YunoHost-Apps/glitchsoc_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/glitchsoc_ynh.git synced 2024-09-03 19:15:59 +02:00
Code Issues Activity Actions 1

Merge pull request #12 from YunoHost-Apps/testing

Browse source 
Update to last commit
Add config panel
This commit is contained in:
Tagada 2022-01-11 02:20:56 +01:00 committed by GitHub
commit 9fb00be101
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
16 changed files with 416 additions and 98 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

90
.github/workflows/updater.sh vendored Normal file
View file

@ -0,0 +1,90 @@
#!/bin/bash
#=================================================
# PACKAGE UPDATING HELPER
#=================================================
# This script is meant to be run by GitHub Actions
# The YunoHost-Apps organisation offers a template Action to run this script periodically
# Since each app is different, maintainers can adapt its contents so as to perform
# automatic actions when a new upstream release is detected.
# Heavily modified script for pulling on main branch instead of releases
#=================================================
# FETCHING LATEST RELEASE AND ITS ASSETS
#=================================================
# Fetching information
current_version=$(cat manifest.json | jq -j '.version|split("~")[0]')
current_commit=$(cat conf/app.src | grep 'SOURCE_FILENAME' | cut -d= -f2 | cut -d. -f1)
repo=$(cat manifest.json | jq -j '.upstream.code|split("https://github.com/")[1]')
last=$(curl --silent "https://api.github.com/repos/$repo/branches/main")
last_version=$(echo $last | jq -r '.commit.commit.author.date' | cut -dT -f1 | tr - .)
last_commit=$(echo $last | jq -r '.commit.sha')
# Setting up the environment variables
echo "Current version: $current_version commit $current_commit"
echo "Latest release from upstream: $last_version commit $last_commit"
echo "VERSION=$last_version" >> $GITHUB_ENV
# For the time being, let's assume the script will fail
echo "PROCEED=false" >> $GITHUB_ENV
# Proceed only if the retrieved version is greater than the current one
if ! dpkg --compare-versions "$current_version" "lt" "$last_version" ; then
echo "::warning ::No new version available"
exit 0
# Proceed only if a PR for this new version does not already exist
elif git ls-remote -q --exit-code --heads https://github.com/$GITHUB_REPOSITORY.git ci-auto-update-v$last_version ; then
echo "::warning ::A branch already exists for this update"
exit 0
fi
#=================================================
# UPDATE SOURCE FILES
#=================================================
# Create the temporary directory
tempdir="$(mktemp -d)"
asset_url="https://github.com/$repo/archive/$last_commit.tar.gz"
# Download sources and calculate checksum
filename=${asset_url##*/}
curl --silent -4 -L $asset_url -o "$tempdir/$filename"
checksum=$(sha256sum "$tempdir/$filename" | head -c 64)
# Delete temporary directory
rm -rf $tempdir
# Rewrite source file
cat <<EOT > conf/app.src
SOURCE_URL=$asset_url
SOURCE_SUM=$checksum
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=$filename
SOURCE_EXTRACT=true
EOT
echo "... conf/app.src updated"
#=================================================
# SPECIFIC UPDATE STEPS
#=================================================
# Any action on the app's source code can be done.
# The GitHub Action workflow takes care of committing all changes after this script ends.
#=================================================
# GENERIC FINALIZATION
#=================================================
# Replace new version in manifest
echo "$(jq -s --indent 4 ".[] | .version = \"$last_version~ynh1\"" manifest.json)" > manifest.json
# No need to update the README, yunohost-bot takes care of it
# The Action will proceed only if the PROCEED environment variable is set to true
echo "PROCEED=true" >> $GITHUB_ENV
exit 0

49
.github/workflows/updater.yml vendored Normal file
View file

@ -0,0 +1,49 @@
# This workflow allows GitHub Actions to automagically update your app whenever a new upstream release is detected.
# You need to enable Actions in your repository settings, and fetch this Action from the YunoHost-Apps organization.
# This file should be enough by itself, but feel free to tune it to your needs.
# It calls updater.sh, which is where you should put the app-specific update steps.
name: Check for new upstream releases
on:
# Allow to manually trigger the workflow
workflow_dispatch:
# Run it every day at 6:00 UTC
schedule:
- cron: '0 6 * * *'
jobs:
updater:
runs-on: ubuntu-latest
steps:
- name: Fetch the source code
uses: actions/checkout@v2
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Run the updater script
id: run_updater
run: |
# Setting up Git user
git config --global user.name 'yunohost-bot'
git config --global user.email 'yunohost-bot@users.noreply.github.com'
# Run the updater script
/bin/bash .github/workflows/updater.sh
- name: Commit changes
id: commit
if: ${{ env.PROCEED == 'true' }}
run: |
git commit -am "Upgrade to v$VERSION"
- name: Create Pull Request
id: cpr
if: ${{ env.PROCEED == 'true' }}
uses: peter-evans/create-pull-request@v3
with:
token: ${{ secrets.GITHUB_TOKEN }}
commit-message: Update to version ${{ env.VERSION }}
committer: 'yunohost-bot <yunohost-bot@users.noreply.github.com>'
author: 'yunohost-bot <yunohost-bot@users.noreply.github.com>'
signoff: false
base: testing
branch: ci-auto-update-v${{ env.VERSION }}
delete-branch: true
title: 'Upgrade to version ${{ env.VERSION }}'
body: |
Upgrade to v${{ env.VERSION }}
draft: false

2
README.md
View file

@ -17,7 +17,7 @@ If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/in
Libre and federated social network, fork of Mastodon
**Shipped version:** 2021.12.27~ynh2
**Shipped version:** 2022.01.10~ynh1

2
README_fr.md
View file

@ -13,7 +13,7 @@ Si vous n'avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour
Réseau social libre et fédéré, scission de Mastodon
**Version incluse :** 2021.12.27~ynh2
**Version incluse :** 2022.01.10~ynh1

10
conf/.env.production.sample
View file

@ -4,6 +4,12 @@
# not demonstrate all available configuration options. Please look at
# https://docs.joinmastodon.org/admin/config/ for the full documentation.
# Note that this file accepts slightly different syntax depending on whether
# you are using `docker-compose` or not. In particular, if you use
# `docker-compose`, the value of each declared variable will be taken verbatim,
# including surrounding quotes.
# See: https://github.com/mastodon/mastodon/issues/16895
# Federation
# ----------
# This identifies your server and cannot be changed safely later
@ -271,8 +277,8 @@ MAX_POLL_OPTION_CHARS=100
# Maximum image and video/audio upload sizes
# Units are in bytes
# 1048576 bytes equals 1 megabyte
# MAX_IMAGE_SIZE=8388608
# MAX_VIDEO_SIZE=41943040
MAX_IMAGE_SIZE=8388608
MAX_VIDEO_SIZE=41943040
# Maximum search results to display
# Only relevant when elasticsearch is installed

6
conf/app.src
View file

@ -1,7 +1,7 @@
SOURCE_URL=https://github.com/glitch-soc/mastodon/archive/e2933854ac598c5ee7428a654a72cf4f4bd9afea.tar.gz
SOURCE_SUM=120f010e0d9ceeb1f86d97e39bd482197dace3d87d5753be886133fc94ad987f
SOURCE_URL=https://github.com/glitch-soc/mastodon/archive/07cb948f39464b11959fc506b673a90d9524e519.tar.gz
SOURCE_SUM=5808362e249689029726b79b799aab7382fc6626a142e54638633b08dee13c76
SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz
SOURCE_IN_SUBDIR=true
SOURCE_FILENAME=e2933854ac598c5ee7428a654a72cf4f4bd9afea.tar.gz
SOURCE_FILENAME=07cb948f39464b11959fc506b673a90d9524e519.tar.gz
SOURCE_EXTRACT=true

30
conf/glitchsoc-sidekiq.service
View file

@ -14,5 +14,35 @@ TimeoutSec=15
Restart=always
StandardError=syslog
# Sandboxing options to harden security
# Depending on specificities of your service/app, you may need to tweak these
# .. but this should be a good baseline
# Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html
NoNewPrivileges=yes
PrivateTmp=yes
PrivateDevices=yes
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
RestrictNamespaces=yes
RestrictRealtime=yes
DevicePolicy=closed
ProtectSystem=full
ProtectControlGroups=yes
ProtectKernelModules=yes
ProtectKernelTunables=yes
LockPersonality=yes
SystemCallFilter=~@clock @debug @module @mount @obsolete @reboot @setuid @swap
# Denying access to capabilities that should not be relevant for webapps
# Doc: https://man7.org/linux/man-pages/man7/capabilities.7.html
CapabilityBoundingSet=~CAP_RAWIO CAP_MKNOD
CapabilityBoundingSet=~CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE
CapabilityBoundingSet=~CAP_SYS_BOOT CAP_SYS_TIME CAP_SYS_MODULE CAP_SYS_PACCT
CapabilityBoundingSet=~CAP_LEASE CAP_LINUX_IMMUTABLE CAP_IPC_LOCK
CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_WAKE_ALARM
CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG
CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE
CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW
CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG
[Install]
WantedBy=multi-user.target

30
conf/glitchsoc-streaming.service
View file

@ -15,5 +15,35 @@ TimeoutSec=15
Restart=always
StandardError=syslog
# Sandboxing options to harden security
# Depending on specificities of your service/app, you may need to tweak these
# .. but this should be a good baseline
# Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html
NoNewPrivileges=yes
PrivateTmp=yes
PrivateDevices=yes
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
RestrictNamespaces=yes
RestrictRealtime=yes
DevicePolicy=closed
ProtectSystem=full
ProtectControlGroups=yes
ProtectKernelModules=yes
ProtectKernelTunables=yes
LockPersonality=yes
SystemCallFilter=~@clock @debug @module @mount @obsolete @reboot @setuid @swap
# Denying access to capabilities that should not be relevant for webapps
# Doc: https://man7.org/linux/man-pages/man7/capabilities.7.html
CapabilityBoundingSet=~CAP_RAWIO CAP_MKNOD
CapabilityBoundingSet=~CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE
CapabilityBoundingSet=~CAP_SYS_BOOT CAP_SYS_TIME CAP_SYS_MODULE CAP_SYS_PACCT
CapabilityBoundingSet=~CAP_LEASE CAP_LINUX_IMMUTABLE CAP_IPC_LOCK
CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_WAKE_ALARM
CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG
CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE
CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW
CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG
[Install]
WantedBy=multi-user.target

30
conf/glitchsoc-web.service
View file

@ -14,5 +14,35 @@ TimeoutSec=15
Restart=always
StandardError=syslog
# Sandboxing options to harden security
# Depending on specificities of your service/app, you may need to tweak these
# .. but this should be a good baseline
# Details for these options: https://www.freedesktop.org/software/systemd/man/systemd.exec.html
NoNewPrivileges=yes
PrivateTmp=yes
PrivateDevices=yes
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
RestrictNamespaces=yes
RestrictRealtime=yes
DevicePolicy=closed
ProtectSystem=full
ProtectControlGroups=yes
ProtectKernelModules=yes
ProtectKernelTunables=yes
LockPersonality=yes
SystemCallFilter=~@clock @debug @module @mount @obsolete @reboot @setuid @swap
# Denying access to capabilities that should not be relevant for webapps
# Doc: https://man7.org/linux/man-pages/man7/capabilities.7.html
CapabilityBoundingSet=~CAP_RAWIO CAP_MKNOD
CapabilityBoundingSet=~CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_AUDIT_WRITE
CapabilityBoundingSet=~CAP_SYS_BOOT CAP_SYS_TIME CAP_SYS_MODULE CAP_SYS_PACCT
CapabilityBoundingSet=~CAP_LEASE CAP_LINUX_IMMUTABLE CAP_IPC_LOCK
CapabilityBoundingSet=~CAP_BLOCK_SUSPEND CAP_WAKE_ALARM
CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG
CapabilityBoundingSet=~CAP_MAC_ADMIN CAP_MAC_OVERRIDE
CapabilityBoundingSet=~CAP_NET_ADMIN CAP_NET_BROADCAST CAP_NET_RAW
CapabilityBoundingSet=~CAP_SYS_ADMIN CAP_SYS_PTRACE CAP_SYSLOG
[Install]
WantedBy=multi-user.target

74
config_panel.toml Normal file
View file

@ -0,0 +1,74 @@
version = "1.0"
[main]
name = "Main configuration"
services = ["__APP__-web", "__APP__-sidekiq", "__APP__-streaming"]
[main.customization]
name = "Customization"
[main.customization.max_toot_chars]
ask = "Maximum allowed character count in a toot"
type = "number"
bind = ":/var/www/__APP__/live/live/.env.production"
example = 500
[main.customization.max_pinned_toots]
ask = "Maximum number of pinned posts"
type = "number"
example = "5"
bind = ":/var/www/__APP__/live/.env.production"
[main.customization.max_bio_chars]
ask = "Maximum allowed bio characters"
type = "number"
accept = "500"
bind = ":/var/www/__APP__/live/.env.production"
[main.customization.max_profile_fields]
ask = "Maximim number of profile fields allowed"
type = "number"
accept = "4"
bind = ":/var/www/__APP__/live/.env.production"
[main.customization.max_display_name_chars]
ask = "Maximum allowed bio characters"
type = "number"
accept = "30"
bind = ":/var/www/__APP__/live/.env.production"
[main.customization.max_poll_options]
ask = "Maximum allowed poll options"
type = "number"
accept = "5"
bind = ":/var/www/__APP__/live/.env.production"
[main.customization.max_poll_option_chars]
ask = "Maximum allowed poll option characters"
type = "number"
accept = "100"
bind = ":/var/www/__APP__/live/.env.production"
[main.customization.max_image_size]
ask = "Maximum image upload size, in bytes"
type = "number"
accept = "8388608"
bind = ":/var/www/__APP__/live/.env.production"
[main.customization.max_video_size]
ask = "Maximum video and audio upload sizes, in bytes"
type = "number"
accept = "41943040"
bind = ":/var/www/__APP__/live/.env.production"
[main.customization.max_emoji_size]
ask = "Maximum custom emoji file sizes"
type = "number"
accept = "51200"
bind = ":/var/www/__APP__/live/.env.production"
[main.customization.max_remote_emoji_size]
ask = "Maximum remote custom emoji file sizes"
type = "number"
accept = "204800"
bind = ":/var/www/__APP__/live/.env.production"

2
manifest.json
View file

@ -6,7 +6,7 @@
"en": "Libre and federated social network, fork of Mastodon",
"fr": "Réseau social libre et fédéré, scission de Mastodon"
},
"version": "2021.12.27~ynh2",
"version": "2022.01.10~ynh1",
"url": "https://github.com/glitch-soc/mastodon",
"upstream": {
"license": "free",

2
scripts/backup
View file

@ -59,7 +59,7 @@ ynh_backup --src_path="/etc/systemd/system/$app-sidekiq.service"
ynh_backup --src_path="/etc/systemd/system/$app-streaming.service"
#=================================================
# BACKUP A CRON FILE
# BACKUP VARIOUS FILES
#=================================================
ynh_backup --src_path="/etc/cron.d/$app"

25
scripts/install
View file

@ -83,7 +83,7 @@ ynh_exec_warn_less ynh_install_ruby --ruby_version=$RUBY_VERSION
ynh_script_progression --message="Configuring system user..."
# Create a system user
ynh_system_user_create --username=$app --home_dir="$final_path"
ynh_system_user_create --username=$app --home_dir=$final_path
#=================================================
# CREATE A POSTGRESQL DATABASE
@ -96,6 +96,7 @@ db_name=$(ynh_sanitize_dbid --db_name="${app}_production")
db_user=$(ynh_sanitize_dbid --db_name=$app)
db_pwd=$(ynh_string_random --length=30)
ynh_app_setting_set --app=$app --key=db_name --value=$db_name
ynh_app_setting_set --app=$app --key=db_user --value=$db_user
ynh_app_setting_set --app=$app --key=db_pwd --value=$db_pwd
ynh_psql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd
ynh_psql_execute_as_root --sql="ALTER USER $db_user CREATEDB;"
@ -119,7 +120,7 @@ chown -R $app:www-data "$final_path"
ynh_script_progression --message="Configuring NGINX web server..."
# Create a dedicated NGINX config
ynh_add_nginx_config 'port_web port_stream'
ynh_add_nginx_config
#=================================================
# SPECIFIC SETUP
@ -153,7 +154,7 @@ popd
#=================================================
# ADD A CONFIGURATION
#=================================================
ynh_script_progression --message="Adding a config file..."
ynh_script_progression --message="Adding a configuration file..."
config="$final_path/live/.env.production"
@ -200,17 +201,17 @@ ynh_add_systemd_config --service="$app-streaming" --template="glitchsoc-streamin
ynh_script_progression --message="Installing Glitch-Soc..."
pushd "$final_path/live"
sudo -u $app $ynh_ruby_load_path bin/bundle config deployment 'true'
sudo -u $app $ynh_ruby_load_path bin/bundle config without 'development test'
sudo -u $app $ynh_ruby_load_path bin/bundle install -j$(getconf _NPROCESSORS_ONLN)
ynh_exec_as $app $ynh_ruby_load_path bin/bundle config deployment 'true'
ynh_exec_as $app $ynh_ruby_load_path bin/bundle config without 'development test'
ynh_exec_as $app $ynh_ruby_load_path bin/bundle install -j$(getconf _NPROCESSORS_ONLN)
ynh_use_nodejs
ynh_exec_warn_less sudo -u $app $ynh_node_load_PATH yarn install --pure-lockfile
ynh_exec_warn_less ynh_exec_as $app $ynh_node_load_PATH yarn install --pure-lockfile
echo "SAFETY_ASSURED=1">> $config
ynh_exec_warn_less sudo -u $app RAILS_ENV=production $ynh_ruby_load_path bin/bundle exec rails db:setup --quiet
ynh_exec_warn_less sudo -u $app RAILS_ENV=production $ynh_ruby_load_path bin/bundle exec rails assets:precompile --quiet
ynh_exec_warn_less sudo -u $app RAILS_ENV=production $ynh_ruby_load_path bin/bundle exec rake mastodon:webpush:generate_vapid_key > key.txt
ynh_exec_warn_less sudo -u $app RAILS_ENV=production $ynh_ruby_load_path bin/tootctl accounts create "$admin" --email="$admin_mail" --confirmed --role=admin > /dev/null
ynh_exec_warn_less sudo -u $app RAILS_ENV=production $ynh_ruby_load_path bin/tootctl accounts modify "$admin" --approve
ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path bin/bundle exec rails db:setup --quiet
ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path bin/bundle exec rails assets:precompile --quiet
ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path bin/bundle exec rake mastodon:webpush:generate_vapid_key > key.txt
ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path bin/tootctl accounts create "$admin" --email="$admin_mail" --confirmed --role=admin > /dev/null
ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path bin/tootctl accounts modify "$admin" --approve
popd
vapid_private_key=$(grep -oP "VAPID_PRIVATE_KEY=\K.+" "$final_path/live/key.txt")

28
scripts/remove
View file

@ -18,7 +18,7 @@ app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get --app=$app --key=domain)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user=$(ynh_sanitize_dbid --db_name=$app)
db_user=$(ynh_app_setting_get --app=$app --key=db_user)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
#=================================================
@ -64,17 +64,6 @@ ynh_script_progression --message="Removing the PostgreSQL database..."
# Remove a database if it exists, along with the associated user
ynh_psql_remove_db --db_user=$db_user --db_name=$db_name
#=================================================
# REMOVE DEPENDENCIES
#=================================================
ynh_script_progression --message="Removing dependencies..."
# Remove metapackage and its dependencies
ynh_remove_ruby
ynh_remove_nodejs
ynh_remove_app_dependencies
ynh_remove_extra_repo
#=================================================
# REMOVE APP MAIN DIR
#=================================================
@ -91,12 +80,23 @@ ynh_script_progression --message="Removing NGINX web server configuration..."
# Remove the dedicated NGINX config
ynh_remove_nginx_config
#=================================================
# REMOVE DEPENDENCIES
#=================================================
ynh_script_progression --message="Removing dependencies..."
# Remove metapackage and its dependencies
ynh_remove_ruby
ynh_remove_nodejs
ynh_remove_app_dependencies
ynh_remove_extra_repo
#=================================================
# SPECIFIC REMOVE
#=================================================
# REMOVE THE CRON FILE
# REMOVE VARIOUS FILES
#=================================================
ynh_script_progression --message="Removing the cron file..."
ynh_script_progression --message="Removing various files..."
# Remove a cron file
ynh_secure_remove --file="/etc/cron.d/$app"

54
scripts/restore
View file

@ -31,7 +31,7 @@ domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app=$app --key=path)
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user=$(ynh_sanitize_dbid --db_name=$app)
db_user=$(ynh_app_setting_get --app=$app --key=db_user)
db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd)
#=================================================
@ -39,7 +39,8 @@ db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd)
#=================================================
ynh_script_progression --message="Validating restoration parameters..."
test ! -d $final_path || ynh_die --message="There is already a directory: $final_path "
test ! -d $final_path \
|| ynh_die --message="There is already a directory: $final_path "
#=================================================
# STANDARD RESTORATION STEPS
@ -56,7 +57,7 @@ ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_script_progression --message="Recreating the dedicated system user..."
# Create the dedicated user (if not existing)
ynh_system_user_create --username=$app --home_dir="$final_path"
ynh_system_user_create --username=$app --home_dir=$final_path
#=================================================
# RESTORE THE APP MAIN DIR
@ -71,6 +72,27 @@ chown -R $app:www-data "$final_path"
#=================================================
# SPECIFIC RESTORATION
#=================================================
# REINSTALL DEPENDENCIES
#=================================================
ynh_script_progression --message="Reinstalling dependencies..."
# Define and install dependencies
ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies
ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$NODEJS_VERSION
ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ stable main" --package="yarn" --key="https://dl.yarnpkg.com/debian/pubkey.gpg"
ynh_install_ruby --ruby_version=$RUBY_VERSION
#=================================================
# RESTORE THE POSTGRESQL DATABASE
#=================================================
ynh_script_progression --message="Restoring the PostgreSQL database..."
ynh_psql_test_if_first_run
ynh_psql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd
ynh_psql_execute_as_root --sql="ALTER USER $db_user CREATEDB;"
ynh_psql_execute_file_as_root --file="./db.sql" --database="$db_name"
#=================================================
# ADD SWAP IF NEEDED
#=================================================
@ -87,23 +109,6 @@ fi
ynh_script_progression --message="Adding $swap_needed Mo to swap..."
ynh_add_swap --size=$swap_needed
#=================================================
# RESTORE THE CRON FILE
#=================================================
ynh_script_progression --message="Restoring the cron file..."
ynh_restore_file --origin_path="/etc/cron.d/$app"
#=================================================
# REINSTALL DEPENDENCIES
#=================================================
ynh_script_progression --message="Reinstalling dependencies..."
ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies
ynh_exec_warn_less ynh_install_nodejs --nodejs_version=$NODEJS_VERSION
ynh_exec_warn_less ynh_install_extra_app_dependencies --repo="deb https://dl.yarnpkg.com/debian/ stable main" --package="yarn" --key="https://dl.yarnpkg.com/debian/pubkey.gpg"
ynh_exec_warn_less ynh_install_ruby --ruby_version=$RUBY_VERSION
#=================================================
# INSTALLING RUBY AND BUNDLER
#=================================================
@ -116,14 +121,11 @@ pushd "$final_path/live"
popd
#=================================================
# RESTORE THE POSTGRESQL DATABASE
# RESTORE VARIOUS FILES
#=================================================
ynh_script_progression --message="Restoring the PostgreSQL database..."
ynh_script_progression --message="Restoring various files..."
ynh_psql_test_if_first_run
ynh_psql_setup_db --db_user=$db_user --db_name=$db_name --db_pwd=$db_pwd
ynh_psql_execute_as_root --sql="ALTER USER $db_user CREATEDB;"
ynh_psql_execute_file_as_root --file="./db.sql" --database="$db_name"
ynh_restore_file --origin_path="/etc/cron.d/$app"
#=================================================
# RESTORE SYSTEMD

80
scripts/upgrade
View file

@ -23,7 +23,7 @@ final_path=$(ynh_app_setting_get --app=$app --key=final_path)
language=$(ynh_app_setting_get --app=$app --key=language)
redis_namespace=$(ynh_app_setting_get --app=$app --key=db_name)
db_name=$(ynh_app_setting_get --app=$app --key=db_name)
db_user=$(ynh_sanitize_dbid --db_name=$app)
db_user=$(ynh_app_setting_get --app=$app --key=db_user)
db_pwd=$(ynh_app_setting_get --app=$app --key=db_pwd)
admin_mail=$(ynh_user_get_info --username=$admin --key='mail')
port_web=$(ynh_app_setting_get --app=$app --key=port_web)
@ -43,6 +43,32 @@ ynh_script_progression --message="Checking version..."
upgrade_type=$(ynh_check_app_version_changed)
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..."
# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
ynh_clean_check_starting
# Restore it if the upgrade fails
ynh_restore_upgradebackup
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# STANDARD UPGRADE STEPS
#=================================================
# STOP SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Stopping a systemd service..."
ynh_systemd_action --service_name=${app}-web --action="stop" --log_path=systemd --line_match="Stopped"
ynh_systemd_action --service_name=${app}-sidekiq --action="stop" --log_path=systemd --line_match="Stopped"
ynh_systemd_action --service_name=${app}-streaming --action="stop" --log_path=systemd --line_match="Stopped"
#=================================================
# ENSURE DOWNWARD COMPATIBILITY
#=================================================
@ -72,6 +98,12 @@ if [[ -z "$port_stream" ]]; then
ynh_app_setting_set --app=$app --key=port_stream --value=$port_stream
fi
# If db_user doesn't exist, create it, needed for old install
if [[ -z "$db_user" ]]; then
db_user=$(ynh_sanitize_dbid --db_name=$app)
ynh_app_setting_set --app=$app --key=db_user --value=$db_user
fi
# If db_pwd doesn't exist, create it, needed for old install
if [[ -z "$db_pwd" ]]; then
db_pwd=$(ynh_string_random)
@ -119,39 +151,13 @@ fi
#Remove previous added repository
ynh_remove_extra_repo
#=================================================
# BACKUP BEFORE UPGRADE THEN ACTIVE TRAP
#=================================================
ynh_script_progression --message="Backing up the app before upgrading (may take a while)..."
# Backup the current version of the app
ynh_backup_before_upgrade
ynh_clean_setup () {
ynh_clean_check_starting
# Restore it if the upgrade fails
ynh_restore_upgradebackup
}
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# STANDARD UPGRADE STEPS
#=================================================
# STOP SYSTEMD SERVICE
#=================================================
ynh_script_progression --message="Stopping a systemd service..."
ynh_systemd_action --service_name=${app}-web --action="stop" --log_path=systemd --line_match="Stopped"
ynh_systemd_action --service_name=${app}-sidekiq --action="stop" --log_path=systemd --line_match="Stopped"
ynh_systemd_action --service_name=${app}-streaming --action="stop" --log_path=systemd --line_match="Stopped"
#=================================================
# CREATE DEDICATED USER
#=================================================
ynh_script_progression --message="Making sure dedicated system user exists..."
# Create a dedicated user (if not existing)
ynh_system_user_create --username=$app --home_dir="$final_path"
ynh_system_user_create --username=$app --home_dir=$final_path
#=================================================
# DOWNLOAD, CHECK AND UNPACK SOURCE
@ -193,7 +199,7 @@ chown -R $app:www-data "$final_path"
ynh_script_progression --message="Upgrading NGINX web server configuration..."
# Create a dedicated NGINX config
ynh_add_nginx_config 'port_web port_stream'
ynh_add_nginx_config
#=================================================
# UPGRADE DEPENDENCIES
@ -262,15 +268,15 @@ ynh_add_systemd_config --service="$app-streaming" --template="glitchsoc-streamin
ynh_script_progression --message="Upgrading Glitch-Soc..."
pushd "$final_path/live"
sudo -u $app $ynh_ruby_load_path bin/bundle config deployment 'true'
sudo -u $app $ynh_ruby_load_path bin/bundle config without 'development test'
sudo -u $app $ynh_ruby_load_path bin/bundle install -j$(getconf _NPROCESSORS_ONLN)
ynh_exec_as $app $ynh_ruby_load_path bin/bundle config deployment 'true'
ynh_exec_as $app $ynh_ruby_load_path bin/bundle config without 'development test'
ynh_exec_as $app $ynh_ruby_load_path bin/bundle install -j$(getconf _NPROCESSORS_ONLN)
ynh_use_nodejs
sudo -u $app $ynh_node_load_PATH yarn install --pure-lockfile
ynh_exec_warn_less sudo -u $app RAILS_ENV=production $ynh_ruby_load_path bin/bundle exec rails assets:clean
ynh_exec_warn_less sudo -u $app RAILS_ENV=production $ynh_ruby_load_path bin/bundle exec rails assets:precompile
ynh_exec_warn_less sudo -u $app RAILS_ENV=production $ynh_ruby_load_path bin/bundle exec rails db:migrate
ynh_exec_warn_less sudo -u $app RAILS_ENV=production $ynh_ruby_load_path bin/tootctl cache clear
ynh_exec_as $app $ynh_node_load_PATH yarn install --pure-lockfile
ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path bin/bundle exec rails assets:clean
ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path bin/bundle exec rails assets:precompile
ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path bin/bundle exec rails db:migrate
ynh_exec_warn_less ynh_exec_as $app RAILS_ENV=production $ynh_ruby_load_path bin/tootctl cache clear
popd
#=================================================