mirror of
https://github.com/YunoHost-Apps/glitchsoc_ynh.git
synced 2024-09-03 19:15:59 +02:00
commit
325f6befc0
12 changed files with 107 additions and 91 deletions
11
README.md
11
README.md
|
@ -15,9 +15,10 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in
|
||||||
|
|
||||||
## Overview
|
## Overview
|
||||||
|
|
||||||
Libre and federated social network, fork of Mastodon
|
Glitch-Soc, a fork of Mastodon, is a free, open-source microblogging social network. It is a decentralized alternative to commercial platforms like Twitter and avoids the risks of a single company monopolizing your communication for commercial purposes.
|
||||||
|
|
||||||
**Shipped version:** 2022.01.10~ynh1
|
|
||||||
|
**Shipped version:** 2022.01.10~ynh2
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
@ -27,10 +28,10 @@ Glitch-Soc is beta software, and under active development. Use at your own risk!
|
||||||
|
|
||||||
* This app require a dedicated domain or subdomain.
|
* This app require a dedicated domain or subdomain.
|
||||||
* The user choosen during the installation is created in Glitch-Soc with admin rights.
|
* The user choosen during the installation is created in Glitch-Soc with admin rights.
|
||||||
* LDAP authentication is activated. All YunoHost users can authenticate.
|
|
||||||
* Single sign-on doesn't work.
|
|
||||||
|
|
||||||
It seems important to close the inscriptions for your Glitch-Soc, so that it remains a private body. We invite you to block remote malicious instances from the administration interface. You can also add text on your home page.
|
LDAP authentication and SSO are activated. All YunoHost users can authenticate. Log-out from YunoHost's portal doesn't log-out from Glitch-Soc. See https://github.com/YunoHost/issues/issues/501
|
||||||
|
|
||||||
|
We invite you to block remote malicious instances from the administration interface. You can also add text on your home page.
|
||||||
|
|
||||||
## Documentation and resources
|
## Documentation and resources
|
||||||
|
|
||||||
|
|
17
README_fr.md
17
README_fr.md
|
@ -11,22 +11,23 @@ Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour
|
||||||
|
|
||||||
## Vue d'ensemble
|
## Vue d'ensemble
|
||||||
|
|
||||||
Réseau social libre et fédéré, scission de Mastodon
|
Glitch-Soc, une scission de Mastodon, est un réseau social de microblog auto-hébergé et open source. C'est une alternative décentralisée aux plates-formes commerciales comme Twitter. Glitch-Soc évite ainsi les risques qu'une seule société monopolise votre communication à des fins commerciales.
|
||||||
|
|
||||||
**Version incluse :** 2022.01.10~ynh1
|
|
||||||
|
**Version incluse :** 2022.01.10~ynh2
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
## Avertissements / informations importantes
|
## Avertissements / informations importantes
|
||||||
|
|
||||||
Glitch-Soc is beta software, and under active development. Use at your own risk!
|
Glitch-Soc est en constant développement, fournis avec les dernières fonctionnalités (incluant les derniers bugs).
|
||||||
|
|
||||||
* This app require a dedicated domain or subdomain.
|
* L'application a besoin d'un domaine dédié.
|
||||||
* The user choosen during the installation is created in Glitch-Soc with admin rights.
|
* L'utilisateur⋅ice choisi⋅es lors de l'installation sera administrateur⋅ice de l'instance. Il est possible d'en ajouter d'autre depuis l'application.
|
||||||
* LDAP authentication is activated. All YunoHost users can authenticate.
|
|
||||||
* Single sign-on doesn't work.
|
|
||||||
|
|
||||||
It seems important to close the inscriptions for your Glitch-Soc, so that it remains a private body. We invite you to block remote malicious instances from the administration interface. You can also add text on your home page.
|
L'authentification par LDAP et le Single-Sign-On sont activés pour les utilisateur⋅ices YunoHost. Se déconnecter depuis le portail YunoHost ne vous déconnecte pas de Glitch-Soc. Voir https://github.com/YunoHost/issues/issues/501
|
||||||
|
|
||||||
|
Nous vous invitons à bloquer les instances malveillantes depuis l'interface d'administration. Vous pouvez également ajouter du texte sur votre page d'accueil.
|
||||||
|
|
||||||
## Documentations et ressources
|
## Documentations et ressources
|
||||||
|
|
||||||
|
|
|
@ -1,72 +0,0 @@
|
||||||
#!/usr/bin/env ruby
|
|
||||||
|
|
||||||
# [For package maintainers]
|
|
||||||
# Edit the conf/app.src files with the latest commit
|
|
||||||
#
|
|
||||||
# Usage:
|
|
||||||
# ./bump-version.rb
|
|
||||||
|
|
||||||
require 'digest'
|
|
||||||
require 'json'
|
|
||||||
require 'open-uri'
|
|
||||||
|
|
||||||
module Yunohost
|
|
||||||
class AppSrcFile
|
|
||||||
def initialize(path = 'conf/app.src')
|
|
||||||
@path = path
|
|
||||||
end
|
|
||||||
|
|
||||||
def update(url, sum)
|
|
||||||
src = File.read(@path)
|
|
||||||
replace_src_setting!(src, 'SOURCE_URL', url)
|
|
||||||
replace_src_setting!(src, 'SOURCE_SUM', sum)
|
|
||||||
replace_src_setting!(src, 'SOURCE_FILENAME', File.basename(URI.parse(url).path))
|
|
||||||
File.write(@path, src)
|
|
||||||
end
|
|
||||||
|
|
||||||
private
|
|
||||||
|
|
||||||
def replace_src_setting!(str, setting, value)
|
|
||||||
str.gsub!(/^#{setting}=.*$/, "#{setting}=#{value}")
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
class ManifestFile
|
|
||||||
def initialize(path = 'manifest.json')
|
|
||||||
@path = path
|
|
||||||
end
|
|
||||||
|
|
||||||
def update_with_version(version)
|
|
||||||
manifest_file = File.read(@path)
|
|
||||||
manifest = JSON.parse(manifest_file)
|
|
||||||
|
|
||||||
if manifest['version'].start_with? version
|
|
||||||
i = manifest['version'].scan(/~ynh(\d)/).flatten.first.to_i + 1
|
|
||||||
manifest['version'] = "#{version}~ynh#{i}"
|
|
||||||
else
|
|
||||||
manifest['version'] = "#{version}~ynh1"
|
|
||||||
end
|
|
||||||
|
|
||||||
manifest_file = JSON.pretty_generate(manifest, indent: ' ') + "\n"
|
|
||||||
File.write(@path, manifest_file)
|
|
||||||
end
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
github = JSON.parse(URI.parse('https://api.github.com/repos/glitch-soc/mastodon/branches/main').read)
|
|
||||||
last_commit = github["commit"]["sha"]
|
|
||||||
version = Date.parse(github["commit"]["commit"]["author"]["date"]).to_s.gsub '-', '.'
|
|
||||||
|
|
||||||
url = "https://github.com/glitch-soc/mastodon/archive/#{last_commit}.tar.gz"
|
|
||||||
|
|
||||||
puts "Downloading last commit at #{url}"
|
|
||||||
release_file = URI.parse(url).read
|
|
||||||
sum = Digest::SHA256.hexdigest(release_file)
|
|
||||||
|
|
||||||
# Update source file
|
|
||||||
Yunohost::AppSrcFile.new().update(url, sum)
|
|
||||||
|
|
||||||
# Update manifest file
|
|
||||||
Yunohost::ManifestFile.new().update_with_version(version)
|
|
||||||
|
|
||||||
puts "Done!"
|
|
|
@ -12,9 +12,13 @@
|
||||||
setup_private=1
|
setup_private=1
|
||||||
setup_public=1
|
setup_public=1
|
||||||
upgrade=1
|
upgrade=1
|
||||||
|
# 2022.01.10~ynh1
|
||||||
|
upgrade=1 from_commit=9fb00be10143ee57685d4c84b21029921b33e159
|
||||||
backup_restore=1
|
backup_restore=1
|
||||||
multi_instance=0
|
multi_instance=0
|
||||||
port_already_use=0
|
port_already_use=0
|
||||||
change_url=0
|
change_url=0
|
||||||
;;; Options
|
;;; Options
|
||||||
;;; Upgrade options
|
;;; Upgrade options
|
||||||
|
; commit=efbdbb05350b820c6e59a7bbbf70f57cf679fff8
|
||||||
|
name=2022.01.10~ynh1
|
||||||
|
|
1
doc/DESCRIPTION.md
Normal file
1
doc/DESCRIPTION.md
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Glitch-Soc, a fork of Mastodon, is a free, open-source microblogging social network. It is a decentralized alternative to commercial platforms like Twitter and avoids the risks of a single company monopolizing your communication for commercial purposes.
|
1
doc/DESCRIPTION_fr.md
Normal file
1
doc/DESCRIPTION_fr.md
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Glitch-Soc, une scission de Mastodon, est un réseau social de microblog auto-hébergé et open source. C'est une alternative décentralisée aux plates-formes commerciales comme Twitter. Glitch-Soc évite ainsi les risques qu'une seule société monopolise votre communication à des fins commerciales.
|
|
@ -2,7 +2,7 @@ Glitch-Soc is beta software, and under active development. Use at your own risk!
|
||||||
|
|
||||||
* This app require a dedicated domain or subdomain.
|
* This app require a dedicated domain or subdomain.
|
||||||
* The user choosen during the installation is created in Glitch-Soc with admin rights.
|
* The user choosen during the installation is created in Glitch-Soc with admin rights.
|
||||||
* LDAP authentication is activated. All YunoHost users can authenticate.
|
|
||||||
* Single sign-on doesn't work.
|
|
||||||
|
|
||||||
It seems important to close the inscriptions for your Glitch-Soc, so that it remains a private body. We invite you to block remote malicious instances from the administration interface. You can also add text on your home page.
|
LDAP authentication and SSO are activated. All YunoHost users can authenticate. Log-out from YunoHost's portal doesn't log-out from Glitch-Soc. See https://github.com/YunoHost/issues/issues/501
|
||||||
|
|
||||||
|
We invite you to block remote malicious instances from the administration interface. You can also add text on your home page.
|
||||||
|
|
8
doc/DISCLAIMER_fr.md
Normal file
8
doc/DISCLAIMER_fr.md
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
Glitch-Soc est en constant développement, fournis avec les dernières fonctionnalités (incluant les derniers bugs).
|
||||||
|
|
||||||
|
* L'application a besoin d'un domaine dédié.
|
||||||
|
* L'utilisateur⋅ice choisi⋅es lors de l'installation sera administrateur⋅ice de l'instance. Il est possible d'en ajouter d'autre depuis l'application.
|
||||||
|
|
||||||
|
L'authentification par LDAP et le Single-Sign-On sont activés pour les utilisateur⋅ices YunoHost. Se déconnecter depuis le portail YunoHost ne vous déconnecte pas de Glitch-Soc. Voir https://github.com/YunoHost/issues/issues/501
|
||||||
|
|
||||||
|
Nous vous invitons à bloquer les instances malveillantes depuis l'interface d'administration. Vous pouvez également ajouter du texte sur votre page d'accueil.
|
|
@ -6,7 +6,7 @@
|
||||||
"en": "Libre and federated social network, fork of Mastodon",
|
"en": "Libre and federated social network, fork of Mastodon",
|
||||||
"fr": "Réseau social libre et fédéré, scission de Mastodon"
|
"fr": "Réseau social libre et fédéré, scission de Mastodon"
|
||||||
},
|
},
|
||||||
"version": "2022.01.10~ynh1",
|
"version": "2022.01.10~ynh2",
|
||||||
"url": "https://github.com/glitch-soc/mastodon",
|
"url": "https://github.com/glitch-soc/mastodon",
|
||||||
"upstream": {
|
"upstream": {
|
||||||
"license": "free",
|
"license": "free",
|
||||||
|
@ -37,6 +37,10 @@
|
||||||
{
|
{
|
||||||
"name": "is_public",
|
"name": "is_public",
|
||||||
"type": "boolean",
|
"type": "boolean",
|
||||||
|
"help": {
|
||||||
|
"en": "Needed for federation.",
|
||||||
|
"fr": "Nécessaire pour la fédération."
|
||||||
|
},
|
||||||
"default": true
|
"default": true
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
|
|
|
@ -267,9 +267,8 @@ then
|
||||||
# Everyone can access the app.
|
# Everyone can access the app.
|
||||||
# The "main" permission is automatically created before the install script.
|
# The "main" permission is automatically created before the install script.
|
||||||
ynh_permission_update --permission="main" --add="visitors"
|
ynh_permission_update --permission="main" --add="visitors"
|
||||||
fi
|
|
||||||
|
|
||||||
ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --auth_header="false" --show_tile="false" --protected="true"
|
ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --auth_header="false" --show_tile="false" --protected="true"
|
||||||
|
fi
|
||||||
|
|
||||||
#=================================================
|
#=================================================
|
||||||
# RELOAD NGINX
|
# RELOAD NGINX
|
||||||
|
|
13
sources/patches/app-disable-registration.patch
Normal file
13
sources/patches/app-disable-registration.patch
Normal file
|
@ -0,0 +1,13 @@
|
||||||
|
diff --git a/config/settings.yml b/config/settings.yml
|
||||||
|
index 094209822..2e2a5147d 100644
|
||||||
|
--- a/config/settings.yml
|
||||||
|
+++ b/config/settings.yml
|
||||||
|
@@ -9,7 +9,7 @@ defaults: &defaults
|
||||||
|
site_terms: ''
|
||||||
|
site_contact_username: ''
|
||||||
|
site_contact_email: ''
|
||||||
|
- registrations_mode: 'open'
|
||||||
|
+ registrations_mode: 'none'
|
||||||
|
profile_directory: true
|
||||||
|
closed_registrations_message: ''
|
||||||
|
open_deletion: true
|
56
sources/patches/app-sso.patch
Normal file
56
sources/patches/app-sso.patch
Normal file
|
@ -0,0 +1,56 @@
|
||||||
|
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
|
||||||
|
index 7c36bc6b8..3f691d102 100644
|
||||||
|
--- a/app/controllers/application_controller.rb
|
||||||
|
+++ b/app/controllers/application_controller.rb
|
||||||
|
@@ -70,7 +70,7 @@ class ApplicationController < ActionController::Base
|
||||||
|
end
|
||||||
|
|
||||||
|
def after_sign_out_path_for(_resource_or_scope)
|
||||||
|
- new_user_session_path
|
||||||
|
+ "https://#{File.read('/etc/yunohost/current_host')}/yunohost/sso/?action=logout"
|
||||||
|
end
|
||||||
|
|
||||||
|
def pack(data, pack_name, skin = 'default')
|
||||||
|
diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb
|
||||||
|
index 5232e6cfd..160348674 100644
|
||||||
|
--- a/config/initializers/devise.rb
|
||||||
|
+++ b/config/initializers/devise.rb
|
||||||
|
@@ -180,7 +180,7 @@ Devise.setup do |config|
|
||||||
|
# given strategies, for example, `config.http_authenticatable = [:database]` will
|
||||||
|
# enable it only for database authentication. The supported strategies are:
|
||||||
|
# :database = Support basic authentication with authentication key + password
|
||||||
|
- config.http_authenticatable = [:pam, :database]
|
||||||
|
+ config.http_authenticatable = [:two_factor_ldap, :pam, :database]
|
||||||
|
|
||||||
|
# If 401 status code should be returned for AJAX requests. True by default.
|
||||||
|
# config.http_authenticatable_on_xhr = true
|
||||||
|
diff --git a/lib/devise/two_factor_ldap_authenticatable.rb b/lib/devise/two_factor_ldap_authenticatable.rb
|
||||||
|
index 065aa2de8..0eb4be10c 100644
|
||||||
|
--- a/lib/devise/two_factor_ldap_authenticatable.rb
|
||||||
|
+++ b/lib/devise/two_factor_ldap_authenticatable.rb
|
||||||
|
@@ -5,13 +5,13 @@ require 'devise/strategies/base'
|
||||||
|
|
||||||
|
module Devise
|
||||||
|
module Strategies
|
||||||
|
- class TwoFactorLdapAuthenticatable < Base
|
||||||
|
+ class TwoFactorLdapAuthenticatable < Authenticatable
|
||||||
|
def valid?
|
||||||
|
- valid_params? && mapping.to.respond_to?(:authenticate_with_ldap)
|
||||||
|
+ (valid_for_params_auth? || valid_for_http_auth?) && mapping.to.respond_to?(:authenticate_with_ldap)
|
||||||
|
end
|
||||||
|
|
||||||
|
def authenticate!
|
||||||
|
- resource = mapping.to.authenticate_with_ldap(params[scope])
|
||||||
|
+ resource = mapping.to.authenticate_with_ldap(authentication_hash.merge(:password => password))
|
||||||
|
|
||||||
|
if resource && !resource.otp_required_for_login?
|
||||||
|
success!(resource)
|
||||||
|
@@ -23,7 +23,7 @@ module Devise
|
||||||
|
protected
|
||||||
|
|
||||||
|
def valid_params?
|
||||||
|
- params[scope] && params[scope][:password].present?
|
||||||
|
+ super && params[scope][:password].present?
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
Loading…
Reference in a new issue