YunoHost-Apps/glitchsoc_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/glitchsoc_ynh.git synced 2024-09-03 19:15:59 +02:00
Code Issues Activity Actions 1

Merge branch 'develop'

Browse source
This commit is contained in:
yalh76 2019-05-10 02:00:48 +02:00
commit 2987ccf8b3
25 changed files with 1736 additions and 817 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

104
README.md
View file

@ -1,72 +1,30 @@
# Mastodon for YunoHost # Mastodon for YunoHost
[![Latest Version](https://img.shields.io/badge/version-2.5.2-green.svg?style=flat)](https://github.com/YunoHost-Apps/mastodon_ynh/releases) [![Integration level](https://dash.yunohost.org/integration/mastodon.svg)](https://dash.yunohost.org/appci/app/mastodon)
[![Status](https://img.shields.io/badge/status-testing-yellow.svg?style=flat)](https://github.com/YunoHost-Apps/mastodon_ynh/milestones) [![Install mastodon with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=mastodon)
[![Dependencies](https://img.shields.io/badge/dependencies-includes-lightgrey.svg?style=flat)](https://github.com/YunoHost-Apps/mastodon_ynh#dependencies)
[![GitHub license](https://img.shields.io/badge/license-GPLv3-blue.svg?style=flat)](https://raw.githubusercontent.com/YunoHost-Apps/mastodon_ynh/master/LICENSE)
[![Yunohost version](https://img.shields.io/badge/yunohost-2.7.12_tested-orange.svg?style=flat)](https://github.com/YunoHost/yunohost)
[![GitHub issues](https://img.shields.io/github/issues/YunoHost-Apps/mastodon_ynh.svg?style=flat)](https://github.com/YunoHost-Apps/mastodon_ynh/issues)
[![Install Mastodon with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=mastodon) *[Lire ce readme en français.](./README_fr.md)*
:warning: MAJ 05/06/17 :Cette application peut maintenant fonctionner sur ARM, mais l'installation prend plusieurs heures et il faut ajouter un swapfile de 1Go. > *This package allow you to install mastodon quickly and simply on a YunoHost server.
If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to know how to install and enjoy it.*
:warning: Cette application utilise les packages backports de Debian, nous vous recommendons de ne pas installer cette application directement en production
:warning: UPDATE 05/06/17 :This app can work now on ARM, but installation takes several hours and you must add a swapfile of 1GB. :warning: UPDATE 05/06/17 :This app can work now on ARM, but installation takes several hours and you must add a swapfile of 1GB.
:warning: This application uses the Debian backports packages, do not install this application directly in production :warning: This application uses the Debian backports packages, do not install this application directly in production
## Mastodon c'est quoi ? ## Overview
Mastodon est un réseau social gratuit et open source. Une alternative décentralisée aux plates-formes commerciales, elle évite les risques d'une seule société qui monopolise votre communication. Choisissez un serveur sur lequel vous faites confiance - selon votre choix, vous pouvez interagir avec tous les autres. N'importe qui peut exécuter sa propre instance de Mastodon et participer au réseau social de façon transparente.
[Source code](https://github.com/tootsuite/mastodon)
#### Ajout d'un "swapfile" si vous avez moins de 2Go de RAM
```
sudo dd if=/dev/zero of=/swapfile bs=1024 count=1024000
sudo chmod 600 /swapfile
sudo mkswap /swapfile
sudo swapon /swapfile
```
ajouter cette ligne dans /etc/fstab
```
/swapfile none swap sw 0 0
```
### Installation
#### Utilisation de __screen__ en cas de déconnection
```
$ sudo apt-get install screen
$ screen
$ sudo yunohost app install https://github.com/YunoHost-Apps/mastodon_ynh.git
```
Récuperer l'installation après une deconnection:
```
$ screen -d
$ screen -r
```
L'utilisateur admin est crée automatiquement comme: user@domain.tld
### Mise à jour
#### Utilisation de __screen__ fortement recommandé
`$ sudo yunohost app upgrade --verbose mastodon -u https://github.com/YunoHost-Apps/mastodon_ynh.git`
## Recommandations
Vous ne pouvez pas installer Mastodon en subdirectory, vous devez obligatoirement utiliser un domaine ou un sous-domaine pour cette application.
Il semble important de fermer les inscriptions pour votre Mastodon, pour que ça reste une instance privé. Nous vous invitons à bloquer les instances distantes malfaisantes depuis l'interface d'administration. Vous pouvez également ajouter un texte sur votre page d'accueil dans l'administration.
## What is Mastodon?
Mastodon is a free, open-source social network. A decentralized alternative to commercial platforms, it avoids the risks of a single company monopolizing your communication. Pick a server that you trust — whichever you choose, you can interact with everyone else. Anyone can run their own Mastodon instance and participate in the social network seamlessly. Mastodon is a free, open-source social network. A decentralized alternative to commercial platforms, it avoids the risks of a single company monopolizing your communication. Pick a server that you trust — whichever you choose, you can interact with everyone else. Anyone can run their own Mastodon instance and participate in the social network seamlessly.
**Shipped version:** 2.7.4
## Screenshots
![](https://framalibre.org/sites/default/files/mastodon.png)
[Source code](https://github.com/tootsuite/mastodon) [Source code](https://github.com/tootsuite/mastodon)
## Configuration
#### Adding "swapfile" If you have less than 2Go of RAM #### Adding "swapfile" If you have less than 2Go of RAM
``` ```
sudo dd if=/dev/zero of=/swapfile bs=1024 count=1024000 sudo dd if=/dev/zero of=/swapfile bs=1024 count=1024000
@ -103,3 +61,37 @@ The admin user is automatically created as: user@domain.tld
You can't install Mastodon in subdirectory, you must use a domain or subdomain for this application. You can't install Mastodon in subdirectory, you must use a domain or subdomain for this application.
It seems important to close the inscriptions for your Mastodon, so that it remains a private body. We invite you to block remote malicious instances from the administration interface. You can also add text on your home page. It seems important to close the inscriptions for your Mastodon, so that it remains a private body. We invite you to block remote malicious instances from the administration interface. You can also add text on your home page.
## Documentation
* Official documentation: https://docs.joinmastodon.org/
## YunoHost specific features
#### Supported architectures
* x86-64b - [![Build Status](https://ci-apps.yunohost.org/ci/logs/mastodon%20%28Community%29.svg)](https://ci-apps.yunohost.org/ci/apps/mastodon/)
* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/mastodon%20%28Community%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/mastodon/)
* Jessie x86-64b - [![Build Status](https://ci-stretch.nohost.me/ci/logs/mastodon%20%28Community%29.svg)](https://ci-stretch.nohost.me/ci/apps/mastodon/)
## Links
* Report a bug: https://github.com/YunoHost-Apps/mastodon_ynh/issues
* App website: https://joinmastodon.org/
* Github App website: https://github.com/tootsuite/mastodon
* YunoHost website: https://yunohost.org/
---
Developers info
----------------
**Only if you want to use a testing branch for coding, instead of merging directly into master.**
Please do your pull request to the [testing branch](https://github.com/YunoHost-Apps/mastodon_ynh/tree/testing).
To try the testing branch, please proceed like that.
```
sudo yunohost app install https://github.com/YunoHost-Apps/mastodon_ynh/tree/testing --debug
or
sudo yunohost app upgrade mastodon -u https://github.com/YunoHost-Apps/mastodon_ynh/tree/testing --debug
```

96
README_fr.md Normal file
View file

@ -0,0 +1,96 @@
# Mastodon pour YunoHost
[![Integration level](https://dash.yunohost.org/integration/mastodon.svg)](https://dash.yunohost.org/appci/app/mastodon)
[![Install mastodon with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=mastodon)
*[Read this readme in english.](./README.md)*
> *Ce package vous permet d'installer mastodon rapidement et simplement sur un serveur Yunohost.
Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.*
:warning: MAJ 05/06/17 :Cette application peut maintenant fonctionner sur ARM, mais l'installation prend plusieurs heures et il faut ajouter un swapfile de 1Go.
:warning: Cette application utilise les packages backports de Debian, nous vous recommendons de ne pas installer cette application directement en production
## Vue d'ensemble
Mastodon est un réseau social gratuit et open source. Une alternative décentralisée aux plates-formes commerciales, elle évite les risques d'une seule société qui monopolise votre communication. Choisissez un serveur sur lequel vous faites confiance - selon votre choix, vous pouvez interagir avec tous les autres. N'importe qui peut exécuter sa propre instance de Mastodon et participer au réseau social de façon transparente.
**Version incluse:** 2.7.4
## Captures d'écran
![](https://framalibre.org/sites/default/files/mastodon.png)
## Configuration
#### Ajout d'un "swapfile" si vous avez moins de 2Go de RAM
```
sudo dd if=/dev/zero of=/swapfile bs=1024 count=1024000
sudo chmod 600 /swapfile
sudo mkswap /swapfile
sudo swapon /swapfile
```
ajouter cette ligne dans /etc/fstab
```
/swapfile none swap sw 0 0
```
### Installation
#### Utilisation de __screen__ en cas de déconnection
```
$ sudo apt-get install screen
$ screen
$ sudo yunohost app install https://github.com/YunoHost-Apps/mastodon_ynh.git
```
Récuperer l'installation après une deconnection:
```
$ screen -d
$ screen -r
```
L'utilisateur admin est crée automatiquement comme: user@domain.tld
### Mise à jour
#### Utilisation de __screen__ fortement recommandé
`$ sudo yunohost app upgrade --verbose mastodon -u https://github.com/YunoHost-Apps/mastodon_ynh.git`
## Recommandations
Vous ne pouvez pas installer Mastodon en subdirectory, vous devez obligatoirement utiliser un domaine ou un sous-domaine pour cette application.
Il semble important de fermer les inscriptions pour votre Mastodon, pour que ça reste une instance privé. Nous vous invitons à bloquer les instances distantes malfaisantes depuis l'interface d'administration. Vous pouvez également ajouter un texte sur votre page d'accueil dans l'administration.
## Documentation
* Documentation officielle: https://docs.joinmastodon.org/
## Caractéristiques spécifiques YunoHost
#### Supported architectures
* x86-64b - [![Build Status](https://ci-apps.yunohost.org/ci/logs/mastodon%20%28Community%29.svg)](https://ci-apps.yunohost.org/ci/apps/mastodon/)
* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/mastodon%20%28Community%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/mastodon/)
* Jessie x86-64b - [![Build Status](https://ci-stretch.nohost.me/ci/logs/mastodon%20%28Community%29.svg)](https://ci-stretch.nohost.me/ci/apps/mastodon/)
## Links
* Signaler un bug: https://github.com/YunoHost-Apps/mastodon_ynh/issues
* Site de l'application: https://joinmastodon.org/
* Site Github de l'application: https://github.com/tootsuite/mastodon
* Site web YunoHost: https://yunohost.org/
---
Informations pour les développeurs
----------------
**Seulement si vous voulez utiliser une branche de test pour le codage, au lieu de fusionner directement dans la banche principale.**
Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/mastodon_ynh/tree/testing).
Pour essayer la branche testing, procédez comme suit.
```
sudo yunohost app install https://github.com/YunoHost-Apps/mastodon_ynh/tree/testing --debug
ou
sudo yunohost app upgrade mastodon -u https://github.com/YunoHost-Apps/mastodon_ynh/tree/testing --debug
```

15
check_process
View file

@ -3,25 +3,20 @@
; Manifest ; Manifest
domain="domain.tld" (DOMAIN) domain="domain.tld" (DOMAIN)
admin="john" (USER) admin="john" (USER)
path="/path" (PATH) language="fr_FR"
passwd="12345678"
; Checks ; Checks
pkg_linter=1 pkg_linter=1
setup_sub_dir=0 setup_sub_dir=0
setup_root=1 setup_root=1
setup_nourl=0 setup_nourl=0
setup_private=0 setup_private=0
setup_public=0 setup_public=1
upgrade=1 upgrade=1
backup_restore=1 backup_restore=1
multi_instance=0 multi_instance=1
wrong_user=0 incorrect_path=1
wrong_path=0
incorrect_path=0
corrupt_source=0
fail_download_source=0
port_already_use=0 port_already_use=0
final_path_already_use=0 change_url=0
;;; Levels ;;; Levels
Level 1=auto Level 1=auto
Level 2=auto Level 2=auto

232
conf/.env.production.sample Normal file
View file

@ -0,0 +1,232 @@
# Service dependencies
# You may set REDIS_URL instead for more advanced options
# You may also set REDIS_NAMESPACE to share Redis between multiple Mastodon servers
REDIS_HOST=localhost
REDIS_PORT=6379
# You may set DATABASE_URL instead for more advanced options
DB_HOST=localhost
DB_USER=__DB_USER__
DB_NAME=__DB_NAME__
DB_PASS=__DB_PWD__
DB_PORT=5432
# Optional ElasticSearch configuration
# ES_ENABLED=true
# ES_HOST=es
# ES_PORT=9200
# Federation
# Note: Changing LOCAL_DOMAIN at a later time will cause unwanted side effects, including breaking all existing federation.
# LOCAL_DOMAIN should *NOT* contain the protocol part of the domain e.g https://example.com.
LOCAL_DOMAIN=__DOMAIN__
# Changing LOCAL_HTTPS in production is no longer supported. (Mastodon will always serve https:// links)
# Use this only if you need to run mastodon on a different domain than the one used for federation.
# You can read more about this option on https://github.com/tootsuite/documentation/blob/master/Running-Mastodon/Serving_a_different_domain.md
# DO *NOT* USE THIS UNLESS YOU KNOW *EXACTLY* WHAT YOU ARE DOING.
# WEB_DOMAIN=mastodon.example.com
# Use this if you want to have several aliases handler@example1.com
# handler@example2.com etc. for the same user. LOCAL_DOMAIN should not
# be added. Comma separated values
# ALTERNATE_DOMAINS=example1.com,example2.com
# Application secrets
# Generate each with the `RAILS_ENV=production bundle exec rake secret` task (`docker-compose run --rm web rake secret` if you use docker compose)
SECRET_KEY_BASE=__SECRET_KEY_BASE__
OTP_SECRET=__OTP_SECRET__
# VAPID keys (used for push notifications
# You can generate the keys using the following command (first is the private key, second is the public one)
# You should only generate this once per instance. If you later decide to change it, all push subscription will
# be invalidated, requiring the users to access the website again to resubscribe.
#
# Generate with `RAILS_ENV=production bundle exec rake mastodon:webpush:generate_vapid_key` task (`docker-compose run --rm web rake mastodon:webpush:generate_vapid_key` if you use docker compose)
#
# For more information visit https://rossta.net/blog/using-the-web-push-api-with-vapid.html
VAPID_PRIVATE_KEY=__VAPID_PRIVATE_KEY__
VAPID_PUBLIC_KEY=__VAPID_PUBLIC_KEY__
# Registrations
# Single user mode will disable registrations and redirect frontpage to the first profile
# SINGLE_USER_MODE=true
# Prevent registrations with following e-mail domains
# EMAIL_DOMAIN_BLACKLIST=example1.com|example2.de|etc
# Only allow registrations with the following e-mail domains
# EMAIL_DOMAIN_WHITELIST=example1.com|example2.de|etc
# Optionally change default language
DEFAULT_LOCALE=__LANGUAGE__
# E-mail configuration
# Note: Mailgun and SparkPost (https://sparkpo.st/smtp) each have good free tiers
# If you want to use an SMTP server without authentication (e.g local Postfix relay)
# then set SMTP_AUTH_METHOD and SMTP_OPENSSL_VERIFY_MODE to 'none' and
# *comment* SMTP_LOGIN and SMTP_PASSWORD (leaving them blank is not enough).
SMTP_SERVER=localhost
SMTP_PORT=25
#SMTP_LOGIN=
#SMTP_PASSWORD=
SMTP_FROM_ADDRESS=__SMTP_FROM_ADDRESS__
#SMTP_DOMAIN= # defaults to LOCAL_DOMAIN
#SMTP_DELIVERY_METHOD=smtp # delivery method can also be sendmail
SMTP_AUTH_METHOD=none
#SMTP_CA_FILE=/etc/ssl/certs/ca-certificates.crt
SMTP_OPENSSL_VERIFY_MODE=none
#SMTP_ENABLE_STARTTLS_AUTO=true
#SMTP_TLS=true
# Optional user upload path and URL (images, avatars). Default is :rails_root/public/system. If you set this variable, you are responsible for making your HTTP server (eg. nginx) serve these files.
# PAPERCLIP_ROOT_PATH=/var/lib/mastodon/public-system
# PAPERCLIP_ROOT_URL=/system
# Optional asset host for multi-server setups
# The asset host must allow cross origin request from WEB_DOMAIN or LOCAL_DOMAIN
# if WEB_DOMAIN is not set. For example, the server may have the
# following header field:
# Access-Control-Allow-Origin: https://example.com/
# CDN_HOST=https://assets.example.com
# S3 (optional)
# The attachment host must allow cross origin request from WEB_DOMAIN or
# LOCAL_DOMAIN if WEB_DOMAIN is not set. For example, the server may have the
# following header field:
# Access-Control-Allow-Origin: https://192.168.1.123:9000/
# S3_ENABLED=true
# S3_BUCKET=
# AWS_ACCESS_KEY_ID=
# AWS_SECRET_ACCESS_KEY=
# S3_REGION=
# S3_PROTOCOL=http
# S3_HOSTNAME=192.168.1.123:9000
# S3 (Minio Config (optional) Please check Minio instance for details)
# The attachment host must allow cross origin request - see the description
# above.
# S3_ENABLED=true
# S3_BUCKET=
# AWS_ACCESS_KEY_ID=
# AWS_SECRET_ACCESS_KEY=
# S3_REGION=
# S3_PROTOCOL=https
# S3_HOSTNAME=
# S3_ENDPOINT=
# S3_SIGNATURE_VERSION=
# Swift (optional)
# The attachment host must allow cross origin request - see the description
# above.
# SWIFT_ENABLED=true
# SWIFT_USERNAME=
# For Keystone V3, the value for SWIFT_TENANT should be the project name
# SWIFT_TENANT=
# SWIFT_PASSWORD=
# Some OpenStack V3 providers require PROJECT_ID (optional)
# SWIFT_PROJECT_ID=
# Keystone V2 and V3 URLs are supported. Use a V3 URL if possible to avoid
# issues with token rate-limiting during high load.
# SWIFT_AUTH_URL=
# SWIFT_CONTAINER=
# SWIFT_OBJECT_URL=
# SWIFT_REGION=
# Defaults to 'default'
# SWIFT_DOMAIN_NAME=
# Defaults to 60 seconds. Set to 0 to disable
# SWIFT_CACHE_TTL=
# Optional alias for S3 (e.g. to serve files on a custom domain, possibly using Cloudfront or Cloudflare)
# S3_ALIAS_HOST=
# Streaming API integration
# STREAMING_API_BASE_URL=
# Advanced settings
# If you need to use pgBouncer, you need to disable prepared statements:
# PREPARED_STATEMENTS=false
# Cluster number setting for streaming API server.
# If you comment out following line, cluster number will be `numOfCpuCores - 1`.
STREAMING_CLUSTER_NUM=1
# Docker mastodon user
# If you use Docker, you may want to assign UID/GID manually.
# UID=1000
# GID=1000
# LDAP authentication (optional)
# LDAP_ENABLED=true
# LDAP_HOST=localhost
# LDAP_PORT=389
# LDAP_METHOD=simple_tls
# LDAP_BASE=ou=users,dc=yunohost,dc=org
# LDAP_BIND_DN=uid=__LDAP_USER__,ou=users,dc=yunohost,dc=org
# LDAP_PASSWORD=__LDAP_PASSWORD__
# LDAP_UID=uid
# LDAP_SEARCH_FILTER="%{uid}=%{email}"
# PAM authentication (optional)
# PAM authentication uses for the email generation the "email" pam variable
# and optional as fallback PAM_DEFAULT_SUFFIX
# The pam environment variable "email" is provided by:
# https://github.com/devkral/pam_email_extractor
# PAM_ENABLED=true
# Fallback email domain for email address generation (LOCAL_DOMAIN by default)
# PAM_EMAIL_DOMAIN=example.com
# Name of the pam service (pam "auth" section is evaluated)
# PAM_DEFAULT_SERVICE=rpam
# Name of the pam service used for checking if an user can register (pam "account" section is evaluated) (nil (disabled) by default)
# PAM_CONTROLLED_SERVICE=rpam
# Global OAuth settings (optional) :
# If you have only one strategy, you may want to enable this
# OAUTH_REDIRECT_AT_SIGN_IN=true
# Optional CAS authentication (cf. omniauth-cas) :
# CAS_ENABLED=true
# CAS_URL=https://sso.myserver.com/
# CAS_HOST=sso.myserver.com/
# CAS_PORT=443
# CAS_SSL=true
# CAS_VALIDATE_URL=
# CAS_CALLBACK_URL=
# CAS_LOGOUT_URL=
# CAS_LOGIN_URL=
# CAS_UID_FIELD='user'
# CAS_CA_PATH=
# CAS_DISABLE_SSL_VERIFICATION=false
# CAS_UID_KEY='user'
# CAS_NAME_KEY='name'
# CAS_EMAIL_KEY='email'
# CAS_NICKNAME_KEY='nickname'
# CAS_FIRST_NAME_KEY='firstname'
# CAS_LAST_NAME_KEY='lastname'
# CAS_LOCATION_KEY='location'
# CAS_IMAGE_KEY='image'
# CAS_PHONE_KEY='phone'
# Optional SAML authentication (cf. omniauth-saml)
# SAML_ENABLED=true
# SAML_ACS_URL=
# SAML_ISSUER=http://localhost:3000/auth/auth/saml/callback
# SAML_IDP_SSO_TARGET_URL=https://idp.testshib.org/idp/profile/SAML2/Redirect/SSO
# SAML_IDP_CERT=
# SAML_IDP_CERT_FINGERPRINT=
# SAML_NAME_IDENTIFIER_FORMAT=
# SAML_CERT=
# SAML_PRIVATE_KEY=
# SAML_SECURITY_WANT_ASSERTION_SIGNED=true
# SAML_SECURITY_WANT_ASSERTION_ENCRYPTED=true
# SAML_SECURITY_ASSUME_EMAIL_IS_VERIFIED=true
# SAML_ATTRIBUTES_STATEMENTS_UID="urn:oid:0.9.2342.19200300.100.1.1"
# SAML_ATTRIBUTES_STATEMENTS_EMAIL="urn:oid:1.3.6.1.4.1.5923.1.1.1.6"
# SAML_ATTRIBUTES_STATEMENTS_FULL_NAME="urn:oid:2.16.840.1.113730.3.1.241"
# SAML_ATTRIBUTES_STATEMENTS_FIRST_NAME="urn:oid:2.5.4.42"
# SAML_ATTRIBUTES_STATEMENTS_LAST_NAME="urn:oid:2.5.4.4"
# SAML_UID_ATTRIBUTE="urn:oid:0.9.2342.19200300.100.1.1"
# SAML_ATTRIBUTES_STATEMENTS_VERIFIED=
# SAML_ATTRIBUTES_STATEMENTS_VERIFIED_EMAIL=
# Use HTTP proxy for outgoing request (optional)
# http_proxy=http://gateway.local:8118
# Access control for hidden service.
# ALLOW_ACCESS_TO_HIDDEN_SERVICE=true

6
conf/app-mastodon.src
View file

@ -1,6 +0,0 @@
SOURCE_URL=https://github.com/tootsuite/mastodon/archive/v2.5.2.tar.gz
SOURCE_SUM=d25e432f1fcf223270414dd55be4d2878f1af86c21b1f2d7874fa1c57d75ebfb
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=

6
conf/app-rbenv.src
View file

@ -1,6 +0,0 @@
SOURCE_URL=https://github.com/rbenv/rbenv/archive/v1.1.1.tar.gz
SOURCE_SUM=41f1a60714c55eceb21d692a469aee1ec4f46bba351d0dfcb0c660ff9cf1a1c9
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=

6
conf/app-ruby-build.src
View file

@ -1,6 +0,0 @@
SOURCE_URL=https://github.com/rbenv/ruby-build/archive/v20180424.tar.gz
SOURCE_SUM=71dbaf87081369c1f5d27b6a94a927c1eeeb1f36bdffe7851f0a9c1ec87b9373
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=

6
conf/app.src Normal file
View file

@ -0,0 +1,6 @@
SOURCE_URL=https://github.com/tootsuite/mastodon/archive/v2.7.4.tar.gz
SOURCE_SUM=0e542c57228d482a068b05f639d8fe53dd9d413f7e7ce93cd1a088bd4d8d8366
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=

2
conf/cron Normal file
View file

@ -0,0 +1,2 @@
RAILS_ENV=production
@daily cd __FINAL__PATH__/live && /opt/rbenv/versions/2.6.0/bin/bundle exec rake __USER__:media:remove_remote

5
conf/mastodon-sidekiq.service
View file

@ -7,8 +7,9 @@
User=__APP__ User=__APP__
WorkingDirectory=__FINALPATH__/live WorkingDirectory=__FINALPATH__/live
Environment="RAILS_ENV=production" Environment="RAILS_ENV=production"
Environment="DB_POOL=20" Environment="DB_POOL=25"
ExecStart=__FINALPATH__/live/bin/bundle exec sidekiq -c 20 -q default -q mailers -q pull -q push Environment="MALLOC_ARENA_MAX=2"
ExecStart=/opt/rbenv/versions/2.6.0/bin/bundle exec sidekiq -c 25
TimeoutSec=15 TimeoutSec=15
Restart=always Restart=always
StandardError=syslog StandardError=syslog

6
conf/mastodon-streaming.service
View file

@ -7,8 +7,10 @@
User=__APP__ User=__APP__
WorkingDirectory=__FINALPATH__/live WorkingDirectory=__FINALPATH__/live
Environment="NODE_ENV=production" Environment="NODE_ENV=production"
Environment="PORT=4000" Environment="PORT=__PORT_STREAM__"
ExecStart=/usr/bin/npm run start Environment="STREAMING_CLUSTER_NUM=1"
Environment=PATH=__NODEJS_PATH__
ExecStart=__NODEJS_PATH__/node ./streaming
TimeoutSec=15 TimeoutSec=15
Restart=always Restart=always
StandardError=syslog StandardError=syslog

5
conf/mastodon-web.service
View file

@ -7,8 +7,9 @@
User=__APP__ User=__APP__
WorkingDirectory=__FINALPATH__/live WorkingDirectory=__FINALPATH__/live
Environment="RAILS_ENV=production" Environment="RAILS_ENV=production"
Environment="PORT=3000" Environment="PORT=__PORT_WEB__"
ExecStart=__FINALPATH__/live/bin/bundle exec puma -C config/puma.rb ExecStart=/opt/rbenv/versions/2.6.0/bin/bundle exec puma -C config/puma.rb
ExecReload=/bin/kill -SIGUSR1 $MAINPID
TimeoutSec=15 TimeoutSec=15
Restart=always Restart=always
StandardError=syslog StandardError=syslog

29
conf/nginx.conf
View file

@ -10,15 +10,22 @@ location / {
rewrite ^ https://$server_name$request_uri? permanent; rewrite ^ https://$server_name$request_uri? permanent;
} }
proxy_set_header Accept-Encoding "";
try_files $uri @proxy; try_files $uri @proxy;
# Include SSOWAT user panel. # Include SSOWAT user panel.
include conf.d/yunohost_panel.conf.inc; include conf.d/yunohost_panel.conf.inc;
} }
# add to v1.4 assets location ~ ^/(emoji|packs|system/accounts/avatars|system/media_attachments/files) {
location ~ ^/(assets|system/media_attachments/files|system/accounts/avatars) {
add_header Cache-Control "public, max-age=31536000, immutable"; add_header Cache-Control "public, max-age=31536000, immutable";
add_header Strict-Transport-Security "max-age=31536000";
try_files $uri @proxy;
}
location /sw.js {
add_header Cache-Control "public, max-age=0";
add_header Strict-Transport-Security "max-age=31536000";
try_files $uri @proxy; try_files $uri @proxy;
} }
@ -27,13 +34,23 @@ location @proxy {
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https; proxy_set_header X-Forwarded-Proto https;
proxy_set_header Proxy "";
proxy_pass_header Server; proxy_pass_header Server;
proxy_pass http://127.0.0.1:3000; proxy_pass http://127.0.0.1:3000;
proxy_buffering off; proxy_buffering on;
proxy_redirect off; proxy_redirect off;
proxy_http_version 1.1; proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade; proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade"; proxy_set_header Connection "upgrade";
#proxy_cache CACHE;
proxy_cache_valid 200 7d;
proxy_cache_valid 410 24h;
proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
add_header X-Cached $upstream_cache_status;
add_header Strict-Transport-Security "max-age=31536000";
tcp_nodelay on; tcp_nodelay on;
} }
@ -42,11 +59,17 @@ location /api/v1/streaming {
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https; proxy_set_header X-Forwarded-Proto https;
proxy_set_header Proxy "";
proxy_pass http://127.0.0.1:4000; proxy_pass http://127.0.0.1:4000;
proxy_buffering off; proxy_buffering off;
proxy_redirect off; proxy_redirect off;
proxy_http_version 1.1; proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade; proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade"; proxy_set_header Connection "upgrade";
tcp_nodelay on; tcp_nodelay on;
} }
error_page 500 501 502 503 504 /500.html;

29
manifest.json
View file

@ -2,21 +2,21 @@
"name": "Mastodon", "name": "Mastodon",
"id": "mastodon", "id": "mastodon",
"packaging_format": 1, "packaging_format": 1,
"requirements": {
"yunohost": ">= 2.7.9"
},
"description": { "description": {
"en": "Mastodon is a free, open-source social network.", "en": "Mastodon is a free, open-source social network.",
"fr": "Mastodon est un réseau social gratuit et open source." "fr": "Mastodon est un réseau social gratuit et open source."
}, },
"version": "2.5.2", "version": "2.7.4~ynh1",
"url": "https://github.com/tootsuite/mastodon", "url": "https://github.com/tootsuite/mastodon",
"license": "AGPL-3.0-or-later", "license": "AGPL-3.0-or-later",
"maintainer": { "maintainer": {
"name": "cyp, nemsia", "name": "cyp, nemsia",
"email": "cyp@rouquin.me, nemsia@nemsia.org" "email": "cyp@rouquin.me, nemsia@nemsia.org"
}, },
"multi_instance": false, "requirements": {
"yunohost": ">= 3.4"
},
"multi_instance": true,
"services": [ "services": [
"nginx" "nginx"
], ],
@ -29,28 +29,29 @@
"en": "Choose a domain for Mastodon", "en": "Choose a domain for Mastodon",
"fr": "Choisissez un domaine pour Mastodon" "fr": "Choisissez un domaine pour Mastodon"
}, },
"example": "domain.org" "example": "example.com"
}, },
{ {
"name": "admin", "name": "admin",
"type": "user", "type": "user",
"ask": { "ask": {
"en": "Choose the Mastodon administrator (must be an existing YunoHost user)", "en": "Choose an admin user",
"fr": "Choisissez un administrateur Mastodon (doit être un utilisateur YunoHost)" "fr": "Choisissez l'administrateur"
}, },
"example": "john" "example": "johndoe"
}, },
{ {
"name": "passwd", "name": "is_public",
"type": "password", "type": "boolean",
"ask": { "ask": {
"en": "Enter password of this administrator ≥ 8 character", "en": "Is it a public application?",
"fr": "Ajouter le mot de passe pour cette administrateur ≥ 8 charactères" "fr": "Est-ce une application publique ?"
}, },
"example": "adminpassword" "default": true
}, },
{ {
"name": "language", "name": "language",
"type": "string",
"ask": { "ask": {
"en": "Choose the application language", "en": "Choose the application language",
"fr": "Choisissez la langue de l'application" "fr": "Choisissez la langue de l'application"

223
scripts/_common.sh
View file

@ -1,175 +1,78 @@
#!/bin/bash #!/bin/bash
# Execute a command as another user
# usage: exec_as USER COMMAND [ARG ...]
exec_as() {
local user=$1
shift 1
if [[ $user = $(whoami) ]]; then
eval "$@"
else
sudo --login --user="$user" "$@"
fi
}
#================================================= #=================================================
# # COMMON VARIABLES
# POSTGRES HELPERS
#
# Point of contact : Jean-Baptiste Holcroft <jean-baptiste@holcroft.fr>
#================================================= #=================================================
# Create a master password and set up global settings # dependencies used by the app
# Please always call this script in install and restore scripts #pkg_dependencies="imagemagick ffmpeg libpq-dev libxml2-dev libxslt1-dev file git-core g++ libprotobuf-dev protobuf-compiler pkg-config gcc autoconf bison build-essential libssl-dev libyaml-dev libreadline6-dev zlib1g-dev libncurses5-dev libffi-dev libgdbm5 libgdbm-dev nginx redis-server redis-tools postgresql postgresql-contrib certbot yarn libidn11-dev libicu-dev libjemalloc-dev"
pkg_dependencies="imagemagick libpq-dev libxml2-dev libxslt1-dev file curl apt-transport-https pkg-config libprotobuf-dev protobuf-compiler libicu-dev libidn11-dev redis-server redis-tools postgresql autoconf bison build-essential libssl-dev libyaml-dev libreadline6-dev zlib1g-dev libncurses5-dev libffi-dev libgdbm3 libgdbm-dev ffmpeg yarn"
#=================================================
# PERSONAL HELPERS
#=================================================
#=================================================
# EXPERIMENTAL HELPERS
#=================================================
#=================================================
# FUTURE OFFICIAL HELPERS
#=================================================
# Send an email to inform the administrator
# #
# usage: ynh_psql_test_if_first_run # usage: ynh_send_readme_to_admin app_message [recipients]
# | arg: app_message - The message to send to the administrator.
# | arg: recipients - The recipients of this email. Use spaces to separate multiples recipients. - default: root
# example: "root admin@domain"
# If you give the name of a YunoHost user, ynh_send_readme_to_admin will find its email adress for you
# example: "root admin@domain user1 user2"
ynh_send_readme_to_admin() {
local app_message="${1:-...No specific information...}"
local recipients="${2:-root}"
ynh_psql_test_if_first_run() { # Retrieve the email of users
if [ -f /etc/yunohost/psql ]; find_mails () {
local list_mails="$1"
local mail
local recipients=" "
# Read each mail in argument
for mail in $list_mails
do
# Keep root or a real email address as it is
if [ "$mail" = "root" ] || echo "$mail" | grep --quiet "@"
then then
echo "PostgreSQL is already installed, no need to create master password" recipients="$recipients $mail"
else else
pgsql=$(ynh_string_random) # But replace an user name without a domain after by its email
pg_hba="" if mail=$(ynh_user_get_info "$mail" "mail" 2> /dev/null)
echo "$pgsql" >> /etc/yunohost/psql then
recipients="$recipients $mail"
fi
fi
done
echo "$recipients"
}
recipients=$(find_mails "$recipients")
if [ -e /etc/postgresql/9.4/ ] local mail_subject="☁️🆈🅽🅷☁️: \`$app\` was just installed!"
local mail_message="This is an automated message from your beloved YunoHost server.
Specific information for the application $app.
$app_message
---
Automatic diagnosis data from YunoHost
$(yunohost tools diagnosis | grep -B 100 "services:" | sed '/services:/d')"
# Define binary to use for mail command
if [ -e /usr/bin/bsd-mailx ]
then then
pg_hba=/etc/postgresql/9.4/main/pg_hba.conf local mail_bin=/usr/bin/bsd-mailx
elif [ -e /etc/postgresql/9.6/ ]
then
pg_hba=/etc/postgresql/9.6/main/pg_hba.conf
else else
ynh_die "postgresql shoud be 9.4 or 9.6" local mail_bin=/usr/bin/mail.mailutils
fi fi
systemctl start postgresql # Send the email to the recipients
sudo --login --user=postgres psql -c"ALTER user postgres WITH PASSWORD '$pgsql'" postgres echo "$mail_message" | $mail_bin -a "Content-Type: text/plain; charset=UTF-8" -s "$mail_subject" "$recipients"
# force all user to connect to local database using passwords
# https://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html#EXAMPLE-PG-HBA.CONF
# Note: we can't use peer since YunoHost create users with nologin
# See: https://github.com/YunoHost/yunohost/blob/unstable/data/helpers.d/user
sed -i '/local\s*all\s*all\s*peer/i \
local all all password' "$pg_hba"
systemctl enable postgresql
systemctl reload postgresql
fi
}
# Open a connection as a user
#
# example: ynh_psql_connect_as 'user' 'pass' <<< "UPDATE ...;"
# example: ynh_psql_connect_as 'user' 'pass' < /path/to/file.sql
#
# usage: ynh_psql_connect_as user pwd [db]
# | arg: user - the user name to connect as
# | arg: pwd - the user password
# | arg: db - the database to connect to
ynh_psql_connect_as() {
user="$1"
pwd="$2"
db="$3"
sudo --login --user=postgres PGUSER="$user" PGPASSWORD="$pwd" psql "$db"
}
# # Execute a command as root user
#
# usage: ynh_psql_execute_as_root sql [db]
# | arg: sql - the SQL command to execute
# | arg: db - the database to connect to
ynh_psql_execute_as_root () {
sql="$1"
sudo --login --user=postgres psql <<< "$sql"
}
# Execute a command from a file as root user
#
# usage: ynh_psql_execute_file_as_root file [db]
# | arg: file - the file containing SQL commands
# | arg: db - the database to connect to
ynh_psql_execute_file_as_root() {
file="$1"
db="$2"
sudo --login --user=postgres psql "$db" < "$file"
}
# Create a database, an user and its password. Then store the password in the app's config
#
# After executing this helper, the password of the created database will be available in $db_pwd
# It will also be stored as "psqlpwd" into the app settings.
#
# usage: ynh_psql_setup_db user name [pwd]
# | arg: user - Owner of the database
# | arg: name - Name of the database
# | arg: pwd - Password of the database. If not given, a password will be generated
ynh_psql_setup_db () {
db_user="$1"
app="$1"
db_name="$2"
new_db_pwd=$(ynh_string_random) # Generate a random password
# If $3 is not given, use new_db_pwd instead for db_pwd.
db_pwd="${3:-$new_db_pwd}"
ynh_psql_create_db "$db_name" "$db_user" "$db_pwd" # Create the database
ynh_app_setting_set "$app" psqlpwd "$db_pwd" # Store the password in the app's config
}
# Create a database and grant privilegies to a user
#
# usage: ynh_psql_create_db db [user [pwd]]
# | arg: db - the database name to create
# | arg: user - the user to grant privilegies
# | arg: pwd - the user password
ynh_psql_create_db() {
db="$1"
user="$2"
pwd="$3"
ynh_psql_create_user "$user" "$pwd"
sudo --login --user=postgres createdb --owner="$user" "$db"
}
# Drop a database
#
# usage: ynh_psql_drop_db db
# | arg: db - the database name to drop
# | arg: user - the user to drop
ynh_psql_remove_db() {
db="$1"
user="$2"
sudo --login --user=postgres dropdb "$db"
ynh_psql_drop_user "$user"
}
# Dump a database
#
# example: ynh_psql_dump_db 'roundcube' > ./dump.sql
#
# usage: ynh_psql_dump_db db
# | arg: db - the database name to dump
# | ret: the psqldump output
ynh_psql_dump_db() {
db="$1"
sudo --login --user=postgres pg_dump "$db"
}
# Create a user
#
# usage: ynh_psql_create_user user pwd [host]
# | arg: user - the user name to create
ynh_psql_create_user() {
user="$1"
pwd="$2"
sudo --login --user=postgres psql -c"CREATE USER $user WITH PASSWORD '$pwd' CREATEDB;" postgres
}
# Drop a user
#
# usage: ynh_psql_drop_user user
# | arg: user - the user name to drop
ynh_psql_drop_user() {
user="$1"
sudo --login --user=postgres dropuser "$user"
} }

127
scripts/_future.sh
View file

@ -1,127 +0,0 @@
#!/bin/bash
# needed to have "service_name" as an option
# https://github.com/YunoHost/yunohost/commit/9c4ddcca39d9d6d92bd5f9a23978337e48d0a4e1
ynh_add_systemd_config () {
local service_name="${1:-$app}"
finalsystemdconf="/etc/systemd/system/$service_name.service"
ynh_backup_if_checksum_is_different "$finalsystemdconf"
sudo cp ../conf/${2:-systemd.service} "$finalsystemdconf"
# To avoid a break by set -u, use a void substitution ${var:-}. If the variable is not set, it's simply set with an empty variable.
# Substitute in a nginx config file only if the variable is not empty
if test -n "${final_path:-}"; then
ynh_replace_string "__FINALPATH__" "$final_path" "$finalsystemdconf"
fi
if test -n "${app:-}"; then
ynh_replace_string "__APP__" "$app" "$finalsystemdconf"
fi
ynh_store_file_checksum "$finalsystemdconf"
sudo chown root: "$finalsystemdconf"
sudo systemctl enable $service_name
sudo systemctl daemon-reload
}
# needed to have "service_name" as an option
# https://github.com/YunoHost/yunohost/commit/9c4ddcca39d9d6d92bd5f9a23978337e48d0a4e1
ynh_remove_systemd_config () {
local service_name="${1:-$app}"
local finalsystemdconf="/etc/systemd/system/$service_name.service"
if [ -e "$finalsystemdconf" ]; then
sudo systemctl stop $service_name
sudo systemctl disable $service_name
ynh_secure_remove "$finalsystemdconf"
sudo systemctl daemon-reload
fi
}
# LOCAL ADDITION:
# save file locally if not in the cache
#
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source () {
local dest_dir=$1
local src_id=${2:-app} # If the argument is not given, source_id equals "app"
# Load value from configuration file (see above for a small doc about this file
# format)
local src_url=$(grep 'SOURCE_URL=' "$YNH_CWD/../conf/${src_id}.src" | cut -d= -f2-)
local src_sum=$(grep 'SOURCE_SUM=' "$YNH_CWD/../conf/${src_id}.src" | cut -d= -f2-)
local src_sumprg=$(grep 'SOURCE_SUM_PRG=' "$YNH_CWD/../conf/${src_id}.src" | cut -d= -f2-)
local src_format=$(grep 'SOURCE_FORMAT=' "$YNH_CWD/../conf/${src_id}.src" | cut -d= -f2-)
local src_in_subdir=$(grep 'SOURCE_IN_SUBDIR=' "$YNH_CWD/../conf/${src_id}.src" | cut -d= -f2-)
local src_filename=$(grep 'SOURCE_FILENAME=' "$YNH_CWD/../conf/${src_id}.src" | cut -d= -f2-)
# Default value
src_sumprg=${src_sumprg:-sha256sum}
src_in_subdir=${src_in_subdir:-true}
src_format=${src_format:-tar.gz}
src_format=$(echo "$src_format" | tr '[:upper:]' '[:lower:]')
if [ "$src_filename" = "" ] ; then
src_filename="${src_id}.${src_format}"
fi
local local_src="/var/cache/yunohost/ynh_setup_source/${YNH_APP_ID}/${src_filename}"
# if cache file exists and the checksum isn't good, download it again
# if not, just download the file
if test -e "$local_src"
then
echo "${src_sum} ${local_src}" | ${src_sumprg} -c --status \
|| wget -nv -O $local_src $src_url
else
mkdir -p "/var/cache/yunohost/ynh_setup_source/${YNH_APP_ID}"
wget -nv -O $local_src $src_url
fi
cp $local_src $src_filename
# Check the control sum
echo "${src_sum} ${src_filename}" | ${src_sumprg} -c --status \
|| ynh_die "Corrupt source"
# Extract source into the app dir
mkdir -p "$dest_dir"
if [ "$src_format" = "zip" ]
then
# Zip format
# Using of a temp directory, because unzip doesn't manage --strip-components
if $src_in_subdir ; then
local tmp_dir=$(mktemp -d)
unzip -quo $src_filename -d "$tmp_dir"
cp -a $tmp_dir/*/. "$dest_dir"
ynh_secure_remove "$tmp_dir"
else
unzip -quo $src_filename -d "$dest_dir"
fi
else
local strip=""
if $src_in_subdir ; then
strip="--strip-components 1"
fi
if [[ "$src_format" =~ ^tar.gz|tar.bz2|tar.xz$ ]] ; then
tar -xf $src_filename -C "$dest_dir" $strip
else
ynh_die "Archive format unrecognized."
fi
fi
# Apply patches
if (( $(find $YNH_CWD/../sources/patches/ -type f -name "${src_id}-*.patch" 2> /dev/null | wc -l) > "0" )); then
local old_dir=$(pwd)
(cd "$dest_dir" \
&& for p in $YNH_CWD/../sources/patches/${src_id}-*.patch; do \
patch -p1 < $p; done) \
|| ynh_die "Unable to apply patches"
cd $old_dir
fi
# Add supplementary files
if test -e "$YNH_CWD/../sources/extra_files/${src_id}"; then
cp -a $YNH_CWD/../sources/extra_files/$src_id/. "$dest_dir"
fi
}

61
scripts/backup
View file

@ -6,56 +6,61 @@
# IMPORT GENERIC HELPERS # IMPORT GENERIC HELPERS
#================================================= #=================================================
if [ ! -e _common.sh ]; then #Keep this path for calling _common.sh inside the execution's context of backup and restore scripts
# Get the _common.sh file if it's not in the current directory source ../settings/scripts/_common.sh
cp ../settings/scripts/_common.sh ./_common.sh source ../settings/scripts/ynh_systemd_action
cp ../settings/scripts/_future.sh ./_future.sh
chmod a+rx _common.sh _future.sh
fi
source _common.sh
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
source _future.sh
#================================================= #=================================================
# MANAGE SCRIPT FAILURE # MANAGE SCRIPT FAILURE
#================================================= #=================================================
ynh_clean_setup () {
ynh_clean_check_starting
}
# Exit if an error occurs during the execution of the script # Exit if an error occurs during the execution of the script
ynh_abort_if_errors ynh_abort_if_errors
#================================================= #=================================================
# LOAD SETTINGS # LOAD SETTINGS
#================================================= #=================================================
ynh_print_info "Loading installation settings..."
# Get multi-instances specific variables
app=$YNH_APP_INSTANCE_NAME app=$YNH_APP_INSTANCE_NAME
# Retrieve app settings final_path=$(ynh_app_setting_get $app final_path)
domain=$(ynh_app_setting_get "$app" domain) domain=$(ynh_app_setting_get $app domain)
final_path=$(ynh_app_setting_get "$app" final_path) db_name=$(ynh_app_setting_get $app db_name)
db_name=$(ynh_app_setting_get "$app" db_name)
if [ -z "$db_name" ]; then #=================================================
db_name="${app}_production" # STOP MASTODON SERVICES
ynh_app_setting_set "$app" db_name "$db_name" #=================================================
fi ynh_print_info "Stopping Mastodon services..."
ynh_systemd_action --action=stop --service_name=${app}-web --line_match="Stopped" --log_path=systemd
ynh_systemd_action --action=stop --service_name=${app}-sidekiq --line_match="Stopped" --log_path=systemd
ynh_systemd_action --action=stop --service_name=${app}-streaming --line_match="Stopped" --log_path=systemd
#================================================= #=================================================
# STANDARD BACKUP STEPS # STANDARD BACKUP STEPS
#================================================= #=================================================
# BACKUP THE APP MAIN DIR # BACKUP THE APP MAIN DIR
#================================================= #=================================================
ynh_print_info "Backing up the main app directory..."
ynh_backup "$final_path" ynh_backup "$final_path"
#================================================= #=================================================
# BACKUP THE NGINX CONFIGURATION # BACKUP THE NGINX CONFIGURATION
#================================================= #=================================================
ynh_print_info "Backing up nginx web server configuration..."
ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf" ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf"
#================================================= #=================================================
# BACKUP THE MYSQL DATABASE # BACKUP THE POSTGRESQL DATABASE
#================================================= #=================================================
ynh_print_info "Backing up the PostgreSQL database..."
ynh_psql_dump_db "$db_name" > db.sql ynh_psql_dump_db "$db_name" > db.sql
@ -64,13 +69,29 @@ ynh_psql_dump_db "$db_name" > db.sql
#================================================= #=================================================
# BACKUP SYSTEMD # BACKUP SYSTEMD
#================================================= #=================================================
ynh_print_info "Backing up systemd configuration..."
ynh_backup "/etc/systemd/system/$app-web.service" ynh_backup "/etc/systemd/system/$app-web.service"
ynh_backup "/etc/systemd/system/$app-sidekiq.service" ynh_backup "/etc/systemd/system/$app-sidekiq.service"
ynh_backup "/etc/systemd/system/$app-streaming.service" ynh_backup "/etc/systemd/system/$app-streaming.service"
#================================================= #=================================================
# BACKUP THE sources.list FILES # BACKUP A CRON FILE
#================================================= #=================================================
ynh_backup "/etc/apt/sources.list.d/yarn.list" "apt_yarn.list" ynh_backup "/etc/cron.d/$app"
#=================================================
# START MASTODON SERVICES
#=================================================
ynh_print_info "Starting Mastodon services..."
ynh_systemd_action --action=start --service_name=${app}-web --line_match="Listening on tcp" --log_path=systemd
ynh_systemd_action --action=start --service_name=${app}-sidekiq --line_match="Starting processing" --log_path=systemd
ynh_systemd_action --action=start --service_name=${app}-streaming --line_match="Worker 1 now listening" --log_path=systemd
#=================================================
# END OF SCRIPT
#=================================================
ynh_print_info "Backup script completed for $app. (YunoHost will then actually copy those files to the archive)."

133
scripts/change_url Normal file
View file

@ -0,0 +1,133 @@
#!/bin/bash
#=================================================
# GENERIC STARTING
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source ynh_systemd_action
source /usr/share/yunohost/helpers
#=================================================
# RETRIEVE ARGUMENTS
#=================================================
old_domain=$YNH_APP_OLD_DOMAIN
old_path=$YNH_APP_OLD_PATH
new_domain=$YNH_APP_NEW_DOMAIN
new_path="/"
app=$YNH_APP_INSTANCE_NAME
#=================================================
# LOAD SETTINGS
#=================================================
ynh_print_info "Loading installation settings..."
# Needed for helper "ynh_add_nginx_config"
final_path=$(ynh_app_setting_get $app final_path)
# Add settings here as needed by your application
#db_name=$(ynh_app_setting_get "$app" db_name)
#db_pwd=$(ynh_app_setting_get $app db_pwd)
admin_mail=$(ynh_app_setting_get $app admin_mail)
#=================================================
# CHECK THE SYNTAX OF THE PATHS
#=================================================
test -n "$old_path" || old_path="/"
test -n "$new_path" || new_path="/"
new_path=$(ynh_normalize_url_path $new_path)
old_path=$(ynh_normalize_url_path $old_path)
#=================================================
# CHECK WHICH PARTS SHOULD BE CHANGED
#=================================================
change_domain=0
if [ "$old_domain" != "$new_domain" ]
then
change_domain=1
fi
change_path=0
if [ "$old_path" != "$new_path" ]
then
change_path=1
fi
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# MODIFY URL IN NGINX CONF
#=================================================
ynh_print_info "Updating nginx web server configuration..."
nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
# Change the path in the nginx config file
if [ $change_path -eq 1 ]
then
# Make a backup of the original nginx config file if modified
ynh_backup_if_checksum_is_different "$nginx_conf_path"
# Set global variables for nginx helper
domain="$old_domain"
path_url="$new_path"
# Create a dedicated nginx config
ynh_add_nginx_config
fi
# Change the domain for nginx
if [ $change_domain -eq 1 ]
then
# Delete file checksum for the old conf file location
ynh_delete_file_checksum "$nginx_conf_path"
mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf
# Store file checksum for the new config file location
ynh_store_file_checksum "/etc/nginx/conf.d/$new_domain.d/$app.conf"
fi
#=================================================
# SPECIFIC MODIFICATIONS
#=================================================
# STOP MASTODON SERVICES
#=================================================
ynh_print_info "Stopping Mastodon services..."
ynh_systemd_action --action=stop --service_name=${app}-web --line_match="Stopped" --log_path=systemd
ynh_systemd_action --action=stop --service_name=${app}-sidekiq --line_match="Stopped" --log_path=systemd
ynh_systemd_action --action=stop --service_name=${app}-streaming --line_match="Stopped" --log_path=systemd
#=================================================
# CHANGE CONFIGURATION
#=================================================
ynh_replace_string "LOCAL_DOMAIN=.*" "LOCAL_DOMAIN=${domain}" "${final_path}/live/.env.production"
#=================================================
# START MASTODON SERVICES
#=================================================
ynh_print_info "Starting Mastodon services..."
ynh_systemd_action --action=start --service_name=${app}-web --line_match="Listening on tcp" --log_path=systemd
ynh_systemd_action --action=start --service_name=${app}-sidekiq --line_match="Starting processing" --log_path=systemd
ynh_systemd_action --action=start --service_name=${app}-streaming --line_match="Worker 1 now listening" --log_path=systemd
#=================================================
# GENERIC FINALISATION
#=================================================
# RELOAD NGINX
#=================================================
ynh_print_info "Reloading nginx web server..."
systemctl reload nginx
#=================================================
# END OF SCRIPT
#=================================================
ynh_print_info "Change of URL completed for $app"

333
scripts/install
View file

@ -7,41 +7,53 @@
#================================================= #=================================================
source _common.sh source _common.sh
source ynh_install_ruby
source ynh_add_secure_repos__3
source ynh_systemd_action
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
source _future.sh
#================================================= #=================================================
# MANAGE SCRIPT FAILURE # MANAGE SCRIPT FAILURE
#================================================= #=================================================
ynh_clean_setup () {
ynh_clean_check_starting
}
# Exit if an error occurs during the execution of the script # Exit if an error occurs during the execution of the script
ynh_abort_if_errors ynh_abort_if_errors
#================================================= #=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST # RETRIEVE ARGUMENTS FROM THE MANIFEST
#================================================ #=================================================
domain=$YNH_APP_ARG_DOMAIN domain=$YNH_APP_ARG_DOMAIN
admin_mastodon=$YNH_APP_ARG_ADMIN path_url="/"
admin_mastodon_mail=$(ynh_user_get_info $admin_mastodon 'mail') admin=$YNH_APP_ARG_ADMIN
admin_pass=$YNH_APP_ARG_PASSWD is_public=$YNH_APP_ARG_IS_PUBLIC
language=$YNH_APP_ARG_LANGUAGE language=$YNH_APP_ARG_LANGUAGE
path_url="/" admin_mail=$(ynh_user_get_info $admin 'mail')
app=$YNH_APP_INSTANCE_NAME app=$YNH_APP_INSTANCE_NAME
#================================================= #=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#================================================= #=================================================
ynh_print_info "Validating installation parameters..."
final_path=/var/www/$app final_path=/var/www/$app
test ! -e "$final_path" || ynh_die "This path already contains a folder" test ! -e "$final_path" || ynh_die "This path already contains a folder"
# TODO: remove this test, don't as password anymore, generate it and send it by email to admin with: https://github.com/YunoHost-Apps/Experimental_helpers/tree/master/send_readme_to_admin if [ "$admin" != "package_checker" ]
[[ ${#admin_pass} -gt 7 ]] || ynh_die "Password is too weak, must be longer than 7 characters" then
# TODO : to be factorized into a helper someday ? ;)
MEM=$(free | grep "^Mem" | awk '{print $2}')
SWAP=$(free | grep "^Swap" | awk '{print $2}')
TOTAL_MEM_AND_SWAP=$(( ( $MEM+$SWAP ) / 1024 )) # In MB
[[ $TOTAL_MEM_AND_SWAP -gt 2500 ]] || ynh_die "You need at least 2500 Mo of RAM+Swap to install Mastodon. Please consult the README to learn how to add swap."
fi
# Normalize the url path syntax # Normalize the url path syntax
path_url=$(ynh_normalize_url_path $path_url) path_url=$(ynh_normalize_url_path $path_url)
@ -53,24 +65,32 @@ ynh_webpath_register $app $domain $path_url
#================================================= #=================================================
# STORE SETTINGS FROM MANIFEST # STORE SETTINGS FROM MANIFEST
#================================================= #=================================================
ynh_print_info "Storing installation settings..."
ynh_app_setting_set $app domain $domain ynh_app_setting_set $app domain $domain
ynh_app_setting_set $app admin $admin_mastodon
ynh_app_setting_set $app pass $admin_pass
ynh_app_setting_set $app language $language
ynh_app_setting_set $app path $path_url ynh_app_setting_set $app path $path_url
ynh_app_setting_set $app admin $admin
ynh_app_setting_set $app is_public $is_public
ynh_app_setting_set $app language $language
#================================================= #=================================================
# STANDARD MODIFICATIONS # STANDARD MODIFICATIONS
#================================================= #=================================================
# FIND AND OPEN A PORT
#=================================================
ynh_print_info "Configuring firewall..."
# Find a free port
port_web=$(ynh_find_port 3000)
port_stream=$(ynh_find_port 4000)
# Open this port
ynh_app_setting_set $app port_web $port_web
ynh_app_setting_set $app port_stream $port_stream
#================================================= #=================================================
# INSTALL DEPENDENCIES # INSTALL DEPENDENCIES
#================================================= #=================================================
ynh_print_info "Installing dependencies..."
# TODO: add in a clean way backports and yarn
# Import debian archive pubkey, need on ARM arch # Import debian archive pubkey, need on ARM arch
arch=$(uname -m) arch=$(uname -m)
@ -79,180 +99,166 @@ if [[ "$arch" = arm* ]]; then
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 7638D0442B90D010 apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 7638D0442B90D010
fi fi
# Install source.list debian package backports & yarn # Install extra_repo debian package backports & yarn
if [ "$(lsb_release --codename --short)" == "jessie" ]; then if [ "$(lsb_release --codename --short)" == "jessie" ]; then
echo "deb http://httpredir.debian.org/debian jessie-backports main" | tee /etc/apt/sources.list.d/jessie-backports.list ynh_install_extra_repo --repo="deb http://httpredir.debian.org/debian jessie-backports main" --append
fi fi
curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add -
echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list
ynh_package_update
# Creates the destination directory and stores its location. ynh_install_extra_repo --repo="deb https://dl.yarnpkg.com/debian/ stable main" --key="https://dl.yarnpkg.com/debian/pubkey.gpg" --append
ynh_app_setting_set "$app" final_path "$final_path"
# Install de Node.js # install nodejs
# TODO: use https://github.com/YunoHost-Apps/Experimental_helpers/blob/master/ynh_install_nodejs/ynh_install_nodejs ynh_install_nodejs 8
(
cd /opt
curl -sL https://deb.nodesource.com/setup_8.x | bash -
apt-get -y install nodejs
)
# TODO: use the same mecanism with other files ynh_install_app_dependencies $pkg_dependencies
ynh_install_app_dependencies \
`# debian packages ` \
imagemagick libpq-dev libxml2-dev libxslt1-dev file curl apt-transport-https pkg-config libprotobuf-dev protobuf-compiler libicu-dev libidn11-dev \
`# redis ` \
redis-server redis-tools \
`# postgresql ` \
postgresql \
`# Ruby ` \
autoconf bison build-essential libssl-dev libyaml-dev libreadline6-dev zlib1g-dev libncurses5-dev libffi-dev libgdbm3 libgdbm-dev \
`# ffmpeg from backports ` \
ffmpeg \
`# Yarn ` \
yarn
#================================================= #=================================================
# CREATE A DATABASE # CREATE A POSTGRESQL DATABASE
#================================================= #=================================================
ynh_print_info "Creating a PostgreSQL database..."
# TODO: use non-official https://github.com/YunoHost-Apps/Experimental_helpers/blob/master/postgres/postgres # Create postgresql database
# TODO: this commands doesn't looks like a requirement, you may fully remove it
# Set UTF8 encoding by default
ynh_psql_test_if_first_run
db_user=$(ynh_sanitize_dbid "$app")
db_name="${app}_production" db_name="${app}_production"
db_name=$(ynh_sanitize_dbid "$db_name") db_pwd=$(ynh_string_random 30)
db_pwd=$(ynh_string_random) ynh_app_setting_set "$app" db_name "$db_name"
ynh_app_setting_set $app db_name $db_name ynh_app_setting_set "$app" db_pwd "$db_pwd"
ynh_app_setting_set $app db_pwd $db_pwd ynh_psql_test_if_first_run
ynh_psql_setup_db "$db_user" "$db_name" "$db_pwd" ynh_psql_create_user "$app" "$db_pwd"
ynh_psql_execute_as_root \
"CREATE DATABASE $db_name ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' template=template0 OWNER $app;"
#================================================= #=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE # DOWNLOAD, CHECK AND UNPACK SOURCE
#================================================= #=================================================
ynh_print_info "Setting up source files..."
# Download all sources rbenv, ruby and mastodon ynh_app_setting_set $app final_path $final_path
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source "$final_path/.rbenv" "app-rbenv" mkdir $final_path
ynh_setup_source "$final_path/.rbenv/plugins/ruby-build" "app-ruby-build" ynh_setup_source "$final_path/live"
ynh_setup_source "$final_path/live" "app-mastodon"
#================================================= #=================================================
# NGINX CONFIGURATION # NGINX CONFIGURATION
#================================================= #=================================================
ynh_print_info "Configuring nginx web server..."
# TODO: use official helper ynh_add_nginx_config # Create a dedicated nginx config
# Modify Nginx configuration file and copy it to Nginx conf directory ynh_replace_string "__PORT_WEB__" "$port_web" "../conf/nginx.conf"
sed -i "s@__PATH__@$app@g" ../conf/nginx.conf* ynh_replace_string "__PORT_STREAM__" "$port_stream" "../conf/nginx.conf"
sed -i "s@__FINALPATH__@$final_path@g" ../conf/nginx.conf* ynh_add_nginx_config
cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf
#================================================= #=================================================
# CREATE DEDICATED USER # CREATE DEDICATED USER
#================================================= #=================================================
ynh_print_info "Configuring system user..."
# TODO: use official helper ynh_system_user_create # Create a system user
# Create user unix ynh_system_user_create $app $final_path
adduser $app --home $final_path --gecos "First Last,RoomNumber,WorkPhone,HomePhone" --disabled-password
chown -R "$app" "$final_path" #=================================================
# SPECIFIC SETUP
#=================================================
# INSTALLING RUBY AND BUNDLER
#=================================================
# TODO: try to use ynh_install_ruby from https://github.com/YunoHost-Apps/Experimental_helpers ynh_install_ruby --ruby_version=2.6.0
# Install de rbenv /opt/rbenv/versions/2.6.0/bin/gem update --system
( #/opt/rbenv/versions/2.6.0/bin/gem install bundler --no-document
cd $final_path/.rbenv
src/configure && make -C src
echo "export PATH=\"$final_path/.rbenv/bin:$final_path/live/bin:\$PATH\" #=================================================
eval \"\$(rbenv init -)\"" > $final_path/.profile # MODIFY A CONFIG FILE
echo "export PATH=\"$final_path/.rbenv/bin:$final_path/live/bin:\$PATH\"" > $final_path/.bashrc #=================================================
)
# Install ruby-build cp -f ../conf/.env.production.sample "$final_path/live/.env.production"
( ynh_replace_string "__DB_USER__" "$app" "$final_path/live/.env.production"
exec_as "$app" $final_path/.rbenv/bin/rbenv install 2.5.1 ynh_replace_string "__DB_NAME__" "$db_name" "$final_path/live/.env.production"
exec_as "$app" $final_path/.rbenv/bin/rbenv global 2.5.1 ynh_replace_string "__DB_PWD__" "$db_pwd" "$final_path/live/.env.production"
exec_as "$app" $final_path/.rbenv/versions/2.5.1/bin/ruby -v ynh_replace_string "__DOMAIN__" "$domain" "$final_path/live/.env.production"
) ynh_replace_string "__SMTP_FROM_ADDRESS__" "$admin_mail" "${final_path}/live/.env.production"
# Create symlink for ruby
rm /usr/bin/ruby || true
ln -s $final_path/.rbenv/versions/2.5.1/bin/ruby /usr/bin/ruby || true
# Yarn install on root
pushd $final_path/live
yarn install --pure-lockfile
popd
# Adjust Mastodon config
# TODO: use official helper ynh_replace_string
# TODO: save the config file in conf folder, to make replacement easier to read
# TODO: use ynh_string_random
cp -a $final_path/live/.env.production.sample $final_path/live/.env.production
sed -i "s@REDIS_HOST=redis@REDIS_HOST=127.0.0.1@g" "${final_path}/live/.env.production"
sed -i "s@DB_HOST=db@DB_HOST=/var/run/postgresql@g" "${final_path}/live/.env.production"
sed -i "s@DB_USER=postgres@DB_USER=${db_user}@g" "${final_path}/live/.env.production"
sed -i "s@DB_NAME=postgres@DB_NAME=${db_name}@g" "${final_path}/live/.env.production"
sed -i "s@DB_PASS=@DB_PASS=${db_pwd}@g" "${final_path}/live/.env.production"
sed -i "s@LOCAL_DOMAIN=example.com@LOCAL_DOMAIN=${domain}@g" "${final_path}/live/.env.production"
language="$(echo $language | head -c 2)" language="$(echo $language | head -c 2)"
sed -i "s@# DEFAULT_LOCALE=de@DEFAULT_LOCALE=${language}@g" "${final_path}/live/.env.production" ynh_replace_string "__LANGUAGE__" "$language" "$final_path/live/.env.production"
paperclip_secret=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128) paperclip_secret=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128)
ynh_replace_string "PAPERCLIP_SECRET=" "PAPERCLIP_SECRET=$paperclip_secret" "${final_path}/live/.env.production"
ynh_app_setting_set "$app" paperclip_secret "$paperclip_secret"
secret_key_base=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128) secret_key_base=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128)
ynh_replace_string "__SECRET_KEY_BASE__" "$secret_key_base" "$final_path/live/.env.production"
ynh_app_setting_set "$app" secret_key_base "$secret_key_base"
otp_secret=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128) otp_secret=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128)
sed -i "s@PAPERCLIP_SECRET=@PAPERCLIP_SECRET=${paperclip_secret}@g" "${final_path}/live/.env.production" ynh_replace_string "__OTP_SECRET__" "$otp_secret" "$final_path/live/.env.production"
sed -i "s@SECRET_KEY_BASE=@SECRET_KEY_BASE=${secret_key_base}@g" "${final_path}/live/.env.production" ynh_app_setting_set "$app" otp_secret "$otp_secret"
sed -i "s@OTP_SECRET=@OTP_SECRET=${otp_secret}@g" "${final_path}/live/.env.production"
sed -i "s@SMTP_LOGIN=@#SMTP_LOGIN=@g" "${final_path}/live/.env.production" #=================================================
sed -i "s@SMTP_PASSWORD=@#SMTP_PASSWORD=@g" "${final_path}/live/.env.production" # INSTALLING MASTODON
sed -i "s@SMTP_SERVER=smtp.mailgun.org@SMTP_SERVER=localhost@g" "${final_path}/live/.env.production" #=================================================
sed -i "s@SMTP_PORT=587@SMTP_PORT=25@g" "${final_path}/live/.env.production" ynh_print_info "Installing Mastodon..."
sed -i 's,SMTP_FROM_ADDRESS=notifications@example.com,SMTP_FROM_ADDRESS='${admin_mastodon}'@'${domain}',' "${final_path}/live/.env.production"
sed -i "s@#SMTP_AUTH_METHOD=plain@SMTP_AUTH_METHOD=none@g" "${final_path}/live/.env.production"
sed -i "s@#SMTP_OPENSSL_VERIFY_MODE=peer@SMTP_OPENSSL_VERIFY_MODE=none@g" "${final_path}/live/.env.production"
# Preconfig CSS & JS chown -R "$app": "$final_path"
# Install Mastodon
(
cd "$final_path/live"
su mastodon <<INSTALL
$final_path/.rbenv/versions/2.5.1/bin/gem install bundler
$final_path/live/bin/bundle install -j$(getconf _NPROCESSORS_ONLN) --deployment --without development test --quiet
yarn install --production --no-progress --non-interactive --silent
echo "SAFETY_ASSURED=1">> .env.production
RAILS_ENV=production $final_path/live/bin/bundle exec rails db:migrate --quiet
RAILS_ENV=production $final_path/live/bin/bundle exec rails assets:precompile --quiet
INSTALL
)
# TODO: use ynh_find_port to have generic port selection for RAILS pushd "$final_path/live"
ynh_use_nodejs
sudo -u "$app" env PATH=$PATH /opt/rbenv/versions/2.6.0/bin/bundle install -j$(getconf _NPROCESSORS_ONLN) --deployment --without development test
sudo -u "$app" env PATH=$PATH yarn install --pure-lockfile
sudo -u "$app" echo "SAFETY_ASSURED=1">> .env.production
sudo -u "$app" env PATH=$PATH RAILS_ENV=production /opt/rbenv/versions/2.6.0/bin/bundle exec rails db:migrate --quiet
sudo -u "$app" env PATH=$PATH RAILS_ENV=production /opt/rbenv/versions/2.6.0/bin/bundle exec rails assets:precompile --quiet
sudo -u "$app" env PATH=$PATH RAILS_ENV=production /opt/rbenv/versions/2.6.0/bin/bundle exec rake mastodon:webpush:generate_vapid_key > key.txt
sudo -u "$app" env PATH=$PATH RAILS_ENV=production bin/tootctl accounts create "$admin" --email="$admin_mail" --confirmed --role=admin > acc.txt
popd
admin_pass=$( tail -1 $final_path/live/acc.txt | head -1 | cut -c 15- )
ynh_secure_remove "$final_path/live/acc.txt"
vapid_private_key=$(grep -oP "VAPID_PRIVATE_KEY=\K\w+" "$final_path/live/key.txt")
vapid_public_key=$(grep -oP "VAPID_PUBLIC_KEY=\K\w+" "$final_path/live/key.txt")
ynh_replace_string "__VAPID_PRIVATE_KEY__" "$vapid_private_key" "${final_path}/live/.env.production"
ynh_replace_string "__VAPID_PUBLIC_KEY__" "$vapid_public_key" "${final_path}/live/.env.production"
ynh_app_setting_set "$app" vapid_private_key "$vapid_private_key"
ynh_app_setting_set "$app" vapid_public_key "$vapid_public_key"
ynh_secure_remove "$final_path/live/key.txt"
#=================================================
# SETUP CRON JOB FOR REMOVING CACHE
#=================================================
ynh_print_info "Setuping a cron job for rem0ving cache..."
ynh_replace_string "__FINAL_PATH__" "$final_path" ../conf/cron
ynh_replace_string "__USER__" "$app" ../conf/cron
sudo cp -f ../conf/cron /etc/cron.d/$app
#=================================================
# SETUP SYSTEMD
#=================================================
ynh_print_info "Configuring a systemd service..."
# Create a dedicated systemd config
ynh_replace_string "__PORT_WEB__" "$port_web" "../conf/mastodon-web.service"
ynh_replace_string "__PORT_STREAM__" "$port_stream" "../conf/mastodon-streaming.service"
ynh_replace_string "__NODEJS_PATH__" "$nodejs_path" "../conf/mastodon-streaming.service"
ynh_add_systemd_config "$app-web" "mastodon-web.service" ynh_add_systemd_config "$app-web" "mastodon-web.service"
# TODO: use ynh_find_port to have generic port selection for NODES
ynh_add_systemd_config "$app-sidekiq" "mastodon-sidekiq.service" ynh_add_systemd_config "$app-sidekiq" "mastodon-sidekiq.service"
ynh_add_systemd_config "$app-streaming" "mastodon-streaming.service" ynh_add_systemd_config "$app-streaming" "mastodon-streaming.service"
systemctl start "$app-web.service" "$app-sidekiq.service" "$app-streaming.service" #=================================================
# START MASTODON SERVICES
#=================================================
ynh_print_info "Starting Mastodon services..."
# Create user ynh_systemd_action --action=start --service_name=${app}-web --line_match="Listening on tcp" --log_path=systemd
( ynh_systemd_action --action=start --service_name=${app}-sidekiq --line_match="Starting processing" --log_path=systemd
cd "$final_path/live" ynh_systemd_action --action=start --service_name=${app}-streaming --line_match="Worker 1 now listening" --log_path=systemd
su mastodon <<CREATEUSER
RAILS_ENV=production bin/bundle exec rails c #=================================================
account = Account.create!(username: '$admin_mastodon') # STORE THE CONFIG FILE CHECKSUM
user = User.create!(email: '$admin_mastodon_mail', password: '$admin_pass', account: account) #=================================================
CREATEUSER
su mastodon <<SETADMIN # Calculate and store the config file checksum into the app settings
RAILS_ENV=production bin/bundle exec rails mastodon:make_admin USERNAME=$admin_mastodon ynh_store_file_checksum "${final_path}/live/.env.production"
RAILS_ENV=production bin/bundle exec rails mastodon:confirm_email USER_EMAIL=$admin_mastodon_mail
SETADMIN
)
#================================================= #=================================================
# GENERIC FINALIZATION # GENERIC FINALIZATION
@ -260,14 +266,13 @@ SETADMIN
# SECURE FILES AND DIRECTORIES # SECURE FILES AND DIRECTORIES
#================================================= #=================================================
# TODO:Set permissions to app files # Set permissions to app files
chown -R "$app" "$final_path" chown -R "$app": "$final_path"
#================================================= #=================================================
# ADVERTISE SERVICE IN ADMIN PANEL # ADVERTISE SERVICE IN ADMIN PANEL
#================================================= #=================================================
# Add service YunoHost
yunohost service add "$app-web" yunohost service add "$app-web"
yunohost service add "$app-sidekiq" yunohost service add "$app-sidekiq"
yunohost service add "$app-streaming" yunohost service add "$app-streaming"
@ -275,14 +280,36 @@ yunohost service add "$app-streaming"
#================================================= #=================================================
# SETUP SSOWAT # SETUP SSOWAT
#================================================= #=================================================
ynh_print_info "Configuring SSOwat..."
# TODO: all private install # Make app public if necessary
# Unprotected url if [ $is_public -eq 1 ]
ynh_app_setting_set "$app" unprotected_uris "/" then
# unprotected_uris allows SSO credentials to be passed anyway.
ynh_app_setting_set $app unprotected_uris "/"
fi
#================================================= #=================================================
# RELOAD NGINX # RELOAD NGINX
#================================================= #=================================================
ynh_print_info "Reloading nginx web server..."
# Reload Nginx
systemctl reload nginx systemctl reload nginx
#=================================================
# SEND A README FOR THE ADMIN
#=================================================
message="Mastodon was successfully installed :)
Please open 'https://$domain$path_url'
The admin email is: $admin_mail
The admin password is: $admin_pass
If you facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/mastodon_ynh"
ynh_send_readme_to_admin "$message" "$admin"
#=================================================
# END OF SCRIPT
#=================================================
ynh_print_info "Installation of $app completed"

116
scripts/remove
View file

@ -6,78 +6,83 @@
# IMPORT GENERIC HELPERS # IMPORT GENERIC HELPERS
#================================================= #=================================================
source _common.sh # Loads the generic functions usually used in the script source _common.sh
# Source app helpers source ynh_install_ruby
source ynh_add_secure_repos__3
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
source _future.sh
#================================================= #=================================================
# LOAD SETTINGS # LOAD SETTINGS
#================================================= #=================================================
ynh_print_info "Loading installation settings..."
app=$YNH_APP_INSTANCE_NAME app=$YNH_APP_INSTANCE_NAME
# Retrieve app settings domain=$(ynh_app_setting_get $app domain)
domain=$(ynh_app_setting_get "$app" domain) db_name=$(ynh_app_setting_get $app db_name)
db_name=$(ynh_app_setting_get "$app" db_name) final_path=$(ynh_app_setting_get $app final_path)
if [ -z "$db_name" ]; then
db_name="${app}_production"
ynh_app_setting_set "$app" db_name "$db_name"
fi
db_user=$(ynh_sanitize_dbid "$app")
final_path=$(ynh_app_setting_get "$app" final_path)
#================================================= #=================================================
# STANDARD REMOVE # STANDARD REMOVE
#================================================= #=================================================
# STOP AND REMOVE SERVICE # REMOVE SERVICE FROM ADMIN PANEL
#================================================= #=================================================
# Remove a service from the admin panel, added by `yunohost service add`
if yunohost service status "$app-web" >/dev/null 2>&1
then
ynh_print_info "Removing $app-web service"
yunohost service remove "$app-web"
fi
if yunohost service status "$app-sidekiq" >/dev/null 2>&1
then
ynh_print_info "Removing $app-sidekiq service"
yunohost service remove "$app-sidekiq"
fi
if yunohost service status "$app-streaming" >/dev/null 2>&1
then
ynh_print_info "Removing $app-streaming service"
yunohost service remove "$app-streaming"
fi
#=================================================
# STOP AND REMOVE SERVICE
#=================================================
ynh_print_info "Stopping and removing the systemd service"
# Remove the dedicated systemd config
ynh_remove_systemd_config "$app-web" ynh_remove_systemd_config "$app-web"
ynh_remove_systemd_config "$app-sidekiq" ynh_remove_systemd_config "$app-sidekiq"
ynh_remove_systemd_config "$app-streaming" ynh_remove_systemd_config "$app-streaming"
#================================================= #=================================================
# REMOVE SERVICE FROM ADMIN PANEL # REMOVE THE POSTGRESQL DATABASE
#============================================== #=================================================
ynh_print_info "Removing the PostgreSQL database"
if yunohost service status | grep -q "$app-web" ynh_psql_execute_as_root "\connect $db_name
then SELECT pg_terminate_backend (pg_stat_activity.pid) FROM pg_stat_activity WHERE pg_stat_activity.datname = '$db_name';"
echo "Remove $app-web service"
yunohost service remove "$app-web"
fi
if yunohost service status | grep -q "$app-sidekiq" # delete postgresql database & user
then ynh_psql_remove_db --db_name="$db_name" --db_user="$app"
echo "Remove $app-sidekiq service"
yunohost service remove "$app-sidekiq"
fi
if yunohost service status | grep -q "$app-streaming"
then
echo "Remove $app-streaming service"
yunohost service remove "$app-streaming"
fi
#================================================= #=================================================
# REMOVE DEPENDENCIES # REMOVE DEPENDENCIES
#================================================= #=================================================
ynh_print_info "Removing dependencies"
# Remove metapackage and its dependencies # Remove metapackage and its dependencies
ynh_remove_ruby
ynh_remove_app_dependencies ynh_remove_app_dependencies
ynh_remove_nodejs
#================================================= ynh_remove_extra_repo
# REMOVE THE PostgreSQL DATABASE
#=================================================
# delete postgresql database & user
ynh_psql_remove_db "$db_name" "$db_user"
#================================================= #=================================================
# REMOVE APP MAIN DIR # REMOVE APP MAIN DIR
#================================================= #=================================================
ynh_print_info "Removing app main directory"
# Remove the app directory securely # Remove the app directory securely
ynh_secure_remove "$final_path" ynh_secure_remove "$final_path"
@ -85,9 +90,10 @@ ynh_secure_remove "$final_path"
#================================================= #=================================================
# REMOVE NGINX CONFIGURATION # REMOVE NGINX CONFIGURATION
#================================================= #=================================================
ynh_print_info "Removing nginx web server configuration"
ynh_secure_remove "/etc/nginx/conf.d/${domain}.d/${app}.conf" # Remove the dedicated nginx config
systemctl reload nginx ynh_remove_nginx_config
#================================================= #=================================================
# SPECIFIC REMOVE # SPECIFIC REMOVE
@ -95,25 +101,21 @@ systemctl reload nginx
# REMOVE THE CRON FILE # REMOVE THE CRON FILE
#================================================= #=================================================
# Delete cronlog # Remove a cron file
ynh_secure_remove /etc/cron.d/$app ynh_secure_remove "/etc/cron.d/$app"
#=================================================
# REMOVE source.list
#=================================================
if [ "$(lsb_release --codename --short)" == "jessie" ]; then
ynh_secure_remove /etc/apt/sources.list.d/backports.list
ynh_secure_remove /etc/apt/sources.list.d/jessie-backports.list
fi
ynh_secure_remove /etc/apt/sources.list.d/yarn.list
# Delete ruby exec
#ynh_secure_remove /usr/bin/ruby
#================================================= #=================================================
# GENERIC FINALIZATION # GENERIC FINALIZATION
#================================================= #=================================================
# REMOVE DEDICATED USER # REMOVE DEDICATED USER
#================================================= #=================================================
ynh_print_info "Removing the dedicated system user"
userdel -f $app # Delete a system user
ynh_system_user_delete $app
#=================================================
# END OF SCRIPT
#=================================================
ynh_print_info "Removal of $app completed"

123
scripts/restore
View file

@ -6,38 +6,39 @@
# IMPORT GENERIC HELPERS # IMPORT GENERIC HELPERS
#================================================= #=================================================
if [ ! -e _common.sh ]; then #Keep this path for calling _common.sh inside the execution's context of backup and restore scripts
# Get the _common.sh file if it's not in the current directory source ../settings/scripts/_common.sh
cp ../settings/scripts/_common.sh ./_common.sh source ../settings/scripts/ynh_install_ruby
cp ../settings/scripts/_future.sh ./_future.sh source ../settings/scripts/ynh_add_secure_repos__3
chmod a+rx _common.sh _future.sh source ../settings/scripts/ynh_systemd_action
fi
source _common.sh
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
source _future.sh
#================================================= #=================================================
# MANAGE SCRIPT FAILURE # MANAGE SCRIPT FAILURE
#================================================= #=================================================
ynh_clean_setup () {
ynh_clean_check_starting
}
# Exit if an error occurs during the execution of the script # Exit if an error occurs during the execution of the script
ynh_abort_if_errors ynh_abort_if_errors
#================================================= #=================================================
# LOAD SETTINGS # LOAD SETTINGS
#================================================= #=================================================
ynh_print_info "Loading settings..."
app=$YNH_APP_INSTANCE_NAME app=$YNH_APP_INSTANCE_NAME
# Get old parameter of the app
domain=$(ynh_app_setting_get $app domain) domain=$(ynh_app_setting_get $app domain)
path_url=$(ynh_app_setting_get $app path) path_url=$(ynh_app_setting_get $app path)
is_public=$(ynh_app_setting_get $app is_public) final_path=$(ynh_app_setting_get $app final_path)
final_path=$(ynh_app_setting_get "$app" final_path) db_name=$(ynh_app_setting_get $app db_name)
#================================================= #=================================================
# CHECK IF THE APP CAN BE RESTORED # CHECK IF THE APP CAN BE RESTORED
#================================================= #=================================================
ynh_print_info "Validating restoration parameters..."
ynh_webpath_available $domain $path_url \ ynh_webpath_available $domain $path_url \
|| ynh_die "Path not available: ${domain}${path_url}" || ynh_die "Path not available: ${domain}${path_url}"
@ -55,15 +56,17 @@ ynh_restore_file "/etc/nginx/conf.d/$domain.d/$app.conf"
#================================================= #=================================================
# RESTORE THE APP MAIN DIR # RESTORE THE APP MAIN DIR
#================================================= #=================================================
ynh_print_info "Restoring the app main directory..."
ynh_restore_file "$final_path" ynh_restore_file "$final_path"
#================================================= #=================================================
# RECREATE THE DEDICATED USER # RECREATE THE DEDICATED USER
#================================================= #=================================================
ynh_print_info "Recreating the dedicated system user..."
# Create user unix # Create the dedicated user (if not existing)
adduser $app --home $final_path --gecos "First Last,RoomNumber,WorkPhone,HomePhone" --disabled-password ynh_system_user_create $app $final_path
#================================================= #=================================================
# RESTORE USER RIGHTS # RESTORE USER RIGHTS
@ -77,8 +80,7 @@ chown -R $app: $final_path
#================================================= #=================================================
# REINSTALL DEPENDENCIES # REINSTALL DEPENDENCIES
#================================================= #=================================================
ynh_print_info "Reinstalling dependencies..."
# TODO: add in a clean way backports and yarn
# Import debian archive pubkey, need on ARM arch # Import debian archive pubkey, need on ARM arch
arch=$(uname -m) arch=$(uname -m)
@ -87,54 +89,47 @@ if [[ "$arch" = arm* ]]; then
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 7638D0442B90D010 apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 7638D0442B90D010
fi fi
# Install source.list debian package backports & yarn # Install extra_repo debian package backports & yarn
if [ "$(lsb_release --codename --short)" == "jessie" ]; then if [ "$(lsb_release --codename --short)" == "jessie" ]; then
echo "deb http://httpredir.debian.org/debian jessie-backports main" | tee /etc/apt/sources.list.d/jessie-backports.list ynh_install_extra_repo --repo="deb http://httpredir.debian.org/debian jessie-backports main" --append
fi fi
curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - ynh_install_extra_repo --repo="deb https://dl.yarnpkg.com/debian/ stable main" --key="https://dl.yarnpkg.com/debian/pubkey.gpg" --append
echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list
ynh_package_update
# Install de Node.js # install nodejs
# TODO: use https://github.com/YunoHost-Apps/Experimental_helpers/blob/master/ynh_install_nodejs/ynh_install_nodejs ynh_install_nodejs 8
(
cd /opt
curl -sL https://deb.nodesource.com/setup_8.x | bash -
apt-get -y install nodejs
)
# TODO: use the same mecanism with other files ynh_install_app_dependencies $pkg_dependencies
ynh_install_app_dependencies \
`# debian packages ` \
imagemagick libpq-dev libxml2-dev libxslt1-dev file curl apt-transport-https pkg-config libprotobuf-dev protobuf-compiler libicu-dev libidn11-dev \
`# redis ` \
redis-server redis-tools \
`# postgresql ` \
postgresql \
`# Ruby ` \
autoconf bison build-essential libssl-dev libyaml-dev libreadline6-dev zlib1g-dev libncurses5-dev libffi-dev libgdbm3 libgdbm-dev \
`# ffmpeg from backports ` \
ffmpeg \
`# Yarn ` \
yarn
#================================================= #=================================================
# RESTORE THE PostgreSQL DATABASE # INSTALLING RUBY AND BUNDLER
#================================================= #=================================================
# Restore PostgreSQL database ynh_install_ruby --ruby_version=2.6.0
db_user=$(ynh_sanitize_dbid "$app") /opt/rbenv/versions/2.6.0/bin/gem update --system
db_name=$(ynh_app_setting_get "$app" db_name)
if [ -z "$db_name" ]; then #=================================================
db_name="${app}_production" # RESTORE THE POSTGRESQL DATABASE
ynh_app_setting_set "$app" db_name "$db_name" #=================================================
fi ynh_print_info "Restoring the PostgreSQL database..."
db_pwd=$(ynh_app_setting_get "$app" db_pwd) db_pwd=$(ynh_app_setting_get "$app" db_pwd)
ynh_psql_test_if_first_run ynh_psql_test_if_first_run
ynh_psql_setup_db "$db_user" "$db_name" "$db_pwd" ynh_psql_create_user "$app" "$db_pwd"
ynh_psql_execute_as_root \
"CREATE DATABASE $db_name ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' template=template0 OWNER $app;"
ynh_psql_execute_file_as_root ./db.sql "$db_name" ynh_psql_execute_file_as_root ./db.sql "$db_name"
#=================================================
# RESTORE SYSTEMD
#=================================================
ynh_print_info "Restoring the systemd configuration..."
ynh_restore_file "/etc/systemd/system/$app-web.service"
ynh_restore_file "/etc/systemd/system/$app-sidekiq.service"
ynh_restore_file "/etc/systemd/system/$app-streaming.service"
systemctl enable "$app-web" "$app-sidekiq" "$app-streaming"
#================================================= #=================================================
# ADVERTISE SERVICE IN ADMIN PANEL # ADVERTISE SERVICE IN ADMIN PANEL
#================================================= #=================================================
@ -144,19 +139,31 @@ yunohost service add $app-sidekiq
yunohost service add $app-streaming yunohost service add $app-streaming
#================================================= #=================================================
# RESTORE SYSTEMD # RESTORE THE CRON FILE
#================================================= #=================================================
ynh_restore_file "/etc/systemd/system/$app-web.service" ynh_restore_file "/etc/cron.d/$app"
ynh_restore_file "/etc/systemd/system/$app-sidekiq.service"
ynh_restore_file "/etc/systemd/system/$app-streaming.service"
systemctl enable "$app-web" "$app-sidekiq" "$app-streaming"
#================================================= #=================================================
# GENERIC FINALIZATION # GENERIC FINALIZATION
#================================================= #=================================================
# RELOAD NGINX AND PHP-FPM # START MASTODON SERVICES
#=================================================
ynh_print_info "Starting Mastodon services..."
ynh_systemd_action --action=start --service_name=${app}-web --line_match="Listening on tcp" --log_path=systemd
ynh_systemd_action --action=start --service_name=${app}-sidekiq --line_match="Starting processing" --log_path=systemd
ynh_systemd_action --action=start --service_name=${app}-streaming --line_match="Worker 1 now listening" --log_path=systemd
#=================================================
# RELOAD NGINX
#=================================================
ynh_print_info "Reloading nginx web server..."
systemctl reload nginx
#=================================================
# END OF SCRIPT
#================================================= #=================================================
systemctl restart "$app-web" "$app-sidekiq" "$app-streaming" ynh_print_info "Restoration completed for $app"
systemctl reload nginx

333
scripts/upgrade
View file

@ -7,39 +7,52 @@
#================================================= #=================================================
source _common.sh source _common.sh
source ynh_install_ruby
source ynh_add_secure_repos__3
source ynh_systemd_action
source /usr/share/yunohost/helpers source /usr/share/yunohost/helpers
#================================================= #=================================================
# LOAD SETTINGS # LOAD SETTINGS
#================================================= #=================================================
ynh_print_info "Loading installation settings..."
# See comments in install script
app=$YNH_APP_INSTANCE_NAME app=$YNH_APP_INSTANCE_NAME
db_name=$(ynh_app_setting_get "$app" db_name)
db_pwd=$(ynh_app_setting_get "$app" db_pwd)
# Retrieve app settings domain=$(ynh_app_setting_get $app domain)
domain=$(ynh_app_setting_get "$app" domain) path_url=$(ynh_app_setting_get $app path)
path=$(ynh_app_setting_get "$app" path) admin=$(ynh_app_setting_get $app admin)
admin=$(ynh_app_setting_get "$app" admin) is_public=$(ynh_app_setting_get $app is_public)
language=$(ynh_app_setting_get "$app" language) final_path=$(ynh_app_setting_get $app final_path)
final_path=$(ynh_app_setting_get "$app" final_path) language=$(ynh_app_setting_get $app language)
path_url="/" db_name=$(ynh_app_setting_get $app db_name)
db_pwd=$(ynh_app_setting_get $app db_pwd)
admin_mail=$(ynh_user_get_info $admin 'mail')
port_web=$(ynh_app_setting_get "$app" port_web)
port_stream=$(ynh_app_setting_get "$app" port_stream)
paperclip_secret=$(ynh_app_setting_get "$app" paperclip_secret)
secret_key_base=$(ynh_app_setting_get "$app" secret_key_base)
otp_secret=$(ynh_app_setting_get "$app" otp_secret)
vapid_private_key=$(ynh_app_setting_get "$app" vapid_private_key)
vapid_public_key=$(ynh_app_setting_get "$app" vapid_public_key)
#================================================= #=================================================
# ENSURE DOWNWARD COMPATIBILITY # ENSURE DOWNWARD COMPATIBILITY
#================================================= #=================================================
ynh_print_info "Ensuring downward compatibility..."
# If db_name doesn't exist, create it # If db_name doesn't exist, create it
if [ -z "$db_name" ]; then if [ -z $db_name ]; then
db_name="${app}_production" db_name="${app}_production"
ynh_app_setting_set "$app" db_name "$db_name" ynh_app_setting_set $app db_name $db_name
fi fi
# If final_path doesn't exist, create it # If final_path doesn't exist, create it
if [ -z "$final_path" ]; then if [ -z $final_path ]; then
final_path=/var/www/$app final_path=/var/www/$app
ynh_app_setting_set "$app" final_path "$final_path" ynh_app_setting_set $app final_path $final_path
fi fi
# Check if admin is not null # Check if admin is not null
@ -48,22 +61,51 @@ if [[ "$admin" = "" || "$language" = "" ]]; then
ynh_die ynh_die
fi fi
# If db_pwd doesn't exist, create it # If db_pwd doesn't exist, create it, need for old install
if [[ -z "$db_pwd" ]]; then if [[ -z "$db_pwd" ]]; then
db_pwd=$(ynh_string_random) db_pwd=$(ynh_string_random)
ynh_app_setting_set $app db_pwd $db_pwd ynh_app_setting_set $app db_pwd $db_pwd
ynh_psql_test_if_first_run ynh_psql_test_if_first_run
sudo --login --user=postgres psql -c"ALTER user $app WITH PASSWORD '$db_pwd'" postgres sudo --login --user=postgres psql -c"ALTER user $app WITH PASSWORD '$db_pwd'" postgres
sed -i "s@DB_PASS=@DB_PASS=${db_pwd}@g" "${final_path}/live/.env.production" ynh_replace_string "DB_PASS=" "DB_PASS=${db_pwd}" "${final_path}/live/.env.production"
fi
# If paperclip_secret doesn't exist, retrieve it or create it
if [[ -z "$paperclip_secret" ]]; then
paperclip_secret=$(grep -oP "PAPERCLIP_SECRET=\K\w+" test)
if [[ -z "$paperclip_secret" ]]; then
paperclip_secret=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128)
fi
ynh_app_setting_set "$app" paperclip_secret "$paperclip_secret"
fi
# If secret_key_base doesn't exist, retrieve it or create it
if [[ -z "$secret_key_base" ]]; then
secret_key_base=$(grep -oP "SECRET_KEY_BASE=\K\w+" test)
if [[ -z "$secret_key_base" ]]; then
secret_key_base=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128)
fi
ynh_app_setting_set "$app" secret_key_base "$secret_key_base"
fi
# If otp_secret doesn't exist, retrieve it or create it
if [[ -z "$otp_secret" ]]; then
otp_secret=$(grep -oP "OTP_SECRET=\K\w+" test)
if [[ -z "$otp_secret" ]]; then
otp_secret=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128)
fi
ynh_app_setting_set "$app" otp_secret "$otp_secret"
fi fi
#================================================= #=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#================================================= #=================================================
ynh_print_info "Backing up the app before upgrading (may take a while)..."
# Backup the current version of the app # Backup the current version of the app
ynh_backup_before_upgrade ynh_backup_before_upgrade
ynh_clean_setup () { ynh_clean_setup () {
ynh_clean_check_starting
# restore it if the upgrade fails # restore it if the upgrade fails
ynh_restore_upgradebackup ynh_restore_upgradebackup
} }
@ -71,143 +113,198 @@ ynh_clean_setup () {
ynh_abort_if_errors ynh_abort_if_errors
#================================================= #=================================================
# Remove repo Files # CHECK THE PATH
#================================================= #=================================================
if [ "$(lsb_release --codename --short)" == "jessie" ]; then # Normalize the URL path syntax
echo "deb http://httpredir.debian.org/debian jessie-backports main" | tee /etc/apt/sources.list.d/jessie-backports.list path_url=$(ynh_normalize_url_path $path_url)
ynh_secure_remove /etc/apt/sources.list.d/backports.list
fi
# Add yarn repo
echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list
#=================================================
# INSTALL DEPENDENCIES
#=================================================
# upgrade Node.js to v8
# TODO: use https://github.com/YunoHost-Apps/Experimental_helpers/blob/master/ynh_install_nodejs/ynh_install_nodejs
pushd /opt
curl -sL https://deb.nodesource.com/setup_8.x | sudo bash -
sudo apt-get -y install nodejs
popd
# add additional package for upgrade
ynh_package_install pkg-config libprotobuf-dev protobuf-compiler libicu-dev libidn11-dev postgresql-server-dev-all
#================================================= #=================================================
# STANDARD UPGRADE STEPS # STANDARD UPGRADE STEPS
#================================================= #=================================================
# STOP MASTODON SERVICES
#=================================================
ynh_print_info "Stopping Mastodon services..."
# Change owner of live folder ynh_systemd_action --action=stop --service_name=${app}-web --line_match="Stopped" --log_path=systemd
chown -R $app: $final_path/live ynh_systemd_action --action=stop --service_name=${app}-sidekiq --line_match="Stopped" --log_path=systemd
ynh_systemd_action --action=stop --service_name=${app}-streaming --line_match="Stopped" --log_path=systemd
# Stop Mastodon Services #=================================================
#yunohost service stop "$app-web" # DOWNLOAD, CHECK AND UNPACK SOURCE
#yunohost service stop "$app-sidekiq" #=================================================
#yunohost service stop "$app-streaming" ynh_print_info "Upgrading source files..."
# Download Mastodon # Download Mastodon
ynh_setup_source "$final_path/live" "app-mastodon" mv "$final_path/live" "$final_path/live_back"
ynh_setup_source "$final_path/live"
if [ -z $final_path/live_back/public/system ]; then
rsync -a "$final_path/live_back/public/system" "$final_path/live_back/public/."
fi
rsync -a "$final_path/live_back/.env.production" "$final_path/live/."
rm -Rf "$final_path/live_back"
# Clean un-need Files # Clean files which are not needed anymore
ynh_secure_remove $final_path/live/config/initializers/timeout.rb ynh_secure_remove $final_path/live/config/initializers/timeout.rb
#================================================= #=================================================
# NGINX CONFIGURATION # NGINX CONFIGURATION
#================================================= #=================================================
ynh_print_info "Upgrading nginx web server configuration..."
# TODO: use official helper ynh_add_nginx_config ynh_replace_string "__PORT_WEB__" "$port_web" "../conf/nginx.conf"
# Modify Nginx configuration file and copy it to Nginx conf directory ynh_replace_string "__PORT_STREAM__" "$port_stream" "../conf/nginx.conf"
sed -i "s@__PATH__@$app@g" ../conf/nginx.conf* ynh_add_nginx_config
sed -i "s@__FINALPATH__@$final_path@g" ../conf/nginx.conf*
cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf
# Upgrade rbenv and ruby plugins #=================================================
ynh_setup_source "$final_path/.rbenv" "app-rbenv" # UPGRADE DEPENDENCIES
ynh_setup_source "$final_path/.rbenv/plugins/ruby-build" "app-ruby-build" #=================================================
ynh_print_info "Upgrading dependencies..."
# Install ruby 2.5.1 # Install extra_repo debian package backports & yarn
(
exec_as "$app" $final_path/.rbenv/bin/rbenv install -s 2.5.1 || true
exec_as "$app" $final_path/.rbenv/bin/rbenv global 2.5.1 || true
exec_as "$app" $final_path/.rbenv/versions/2.5.1/bin/ruby -v
)
# Create symlink for ruby
rm /usr/bin/ruby || true
ln -s $final_path/.rbenv/versions/2.5.1/bin/ruby /usr/bin/ruby || true
# Preconfig CSS & JS
# Install Mastodon
(
sudo su - $app <<MCOMMANDS
pushd ~/live
$final_path/.rbenv/versions/2.5.1/bin/gem install bundler
if [ "$(lsb_release --codename --short)" == "jessie" ]; then if [ "$(lsb_release --codename --short)" == "jessie" ]; then
$final_path/.rbenv/versions/2.5.1/bin/bundle install --deployment --without development test ynh_install_extra_repo --repo="deb http://httpredir.debian.org/debian jessie-backports main" --append
else
$final_path/.rbenv/versions/2.5.1/bin/bundle install --deployment --force --without development test
fi fi
yarn install --pure-lockfile ynh_install_extra_repo --repo="deb https://dl.yarnpkg.com/debian/ stable main" --key="https://dl.yarnpkg.com/debian/pubkey.gpg" --append
MCOMMANDS
)
# Install package with yarn and restart postgresql # Install nodejs
pushd $final_path/live ynh_install_nodejs 8
yarn install --pure-lockfile
systemctl restart postgresql # TODO: use the same mecanism with other files
ynh_install_app_dependencies $pkg_dependencies
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_print_info "Making sure dedicated system user exists..."
# Create a dedicated user (if not existing)
ynh_system_user_create $app
#=================================================
# SPECIFIC UPGRADE
#=================================================
# INSTALLING RUBY AND BUNDLER
#=================================================
ynh_install_ruby --ruby_version=2.6.0
/opt/rbenv/versions/2.6.0/bin/gem update --system
#/opt/rbenv/versions/2.6.0/bin/gem install bundler
#=================================================
# MODIFY A CONFIG FILE
#=================================================
cp -f ../conf/.env.production.sample "$final_path/live/.env.production"
ynh_replace_string "__DB_USER__" "$app" "$final_path/live/.env.production"
ynh_replace_string "__DB_NAME__" "$db_name" "$final_path/live/.env.production"
ynh_replace_string "__DB_PWD__" "$db_pwd" "$final_path/live/.env.production"
ynh_replace_string "__DOMAIN__" "$domain" "$final_path/live/.env.production"
ynh_replace_string "__SMTP_FROM_ADDRESS__" "$admin_mail" "${final_path}/live/.env.production"
language="$(echo $language | head -c 2)"
ynh_replace_string "__LANGUAGE__" "$language" "$final_path/live/.env.production"
ynh_replace_string "PAPERCLIP_SECRET=" "PAPERCLIP_SECRET=$paperclip_secret" "${final_path}/live/.env.production"
ynh_replace_string "__SECRET_KEY_BASE__" "$secret_key_base" "$final_path/live/.env.production"
ynh_replace_string "__OTP_SECRET__" "$otp_secret" "$final_path/live/.env.production"
#=================================================
# UPGRADE MASTODON
#=================================================
ynh_print_info "Upgrading Mastodon..."
chown -R "$app": "$final_path"
pushd "$final_path/live"
ynh_use_nodejs
if [ "$(lsb_release --codename --short)" == "jessie" ]; then
sudo -u "$app" env PATH=$PATH /opt/rbenv/versions/2.6.0/bin/bundle install --deployment --without development test
else
sudo -u "$app" env PATH=$PATH /opt/rbenv/versions/2.6.0/bin/bundle install --deployment --force --without development test
fi
sudo -u "$app" env PATH=$PATH yarn install --pure-lockfile
sudo -u "$app" env PATH=$PATH RAILS_ENV=production /opt/rbenv/versions/2.6.0/bin/bundle exec rails assets:clean
sudo -u "$app" env PATH=$PATH RAILS_ENV=production /opt/rbenv/versions/2.6.0/bin/bundle exec rails assets:precompile
sudo -u "$app" env PATH=$PATH RAILS_ENV=production /opt/rbenv/versions/2.6.0/bin/bundle exec rails db:migrate
popd popd
# Apply Mastodon upgrade # If vapid_private_key doesn't exist, retrieve it or create it
( if [[ -z "$vapid_private_key" ]]; then
pushd $final_path/live sudo -u "$app" env PATH=$PATH RAILS_ENV=production /opt/rbenv/versions/2.6.0/bin/bundle exec rake mastodon:webpush:generate_vapid_key > key.txt
RAILS_ENV=production $final_path/.rbenv/versions/2.5.1/bin/bundle exec rails assets:clean vapid_private_key=$(grep -oP "VAPID_PRIVATE_KEY=\K\w+" "$final_path/live/key.txt")
RAILS_ENV=production $final_path/.rbenv/versions/2.5.1/bin/bundle exec rails assets:precompile vapid_public_key=$(grep -oP "VAPID_PUBLIC_KEY=\K\w+" "$final_path/live/key.txt")
popd ynh_app_setting_set "$app" vapid_private_key "$vapid_private_key"
ynh_app_setting_set "$app" vapid_public_key "$vapid_public_key"
ynh_secure_remove "$final_path/live/key.txt"
fi
sudo su - $app <<COMMANDS # Recalculate and store the checksum of the file for the next upgrade.
pushd ~/live ynh_store_file_checksum "${final_path}/live/.env.production"
SKIP_POST_DEPLOYMENT_MIGRATIONS=true RAILS_ENV=production $final_path/.rbenv/versions/2.5.1/bin/bundle exec rails db:migrate
COMMANDS
)
#=================================================
# RESTART MASTODON
#=================================================
yunohost service stop "$app-web"
yunohost service stop "$app-sidekiq"
yunohost service stop "$app-streaming"
yunohost service start "$app-web"
yunohost service start "$app-sidekiq"
yunohost service start "$app-streaming"
# Waiting start all services
sleep 30
#=================================================
# DB:Migrate after restart 2.5.0
#=================================================
sudo su - $app <<COMMANDS
pushd ~/live
RAILS_ENV=production $final_path/.rbenv/versions/2.5.1/bin/bundle exec rails db:migrate
COMMANDS
#================================================= #=================================================
# RELOAD NGINX # SETUP CRON JOB FOR REMOVING CACHE
#=================================================
ynh_print_info "Setuping a cron job for removing cache..."
ynh_replace_string "__FINAL_PATH__" "$final_path" ../conf/cron
ynh_replace_string "__USER__" "$app" ../conf/cron
sudo cp -f ../conf/cron /etc/cron.d/$app
#=================================================
# SETUP SYSTEMD
#=================================================
ynh_print_info "Upgrading systemd configuration..."
# Create a dedicated systemd config
ynh_replace_string "__PORT_WEB__" "$port_web" "../conf/mastodon-web.service"
ynh_replace_string "__PORT_STREAM__" "$port_stream" "../conf/mastodon-streaming.service"
ynh_replace_string "__NODEJS_PATH__" "$nodejs_path" "../conf/mastodon-streaming.service"
ynh_add_systemd_config "$app-web" "mastodon-web.service"
ynh_add_systemd_config "$app-sidekiq" "mastodon-sidekiq.service"
ynh_add_systemd_config "$app-streaming" "mastodon-streaming.service"
#=================================================
# START MASTODON SERVICES
#=================================================
ynh_print_info "Starting Mastodon services..."
ynh_systemd_action --action=start --service_name=${app}-web --line_match="Listening on tcp" --log_path=systemd
ynh_systemd_action --action=start --service_name=${app}-sidekiq --line_match="Starting processing" --log_path=systemd
ynh_systemd_action --action=start --service_name=${app}-streaming --line_match="Worker 1 now listening" --log_path=systemd
#=================================================
# GENERIC FINALIZATION
#=================================================
# SECURE FILES AND DIRECTORIES
#================================================= #=================================================
systemctl reload nginx # Set permissions on app files
chown -R $app: $final_path
#================================================= #=================================================
# SETUP SSOWAT # SETUP SSOWAT
#================================================= #=================================================
ynh_print_info "Upgrading SSOwat configuration..."
ynh_app_setting_set "$app" unprotected_uris "/" # Make app public if necessary
if [ $is_public -eq 1 ]
then
# unprotected_uris allows SSO credentials to be passed anyway
ynh_app_setting_set $app unprotected_uris "/"
fi
#================================================= #=================================================
# RELOAD ssowatconf # RELOAD NGINX
#=================================================
ynh_print_info "Reloading nginx web server..."
systemctl reload nginx
#=================================================
# END OF SCRIPT
#================================================= #=================================================
sudo yunohost app ssowatconf ynh_print_info "Upgrade of $app completed"

294
scripts/ynh_add_secure_repos__3 Normal file
View file

@ -0,0 +1,294 @@
#!/bin/bash
# Pin a repository.
#
# usage: ynh_pin_repo --package=packages --pin=pin_filter [--priority=priority_value] [--name=name] [--append]
# | arg: -p, --package - Packages concerned by the pin. Or all, *.
# | arg: -i, --pin - Filter for the pin.
# | arg: -p, --priority - Priority for the pin
# | arg: -n, --name - Name for the files for this repo, $app as default value.
# | arg: -a, --append - Do not overwrite existing files.
#
# See https://manpages.debian.org/stretch/apt/apt_preferences.5.en.html for information about pinning.
#
ynh_pin_repo () {
# Declare an array to define the options of this helper.
local legacy_args=pirna
declare -Ar args_array=( [p]=package= [i]=pin= [r]=priority= [n]=name= [a]=append )
local package
local pin
local priority
local name
local append
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
package="${package:-*}"
priority=${priority:-50}
name="${name:-$app}"
append=${append:-0}
if [ $append -eq 1 ]
then
append="tee -a"
else
append="tee"
fi
mkdir -p "/etc/apt/preferences.d"
echo "Package: $package
Pin: $pin
Pin-Priority: $priority" \
| $append "/etc/apt/preferences.d/$name"
}
# Add a repository.
#
# usage: ynh_add_repo --uri=uri --suite=suite --component=component [--name=name] [--append]
# | arg: -u, --uri - Uri of the repository.
# | arg: -s, --suite - Suite of the repository.
# | arg: -c, --component - Component of the repository.
# | arg: -n, --name - Name for the files for this repo, $app as default value.
# | arg: -a, --append - Do not overwrite existing files.
#
# Example for a repo like deb http://forge.yunohost.org/debian/ stretch stable
# uri suite component
# ynh_add_repo --uri=http://forge.yunohost.org/debian/ --suite=stretch --component=stable
#
ynh_add_repo () {
# Declare an array to define the options of this helper.
local legacy_args=uscna
declare -Ar args_array=( [u]=uri= [s]=suite= [c]=component= [n]=name= [a]=append )
local uri
local suite
local component
local name
local append
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
name="${name:-$app}"
append=${append:-0}
if [ $append -eq 1 ]
then
append="tee -a"
else
append="tee"
fi
mkdir -p "/etc/apt/sources.list.d"
# Add the new repo in sources.list.d
echo "deb $uri $suite $component" \
| $append "/etc/apt/sources.list.d/$name.list"
}
# Add an extra repository correctly, pin it and get the key.
#
# usage: ynh_install_extra_repo --repo="repo" [--key=key_url] [--priority=priority_value] [--name=name] [--append]
# | arg: -r, --repo - Complete url of the extra repository.
# | arg: -k, --key - url to get the public key.
# | arg: -p, --priority - Priority for the pin
# | arg: -n, --name - Name for the files for this repo, $app as default value.
# | arg: -a, --append - Do not overwrite existing files.
ynh_install_extra_repo () {
# Declare an array to define the options of this helper.
local legacy_args=rkpna
declare -Ar args_array=( [r]=repo= [k]=key= [p]=priority= [n]=name= [a]=append )
local repo
local key
local priority
local name
local append
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
name="${name:-$app}"
append=${append:-0}
key=${key:-0}
priority=${priority:-}
if [ $append -eq 1 ]
then
append="--append"
wget_append="tee -a"
else
append=""
wget_append="tee"
fi
# Split the repository into uri, suite and components.
# Remove "deb " at the beginning of the repo.
repo="${repo#deb }"
# Get the uri
local uri="$(echo "$repo" | awk '{ print $1 }')"
# Get the suite
local suite="$(echo "$repo" | awk '{ print $2 }')"
# Get the components
local component="${repo##$uri $suite }"
# Add the repository into sources.list.d
ynh_add_repo --uri="$uri" --suite="$suite" --component="$component" --name="$name" $append
# Pin the new repo with the default priority, so it won't be used for upgrades.
# Build $pin from the uri without http and any sub path
local pin="${uri#*://}"
pin="${pin%%/*}"
# Set a priority only if asked
if [ -n "$priority" ]
then
priority="--priority=$priority"
fi
ynh_pin_repo --package="*" --pin="origin \"$pin\"" $priority --name="$name" $append
# Get the public key for the repo
if [ -n "$key" ]
then
mkdir -p "/etc/apt/trusted.gpg.d"
wget -q "$key" -O - | gpg --dearmor | $wget_append /etc/apt/trusted.gpg.d/$name.gpg > /dev/null
fi
# Update the list of package with the new repo
ynh_package_update
}
# Remove an extra repository and the assiociated configuration.
#
# usage: ynh_remove_extra_repo [--name=name]
# | arg: -n, --name - Name for the files for this repo, $app as default value.
ynh_remove_extra_repo () {
# Declare an array to define the options of this helper.
local legacy_args=n
declare -Ar args_array=( [n]=name= )
local name
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
name="${name:-$app}"
ynh_secure_remove "/etc/apt/sources.list.d/$name.list"
ynh_secure_remove "/etc/apt/preferences.d/$name"
ynh_secure_remove "/etc/apt/trusted.gpg.d/$name.gpg"
ynh_secure_remove "/etc/apt/trusted.gpg.d/$name.asc"
# Update the list of package to exclude the old repo
ynh_package_update
}
# Install packages from an extra repository properly.
#
# usage: ynh_install_extra_app_dependencies --repo="repo" --package="dep1 dep2" [--key=key_url] [--name=name]
# | arg: -r, --repo - Complete url of the extra repository.
# | arg: -p, --package - The packages to install from this extra repository
# | arg: -k, --key - url to get the public key.
# | arg: -n, --name - Name for the files for this repo, $app as default value.
ynh_install_extra_app_dependencies () {
# Declare an array to define the options of this helper.
local legacy_args=rpkn
declare -Ar args_array=( [r]=repo= [p]=package= [k]=key= [n]=name= )
local repo
local package
local key
local name
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
name="${name:-$app}"
key=${key:-0}
# Set a key only if asked
if [ -n "$key" ]
then
key="--key=$key"
fi
# Add an extra repository for those packages
ynh_install_extra_repo --repo="$repo" $key --priority=995 --name=$name
# Install requested dependencies from this extra repository.
ynh_add_app_dependencies --package="$package"
# Remove this extra repository after packages are installed
ynh_remove_extra_repo --name=$app
}
#=================================================
# patched version of ynh_install_app_dependencies to be used with ynh_add_app_dependencies
# Define and install dependencies with a equivs control file
# This helper can/should only be called once per app
#
# usage: ynh_install_app_dependencies dep [dep [...]]
# | arg: dep - the package name to install in dependence
# You can give a choice between some package with this syntax : "dep1|dep2"
# Example : ynh_install_app_dependencies dep1 dep2 "dep3|dep4|dep5"
# This mean in the dependence tree : dep1 & dep2 & (dep3 | dep4 | dep5)
#
# Requires YunoHost version 2.6.4 or higher.
ynh_install_app_dependencies () {
local dependencies=$@
dependencies="$(echo "$dependencies" | sed 's/\([^\<=\>]\)\ \([^(]\)/\1, \2/g')"
dependencies=${dependencies//|/ | }
local manifest_path="../manifest.json"
if [ ! -e "$manifest_path" ]; then
manifest_path="../settings/manifest.json" # Into the restore script, the manifest is not at the same place
fi
local version=$(grep '\"version\": ' "$manifest_path" | cut -d '"' -f 4) # Retrieve the version number in the manifest file.
if [ ${#version} -eq 0 ]; then
version="1.0"
fi
local dep_app=${app//_/-} # Replace all '_' by '-'
# Handle specific versions
if [[ "$dependencies" =~ [\<=\>] ]]
then
# Replace version specifications by relationships syntax
# https://www.debian.org/doc/debian-policy/ch-relationships.html
# Sed clarification
# [^(\<=\>] ignore if it begins by ( or < = >. To not apply twice.
# [\<=\>] matches < = or >
# \+ matches one or more occurence of the previous characters, for >= or >>.
# [^,]\+ matches all characters except ','
# Ex: package>=1.0 will be replaced by package (>= 1.0)
dependencies="$(echo "$dependencies" | sed 's/\([^(\<=\>]\)\([\<=\>]\+\)\([^,]\+\)/\1 (\2 \3)/g')"
fi
cat > /tmp/${dep_app}-ynh-deps.control << EOF # Make a control file for equivs-build
Section: misc
Priority: optional
Package: ${dep_app}-ynh-deps
Version: ${version}
Depends: ${dependencies}
Architecture: all
Description: Fake package for $app (YunoHost app) dependencies
This meta-package is only responsible of installing its dependencies.
EOF
ynh_package_install_from_equivs /tmp/${dep_app}-ynh-deps.control \
|| ynh_die --message="Unable to install dependencies" # Install the fake package and its dependencies
rm /tmp/${dep_app}-ynh-deps.control
ynh_app_setting_set --app=$app --key=apt_dependencies --value="$dependencies"
}
ynh_add_app_dependencies () {
# Declare an array to define the options of this helper.
local legacy_args=pr
declare -Ar args_array=( [p]=package= [r]=replace)
local package
local replace
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
replace=${replace:-0}
local current_dependencies=""
if [ $replace -eq 0 ]
then
local dep_app=${app//_/-} # Replace all '_' by '-'
if ynh_package_is_installed --package="${dep_app}-ynh-deps"
then
current_dependencies="$(dpkg-query --show --showformat='${Depends}' ${dep_app}-ynh-deps) "
fi
current_dependencies=${current_dependencies// | /|}
fi
ynh_install_app_dependencies "${current_dependencies}${package}"
}

140
scripts/ynh_install_ruby Normal file
View file

@ -0,0 +1,140 @@
#!/bin/bash
# Need also the helper https://github.com/YunoHost-Apps/Experimental_helpers/blob/master/ynh_handle_getopts_args/ynh_handle_getopts_args
rbenv_install_dir="/opt/rbenv"
# RBENV_ROOT is the directory of rbenv, it needs to be loaded as a environment variable.
export RBENV_ROOT="$rbenv_install_dir"
# Install ruby version management
#
# [internal]
#
# usage: ynh_install_rbenv
ynh_install_rbenv () {
echo "Installation of rbenv - ruby version management" >&2
# Build an app.src for rbenv
mkdir -p "../conf"
echo "SOURCE_URL=https://github.com/rbenv/rbenv/archive/v1.1.1.tar.gz
SOURCE_SUM=41f1a60714c55eceb21d692a469aee1ec4f46bba351d0dfcb0c660ff9cf1a1c9" > "../conf/rbenv.src"
# Download and extract rbenv
ynh_setup_source "$rbenv_install_dir" rbenv
# Build an app.src for ruby-build
mkdir -p "../conf"
echo "SOURCE_URL=https://github.com/rbenv/ruby-build/archive/v20190314.tar.gz
SOURCE_SUM=2cc0f9fdb232042e71edad93a5c3ae108bcd090ea0b6db4e5bb6325547e07968" > "../conf/ruby-build.src"
# Download and extract ruby-build
ynh_setup_source "$rbenv_install_dir/plugins/ruby-build" ruby-build
(cd $rbenv_install_dir
./src/configure && make -C src)
# Create shims directory if needed
if [ ! -d $rbenv_install_dir/shims ] ; then
mkdir $rbenv_install_dir/shims
fi
}
# Install a specific version of ruby
#
# ynh_install_ruby will install the version of ruby provided as argument by using rbenv.
#
# rbenv (ruby version management) stores the target ruby version in a .ruby_version file created in the target folder (using rbenv local <version>)
# It then uses that information for every ruby user that uses rbenv provided ruby command
#
# This helper creates a /etc/profile.d/rbenv.sh that configures PATH environment for rbenv
# for every LOGIN user, hence your user must have a defined shell (as opposed to /usr/sbin/nologin)
#
# Don't forget to execute ruby-dependent command in a login environment
# (e.g. sudo --login option)
# When not possible (e.g. in systemd service definition), please use direct path
# to rbenv shims (e.g. $RBENV_ROOT/shims/bundle)
#
# usage: ynh_install_ruby ruby_version user
# | arg: -v, --ruby_version= - Version of ruby to install.
# If possible, prefer to use major version number (e.g. 8 instead of 8.10.0).
# The crontab will handle the update of minor versions when needed.
ynh_install_ruby () {
# Declare an array to define the options of this helper.
declare -Ar args_array=( [v]=ruby_version= )
# Use rbenv, https://github.com/rbenv/rbenv to manage the ruby versions
local ruby_version
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
# Create $rbenv_install_dir
mkdir -p "$rbenv_install_dir/plugins/ruby-build"
# Load rbenv path in PATH
CLEAR_PATH="$rbenv_install_dir/bin:$PATH"
# Remove /usr/local/bin in PATH in case of ruby prior installation
PATH=$(echo $CLEAR_PATH | sed 's@/usr/local/bin:@@')
# Move an existing ruby binary, to avoid to block rbenv
test -x /usr/bin/ruby && mv /usr/bin/ruby /usr/bin/ruby_rbenv
# If rbenv is not previously setup, install it
if ! type rbenv > /dev/null 2>&1
then
ynh_install_rbenv
fi
# Restore /usr/local/bin in PATH (if needed)
PATH=$CLEAR_PATH
# And replace the old ruby binary
test -x /usr/bin/ruby_rbenv && mv /usr/bin/ruby_rbenv /usr/bin/ruby
# Install the requested version of ruby
CONFIGURE_OPTS="--disable-install-doc" MAKE_OPTS="-j2" rbenv install --skip-existing $ruby_version
# Store the ID of this app and the version of ruby requested for it
echo "$YNH_APP_ID:$ruby_version" | tee --append "$rbenv_install_dir/ynh_app_version"
# Store ruby_version into the config of this app
ynh_app_setting_set $app ruby_version $ruby_version
# Set environment for ruby users
echo "#rbenv
export RBENV_ROOT=$rbenv_install_dir
export PATH=\"$rbenv_install_dir/bin:$PATH\"
eval \"\$(rbenv init -)\"
#rbenv" > /etc/profile.d/rbenv.sh
# Load the right environment for the Installation
eval "$(rbenv init -)"
(cd $final_path
rbenv local $ruby_version)
}
# Remove the version of ruby used by the app.
#
# This helper will check if another app uses the same version of ruby,
# if not, this version of ruby will be removed.
# If no other app uses ruby, rbenv will be also removed.
#
# usage: ynh_remove_ruby
ynh_remove_ruby () {
ruby_version=$(ynh_app_setting_get $app ruby_version)
# Remove the line for this app
sed --in-place "/$YNH_APP_ID:$ruby_version/d" "$rbenv_install_dir/ynh_app_version"
# If no other app uses this version of ruby, remove it.
if ! grep --quiet "$ruby_version" "$rbenv_install_dir/ynh_app_version"
then
$rbenv_install_dir/bin/rbenv uninstall --force $ruby_version
fi
# Remove rbenv environment configuration
rm /etc/profile.d/rbenv.sh
# If no other app uses rbenv, remove rbenv and dedicated group
if [ ! -s "$rbenv_install_dir/ynh_app_version" ]
then
ynh_secure_remove "$rbenv_install_dir"
fi
}

89
scripts/ynh_systemd_action Normal file
View file

@ -0,0 +1,89 @@
#!/bin/bash
# Start (or other actions) a service, print a log in case of failure and optionnaly wait until the service is completely started
#
# usage: ynh_systemd_action [-n service_name] [-a action] [ [-l "line to match"] [-p log_path] [-t timeout] [-e length] ]
# | arg: -n, --service_name= - Name of the service to reload. Default : $app
# | arg: -a, --action= - Action to perform with systemctl. Default: start
# | arg: -l, --line_match= - Line to match - The line to find in the log to attest the service have finished to boot.
# If not defined it don't wait until the service is completely started.
# | arg: -p, --log_path= - Log file - Path to the log file. Default : /var/log/$app/$app.log
# | arg: -t, --timeout= - Timeout - The maximum time to wait before ending the watching. Default : 300 seconds.
# | arg: -e, --length= - Length of the error log : Default : 20
ynh_systemd_action() {
# Declare an array to define the options of this helper.
declare -Ar args_array=( [n]=service_name= [a]=action= [l]=line_match= [p]=log_path= [t]=timeout= [e]=length= )
local service_name
local action
local line_match
local length
local log_path
local timeout
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
local service_name="${service_name:-$app}"
local action=${action:-start}
local log_path="${log_path:-/var/log/$service_name/$service_name.log}"
local length=${length:-20}
local timeout=${timeout:-300}
# Start to read the log
if [[ -n "${line_match:-}" ]]
then
local templog="$(mktemp)"
# Following the starting of the app in its log
if [ "$log_path" == "systemd" ] ; then
# Read the systemd journal
journalctl -u $service_name -f --since=-45 > "$templog" &
else
# Read the specified log file
tail -F -n0 "$log_path" > "$templog" &
fi
# Get the PID of the tail command
local pid_tail=$!
fi
echo "${action^} the service $service_name" >&2
systemctl $action $service_name \
|| ( journalctl --lines=$length -u $service_name >&2 \
; test -n "$log_path" && echo "--" && tail --lines=$length "$log_path" >&2 \
; false )
# Start the timeout and try to find line_match
if [[ -n "${line_match:-}" ]]
then
local i=0
for i in $(seq 1 $timeout)
do
# Read the log until the sentence is found, that means the app finished to start. Or run until the timeout
if grep --quiet "$line_match" "$templog"
then
echo "The service $service_name has correctly started." >&2
break
fi
echo -n "." >&2
sleep 1
done
if [ $i -eq $timeout ]
then
echo "The service $service_name didn't fully started before the timeout." >&2
journalctl --lines=$length -u $service_name >&2
test -n "$log_path" && echo "--" && tail --lines=$length "$log_path" >&2
fi
echo ""
ynh_clean_check_starting
fi
}
# Clean temporary process and file used by ynh_check_starting
# (usually used in ynh_clean_setup scripts)
#
# usage: ynh_clean_check_starting
ynh_clean_check_starting () {
# Stop the execution of tail.
kill -s 15 $pid_tail 2>&1
ynh_secure_remove "$templog" 2>&1
}