diff --git a/.github/workflows/updater.sh b/.github/workflows/updater.sh new file mode 100644 index 0000000..4e7acb6 --- /dev/null +++ b/.github/workflows/updater.sh @@ -0,0 +1,101 @@ +#!/bin/bash + +#================================================= +# PACKAGE UPDATING HELPER +#================================================= + +# This script is meant to be run by GitHub Actions +# The YunoHost-Apps organisation offers a template Action to run this script periodically +# Since each app is different, maintainers can adapt its contents so as to perform +# automatic actions when a new upstream release is detected. + +#================================================= +# FETCHING LATEST RELEASE AND ITS ASSETS +#================================================= + +# Fetching information +current_version=$(cat manifest.json | jq -j '.version|split("~")[0]') +# Some jq magic is needed, because the latest upstream release is not always the latest version (e.g. security patches for older versions) +file=$(curl --silent "https://fossil.kd2.org/garradin/juvlist" | jq -r '.[] | select( .name | contains("garradin") and contains(".tar.gz") ) | select( .name | contains(".deb") or contains(".asc") or contains("beta") or contains("alpha") | not ) | .name' | sort -V | tail -1) +assets="https://fossil.kd2.org/garradin/uv/$file" + +version=$(echo ${file/.tar.gz} | cut -d "-" -f2) + +# Setting up the environment variables +echo "Current version: $current_version" +echo "Latest release from upstream: $version" +echo "VERSION=$version" >> $GITHUB_ENV +echo "REPO=$repo" >> $GITHUB_ENV +# For the time being, let's assume the script will fail +echo "PROCEED=false" >> $GITHUB_ENV + +# Proceed only if the retrieved version is greater than the current one +if ! dpkg --compare-versions "$current_version" "lt" "$version" ; then + echo "::warning ::No new version available" + exit 0 +# Proceed only if a PR for this new version does not already exist +elif git ls-remote -q --exit-code --heads https://github.com/$GITHUB_REPOSITORY.git ci-auto-update-v$version ; then + echo "::warning ::A branch already exists for this update" + exit 0 +fi + +#================================================= +# UPDATE SOURCE FILES +#================================================= + +# Let's download source tarball +asset_url=$assets + +echo "Handling asset at $asset_url" + +src="app" + +# Create the temporary directory +tempdir="$(mktemp -d)" + +# Download sources and calculate checksum +filename=${asset_url##*/} +curl --silent -4 -L $asset_url -o "$tempdir/$filename" +checksum=$(sha256sum "$tempdir/$filename" | head -c 64) + +# Delete temporary directory +rm -rf $tempdir + +# Get extension +if [[ $filename == *.tar.gz ]]; then + extension=tar.gz +else + extension=${filename##*.} +fi + +# Rewrite source file +cat < conf/$src.src +SOURCE_URL=$asset_url +SOURCE_SUM=$checksum +SOURCE_SUM_PRG=sha256sum +SOURCE_FORMAT=$extension +SOURCE_IN_SUBDIR=true +SOURCE_FILENAME= +SOURCE_EXTRACT=true +EOT +echo "... conf/$src.src updated" + +#================================================= +# SPECIFIC UPDATE STEPS +#================================================= + +# Any action on the app's source code can be done. +# The GitHub Action workflow takes care of committing all changes after this script ends. + +#================================================= +# GENERIC FINALIZATION +#================================================= + +# Replace new version in manifest +echo "$(jq -s --indent 4 ".[] | .version = \"$version~ynh1\"" manifest.json)" > manifest.json + +# No need to update the README, yunohost-bot takes care of it + +# The Action will proceed only if the PROCEED environment variable is set to true +echo "PROCEED=true" >> $GITHUB_ENV +exit 0 diff --git a/.github/workflows/updater.yml b/.github/workflows/updater.yml new file mode 100644 index 0000000..fb72ba0 --- /dev/null +++ b/.github/workflows/updater.yml @@ -0,0 +1,49 @@ +# This workflow allows GitHub Actions to automagically update your app whenever a new upstream release is detected. +# You need to enable Actions in your repository settings, and fetch this Action from the YunoHost-Apps organization. +# This file should be enough by itself, but feel free to tune it to your needs. +# It calls updater.sh, which is where you should put the app-specific update steps. +name: Check for new upstream releases +on: + # Allow to manually trigger the workflow + workflow_dispatch: + # Run it every day at 6:00 UTC + schedule: + - cron: '0 6 * * *' +jobs: + updater: + runs-on: ubuntu-latest + steps: + - name: Fetch the source code + uses: actions/checkout@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + - name: Run the updater script + id: run_updater + run: | + # Setting up Git user + git config --global user.name 'yunohost-bot' + git config --global user.email 'yunohost-bot@users.noreply.github.com' + # Run the updater script + /bin/bash .github/workflows/updater.sh + - name: Commit changes + id: commit + if: ${{ env.PROCEED == 'true' }} + run: | + git commit -am "Upgrade to v$VERSION" + - name: Create Pull Request + id: cpr + if: ${{ env.PROCEED == 'true' }} + uses: peter-evans/create-pull-request@v3 + with: + token: ${{ secrets.GITHUB_TOKEN }} + commit-message: Update to version ${{ env.VERSION }} + committer: 'yunohost-bot ' + author: 'yunohost-bot ' + signoff: false + base: testing + branch: ci-auto-update-v${{ env.VERSION }} + delete-branch: true + title: 'Upgrade to version ${{ env.VERSION }}' + body: | + Upgrade to v${{ env.VERSION }} + draft: false diff --git a/conf/app.src b/conf/app.src index 8a9433c..9a2781b 100644 --- a/conf/app.src +++ b/conf/app.src @@ -3,3 +3,5 @@ SOURCE_SUM=5525daa3ff358593642a6a75d86d3273c2dc52e426e81d308a180dcf2c04e8ec SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true +SOURCE_FILENAME= +SOURCE_EXTRACT=true diff --git a/conf/nginx.conf b/conf/nginx.conf index 920dde0..b468e8b 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -26,4 +26,4 @@ location __PATH__/ { # Include SSOWAT user panel. include conf.d/yunohost_panel.conf.inc; -} \ No newline at end of file +} diff --git a/conf/php-fpm.conf b/conf/php-fpm.conf index 1881d9c..5f1eb97 100644 --- a/conf/php-fpm.conf +++ b/conf/php-fpm.conf @@ -427,4 +427,4 @@ catch_workers_output = yes ; php_admin_value[max_execution_time] = 600 ; php_admin_value[max_input_time] = 300 ; php_admin_value[memory_limit] = 256M -; php_admin_flag[short_open_tag] = On \ No newline at end of file +; php_admin_flag[short_open_tag] = On diff --git a/doc/DISCLAIMER_fr.md b/doc/DISCLAIMER_fr.md new file mode 100644 index 0000000..e69de29 diff --git a/manifest.json b/manifest.json index 5f00c12..69766db 100644 --- a/manifest.json +++ b/manifest.json @@ -51,4 +51,4 @@ } ] } -} \ No newline at end of file +} diff --git a/scripts/_common.sh b/scripts/_common.sh index d132276..b713a49 100644 --- a/scripts/_common.sh +++ b/scripts/_common.sh @@ -3,13 +3,15 @@ #================================================= # COMMON VARIABLES #================================================= - -# dependencies used by the app -#pkg_dependencies="imagemagick" +# PHP APP SPECIFIC +#================================================= YNH_PHP_VERSION="8.0" -extra_php_dependencies="php${YNH_PHP_VERSION} php${YNH_PHP_VERSION}-sqlite3 php${YNH_PHP_VERSION}-gd php${YNH_PHP_VERSION}-intl php${YNH_PHP_VERSION}-cli php${YNH_PHP_VERSION}-gnupg" +php_dependencies="php${YNH_PHP_VERSION} php${YNH_PHP_VERSION}-sqlite3 php${YNH_PHP_VERSION}-gd php${YNH_PHP_VERSION}-intl php${YNH_PHP_VERSION}-cli php${YNH_PHP_VERSION}-gnupg" + +# dependencies used by the app (must be on a single line) +pkg_dependencies="$php_dependencies" #================================================= # PERSONAL HELPERS @@ -21,4 +23,4 @@ extra_php_dependencies="php${YNH_PHP_VERSION} php${YNH_PHP_VERSION}-sqlite3 php$ #================================================= # FUTURE OFFICIAL HELPERS -#================================================= \ No newline at end of file +#================================================= diff --git a/scripts/backup b/scripts/backup index 3f2e4db..75ce3e0 100644 --- a/scripts/backup +++ b/scripts/backup @@ -55,4 +55,4 @@ ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" # END OF SCRIPT #================================================= -ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." \ No newline at end of file +ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)." diff --git a/scripts/change_url b/scripts/change_url index 4d9e219..0325b1c 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -20,7 +20,6 @@ new_domain=$YNH_APP_NEW_DOMAIN new_path=$YNH_APP_NEW_PATH app=$YNH_APP_INSTANCE_NAME -secret_key=$(ynh_string_random --length=50) #================================================= # LOAD SETTINGS @@ -30,6 +29,9 @@ ynh_script_progression --message="Loading installation settings..." --weight=1 # Needed for helper "ynh_add_nginx_config" final_path=$(ynh_app_setting_get --app=$app --key=final_path) +# Add settings here as needed by your application +secret_key=$(ynh_app_setting_get --app=$app --key=secret_key) + #================================================= # BACKUP BEFORE CHANGE URL THEN ACTIVE TRAP #================================================= @@ -82,7 +84,6 @@ then path_url="$new_path" # Create a dedicated NGINX config ynh_add_nginx_config - ynh_add_config --template="config.local.yunohost.php" --destination="$final_path/config.local.yunohost.php" fi # Change the domain for NGINX @@ -95,6 +96,15 @@ then ynh_store_file_checksum --file="/etc/nginx/conf.d/$new_domain.d/$app.conf" fi +#================================================= +# SPECIFIC MODIFICATIONS +#================================================= +# UPDATE A CONFIG FILE +#================================================= +ynh_script_progression --message="Updating a configuration file..." --weight=1 + +ynh_add_config --template="config.local.yunohost.php" --destination="$final_path/config.local.yunohost.php" + #================================================= # GENERIC FINALISATION #================================================= @@ -108,4 +118,4 @@ ynh_systemd_action --service_name=nginx --action=reload # END OF SCRIPT #================================================= -ynh_script_progression --message="Change of URL completed for $app" --last \ No newline at end of file +ynh_script_progression --message="Change of URL completed for $app" --last diff --git a/scripts/install b/scripts/install index 4f06d80..c251a96 100644 --- a/scripts/install +++ b/scripts/install @@ -45,6 +45,15 @@ ynh_script_progression --message="Storing installation settings..." --weight=1 ynh_app_setting_set --app=$app --key=domain --value=$domain ynh_app_setting_set --app=$app --key=path --value=$path_url +#================================================= +# STANDARD MODIFICATIONS +#================================================= +# INSTALL DEPENDENCIES +#================================================= +ynh_script_progression --message="Installing dependencies..." --weight=1 + +ynh_install_app_dependencies $pkg_dependencies + #================================================= # CREATE DEDICATED USER #================================================= @@ -62,6 +71,18 @@ ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + +#================================================= +# PHP-FPM CONFIGURATION +#================================================= +ynh_script_progression --message="Configuring PHP-FPM..." --weight=5 + +# Create a dedicated PHP-FPM config +ynh_add_fpm_config + #================================================= # NGINX CONFIGURATION #================================================= @@ -71,14 +92,7 @@ ynh_script_progression --message="Configuring NGINX web server..." --weight=2 ynh_add_nginx_config #================================================= -# PHP-FPM CONFIGURATION -#================================================= -ynh_script_progression --message="Configuring PHP-FPM..." --weight=5 - -# Create a dedicated PHP-FPM config -ynh_install_app_dependencies "$extra_php_dependencies" -ynh_add_fpm_config - +# SPECIFIC SETUP #================================================= # ADD A CONFIGURATION #================================================= @@ -103,6 +117,8 @@ chmod 440 "$final_path/config.local.php" chmod 440 "$final_path/config.local.yunohost.php" chmod 660 "$final_path/config.local.user.php" +#================================================= +# GENERIC FINALIZATION #================================================= # SETUP SSOWAT #================================================= @@ -111,6 +127,8 @@ ynh_script_progression --message="Configuring permissions..." --weight=8 # Make app public if necessary if [ $is_public -eq 1 ] then + # Everyone can access the app. + # The "main" permission is automatically created before the install script. ynh_permission_update --permission="main" --add="visitors" fi @@ -125,4 +143,4 @@ ynh_systemd_action --service_name=nginx --action=reload # END OF SCRIPT #================================================= -ynh_script_progression --message="Installation of Garradin completed" --last \ No newline at end of file +ynh_script_progression --message="Installation of $app completed" --last diff --git a/scripts/remove b/scripts/remove index eebf208..40ca2ab 100644 --- a/scripts/remove +++ b/scripts/remove @@ -19,6 +19,8 @@ app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app=$app --key=domain) final_path=$(ynh_app_setting_get --app=$app --key=final_path) +#================================================= +# STANDARD REMOVE #================================================= # REMOVE APP MAIN DIR #================================================= @@ -41,15 +43,12 @@ ynh_remove_nginx_config ynh_script_progression --message="Removing PHP-FPM configuration..." --weight=2 # Remove the dedicated PHP-FPM config -# NB: If there is a warning because it cannot locate the garradin-ynh-deps package, ignore -# It's just it has been removed before. -# https://github.com/YunoHost/yunohost/blob/509ba1e8a28e0be598aa0617eda06669b7b0f1d8/data/helpers.d/php#L284-L287 ynh_remove_fpm_config #================================================= # REMOVE DEPENDENCIES #================================================= -ynh_script_progression --message="Removing dependencies..." +ynh_script_progression --message="Removing dependencies..." --weight=1 # Remove metapackage and its dependencies ynh_remove_app_dependencies @@ -68,4 +67,4 @@ ynh_system_user_delete --username=$app # END OF SCRIPT #================================================= -ynh_script_progression --message="Removal of $app completed" --last \ No newline at end of file +ynh_script_progression --message="Removal of $app completed" --last diff --git a/scripts/upgrade b/scripts/upgrade index 303464f..f7dc621 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -18,14 +18,14 @@ app=$YNH_APP_INSTANCE_NAME domain=$(ynh_app_setting_get --app=$app --key=domain) path_url=$(ynh_app_setting_get --app=$app --key=path) -final_path=$(ynh_app_setting_get --app=$app --key=final_path) || ynh_die --message="This path already contains a folder" +final_path=$(ynh_app_setting_get --app=$app --key=final_path) phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) -secret_key=$(ynh_string_random --length=50) +secret_key=$(ynh_app_setting_get --app=$app --key=secret_key) #================================================= # CHECK VERSION #================================================= -ynh_script_progression --message="Checking version..." +ynh_script_progression --message="Checking version..." --weight=1 upgrade_type=$(ynh_check_app_version_changed) @@ -37,8 +37,8 @@ ynh_script_progression --message="Backing up the app before upgrading (may take # Backup the current version of the app ynh_backup_before_upgrade ynh_clean_setup () { - # Restore it if the upgrade fails - ynh_restore_upgradebackup + # Restore it if the upgrade fails + ynh_restore_upgradebackup } # Exit if an error occurs during the execution of the script ynh_abort_if_errors @@ -58,66 +58,22 @@ fi # Cleaning legacy permissions if ynh_legacy_permissions_exists; then - ynh_legacy_permissions_delete_all + ynh_legacy_permissions_delete_all - ynh_app_setting_delete --app=$app --key=is_public + ynh_app_setting_delete --app=$app --key=is_public fi -#================================================= -# Backup Data -#================================================= -ynh_script_progression --message="Backing up the data before upgrading (may take a while)..." --weight=30 - -bdd=$final_path/association.sqlite -squelettes=$final_path/www/squelettes -data=$final_path/data -skel_dist=$final_path/www/skel-dist - -if [ -d "$squelettes" ]; then - cp -a "$squelettes" /tmp/squelettes -fi - -if [ -e "$bdd" ]; then - cp -a "$bdd" /tmp/association.sqlite -fi - -if [ -d "$data" ]; then - cp -a "$data" /tmp/data -fi - -if [ -d "$skel_dist" ]; then - cp -a "$skel_dist" /tmp/skel-dist -fi - -#================================================= -# UPGRADE TO 1.1.0 if necessary -#================================================= - if ynh_compare_current_package_version --comparison lt --version 1.1.0~ynh1 then ynh_script_progression --message="Upgrading to 1.1.0" --weight=5 # Download, check integrity, uncompress and patch the source from 0.9.8.src - ynh_setup_source --keep="config.local.php" --dest_dir="$final_path" --source_id="1.1.0" + ynh_setup_source --keep="association.sqlite squelettes/ data/ skel-dist/ config.local.user.php config.local.php" --dest_dir="$final_path" --source_id="1.1.0" # Set permissions on app files ynh_system_user_create --username=$app ynh_add_nginx_config ynh_install_app_dependencies "$extra_php_dependencies" ynh_add_fpm_config phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) - ynh_script_progression --message="restore data..." --weight=10 - - backup_bdd=/tmp/association.sqlite - backup_squelettes=/tmp/squelettes - - if [ -d "$backup_squelettes" ] - then - cp -a "$backup_squelettes" $final_path/www/squelettes - fi - - if [ -e "$backup_bdd" ] - then - cp -a "$backup_bdd" $final_path/association.sqlite - fi chown -R $app:$app $final_path chmod 755 $final_path @@ -146,12 +102,31 @@ ynh_system_user_create --username=$app --home_dir="$final_path" if [ "$upgrade_type" == "UPGRADE_APP" ] then - ynh_script_progression --message="Upgrading source files..." --weight=5 + ynh_script_progression --message="Upgrading source files..." --weight=5 - # Download, check integrity, uncompress and patch the source from app.src - ynh_setup_source --keep="config.local.user.php" --dest_dir="$final_path" + # Download, check integrity, uncompress and patch the source from app.src + ynh_setup_source --dest_dir="$final_path" --keep="association.sqlite squelettes/ data/ skel-dist/ config.local.user.php" fi +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + +#================================================= +# UPGRADE DEPENDENCIES +#================================================= +ynh_script_progression --message="Upgrading dependencies..." --weight=1 + +ynh_install_app_dependencies $pkg_dependencies + +#================================================= +# PHP-FPM CONFIGURATION +#================================================= +ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=2 + +# Create a dedicated PHP-FPM config +ynh_add_fpm_config + #================================================= # NGINX CONFIGURATION #================================================= @@ -161,52 +136,11 @@ ynh_script_progression --message="Upgrading NGINX web server configuration..." - ynh_add_nginx_config #================================================= -# PHP-FPM CONFIGURATION +# SPECIFIC UPGRADE #================================================= -ynh_script_progression --message="Upgrading PHP-FPM configuration..." --weight=2 - -# Create a dedicated PHP-FPM config -ynh_install_app_dependencies "$extra_php_dependencies" -ynh_add_fpm_config - -#======================================================= -# backup bdd, squelettes directory and config.local.php -#======================================================= -ynh_script_progression --message="restore data..." --weight=10 - -backup_bdd=/tmp/association.sqlite -backup_squelettes=/tmp/squelettes -backup_data=/tmp/data -backup_skel_dist=/tmp/skel-dist - -if [ -d "$backup_squelettes" ] -then - cp -a "$backup_squelettes" $final_path/www/squelettes - ynh_secure_remove $backup_squelettes -fi - -if [ -e "$backup_bdd" ] -then - cp -a "$backup_bdd" $final_path/association.sqlite - ynh_secure_remove $backup_bdd -fi - -if [ -d "$backup_data" ] -then - cp -a "$backup_data" $final_path/data - ynh_secure_remove $backup_data -fi - -if [ -d "$backup_skel_dist" ] -then - cp -a "$backup_skel_dist" $final_path/www/skel-dist - ynh_secure_remove $backup_skel_dist -fi - +# UPDATE A CONFIG FILE #================================================= -# ADD A CONFIGURATION -#================================================= -ynh_script_progression --message="Adding a configuration file..." --weight=5 +ynh_script_progression --message="Updating a configuration file..." --weight=5 if ynh_compare_current_package_version --comparison lt --version 1.1.15~ynh1; then ynh_add_config --template="config.local.user.php" --destination="$final_path/config.local.user.php" @@ -227,6 +161,13 @@ chmod 440 "$final_path/config.local.php" chmod 440 "$final_path/config.local.yunohost.php" chmod 660 "$final_path/config.local.user.php" +#================================================= +# FINALISE UPGRADE +#================================================= +ynh_script_progression --message="Finalise upgrade" --weight=1 + +ynh_local_curl "/admin/index.php" + #================================================= # GENERIC FINALIZATION #================================================= @@ -236,15 +177,8 @@ ynh_script_progression --message="Reloading NGINX web server..." --weight=1 ynh_systemd_action --service_name=nginx --action=reload -#================================================= -# Finalise Upgrade -#================================================= -ynh_script_progression --message="Finalise upgrade" --weight=1 - -ynh_local_curl "/admin/index.php" - #================================================= # END OF SCRIPT #================================================= -ynh_script_progression --message="Upgrade of $app completed" --last \ No newline at end of file +ynh_script_progression --message="Upgrade of $app completed" --last