diff --git a/README.md b/README.md index 5336221..a4bd460 100644 --- a/README.md +++ b/README.md @@ -58,8 +58,8 @@ LDAP authentication is activated. All YunoHost users can authenticate. #### Supported architectures -* x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/mastodon%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/mastodon/) -* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/mastodon%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/mastodon/) +* x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/mastodon.svg)](https://ci-apps.yunohost.org/ci/apps/mastodon/) +* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/mastodon.svg)](https://ci-apps-arm.yunohost.org/ci/apps/mastodon/) ## Links diff --git a/README_fr.md b/README_fr.md index 6553753..1f1fc84 100644 --- a/README_fr.md +++ b/README_fr.md @@ -59,8 +59,8 @@ L'authentification LDAP est activée. Tous les utilisateurs YunoHost peuvent s'a #### Architectures supportées -* x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/mastodon%20%28Apps%29.svg)](https://ci-apps.yunohost.org/ci/apps/mastodon/) -* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/mastodon%20%28Apps%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/mastodon/) +* x86-64 - [![Build Status](https://ci-apps.yunohost.org/ci/logs/mastodon.svg)](https://ci-apps.yunohost.org/ci/apps/mastodon/) +* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/mastodon.svg)](https://ci-apps-arm.yunohost.org/ci/apps/mastodon/) ## Liens diff --git a/check_process b/check_process index 64394f4..1fb0ee9 100644 --- a/check_process +++ b/check_process @@ -17,21 +17,21 @@ # 3.1.2~ynh3 #upgrade=1 from_commit=6b30109fc986d83166b1805ec3ad7e28200e3743 # 3.1.2~ynh4 - upgrade=1 from_commit=d3df899e0a99a63ee1cf7ad845cc513aeaaf30ef + #upgrade=1 from_commit=d3df899e0a99a63ee1cf7ad845cc513aeaaf30ef # 3.2.0~ynh1 - upgrade=1 from_commit=bde14cc4496445fdfed4616ac44fc9527c8369fd + #upgrade=1 from_commit=bde14cc4496445fdfed4616ac44fc9527c8369fd # 3.2.1~ynh1 - upgrade=1 from_commit=248b717f373f3c82bdb19c33cf20980494608697 + #upgrade=1 from_commit=248b717f373f3c82bdb19c33cf20980494608697 # 3.2.1~ynh2 - upgrade=1 from_commit=74908bf3e70c134bc838c7db3ae8b5aa0938cd75 + #upgrade=1 from_commit=74908bf3e70c134bc838c7db3ae8b5aa0938cd75 # 3.2.2~ynh1 - upgrade=1 from_commit=a233ccc644d97aa89756fac9f0ce68c98d81d27c + #upgrade=1 from_commit=a233ccc644d97aa89756fac9f0ce68c98d81d27c # 3.3.0~ynh1 - upgrade=1 from_commit=a7eb98db3fac0697b923072dcd78c1ca04bf0a12 + #upgrade=1 from_commit=a7eb98db3fac0697b923072dcd78c1ca04bf0a12 backup_restore=1 multi_instance=1 port_already_use=0 - change_url=0 + change_url=1 ;;; Options Email=yalh@yahoo.com Notification=all diff --git a/conf/app.src b/conf/app.src index 6fb011a..6383dac 100644 --- a/conf/app.src +++ b/conf/app.src @@ -1,5 +1,5 @@ -SOURCE_URL=https://github.com/tootsuite/mastodon/archive/v3.3.0.tar.gz -SOURCE_SUM=ffbaeaf18d9c440ac61c6c5c29fd6581b88c1d2843170f2cb5f0fcf8dcc0ecd6 +SOURCE_URL=https://github.com/tootsuite/mastodon/archive/1efcbb9cfe36d4428ef6af988bb0d7b25ace3971.tar.gz +SOURCE_SUM=4ecbfd34ea37d739fbcec11cf9b812e8d8f60f6367f8ce255a062d5d64d92557 SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=tar.gz SOURCE_IN_SUBDIR=true diff --git a/manifest.json b/manifest.json index 5b89865..d6aa9f1 100644 --- a/manifest.json +++ b/manifest.json @@ -9,7 +9,10 @@ "version": "3.3.0~ynh2", "url": "https://github.com/tootsuite/mastodon", "license": "AGPL-3.0-or-later", - "maintainer": [ + "maintainer": { + "name": "yalh76" + }, + "previous_maintainer": [ { "name": "cyp", "email": "cyp@rouquin.me" @@ -17,9 +20,6 @@ { "name": "nemsia", "email": "nemsia@nemsia.org" - }, - { - "name": "yalh76" } ], "requirements": { @@ -34,28 +34,16 @@ { "name": "domain", "type": "domain", - "ask": { - "en": "Choose a domain for Mastodon", - "fr": "Choisissez un domaine pour Mastodon" - }, "example": "example.com" }, { "name": "admin", "type": "user", - "ask": { - "en": "Choose an admin user", - "fr": "Choisissez l'administrateur" - }, "example": "johndoe" }, { "name": "is_public", "type": "boolean", - "ask": { - "en": "Is it a public application?", - "fr": "Est-ce une application publique ?" - }, "default": true }, { diff --git a/scripts/backup b/scripts/backup index c1d4f6f..590ce0f 100644 --- a/scripts/backup +++ b/scripts/backup @@ -6,7 +6,7 @@ # IMPORT GENERIC HELPERS #================================================= -#Keep this path for calling _common.sh inside the execution's context of backup and restore scripts +# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers diff --git a/scripts/install b/scripts/install index 0b79b96..f5da202 100644 --- a/scripts/install +++ b/scripts/install @@ -80,6 +80,14 @@ ynh_install_nodejs --nodejs_version=$NODEJS_VERSION ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ stable main" --package="yarn" --key="https://dl.yarnpkg.com/debian/pubkey.gpg" ynh_install_ruby --ruby_version=$RUBY_VERSION +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Configuring system user..." + +# Create a system user +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # CREATE A POSTGRESQL DATABASE #================================================= @@ -104,22 +112,18 @@ ynh_app_setting_set --app=$app --key=final_path --value=$final_path # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path/live" +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + #================================================= # NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Configuring nginx web server..." +ynh_script_progression --message="Configuring NGINX web server..." -# Create a dedicated nginx config +# Create a dedicated NGINX config ynh_add_nginx_config 'port_web port_stream' -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Configuring system user..." - -# Create a system user -ynh_system_user_create --username=$app --home_dir=$final_path - #================================================= # SPECIFIC SETUP #================================================= @@ -150,9 +154,9 @@ pushd "$final_path/live" popd #================================================= -# MODIFY A CONFIG FILE +# ADD A CONFIGURATION #================================================= -ynh_script_progression --message="Modifying a config file..." +ynh_script_progression --message="Adding a config file..." config="$final_path/live/.env.production" @@ -169,18 +173,32 @@ vapid_public_key="" ynh_add_config --template="../conf/.env.production.sample" --destination="$config" +chmod 400 "$config" +chown $app:$app "$config" + ynh_replace_string --match_string="registrations_mode: 'open'" --replace_string="registrations_mode: 'none'" --target_file="$final_path/live/config/settings.yml" ynh_replace_string --match_string="min_invite_role: 'admin'" --replace_string="min_invite_role: 'none'" --target_file="$final_path/live/config/settings.yml" ynh_store_file_checksum --file="$final_path/live/config/settings.yml" +chmod 400 "$final_path/live/config/settings.yml" +chown $app:$app "$final_path/live/config/settings.yml" + +#================================================= +# SETUP SYSTEMD +#================================================= +ynh_script_progression --message="Configuring a systemd service..." + +# Create a dedicated systemd config +ynh_add_systemd_config --service="$app-web" --template="mastodon-web.service" --others_var="port_web RBENV_ROOT" +ynh_add_systemd_config --service="$app-sidekiq" --template="mastodon-sidekiq.service" --others_var="RBENV_ROOT" +ynh_add_systemd_config --service="$app-streaming" --template="mastodon-streaming.service" --others_var="port_stream ynh_node_load_PATH ynh_node" + #================================================= # INSTALLING MASTODON #================================================= ynh_script_progression --message="Installing Mastodon..." -chown -R "$app": "$final_path" - pushd "$final_path/live" sudo -u $app $ynh_ruby_load_path bin/bundle config deployment 'true' sudo -u $app $ynh_ruby_load_path bin/bundle config without 'development test' @@ -201,11 +219,14 @@ ynh_app_setting_set --app="$app" --key=vapid_private_key --value="$vapid_private vapid_public_key=$(grep -oP "VAPID_PUBLIC_KEY=\K.+" "$final_path/live/key.txt") ynh_app_setting_set --app="$app" --key=vapid_public_key --value="$vapid_public_key" +ynh_secure_remove --file="$final_path/live/key.txt" + ynh_delete_file_checksum --file="$config" ynh_add_config --template="../conf/.env.production.sample" --destination="$config" -ynh_secure_remove --file="$final_path/live/key.txt" +chmod 400 "$config" +chown $app:$app "$config" #================================================= # SETUP THE CRON FILE @@ -214,42 +235,16 @@ ynh_script_progression --message="Setuping the cron file..." ynh_add_config --template="../conf/cron" --destination="/etc/cron.d/$app" -#================================================= -# SETUP SYSTEMD -#================================================= -ynh_script_progression --message="Configuring a systemd service..." - -# Create a dedicated systemd config -ynh_add_systemd_config --service="$app-web" --template="mastodon-web.service" --others_var="port_web RBENV_ROOT" -ynh_add_systemd_config --service="$app-sidekiq" --template="mastodon-sidekiq.service" --others_var="RBENV_ROOT" -ynh_add_systemd_config --service="$app-streaming" --template="mastodon-streaming.service" --others_var="port_stream ynh_node_load_PATH ynh_node" - -#================================================= -# STORE THE CONFIG FILE CHECKSUM -#================================================= -ynh_script_progression --message="Storing the config file checksum..." - -# Calculate and store the config file checksum into the app settings -ynh_store_file_checksum --file="$config" - #================================================= # GENERIC FINALIZATION -#================================================= -# SECURE FILES AND DIRECTORIES -#================================================= -ynh_script_progression --message="Securing files and directories..." - -# Set permissions to app files -chown -R "$app": "$final_path" - #================================================= # INTEGRATE SERVICE IN YUNOHOST #================================================= ynh_script_progression --message="Integrating service in YunoHost..." -yunohost service add "$app-web" --description "$app web service" -yunohost service add "$app-sidekiq" --description "$app sidekiq service" -yunohost service add "$app-streaming" --description "$app streaming service" +yunohost service add "$app-web" --description="$app web service" +yunohost service add "$app-sidekiq" --description="$app sidekiq service" +yunohost service add "$app-streaming" --description="$app streaming service" #================================================= # START SYSTEMD SERVICE @@ -278,7 +273,7 @@ ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --aut #================================================= # RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading nginx web server..." +ynh_script_progression --message="Reloading NGINX web server..." ynh_systemd_action --service_name=nginx --action=reload diff --git a/scripts/remove b/scripts/remove index 8a465a4..42b0109 100644 --- a/scripts/remove +++ b/scripts/remove @@ -29,7 +29,7 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path) # REMOVE SERVICE INTEGRATION IN YUNOHOST #================================================= -# Remove the service from the list of services known by Yunohost (added from `yunohost service add`) +# Remove the service from the list of services known by YunoHost (added from `yunohost service add`) if ynh_exec_warn_less yunohost service status "$app-web" >/dev/null then ynh_script_progression --message="Removing $app-web service integration..." @@ -64,7 +64,7 @@ ynh_remove_systemd_config --service="$app-streaming" ynh_script_progression --message="Removing the PostgreSQL database..." # Remove a database if it exists, along with the associated user -ynh_psql_remove_db --db_user="$db_user" --db_name="$db_name" +ynh_psql_remove_db --db_user=$db_user --db_name=$db_name #================================================= # REMOVE DEPENDENCIES @@ -88,9 +88,9 @@ ynh_secure_remove --file="$final_path" #================================================= # REMOVE NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Removing nginx web server configuration..." +ynh_script_progression --message="Removing NGINX web server configuration..." -# Remove the dedicated nginx config +# Remove the dedicated NGINX config ynh_remove_nginx_config #================================================= diff --git a/scripts/restore b/scripts/restore index a8cfd30..7a3808b 100644 --- a/scripts/restore +++ b/scripts/restore @@ -6,7 +6,7 @@ # IMPORT GENERIC HELPERS #================================================= -#Keep this path for calling _common.sh inside the execution's context of backup and restore scripts +# Keep this path for calling _common.sh inside the execution's context of backup and restore scripts source ../settings/scripts/_common.sh source ../settings/scripts/ynh_install_ruby__2 source ../settings/scripts/ynh_add_swap @@ -25,7 +25,7 @@ ynh_abort_if_errors #================================================= # LOAD SETTINGS #================================================= -ynh_script_progression --message="Loading settings..." +ynh_script_progression --message="Loading installation settings..." app=$YNH_APP_INSTANCE_NAME @@ -51,10 +51,18 @@ test ! -d $final_path \ #================================================= # RESTORE THE NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Restoring the nginx configuration..." +ynh_script_progression --message="Restoring the NGINX web server configuration..." ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf" +#================================================= +# RECREATE THE DEDICATED USER +#================================================= +ynh_script_progression --message="Recreating the dedicated system user..." + +# Create the dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # RESTORE THE APP MAIN DIR #================================================= @@ -62,21 +70,9 @@ ynh_script_progression --message="Restoring the app main directory..." ynh_restore_file --origin_path="$final_path" -#================================================= -# RECREATE THE DEDICATED USER -#================================================= -ynh_script_progression --message="Recreating the dedicated system user..." - -# Create the dedicated user (if not existing) -ynh_system_user_create --username=$app --home_dir=$final_path - -#================================================= -# RESTORE USER RIGHTS -#================================================= -ynh_script_progression --message="Restoring user rights..." - -# Restore permissions on app files -chown -R $app: $final_path +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" #================================================= # SPECIFIC RESTORATION @@ -96,6 +92,13 @@ fi ynh_script_progression --message="Adding $swap_needed Mo to swap..." ynh_add_swap --size=$swap_needed +#================================================= +# RESTORE THE CRON FILE +#================================================= +ynh_script_progression --message="Restoring the cron file..." + +ynh_restore_file --origin_path="/etc/cron.d/$app" + #================================================= # REINSTALL DEPENDENCIES #================================================= @@ -142,9 +145,9 @@ systemctl enable "$app-web" "$app-sidekiq" "$app-streaming" --quiet #================================================= ynh_script_progression --message="Integrating service in YunoHost..." -yunohost service add "$app-web" --description "$app web service" -yunohost service add "$app-sidekiq" --description "$app sidekiq service" -yunohost service add "$app-streaming" --description "$app streaming service" +yunohost service add "$app-web" --description="$app web service" +yunohost service add "$app-sidekiq" --description="$app sidekiq service" +yunohost service add "$app-streaming" --description="$app streaming service" #================================================= # START SYSTEMD SERVICE @@ -155,13 +158,6 @@ ynh_systemd_action --service_name=${app}-web --action="start" --log_path=systemd ynh_systemd_action --service_name=${app}-sidekiq --action="start" --log_path=systemd --line_match="Schedules Loaded" ynh_systemd_action --service_name=${app}-streaming --action="start" --log_path=systemd --line_match="Worker 1 now listening" -#================================================= -# RESTORE THE CRON FILE -#================================================= -ynh_script_progression --message="Restoring the cron file..." - -ynh_restore_file --origin_path="/etc/cron.d/$app" - #================================================= # GENERIC FINALIZATION #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index aa96bef..86555dc 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -49,7 +49,6 @@ upgrade_type=$(ynh_check_app_version_changed) #================================================= ynh_script_progression --message="Ensuring downward compatibility..." - # Cleaning legacy permissions if ynh_legacy_permissions_exists; then ynh_legacy_permissions_delete_all @@ -124,7 +123,7 @@ ynh_script_progression --message="Backing up the app before upgrading (may take ynh_backup_before_upgrade ynh_clean_setup () { ynh_clean_check_starting - # restore it if the upgrade fails + # Restore it if the upgrade fails ynh_restore_upgradebackup } # Exit if an error occurs during the execution of the script @@ -141,6 +140,14 @@ ynh_systemd_action --service_name=${app}-web --action="stop" --log_path=systemd ynh_systemd_action --service_name=${app}-sidekiq --action="stop" --log_path=systemd --line_match="Stopped" ynh_systemd_action --service_name=${app}-streaming --action="stop" --log_path=systemd --line_match="Stopped" +#================================================= +# CREATE DEDICATED USER +#================================================= +ynh_script_progression --message="Making sure dedicated system user exists..." + +# Create a dedicated user (if not existing) +ynh_system_user_create --username=$app --home_dir="$final_path" + #================================================= # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= @@ -171,10 +178,14 @@ then ynh_secure_remove --file="$final_path/live/config/initializers/timeout.rb" fi +chmod 750 "$final_path" +chmod -R o-rwx "$final_path" +chown -R $app:www-data "$final_path" + #================================================= # NGINX CONFIGURATION #================================================= -ynh_script_progression --message="Upgrading nginx web server configuration..." +ynh_script_progression --message="Upgrading NGINX web server configuration..." # Create a dedicated NGINX config ynh_add_nginx_config 'port_web port_stream' @@ -189,14 +200,6 @@ ynh_install_nodejs --nodejs_version=$NODEJS_VERSION ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ stable main" --package="yarn" --key="https://dl.yarnpkg.com/debian/pubkey.gpg" ynh_install_ruby --ruby_version=$RUBY_VERSION -#================================================= -# CREATE DEDICATED USER -#================================================= -ynh_script_progression --message="Making sure dedicated system user exists..." - -# Create a dedicated user (if not existing) -ynh_system_user_create --username=$app --home_dir=$final_path - #================================================= # SPECIFIC UPGRADE #================================================= @@ -227,14 +230,27 @@ pushd "$final_path/live" popd #================================================= -# MODIFY A CONFIG FILE +# UPDATE A CONFIG FILE #================================================= -ynh_script_progression --message="Modifying a config file..." +ynh_script_progression --message="Updating a config file..." language="$(echo $language | head -c 2)" ynh_add_config --template="../conf/.env.production.sample" --destination="$config" +chmod 400 "$config" +chown $app:$app "$config" + +#================================================= +# SETUP SYSTEMD +#================================================= +ynh_script_progression --message="Upgrading systemd configuration..." + +# Create a dedicated systemd config +ynh_add_systemd_config --service="$app-web" --template="mastodon-web.service" --others_var="port_web RBENV_ROOT" +ynh_add_systemd_config --service="$app-sidekiq" --template="mastodon-sidekiq.service" --others_var="RBENV_ROOT" +ynh_add_systemd_config --service="$app-streaming" --template="mastodon-streaming.service" --others_var="port_stream ynh_node_load_PATH ynh_node" + #================================================= # UPGRADE MASTODON #================================================= @@ -261,34 +277,16 @@ ynh_script_progression --message="Setuping the cron file..." ynh_add_config --template="../conf/cron" --destination="/etc/cron.d/$app" -#================================================= -# SETUP SYSTEMD -#================================================= -ynh_script_progression --message="Upgrading systemd configuration..." - -# Create a dedicated systemd config -ynh_add_systemd_config --service="$app-web" --template="mastodon-web.service" --others_var="port_web RBENV_ROOT" -ynh_add_systemd_config --service="$app-sidekiq" --template="mastodon-sidekiq.service" --others_var="RBENV_ROOT" -ynh_add_systemd_config --service="$app-streaming" --template="mastodon-streaming.service" --others_var="port_stream ynh_node_load_PATH ynh_node" - #================================================= # GENERIC FINALIZATION -#================================================= -# SECURE FILES AND DIRECTORIES -#================================================= -ynh_script_progression --message="Securing files and directories..." - -# Set permissions on app files -chown -R $app: $final_path - #================================================= # INTEGRATE SERVICE IN YUNOHOST #================================================= ynh_script_progression --message="Integrating service in YunoHost..." -yunohost service add "$app-web" --description "$app web service" -yunohost service add "$app-sidekiq" --description "$app sidekiq service" -yunohost service add "$app-streaming" --description "$app streaming service" +yunohost service add "$app-web" --description="$app web service" +yunohost service add "$app-sidekiq" --description="$app sidekiq service" +yunohost service add "$app-streaming" --description="$app streaming service" #================================================= # START SYSTEMD SERVICE @@ -302,7 +300,7 @@ ynh_systemd_action --service_name=${app}-streaming --action="start" --log_path=s #================================================= # RELOAD NGINX #================================================= -ynh_script_progression --message="Reloading nginx web server..." +ynh_script_progression --message="Reloading NGINX web server..." ynh_systemd_action --service_name=nginx --action=reload