From fe9362c3e48bb6f49349ddf3a189d3ebcdd212e8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=89ric=20Gaspar?= <46165813+ericgaspar@users.noreply.github.com> Date: Sat, 23 Jul 2022 10:02:19 +0200 Subject: [PATCH] Fix --- scripts/install | 9 ++++----- scripts/upgrade | 49 ++++++++++++++++++++++++++++++++++--------------- 2 files changed, 38 insertions(+), 20 deletions(-) diff --git a/scripts/install b/scripts/install index 60bb976..c40153d 100644 --- a/scripts/install +++ b/scripts/install @@ -63,7 +63,6 @@ ynh_app_setting_set --app=$app --key=domain --value=$domain ynh_app_setting_set --app=$app --key=adminusername --value=$admin ynh_app_setting_set --app=$app --key=secret_key --value=$key ynh_app_setting_set --app=$app --key=lfs_key --value=$lfs_key -ynh_app_setting_set --app=$app --key=web_port --value=$port #================================================= # STANDARD MODIFICATIONS @@ -98,7 +97,7 @@ ynh_mysql_setup_db --db_user=$db_user --db_name=$db_name #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= -ynh_script_progression --message="Setting up source files..." --time --weight=1 +ynh_script_progression --message="Setting up source files..." --weight=5 ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src @@ -114,7 +113,7 @@ chmod +x "$final_path/gitea" #================================================= # NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Configuring NGINX web server..." --time --weight=1 +ynh_script_progression --message="Configuring NGINX web server..." --weight=2 # Create a dedicated NGINX config ynh_add_nginx_config @@ -122,7 +121,7 @@ ynh_add_nginx_config #================================================= # CREATE DATA DIRECTORY #================================================= -ynh_script_progression --message="Creating a data directory..." --time --weight=1 +ynh_script_progression --message="Creating a data directory..." --weight=2 mkdir -p $datadir @@ -147,7 +146,7 @@ chown $app:$app "$final_path/custom/conf/app.ini" #================================================= # SETUP SYSTEMD #================================================= -ynh_script_progression --message="Configuring a systemd service..." --time --weight=1 +ynh_script_progression --message="Configuring a systemd service..." --weight=1 # Create a dedicated systemd config ynh_add_systemd_config diff --git a/scripts/upgrade b/scripts/upgrade index 1f26242..25f14a5 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -79,9 +79,18 @@ fi if ! ynh_permission_exists --permission="admin"; then # Create the required permissions - ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin + ynh_permission_create --permission="admin" --allowed=$admin fi +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Making sure dedicated system user exists..." --time --weight=1 + +ynh_system_user_create --username=$app --home_dir=$datadir --use_shell +# Add ssh permission for gitea user +adduser $app ssh.app + #================================================= # MIGRATION FROM GOGS #================================================= @@ -128,8 +137,8 @@ if [[ $migration_process -eq 1 ]]; then fi # Move data directory -if [ -e "/home/""$app" ] && [ ! -e $datadir ]; then - mv "/home/""$app" "$datadir" +if [ -e "/home/$app" ] && [ ! -e $datadir ]; then + mv "/home/$app" "$datadir" fi #================================================= @@ -146,7 +155,7 @@ chown $app:$app "$final_path/custom/conf/app.ini" #================================================= # NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Upgrading NGINX web server configuration..." --time --weight=1 +ynh_script_progression --message="Upgrading NGINX web server configuration..." --weight=2 # Create a dedicated NGINX config ynh_add_nginx_config @@ -154,7 +163,7 @@ ynh_add_nginx_config #================================================= # SETUP SYSTEMD #================================================= -ynh_script_progression --message="Upgrading systemd configuration..." --time --weight=1 +ynh_script_progression --message="Upgrading systemd configuration..." --weight=2 # Create a dedicated systemd config ynh_add_systemd_config @@ -255,13 +264,9 @@ case $upstream_version in esac # Install gitea source -ynh_setup_source $final_path source/$architecture +ynh_setup_source --dest_dir="$final_path" --source_id="../conf/source/$architecture" restart_gitea -# SETUP FAIL2BAN -ynh_script_progression --message="Configuring fail2ban..." -ynh_add_fail2ban_config --logpath "/var/log/$app/gitea.log" --failregex ".*Failed authentication attempt for .* from " --max_retry 5 - #================================================= # GENERIC FINALIZATION #================================================= @@ -276,12 +281,12 @@ if ! ynh_permission_exists --permission admin; then ynh_mysql_connect_as "$db_user" "$db_password" "$dbname" < ../conf/login_source.sql fi -# Add gitea to YunoHost's monitored services -ynh_script_progression --message="Register gitea service..." -yunohost service add "$app" --log "/var/log/$app/gitea.log" +#================================================= +# INTEGRATE SERVICE IN YUNOHOST +#================================================= +ynh_script_progression --message="Integrating service in YunoHost..." --time --weight=1 -# Add ssh permission for gitea user -adduser $app ssh.app +yunohost service add $app --description="A short description of the app" --log="/var/log/$app/$app.log" # Set permissions ynh_script_progression --message="Protecting directory" @@ -321,6 +326,20 @@ you don't see Gogs as installed." >&2 (cd /tmp; echo "/tmp/$script_post_migration > /tmp/$script_post_migration.log 2>&1" | at now + 2 minutes) fi +#================================================= +# UPGRADE FAIL2BAN +#================================================= +ynh_script_progression --message="Reconfiguring Fail2Ban..." --weight=1 + +ynh_add_fail2ban_config --logpath "/var/log/$app/gitea.log" --failregex ".*Failed authentication attempt for .* from " --max_retry 5 + +#================================================= +# RELOAD NGINX +#================================================= +ynh_script_progression --message="Reloading NGINX web server..." --time --weight=1 + +ynh_systemd_action --service_name=nginx --action=reload + #================================================= # END OF SCRIPT #=================================================