From 8dbdc0f2a1c2248b65ee1934abeb33ccefb0a145 Mon Sep 17 00:00:00 2001 From: yalh76 Date: Mon, 16 Aug 2021 16:10:16 +0200 Subject: [PATCH] Several fixes --- check_process | 44 ++++++++++++++++++------------------ conf/app.ini | 8 +++---- conf/systemd.service | 4 ++-- scripts/backup | 8 +------ scripts/change_url | 6 ++--- scripts/install | 54 ++++++++++++++++++++++++-------------------- scripts/restore | 29 +++++++++++++----------- scripts/upgrade | 49 ++++++++++++++++++++-------------------- 8 files changed, 102 insertions(+), 100 deletions(-) diff --git a/check_process b/check_process index a62c0f4..ad0e51e 100644 --- a/check_process +++ b/check_process @@ -1,27 +1,27 @@ ;; General - ; Manifest - domain="domain.tld" (DOMAIN) - path="/path" (PATH) - admin="john" (USER) - is_public=1 (PUBLIC|public=1|private=0) - ; Checks - pkg_linter=1 - setup_sub_dir=1 - setup_root=1 - setup_nourl=0 - setup_private=1 - setup_public=1 - upgrade=1 - upgrade=1 from_commit=aa075b2051ffad7b0b6fef3a9c767376d5bdbfab - upgrade=1 from_commit=1cbec051e1171de5a8ed1e850eb4fb3506114da5 - upgrade=1 from_commit=5a706ed246392c1ce39c47a648cb93e2996e80d3 - backup_restore=1 - multi_instance=1 - incorrect_path=0 - port_already_use=1 (6000) - change_url=1 + ; Manifest + domain="domain.tld" (DOMAIN) + path="/path" (PATH) + admin="john" (USER) + is_public=1 (PUBLIC|public=1|private=0) + ; Checks + pkg_linter=1 + setup_sub_dir=1 + setup_root=1 + setup_nourl=0 + setup_private=1 + setup_public=1 + upgrade=1 + upgrade=1 from_commit=aa075b2051ffad7b0b6fef3a9c767376d5bdbfab + upgrade=1 from_commit=1cbec051e1171de5a8ed1e850eb4fb3506114da5 + upgrade=1 from_commit=5a706ed246392c1ce39c47a648cb93e2996e80d3 + backup_restore=1 + multi_instance=1 + incorrect_path=0 + port_already_use=1 (6000) + change_url=1 ;;; Levels - Level 5=auto + Level 5=auto ;;; Upgrade options ; commit=aa075b2051ffad7b0b6fef3a9c767376d5bdbfab name=Before multi_instance and refactoring diff --git a/conf/app.ini b/conf/app.ini index 8599195..1954312 100644 --- a/conf/app.ini +++ b/conf/app.ini @@ -61,7 +61,7 @@ TLS_MIN_VERSION = TLS10 ; default is the path where Gogs is executed STATIC_ROOT_PATH = ; Default path for App data -APP_DATA_PATH = __DATA_PATH__ +APP_DATA_PATH = __DATADIR__/data ; Application level GZIP support ENABLE_GZIP = false ; Landing page for non-logged users, can be "home" or "explore" @@ -69,7 +69,7 @@ LANDING_PAGE = explore [repository] ; Root path for storing repositories's data, default is "~//gogs-repositories" -ROOT = __REPO_PATH__ +ROOT = __DATADIR__/repositories ; The script type server supports, sometimes could be "sh" SCRIPT_TYPE = bash ; Default ANSI charset for an unrecognized charset @@ -281,7 +281,7 @@ CSRF_COOKIE_NAME = _csrf [picture] ; Path to store user uploaded avatars -AVATAR_UPLOAD_PATH = __DATA_PATH__/avatars +AVATAR_UPLOAD_PATH = __DATADIR__/data/avatars ; Chinese users can choose "duoshuo" ; or a custom avatar source, like: http://cn.gravatar.com/avatar/ GRAVATAR_SOURCE = gravatar @@ -297,7 +297,7 @@ ENABLE_FEDERATED_AVATAR = false ; Whether attachments are enabled. Defaults to `true` ENABLED = true ; Path for attachments. Defaults to `data/attachments` -PATH = __DATA_PATH__/attachments +PATH = __DATADIR__/data/attachments ; One or more allowed types, e.g. image/jpeg|image/png ALLOWED_TYPES = image/jpeg|image/png ; Max size of each file. Defaults to 4MB diff --git a/conf/systemd.service b/conf/systemd.service index e237439..a668510 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -15,10 +15,10 @@ After=slapd.service Type=simple User=__APP__ Group=__APP__ -WorkingDirectory=/home/__APP__ +WorkingDirectory=/home/yunohost.app/__APP__ ExecStart=/opt/__APP__/gogs web Restart=always -Environment=USER=__APP__ HOME=/home/__APP__ +Environment=USER=__APP__ HOME=/home/yunohost.app/__APP__ [Install] WantedBy=multi-user.target diff --git a/scripts/backup b/scripts/backup index 72f8d13..1ff80bb 100644 --- a/scripts/backup +++ b/scripts/backup @@ -15,7 +15,7 @@ source /usr/share/yunohost/helpers #================================================= ynh_clean_setup () { - true + ynh_clean_check_starting } # Exit if an error occurs during the execution of the script ynh_abort_if_errors @@ -61,12 +61,6 @@ ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf" ynh_backup --src_path="/etc/systemd/system/$app.service" -#================================================= -# BACKUP VARIOUS FILES -#================================================= - -ynh_backup --src_path="/var/log/$app" - #================================================= # BACKUP THE MYSQL DATABASE #================================================= diff --git a/scripts/change_url b/scripts/change_url index dafbcee..9236e96 100644 --- a/scripts/change_url +++ b/scripts/change_url @@ -114,9 +114,9 @@ ynh_script_progression --message="Adding a configuration file..." if [ $is_public -eq 1 ] then - private_mode="false" + private_mode="false" else - private_mode="true" + private_mode="true" fi ynh_add_config --template="../conf/app.ini" --destination="$final_path/custom/conf/app.ini" @@ -130,7 +130,7 @@ ynh_add_config --template="../conf/ldap.conf" --destination="$final_path/custom/ ynh_script_progression --message="Starting a systemd service..." # Start a systemd service -ynh_check_starting "INFO] Listen: http://0.0.0.0:" "/var/log/$app/gogs.log" +ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" --line_match="INFO] Listen: http://0.0.0.0:" #================================================= # RELOAD NGINX diff --git a/scripts/install b/scripts/install index 23ae165..e18c6f8 100644 --- a/scripts/install +++ b/scripts/install @@ -14,6 +14,9 @@ source /usr/share/yunohost/helpers # MANAGE SCRIPT FAILURE #================================================= +ynh_clean_setup () { + ynh_clean_check_starting +} # Exit if an error occurs during the execution of the script ynh_abort_if_errors @@ -29,7 +32,7 @@ secret_key=$(ynh_string_random) app=$YNH_APP_INSTANCE_NAME -datadir=/home/$app +datadir=/home/yunohost.app/$app #================================================= # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS @@ -75,8 +78,8 @@ ynh_script_progression --message="Configuring system user..." # Create a system user # We can't use the official helper because we need to set the shell for the login test getent passwd "$app" &>/dev/null || \ - useradd -d "$datadir" --system --user-group "$app" --shell /bin/bash || \ - ynh_die "Unable to create $app system account" + useradd -d "$datadir" --system --user-group "$app" --shell /bin/bash || \ + ynh_die "Unable to create $app system account" #================================================= # CREATE A MYSQL DATABASE @@ -98,9 +101,8 @@ architecture=$(ynh_detect_arch) # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" --source_id="$architecture" -mkdir -p "$final_path/data" mkdir -p "$final_path/custom/conf/auth.d" - + chmod 750 "$final_path" chmod -R o-rwx "$final_path" chown -R $app:$app "$final_path" @@ -123,16 +125,13 @@ ynh_script_progression --message="Creating a data directory..." ynh_app_setting_set --app=$app --key=datadir --value=$datadir -mkdir -p "$datadir/avatars" -mkdir -p "$datadir/attachments" +mkdir -p "$datadir/data/avatars" +mkdir -p "$datadir/data/attachments" chmod 750 "$datadir" chmod -R o-rwx "$datadir" -chown -R $app:$app "/home/$app" -chmod u=rwX,g=rX,o= "/home/$app" - -repo_path="$datadir/repositories" -data_path="$datadir/data" +chown -R $app:$app "$datadir" +chmod u=rwX,g=rX,o= "$datadir" #================================================= # ADD A CONFIGURATION @@ -141,13 +140,18 @@ ynh_script_progression --message="Adding a configuration file..." if [ $is_public -eq 1 ] then - private_mode="false" + private_mode="false" else - private_mode="true" + private_mode="true" fi ynh_add_config --template="../conf/app.ini" --destination="$final_path/custom/conf/app.ini" +chmod 400 "$final_path/custom/conf/app.ini" +chown $app:$app "$final_path/custom/conf/app.ini" + ynh_add_config --template="../conf/ldap.conf" --destination="$final_path/custom/conf/auth.d/ldap.conf" +chmod 400 "$final_path/custom/conf/auth.d/ldap.conf" +chown $app:$app "$final_path/custom/conf/auth.d/ldap.conf" #================================================= # SETUP SYSTEMD @@ -176,7 +180,7 @@ ynh_use_logrotate #================================================= ynh_script_progression --message="Integrating service in YunoHost..." -yunohost service add $app --log="/var/log/$app/$app.log" +yunohost service add $app --description="$app daemon" --log="/var/log/$app/$app.log" #================================================= # START SYSTEMD SERVICE @@ -184,7 +188,7 @@ yunohost service add $app --log="/var/log/$app/$app.log" ynh_script_progression --message="Starting a systemd service..." # Start a systemd service -ynh_clean_check_starting "INFO] Listen: http://0.0.0.0:" "/var/log/$app/gogs.log" +ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" --line_match="INFO] Listen: http://0.0.0.0:" #================================================= # SETUP SSOWAT @@ -198,16 +202,16 @@ then # The "main" permission is automatically created before the install script. ynh_permission_update --permission="main" --add="visitors" else - # For an access to the git server by https in private mode we need to allow the access to theses URL : - # - "DOMAIN/PATH/USER/REPOSITORY/info/refs" - # - "DOMAIN/PATH/USER/REPOSITORY/git-upload-pack" - # - "DOMAIN/PATH/USER/REPOSITORY/git-receive-pack" + # For an access to the git server by https in private mode we need to allow the access to theses URL : + # - "DOMAIN/PATH/USER/REPOSITORY/info/refs" + # - "DOMAIN/PATH/USER/REPOSITORY/git-upload-pack" + # - "DOMAIN/PATH/USER/REPOSITORY/git-receive-pack" - excaped_domain=${domain//'.'/'%.'} - excaped_domain=${excaped_domain//'-'/'%-'} - excaped_path=${path_url//'.'/'%.'} - excaped_path=${excaped_path//'-'/'%-'} - ynh_app_setting_set $app skipped_regex "$excaped_domain$excaped_path/[%w-.]*/[%w-.]*/git%-receive%-pack,$excaped_domain$excaped_path/[%w-.]*/[%w-.]*/git%-upload%-pack,$excaped_domain$excaped_path/[%w-.]*/[%w-.]*/info/refs" + excaped_domain=${domain//'.'/'%.'} + excaped_domain=${excaped_domain//'-'/'%-'} + excaped_path=${path_url//'.'/'%.'} + excaped_path=${excaped_path//'-'/'%-'} + ynh_app_setting_set $app skipped_regex "$excaped_domain$excaped_path/[%w-.]*/[%w-.]*/git%-receive%-pack,$excaped_domain$excaped_path/[%w-.]*/[%w-.]*/git%-upload%-pack,$excaped_domain$excaped_path/[%w-.]*/[%w-.]*/info/refs" fi #================================================= diff --git a/scripts/restore b/scripts/restore index b57f0f3..b538a54 100644 --- a/scripts/restore +++ b/scripts/restore @@ -10,6 +10,13 @@ source ../settings/scripts/_common.sh source /usr/share/yunohost/helpers +#================================================= +# MANAGE SCRIPT FAILURE +#================================================= + +ynh_clean_setup () { + ynh_clean_check_starting +} # Exit if an error occurs during the execution of the script ynh_abort_if_errors @@ -56,8 +63,8 @@ ynh_script_progression --message="Recreating the dedicated system user..." # Create the dedicated user (if not existing) # We can't use the official helper because we need to set the shell for the login test getent passwd "$app" &>/dev/null || \ - useradd -d "$datadir" --system --user-group "$app" --shell /bin/bash || \ - ynh_die "Unable to create $app system account" + useradd -d "$datadir" --system --user-group "$app" --shell /bin/bash || \ + ynh_die "Unable to create $app system account" #================================================= # RESTORE THE APP MAIN DIR @@ -66,9 +73,8 @@ ynh_script_progression --message="Restoring the app main directory..." ynh_restore_file --origin_path="$final_path" -mkdir -p "$final_path/data" mkdir -p "$final_path/custom/conf/auth.d" - + chmod 750 "$final_path" chmod -R o-rwx "$final_path" chown -R $app:$app "$final_path" @@ -83,16 +89,13 @@ ynh_restore_file --origin_path="$datadir" --not_mandatory mkdir -p $datadir -mkdir -p "$datadir/avatars" -mkdir -p "$datadir/attachments" +mkdir -p "$datadir/data/avatars" +mkdir -p "$datadir/data/attachments" chmod 750 "$datadir" chmod -R o-rwx "$datadir" -chown -R $app:$app "/home/$app" -chmod u=rwX,g=rX,o= "/home/$app" - -repo_path="$datadir/repositories" -data_path="$datadir/data" +chown -R $app:$app "$datadir" +chmod u=rwX,g=rX,o= "$datadir" #================================================= # SPECIFIC RESTORATION @@ -118,14 +121,14 @@ systemctl enable $app.service --quiet #================================================= ynh_script_progression --message="Integrating service in YunoHost..." -yunohost service add $app --log="/var/log/$app/$app.log" +yunohost service add $app --description="$app daemon" --log="/var/log/$app/$app.log" #================================================= # START SYSTEMD SERVICE #================================================= ynh_script_progression --message="Starting a systemd service..." -ynh_check_starting "INFO] Listen: http://0.0.0.0:" "/var/log/$app/$app.log" +ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" --line_match="INFO] Listen: http://0.0.0.0:" #================================================= # RESTORE THE LOGROTATE CONFIGURATION diff --git a/scripts/upgrade b/scripts/upgrade index d4b9110..d8cbaf3 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -40,6 +40,7 @@ ynh_script_progression --message="Backing up the app before upgrading (may take # Backup the current version of the app ynh_backup_before_upgrade ynh_clean_setup () { + ynh_clean_check_starting # Restore it if the upgrade fails ynh_restore_upgradebackup } @@ -71,8 +72,8 @@ fi if [[ $port == "" ]] then - port=$(ynh_find_port 6000) - ynh_app_setting_set $app web_port $port + port=$(ynh_find_port 6000) + ynh_app_setting_set $app web_port $port fi # handle upgrade from old package installation @@ -81,19 +82,19 @@ fi # this code will be removed in the future if [ -d "/etc/gogs" ] then - # create needed directories if not already created - create_dir + # create needed directories if not already created + create_dir - # move repositories to new dir - old_repo_path=$(ynh_app_setting_get "$app" repopath) - mv "${old_repo_path:-/home/yunohost.app/gogs}"/* "$REPO_PATH" || true # Avoid if the directory is empty - # cleanup old dir and conf - ynh_secure_remove /opt/gogs - ynh_secure_remove /etc/gogs - ynh_secure_remove /opt/gogs_src - - # create needed directories if not already created - create_dir + # move repositories to new dir + old_repo_path=$(ynh_app_setting_get "$app" repopath) + mv "${old_repo_path:-/home/yunohost.app/gogs}"/* "$REPO_PATH" || true # Avoid if the directory is empty + # cleanup old dir and conf + ynh_secure_remove /opt/gogs + ynh_secure_remove /etc/gogs + ynh_secure_remove /opt/gogs_src + + # create needed directories if not already created + create_dir fi # end of old package upgrade @@ -101,14 +102,14 @@ fi # if it's blocked, unlock it to allow ssh usage with git if [[ $(grep "$app" /etc/shadow | cut -d: -f2) == '!' ]] then - usermod -p '*' "$app" + usermod -p '*' "$app" fi # Remove old authentification mecanisme, actually the registry in the database has been replaced by a config file if [[ ! -e "$final_path/custom/conf/auth.d/ldap.conf" ]] then - ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" <<< "DELETE FROM login_source WHERE name = 'Yunohost LDAP';" - mkdir -p "$final_path/custom/conf/auth.d" + ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" <<< "DELETE FROM login_source WHERE name = 'Yunohost LDAP';" + mkdir -p "$final_path/custom/conf/auth.d" fi # Clean template to fix issue : https://github.com/gogits/gogs/issues/4585 @@ -125,13 +126,12 @@ then ynh_script_progression --message="Upgrading source files..." architecture=$(ynh_detect_arch) - # Download, check integrity, uncompress and patch the source from app.src + # Download, check integrity, uncompress and patch the source from app.src ynh_setup_source --dest_dir="$final_path" --source_id="$architecture" fi -mkdir -p "$final_path/data" mkdir -p "$final_path/custom/conf/auth.d" - + chmod 750 "$final_path" chmod -R o-rwx "$final_path" chown -R $app:$app "$final_path" @@ -153,9 +153,9 @@ ynh_add_nginx_config ynh_script_progression --message="Updating a configuration file..." if [ $is_public -eq 1 ] then - private_mode="false" + private_mode="false" else - private_mode="true" + private_mode="true" fi ynh_add_config --template="../conf/app.ini" --destination="$final_path/custom/conf/app.ini" @@ -184,13 +184,14 @@ ynh_use_logrotate --non-append #================================================= ynh_script_progression --message="Integrating service in YunoHost..." -yunohost service add $app --log="/var/log/$app/$app.log" +yunohost service add $app --description="$app daemon" --log="/var/log/$app/$app.log" #================================================= # START SYSTEMD SERVICE #================================================= ynh_script_progression --message="Starting a systemd service..." -ynh_check_starting "INFO] Listen: http://0.0.0.0:" "/var/log/$app/gogs.log" + +ynh_systemd_action --service_name=$app --action="start" --log_path="/var/log/$app/$app.log" --line_match="INFO] Listen: http://0.0.0.0:" #================================================= # RELOAD NGINX