YunoHost-Apps/glitchsoc_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/glitchsoc_ynh.git synced 2024-09-03 19:15:59 +02:00
Code Issues Activity Actions 1

Merge branch 'develop'

Browse source
This commit is contained in:
yalh76 2019-05-10 02:00:48 +02:00
commit 2987ccf8b3
25 changed files with 1736 additions and 817 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

104
README.md
View file

@ -1,72 +1,30 @@
# Mastodon for YunoHost
[![Latest Version](https://img.shields.io/badge/version-2.5.2-green.svg?style=flat)](https://github.com/YunoHost-Apps/mastodon_ynh/releases)
[![Status](https://img.shields.io/badge/status-testing-yellow.svg?style=flat)](https://github.com/YunoHost-Apps/mastodon_ynh/milestones)
[![Dependencies](https://img.shields.io/badge/dependencies-includes-lightgrey.svg?style=flat)](https://github.com/YunoHost-Apps/mastodon_ynh#dependencies)
[![GitHub license](https://img.shields.io/badge/license-GPLv3-blue.svg?style=flat)](https://raw.githubusercontent.com/YunoHost-Apps/mastodon_ynh/master/LICENSE)
[![Yunohost version](https://img.shields.io/badge/yunohost-2.7.12_tested-orange.svg?style=flat)](https://github.com/YunoHost/yunohost)
[![GitHub issues](https://img.shields.io/github/issues/YunoHost-Apps/mastodon_ynh.svg?style=flat)](https://github.com/YunoHost-Apps/mastodon_ynh/issues)
[![Integration level](https://dash.yunohost.org/integration/mastodon.svg)](https://dash.yunohost.org/appci/app/mastodon)
[![Install mastodon with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=mastodon)
[![Install Mastodon with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=mastodon)
*[Lire ce readme en français.](./README_fr.md)*
:warning: MAJ 05/06/17 :Cette application peut maintenant fonctionner sur ARM, mais l'installation prend plusieurs heures et il faut ajouter un swapfile de 1Go.
:warning: Cette application utilise les packages backports de Debian, nous vous recommendons de ne pas installer cette application directement en production
> *This package allow you to install mastodon quickly and simply on a YunoHost server.
If you don't have YunoHost, please see [here](https://yunohost.org/#/install) to know how to install and enjoy it.*
:warning: UPDATE 05/06/17 :This app can work now on ARM, but installation takes several hours and you must add a swapfile of 1GB.
:warning: This application uses the Debian backports packages, do not install this application directly in production
## Mastodon c'est quoi ?
Mastodon est un réseau social gratuit et open source. Une alternative décentralisée aux plates-formes commerciales, elle évite les risques d'une seule société qui monopolise votre communication. Choisissez un serveur sur lequel vous faites confiance - selon votre choix, vous pouvez interagir avec tous les autres. N'importe qui peut exécuter sa propre instance de Mastodon et participer au réseau social de façon transparente.
[Source code](https://github.com/tootsuite/mastodon)
#### Ajout d'un "swapfile" si vous avez moins de 2Go de RAM
```
sudo dd if=/dev/zero of=/swapfile bs=1024 count=1024000
sudo chmod 600 /swapfile
sudo mkswap /swapfile
sudo swapon /swapfile
```
ajouter cette ligne dans /etc/fstab
```
/swapfile none swap sw 0 0
```
### Installation
#### Utilisation de __screen__ en cas de déconnection
```
$ sudo apt-get install screen
$ screen
$ sudo yunohost app install https://github.com/YunoHost-Apps/mastodon_ynh.git
```
Récuperer l'installation après une deconnection:
```
$ screen -d
$ screen -r
```
L'utilisateur admin est crée automatiquement comme: user@domain.tld
### Mise à jour
#### Utilisation de __screen__ fortement recommandé
`$ sudo yunohost app upgrade --verbose mastodon -u https://github.com/YunoHost-Apps/mastodon_ynh.git`
## Recommandations
Vous ne pouvez pas installer Mastodon en subdirectory, vous devez obligatoirement utiliser un domaine ou un sous-domaine pour cette application.
Il semble important de fermer les inscriptions pour votre Mastodon, pour que ça reste une instance privé. Nous vous invitons à bloquer les instances distantes malfaisantes depuis l'interface d'administration. Vous pouvez également ajouter un texte sur votre page d'accueil dans l'administration.
## What is Mastodon?
## Overview
Mastodon is a free, open-source social network. A decentralized alternative to commercial platforms, it avoids the risks of a single company monopolizing your communication. Pick a server that you trust — whichever you choose, you can interact with everyone else. Anyone can run their own Mastodon instance and participate in the social network seamlessly.
**Shipped version:** 2.7.4
## Screenshots
![](https://framalibre.org/sites/default/files/mastodon.png)
[Source code](https://github.com/tootsuite/mastodon)
## Configuration
#### Adding "swapfile" If you have less than 2Go of RAM
```
sudo dd if=/dev/zero of=/swapfile bs=1024 count=1024000
@ -103,3 +61,37 @@ The admin user is automatically created as: user@domain.tld
You can't install Mastodon in subdirectory, you must use a domain or subdomain for this application.
It seems important to close the inscriptions for your Mastodon, so that it remains a private body. We invite you to block remote malicious instances from the administration interface. You can also add text on your home page.
## Documentation
* Official documentation: https://docs.joinmastodon.org/
## YunoHost specific features
#### Supported architectures
* x86-64b - [![Build Status](https://ci-apps.yunohost.org/ci/logs/mastodon%20%28Community%29.svg)](https://ci-apps.yunohost.org/ci/apps/mastodon/)
* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/mastodon%20%28Community%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/mastodon/)
* Jessie x86-64b - [![Build Status](https://ci-stretch.nohost.me/ci/logs/mastodon%20%28Community%29.svg)](https://ci-stretch.nohost.me/ci/apps/mastodon/)
## Links
* Report a bug: https://github.com/YunoHost-Apps/mastodon_ynh/issues
* App website: https://joinmastodon.org/
* Github App website: https://github.com/tootsuite/mastodon
* YunoHost website: https://yunohost.org/
---
Developers info
----------------
**Only if you want to use a testing branch for coding, instead of merging directly into master.**
Please do your pull request to the [testing branch](https://github.com/YunoHost-Apps/mastodon_ynh/tree/testing).
To try the testing branch, please proceed like that.
```
sudo yunohost app install https://github.com/YunoHost-Apps/mastodon_ynh/tree/testing --debug
or
sudo yunohost app upgrade mastodon -u https://github.com/YunoHost-Apps/mastodon_ynh/tree/testing --debug
```

96
README_fr.md Normal file
View file

@ -0,0 +1,96 @@
# Mastodon pour YunoHost
[![Integration level](https://dash.yunohost.org/integration/mastodon.svg)](https://dash.yunohost.org/appci/app/mastodon)
[![Install mastodon with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=mastodon)
*[Read this readme in english.](./README.md)*
> *Ce package vous permet d'installer mastodon rapidement et simplement sur un serveur Yunohost.
Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l'installer et en profiter.*
:warning: MAJ 05/06/17 :Cette application peut maintenant fonctionner sur ARM, mais l'installation prend plusieurs heures et il faut ajouter un swapfile de 1Go.
:warning: Cette application utilise les packages backports de Debian, nous vous recommendons de ne pas installer cette application directement en production
## Vue d'ensemble
Mastodon est un réseau social gratuit et open source. Une alternative décentralisée aux plates-formes commerciales, elle évite les risques d'une seule société qui monopolise votre communication. Choisissez un serveur sur lequel vous faites confiance - selon votre choix, vous pouvez interagir avec tous les autres. N'importe qui peut exécuter sa propre instance de Mastodon et participer au réseau social de façon transparente.
**Version incluse:** 2.7.4
## Captures d'écran
![](https://framalibre.org/sites/default/files/mastodon.png)
## Configuration
#### Ajout d'un "swapfile" si vous avez moins de 2Go de RAM
```
sudo dd if=/dev/zero of=/swapfile bs=1024 count=1024000
sudo chmod 600 /swapfile
sudo mkswap /swapfile
sudo swapon /swapfile
```
ajouter cette ligne dans /etc/fstab
```
/swapfile none swap sw 0 0
```
### Installation
#### Utilisation de __screen__ en cas de déconnection
```
$ sudo apt-get install screen
$ screen
$ sudo yunohost app install https://github.com/YunoHost-Apps/mastodon_ynh.git
```
Récuperer l'installation après une deconnection:
```
$ screen -d
$ screen -r
```
L'utilisateur admin est crée automatiquement comme: user@domain.tld
### Mise à jour
#### Utilisation de __screen__ fortement recommandé
`$ sudo yunohost app upgrade --verbose mastodon -u https://github.com/YunoHost-Apps/mastodon_ynh.git`
## Recommandations
Vous ne pouvez pas installer Mastodon en subdirectory, vous devez obligatoirement utiliser un domaine ou un sous-domaine pour cette application.
Il semble important de fermer les inscriptions pour votre Mastodon, pour que ça reste une instance privé. Nous vous invitons à bloquer les instances distantes malfaisantes depuis l'interface d'administration. Vous pouvez également ajouter un texte sur votre page d'accueil dans l'administration.
## Documentation
* Documentation officielle: https://docs.joinmastodon.org/
## Caractéristiques spécifiques YunoHost
#### Supported architectures
* x86-64b - [![Build Status](https://ci-apps.yunohost.org/ci/logs/mastodon%20%28Community%29.svg)](https://ci-apps.yunohost.org/ci/apps/mastodon/)
* ARMv8-A - [![Build Status](https://ci-apps-arm.yunohost.org/ci/logs/mastodon%20%28Community%29.svg)](https://ci-apps-arm.yunohost.org/ci/apps/mastodon/)
* Jessie x86-64b - [![Build Status](https://ci-stretch.nohost.me/ci/logs/mastodon%20%28Community%29.svg)](https://ci-stretch.nohost.me/ci/apps/mastodon/)
## Links
* Signaler un bug: https://github.com/YunoHost-Apps/mastodon_ynh/issues
* Site de l'application: https://joinmastodon.org/
* Site Github de l'application: https://github.com/tootsuite/mastodon
* Site web YunoHost: https://yunohost.org/
---
Informations pour les développeurs
----------------
**Seulement si vous voulez utiliser une branche de test pour le codage, au lieu de fusionner directement dans la banche principale.**
Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/mastodon_ynh/tree/testing).
Pour essayer la branche testing, procédez comme suit.
```
sudo yunohost app install https://github.com/YunoHost-Apps/mastodon_ynh/tree/testing --debug
ou
sudo yunohost app upgrade mastodon -u https://github.com/YunoHost-Apps/mastodon_ynh/tree/testing --debug
```

15
check_process
View file

@ -3,25 +3,20 @@
; Manifest
domain="domain.tld" (DOMAIN)
admin="john" (USER)
path="/path" (PATH)
passwd="12345678"
language="fr_FR"
; Checks
pkg_linter=1
setup_sub_dir=0
setup_root=1
setup_nourl=0
setup_private=0
setup_public=0
setup_public=1
upgrade=1
backup_restore=1
multi_instance=0
wrong_user=0
wrong_path=0
incorrect_path=0
corrupt_source=0
fail_download_source=0
multi_instance=1
incorrect_path=1
port_already_use=0
final_path_already_use=0
change_url=0
;;; Levels
Level 1=auto
Level 2=auto

232
conf/.env.production.sample Normal file
View file

@ -0,0 +1,232 @@
# Service dependencies
# You may set REDIS_URL instead for more advanced options
# You may also set REDIS_NAMESPACE to share Redis between multiple Mastodon servers
REDIS_HOST=localhost
REDIS_PORT=6379
# You may set DATABASE_URL instead for more advanced options
DB_HOST=localhost
DB_USER=__DB_USER__
DB_NAME=__DB_NAME__
DB_PASS=__DB_PWD__
DB_PORT=5432
# Optional ElasticSearch configuration
# ES_ENABLED=true
# ES_HOST=es
# ES_PORT=9200
# Federation
# Note: Changing LOCAL_DOMAIN at a later time will cause unwanted side effects, including breaking all existing federation.
# LOCAL_DOMAIN should *NOT* contain the protocol part of the domain e.g https://example.com.
LOCAL_DOMAIN=__DOMAIN__
# Changing LOCAL_HTTPS in production is no longer supported. (Mastodon will always serve https:// links)
# Use this only if you need to run mastodon on a different domain than the one used for federation.
# You can read more about this option on https://github.com/tootsuite/documentation/blob/master/Running-Mastodon/Serving_a_different_domain.md
# DO *NOT* USE THIS UNLESS YOU KNOW *EXACTLY* WHAT YOU ARE DOING.
# WEB_DOMAIN=mastodon.example.com
# Use this if you want to have several aliases handler@example1.com
# handler@example2.com etc. for the same user. LOCAL_DOMAIN should not
# be added. Comma separated values
# ALTERNATE_DOMAINS=example1.com,example2.com
# Application secrets
# Generate each with the `RAILS_ENV=production bundle exec rake secret` task (`docker-compose run --rm web rake secret` if you use docker compose)
SECRET_KEY_BASE=__SECRET_KEY_BASE__
OTP_SECRET=__OTP_SECRET__
# VAPID keys (used for push notifications
# You can generate the keys using the following command (first is the private key, second is the public one)
# You should only generate this once per instance. If you later decide to change it, all push subscription will
# be invalidated, requiring the users to access the website again to resubscribe.
#
# Generate with `RAILS_ENV=production bundle exec rake mastodon:webpush:generate_vapid_key` task (`docker-compose run --rm web rake mastodon:webpush:generate_vapid_key` if you use docker compose)
#
# For more information visit https://rossta.net/blog/using-the-web-push-api-with-vapid.html
VAPID_PRIVATE_KEY=__VAPID_PRIVATE_KEY__
VAPID_PUBLIC_KEY=__VAPID_PUBLIC_KEY__
# Registrations
# Single user mode will disable registrations and redirect frontpage to the first profile
# SINGLE_USER_MODE=true
# Prevent registrations with following e-mail domains
# EMAIL_DOMAIN_BLACKLIST=example1.com|example2.de|etc
# Only allow registrations with the following e-mail domains
# EMAIL_DOMAIN_WHITELIST=example1.com|example2.de|etc
# Optionally change default language
DEFAULT_LOCALE=__LANGUAGE__
# E-mail configuration
# Note: Mailgun and SparkPost (https://sparkpo.st/smtp) each have good free tiers
# If you want to use an SMTP server without authentication (e.g local Postfix relay)
# then set SMTP_AUTH_METHOD and SMTP_OPENSSL_VERIFY_MODE to 'none' and
# *comment* SMTP_LOGIN and SMTP_PASSWORD (leaving them blank is not enough).
SMTP_SERVER=localhost
SMTP_PORT=25
#SMTP_LOGIN=
#SMTP_PASSWORD=
SMTP_FROM_ADDRESS=__SMTP_FROM_ADDRESS__
#SMTP_DOMAIN= # defaults to LOCAL_DOMAIN
#SMTP_DELIVERY_METHOD=smtp # delivery method can also be sendmail
SMTP_AUTH_METHOD=none
#SMTP_CA_FILE=/etc/ssl/certs/ca-certificates.crt
SMTP_OPENSSL_VERIFY_MODE=none
#SMTP_ENABLE_STARTTLS_AUTO=true
#SMTP_TLS=true
# Optional user upload path and URL (images, avatars). Default is :rails_root/public/system. If you set this variable, you are responsible for making your HTTP server (eg. nginx) serve these files.
# PAPERCLIP_ROOT_PATH=/var/lib/mastodon/public-system
# PAPERCLIP_ROOT_URL=/system
# Optional asset host for multi-server setups
# The asset host must allow cross origin request from WEB_DOMAIN or LOCAL_DOMAIN
# if WEB_DOMAIN is not set. For example, the server may have the
# following header field:
# Access-Control-Allow-Origin: https://example.com/
# CDN_HOST=https://assets.example.com
# S3 (optional)
# The attachment host must allow cross origin request from WEB_DOMAIN or
# LOCAL_DOMAIN if WEB_DOMAIN is not set. For example, the server may have the
# following header field:
# Access-Control-Allow-Origin: https://192.168.1.123:9000/
# S3_ENABLED=true
# S3_BUCKET=
# AWS_ACCESS_KEY_ID=
# AWS_SECRET_ACCESS_KEY=
# S3_REGION=
# S3_PROTOCOL=http
# S3_HOSTNAME=192.168.1.123:9000
# S3 (Minio Config (optional) Please check Minio instance for details)
# The attachment host must allow cross origin request - see the description
# above.
# S3_ENABLED=true
# S3_BUCKET=
# AWS_ACCESS_KEY_ID=
# AWS_SECRET_ACCESS_KEY=
# S3_REGION=
# S3_PROTOCOL=https
# S3_HOSTNAME=
# S3_ENDPOINT=
# S3_SIGNATURE_VERSION=
# Swift (optional)
# The attachment host must allow cross origin request - see the description
# above.
# SWIFT_ENABLED=true
# SWIFT_USERNAME=
# For Keystone V3, the value for SWIFT_TENANT should be the project name
# SWIFT_TENANT=
# SWIFT_PASSWORD=
# Some OpenStack V3 providers require PROJECT_ID (optional)
# SWIFT_PROJECT_ID=
# Keystone V2 and V3 URLs are supported. Use a V3 URL if possible to avoid
# issues with token rate-limiting during high load.
# SWIFT_AUTH_URL=
# SWIFT_CONTAINER=
# SWIFT_OBJECT_URL=
# SWIFT_REGION=
# Defaults to 'default'
# SWIFT_DOMAIN_NAME=
# Defaults to 60 seconds. Set to 0 to disable
# SWIFT_CACHE_TTL=
# Optional alias for S3 (e.g. to serve files on a custom domain, possibly using Cloudfront or Cloudflare)
# S3_ALIAS_HOST=
# Streaming API integration
# STREAMING_API_BASE_URL=
# Advanced settings
# If you need to use pgBouncer, you need to disable prepared statements:
# PREPARED_STATEMENTS=false
# Cluster number setting for streaming API server.
# If you comment out following line, cluster number will be `numOfCpuCores - 1`.
STREAMING_CLUSTER_NUM=1
# Docker mastodon user
# If you use Docker, you may want to assign UID/GID manually.
# UID=1000
# GID=1000
# LDAP authentication (optional)
# LDAP_ENABLED=true
# LDAP_HOST=localhost
# LDAP_PORT=389
# LDAP_METHOD=simple_tls
# LDAP_BASE=ou=users,dc=yunohost,dc=org
# LDAP_BIND_DN=uid=__LDAP_USER__,ou=users,dc=yunohost,dc=org
# LDAP_PASSWORD=__LDAP_PASSWORD__
# LDAP_UID=uid
# LDAP_SEARCH_FILTER="%{uid}=%{email}"
# PAM authentication (optional)
# PAM authentication uses for the email generation the "email" pam variable
# and optional as fallback PAM_DEFAULT_SUFFIX
# The pam environment variable "email" is provided by:
# https://github.com/devkral/pam_email_extractor
# PAM_ENABLED=true
# Fallback email domain for email address generation (LOCAL_DOMAIN by default)
# PAM_EMAIL_DOMAIN=example.com
# Name of the pam service (pam "auth" section is evaluated)
# PAM_DEFAULT_SERVICE=rpam
# Name of the pam service used for checking if an user can register (pam "account" section is evaluated) (nil (disabled) by default)
# PAM_CONTROLLED_SERVICE=rpam
# Global OAuth settings (optional) :
# If you have only one strategy, you may want to enable this
# OAUTH_REDIRECT_AT_SIGN_IN=true
# Optional CAS authentication (cf. omniauth-cas) :
# CAS_ENABLED=true
# CAS_URL=https://sso.myserver.com/
# CAS_HOST=sso.myserver.com/
# CAS_PORT=443
# CAS_SSL=true
# CAS_VALIDATE_URL=
# CAS_CALLBACK_URL=
# CAS_LOGOUT_URL=
# CAS_LOGIN_URL=
# CAS_UID_FIELD='user'
# CAS_CA_PATH=
# CAS_DISABLE_SSL_VERIFICATION=false
# CAS_UID_KEY='user'
# CAS_NAME_KEY='name'
# CAS_EMAIL_KEY='email'
# CAS_NICKNAME_KEY='nickname'
# CAS_FIRST_NAME_KEY='firstname'
# CAS_LAST_NAME_KEY='lastname'
# CAS_LOCATION_KEY='location'
# CAS_IMAGE_KEY='image'
# CAS_PHONE_KEY='phone'
# Optional SAML authentication (cf. omniauth-saml)
# SAML_ENABLED=true
# SAML_ACS_URL=
# SAML_ISSUER=http://localhost:3000/auth/auth/saml/callback
# SAML_IDP_SSO_TARGET_URL=https://idp.testshib.org/idp/profile/SAML2/Redirect/SSO
# SAML_IDP_CERT=
# SAML_IDP_CERT_FINGERPRINT=
# SAML_NAME_IDENTIFIER_FORMAT=
# SAML_CERT=
# SAML_PRIVATE_KEY=
# SAML_SECURITY_WANT_ASSERTION_SIGNED=true
# SAML_SECURITY_WANT_ASSERTION_ENCRYPTED=true
# SAML_SECURITY_ASSUME_EMAIL_IS_VERIFIED=true
# SAML_ATTRIBUTES_STATEMENTS_UID="urn:oid:0.9.2342.19200300.100.1.1"
# SAML_ATTRIBUTES_STATEMENTS_EMAIL="urn:oid:1.3.6.1.4.1.5923.1.1.1.6"
# SAML_ATTRIBUTES_STATEMENTS_FULL_NAME="urn:oid:2.16.840.1.113730.3.1.241"
# SAML_ATTRIBUTES_STATEMENTS_FIRST_NAME="urn:oid:2.5.4.42"
# SAML_ATTRIBUTES_STATEMENTS_LAST_NAME="urn:oid:2.5.4.4"
# SAML_UID_ATTRIBUTE="urn:oid:0.9.2342.19200300.100.1.1"
# SAML_ATTRIBUTES_STATEMENTS_VERIFIED=
# SAML_ATTRIBUTES_STATEMENTS_VERIFIED_EMAIL=
# Use HTTP proxy for outgoing request (optional)
# http_proxy=http://gateway.local:8118
# Access control for hidden service.
# ALLOW_ACCESS_TO_HIDDEN_SERVICE=true

6
conf/app-mastodon.src
View file

@ -1,6 +0,0 @@
SOURCE_URL=https://github.com/tootsuite/mastodon/archive/v2.5.2.tar.gz
SOURCE_SUM=d25e432f1fcf223270414dd55be4d2878f1af86c21b1f2d7874fa1c57d75ebfb
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=

6
conf/app-rbenv.src
View file

@ -1,6 +0,0 @@
SOURCE_URL=https://github.com/rbenv/rbenv/archive/v1.1.1.tar.gz
SOURCE_SUM=41f1a60714c55eceb21d692a469aee1ec4f46bba351d0dfcb0c660ff9cf1a1c9
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=

6
conf/app-ruby-build.src
View file

@ -1,6 +0,0 @@
SOURCE_URL=https://github.com/rbenv/ruby-build/archive/v20180424.tar.gz
SOURCE_SUM=71dbaf87081369c1f5d27b6a94a927c1eeeb1f36bdffe7851f0a9c1ec87b9373
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=

6
conf/app.src Normal file
View file

@ -0,0 +1,6 @@
SOURCE_URL=https://github.com/tootsuite/mastodon/archive/v2.7.4.tar.gz
SOURCE_SUM=0e542c57228d482a068b05f639d8fe53dd9d413f7e7ce93cd1a088bd4d8d8366
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=

2
conf/cron Normal file
View file

@ -0,0 +1,2 @@
RAILS_ENV=production
@daily cd __FINAL__PATH__/live && /opt/rbenv/versions/2.6.0/bin/bundle exec rake __USER__:media:remove_remote

5
conf/mastodon-sidekiq.service
View file

@ -7,8 +7,9 @@
User=__APP__
WorkingDirectory=__FINALPATH__/live
Environment="RAILS_ENV=production"
Environment="DB_POOL=20"
ExecStart=__FINALPATH__/live/bin/bundle exec sidekiq -c 20 -q default -q mailers -q pull -q push
Environment="DB_POOL=25"
Environment="MALLOC_ARENA_MAX=2"
ExecStart=/opt/rbenv/versions/2.6.0/bin/bundle exec sidekiq -c 25
TimeoutSec=15
Restart=always
StandardError=syslog

6
conf/mastodon-streaming.service
View file

@ -7,8 +7,10 @@
User=__APP__
WorkingDirectory=__FINALPATH__/live
Environment="NODE_ENV=production"
Environment="PORT=4000"
ExecStart=/usr/bin/npm run start
Environment="PORT=__PORT_STREAM__"
Environment="STREAMING_CLUSTER_NUM=1"
Environment=PATH=__NODEJS_PATH__
ExecStart=__NODEJS_PATH__/node ./streaming
TimeoutSec=15
Restart=always
StandardError=syslog

5
conf/mastodon-web.service
View file

@ -7,8 +7,9 @@
User=__APP__
WorkingDirectory=__FINALPATH__/live
Environment="RAILS_ENV=production"
Environment="PORT=3000"
ExecStart=__FINALPATH__/live/bin/bundle exec puma -C config/puma.rb
Environment="PORT=__PORT_WEB__"
ExecStart=/opt/rbenv/versions/2.6.0/bin/bundle exec puma -C config/puma.rb
ExecReload=/bin/kill -SIGUSR1 $MAINPID
TimeoutSec=15
Restart=always
StandardError=syslog

53
conf/nginx.conf
View file

@ -10,31 +10,48 @@ location / {
rewrite ^ https://$server_name$request_uri? permanent;
}
proxy_set_header Accept-Encoding "";
try_files $uri @proxy;
# Include SSOWAT user panel.
include conf.d/yunohost_panel.conf.inc;
}
# add to v1.4 assets
location ~ ^/(assets|system/media_attachments/files|system/accounts/avatars) {
location ~ ^/(emoji|packs|system/accounts/avatars|system/media_attachments/files) {
add_header Cache-Control "public, max-age=31536000, immutable";
add_header Strict-Transport-Security "max-age=31536000";
try_files $uri @proxy;
}
}
location /sw.js {
add_header Cache-Control "public, max-age=0";
add_header Strict-Transport-Security "max-age=31536000";
try_files $uri @proxy;
}
location @proxy {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_pass_header Server;
proxy_pass http://127.0.0.1:3000;
proxy_buffering off;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
tcp_nodelay on;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header Proxy "";
proxy_pass_header Server;
proxy_pass http://127.0.0.1:3000;
proxy_buffering on;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
#proxy_cache CACHE;
proxy_cache_valid 200 7d;
proxy_cache_valid 410 24h;
proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
add_header X-Cached $upstream_cache_status;
add_header Strict-Transport-Security "max-age=31536000";
tcp_nodelay on;
}
location /api/v1/streaming {
@ -42,11 +59,17 @@ location /api/v1/streaming {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header Proxy "";
proxy_pass http://127.0.0.1:4000;
proxy_buffering off;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
tcp_nodelay on;
}
error_page 500 501 502 503 504 /500.html;

29
manifest.json
View file

@ -2,21 +2,21 @@
"name": "Mastodon",
"id": "mastodon",
"packaging_format": 1,
"requirements": {
"yunohost": ">= 2.7.9"
},
"description": {
"en": "Mastodon is a free, open-source social network.",
"fr": "Mastodon est un réseau social gratuit et open source."
},
"version": "2.5.2",
"version": "2.7.4~ynh1",
"url": "https://github.com/tootsuite/mastodon",
"license": "AGPL-3.0-or-later",
"maintainer": {
"name": "cyp, nemsia",
"email": "cyp@rouquin.me, nemsia@nemsia.org"
},
"multi_instance": false,
"requirements": {
"yunohost": ">= 3.4"
},
"multi_instance": true,
"services": [
"nginx"
],
@ -29,28 +29,29 @@
"en": "Choose a domain for Mastodon",
"fr": "Choisissez un domaine pour Mastodon"
},
"example": "domain.org"
"example": "example.com"
},
{
"name": "admin",
"type": "user",
"ask": {
"en": "Choose the Mastodon administrator (must be an existing YunoHost user)",
"fr": "Choisissez un administrateur Mastodon (doit être un utilisateur YunoHost)"
"en": "Choose an admin user",
"fr": "Choisissez l'administrateur"
},
"example": "john"
"example": "johndoe"
},
{
"name": "passwd",
"type": "password",
"name": "is_public",
"type": "boolean",
"ask": {
"en": "Enter password of this administrator ≥ 8 character",
"fr": "Ajouter le mot de passe pour cette administrateur ≥ 8 charactères"
"en": "Is it a public application?",
"fr": "Est-ce une application publique ?"
},
"example": "adminpassword"
"default": true
},
{
"name": "language",
"type": "string",
"ask": {
"en": "Choose the application language",
"fr": "Choisissez la langue de l'application"

231
scripts/_common.sh
View file

@ -1,175 +1,78 @@
#!/bin/bash
# Execute a command as another user
# usage: exec_as USER COMMAND [ARG ...]
exec_as() {
local user=$1
shift 1
if [[ $user = $(whoami) ]]; then
eval "$@"
else
sudo --login --user="$user" "$@"
fi
}
#=================================================
#
# POSTGRES HELPERS
#
# Point of contact : Jean-Baptiste Holcroft <jean-baptiste@holcroft.fr>
# COMMON VARIABLES
#=================================================
# Create a master password and set up global settings
# Please always call this script in install and restore scripts
#
# usage: ynh_psql_test_if_first_run
# dependencies used by the app
#pkg_dependencies="imagemagick ffmpeg libpq-dev libxml2-dev libxslt1-dev file git-core g++ libprotobuf-dev protobuf-compiler pkg-config gcc autoconf bison build-essential libssl-dev libyaml-dev libreadline6-dev zlib1g-dev libncurses5-dev libffi-dev libgdbm5 libgdbm-dev nginx redis-server redis-tools postgresql postgresql-contrib certbot yarn libidn11-dev libicu-dev libjemalloc-dev"
pkg_dependencies="imagemagick libpq-dev libxml2-dev libxslt1-dev file curl apt-transport-https pkg-config libprotobuf-dev protobuf-compiler libicu-dev libidn11-dev redis-server redis-tools postgresql autoconf bison build-essential libssl-dev libyaml-dev libreadline6-dev zlib1g-dev libncurses5-dev libffi-dev libgdbm3 libgdbm-dev ffmpeg yarn"
ynh_psql_test_if_first_run() {
if [ -f /etc/yunohost/psql ];
#=================================================
# PERSONAL HELPERS
#=================================================
#=================================================
# EXPERIMENTAL HELPERS
#=================================================
#=================================================
# FUTURE OFFICIAL HELPERS
#=================================================
# Send an email to inform the administrator
#
# usage: ynh_send_readme_to_admin app_message [recipients]
# | arg: app_message - The message to send to the administrator.
# | arg: recipients - The recipients of this email. Use spaces to separate multiples recipients. - default: root
# example: "root admin@domain"
# If you give the name of a YunoHost user, ynh_send_readme_to_admin will find its email adress for you
# example: "root admin@domain user1 user2"
ynh_send_readme_to_admin() {
local app_message="${1:-...No specific information...}"
local recipients="${2:-root}"
# Retrieve the email of users
find_mails () {
local list_mails="$1"
local mail
local recipients=" "
# Read each mail in argument
for mail in $list_mails
do
# Keep root or a real email address as it is
if [ "$mail" = "root" ] || echo "$mail" | grep --quiet "@"
then
recipients="$recipients $mail"
else
# But replace an user name without a domain after by its email
if mail=$(ynh_user_get_info "$mail" "mail" 2> /dev/null)
then
recipients="$recipients $mail"
fi
fi
done
echo "$recipients"
}
recipients=$(find_mails "$recipients")
local mail_subject="☁️🆈🅽🅷☁️: \`$app\` was just installed!"
local mail_message="This is an automated message from your beloved YunoHost server.
Specific information for the application $app.
$app_message
---
Automatic diagnosis data from YunoHost
$(yunohost tools diagnosis | grep -B 100 "services:" | sed '/services:/d')"
# Define binary to use for mail command
if [ -e /usr/bin/bsd-mailx ]
then
echo "PostgreSQL is already installed, no need to create master password"
local mail_bin=/usr/bin/bsd-mailx
else
pgsql=$(ynh_string_random)
pg_hba=""
echo "$pgsql" >> /etc/yunohost/psql
if [ -e /etc/postgresql/9.4/ ]
then
pg_hba=/etc/postgresql/9.4/main/pg_hba.conf
elif [ -e /etc/postgresql/9.6/ ]
then
pg_hba=/etc/postgresql/9.6/main/pg_hba.conf
else
ynh_die "postgresql shoud be 9.4 or 9.6"
fi
systemctl start postgresql
sudo --login --user=postgres psql -c"ALTER user postgres WITH PASSWORD '$pgsql'" postgres
# force all user to connect to local database using passwords
# https://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html#EXAMPLE-PG-HBA.CONF
# Note: we can't use peer since YunoHost create users with nologin
# See: https://github.com/YunoHost/yunohost/blob/unstable/data/helpers.d/user
sed -i '/local\s*all\s*all\s*peer/i \
local all all password' "$pg_hba"
systemctl enable postgresql
systemctl reload postgresql
local mail_bin=/usr/bin/mail.mailutils
fi
}
# Open a connection as a user
#
# example: ynh_psql_connect_as 'user' 'pass' <<< "UPDATE ...;"
# example: ynh_psql_connect_as 'user' 'pass' < /path/to/file.sql
#
# usage: ynh_psql_connect_as user pwd [db]
# | arg: user - the user name to connect as
# | arg: pwd - the user password
# | arg: db - the database to connect to
ynh_psql_connect_as() {
user="$1"
pwd="$2"
db="$3"
sudo --login --user=postgres PGUSER="$user" PGPASSWORD="$pwd" psql "$db"
}
# # Execute a command as root user
#
# usage: ynh_psql_execute_as_root sql [db]
# | arg: sql - the SQL command to execute
# | arg: db - the database to connect to
ynh_psql_execute_as_root () {
sql="$1"
sudo --login --user=postgres psql <<< "$sql"
}
# Execute a command from a file as root user
#
# usage: ynh_psql_execute_file_as_root file [db]
# | arg: file - the file containing SQL commands
# | arg: db - the database to connect to
ynh_psql_execute_file_as_root() {
file="$1"
db="$2"
sudo --login --user=postgres psql "$db" < "$file"
}
# Create a database, an user and its password. Then store the password in the app's config
#
# After executing this helper, the password of the created database will be available in $db_pwd
# It will also be stored as "psqlpwd" into the app settings.
#
# usage: ynh_psql_setup_db user name [pwd]
# | arg: user - Owner of the database
# | arg: name - Name of the database
# | arg: pwd - Password of the database. If not given, a password will be generated
ynh_psql_setup_db () {
db_user="$1"
app="$1"
db_name="$2"
new_db_pwd=$(ynh_string_random) # Generate a random password
# If $3 is not given, use new_db_pwd instead for db_pwd.
db_pwd="${3:-$new_db_pwd}"
ynh_psql_create_db "$db_name" "$db_user" "$db_pwd" # Create the database
ynh_app_setting_set "$app" psqlpwd "$db_pwd" # Store the password in the app's config
}
# Create a database and grant privilegies to a user
#
# usage: ynh_psql_create_db db [user [pwd]]
# | arg: db - the database name to create
# | arg: user - the user to grant privilegies
# | arg: pwd - the user password
ynh_psql_create_db() {
db="$1"
user="$2"
pwd="$3"
ynh_psql_create_user "$user" "$pwd"
sudo --login --user=postgres createdb --owner="$user" "$db"
}
# Drop a database
#
# usage: ynh_psql_drop_db db
# | arg: db - the database name to drop
# | arg: user - the user to drop
ynh_psql_remove_db() {
db="$1"
user="$2"
sudo --login --user=postgres dropdb "$db"
ynh_psql_drop_user "$user"
}
# Dump a database
#
# example: ynh_psql_dump_db 'roundcube' > ./dump.sql
#
# usage: ynh_psql_dump_db db
# | arg: db - the database name to dump
# | ret: the psqldump output
ynh_psql_dump_db() {
db="$1"
sudo --login --user=postgres pg_dump "$db"
}
# Create a user
#
# usage: ynh_psql_create_user user pwd [host]
# | arg: user - the user name to create
ynh_psql_create_user() {
user="$1"
pwd="$2"
sudo --login --user=postgres psql -c"CREATE USER $user WITH PASSWORD '$pwd' CREATEDB;" postgres
}
# Drop a user
#
# usage: ynh_psql_drop_user user
# | arg: user - the user name to drop
ynh_psql_drop_user() {
user="$1"
sudo --login --user=postgres dropuser "$user"
# Send the email to the recipients
echo "$mail_message" | $mail_bin -a "Content-Type: text/plain; charset=UTF-8" -s "$mail_subject" "$recipients"
}

127
scripts/_future.sh
View file

@ -1,127 +0,0 @@
#!/bin/bash
# needed to have "service_name" as an option
# https://github.com/YunoHost/yunohost/commit/9c4ddcca39d9d6d92bd5f9a23978337e48d0a4e1
ynh_add_systemd_config () {
local service_name="${1:-$app}"
finalsystemdconf="/etc/systemd/system/$service_name.service"
ynh_backup_if_checksum_is_different "$finalsystemdconf"
sudo cp ../conf/${2:-systemd.service} "$finalsystemdconf"
# To avoid a break by set -u, use a void substitution ${var:-}. If the variable is not set, it's simply set with an empty variable.
# Substitute in a nginx config file only if the variable is not empty
if test -n "${final_path:-}"; then
ynh_replace_string "__FINALPATH__" "$final_path" "$finalsystemdconf"
fi
if test -n "${app:-}"; then
ynh_replace_string "__APP__" "$app" "$finalsystemdconf"
fi
ynh_store_file_checksum "$finalsystemdconf"
sudo chown root: "$finalsystemdconf"
sudo systemctl enable $service_name
sudo systemctl daemon-reload
}
# needed to have "service_name" as an option
# https://github.com/YunoHost/yunohost/commit/9c4ddcca39d9d6d92bd5f9a23978337e48d0a4e1
ynh_remove_systemd_config () {
local service_name="${1:-$app}"
local finalsystemdconf="/etc/systemd/system/$service_name.service"
if [ -e "$finalsystemdconf" ]; then
sudo systemctl stop $service_name
sudo systemctl disable $service_name
ynh_secure_remove "$finalsystemdconf"
sudo systemctl daemon-reload
fi
}
# LOCAL ADDITION:
# save file locally if not in the cache
#
# Download, check integrity, uncompress and patch the source from app.src
ynh_setup_source () {
local dest_dir=$1
local src_id=${2:-app} # If the argument is not given, source_id equals "app"
# Load value from configuration file (see above for a small doc about this file
# format)
local src_url=$(grep 'SOURCE_URL=' "$YNH_CWD/../conf/${src_id}.src" | cut -d= -f2-)
local src_sum=$(grep 'SOURCE_SUM=' "$YNH_CWD/../conf/${src_id}.src" | cut -d= -f2-)
local src_sumprg=$(grep 'SOURCE_SUM_PRG=' "$YNH_CWD/../conf/${src_id}.src" | cut -d= -f2-)
local src_format=$(grep 'SOURCE_FORMAT=' "$YNH_CWD/../conf/${src_id}.src" | cut -d= -f2-)
local src_in_subdir=$(grep 'SOURCE_IN_SUBDIR=' "$YNH_CWD/../conf/${src_id}.src" | cut -d= -f2-)
local src_filename=$(grep 'SOURCE_FILENAME=' "$YNH_CWD/../conf/${src_id}.src" | cut -d= -f2-)
# Default value
src_sumprg=${src_sumprg:-sha256sum}
src_in_subdir=${src_in_subdir:-true}
src_format=${src_format:-tar.gz}
src_format=$(echo "$src_format" | tr '[:upper:]' '[:lower:]')
if [ "$src_filename" = "" ] ; then
src_filename="${src_id}.${src_format}"
fi
local local_src="/var/cache/yunohost/ynh_setup_source/${YNH_APP_ID}/${src_filename}"
# if cache file exists and the checksum isn't good, download it again
# if not, just download the file
if test -e "$local_src"
then
echo "${src_sum} ${local_src}" | ${src_sumprg} -c --status \
|| wget -nv -O $local_src $src_url
else
mkdir -p "/var/cache/yunohost/ynh_setup_source/${YNH_APP_ID}"
wget -nv -O $local_src $src_url
fi
cp $local_src $src_filename
# Check the control sum
echo "${src_sum} ${src_filename}" | ${src_sumprg} -c --status \
|| ynh_die "Corrupt source"
# Extract source into the app dir
mkdir -p "$dest_dir"
if [ "$src_format" = "zip" ]
then
# Zip format
# Using of a temp directory, because unzip doesn't manage --strip-components
if $src_in_subdir ; then
local tmp_dir=$(mktemp -d)
unzip -quo $src_filename -d "$tmp_dir"
cp -a $tmp_dir/*/. "$dest_dir"
ynh_secure_remove "$tmp_dir"
else
unzip -quo $src_filename -d "$dest_dir"
fi
else
local strip=""
if $src_in_subdir ; then
strip="--strip-components 1"
fi
if [[ "$src_format" =~ ^tar.gz|tar.bz2|tar.xz$ ]] ; then
tar -xf $src_filename -C "$dest_dir" $strip
else
ynh_die "Archive format unrecognized."
fi
fi
# Apply patches
if (( $(find $YNH_CWD/../sources/patches/ -type f -name "${src_id}-*.patch" 2> /dev/null | wc -l) > "0" )); then
local old_dir=$(pwd)
(cd "$dest_dir" \
&& for p in $YNH_CWD/../sources/patches/${src_id}-*.patch; do \
patch -p1 < $p; done) \
|| ynh_die "Unable to apply patches"
cd $old_dir
fi
# Add supplementary files
if test -e "$YNH_CWD/../sources/extra_files/${src_id}"; then
cp -a $YNH_CWD/../sources/extra_files/$src_id/. "$dest_dir"
fi
}

61
scripts/backup
View file

@ -6,56 +6,61 @@
# IMPORT GENERIC HELPERS
#=================================================
if [ ! -e _common.sh ]; then
# Get the _common.sh file if it's not in the current directory
cp ../settings/scripts/_common.sh ./_common.sh
cp ../settings/scripts/_future.sh ./_future.sh
chmod a+rx _common.sh _future.sh
fi
source _common.sh
#Keep this path for calling _common.sh inside the execution's context of backup and restore scripts
source ../settings/scripts/_common.sh
source ../settings/scripts/ynh_systemd_action
source /usr/share/yunohost/helpers
source _future.sh
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
ynh_clean_setup () {
ynh_clean_check_starting
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
ynh_print_info "Loading installation settings..."
# Get multi-instances specific variables
app=$YNH_APP_INSTANCE_NAME
# Retrieve app settings
domain=$(ynh_app_setting_get "$app" domain)
final_path=$(ynh_app_setting_get "$app" final_path)
db_name=$(ynh_app_setting_get "$app" db_name)
if [ -z "$db_name" ]; then
db_name="${app}_production"
ynh_app_setting_set "$app" db_name "$db_name"
fi
final_path=$(ynh_app_setting_get $app final_path)
domain=$(ynh_app_setting_get $app domain)
db_name=$(ynh_app_setting_get $app db_name)
#=================================================
# STOP MASTODON SERVICES
#=================================================
ynh_print_info "Stopping Mastodon services..."
ynh_systemd_action --action=stop --service_name=${app}-web --line_match="Stopped" --log_path=systemd
ynh_systemd_action --action=stop --service_name=${app}-sidekiq --line_match="Stopped" --log_path=systemd
ynh_systemd_action --action=stop --service_name=${app}-streaming --line_match="Stopped" --log_path=systemd
#=================================================
# STANDARD BACKUP STEPS
#=================================================
# BACKUP THE APP MAIN DIR
#=================================================
ynh_print_info "Backing up the main app directory..."
ynh_backup "$final_path"
#=================================================
# BACKUP THE NGINX CONFIGURATION
#=================================================
ynh_print_info "Backing up nginx web server configuration..."
ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# BACKUP THE MYSQL DATABASE
# BACKUP THE POSTGRESQL DATABASE
#=================================================
ynh_print_info "Backing up the PostgreSQL database..."
ynh_psql_dump_db "$db_name" > db.sql
@ -64,13 +69,29 @@ ynh_psql_dump_db "$db_name" > db.sql
#=================================================
# BACKUP SYSTEMD
#=================================================
ynh_print_info "Backing up systemd configuration..."
ynh_backup "/etc/systemd/system/$app-web.service"
ynh_backup "/etc/systemd/system/$app-sidekiq.service"
ynh_backup "/etc/systemd/system/$app-streaming.service"
#=================================================
# BACKUP THE sources.list FILES
# BACKUP A CRON FILE
#=================================================
ynh_backup "/etc/apt/sources.list.d/yarn.list" "apt_yarn.list"
ynh_backup "/etc/cron.d/$app"
#=================================================
# START MASTODON SERVICES
#=================================================
ynh_print_info "Starting Mastodon services..."
ynh_systemd_action --action=start --service_name=${app}-web --line_match="Listening on tcp" --log_path=systemd
ynh_systemd_action --action=start --service_name=${app}-sidekiq --line_match="Starting processing" --log_path=systemd
ynh_systemd_action --action=start --service_name=${app}-streaming --line_match="Worker 1 now listening" --log_path=systemd
#=================================================
# END OF SCRIPT
#=================================================
ynh_print_info "Backup script completed for $app. (YunoHost will then actually copy those files to the archive)."

133
scripts/change_url Normal file
View file

@ -0,0 +1,133 @@
#!/bin/bash
#=================================================
# GENERIC STARTING
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source ynh_systemd_action
source /usr/share/yunohost/helpers
#=================================================
# RETRIEVE ARGUMENTS
#=================================================
old_domain=$YNH_APP_OLD_DOMAIN
old_path=$YNH_APP_OLD_PATH
new_domain=$YNH_APP_NEW_DOMAIN
new_path="/"
app=$YNH_APP_INSTANCE_NAME
#=================================================
# LOAD SETTINGS
#=================================================
ynh_print_info "Loading installation settings..."
# Needed for helper "ynh_add_nginx_config"
final_path=$(ynh_app_setting_get $app final_path)
# Add settings here as needed by your application
#db_name=$(ynh_app_setting_get "$app" db_name)
#db_pwd=$(ynh_app_setting_get $app db_pwd)
admin_mail=$(ynh_app_setting_get $app admin_mail)
#=================================================
# CHECK THE SYNTAX OF THE PATHS
#=================================================
test -n "$old_path" || old_path="/"
test -n "$new_path" || new_path="/"
new_path=$(ynh_normalize_url_path $new_path)
old_path=$(ynh_normalize_url_path $old_path)
#=================================================
# CHECK WHICH PARTS SHOULD BE CHANGED
#=================================================
change_domain=0
if [ "$old_domain" != "$new_domain" ]
then
change_domain=1
fi
change_path=0
if [ "$old_path" != "$new_path" ]
then
change_path=1
fi
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# MODIFY URL IN NGINX CONF
#=================================================
ynh_print_info "Updating nginx web server configuration..."
nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
# Change the path in the nginx config file
if [ $change_path -eq 1 ]
then
# Make a backup of the original nginx config file if modified
ynh_backup_if_checksum_is_different "$nginx_conf_path"
# Set global variables for nginx helper
domain="$old_domain"
path_url="$new_path"
# Create a dedicated nginx config
ynh_add_nginx_config
fi
# Change the domain for nginx
if [ $change_domain -eq 1 ]
then
# Delete file checksum for the old conf file location
ynh_delete_file_checksum "$nginx_conf_path"
mv $nginx_conf_path /etc/nginx/conf.d/$new_domain.d/$app.conf
# Store file checksum for the new config file location
ynh_store_file_checksum "/etc/nginx/conf.d/$new_domain.d/$app.conf"
fi
#=================================================
# SPECIFIC MODIFICATIONS
#=================================================
# STOP MASTODON SERVICES
#=================================================
ynh_print_info "Stopping Mastodon services..."
ynh_systemd_action --action=stop --service_name=${app}-web --line_match="Stopped" --log_path=systemd
ynh_systemd_action --action=stop --service_name=${app}-sidekiq --line_match="Stopped" --log_path=systemd
ynh_systemd_action --action=stop --service_name=${app}-streaming --line_match="Stopped" --log_path=systemd
#=================================================
# CHANGE CONFIGURATION
#=================================================
ynh_replace_string "LOCAL_DOMAIN=.*" "LOCAL_DOMAIN=${domain}" "${final_path}/live/.env.production"
#=================================================
# START MASTODON SERVICES
#=================================================
ynh_print_info "Starting Mastodon services..."
ynh_systemd_action --action=start --service_name=${app}-web --line_match="Listening on tcp" --log_path=systemd
ynh_systemd_action --action=start --service_name=${app}-sidekiq --line_match="Starting processing" --log_path=systemd
ynh_systemd_action --action=start --service_name=${app}-streaming --line_match="Worker 1 now listening" --log_path=systemd
#=================================================
# GENERIC FINALISATION
#=================================================
# RELOAD NGINX
#=================================================
ynh_print_info "Reloading nginx web server..."
systemctl reload nginx
#=================================================
# END OF SCRIPT
#=================================================
ynh_print_info "Change of URL completed for $app"

335
scripts/install
View file

@ -7,41 +7,53 @@
#=================================================
source _common.sh
source ynh_install_ruby
source ynh_add_secure_repos__3
source ynh_systemd_action
source /usr/share/yunohost/helpers
source _future.sh
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
ynh_clean_setup () {
ynh_clean_check_starting
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#================================================
#=================================================
domain=$YNH_APP_ARG_DOMAIN
admin_mastodon=$YNH_APP_ARG_ADMIN
admin_mastodon_mail=$(ynh_user_get_info $admin_mastodon 'mail')
admin_pass=$YNH_APP_ARG_PASSWD
path_url="/"
admin=$YNH_APP_ARG_ADMIN
is_public=$YNH_APP_ARG_IS_PUBLIC
language=$YNH_APP_ARG_LANGUAGE
path_url="/"
admin_mail=$(ynh_user_get_info $admin 'mail')
app=$YNH_APP_INSTANCE_NAME
#=================================================
# CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#=================================================
ynh_print_info "Validating installation parameters..."
final_path=/var/www/$app
test ! -e "$final_path" || ynh_die "This path already contains a folder"
# TODO: remove this test, don't as password anymore, generate it and send it by email to admin with: https://github.com/YunoHost-Apps/Experimental_helpers/tree/master/send_readme_to_admin
[[ ${#admin_pass} -gt 7 ]] || ynh_die "Password is too weak, must be longer than 7 characters"
if [ "$admin" != "package_checker" ]
then
# TODO : to be factorized into a helper someday ? ;)
MEM=$(free | grep "^Mem" | awk '{print $2}')
SWAP=$(free | grep "^Swap" | awk '{print $2}')
TOTAL_MEM_AND_SWAP=$(( ( $MEM+$SWAP ) / 1024 )) # In MB
[[ $TOTAL_MEM_AND_SWAP -gt 2500 ]] || ynh_die "You need at least 2500 Mo of RAM+Swap to install Mastodon. Please consult the README to learn how to add swap."
fi
# Normalize the url path syntax
path_url=$(ynh_normalize_url_path $path_url)
@ -53,24 +65,32 @@ ynh_webpath_register $app $domain $path_url
#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
ynh_print_info "Storing installation settings..."
ynh_app_setting_set $app domain $domain
ynh_app_setting_set $app admin $admin_mastodon
ynh_app_setting_set $app pass $admin_pass
ynh_app_setting_set $app language $language
ynh_app_setting_set $app domain $domain
ynh_app_setting_set $app path $path_url
ynh_app_setting_set $app admin $admin
ynh_app_setting_set $app is_public $is_public
ynh_app_setting_set $app language $language
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# FIND AND OPEN A PORT
#=================================================
ynh_print_info "Configuring firewall..."
# Find a free port
port_web=$(ynh_find_port 3000)
port_stream=$(ynh_find_port 4000)
# Open this port
ynh_app_setting_set $app port_web $port_web
ynh_app_setting_set $app port_stream $port_stream
#=================================================
# INSTALL DEPENDENCIES
#=================================================
# TODO: add in a clean way backports and yarn
ynh_print_info "Installing dependencies..."
# Import debian archive pubkey, need on ARM arch
arch=$(uname -m)
@ -79,180 +99,166 @@ if [[ "$arch" = arm* ]]; then
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 7638D0442B90D010
fi
# Install source.list debian package backports & yarn
# Install extra_repo debian package backports & yarn
if [ "$(lsb_release --codename --short)" == "jessie" ]; then
echo "deb http://httpredir.debian.org/debian jessie-backports main" | tee /etc/apt/sources.list.d/jessie-backports.list
ynh_install_extra_repo --repo="deb http://httpredir.debian.org/debian jessie-backports main" --append
fi
curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add -
echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list
ynh_package_update
# Creates the destination directory and stores its location.
ynh_app_setting_set "$app" final_path "$final_path"
ynh_install_extra_repo --repo="deb https://dl.yarnpkg.com/debian/ stable main" --key="https://dl.yarnpkg.com/debian/pubkey.gpg" --append
# Install de Node.js
# TODO: use https://github.com/YunoHost-Apps/Experimental_helpers/blob/master/ynh_install_nodejs/ynh_install_nodejs
(
cd /opt
curl -sL https://deb.nodesource.com/setup_8.x | bash -
apt-get -y install nodejs
)
# install nodejs
ynh_install_nodejs 8
# TODO: use the same mecanism with other files
ynh_install_app_dependencies \
`# debian packages ` \
imagemagick libpq-dev libxml2-dev libxslt1-dev file curl apt-transport-https pkg-config libprotobuf-dev protobuf-compiler libicu-dev libidn11-dev \
`# redis ` \
redis-server redis-tools \
`# postgresql ` \
postgresql \
`# Ruby ` \
autoconf bison build-essential libssl-dev libyaml-dev libreadline6-dev zlib1g-dev libncurses5-dev libffi-dev libgdbm3 libgdbm-dev \
`# ffmpeg from backports ` \
ffmpeg \
`# Yarn ` \
yarn
ynh_install_app_dependencies $pkg_dependencies
#=================================================
# CREATE A DATABASE
# CREATE A POSTGRESQL DATABASE
#=================================================
ynh_print_info "Creating a PostgreSQL database..."
# TODO: use non-official https://github.com/YunoHost-Apps/Experimental_helpers/blob/master/postgres/postgres
# TODO: this commands doesn't looks like a requirement, you may fully remove it
# Set UTF8 encoding by default
ynh_psql_test_if_first_run
db_user=$(ynh_sanitize_dbid "$app")
# Create postgresql database
db_name="${app}_production"
db_name=$(ynh_sanitize_dbid "$db_name")
db_pwd=$(ynh_string_random)
ynh_app_setting_set $app db_name $db_name
ynh_app_setting_set $app db_pwd $db_pwd
ynh_psql_setup_db "$db_user" "$db_name" "$db_pwd"
db_pwd=$(ynh_string_random 30)
ynh_app_setting_set "$app" db_name "$db_name"
ynh_app_setting_set "$app" db_pwd "$db_pwd"
ynh_psql_test_if_first_run
ynh_psql_create_user "$app" "$db_pwd"
ynh_psql_execute_as_root \
"CREATE DATABASE $db_name ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' template=template0 OWNER $app;"
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_print_info "Setting up source files..."
# Download all sources rbenv, ruby and mastodon
ynh_setup_source "$final_path/.rbenv" "app-rbenv"
ynh_setup_source "$final_path/.rbenv/plugins/ruby-build" "app-ruby-build"
ynh_setup_source "$final_path/live" "app-mastodon"
ynh_app_setting_set $app final_path $final_path
# Download, check integrity, uncompress and patch the source from app.src
mkdir $final_path
ynh_setup_source "$final_path/live"
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_print_info "Configuring nginx web server..."
# TODO: use official helper ynh_add_nginx_config
# Modify Nginx configuration file and copy it to Nginx conf directory
sed -i "s@__PATH__@$app@g" ../conf/nginx.conf*
sed -i "s@__FINALPATH__@$final_path@g" ../conf/nginx.conf*
cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf
# Create a dedicated nginx config
ynh_replace_string "__PORT_WEB__" "$port_web" "../conf/nginx.conf"
ynh_replace_string "__PORT_STREAM__" "$port_stream" "../conf/nginx.conf"
ynh_add_nginx_config
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_print_info "Configuring system user..."
# TODO: use official helper ynh_system_user_create
# Create user unix
adduser $app --home $final_path --gecos "First Last,RoomNumber,WorkPhone,HomePhone" --disabled-password
# Create a system user
ynh_system_user_create $app $final_path
chown -R "$app" "$final_path"
#=================================================
# SPECIFIC SETUP
#=================================================
# INSTALLING RUBY AND BUNDLER
#=================================================
# TODO: try to use ynh_install_ruby from https://github.com/YunoHost-Apps/Experimental_helpers
# Install de rbenv
(
cd $final_path/.rbenv
src/configure && make -C src
ynh_install_ruby --ruby_version=2.6.0
/opt/rbenv/versions/2.6.0/bin/gem update --system
#/opt/rbenv/versions/2.6.0/bin/gem install bundler --no-document
echo "export PATH=\"$final_path/.rbenv/bin:$final_path/live/bin:\$PATH\"
eval \"\$(rbenv init -)\"" > $final_path/.profile
echo "export PATH=\"$final_path/.rbenv/bin:$final_path/live/bin:\$PATH\"" > $final_path/.bashrc
)
#=================================================
# MODIFY A CONFIG FILE
#=================================================
# Install ruby-build
(
exec_as "$app" $final_path/.rbenv/bin/rbenv install 2.5.1
exec_as "$app" $final_path/.rbenv/bin/rbenv global 2.5.1
exec_as "$app" $final_path/.rbenv/versions/2.5.1/bin/ruby -v
)
# Create symlink for ruby
rm /usr/bin/ruby || true
ln -s $final_path/.rbenv/versions/2.5.1/bin/ruby /usr/bin/ruby || true
# Yarn install on root
pushd $final_path/live
yarn install --pure-lockfile
popd
# Adjust Mastodon config
# TODO: use official helper ynh_replace_string
# TODO: save the config file in conf folder, to make replacement easier to read
# TODO: use ynh_string_random
cp -a $final_path/live/.env.production.sample $final_path/live/.env.production
sed -i "s@REDIS_HOST=redis@REDIS_HOST=127.0.0.1@g" "${final_path}/live/.env.production"
sed -i "s@DB_HOST=db@DB_HOST=/var/run/postgresql@g" "${final_path}/live/.env.production"
sed -i "s@DB_USER=postgres@DB_USER=${db_user}@g" "${final_path}/live/.env.production"
sed -i "s@DB_NAME=postgres@DB_NAME=${db_name}@g" "${final_path}/live/.env.production"
sed -i "s@DB_PASS=@DB_PASS=${db_pwd}@g" "${final_path}/live/.env.production"
sed -i "s@LOCAL_DOMAIN=example.com@LOCAL_DOMAIN=${domain}@g" "${final_path}/live/.env.production"
cp -f ../conf/.env.production.sample "$final_path/live/.env.production"
ynh_replace_string "__DB_USER__" "$app" "$final_path/live/.env.production"
ynh_replace_string "__DB_NAME__" "$db_name" "$final_path/live/.env.production"
ynh_replace_string "__DB_PWD__" "$db_pwd" "$final_path/live/.env.production"
ynh_replace_string "__DOMAIN__" "$domain" "$final_path/live/.env.production"
ynh_replace_string "__SMTP_FROM_ADDRESS__" "$admin_mail" "${final_path}/live/.env.production"
language="$(echo $language | head -c 2)"
sed -i "s@# DEFAULT_LOCALE=de@DEFAULT_LOCALE=${language}@g" "${final_path}/live/.env.production"
ynh_replace_string "__LANGUAGE__" "$language" "$final_path/live/.env.production"
paperclip_secret=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128)
ynh_replace_string "PAPERCLIP_SECRET=" "PAPERCLIP_SECRET=$paperclip_secret" "${final_path}/live/.env.production"
ynh_app_setting_set "$app" paperclip_secret "$paperclip_secret"
secret_key_base=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128)
ynh_replace_string "__SECRET_KEY_BASE__" "$secret_key_base" "$final_path/live/.env.production"
ynh_app_setting_set "$app" secret_key_base "$secret_key_base"
otp_secret=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128)
sed -i "s@PAPERCLIP_SECRET=@PAPERCLIP_SECRET=${paperclip_secret}@g" "${final_path}/live/.env.production"
sed -i "s@SECRET_KEY_BASE=@SECRET_KEY_BASE=${secret_key_base}@g" "${final_path}/live/.env.production"
sed -i "s@OTP_SECRET=@OTP_SECRET=${otp_secret}@g" "${final_path}/live/.env.production"
ynh_replace_string "__OTP_SECRET__" "$otp_secret" "$final_path/live/.env.production"
ynh_app_setting_set "$app" otp_secret "$otp_secret"
sed -i "s@SMTP_LOGIN=@#SMTP_LOGIN=@g" "${final_path}/live/.env.production"
sed -i "s@SMTP_PASSWORD=@#SMTP_PASSWORD=@g" "${final_path}/live/.env.production"
sed -i "s@SMTP_SERVER=smtp.mailgun.org@SMTP_SERVER=localhost@g" "${final_path}/live/.env.production"
sed -i "s@SMTP_PORT=587@SMTP_PORT=25@g" "${final_path}/live/.env.production"
sed -i 's,SMTP_FROM_ADDRESS=notifications@example.com,SMTP_FROM_ADDRESS='${admin_mastodon}'@'${domain}',' "${final_path}/live/.env.production"
sed -i "s@#SMTP_AUTH_METHOD=plain@SMTP_AUTH_METHOD=none@g" "${final_path}/live/.env.production"
sed -i "s@#SMTP_OPENSSL_VERIFY_MODE=peer@SMTP_OPENSSL_VERIFY_MODE=none@g" "${final_path}/live/.env.production"
#=================================================
# INSTALLING MASTODON
#=================================================
ynh_print_info "Installing Mastodon..."
# Preconfig CSS & JS
# Install Mastodon
(
cd "$final_path/live"
su mastodon <<INSTALL
$final_path/.rbenv/versions/2.5.1/bin/gem install bundler
$final_path/live/bin/bundle install -j$(getconf _NPROCESSORS_ONLN) --deployment --without development test --quiet
yarn install --production --no-progress --non-interactive --silent
echo "SAFETY_ASSURED=1">> .env.production
RAILS_ENV=production $final_path/live/bin/bundle exec rails db:migrate --quiet
RAILS_ENV=production $final_path/live/bin/bundle exec rails assets:precompile --quiet
INSTALL
)
chown -R "$app": "$final_path"
# TODO: use ynh_find_port to have generic port selection for RAILS
pushd "$final_path/live"
ynh_use_nodejs
sudo -u "$app" env PATH=$PATH /opt/rbenv/versions/2.6.0/bin/bundle install -j$(getconf _NPROCESSORS_ONLN) --deployment --without development test
sudo -u "$app" env PATH=$PATH yarn install --pure-lockfile
sudo -u "$app" echo "SAFETY_ASSURED=1">> .env.production
sudo -u "$app" env PATH=$PATH RAILS_ENV=production /opt/rbenv/versions/2.6.0/bin/bundle exec rails db:migrate --quiet
sudo -u "$app" env PATH=$PATH RAILS_ENV=production /opt/rbenv/versions/2.6.0/bin/bundle exec rails assets:precompile --quiet
sudo -u "$app" env PATH=$PATH RAILS_ENV=production /opt/rbenv/versions/2.6.0/bin/bundle exec rake mastodon:webpush:generate_vapid_key > key.txt
sudo -u "$app" env PATH=$PATH RAILS_ENV=production bin/tootctl accounts create "$admin" --email="$admin_mail" --confirmed --role=admin > acc.txt
popd
admin_pass=$( tail -1 $final_path/live/acc.txt | head -1 | cut -c 15- )
ynh_secure_remove "$final_path/live/acc.txt"
vapid_private_key=$(grep -oP "VAPID_PRIVATE_KEY=\K\w+" "$final_path/live/key.txt")
vapid_public_key=$(grep -oP "VAPID_PUBLIC_KEY=\K\w+" "$final_path/live/key.txt")
ynh_replace_string "__VAPID_PRIVATE_KEY__" "$vapid_private_key" "${final_path}/live/.env.production"
ynh_replace_string "__VAPID_PUBLIC_KEY__" "$vapid_public_key" "${final_path}/live/.env.production"
ynh_app_setting_set "$app" vapid_private_key "$vapid_private_key"
ynh_app_setting_set "$app" vapid_public_key "$vapid_public_key"
ynh_secure_remove "$final_path/live/key.txt"
#=================================================
# SETUP CRON JOB FOR REMOVING CACHE
#=================================================
ynh_print_info "Setuping a cron job for rem0ving cache..."
ynh_replace_string "__FINAL_PATH__" "$final_path" ../conf/cron
ynh_replace_string "__USER__" "$app" ../conf/cron
sudo cp -f ../conf/cron /etc/cron.d/$app
#=================================================
# SETUP SYSTEMD
#=================================================
ynh_print_info "Configuring a systemd service..."
# Create a dedicated systemd config
ynh_replace_string "__PORT_WEB__" "$port_web" "../conf/mastodon-web.service"
ynh_replace_string "__PORT_STREAM__" "$port_stream" "../conf/mastodon-streaming.service"
ynh_replace_string "__NODEJS_PATH__" "$nodejs_path" "../conf/mastodon-streaming.service"
ynh_add_systemd_config "$app-web" "mastodon-web.service"
# TODO: use ynh_find_port to have generic port selection for NODES
ynh_add_systemd_config "$app-sidekiq" "mastodon-sidekiq.service"
ynh_add_systemd_config "$app-streaming" "mastodon-streaming.service"
systemctl start "$app-web.service" "$app-sidekiq.service" "$app-streaming.service"
#=================================================
# START MASTODON SERVICES
#=================================================
ynh_print_info "Starting Mastodon services..."
# Create user
(
cd "$final_path/live"
su mastodon <<CREATEUSER
RAILS_ENV=production bin/bundle exec rails c
account = Account.create!(username: '$admin_mastodon')
user = User.create!(email: '$admin_mastodon_mail', password: '$admin_pass', account: account)
CREATEUSER
su mastodon <<SETADMIN
RAILS_ENV=production bin/bundle exec rails mastodon:make_admin USERNAME=$admin_mastodon
RAILS_ENV=production bin/bundle exec rails mastodon:confirm_email USER_EMAIL=$admin_mastodon_mail
SETADMIN
)
ynh_systemd_action --action=start --service_name=${app}-web --line_match="Listening on tcp" --log_path=systemd
ynh_systemd_action --action=start --service_name=${app}-sidekiq --line_match="Starting processing" --log_path=systemd
ynh_systemd_action --action=start --service_name=${app}-streaming --line_match="Worker 1 now listening" --log_path=systemd
#=================================================
# STORE THE CONFIG FILE CHECKSUM
#=================================================
# Calculate and store the config file checksum into the app settings
ynh_store_file_checksum "${final_path}/live/.env.production"
#=================================================
# GENERIC FINALIZATION
@ -260,14 +266,13 @@ SETADMIN
# SECURE FILES AND DIRECTORIES
#=================================================
# TODO:Set permissions to app files
chown -R "$app" "$final_path"
# Set permissions to app files
chown -R "$app": "$final_path"
#=================================================
# ADVERTISE SERVICE IN ADMIN PANEL
#=================================================
# Add service YunoHost
yunohost service add "$app-web"
yunohost service add "$app-sidekiq"
yunohost service add "$app-streaming"
@ -275,14 +280,36 @@ yunohost service add "$app-streaming"
#=================================================
# SETUP SSOWAT
#=================================================
ynh_print_info "Configuring SSOwat..."
# TODO: all private install
# Unprotected url
ynh_app_setting_set "$app" unprotected_uris "/"
# Make app public if necessary
if [ $is_public -eq 1 ]
then
# unprotected_uris allows SSO credentials to be passed anyway.
ynh_app_setting_set $app unprotected_uris "/"
fi
#=================================================
# RELOAD NGINX
#=================================================
ynh_print_info "Reloading nginx web server..."
# Reload Nginx
systemctl reload nginx
#=================================================
# SEND A README FOR THE ADMIN
#=================================================
message="Mastodon was successfully installed :)
Please open 'https://$domain$path_url'
The admin email is: $admin_mail
The admin password is: $admin_pass
If you facing an issue or want to improve this app, please open a new issue in this project: https://github.com/YunoHost-Apps/mastodon_ynh"
ynh_send_readme_to_admin "$message" "$admin"
#=================================================
# END OF SCRIPT
#=================================================
ynh_print_info "Installation of $app completed"

116
scripts/remove
View file

@ -6,78 +6,83 @@
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh # Loads the generic functions usually used in the script
# Source app helpers
source _common.sh
source ynh_install_ruby
source ynh_add_secure_repos__3
source /usr/share/yunohost/helpers
source _future.sh
#=================================================
# LOAD SETTINGS
#=================================================
ynh_print_info "Loading installation settings..."
app=$YNH_APP_INSTANCE_NAME
# Retrieve app settings
domain=$(ynh_app_setting_get "$app" domain)
db_name=$(ynh_app_setting_get "$app" db_name)
if [ -z "$db_name" ]; then
db_name="${app}_production"
ynh_app_setting_set "$app" db_name "$db_name"
fi
db_user=$(ynh_sanitize_dbid "$app")
final_path=$(ynh_app_setting_get "$app" final_path)
domain=$(ynh_app_setting_get $app domain)
db_name=$(ynh_app_setting_get $app db_name)
final_path=$(ynh_app_setting_get $app final_path)
#=================================================
# STANDARD REMOVE
#=================================================
# STOP AND REMOVE SERVICE
# REMOVE SERVICE FROM ADMIN PANEL
#=================================================
# Remove a service from the admin panel, added by `yunohost service add`
if yunohost service status "$app-web" >/dev/null 2>&1
then
ynh_print_info "Removing $app-web service"
yunohost service remove "$app-web"
fi
if yunohost service status "$app-sidekiq" >/dev/null 2>&1
then
ynh_print_info "Removing $app-sidekiq service"
yunohost service remove "$app-sidekiq"
fi
if yunohost service status "$app-streaming" >/dev/null 2>&1
then
ynh_print_info "Removing $app-streaming service"
yunohost service remove "$app-streaming"
fi
#=================================================
# STOP AND REMOVE SERVICE
#=================================================
ynh_print_info "Stopping and removing the systemd service"
# Remove the dedicated systemd config
ynh_remove_systemd_config "$app-web"
ynh_remove_systemd_config "$app-sidekiq"
ynh_remove_systemd_config "$app-streaming"
#=================================================
# REMOVE SERVICE FROM ADMIN PANEL
#==============================================
# REMOVE THE POSTGRESQL DATABASE
#=================================================
ynh_print_info "Removing the PostgreSQL database"
if yunohost service status | grep -q "$app-web"
then
echo "Remove $app-web service"
yunohost service remove "$app-web"
fi
ynh_psql_execute_as_root "\connect $db_name
SELECT pg_terminate_backend (pg_stat_activity.pid) FROM pg_stat_activity WHERE pg_stat_activity.datname = '$db_name';"
if yunohost service status | grep -q "$app-sidekiq"
then
echo "Remove $app-sidekiq service"
yunohost service remove "$app-sidekiq"
fi
if yunohost service status | grep -q "$app-streaming"
then
echo "Remove $app-streaming service"
yunohost service remove "$app-streaming"
fi
# delete postgresql database & user
ynh_psql_remove_db --db_name="$db_name" --db_user="$app"
#=================================================
# REMOVE DEPENDENCIES
#=================================================
ynh_print_info "Removing dependencies"
# Remove metapackage and its dependencies
ynh_remove_ruby
ynh_remove_app_dependencies
#=================================================
# REMOVE THE PostgreSQL DATABASE
#=================================================
# delete postgresql database & user
ynh_psql_remove_db "$db_name" "$db_user"
ynh_remove_nodejs
ynh_remove_extra_repo
#=================================================
# REMOVE APP MAIN DIR
#=================================================
ynh_print_info "Removing app main directory"
# Remove the app directory securely
ynh_secure_remove "$final_path"
@ -85,9 +90,10 @@ ynh_secure_remove "$final_path"
#=================================================
# REMOVE NGINX CONFIGURATION
#=================================================
ynh_print_info "Removing nginx web server configuration"
ynh_secure_remove "/etc/nginx/conf.d/${domain}.d/${app}.conf"
systemctl reload nginx
# Remove the dedicated nginx config
ynh_remove_nginx_config
#=================================================
# SPECIFIC REMOVE
@ -95,25 +101,21 @@ systemctl reload nginx
# REMOVE THE CRON FILE
#=================================================
# Delete cronlog
ynh_secure_remove /etc/cron.d/$app
#=================================================
# REMOVE source.list
#=================================================
if [ "$(lsb_release --codename --short)" == "jessie" ]; then
ynh_secure_remove /etc/apt/sources.list.d/backports.list
ynh_secure_remove /etc/apt/sources.list.d/jessie-backports.list
fi
ynh_secure_remove /etc/apt/sources.list.d/yarn.list
# Delete ruby exec
#ynh_secure_remove /usr/bin/ruby
# Remove a cron file
ynh_secure_remove "/etc/cron.d/$app"
#=================================================
# GENERIC FINALIZATION
#=================================================
# REMOVE DEDICATED USER
#=================================================
ynh_print_info "Removing the dedicated system user"
userdel -f $app
# Delete a system user
ynh_system_user_delete $app
#=================================================
# END OF SCRIPT
#=================================================
ynh_print_info "Removal of $app completed"

123
scripts/restore
View file

@ -6,38 +6,39 @@
# IMPORT GENERIC HELPERS
#=================================================
if [ ! -e _common.sh ]; then
# Get the _common.sh file if it's not in the current directory
cp ../settings/scripts/_common.sh ./_common.sh
cp ../settings/scripts/_future.sh ./_future.sh
chmod a+rx _common.sh _future.sh
fi
source _common.sh
#Keep this path for calling _common.sh inside the execution's context of backup and restore scripts
source ../settings/scripts/_common.sh
source ../settings/scripts/ynh_install_ruby
source ../settings/scripts/ynh_add_secure_repos__3
source ../settings/scripts/ynh_systemd_action
source /usr/share/yunohost/helpers
source _future.sh
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
ynh_clean_setup () {
ynh_clean_check_starting
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
ynh_print_info "Loading settings..."
app=$YNH_APP_INSTANCE_NAME
# Get old parameter of the app
domain=$(ynh_app_setting_get $app domain)
path_url=$(ynh_app_setting_get $app path)
is_public=$(ynh_app_setting_get $app is_public)
final_path=$(ynh_app_setting_get "$app" final_path)
final_path=$(ynh_app_setting_get $app final_path)
db_name=$(ynh_app_setting_get $app db_name)
#=================================================
# CHECK IF THE APP CAN BE RESTORED
#=================================================
ynh_print_info "Validating restoration parameters..."
ynh_webpath_available $domain $path_url \
|| ynh_die "Path not available: ${domain}${path_url}"
@ -55,15 +56,17 @@ ynh_restore_file "/etc/nginx/conf.d/$domain.d/$app.conf"
#=================================================
# RESTORE THE APP MAIN DIR
#=================================================
ynh_print_info "Restoring the app main directory..."
ynh_restore_file "$final_path"
#=================================================
# RECREATE THE DEDICATED USER
#=================================================
ynh_print_info "Recreating the dedicated system user..."
# Create user unix
adduser $app --home $final_path --gecos "First Last,RoomNumber,WorkPhone,HomePhone" --disabled-password
# Create the dedicated user (if not existing)
ynh_system_user_create $app $final_path
#=================================================
# RESTORE USER RIGHTS
@ -77,8 +80,7 @@ chown -R $app: $final_path
#=================================================
# REINSTALL DEPENDENCIES
#=================================================
# TODO: add in a clean way backports and yarn
ynh_print_info "Reinstalling dependencies..."
# Import debian archive pubkey, need on ARM arch
arch=$(uname -m)
@ -87,54 +89,47 @@ if [[ "$arch" = arm* ]]; then
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 7638D0442B90D010
fi
# Install source.list debian package backports & yarn
# Install extra_repo debian package backports & yarn
if [ "$(lsb_release --codename --short)" == "jessie" ]; then
echo "deb http://httpredir.debian.org/debian jessie-backports main" | tee /etc/apt/sources.list.d/jessie-backports.list
ynh_install_extra_repo --repo="deb http://httpredir.debian.org/debian jessie-backports main" --append
fi
curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add -
echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list
ynh_package_update
ynh_install_extra_repo --repo="deb https://dl.yarnpkg.com/debian/ stable main" --key="https://dl.yarnpkg.com/debian/pubkey.gpg" --append
# Install de Node.js
# TODO: use https://github.com/YunoHost-Apps/Experimental_helpers/blob/master/ynh_install_nodejs/ynh_install_nodejs
(
cd /opt
curl -sL https://deb.nodesource.com/setup_8.x | bash -
apt-get -y install nodejs
)
# install nodejs
ynh_install_nodejs 8
# TODO: use the same mecanism with other files
ynh_install_app_dependencies \
`# debian packages ` \
imagemagick libpq-dev libxml2-dev libxslt1-dev file curl apt-transport-https pkg-config libprotobuf-dev protobuf-compiler libicu-dev libidn11-dev \
`# redis ` \
redis-server redis-tools \
`# postgresql ` \
postgresql \
`# Ruby ` \
autoconf bison build-essential libssl-dev libyaml-dev libreadline6-dev zlib1g-dev libncurses5-dev libffi-dev libgdbm3 libgdbm-dev \
`# ffmpeg from backports ` \
ffmpeg \
`# Yarn ` \
yarn
ynh_install_app_dependencies $pkg_dependencies
#=================================================
# RESTORE THE PostgreSQL DATABASE
# INSTALLING RUBY AND BUNDLER
#=================================================
# Restore PostgreSQL database
db_user=$(ynh_sanitize_dbid "$app")
db_name=$(ynh_app_setting_get "$app" db_name)
if [ -z "$db_name" ]; then
db_name="${app}_production"
ynh_app_setting_set "$app" db_name "$db_name"
fi
ynh_install_ruby --ruby_version=2.6.0
/opt/rbenv/versions/2.6.0/bin/gem update --system
#=================================================
# RESTORE THE POSTGRESQL DATABASE
#=================================================
ynh_print_info "Restoring the PostgreSQL database..."
db_pwd=$(ynh_app_setting_get "$app" db_pwd)
ynh_psql_test_if_first_run
ynh_psql_setup_db "$db_user" "$db_name" "$db_pwd"
ynh_psql_create_user "$app" "$db_pwd"
ynh_psql_execute_as_root \
"CREATE DATABASE $db_name ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' template=template0 OWNER $app;"
ynh_psql_execute_file_as_root ./db.sql "$db_name"
#=================================================
# RESTORE SYSTEMD
#=================================================
ynh_print_info "Restoring the systemd configuration..."
ynh_restore_file "/etc/systemd/system/$app-web.service"
ynh_restore_file "/etc/systemd/system/$app-sidekiq.service"
ynh_restore_file "/etc/systemd/system/$app-streaming.service"
systemctl enable "$app-web" "$app-sidekiq" "$app-streaming"
#=================================================
# ADVERTISE SERVICE IN ADMIN PANEL
#=================================================
@ -144,19 +139,31 @@ yunohost service add $app-sidekiq
yunohost service add $app-streaming
#=================================================
# RESTORE SYSTEMD
# RESTORE THE CRON FILE
#=================================================
ynh_restore_file "/etc/systemd/system/$app-web.service"
ynh_restore_file "/etc/systemd/system/$app-sidekiq.service"
ynh_restore_file "/etc/systemd/system/$app-streaming.service"
systemctl enable "$app-web" "$app-sidekiq" "$app-streaming"
ynh_restore_file "/etc/cron.d/$app"
#=================================================
# GENERIC FINALIZATION
#=================================================
# RELOAD NGINX AND PHP-FPM
# START MASTODON SERVICES
#=================================================
ynh_print_info "Starting Mastodon services..."
ynh_systemd_action --action=start --service_name=${app}-web --line_match="Listening on tcp" --log_path=systemd
ynh_systemd_action --action=start --service_name=${app}-sidekiq --line_match="Starting processing" --log_path=systemd
ynh_systemd_action --action=start --service_name=${app}-streaming --line_match="Worker 1 now listening" --log_path=systemd
#=================================================
# RELOAD NGINX
#=================================================
ynh_print_info "Reloading nginx web server..."
systemctl reload nginx
#=================================================
# END OF SCRIPT
#=================================================
systemctl restart "$app-web" "$app-sidekiq" "$app-streaming"
systemctl reload nginx
ynh_print_info "Restoration completed for $app"

333
scripts/upgrade
View file

@ -7,39 +7,52 @@
#=================================================
source _common.sh
source ynh_install_ruby
source ynh_add_secure_repos__3
source ynh_systemd_action
source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
#=================================================
ynh_print_info "Loading installation settings..."
# See comments in install script
app=$YNH_APP_INSTANCE_NAME
db_name=$(ynh_app_setting_get "$app" db_name)
db_pwd=$(ynh_app_setting_get "$app" db_pwd)
# Retrieve app settings
domain=$(ynh_app_setting_get "$app" domain)
path=$(ynh_app_setting_get "$app" path)
admin=$(ynh_app_setting_get "$app" admin)
language=$(ynh_app_setting_get "$app" language)
final_path=$(ynh_app_setting_get "$app" final_path)
path_url="/"
domain=$(ynh_app_setting_get $app domain)
path_url=$(ynh_app_setting_get $app path)
admin=$(ynh_app_setting_get $app admin)
is_public=$(ynh_app_setting_get $app is_public)
final_path=$(ynh_app_setting_get $app final_path)
language=$(ynh_app_setting_get $app language)
db_name=$(ynh_app_setting_get $app db_name)
db_pwd=$(ynh_app_setting_get $app db_pwd)
admin_mail=$(ynh_user_get_info $admin 'mail')
port_web=$(ynh_app_setting_get "$app" port_web)
port_stream=$(ynh_app_setting_get "$app" port_stream)
paperclip_secret=$(ynh_app_setting_get "$app" paperclip_secret)
secret_key_base=$(ynh_app_setting_get "$app" secret_key_base)
otp_secret=$(ynh_app_setting_get "$app" otp_secret)
vapid_private_key=$(ynh_app_setting_get "$app" vapid_private_key)
vapid_public_key=$(ynh_app_setting_get "$app" vapid_public_key)
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
ynh_print_info "Ensuring downward compatibility..."
# If db_name doesn't exist, create it
if [ -z "$db_name" ]; then
if [ -z $db_name ]; then
db_name="${app}_production"
ynh_app_setting_set "$app" db_name "$db_name"
ynh_app_setting_set $app db_name $db_name
fi
# If final_path doesn't exist, create it
if [ -z "$final_path" ]; then
if [ -z $final_path ]; then
final_path=/var/www/$app
ynh_app_setting_set "$app" final_path "$final_path"
ynh_app_setting_set $app final_path $final_path
fi
# Check if admin is not null
@ -48,22 +61,51 @@ if [[ "$admin" = "" || "$language" = "" ]]; then
ynh_die
fi
# If db_pwd doesn't exist, create it
# If db_pwd doesn't exist, create it, need for old install
if [[ -z "$db_pwd" ]]; then
db_pwd=$(ynh_string_random)
ynh_app_setting_set $app db_pwd $db_pwd
ynh_psql_test_if_first_run
sudo --login --user=postgres psql -c"ALTER user $app WITH PASSWORD '$db_pwd'" postgres
sed -i "s@DB_PASS=@DB_PASS=${db_pwd}@g" "${final_path}/live/.env.production"
ynh_replace_string "DB_PASS=" "DB_PASS=${db_pwd}" "${final_path}/live/.env.production"
fi
# If paperclip_secret doesn't exist, retrieve it or create it
if [[ -z "$paperclip_secret" ]]; then
paperclip_secret=$(grep -oP "PAPERCLIP_SECRET=\K\w+" test)
if [[ -z "$paperclip_secret" ]]; then
paperclip_secret=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128)
fi
ynh_app_setting_set "$app" paperclip_secret "$paperclip_secret"
fi
# If secret_key_base doesn't exist, retrieve it or create it
if [[ -z "$secret_key_base" ]]; then
secret_key_base=$(grep -oP "SECRET_KEY_BASE=\K\w+" test)
if [[ -z "$secret_key_base" ]]; then
secret_key_base=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128)
fi
ynh_app_setting_set "$app" secret_key_base "$secret_key_base"
fi
# If otp_secret doesn't exist, retrieve it or create it
if [[ -z "$otp_secret" ]]; then
otp_secret=$(grep -oP "OTP_SECRET=\K\w+" test)
if [[ -z "$otp_secret" ]]; then
otp_secret=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128)
fi
ynh_app_setting_set "$app" otp_secret "$otp_secret"
fi
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
ynh_print_info "Backing up the app before upgrading (may take a while)..."
# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
ynh_clean_check_starting
# restore it if the upgrade fails
ynh_restore_upgradebackup
}
@ -71,143 +113,198 @@ ynh_clean_setup () {
ynh_abort_if_errors
#=================================================
# Remove repo Files
# CHECK THE PATH
#=================================================
if [ "$(lsb_release --codename --short)" == "jessie" ]; then
echo "deb http://httpredir.debian.org/debian jessie-backports main" | tee /etc/apt/sources.list.d/jessie-backports.list
ynh_secure_remove /etc/apt/sources.list.d/backports.list
fi
# Add yarn repo
echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list
#=================================================
# INSTALL DEPENDENCIES
#=================================================
# upgrade Node.js to v8
# TODO: use https://github.com/YunoHost-Apps/Experimental_helpers/blob/master/ynh_install_nodejs/ynh_install_nodejs
pushd /opt
curl -sL https://deb.nodesource.com/setup_8.x | sudo bash -
sudo apt-get -y install nodejs
popd
# add additional package for upgrade
ynh_package_install pkg-config libprotobuf-dev protobuf-compiler libicu-dev libidn11-dev postgresql-server-dev-all
# Normalize the URL path syntax
path_url=$(ynh_normalize_url_path $path_url)
#=================================================
# STANDARD UPGRADE STEPS
#=================================================
# STOP MASTODON SERVICES
#=================================================
ynh_print_info "Stopping Mastodon services..."
# Change owner of live folder
chown -R $app: $final_path/live
ynh_systemd_action --action=stop --service_name=${app}-web --line_match="Stopped" --log_path=systemd
ynh_systemd_action --action=stop --service_name=${app}-sidekiq --line_match="Stopped" --log_path=systemd
ynh_systemd_action --action=stop --service_name=${app}-streaming --line_match="Stopped" --log_path=systemd
# Stop Mastodon Services
#yunohost service stop "$app-web"
#yunohost service stop "$app-sidekiq"
#yunohost service stop "$app-streaming"
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
#=================================================
ynh_print_info "Upgrading source files..."
# Download Mastodon
ynh_setup_source "$final_path/live" "app-mastodon"
mv "$final_path/live" "$final_path/live_back"
ynh_setup_source "$final_path/live"
if [ -z $final_path/live_back/public/system ]; then
rsync -a "$final_path/live_back/public/system" "$final_path/live_back/public/."
fi
rsync -a "$final_path/live_back/.env.production" "$final_path/live/."
rm -Rf "$final_path/live_back"
# Clean un-need Files
# Clean files which are not needed anymore
ynh_secure_remove $final_path/live/config/initializers/timeout.rb
#=================================================
# NGINX CONFIGURATION
#=================================================
ynh_print_info "Upgrading nginx web server configuration..."
# TODO: use official helper ynh_add_nginx_config
# Modify Nginx configuration file and copy it to Nginx conf directory
sed -i "s@__PATH__@$app@g" ../conf/nginx.conf*
sed -i "s@__FINALPATH__@$final_path@g" ../conf/nginx.conf*
cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf
ynh_replace_string "__PORT_WEB__" "$port_web" "../conf/nginx.conf"
ynh_replace_string "__PORT_STREAM__" "$port_stream" "../conf/nginx.conf"
ynh_add_nginx_config
# Upgrade rbenv and ruby plugins
ynh_setup_source "$final_path/.rbenv" "app-rbenv"
ynh_setup_source "$final_path/.rbenv/plugins/ruby-build" "app-ruby-build"
#=================================================
# UPGRADE DEPENDENCIES
#=================================================
ynh_print_info "Upgrading dependencies..."
# Install ruby 2.5.1
(
exec_as "$app" $final_path/.rbenv/bin/rbenv install -s 2.5.1 || true
exec_as "$app" $final_path/.rbenv/bin/rbenv global 2.5.1 || true
exec_as "$app" $final_path/.rbenv/versions/2.5.1/bin/ruby -v
)
# Create symlink for ruby
rm /usr/bin/ruby || true
ln -s $final_path/.rbenv/versions/2.5.1/bin/ruby /usr/bin/ruby || true
# Preconfig CSS & JS
# Install Mastodon
(
sudo su - $app <<MCOMMANDS
pushd ~/live
$final_path/.rbenv/versions/2.5.1/bin/gem install bundler
# Install extra_repo debian package backports & yarn
if [ "$(lsb_release --codename --short)" == "jessie" ]; then
$final_path/.rbenv/versions/2.5.1/bin/bundle install --deployment --without development test
else
$final_path/.rbenv/versions/2.5.1/bin/bundle install --deployment --force --without development test
ynh_install_extra_repo --repo="deb http://httpredir.debian.org/debian jessie-backports main" --append
fi
yarn install --pure-lockfile
MCOMMANDS
)
ynh_install_extra_repo --repo="deb https://dl.yarnpkg.com/debian/ stable main" --key="https://dl.yarnpkg.com/debian/pubkey.gpg" --append
# Install package with yarn and restart postgresql
pushd $final_path/live
yarn install --pure-lockfile
systemctl restart postgresql
# Install nodejs
ynh_install_nodejs 8
# TODO: use the same mecanism with other files
ynh_install_app_dependencies $pkg_dependencies
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_print_info "Making sure dedicated system user exists..."
# Create a dedicated user (if not existing)
ynh_system_user_create $app
#=================================================
# SPECIFIC UPGRADE
#=================================================
# INSTALLING RUBY AND BUNDLER
#=================================================
ynh_install_ruby --ruby_version=2.6.0
/opt/rbenv/versions/2.6.0/bin/gem update --system
#/opt/rbenv/versions/2.6.0/bin/gem install bundler
#=================================================
# MODIFY A CONFIG FILE
#=================================================
cp -f ../conf/.env.production.sample "$final_path/live/.env.production"
ynh_replace_string "__DB_USER__" "$app" "$final_path/live/.env.production"
ynh_replace_string "__DB_NAME__" "$db_name" "$final_path/live/.env.production"
ynh_replace_string "__DB_PWD__" "$db_pwd" "$final_path/live/.env.production"
ynh_replace_string "__DOMAIN__" "$domain" "$final_path/live/.env.production"
ynh_replace_string "__SMTP_FROM_ADDRESS__" "$admin_mail" "${final_path}/live/.env.production"
language="$(echo $language | head -c 2)"
ynh_replace_string "__LANGUAGE__" "$language" "$final_path/live/.env.production"
ynh_replace_string "PAPERCLIP_SECRET=" "PAPERCLIP_SECRET=$paperclip_secret" "${final_path}/live/.env.production"
ynh_replace_string "__SECRET_KEY_BASE__" "$secret_key_base" "$final_path/live/.env.production"
ynh_replace_string "__OTP_SECRET__" "$otp_secret" "$final_path/live/.env.production"
#=================================================
# UPGRADE MASTODON
#=================================================
ynh_print_info "Upgrading Mastodon..."
chown -R "$app": "$final_path"
pushd "$final_path/live"
ynh_use_nodejs
if [ "$(lsb_release --codename --short)" == "jessie" ]; then
sudo -u "$app" env PATH=$PATH /opt/rbenv/versions/2.6.0/bin/bundle install --deployment --without development test
else
sudo -u "$app" env PATH=$PATH /opt/rbenv/versions/2.6.0/bin/bundle install --deployment --force --without development test
fi
sudo -u "$app" env PATH=$PATH yarn install --pure-lockfile
sudo -u "$app" env PATH=$PATH RAILS_ENV=production /opt/rbenv/versions/2.6.0/bin/bundle exec rails assets:clean
sudo -u "$app" env PATH=$PATH RAILS_ENV=production /opt/rbenv/versions/2.6.0/bin/bundle exec rails assets:precompile
sudo -u "$app" env PATH=$PATH RAILS_ENV=production /opt/rbenv/versions/2.6.0/bin/bundle exec rails db:migrate
popd
# Apply Mastodon upgrade
(
pushd $final_path/live
RAILS_ENV=production $final_path/.rbenv/versions/2.5.1/bin/bundle exec rails assets:clean
RAILS_ENV=production $final_path/.rbenv/versions/2.5.1/bin/bundle exec rails assets:precompile
popd
# If vapid_private_key doesn't exist, retrieve it or create it
if [[ -z "$vapid_private_key" ]]; then
sudo -u "$app" env PATH=$PATH RAILS_ENV=production /opt/rbenv/versions/2.6.0/bin/bundle exec rake mastodon:webpush:generate_vapid_key > key.txt
vapid_private_key=$(grep -oP "VAPID_PRIVATE_KEY=\K\w+" "$final_path/live/key.txt")
vapid_public_key=$(grep -oP "VAPID_PUBLIC_KEY=\K\w+" "$final_path/live/key.txt")
ynh_app_setting_set "$app" vapid_private_key "$vapid_private_key"
ynh_app_setting_set "$app" vapid_public_key "$vapid_public_key"
ynh_secure_remove "$final_path/live/key.txt"
fi
sudo su - $app <<COMMANDS
pushd ~/live
SKIP_POST_DEPLOYMENT_MIGRATIONS=true RAILS_ENV=production $final_path/.rbenv/versions/2.5.1/bin/bundle exec rails db:migrate
COMMANDS
)
#=================================================
# RESTART MASTODON
#=================================================
yunohost service stop "$app-web"
yunohost service stop "$app-sidekiq"
yunohost service stop "$app-streaming"
yunohost service start "$app-web"
yunohost service start "$app-sidekiq"
yunohost service start "$app-streaming"
# Waiting start all services
sleep 30
#=================================================
# DB:Migrate after restart 2.5.0
#=================================================
sudo su - $app <<COMMANDS
pushd ~/live
RAILS_ENV=production $final_path/.rbenv/versions/2.5.1/bin/bundle exec rails db:migrate
COMMANDS
# Recalculate and store the checksum of the file for the next upgrade.
ynh_store_file_checksum "${final_path}/live/.env.production"
#=================================================
# RELOAD NGINX
# SETUP CRON JOB FOR REMOVING CACHE
#=================================================
ynh_print_info "Setuping a cron job for removing cache..."
ynh_replace_string "__FINAL_PATH__" "$final_path" ../conf/cron
ynh_replace_string "__USER__" "$app" ../conf/cron
sudo cp -f ../conf/cron /etc/cron.d/$app
#=================================================
# SETUP SYSTEMD
#=================================================
ynh_print_info "Upgrading systemd configuration..."
# Create a dedicated systemd config
ynh_replace_string "__PORT_WEB__" "$port_web" "../conf/mastodon-web.service"
ynh_replace_string "__PORT_STREAM__" "$port_stream" "../conf/mastodon-streaming.service"
ynh_replace_string "__NODEJS_PATH__" "$nodejs_path" "../conf/mastodon-streaming.service"
ynh_add_systemd_config "$app-web" "mastodon-web.service"
ynh_add_systemd_config "$app-sidekiq" "mastodon-sidekiq.service"
ynh_add_systemd_config "$app-streaming" "mastodon-streaming.service"
#=================================================
# START MASTODON SERVICES
#=================================================
ynh_print_info "Starting Mastodon services..."
ynh_systemd_action --action=start --service_name=${app}-web --line_match="Listening on tcp" --log_path=systemd
ynh_systemd_action --action=start --service_name=${app}-sidekiq --line_match="Starting processing" --log_path=systemd
ynh_systemd_action --action=start --service_name=${app}-streaming --line_match="Worker 1 now listening" --log_path=systemd
#=================================================
# GENERIC FINALIZATION
#=================================================
# SECURE FILES AND DIRECTORIES
#=================================================
systemctl reload nginx
# Set permissions on app files
chown -R $app: $final_path
#=================================================
# SETUP SSOWAT
#=================================================
ynh_print_info "Upgrading SSOwat configuration..."
ynh_app_setting_set "$app" unprotected_uris "/"
# Make app public if necessary
if [ $is_public -eq 1 ]
then
# unprotected_uris allows SSO credentials to be passed anyway
ynh_app_setting_set $app unprotected_uris "/"
fi
#=================================================
# RELOAD ssowatconf
# RELOAD NGINX
#=================================================
ynh_print_info "Reloading nginx web server..."
systemctl reload nginx
#=================================================
# END OF SCRIPT
#=================================================
sudo yunohost app ssowatconf
ynh_print_info "Upgrade of $app completed"

294
scripts/ynh_add_secure_repos__3 Normal file
View file

@ -0,0 +1,294 @@
#!/bin/bash
# Pin a repository.
#
# usage: ynh_pin_repo --package=packages --pin=pin_filter [--priority=priority_value] [--name=name] [--append]
# | arg: -p, --package - Packages concerned by the pin. Or all, *.
# | arg: -i, --pin - Filter for the pin.
# | arg: -p, --priority - Priority for the pin
# | arg: -n, --name - Name for the files for this repo, $app as default value.
# | arg: -a, --append - Do not overwrite existing files.
#
# See https://manpages.debian.org/stretch/apt/apt_preferences.5.en.html for information about pinning.
#
ynh_pin_repo () {
# Declare an array to define the options of this helper.
local legacy_args=pirna
declare -Ar args_array=( [p]=package= [i]=pin= [r]=priority= [n]=name= [a]=append )
local package
local pin
local priority
local name
local append
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
package="${package:-*}"
priority=${priority:-50}
name="${name:-$app}"
append=${append:-0}
if [ $append -eq 1 ]
then
append="tee -a"
else
append="tee"
fi
mkdir -p "/etc/apt/preferences.d"
echo "Package: $package
Pin: $pin
Pin-Priority: $priority" \
| $append "/etc/apt/preferences.d/$name"
}
# Add a repository.
#
# usage: ynh_add_repo --uri=uri --suite=suite --component=component [--name=name] [--append]
# | arg: -u, --uri - Uri of the repository.
# | arg: -s, --suite - Suite of the repository.
# | arg: -c, --component - Component of the repository.
# | arg: -n, --name - Name for the files for this repo, $app as default value.
# | arg: -a, --append - Do not overwrite existing files.
#
# Example for a repo like deb http://forge.yunohost.org/debian/ stretch stable
# uri suite component
# ynh_add_repo --uri=http://forge.yunohost.org/debian/ --suite=stretch --component=stable
#
ynh_add_repo () {
# Declare an array to define the options of this helper.
local legacy_args=uscna
declare -Ar args_array=( [u]=uri= [s]=suite= [c]=component= [n]=name= [a]=append )
local uri
local suite
local component
local name
local append
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
name="${name:-$app}"
append=${append:-0}
if [ $append -eq 1 ]
then
append="tee -a"
else
append="tee"
fi
mkdir -p "/etc/apt/sources.list.d"
# Add the new repo in sources.list.d
echo "deb $uri $suite $component" \
| $append "/etc/apt/sources.list.d/$name.list"
}
# Add an extra repository correctly, pin it and get the key.
#
# usage: ynh_install_extra_repo --repo="repo" [--key=key_url] [--priority=priority_value] [--name=name] [--append]
# | arg: -r, --repo - Complete url of the extra repository.
# | arg: -k, --key - url to get the public key.
# | arg: -p, --priority - Priority for the pin
# | arg: -n, --name - Name for the files for this repo, $app as default value.
# | arg: -a, --append - Do not overwrite existing files.
ynh_install_extra_repo () {
# Declare an array to define the options of this helper.
local legacy_args=rkpna
declare -Ar args_array=( [r]=repo= [k]=key= [p]=priority= [n]=name= [a]=append )
local repo
local key
local priority
local name
local append
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
name="${name:-$app}"
append=${append:-0}
key=${key:-0}
priority=${priority:-}
if [ $append -eq 1 ]
then
append="--append"
wget_append="tee -a"
else
append=""
wget_append="tee"
fi
# Split the repository into uri, suite and components.
# Remove "deb " at the beginning of the repo.
repo="${repo#deb }"
# Get the uri
local uri="$(echo "$repo" | awk '{ print $1 }')"
# Get the suite
local suite="$(echo "$repo" | awk '{ print $2 }')"
# Get the components
local component="${repo##$uri $suite }"
# Add the repository into sources.list.d
ynh_add_repo --uri="$uri" --suite="$suite" --component="$component" --name="$name" $append
# Pin the new repo with the default priority, so it won't be used for upgrades.
# Build $pin from the uri without http and any sub path
local pin="${uri#*://}"
pin="${pin%%/*}"
# Set a priority only if asked
if [ -n "$priority" ]
then
priority="--priority=$priority"
fi
ynh_pin_repo --package="*" --pin="origin \"$pin\"" $priority --name="$name" $append
# Get the public key for the repo
if [ -n "$key" ]
then
mkdir -p "/etc/apt/trusted.gpg.d"
wget -q "$key" -O - | gpg --dearmor | $wget_append /etc/apt/trusted.gpg.d/$name.gpg > /dev/null
fi
# Update the list of package with the new repo
ynh_package_update
}
# Remove an extra repository and the assiociated configuration.
#
# usage: ynh_remove_extra_repo [--name=name]
# | arg: -n, --name - Name for the files for this repo, $app as default value.
ynh_remove_extra_repo () {
# Declare an array to define the options of this helper.
local legacy_args=n
declare -Ar args_array=( [n]=name= )
local name
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
name="${name:-$app}"
ynh_secure_remove "/etc/apt/sources.list.d/$name.list"
ynh_secure_remove "/etc/apt/preferences.d/$name"
ynh_secure_remove "/etc/apt/trusted.gpg.d/$name.gpg"
ynh_secure_remove "/etc/apt/trusted.gpg.d/$name.asc"
# Update the list of package to exclude the old repo
ynh_package_update
}
# Install packages from an extra repository properly.
#
# usage: ynh_install_extra_app_dependencies --repo="repo" --package="dep1 dep2" [--key=key_url] [--name=name]
# | arg: -r, --repo - Complete url of the extra repository.
# | arg: -p, --package - The packages to install from this extra repository
# | arg: -k, --key - url to get the public key.
# | arg: -n, --name - Name for the files for this repo, $app as default value.
ynh_install_extra_app_dependencies () {
# Declare an array to define the options of this helper.
local legacy_args=rpkn
declare -Ar args_array=( [r]=repo= [p]=package= [k]=key= [n]=name= )
local repo
local package
local key
local name
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
name="${name:-$app}"
key=${key:-0}
# Set a key only if asked
if [ -n "$key" ]
then
key="--key=$key"
fi
# Add an extra repository for those packages
ynh_install_extra_repo --repo="$repo" $key --priority=995 --name=$name
# Install requested dependencies from this extra repository.
ynh_add_app_dependencies --package="$package"
# Remove this extra repository after packages are installed
ynh_remove_extra_repo --name=$app
}
#=================================================
# patched version of ynh_install_app_dependencies to be used with ynh_add_app_dependencies
# Define and install dependencies with a equivs control file
# This helper can/should only be called once per app
#
# usage: ynh_install_app_dependencies dep [dep [...]]
# | arg: dep - the package name to install in dependence
# You can give a choice between some package with this syntax : "dep1|dep2"
# Example : ynh_install_app_dependencies dep1 dep2 "dep3|dep4|dep5"
# This mean in the dependence tree : dep1 & dep2 & (dep3 | dep4 | dep5)
#
# Requires YunoHost version 2.6.4 or higher.
ynh_install_app_dependencies () {
local dependencies=$@
dependencies="$(echo "$dependencies" | sed 's/\([^\<=\>]\)\ \([^(]\)/\1, \2/g')"
dependencies=${dependencies//|/ | }
local manifest_path="../manifest.json"
if [ ! -e "$manifest_path" ]; then
manifest_path="../settings/manifest.json" # Into the restore script, the manifest is not at the same place
fi
local version=$(grep '\"version\": ' "$manifest_path" | cut -d '"' -f 4) # Retrieve the version number in the manifest file.
if [ ${#version} -eq 0 ]; then
version="1.0"
fi
local dep_app=${app//_/-} # Replace all '_' by '-'
# Handle specific versions
if [[ "$dependencies" =~ [\<=\>] ]]
then
# Replace version specifications by relationships syntax
# https://www.debian.org/doc/debian-policy/ch-relationships.html
# Sed clarification
# [^(\<=\>] ignore if it begins by ( or < = >. To not apply twice.
# [\<=\>] matches < = or >
# \+ matches one or more occurence of the previous characters, for >= or >>.
# [^,]\+ matches all characters except ','
# Ex: package>=1.0 will be replaced by package (>= 1.0)
dependencies="$(echo "$dependencies" | sed 's/\([^(\<=\>]\)\([\<=\>]\+\)\([^,]\+\)/\1 (\2 \3)/g')"
fi
cat > /tmp/${dep_app}-ynh-deps.control << EOF # Make a control file for equivs-build
Section: misc
Priority: optional
Package: ${dep_app}-ynh-deps
Version: ${version}
Depends: ${dependencies}
Architecture: all
Description: Fake package for $app (YunoHost app) dependencies
This meta-package is only responsible of installing its dependencies.
EOF
ynh_package_install_from_equivs /tmp/${dep_app}-ynh-deps.control \
|| ynh_die --message="Unable to install dependencies" # Install the fake package and its dependencies
rm /tmp/${dep_app}-ynh-deps.control
ynh_app_setting_set --app=$app --key=apt_dependencies --value="$dependencies"
}
ynh_add_app_dependencies () {
# Declare an array to define the options of this helper.
local legacy_args=pr
declare -Ar args_array=( [p]=package= [r]=replace)
local package
local replace
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
replace=${replace:-0}
local current_dependencies=""
if [ $replace -eq 0 ]
then
local dep_app=${app//_/-} # Replace all '_' by '-'
if ynh_package_is_installed --package="${dep_app}-ynh-deps"
then
current_dependencies="$(dpkg-query --show --showformat='${Depends}' ${dep_app}-ynh-deps) "
fi
current_dependencies=${current_dependencies// | /|}
fi
ynh_install_app_dependencies "${current_dependencies}${package}"
}

140
scripts/ynh_install_ruby Normal file
View file

@ -0,0 +1,140 @@
#!/bin/bash
# Need also the helper https://github.com/YunoHost-Apps/Experimental_helpers/blob/master/ynh_handle_getopts_args/ynh_handle_getopts_args
rbenv_install_dir="/opt/rbenv"
# RBENV_ROOT is the directory of rbenv, it needs to be loaded as a environment variable.
export RBENV_ROOT="$rbenv_install_dir"
# Install ruby version management
#
# [internal]
#
# usage: ynh_install_rbenv
ynh_install_rbenv () {
echo "Installation of rbenv - ruby version management" >&2
# Build an app.src for rbenv
mkdir -p "../conf"
echo "SOURCE_URL=https://github.com/rbenv/rbenv/archive/v1.1.1.tar.gz
SOURCE_SUM=41f1a60714c55eceb21d692a469aee1ec4f46bba351d0dfcb0c660ff9cf1a1c9" > "../conf/rbenv.src"
# Download and extract rbenv
ynh_setup_source "$rbenv_install_dir" rbenv
# Build an app.src for ruby-build
mkdir -p "../conf"
echo "SOURCE_URL=https://github.com/rbenv/ruby-build/archive/v20190314.tar.gz
SOURCE_SUM=2cc0f9fdb232042e71edad93a5c3ae108bcd090ea0b6db4e5bb6325547e07968" > "../conf/ruby-build.src"
# Download and extract ruby-build
ynh_setup_source "$rbenv_install_dir/plugins/ruby-build" ruby-build
(cd $rbenv_install_dir
./src/configure && make -C src)
# Create shims directory if needed
if [ ! -d $rbenv_install_dir/shims ] ; then
mkdir $rbenv_install_dir/shims
fi
}
# Install a specific version of ruby
#
# ynh_install_ruby will install the version of ruby provided as argument by using rbenv.
#
# rbenv (ruby version management) stores the target ruby version in a .ruby_version file created in the target folder (using rbenv local <version>)
# It then uses that information for every ruby user that uses rbenv provided ruby command
#
# This helper creates a /etc/profile.d/rbenv.sh that configures PATH environment for rbenv
# for every LOGIN user, hence your user must have a defined shell (as opposed to /usr/sbin/nologin)
#
# Don't forget to execute ruby-dependent command in a login environment
# (e.g. sudo --login option)
# When not possible (e.g. in systemd service definition), please use direct path
# to rbenv shims (e.g. $RBENV_ROOT/shims/bundle)
#
# usage: ynh_install_ruby ruby_version user
# | arg: -v, --ruby_version= - Version of ruby to install.
# If possible, prefer to use major version number (e.g. 8 instead of 8.10.0).
# The crontab will handle the update of minor versions when needed.
ynh_install_ruby () {
# Declare an array to define the options of this helper.
declare -Ar args_array=( [v]=ruby_version= )
# Use rbenv, https://github.com/rbenv/rbenv to manage the ruby versions
local ruby_version
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
# Create $rbenv_install_dir
mkdir -p "$rbenv_install_dir/plugins/ruby-build"
# Load rbenv path in PATH
CLEAR_PATH="$rbenv_install_dir/bin:$PATH"
# Remove /usr/local/bin in PATH in case of ruby prior installation
PATH=$(echo $CLEAR_PATH | sed 's@/usr/local/bin:@@')
# Move an existing ruby binary, to avoid to block rbenv
test -x /usr/bin/ruby && mv /usr/bin/ruby /usr/bin/ruby_rbenv
# If rbenv is not previously setup, install it
if ! type rbenv > /dev/null 2>&1
then
ynh_install_rbenv
fi
# Restore /usr/local/bin in PATH (if needed)
PATH=$CLEAR_PATH
# And replace the old ruby binary
test -x /usr/bin/ruby_rbenv && mv /usr/bin/ruby_rbenv /usr/bin/ruby
# Install the requested version of ruby
CONFIGURE_OPTS="--disable-install-doc" MAKE_OPTS="-j2" rbenv install --skip-existing $ruby_version
# Store the ID of this app and the version of ruby requested for it
echo "$YNH_APP_ID:$ruby_version" | tee --append "$rbenv_install_dir/ynh_app_version"
# Store ruby_version into the config of this app
ynh_app_setting_set $app ruby_version $ruby_version
# Set environment for ruby users
echo "#rbenv
export RBENV_ROOT=$rbenv_install_dir
export PATH=\"$rbenv_install_dir/bin:$PATH\"
eval \"\$(rbenv init -)\"
#rbenv" > /etc/profile.d/rbenv.sh
# Load the right environment for the Installation
eval "$(rbenv init -)"
(cd $final_path
rbenv local $ruby_version)
}
# Remove the version of ruby used by the app.
#
# This helper will check if another app uses the same version of ruby,
# if not, this version of ruby will be removed.
# If no other app uses ruby, rbenv will be also removed.
#
# usage: ynh_remove_ruby
ynh_remove_ruby () {
ruby_version=$(ynh_app_setting_get $app ruby_version)
# Remove the line for this app
sed --in-place "/$YNH_APP_ID:$ruby_version/d" "$rbenv_install_dir/ynh_app_version"
# If no other app uses this version of ruby, remove it.
if ! grep --quiet "$ruby_version" "$rbenv_install_dir/ynh_app_version"
then
$rbenv_install_dir/bin/rbenv uninstall --force $ruby_version
fi
# Remove rbenv environment configuration
rm /etc/profile.d/rbenv.sh
# If no other app uses rbenv, remove rbenv and dedicated group
if [ ! -s "$rbenv_install_dir/ynh_app_version" ]
then
ynh_secure_remove "$rbenv_install_dir"
fi
}

89
scripts/ynh_systemd_action Normal file
View file

@ -0,0 +1,89 @@
#!/bin/bash
# Start (or other actions) a service, print a log in case of failure and optionnaly wait until the service is completely started
#
# usage: ynh_systemd_action [-n service_name] [-a action] [ [-l "line to match"] [-p log_path] [-t timeout] [-e length] ]
# | arg: -n, --service_name= - Name of the service to reload. Default : $app
# | arg: -a, --action= - Action to perform with systemctl. Default: start
# | arg: -l, --line_match= - Line to match - The line to find in the log to attest the service have finished to boot.
# If not defined it don't wait until the service is completely started.
# | arg: -p, --log_path= - Log file - Path to the log file. Default : /var/log/$app/$app.log
# | arg: -t, --timeout= - Timeout - The maximum time to wait before ending the watching. Default : 300 seconds.
# | arg: -e, --length= - Length of the error log : Default : 20
ynh_systemd_action() {
# Declare an array to define the options of this helper.
declare -Ar args_array=( [n]=service_name= [a]=action= [l]=line_match= [p]=log_path= [t]=timeout= [e]=length= )
local service_name
local action
local line_match
local length
local log_path
local timeout
# Manage arguments with getopts
ynh_handle_getopts_args "$@"
local service_name="${service_name:-$app}"
local action=${action:-start}
local log_path="${log_path:-/var/log/$service_name/$service_name.log}"
local length=${length:-20}
local timeout=${timeout:-300}
# Start to read the log
if [[ -n "${line_match:-}" ]]
then
local templog="$(mktemp)"
# Following the starting of the app in its log
if [ "$log_path" == "systemd" ] ; then
# Read the systemd journal
journalctl -u $service_name -f --since=-45 > "$templog" &
else
# Read the specified log file
tail -F -n0 "$log_path" > "$templog" &
fi
# Get the PID of the tail command
local pid_tail=$!
fi
echo "${action^} the service $service_name" >&2
systemctl $action $service_name \
|| ( journalctl --lines=$length -u $service_name >&2 \
; test -n "$log_path" && echo "--" && tail --lines=$length "$log_path" >&2 \
; false )
# Start the timeout and try to find line_match
if [[ -n "${line_match:-}" ]]
then
local i=0
for i in $(seq 1 $timeout)
do
# Read the log until the sentence is found, that means the app finished to start. Or run until the timeout
if grep --quiet "$line_match" "$templog"
then
echo "The service $service_name has correctly started." >&2
break
fi
echo -n "." >&2
sleep 1
done
if [ $i -eq $timeout ]
then
echo "The service $service_name didn't fully started before the timeout." >&2
journalctl --lines=$length -u $service_name >&2
test -n "$log_path" && echo "--" && tail --lines=$length "$log_path" >&2
fi
echo ""
ynh_clean_check_starting
fi
}
# Clean temporary process and file used by ynh_check_starting
# (usually used in ynh_clean_setup scripts)
#
# usage: ynh_clean_check_starting
ynh_clean_check_starting () {
# Stop the execution of tail.
kill -s 15 $pid_tail 2>&1
ynh_secure_remove "$templog" 2>&1
}