed_ports "$port" a list of ports that needs to be publicly exposed -### which will then be checked by YunoHost's diagnosis system -### (N.B. DO NOT USE THIS is the port is only internal!!!) -### -### --test_status "some command" a custom command to check the status of the service -### (only relevant if 'systemctl status' doesn't do a good job) -### -### --test_conf "some command" some command similar to "nginx -t" that validates the conf of the service -### -### Re-calling 'yunohost service add' during the upgrade script is the right way -### to proceed if you later realize that you need to enable some flags that -### weren't enabled on old installs (be careful it'll override the existing -### service though so you should re-provide all relevant flags when doing so) - - #================================================= # START SYSTEMD SERVICE #================================================= ynh_script_progression --message="Starting a systemd service..." --weight=1 -### `ynh_systemd_action` is used to start a systemd service for an app. -### Only needed if you have configure a systemd service -### If you're not using these lines: -### - Remove the section "STOP SYSTEMD SERVICE" and "START SYSTEMD SERVICE" in the backup script -### - As well as the section "START SYSTEMD SERVICE" in the restore script -### - As well as the section"STOP SYSTEMD SERVICE" and "START SYSTEMD SERVICE" in the upgrade script -### - And the section "STOP SYSTEMD SERVICE" and "START SYSTEMD SERVICE" in the change_url script - # Start a systemd service ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" -#================================================= -# SETUP SSOWAT -#================================================= -ynh_script_progression --message="Configuring permissions..." --weight=1 - - # Everyone can access the app. - # The "main" permission is automatically created before the install script. - ynh_permission_update --permission="main" --add="visitors" - -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." --weight=1 - -ynh_systemd_action --service_name=nginx --action=reload - - #================================================= # CONFIGURE GARAGE #================================================= ynh_script_progression --message="Configuring garage..." --weight=1 -garage_command="$final_path/garage -c $final_path/garage.toml" +garage_command="$install_dir/garage -c $install_dir/garage.toml" i=0 # sometimes server need some time to start diff --git a/scripts/remove b/scripts/remove index 1e46c73..0c1407f 100755 --- a/scripts/remove +++ b/scripts/remove @@ -12,30 +12,18 @@ source /usr/share/yunohost/helpers #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading installation settings..." --weight=1 -app=$YNH_APP_INSTANCE_NAME - -domain=$(ynh_app_setting_get --app=$app --key=domain) -port=$(ynh_app_setting_get --app=$app --key=port) -rpc_secret=$(ynh_app_setting_get --app=$app --key=rpc_secret) -port_api=$(ynh_app_setting_get --app=$app --key=port_api) -port_web=$(ynh_app_setting_get --app=$app --key=port_web) -datadir=$(ynh_app_setting_get --app=$app --key=datadir) -bootstrap_peers=$(ynh_app_setting_get --app=$app --key=bootstrap_peers) -node_id=$(ynh_app_setting_get --app=$app --key=node_id) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -virtualisation=$(ynh_app_setting_get --app=$app --key=virtualisation) if [ "$virtualisation" = "true" ] then export VIRTUALISTATION=true fi + #================================================= # REMOVE NODE CONFIGURATION #================================================= -$final_path/garage -c $final_path/garage.toml layout remove "$node_id" +$install_dir/garage -c $install_dir/garage.toml layout remove "$node_id" -apply_layout "$final_path/garage -c $final_path/garage.toml " +apply_layout "$install_dir/garage -c $install_dir/garage.toml " if [ $? -ne 0 ] then ynh_print_warn --message="unable to remove the node. Maybe the number of node staying alive is not enough" @@ -80,21 +68,8 @@ then ynh_script_progression --message="umount virtual disk..." --weight=1 # Remove the app directory securely - $final_path/umount_disk.sh + $install_dir/umount_disk.sh fi -#================================================= -# REMOVE APP MAIN DIR -#================================================= -ynh_script_progression --message="Removing app main directory..." --weight=1 - -# Remove the app directory securely -ynh_secure_remove --file="$final_path" - -#================================================= -# REMOVE DATA DIR -#================================================= -ynh_script_progression --message="Removing app data directory..." --weight=1 -ynh_secure_remove --file="$datadir" #================================================= # REMOVE NGINX HOOK @@ -112,13 +87,6 @@ ynh_remove_nginx_config ynh_replace_string --replace_string="server_name $domain" --match_string="server_name $domain *.$domain" --target_file="/etc/nginx/conf.d/$domain.conf" ynh_store_file_checksum --file="/etc/nginx/conf.d/$domain.conf" -#================================================= -# REMOVE DEPENDENCIES -#================================================= -ynh_script_progression --message="Removing dependencies..." --weight=1 - -# Remove metapackage and its dependencies -ynh_remove_app_dependencies #================================================= # CLOSE A PORT @@ -130,7 +98,6 @@ then ynh_exec_warn_less yunohost firewall disallow TCP $port fi - #================================================= # SPECIFIC REMOVE #================================================= @@ -144,12 +111,6 @@ ynh_secure_remove --file="/var/log/$app" #================================================= # GENERIC FINALIZATION #================================================= -# REMOVE DEDICATED USER -#================================================= -ynh_script_progression --message="Removing the dedicated system user..." --weight=1 - -# Delete a system user -ynh_system_user_delete --username=$app ynh_secure_remove --file="/usr/share/yunohost/hooks/conf_regen/98-nginx_$app" yunohost tools regen-conf nginx diff --git a/scripts/restore b/scripts/restore index 70607ab..809871e 100755 --- a/scripts/restore +++ b/scripts/restore @@ -10,74 +10,23 @@ source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers -#================================================= -# MANAGE SCRIPT FAILURE -#================================================= - -ynh_clean_setup () { - #### Remove this function if there's nothing to clean before calling the remove script. - true -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - -#================================================= -# LOAD SETTINGS -#================================================= -ynh_script_progression --message="Loading installation settings..." --weight=1 - -app=$YNH_APP_INSTANCE_NAME - -domain=$(ynh_app_setting_get --app=$app --key=domain) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -datadir=$(ynh_app_setting_get --app=$app --key=datadir) -virtualisation=$(ynh_app_setting_get --app=$app --key=virtualisation) -bootstrap_peers=$(ynh_app_setting_get --app=$app --key=bootstrap_peers) -port=$(ynh_app_setting_get --app=$app --key=port) -node_id=$(ynh_app_setting_get --app=$app --key=node_id) -weight=$(ynh_app_setting_get --app=$app --key=weight) - -#================================================= -# CHECK IF THE APP CAN BE RESTORED -#================================================= -ynh_script_progression --message="Validating restoration parameters..." --weight=1 - -test ! -d $final_path \ - || ynh_die --message="There is already a directory: $final_path " - -#================================================= -# STANDARD RESTORATION STEPS -#================================================= -# RECREATE THE DEDICATED USER -#================================================= -ynh_script_progression --message="Recreating the dedicated system user..." --weight=1 - -# Create the dedicated user (if not existing) -ynh_system_user_create --username=$app --home_dir="$final_path" - #================================================= # RESTORE THE APP MAIN DIR #================================================= ynh_script_progression --message="Restoring the app main directory..." --weight=1 -ynh_restore_file --origin_path="$final_path" +ynh_restore_file --origin_path="$install_dir" -# FIXME: this should be managed by the core in the future -# Here, as a packager, you may have to tweak the ownerhsip/permissions -# such that the appropriate users (e.g. maybe www-data) can access -# files in some cases. -# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder - -# this will be treated as a security issue. -chmod 750 "$final_path" -chmod -R o-rwx "$final_path" -chown -R $app:$app "$final_path" +chmod 750 "$install_dir" +chmod -R o-rwx "$install_dir" +chown -R $app:$app "$install_dir" #================================================= # RESTORE THE DATA DIRECTORY #================================================= ynh_script_progression --message="Restoring the data directory..." --weight=1 -mkdir -p "$datadir/data" +mkdir -p "$data_dir/data" if [ "$virtualisation" = "true" ] then @@ -85,8 +34,8 @@ then # Define and install dependencies ynh_install_app_dependencies $pkg_dependencies_virtualisation # to be sure to not exceed size limit, i use a virtual disk with a fix size to have a max limit size. - qemu-img create -f qcow2 $datadir/garage_data.qcow2 "$weight"G - $final_path/mount_disk.sh true + qemu-img create -f qcow2 $data_dir/garage_data.qcow2 "$weight"G + $install_dir/mount_disk.sh true fi @@ -96,9 +45,9 @@ fi # files in some cases. # But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder - # this will be treated as a security issue. -chmod 750 "$datadir" -chmod -R o-rwx "$datadir" -chown -R $app:$app "$datadir" +chmod 750 "$data_dir" +chmod -R o-rwx "$data_dir" +chown -R $app:$app "$data_dir" #================================================= # SPECIFIC RESTORATION @@ -116,12 +65,10 @@ ynh_script_progression --message="Restoring the NGINX web server configuration.. ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" #add wildcard subdomain - ynh_restore_file --origin_path="/usr/share/yunohost/hooks/conf_regen/98-nginx_$app" yunohost tools regen-conf nginx ynh_systemd_action --service_name=nginx --action="reload" - #================================================= # RESTORE SYSTEMD #================================================= @@ -159,7 +106,7 @@ ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$ap sleep 2 -garage_command="$final_path/garage -c $final_path/garage.toml" +garage_command="$install_dir/garage -c $install_dir/garage.toml" # define node $garage_command layout assign $node_id -z $domain -c $weight -t $domain diff --git a/scripts/upgrade b/scripts/upgrade index 20c7b2a..663ee9c 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -9,22 +9,6 @@ source _common.sh source /usr/share/yunohost/helpers -#================================================= -# LOAD SETTINGS -#================================================= -ynh_script_progression --message="Loading installation settings..." --weight=1 - -app=$YNH_APP_INSTANCE_NAME - -domain=$(ynh_app_setting_get --app=$app --key=domain) -port=$(ynh_app_setting_get --app=$app --key=port) -rpc_secret=$(ynh_app_setting_get --app=$app --key=rpc_secret) -port_api=$(ynh_app_setting_get --app=$app --key=port_api) -port_web=$(ynh_app_setting_get --app=$app --key=port_web) -datadir=$(ynh_app_setting_get --app=$app --key=datadir) -bootstrap_peers=$(ynh_app_setting_get --app=$app --key=bootstrap_peers) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) -virtualisation=$(ynh_app_setting_get --app=$app --key=virtualisation) if [ "$virtualisation" = "true" ] ; then @@ -32,32 +16,13 @@ then else virt_protection="#" fi + #================================================= # CHECK VERSION #================================================= -### This helper will compare the version of the currently installed app and the version of the upstream package. -### $upgrade_type can have 2 different values -### - UPGRADE_APP if the upstream app version has changed -### - UPGRADE_PACKAGE if only the YunoHost package has changed -### ynh_check_app_version_changed will stop the upgrade if the app is up to date. -### UPGRADE_APP should be used to upgrade the core app only if there's an upgrade to do. upgrade_type=$(ynh_check_app_version_changed) -#================================================= -# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP -#================================================= -ynh_script_progression --message="Backing up the app before upgrading (may take a while)..." --weight=1 - -# Backup the current version of the app -ynh_backup_before_upgrade -ynh_clean_setup () { - # Restore it if the upgrade fails - ynh_restore_upgradebackup -} -# Exit if an error occurs during the execution of the script -ynh_abort_if_errors - #================================================= # STANDARD UPGRADE STEPS #================================================= @@ -67,42 +32,16 @@ ynh_script_progression --message="Stopping a systemd service..." --weight=1 ynh_systemd_action --service_name=$app --action="stop" --log_path="/var/log/$app/$app.log" -#================================================= -# ENSURE DOWNWARD COMPATIBILITY -#================================================= -ynh_script_progression --message="Ensuring downward compatibility..." --weight=1 - - -# Create a permission if needed -if ! ynh_permission_exists --permission="api"; then - ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --show_tile="false" --protected="true" -fi - #================================================= # INSTALL DEPENDENCIES #================================================= ynh_script_progression --message="Installing dependencies..." --weight=1 -### `ynh_install_app_dependencies` allows you to add any "apt" dependencies to the package. -### Those deb packages will be installed as dependencies of this package. -### If you're not using this helper: -### - Remove the section "REMOVE DEPENDENCIES" in the remove script -### - Remove the variable "pkg_dependencies" in _common.sh -### - As well as the section "REINSTALL DEPENDENCIES" in the restore script -### - And the section "UPGRADE DEPENDENCIES" in the upgrade script if [ "$virtualisation" = "true" ] then ynh_install_app_dependencies $pkg_dependencies_virtualisation fi -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Making sure dedicated system user exists..." --weight=1 - -# Create a dedicated user (if not existing) -ynh_system_user_create --username=$app --home_dir="$final_path" - #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -112,21 +51,14 @@ then ynh_script_progression --message="Upgrading source files..." --weight=1 # Download, check integrity, uncompress and patch the source from app.src - pushd $final_path + pushd $install_dir install_garage popd fi -# FIXME: this should be managed by the core in the future -# Here, as a packager, you may have to tweak the ownerhsip/permissions -# such that the appropriate users (e.g. maybe www-data) can access -# files in some cases. -# But FOR THE LOVE OF GOD, do not allow r/x for "others" on the entire folder - -# this will be treated as a security issue. -chmod 750 "$final_path" -chmod -R o-rwx "$final_path" -chown -R $app:$app "$final_path" - +chmod 750 "$install_dir" +chmod -R o-rwx "$install_dir" +chown -R $app:$app "$install_dir" #================================================= # NGINX CONFIGURATION @@ -136,25 +68,6 @@ ynh_script_progression --message="Upgrading NGINX web server configuration..." # Create a dedicated NGINX config ynh_add_nginx_config -#================================================= -# SPECIFIC UPGRADE -#================================================= -# ... -#================================================= - -#================================================= -# UPDATE A CONFIG FILE -#================================================= -ynh_script_progression --message="Updating a configuration file..." --weight=1 - - -### For more complex cases where you want to replace stuff using regexes, -### you shoud rely on ynh_replace_string (which is basically a wrapper for sed) -### When doing so, you also need to manually call ynh_store_file_checksum -### -### ynh_replace_string --match_string="match_string" --replace_string="replace_string" --target_file="$final_path/some_config_file" -### ynh_store_file_checksum --file="$final_path/some_config_file" - #================================================= # SETUP SYSTEMD #================================================= @@ -187,13 +100,6 @@ ynh_script_progression --message="Starting a systemd service..." --weight=1 ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" -#================================================= -# RELOAD NGINX -#================================================= -ynh_script_progression --message="Reloading NGINX web server..." --weight=1 - -ynh_systemd_action --service_name=nginx --action=reload - #================================================= # END OF SCRIPT #=================================================