[fix] Secret key install + backup correct + restore (need test restore)

scripts/backup

@@ -3,12 +3,19 @@
 # Exit on command errors and treat unset variables as an error
 set -eu
 
-# Get multi-instances specific variables
-app=$YNH_APP_INSTANCE_NAME
-
+if [ ! -e .fonctions ]; then
+	# Get file fonction if not been to the current directory
+	sudo cp ../settings/scripts/.fonctions ./.fonctions
+	sudo chmod a+rx .fonctions
+fi
+# Loads the generic functions usually used in the script
+source .fonctions
 # Source app helpers
 source /usr/share/yunohost/helpers
 
+# Get multi-instances specific variables
+app=$YNH_APP_INSTANCE_NAME
+
 # Retrieve app settings
 domain=$(ynh_app_setting_get "$app" domain)
 
@@ -25,7 +32,7 @@ ynh_backup "/etc/systemd/system/mastodon-streaming.service" "systemd_streaming.s
 
 # Backup db
 sudo su - postgres <<COMMANDS
-pg_dump -U mastodon mastodon_production > mastodon_db.sql
+pg_dump --role=mastodon -U postgres --no-password mastodon_production > mastodon_db.sql
 COMMANDS
-ynh_backup "./mastodon_db.sql" "mastodon_db.sql"
+ynh_backup "/var/lib/postgresql/${app}_db.sql" "${app}_db.sql"
 ynh_secure_remove /var/lib/postgresql/mastodon_db.sql

scripts/install

@@ -135,9 +135,12 @@ sudo sed -i "s@LOCAL_DOMAIN=example.com@LOCAL_DOMAIN=${domain}@g" "${final_path}
 language="$(echo $language | head -c 2)"
 sudo sed -i "s@# DEFAULT_LOCALE=de@DEFAULT_LOCALE=${language}@g" "${final_path}/live/.env.production"
 
-sudo sed -i "s@PAPERCLIP_SECRET=@PAPERCLIP_SECRET=$(head -n128 /dev/urandom | tr -dc -d 'a-z0-9' | head -c128)@g" "${final_path}/live/.env.production"
-sudo sed -i "s@SECRET_KEY_BASE=@SECRET_KEY_BASE=$(head -n128 /dev/urandom | tr -dc -d 'a-z0-9' | head -c128)@g" "${final_path}/live/.env.production"
-sudo sed -i "s@OTP_SECRET=@OTP_SECRET=$(head -n128 /dev/urandom | tr -dc -d 'a-z0-9' | head -c128)@g" "${final_path}/live/.env.production"
+paperclip_secret=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128)
+secret_key_base=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128)
+otp_secret=$(head -n128 /dev/urandom | tail -n +1 | tr -dc -d 'a-z0-9' | head -c128)
+sudo sed -i "s@PAPERCLIP_SECRET=@PAPERCLIP_SECRET=${paperclip_secret}@g" "${final_path}/live/.env.production"
+sudo sed -i "s@SECRET_KEY_BASE=@SECRET_KEY_BASE=${secret_key_base}@g" "${final_path}/live/.env.production"
+sudo sed -i "s@OTP_SECRET=@OTP_SECRET=${otp_secret}@g" "${final_path}/live/.env.production"
 
 sudo sed -i 's,SMTP_LOGIN=,SMTP_LOGIN='${admin_mastodon}'@'${domain}',' "${final_path}/live/.env.production"
 sudo sed -i "s@SMTP_PASSWORD=@SMTP_PASSWORD=${admin_pass}@g" "${final_path}/live/.env.production"

scripts/restore

@@ -4,12 +4,19 @@
 # Exit on command errors and treat unset variables as an error
 set -eu
 
-# The parameter $app is the id of the app instance ex: ynhexample__2
-app=$YNH_APP_INSTANCE_NAME
-
+if [ ! -e .fonctions ]; then
+	# Get file fonction if not been to the current directory
+	sudo cp ../settings/scripts/.fonctions ./.fonctions
+	sudo chmod a+rx .fonctions
+fi
+# Loads the generic functions usually used in the script
+source .fonctions
 # Source app helpers
 source /usr/share/yunohost/helpers
 
+# The parameter $app is the id of the app instance ex: ynhexample__2
+app=$YNH_APP_INSTANCE_NAME
+
 # Get old parameter of the app
 domain=$(ynh_app_setting_get $app domain)
 path=$(ynh_app_setting_get $app path)
@@ -30,7 +37,7 @@ nginx_conf="/etc/nginx/conf.d/${domain}.d/${app}.conf"
 if [ -f $nginx_conf ]; then
 	ynh_die "The NGINX configuration already exists at '${nginx_conf}'. 
 	You should safely delete it before restoring this app."
-
+fi
 # Check configuration files php-fpm
 crontab_conf="/etc/cron.d/${app}"
 if [ -f $crontab_conf ]; then 
@@ -55,6 +62,9 @@ if [ -f "${streaming_systemd}" ]; then
 	You should safely delete it before restoring this app."
 fi
 
+# Create user unix
+sudo adduser $app --home /opt/$app --gecos "First Last,RoomNumber,WorkPhone,HomePhone" --disabled-password --disabled-login
+
  # Restore sources & data
 sudo cp -a ./sources "$final_path"
 
@@ -74,9 +84,12 @@ sudo su -c "psql" postgres <<< \
 # Restore db
 ynh_psql_create_db_without_password "$app"
 sudo su - postgres <<COMMANDS
-pg_dump -U mastodon mastodon_production < ./mastodon_db.sql
+pg_dump --role=mastodon -U postgres --no-password mastodon < $YNH_APP_BACKUP_DIR/mastodon_db.sql
 COMMANDS
 
+# Create symlink for ruby
+sudo ln -s /opt/mastodon/.rbenv/versions/2.4.1/bin/ruby /usr/bin/ruby || true
+
 # Restore Mastodon
 sudo su - $app <<RCOMMANDS
 cd ~/live
@@ -89,5 +102,23 @@ sudo cp -a ./nginx.conf   "$nginx_conf"
 # Restore crontab
 sudo cp -a ./cron.conf "$crontab_conf"
 
+sudo cp ../conf/mastodon-web.service /etc/systemd/system/mastodon-web.service
+sudo chown root: /etc/systemd/system/mastodon-web.service
+sudo cp ../conf/mastodon-sidekiq.service /etc/systemd/system/mastodon-sidekiq.service
+sudo chown root: /etc/systemd/system/mastodon-sidekiq.service
+sudo cp ../conf/mastodon-streaming.service /etc/systemd/system/mastodon-streaming.service
+sudo chown root: /etc/systemd/system/mastodon-streaming.service
+
+sudo systemctl daemon-reload
+sudo systemctl enable /etc/systemd/system/mastodon-*.service
+sudo systemctl start mastodon-web.service mastodon-sidekiq.service mastodon-streaming.service
+# debug
+sudo systemctl status mastodon-web.service mastodon-sidekiq.service mastodon-streaming.service
+
+# Add service YunoHost
+sudo yunohost service add mastodon-web
+sudo yunohost service add mastodon-sidekiq
+sudo yunohost service add mastodon-streaming
+
 # Reload services
 sudo systemctl reload nginx

scripts/upgrade

@@ -3,8 +3,10 @@
 # Exit on command errors and treat unset variables as an error
 set -eu
 
-source .fonctions	# Loads the generic functions usually used in the script
-source /usr/share/yunohost/helpers # Source YunoHost helpers
+# Loads the generic functions usually used in the script
+source .fonctions
+# Source YunoHost helpers
+source /usr/share/yunohost/helpers
 
 # See comments in install script
 app=$YNH_APP_INSTANCE_NAME